add matrix-synapse bundle
This commit is contained in:
parent
29eeffbdc3
commit
8a26def21c
8 changed files with 267 additions and 6 deletions
85
bundles/matrix-synapse/files/homeserver.yaml
Normal file
85
bundles/matrix-synapse/files/homeserver.yaml
Normal file
|
@ -0,0 +1,85 @@
|
|||
server_name: "${server_name}"
|
||||
pid_file: "/var/run/matrix-synapse.pid"
|
||||
public_baseurl: https://${baseurl}/
|
||||
use_presence: true
|
||||
allow_public_rooms_without_auth: false
|
||||
allow_public_rooms_over_federation: false
|
||||
|
||||
federation_ip_range_blacklist:
|
||||
- '127.0.0.0/8'
|
||||
- '10.0.0.0/8'
|
||||
- '172.16.0.0/12'
|
||||
- '192.168.0.0/16'
|
||||
- '100.64.0.0/10'
|
||||
- '169.254.0.0/16'
|
||||
- '::1/128'
|
||||
- 'fe80::/64'
|
||||
- 'fc00::/7'
|
||||
|
||||
listeners:
|
||||
- port: 8009
|
||||
tls: false
|
||||
bind_addresses: ['::1']
|
||||
type: http
|
||||
x_forwarded: true
|
||||
|
||||
resources:
|
||||
- names: [metrics]
|
||||
compress: false
|
||||
|
||||
- port: 8008
|
||||
tls: false
|
||||
bind_addresses: ['::1']
|
||||
type: http
|
||||
x_forwarded: true
|
||||
|
||||
resources:
|
||||
- names: [client, federation]
|
||||
compress: false
|
||||
|
||||
admin_contact: '${admin_contact}'
|
||||
database:
|
||||
name: "psycopg2"
|
||||
args:
|
||||
user: "${database['user']}"
|
||||
database: "${database['database']}"
|
||||
password: "${database['password']}"
|
||||
host: "${database.get('host', 'localhost')}"
|
||||
cp_min: 5
|
||||
cp_max: 10
|
||||
|
||||
event_cache_size: 1M
|
||||
log_config: "/etc/matrix-synapse/log.yaml"
|
||||
|
||||
enable_media_repo: false
|
||||
enable_registration: false
|
||||
registration_shared_secret: "${registration_shared_secret}"
|
||||
allow_guest_access: false
|
||||
#default_identity_server: https://matrix.org
|
||||
#trusted_third_party_id_servers:
|
||||
# - matrix.org
|
||||
# - vector.im
|
||||
|
||||
enable_metrics: True
|
||||
|
||||
app_service_config_files:
|
||||
% for config in sorted(appservice_configs):
|
||||
- "${config}"
|
||||
% endfor
|
||||
|
||||
signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"
|
||||
trusted_key_servers:
|
||||
% for server in sorted(trusted_key_servers):
|
||||
- server_name: "${server}"
|
||||
% endfor
|
||||
|
||||
password_config:
|
||||
enabled: true
|
||||
|
||||
email:
|
||||
enable_notifs: false
|
||||
notif_from: "Matrix <noreply@${server_name}"
|
||||
|
||||
enable_group_creation: true
|
||||
|
||||
report_stats: true
|
35
bundles/matrix-synapse/items.py
Normal file
35
bundles/matrix-synapse/items.py
Normal file
|
@ -0,0 +1,35 @@
|
|||
pkg_apt = {
|
||||
'matrix-synapse-py3': {}
|
||||
}
|
||||
|
||||
files = {
|
||||
'/etc/matrix-synapse/homeserver.yaml': {
|
||||
'content_type': 'mako',
|
||||
'context': node.metadata['matrix-synapse'],
|
||||
'needs': {
|
||||
'pkg_apt:matrix-synapse-py3',
|
||||
},
|
||||
'triggers': {
|
||||
'svc_systemd:matrix-synapse:restart',
|
||||
},
|
||||
},
|
||||
'/etc/matrix-synapse/homeserver.signing.key': {
|
||||
'content': repo.vault.decrypt_file('matrix-synapse/{}/homeserver_signing.key.vault'.format(node.name)),
|
||||
},
|
||||
}
|
||||
|
||||
directories = {
|
||||
'/etc/matrix-synapse/conf.d': {
|
||||
'purge': True,
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd = {
|
||||
'matrix-synapse': {
|
||||
'needs': {
|
||||
'file:/etc/matrix-synapse/homeserver.yaml',
|
||||
'directory:/etc/matrix-synapse/conf.d',
|
||||
'pkg_apt:matrix-synapse-py3',
|
||||
},
|
||||
},
|
||||
}
|
32
bundles/matrix-synapse/metadata.py
Normal file
32
bundles/matrix-synapse/metadata.py
Normal file
|
@ -0,0 +1,32 @@
|
|||
@metadata_processor
|
||||
def nodejs_apt_repos(metadata):
|
||||
return {
|
||||
'apt': {
|
||||
'repos': {
|
||||
'matrix': {
|
||||
'key': 'AAF9AE843A7584B5A3E4CD2BCF45A512DE2DA058',
|
||||
'items': [
|
||||
'deb https://packages.matrix.org/debian buster main',
|
||||
],
|
||||
},
|
||||
},
|
||||
'unattended-upgrades': {
|
||||
'sites': {
|
||||
'packages.matrix.org',
|
||||
},
|
||||
},
|
||||
},
|
||||
}, DEFAULTS, DONE
|
||||
|
||||
@metadata_processor
|
||||
def synapse_defaults(metadata):
|
||||
return {
|
||||
'matrix-synapse': {
|
||||
'registration_shared_secret': repo.vault.human_password_for('{} matrix-synapse registration_shared_secret'.format(node.name)),
|
||||
'database': {
|
||||
'user': 'synapse_user',
|
||||
'password': repo.vault.password_for('{} postgresql synapse_user'.format(node.name)),
|
||||
'database': 'synapse',
|
||||
},
|
||||
},
|
||||
}, DEFAULTS, DONE
|
|
@ -85,3 +85,6 @@ svc_systemd = {
|
|||
},
|
||||
},
|
||||
}
|
||||
|
||||
if node.has_bundle('matrix-synapse'):
|
||||
actions['mx-puppet-discord_generate_registration']['triggers'].add('svc_systemd:matrix-synapse:restart')
|
||||
|
|
|
@ -9,3 +9,26 @@ def mx_puppet_discord_user(metadata):
|
|||
},
|
||||
},
|
||||
}, DEFAULTS, DONE
|
||||
|
||||
@metadata_processor
|
||||
def add_mx_puppet_discord_to_synapse(metadata):
|
||||
return {
|
||||
'matrix-synapse': {
|
||||
'appservice_configs': {
|
||||
'/opt/mx-puppet-discord/registration.yaml',
|
||||
},
|
||||
},
|
||||
}, DEFAULTS, DONE
|
||||
|
||||
@metadata_processor
|
||||
def bridge_defaults(metadata):
|
||||
return {
|
||||
'mx-puppet-discord': {
|
||||
'database': {
|
||||
'user': 'mx-puppet-discord',
|
||||
'password': repo.vault.password_for('{} postgresql mx-puppet-discord'.format(node.name)),
|
||||
'database': 'mx-puppet-discord',
|
||||
},
|
||||
},
|
||||
}, DEFAULTS, DONE
|
||||
|
||||
|
|
|
@ -0,0 +1,65 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFy1EC0BEADB9mmN7jMrmgzdZAT0vNMmnaOGH1aIYEHQvEWKwR0mbDDCOxTW
|
||||
pls54sRHgHGAeJ8e5YbytypOkx2+q/4mWTKRyhFPv/MIGLNYi/1EspNvyl0VapUr
|
||||
XAIHEn7EVJXq929rshS6MBQ0cXWMwqtIXYScqIYpQU6ZQQAKfsKTr2XE4v33WDWQ
|
||||
Vjv7A1SLaA7pgSZrW83JbLFJS8OoaBfUUXyA73NQTgygH28r7xOQnwE3VG/TPlS5
|
||||
0rpZ7U1MpoA8xgzyAgUU3ae3wERDmXAljAGmSD60RqB9E6Bj+s86i0Qw0GQKgb6Y
|
||||
usf1jKhRMpSpBgCKa9TcvQQG6Ci4kYqQQ4NPyySoBDvlDgln8JO0/zFXzhxqxfku
|
||||
ehMpFotTmy3hQrSzaflVgLsEDO+J0oD6Vd0/8qUFD/iV8aiA83kprZSKGg2yyyIk
|
||||
BNOVYkceG5eh/PUGENxrddfu8aooVLO+9v5QDcV1bBs5DPQlAn8LoEH9OyAjOGfF
|
||||
s0UuBxwDV/x4AiFTbvYEncYwlXME4scNoeQkESj6bT/EAK50WduMyG7XHULeAD86
|
||||
i4cSG9mbhDLGaOB084gRb+Jhk6mNUbXiy7TwsNmDaanrP4CO1g8vIRwSCl0l6ayz
|
||||
uFGv3BRVuC+6yN1gvh82DgQm6iWeWdHxkIkNdO3lP5JDZy2Y3LpahsWTfwARAQAB
|
||||
tCltYXRyaXgub3JnIHBhY2thZ2VzIDxwYWNrYWdlc0BtYXRyaXgub3JnPokCVAQT
|
||||
AQoAPhYhBKr5roQ6dYS1o+TNK89FpRLeLaBYBQJctRAtAhsDBQkJZgGABQsJCAcC
|
||||
BhUKCQgLAgQWAgMBAh4BAheAAAoJEM9FpRLeLaBYWwAP/3dNMHj+hu6Nn583H5Wu
|
||||
UuTGKbxb7LlWpGtYVd5qt0to/fkYEms3koYJ5X+K71bv8weto+TKyhXM1yoaVHT+
|
||||
yvAhQGA8X/jpXUgQpmF48cw1vKFf4guw+hXMhr9Tuiald+7qEi6neLxXt6kh+k7c
|
||||
+MeZAJ1jsKbPeehGrzJJCjSrQHeYiK9+krw5jfpwCpL3Aqo6wrizWlzBScHmxckP
|
||||
XPXVc6xsKtQ/EsD8dM7c5LuJA1Na21HzGfFoMUODEg6bjp7rvs4GrY4MGx7jJG6E
|
||||
xYYArVh4rzy82GJaV6SOKHLqoTMyVdSw3gwL4LoKdfUiv92vszY7un3466eruLcv
|
||||
fHEA6jRYl7Da8Csb9odFWFrua1Jo9TrT9dZZUFxkSNDSwSHYT8qjCDoPemi9/5T1
|
||||
7EY8htVjEv+pE7l33SP1GURvQhWvg8rdJLHILVTzwOz33y30OGOGqWV9P1wqcfbf
|
||||
ZLcwZIX8HQCBmxPf4+i8augXnBEzVIfUBHh4SJ+md9UNK5Sx1rYRvb/Epd1GenQr
|
||||
On5NJlNkthyUBCvKDfrFquW5UDTW6TOyhXcmycWcL2lSFueS1psBtiJNeBWnhxc0
|
||||
c8OHGV5x3CqigVya5kFL4/47Ay7ldiGXQzLl1RxCBxCaw+0sDbKQlJx2b3/f45V9
|
||||
ukVK4rmFVlUeO1ULo/dpOo1ZiQEzBBABCgAdFiEEQlNDQm4FMsm53u1sih+T1XW1
|
||||
6NUFAly1FdkACgkQih+T1XW16NXYhQf9GhByPudQZCeW4pKq5MlXCP8o0ZplZKC4
|
||||
0qT/t25bfU/Gf7ZtVEl0/O7gLTvCEPoZfR9vALN0I7YB7WEZC2OyPU5v2oeQkGeh
|
||||
u6LskHf6KDCh1eSU4Bl5zcuSOOZ6J8p7NwwbZR5wheZhD/pNjXahRFKRpY0poLFt
|
||||
HQ+FwPqaCi2uMa6NCxe+UJZn5/hANQO6E9tsHDXVGkwoVpfMjqelHSjWQZcfqZ/s
|
||||
pb38u+yoOiWiN2P4cNnlGZa+QvazgeuhlkvGKZ5gHRWHPwfINZ6uAsslGsE3ebjQ
|
||||
6XzRF5jDuLMriNDyPb3CfPezYZJEA3OA8MfH6XKJCdR7aRFCXrgfkLkBjQRctRFe
|
||||
AQwAyJcFrHweLUCBK0VR2mw9TVOrgVxzaFxt89WnJMgcgi0mcw+a+B2wHHYHgI2D
|
||||
2XQZ8a7QIV43OCeWdiE2ZKuK4hX2FVLLmrLa6xVyjvF8AO3/CD4aClQ0WyYkY9Eu
|
||||
IRJ8ME/Mh/2zsCayRFvezrjHikOJFtH844P4nzVeAtIGM6O7LjixOJXDhoPnM5sj
|
||||
l61TDJbgarB4oXTYBFPOB7f96TxSe6H24GoCR8nG4v0GXSLRAJEVpVz5dpO4joe5
|
||||
zTDQzBn5wIfkjhKprv9Xf9PPzf8PbRVFd9vqB05AEwAxeTp55wrgICxt1jQSCjsg
|
||||
NTr/ntEphZNUqNYVPphOt+Pb9K6d0S6VdkEQ6yAHJ+sFBy7BKskAQK71j/nIOSbj
|
||||
wC2Ed2QRIGoedrUoJzhp71VsjzxzaNG4QBWfWBk6A7hN6j1frnfKjXuJ0+6rGaOD
|
||||
XXxXdyYAR1egmlcHUTLZLrfF445rfQ4lWh0tYYIvjBExDBV3YclzEsBSx+gwxelJ
|
||||
8vS7ABEBAAGJA/IEGAEKACYWIQSq+a6EOnWEtaPkzSvPRaUS3i2gWAUCXLURXgIb
|
||||
AgUJA8JnAAHACRDPRaUS3i2gWMD0IAQZAQoAHRYhBFWGzMDLu+/HolgRrfRz3URz
|
||||
Nl3hBQJctRFeAAoJEPRz3URzNl3hTmoL/AtgbO+lP4wjtI2DWh//V6R5FfO9dzyb
|
||||
wkL9wcCGsHNRojzP0snvGdrYMa3bt6p5O279KG2Sef7/xVpf37vCbtRoYdZWY8WR
|
||||
K3VGzXHk6nGjqRpstzgfEZJzlu43H5rDJsUS31VB1JQPeGIGBNCm7QJIyVxkiToL
|
||||
rFAeCa6tIOP0BDTG0s+o/Vk79w4qTQDW0WNUYN0f2AS5Uk8AUXzrPf2GIY2dglyK
|
||||
TJVeiCPBA+zk537c90ZDX2F5mnyf7atWSGX73JloIeT4sDHC5Aml7myS+PU2uMPd
|
||||
tInjse7s85J+0ldxKYty3YZbuNMxloISkpxw19ICm8VFFveHJFZNG0tCGFozDfNL
|
||||
B6QDxWMpKKdPI7GdE9retzv+s6pvlvxlQAjOlMt3tqXv4TR+Y5+J73cpiH4FXoW4
|
||||
vQonRE0ebvOuBpVluMOio0iCQcrvf7dr02dJ5+yBuYJXE7E0zeVjsm6fUT9/8oTp
|
||||
1NjtUY8/ppO1Ctyrj1mPUzA9zRIbtWVmTFuBEACJHM/QMvuBGJwknBTqo5+FutqG
|
||||
1ouvzSZOOkDBm19yRakQ6ER5vo1ul5SOM5jjdkk0saFGYjVcyOADNIxub298fbBa
|
||||
36kfzPJKFQbJKHQnCSOnr+MX+GNeFiCZ3LZExl5g7XFD56clkjFHSWgY295ssPWQ
|
||||
slPO/8aNFUCx4ydKHNWeUlzL5UZ//p1XFdzApmCiayOKx2awVH2sKb2vgskDpzk2
|
||||
e3x/YPzL4GCLOwtVsscvl7NmY5xEMfP+AoqszVsRdZDhZZgJ8AbwmLNiiiO9/YKe
|
||||
pIV+7qoK5z+AWESbkRkBdmPoMTZE6PRk1t7GGW3kbxQJrEDfHLTc1OclFsOmrov/
|
||||
KdOuYX8yU8lEfNkeGnY3bin69vxeFo7N3hU1Ocre/Byr/q4WA4Kzvpy27QxeCSaY
|
||||
mi3EXQXn4zjzAQnI7Lg3cb9YdQKHYA+9OKNHzxr1Tc4kMfMqrbuVBwYdy75UriUa
|
||||
XboiSIiMkEPYF2ZvdcV5f6fuONIes0EBtYhpIyIBu+/RWHeVPNkUrGlEtJN39qGc
|
||||
JG1cGyvHn3aW9YDwh/s6FZSD8B+fmVE9WWCPnpMGL3bfoPyquZwXXLkTgI3bNYF6
|
||||
gGYZTkEmuOmxb6oDtKLaOMbOrnQbLupG36O3AiCvWaC6c+I4wgsbXe9pJheXCPgE
|
||||
c9welNUwmnmoaZfmyg==
|
||||
=FnsY
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -0,0 +1 @@
|
|||
encrypt$gAAAAABeiaEqyvC5b9qRtL9I760dD51BJ9ZMKjofyORoSedhjqfHM0Pp-x_UECvoZgrtY8dgcq0Ste27YlSofnPwLM6Jr6wXfNX-Ih8WZD7hV6yQdEQ6wmj2FYilmMknGdQ_yVnu5TRe_malgW78n6hRQc7DsdsEfw==
|
|
@ -1,5 +1,6 @@
|
|||
nodes['htz.ex42-1048908'] = {
|
||||
'bundles': [
|
||||
'matrix-synapse',
|
||||
'mx-puppet-discord',
|
||||
'nginx',
|
||||
'nodejs',
|
||||
|
@ -22,16 +23,26 @@ nodes['htz.ex42-1048908'] = {
|
|||
},
|
||||
},
|
||||
},
|
||||
'matrix-synapse': {
|
||||
'server_name': 'franzi.business',
|
||||
'baseurl': 'matrix.franzi.business',
|
||||
'admin_contact': 'mailto:hostmaster@kunbox.net',
|
||||
'appservice_configs': {
|
||||
'/opt/matrix-bridges/mautrix-whatsapp/registration.yaml',
|
||||
'/opt/matrix-bridges/mautrix-telegram/registration.yaml',
|
||||
'/opt/matrix-bridges/matrix-appservice-discord/discord-registration.yaml',
|
||||
},
|
||||
'trusted_key_servers': {
|
||||
'matrix.org',
|
||||
'finallycoffee.eu',
|
||||
'nyantec.com',
|
||||
},
|
||||
},
|
||||
'mx-puppet-discord': {
|
||||
'homeserver': {
|
||||
'domain': 'franzi.business',
|
||||
'url': 'http://[::1]:8008',
|
||||
},
|
||||
'database': {
|
||||
'user': 'mx-puppet-discord',
|
||||
'password': vault.password_for('htz.ex42-1048908 postgres mx-puppet-discord'),
|
||||
'database': 'mx-puppet-discord',
|
||||
},
|
||||
'allowed-users': {
|
||||
'@.*:franzi\\\\.business',
|
||||
},
|
||||
|
@ -53,13 +64,19 @@ nodes['htz.ex42-1048908'] = {
|
|||
'postgresql': {
|
||||
'users': {
|
||||
'mx-puppet-discord': {
|
||||
'password': vault.password_for('htz.ex42-1048908 postgres mx-puppet-discord'),
|
||||
'password': vault.password_for('htz.ex42-1048908 postgresql mx-puppet-discord'),
|
||||
},
|
||||
'synapse_user': {
|
||||
'password': vault.password_for('htz.ex42-1048908 postgresql synapse_user'),
|
||||
},
|
||||
},
|
||||
'databases': {
|
||||
'mx-puppet-discord': {
|
||||
'owner': 'mx-puppet-discord',
|
||||
},
|
||||
'synapse': {
|
||||
'owner': 'synapse_user',
|
||||
},
|
||||
},
|
||||
},
|
||||
'users': {
|
||||
|
|
Loading…
Reference in a new issue