Changed

2022-01-09 20:04:54 -06:00 · 2022-01-09 20:04:54 -06:00 · 08ecd42e5e
commit 08ecd42e5e
parent 6b41807f46
3 changed files with 53 additions and 145 deletions
--- a/roles/matrix-bridge-mautrix-wsproxy/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-wsproxy/defaults/main.yml
@ -1,22 +1,21 @@
 # mautrix-wsproxy is a Matrix <-> websocket bridge
-# See: https://github.com/tulir/mautrix-wsproxy
+# See: https://github.com/mautrix/wsproxy

 matrix_mautrix_wsproxy_enabled: true

 matrix_mautrix_wsproxy_version: latest
-# See: https://mau.dev/tulir/mautrix-wsproxy/container_registry
-matrix_mautrix_wsproxy_docker_image: "dock.mau.dev/tulir/mautrix-wsproxy:{{ matrix_mautrix_wsproxy_version }}"
+# See: https://mau.dev/mautrix/wsproxy/container_registry
+matrix_mautrix_wsproxy_docker_image: "dock.mau.dev/mautrix/wsproxy:{{ matrix_mautrix_wsproxy_version }}"
 matrix_mautrix_wsproxy_docker_image_force_pull: "{{ matrix_mautrix_wsproxy_docker_image.endswith(':latest') }}"

-matrix_mautrix_wsproxy_base_path: "{{ matrix_base_data_path }}/mautrix-wsproxy"
+matrix_mautrix_wsproxy_base_path: "{{ matrix_base_data_path }}/wsproxy"
 matrix_mautrix_wsproxy_config_path: "{{ matrix_mautrix_wsproxy_base_path }}/config"
 matrix_mautrix_wsproxy_data_path: "{{ matrix_mautrix_wsproxy_base_path }}/data"

 matrix_mautrix_wsproxy_homeserver_address: "{{ matrix_homeserver_container_url }}"
 matrix_mautrix_wsproxy_homeserver_domain: "{{ matrix_domain }}"
-matrix_mautrix_wsproxy_appservice_address: "http://matrix-mautrix-wsproxy:29331"
-matrix_mautrix_wsproxy_appservice_websocket: "ws://matrix-mautrix-wsproxy:29331"

+matrix_mautrix_wsproxy_port: 29931
 # A list of extra arguments to pass to the container
 matrix_mautrix_wsproxy_container_extra_arguments: []

@ -53,30 +52,6 @@ matrix_mautrix_wsproxy_configuration_extension: "{{ matrix_mautrix_wsproxy_confi
 # You most likely don't need to touch this variable. Instead, see `matrix_mautrix_wsproxy_configuration_yaml`.
 matrix_mautrix_wsproxy_configuration: "{{ matrix_mautrix_wsproxy_configuration_yaml|from_yaml|combine(matrix_mautrix_wsproxy_configuration_extension, recursive=True) }}"

-# Default mautrix-wsproxy configuration template which covers the generic use case.
-# You can customize it by controlling the various variables inside it.
-#
-# For a more advanced customization, you can extend the default (see `matrix_mautrix_wsproxy_configuration_extension_yaml`)
-# or completely replace this variable with your own template.
-matrix_mautrix_imessage_configuration_yaml: "{{ lookup('template', 'templates/config-ios.yaml.j2') }}"
-
-matrix_mautrix_imessage_configuration_extension_yaml: |
-  # Your custom YAML configuration goes here.
-  # This configuration extends the default starting configuration (`matrix_mautrix_wsproxy_configuration_yaml`).
-  #
-  # You can override individual variables from the default configuration, or introduce new ones.
-  #
-  # If you need something more special, you can take full control by
-  # completely redefining `matrix_mautrix_imessage_configuration_yaml`.
-
-matrix_mautrix_imessage_configuration_extension: "{{ matrix_mautrix_imessage_configuration_extension_yaml|from_yaml if matrix_mautrix_imessage_configuration_extension_yaml|from_yaml is mapping else {} }}"
-
-# Holds the final configuration (a combination of the default and its extension).
-# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_imessage_configuration_yaml`.
-matrix_mautrix_imessage_configuration: "{{ matrix_mautrix_imessage_configuration_yaml|from_yaml|combine(matrix_mautrix_imessage_configuration_extension, recursive=True) }}"
-
-matrix_mautrix_imessage_user: ''
-
 matrix_mautrix_wsproxy_registration_yaml: |
  id: imessage
  url: {{ matrix_mautrix_wsproxy_appservice_address }}
--- a/roles/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml
@ -43,14 +43,6 @@
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

- name: Ensure mautrix-imessage config-ios.yaml installed
-  copy:
-    content: "{{ matrix_mautrix_imessage_configuration|to_nice_yaml }}"
-    dest: "{{ matrix_mautrix_wsproxy_config_path }}/config-ios.yaml"
-    mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
-
 - name: Ensure mautrix-wsproxy registration.yaml installed
  copy:
    content: "{{ matrix_mautrix_wsproxy_registration|to_nice_yaml }}"
@ -59,6 +51,54 @@
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

+- name: Fail if matrix-nginx-proxy role already executed
+  fail:
+    msg: >-
+      Trying to append mautrix-wsproxy reverse-proxying configuration to matrix-nginx-proxy,
+      but it's pointless since the matrix-nginx-proxy role had already executed.
+      To fix this, please change the order of roles in your plabook,
+      so that the matrix-nginx-proxy role would run after the matrix-wspoxy role.
+  when: matrix_nginx_proxy_role_executed|default(False)|bool and matrix_mautrix_wsproxy_enabled|bool
+
+- name: Generate Wsproxy proxying configuration for matrix-nginx-proxy
+  set_fact:
+    matrix_mautrix_wsproxy_matrix_nginx_proxy_configuration: |
+      location ~ ^/(_matrix/client/unstable/fi.mau.syncproxy/*) {      
+      {% if matrix_nginx_proxy_enabled|default(False) %}
+      	{# Use the embedded DNS resolver in Docker containers to discover the service #}
+      	resolver 127.0.0.11 valid=5s;
+      	set $backend "matrix-mautrix-wsproxy:{{ matrix_mautrix_wsproxy_port }}/$1";
+      	proxy_pass http://$backend;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+      {% else %}
+      	{# Generic configuration for use outside of our container setup #}
+      	proxy_pass http://127.0.0.1:{{ matrix_mautrix_wsproxy_port }}/$1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+      {% endif %}
+      }
+  when: matrix_mautrix_wsproxy_enabled|bool
+
+- name: Register Wsproxy's proxying configuration with matrix-nginx-proxy
+  set_fact:
+    matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
+      {{
+        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+        +
+        [matrix_bot_maubot_matrix_nginx_proxy_configuration]
+      }}
+  when: matrix_mautrix_wsproxy_enabled|bool
+
+- name: Warn about reverse-proxying if matrix-nginx-proxy not used
+  debug:
+    msg: >-
+      NOTE: You've enabled mautrix-wsproxy but are not using the matrix-nginx-proxy
+      reverse proxy.
+      Please make sure that you're proxying the `/_matrix/client/unstable/fi.mau.syncproxy`
+      URL endpoint to the mautrix-wsproxy container.
+  when: "matrix_mautrix_wsproxy_enabled|bool and matrix_nginx_proxy_enabled is not defined"
+
 - name: Ensure matrix-mautrix-wsproxy.service installed
  template:
    src: "{{ role_path }}/templates/systemd/matrix-mautrix-wsproxy.service.j2"
--- a/roles/matrix-bridge-mautrix-wsproxy/templates/config-ios.yaml.j2
+++ b/roles/matrix-bridge-mautrix-wsproxy/templates/config-ios.yaml.j2
@ -1,107 +0,0 @@
-#jinja2: lstrip_blocks: "True"
-# Homeserver details.
-homeserver:
-    # The address that this appservice can use to connect to the homeserver.
-    address: {{ matrix_mautrix_wsproxy_homeserver_address }}
-    websocket_proxy: {{ matrix_mautrix_wsproxy_appservice_websocket }}
-    # The domain of the homeserver (for MXIDs, etc).
-    domain: {{ matrix_mautrix_wsproxy_homeserver_domain }}
-# Application service host/registration related details.
-# Changing these values requires regeneration of the registration.
-
-appservice:
-    # SQLite database path
-    database: mautrix-imessage.db
-
-    # The unique ID of this appservice.
-    id: imessage
-    # Appservice bot details.
-    bot:
-        # Username of the appservice bot.
-        username: imessagebot
-        # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
-        # to leave display name/avatar as-is.
-        displayname: iMessage bridge bot
-        avatar: mxc://maunium.net/tManJEpANASZvDVzvRvhILdX
-
-    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
-    as_token: "{{ matrix_mautrix_wsproxy_appservice_token }}"
-    hs_token: "{{ matrix_mautrix_wsproxy_homeserver_token }}"
-imessage:
-    platform: ios
-
-# Bridge config
-bridge:
-    # The user of the bridge.
-    user: "{{ matrix_mautrix_imessage_user }}"
-
-    # Localpart template of MXIDs for iMessage users.
-    # {{ '{{.}}' }} is replaced with the phone number or email of the iMessage user.
-    username_template: "{{ 'imessage_{{.}}' }}"
-    # Displayname template for iMessage users.
-    # {{ '{{.}}' }} is replaced with the contact list name (if available) or username (phone number or email) of the iMessage user.
-    displayname_template: "{{ '{{.}} (iMessage)' }}"
-
-    # Whether or not the bridge should send a read receipt from the bridge bot when a message has been
-    # sent to iMessage. If fetch_message_on_timeout is enabled, a successful post-timeout fetch will
-    # trigger a read receipt too.
-    delivery_receipts: false
-
-    # Whether or not to update the m.direct account data event when double puppeting is enabled.
-    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
-    # and is therefore prone to race conditions.
-    sync_direct_chat_list: false
-    # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
-    #
-    # If set, custom puppets will be enabled automatically for local users
-    # instead of users having to find an access token and run `login-matrix`
-    # manually.
-    login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }}
-    # Maximum age of chats to sync in days.
-    chat_sync_max_age: 0.5
-    # Maximum number of messages to backfill for new portal rooms.
-    initial_backfill_limit: 100
-
-    # The prefix for commands. Only required in non-management rooms.
-    command_prefix: "!im"
-
-    # End-to-bridge encryption support options. This requires login_shared_secret to be configured
-    # in order to get a device for the bridge bot.
-    #
-    # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
-    # application service.
-    encryption:
-        # Allow encryption, work in group chat rooms with e2ee enabled
-        allow: false
-        # Default to encryption, force-enable encryption in all portals the bridge creates
-        # This will cause the bridge bot to be in private chats for the encryption to work properly.
-        # It is recommended to also set private_chat_portal_meta to true when using this.
-        default: false
-        # Options for automatic key sharing.
-        key_sharing:
-            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
-            # You must use a client that supports requesting keys from other users to use this feature.
-            allow: false
-            # Require the requesting device to have a valid cross-signing signature?
-            # This doesn't require that the bridge has verified the device, only that the user has verified it.
-            # Not yet implemented.
-            require_cross_signing: false
-            # Require devices to be verified by the bridge?
-            # Verification by the bridge is not yet implemented.
-            require_verification: true
-
-# Logging config.
-logging:
-    # The directory for log files. Will be created if not found.
-    directory: ./logs
-    # Available variables: .Date for the file date and .Index for different log files on the same day.
-    file_name_format: "{{ '{{.Date}}-{{.Index}}.log' }}"
-    # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants
-    file_date_format: "2006-01-02"
-    # Log file permissions.
-    file_mode: 0600
-    # Timestamp format for log entries in the Go time format.
-    timestamp_format: "Jan _2, 2006 15:04:05"
-    # Minimum severity for log messages.
-    # Options: debug, info, warn, error, fatal
-    print_level: debug