fws
/
ansible-roles
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to 2020-06-05 09:00

Browse Source
master
Daniel Berteaud 5 years ago
parent 355db9f198
commit 336d6f9193
2 changed files with 45 additions and 45 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      roles/matrix_synapse/defaults/main.yml
  2. 86
      roles/matrix_synapse/templates/homeserver.yaml.j2

4
roles/matrix_synapse/defaults/main.yml
Unescape View File

@ -116,5 +116,5 @@ synapse_oidc_server: https://sso.domain.com
synapse_oidc_client: matric synapse_oidc_client: matric
synapse_oidc_secret: XXXXX synapse_oidc_secret: XXXXX
# Jinja2 template to for the local part of the MXID. # Jinja2 template to for the local part of the MXID.
synapse_oidc_localpart: "{{ '\"{{ user.sub }}\"' }}" synapse_oidc_localpart: "{{ '{{ user.sub }}' }}"
synapse_oidc_display_name: "{{ '\"{{ user.name }}\"' }}" synapse_oidc_display_name: "{{ '{{ user.name }}' }}"

86
roles/matrix_synapse/templates/homeserver.yaml.j2
Unescape View File

@ -6,8 +6,8 @@ tls_private_key_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.tls.
tls_dh_params_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.tls.dh" tls_dh_params_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.tls.dh"
{% endif %} {% endif %}
server_name: "{{ synapse_server_name }}" server_name: '{{ synapse_server_name }}'
public_baseurl: {{ synapse_public_baseurl | default('https://matrix.' + synapse_server_name) }} public_baseurl: '{{ synapse_public_baseurl | default('https://matrix.' + synapse_server_name) }}'
pid_file: {{ synapse_root_dir }}/tmp/homeserver.pid pid_file: {{ synapse_root_dir }}/tmp/homeserver.pid
@ -39,23 +39,23 @@ listeners:
database: database:
name: psycopg2 name: psycopg2
args: args:
database: {{ synapse_pg_db_name }} database: '{{ synapse_pg_db_name }}'
host: {{ synapse_pg_db_server }} host: '{{ synapse_pg_db_server }}'
user: {{ synapse_pg_db_user }} user: '{{ synapse_pg_db_user }}'
password: {{ synapse_pg_db_pass }} password: '{{ synapse_pg_db_pass }}'
cp_min: 5 cp_min: 5
cp_max: 10 cp_max: 10
event_cache_size: "10K" event_cache_size: '10K'
verbose: 0 verbose: 0
log_config: "{{ synapse_root_dir }}/etc/logging.conf" log_config: '{{ synapse_root_dir }}/etc/logging.conf'
{% if '*' not in synapse_federation_domain_whitelist %} {% if '*' not in synapse_federation_domain_whitelist %}
{% if synapse_federation_domain_whitelist | length > 0 %} {% if synapse_federation_domain_whitelist | length > 0 %}
federation_domain_whitelist: federation_domain_whitelist:
{% for domain in synapse_federation_domain_whitelist %} {% for domain in synapse_federation_domain_whitelist %}
- {{ domain }} - '{{ domain }}'
{% endfor %} {% endfor %}
{% else %} {% else %}
federation_domain_whitelist: [] federation_domain_whitelist: []
@ -65,29 +65,29 @@ federation_domain_whitelist: []
{% if synapse_federation_ip_blacklist | length > 0 %} {% if synapse_federation_ip_blacklist | length > 0 %}
federation_ip_range_blacklist: federation_ip_range_blacklist:
{% for ip in synapse_federation_ip_blacklist %} {% for ip in synapse_federation_ip_blacklist %}
- {{ ip }} - '{{ ip }}'
{% endfor %} {% endfor %}
{% else %} {% else %}
federation_ip_range_blacklist: [] federation_ip_range_blacklist: []
{% endif %} {% endif %}
media_store_path: "{{ synapse_root_dir }}/media_store" media_store_path: '{{ synapse_root_dir }}/media_store'
uploads_path: "{{ synapse_root_dir }}/uploads" uploads_path: '{{ synapse_root_dir }}/uploads'
max_upload_size: "{{ synapse_upload_max_size }}" max_upload_size: '{{ synapse_upload_max_size }}'
{% if synapse_turn_uris is defined and synapse_turn_uris | length > 0 %} {% if synapse_turn_uris is defined and synapse_turn_uris | length > 0 %}
turn_uris: turn_uris:
{% for uri in synapse_turn_uris %} {% for uri in synapse_turn_uris %}
- {{ uri }} - '{{ uri }}'
{% endfor %} {% endfor %}
turn_shared_secret: "{{ synapse_turn_shared_secret | default(turnserver_auth_secret) }}" turn_shared_secret: '{{ synapse_turn_shared_secret | default(turnserver_auth_secret) }}'
turn_user_lifetime: "1h" turn_user_lifetime: '1h'
turn_allow_guests: {{ synapse_turn_allow_guests | ternary('True', 'False') }} turn_allow_guests: {{ synapse_turn_allow_guests | ternary('True', 'False') }}
{% endif %} {% endif %}
enable_registration: {{ synapse_enable_registration | ternary('True', 'False') }} enable_registration: {{ synapse_enable_registration | ternary('True', 'False') }}
{% if synapse_registration_shared_secret is defined %} {% if synapse_registration_shared_secret is defined %}
registration_shared_secret: "{{ synapse_registration_shared_secret }}" registration_shared_secret: '{{ synapse_registration_shared_secret }}'
{% endif %} {% endif %}
bcrypt_rounds: 12 bcrypt_rounds: 12
allow_guest_access: {{ synapse_allow_guest_access | ternary('True', 'False') }} allow_guest_access: {{ synapse_allow_guest_access | ternary('True', 'False') }}
@ -109,9 +109,9 @@ rc_login:
enable_metrics: False enable_metrics: False
report_stats: False report_stats: False
default_identity_server: {{ synapse_public_baseurl | default('https://matrix.' + synapse_server_name) }} default_identity_server: '{{ synapse_public_baseurl | default('https://matrix.' + synapse_server_name) }}'
macaroon_secret_key: "{{ synapse_macaroon_key }}" macaroon_secret_key: '{{ synapse_macaroon_key }}'
expire_access_token: False expire_access_token: False
@ -120,62 +120,62 @@ url_preview_enabled: True
{% if synapse_url_preview_ip_range_blacklist is defined and synapse_url_preview_ip_range_blacklist | length > 0 %} {% if synapse_url_preview_ip_range_blacklist is defined and synapse_url_preview_ip_range_blacklist | length > 0 %}
url_preview_ip_range_blacklist: url_preview_ip_range_blacklist:
{% for ip in synapse_url_preview_ip_range_blacklist %} {% for ip in synapse_url_preview_ip_range_blacklist %}
- {{ ip }} - '{{ ip }}'
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if synapse_url_preview_ip_range_whitelist is defined and synapse_url_preview_ip_range_whitelist | length > 0 %} {% if synapse_url_preview_ip_range_whitelist is defined and synapse_url_preview_ip_range_whitelist | length > 0 %}
url_preview_ip_range_whitelist: url_preview_ip_range_whitelist:
{% for ip in synapse_url_preview_ip_range_whitelist %} {% for ip in synapse_url_preview_ip_range_whitelist %}
- {{ ip }} - '{{ ip }}'
{% endfor %} {% endfor %}
{% endif %} {% endif %}
max_spider_size: {{ synapse_max_spider_size }} max_spider_size: {{ synapse_max_spider_size }}
{% endif %} {% endif %}
form_secret: "{{ synapse_form_secret }}" form_secret: '{{ synapse_form_secret }}'
signing_key_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.signing.key" signing_key_path: '{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.signing.key'
trusted_key_servers: trusted_key_servers:
- server_name: "matrix.org" - server_name: 'matrix.org'
suppress_key_server_warning: True suppress_key_server_warning: True
email: email:
enable_notifs: True enable_notifs: True
smtp_host: "localhost" smtp_host: 'localhost'
smtp_port: 25 smtp_port: 25
require_transport_security: False require_transport_security: False
notif_from: "{{ synapse_smtp_from }}" notif_from: '{{ synapse_smtp_from }}'
app_name: {{ synapse_app_name }} app_name: '{{ synapse_app_name }}'
notif_for_new_users: True notif_for_new_users: True
{% if synapse_client_url is defined %} {% if synapse_client_url is defined %}
client_base_url: "{{ synapse_client_base_url }}" client_base_url: '{{ synapse_client_base_url }}'
{% endif %} {% endif %}
{% if synapse_auth == 'ldap' %} {% if synapse_auth == 'ldap' %}
password_providers: password_providers:
- module: "ldap_auth_provider.LdapAuthProvider" - module: 'ldap_auth_provider.LdapAuthProvider'
config: config:
enabled: True enabled: True
uri: "{{ synapse_ldap_uri }}" uri: '{{ synapse_ldap_uri }}'
start_tls: {{ synapse_ldap_start_tls | ternary('True', 'False') }} start_tls: {{ synapse_ldap_start_tls | ternary('True', 'False') }}
base: "{{ synapse_ldap_user_base }}" base: '{{ synapse_ldap_user_base }}'
attributes: attributes:
uid: "{{ synapse_ldap_attr_uid }}" uid: '{{ synapse_ldap_attr_uid }}'
mail: "{{ synapse_ldap_attr_email }}" mail: '{{ synapse_ldap_attr_email }}'
name: "{{ synapse_ldap_attr_name }}" name: '{{ synapse_ldap_attr_name }}'
{% if synapse_ldap_bind_dn is defined and synapse_ldap_bind_pass is defined %} {% if synapse_ldap_bind_dn is defined and synapse_ldap_bind_pass is defined %}
bind_dn: {{ synapse_ldap_bind_dn }} bind_dn: '{{ synapse_ldap_bind_dn }}'
bind_password: {{ synapse_ldap_bind_pass }} bind_password: '{{ synapse_ldap_bind_pass }}'
{% endif %} {% endif %}
{% if synapse_ldap_filter is defined %} {% if synapse_ldap_filter is defined %}
filter: "{{ synapse_ldap_filter }}" filter: '{{ synapse_ldap_filter }}'
{% endif %} {% endif %}
{% elif synapse_auth == 'rest' %} {% elif synapse_auth == 'rest' %}
password_providers: password_providers:
- module: "rest_auth_provider.RestAuthProvider" - module: 'rest_auth_provider.RestAuthProvider'
config: config:
endpoint: "{{ synapse_auth_rest_uri }}" endpoint: '{{ synapse_auth_rest_uri }}'
{% elif synapse_auth == 'oidc' %} {% elif synapse_auth == 'oidc' %}
oidc_config: oidc_config:
enabled: True enabled: True
@ -184,9 +184,9 @@ oidc_config:
client_secret: '{{ synapse_oidc_secret }}' client_secret: '{{ synapse_oidc_secret }}'
user_mapping_provider: user_mapping_provider:
config: config:
localpart_template: {{ synapse_oidc_localpart }} localpart_template: '{{ synapse_oidc_localpart }}'
{% if synapse_oidc_display_name is defined %} {% if synapse_oidc_display_name is defined %}
display_name_template: {{ synapse_oidc_display_name }} display_name_template: '{{ synapse_oidc_display_name }}'
{% endif %} {% endif %}
sso: sso:
@ -199,8 +199,8 @@ password_config:
{% endif %} {% endif %}
alias_creation_rules: alias_creation_rules:
- user_id: "*" - user_id: '*'
alias: "*" alias: '*'
action: allow action: allow
... ...

Write Preview
Loading…
Cancel
Save