Bladeren bron

Add matrix roles

master
Dryusdan 3 maanden geleden
bovenliggende
commit
e96ee68dc3
6 gewijzigde bestanden met toevoegingen van 259 en 0 verwijderingen
  1. +35
    -0
      host.example
  2. +7
    -0
      matrix.yml
  3. +59
    -0
      roles/matrix/tasks/main.yml
  4. +121
    -0
      roles/matrix/templates/homeserver.yaml.j2
  5. +36
    -0
      roles/matrix/templates/log.yaml.j2
  6. +1
    -0
      roles/matrix/templates/server_name.yaml.j2

+ 35
- 0
host.example Bestand weergeven

@@ -0,0 +1,35 @@
---
coturn:
listening_port: 3478
static_auth_secret: "pwgen 64 1"
server_name: turn.domain.org
realm: turn.domain.org

matrix:
url: "https://matrix.domain.org"
admin_contact: "admin@domain.org"
limit_usage_by_mau: "False"
max_mau_value: 50
mau_trial_days: 2
enable_search: "true"
db_name: synapse
db_user: synapse
db_password: "psql password"
db_host: "localhost"
cp_min: 10
cp_max: 20
event_cache_size: "10000"
rc_messages_per_second: 2
rc_message_burst_count: 10
federation_rc_window_size: 1000
federation_rc_sleep_limit: 10
federation_rc_sleep_delay: 500
federation_rc_reject_limit: 50
federation_rc_concurrent: 5
max_upload_size: "20M"
max_image_pixels: "32M"
max_spider_size: "10M"
enable_registration: "True"
allow_guest_access: "True"
server_name: matrix.domain.org
turn_server_name: "turn.domain.org"

+ 7
- 0
matrix.yml Bestand weergeven

@@ -0,0 +1,7 @@
---
- hosts: matrix
user: root
gather_facts: yes
roles:
- coturn
- matrix

+ 59
- 0
roles/matrix/tasks/main.yml Bestand weergeven

@@ -0,0 +1,59 @@
---
- name: Install dependancy
apt:
name: "{{ packages }}"
vars:
packages:
- lsb-release
- curl
- apt-transport-https
- libpq-dev

- name: Add an Apt signing key
apt_key:
url: "https://packages.matrix.org/debian/matrix-org-archive-keyring.asc"
state: present

- name: Add repo
apt_repository:
repo: "deb https://matrix.org/packages/debian stretch main"
state: present

- name: Install matrix
apt:
name: "{{ packages }}"
update_cache: yes
vars:
packages:
- matrix-synapse-py3
- python-psycopg2
- python3-psycopg2

- name: Set template
template:
src: homeserver.yaml.j2
dest: /etc/matrix-synapse/homeserver.yaml
owner: root
group: root
mode: 0644

- name: Set template
template:
src: log.yaml.j2
dest: /etc/matrix-synapse/log.yaml
owner: root
group: root
mode: 0644

- name: Set template
template:
src: server_name.yaml.j2
dest: /etc/matrix-synapse/conf.d/server_name.yaml
owner: root
group: root
mode: 0644

- name: Start service httpd, if not started
service:
name: matrix-synapse
state: restarted

+ 121
- 0
roles/matrix/templates/homeserver.yaml.j2 Bestand weergeven

@@ -0,0 +1,121 @@
no_tls: True
tls_fingerprints: []
pid_file: "/var/run/matrix-synapse.pid"
soft_file_limit: 0
use_presence: true
public_baseurl: {{ matrix.url }}
listeners:
- port: 8008
bind_addresses:
- '0.0.0.0'
type: http
tls: false
x_forwarded: true
resources:
- names:
- client
compress: true
- names: [federation]
compress: false
admin_contact: 'mailto:{{ matrix.admin_contact }}'
restrict_public_rooms_to_local_users: False
filter_timeline_limit: 5000
block_non_admin_invites: False
hs_disabled: False
hs_disabled_message: 'Human readable reason for why the HS is blocked'
hs_disabled_limit_type: 'error code(str), to help clients decode reason'
limit_usage_by_mau: {{ matrix.limit_usage_by_mau }}
max_mau_value: {{ matrix.max_mau_value }}
mau_trial_days: {{ matrix.mau_trial_days }}
enable_search: {{ matrix.enable_search }}
database:
name: psycopg2
args:
user: {{ matrix.db_user }}
password: {{ matrix.db_password }}
database: {{ matrix.db_name }}
host: {{ matrix.db_host }}
cp_min: {{ matrix.cp_min }}
cp_max: {{ matrix.cp_max }}

event_cache_size: {{ matrix.event_cache_size }}
log_config: "/etc/matrix-synapse/log.yaml"
rc_messages_per_second: {{ matrix.rc_messages_per_second }}
rc_message_burst_count: {{ matrix.rc_message_burst_count }}
federation_rc_window_size: {{ matrix.federation_rc_window_size }}
federation_rc_sleep_limit: {{ matrix.federation_rc_sleep_limit }}
federation_rc_sleep_delay: {{ matrix.federation_rc_sleep_delay }}
federation_rc_reject_limit: {{ matrix.federation_rc_reject_limit }}
federation_rc_concurrent: {{ matrix.federation_rc_concurrent }}
media_store_path: "/var/lib/matrix-synapse/media"
uploads_path: "/var/lib/matrix-synapse/uploads"
max_upload_size: {{ matrix.max_upload_size }}
max_image_pixels: {{ matrix.max_image_pixels }}
macaroon_secret_key: <PRIVATE STRING>
dynamic_thumbnails: false
thumbnail_sizes:
- width: 32
height: 32
method: crop
- width: 96
height: 96
method: crop
- width: 320
height: 240
method: scale
- width: 640
height: 480
method: scale
- width: 800
height: 600
method: scale
url_preview_enabled: True
url_preview_ip_range_blacklist:
- '10.0.0.0/8'
- '192.168.1.0/24'
max_spider_size: {{ matrix.max_spider_size }}
recaptcha_public_key: "YOUR_PUBLIC_KEY"
recaptcha_private_key: "YOUR_PRIVATE_KEY"
enable_registration_captcha: False
turn_uris: ["turn:{{ matrix.turn_server_name }}:3478?transport=udp", "turn:{{ matrix.turn_server_name }}:3478?transport=tcp"]
turn_shared_secret: {{ coturn.static_auth_secret }}
turn_user_lifetime: "1h"
turn_allow_guests: True
enable_registration: {{ matrix.enable_registration }}
bcrypt_rounds: 12
allow_guest_access: {{ matrix.allow_guest_access }}
trusted_third_party_id_servers:
- matrix.org
- vector.im
autocreate_auto_join_rooms: true
enable_metrics: False
room_invite_state_types:
- "m.room.join_rules"
- "m.room.canonical_alias"
- "m.room.avatar"
- "m.room.name"
#app_service_config_files: ["/etc/matrix-synapse/conf.d/matrixircbridge.yaml"]
track_appservice_user_ips: False
expire_access_token: False
signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"
perspectives:
servers:
"matrix.org":
verify_keys:
"ed25519:auto":
key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
password_config:
enabled: true
#pepper: ""
enable_group_creation: true
alias_creation_rules:
- user_id: "*"
alias: "*"
action: allow
push:
include_content: true
user_directory:
enabled: true
search_all_users: true
enable_room_list_search: true


+ 36
- 0
roles/matrix/templates/log.yaml.j2 Bestand weergeven

@@ -0,0 +1,36 @@

version: 1

formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'

filters:
context:
(): synapse.util.logcontext.LoggingContextFilter
request: ""

handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: precise
filename: /var/log/matrix-synapse/homeserver.log
maxBytes: 104857600
backupCount: 10
filters: [context]
encoding: utf8
console:
class: logging.StreamHandler
formatter: precise
level: WARN

loggers:
synapse:
level: ERROR

synapse.storage.SQL:
level: ERROR
root:
level: ERROR
handlers: [file, console]


+ 1
- 0
roles/matrix/templates/server_name.yaml.j2 Bestand weergeven

@@ -0,0 +1 @@
server_name: {{ matrix.server_name }}

Laden…
Annuleren
Opslaan