From e00d0407ac56c92dced3cacdce68412ed34c3d85 Mon Sep 17 00:00:00 2001 From: Neal Gompa Date: May 28 2021 19:23:20 +0000 Subject: Merge branch 'hellcp/matrix-improvements' into 'production' Merge improvements from the machine See merge request infra/salt!497 --- diff --git a/pillar/role/matrix.sls b/pillar/role/matrix.sls index 9f205b7..00ce2bf 100644 --- a/pillar/role/matrix.sls +++ b/pillar/role/matrix.sls @@ -36,7 +36,7 @@ profile: matrix: openSUSE: Server: "https://matrix.opensuse.org" - Login: "matterbridge" + MxId: "@matterbridge:opensuse.org" RemoteNickFormat: "<{NICK}> " discord: openSUSE: diff --git a/pillar/secrets/role/matrix.sls b/pillar/secrets/role/matrix.sls index 2840a6f..3b079c5 100644 --- a/pillar/secrets/role/matrix.sls +++ b/pillar/secrets/role/matrix.sls @@ -1625,83 +1625,84 @@ profile: -----END PGP MESSAGE----- matrix: openSUSE: - Password: | + Token: | -----BEGIN PGP MESSAGE----- - hQQOA7A9CHm0S6RyEA/+KlgyWih6i0WUXtfMZ6+RgcCIAo7hBeqQu0DHkwgZ13ih - SZ2lQ0xHszmUAHdSQRwz2xnZhkI/+Ph+VNTMY+oaIc1Uat0A2NYesa83RkBLui7L - gvZPiwAWOm/XkNwtalye0Jdf/JbwhN1hC7Nrq9/BNxNoo42STWE1j/LqmA8JuB4C - pmuFKP4nAZ+cI0t80+UASWbEtSsHclDw60kBwL4nnukjon6sm9gUpreWrjFtjTSt - KANw0U8Q+yPspwDqqDxNl5j2bKXcVKNDMl3xIsMzd23sD2amKF51fuV4eAXZCAPq - xgLhUGw7eKhsPdIwhFhgUiPqntvCI5aReynFE9TAzv0lo/+Rx7QJSnAXlFXrKn3q - EYoRkjvijyqjVusZt4S/xrWttWxH8KHWyVTbDfbWU7UoQPGO1tqwbSFCnsO9yhYX - JUGXBOXr3Uhbe+SqeSfaiCchbX0y6ncbn0TNld2dDHvxHYYOhYysQmpQCaM1uicR - 148aZt3WXSKsreTpAFAF/TaT6XFAb6/po1vqzzuJb2ITzd66aX3qoeLnZAkyTcsn - BQ8/O/UG7zPx2LA7crBouPxCwuMWRCgWj/OPwn6GG2PDUyK+fgxafUoMdWdgiOnv - 2gJXnTg9p5VAdvslNn6WszhRqNyp+ZY74cbY+fZxA5OLDdnasnj6+jyGgX1C3GAP - +wfu4OOJ0PZommkFekp5Zs64LdPXIzeU3pAQgOgB0GG4JhpWNtFlnp6EU5wkdAaS - 8FYlzgWIhfZBR6VwYOY8jbFJam3sE8C0Y5wT1Cf+BfKoim9s+4hwpVi1ONERhxzn - L2itBTBpkfXTxZDYbHXe2C7tBMsh965143ZybkGq05ef+QCCHN9KOOK1QRdRjbHk - sLP0t3X/U/GZsHVOiVq/yRAwH1JTJOEZQdYmdrjFOA8krfKZDzEpUFZe9CvbuXmA - Cin92bU4NprmVA3YuuDmlLN3lwwWV7GfaZPfDjGaKK8GSNMpCv4AlYhZUol8pcEB - lb95lc04xA0I2FnW/247oci1ixrRCaU+cr15bVlIMTli+1gJCSAjzhsAF+Dk8Zd1 - +nxqM4/SOdVRSheS31xz9a9wNeE06gvRToY96QuuZuU72ZlMjxety3lfnnpVCXSF - 6m0IJNCQbOPv14zHxL6ljxcueyR2AsRuq891IYKBLlcHQdj4YQfkRqShOVAKRxCF - NntATM1MMABdZR5u0d8SA/kfX5y6igR9zXmPbarmWEU9t4H/IgwfHEl6f6aHL9Ur - m/bhCRkuKlc+7xK9rnFD4fD64wPDGCS2gzGSxfpNowYkBMklRZh8f6kL9pa2tcwd - w0tP9TsJJIRqySfIYRb6LLZsohrjnHAaUjrOFOdUO+nPhQIMA8amgupjyC8cAQ// - V0kGtRxlJabW2tMnVgLTac6yWRyyxB1hlR9ONKlEEkq/ewXP4x/oDQnafkXiY0Rk - aLXwIB4PknZLzTxOWr/22dvWPrsvO2c4psjAE8WI+HnPeCCpsaNApyIk3SWlK02Y - yQurR7AJTvAc80eQ3ZM8BFXYj9RCrykOH19tglSEfUFgVBKve+eWt8kqZESDGoqb - QuYM0gcJdbfaCucwigkZSUr3ozHCw+VqFdNL1lU2jNxpzoIYUebdDTkFJm11kWAy - iCCjvl3b1TRC/c/AvOl48/0RydEeEuF4pcQLda09hifvNgkhjPgBnKtbIXTcbg+b - L+bDHIDNeC6Pb+Y2aQ/MLYWIHjNgD/wu5s3WJuVffD7eP2HYjfQlRx90LLOgLZNd - zI9inSgx/dWCAxep5WGvgD/LyfHSnn0qKgB/cXvgGkrHzq13ytbWZfm30PUCM/a3 - 8TqEzolPVvE+11BcFAUuaBAtdCDlkD6Wsrgn8Imq7bXN/57dLG26Fp7uAXDPQtVO - M5iWcoYo+nI3mZr9wl7j/oO1MJDyg8PHkJui4klbbMNcsobtXnTqHHLLaRZaWa/t - NGAPrZMG82mA4kD1MhvnA4kDpVRofZVc06rUCFY+gHpKJj8hE+tMj05n9/5RGOXS - t1DuyHY2qexTEHe66DWxk5APacQNU66mpj3hz7y7C9KFAQ4DslgfDDfB4G8QA/49 - GbaaV6fxExteAHMjG8xyeEQGX8WqJgN4JMtc7wRv33E27vsksOy3tL2pcYScVLOB - W1sMAmdfndUXKTPp82LL1+POL7Ee73R2y+oiJilbqxuLCwEZC64CxHyUiza/+yJT - sZgPK4jwZNzuF0CSRcZ95XnBqoCzfVq25d9Wgx78LQP7BWVKuH3KiZQ0RNAAbKin - K17NqjkPrPBzLl9660MmGkAJFzdt8KkmMH7oT25SSrA2ImYEHF36yIjBr7fvlDci - t7110D5jzgCZ5HsbhGFlJxY3HpBZQ/SRKxbzdI9YCWxkKrH6BxebqaKtsNp975H9 - Ci6fk89/txIEB6ume2O7gIqFAg4DiLcKbyvsTOYQB/9sQYyIOjB5DNAH/vRWeiAq - o3wPS9fujmKgewpqh4rZSUWf4iCuckgAWPo5un4bkz7HJdTbbwx26LFgzCS1Rcmm - 9FTLvQDznNilHVwwsetXyoUI0wn3P5uAu8IhNF/hYYS65laf62aWC8aYSMqzKA1a - 7A7RO9ClA9TO9ocdH4sNRuQc9Xce4JaKkwo8Ukycw3TzgtTBzywRxAkdHU6IdLnY - oq9cf8Ae1kSlz6FGMXFmULktoS3WgIquC6GNFhAyohyHc1aS3KVv+IvPEbRxEmcX - XXuwopMTlSRabJDNWyKyWnUce9Uuu+xjRsAtQKc39MMioqp5fvbja0N5jW2PHzZB - B/9J3skmaY8PUHmjW22Lxsbk/gSn6WIVhgQiFPMjOumms7ymt+sD9WENHGV7TFFM - sHJ9n8TXvg2ZQQVDN+H2ZIZJ5z3/iPO16OMEx5ZL5ZwXJgXOwpRwk4C6yIw/lnFL - ET6gEKtW23ByA9snmzSf7hwb00RZ6wdw5LQPvD40jfC11XUZpTYAoKKlSD1Or7s2 - zPSgnrE5Eft5v6nWjjMKsYzjl0RnjIlbtEtbPFfgAaXPBJ+kilSr7WW1vZgH4AUT - jLBgHcnxnNemf/JgogDWkkHloVpA0w9CA3Jpz0drP3FHoQ9JRHo1FaID80dkItZk - WQB4TJ/MOTkNZgDJGPGrGYoyhQIMA3GiBwULdMTdAQ/+Pe5IaBinpDv0K9sFwGTQ - /8FYKADfPVc1PaZIGeMQJagxxUhHe7CHmWj3A91+RKDL51+sMx9qV+JufHkCdqmm - CWj+tfVpans0OeL8ZKMKAK31x5KbSo5bLSIWhhSYOGPc09qfKb9CwaPPiPp1TnR/ - A/Sog3FnsbvfqXXc+Di5ak1Qe4NdD6ECHJ+B+XAgCM780kxqGP2bwLt40lt8nGmi - 7u1nz7hkuWwD5UtaXkifhYZwMyNGw8i/N8m0ZN6/F59MptK7k/acox0JGi53qAp6 - nHp94mXKzI7n5okIhPCW15fXWORlqRTnYOJcr0Ojvyd5bgcFj8+rKXQrPkuy3SDH - pmJrVEaX03W4P2vLroZCy70MHEZ4gK/+TmbRrkX1nKBFj3DJrZgp8O+G16yIN/pd - L0JgyzenGVbx9ELxamdaX/4S6zCr9LTEhyzpve6D8WNfwmu+1ajqwrXtIThsUoQs - ZByUOZ2ocgaeZU+JDIESp80SujlY/A9xrVUJ+azDZRPyUr1s1AE4p3Be1r0w4CnW - +Z3z1yiEIg9SCY1Eh176Qv+cjwd6WH1zMBuWngw9vKqpiA5SjvzkVZ6GVic/4xZO - sC+QEQb4UQyt03BAtpBrlz7p/kwkv8HcBcNoaFd6r//4aSAiZl7uyNl2LB1+XudR - b2q2PHaJef7ZToA4QHSfeuiFAgwDrPDOChusaZEBEAC7Va+p7YAoowjtHGNNpM8Z - WPEoHooBZGzLuv7w9RPwiTCVtJcl9ANVOKNm7iGZTzaHiRZlS5Y6HAf8DkDw4rrk - BO3W6uKW5GIZapHkevc0veEW5mtx0h3uj5IfAe5qHxg47o1NDM55Ic7yjHYp4sZd - gnu0RkeNG+OA4UqII/M+Z7sFcZnuqUEQjIUooBlDlxz7PbLWxpRbeWa2LzV/tcKa - 73qbQW6w9Hdc3sWJrEvmkaWG3E2tRy9Ju0qQVeSLGEnZwFxlztlmfGX08bZeKdBn - nAyajWt4Wg7aTwHp2iHKvwQFf/rTbFWJ1e7wmGpeQ8yHiL4Dg62P3N636xVdyIxG - h0iLfJSEl5G57fz3l2x3rtVcfSwK+Gw3Kx0jhiQOkWbnjUeXpre0OL2dsG4IEda/ - XCVjEzc0+Ju5QfFPozu6f/E8suLyRk/E78gQq0Fwf9ChufU9mEcoquI1WRu/ZrAs - hjPgqOt1H013lk/D9WPk+j1wuTtpLwSzYzv9lxW/k/H/V1bijGQP7ZUahbRVWR3E - JKdu7KxftGg/SwpuN56SYwx/TNFnO6UxoxlAyDIJ9kM9zrQhcdSqTUYI4Y9dNtMx - nAh1DM8YrTGn5ekfMPpFthX/+EHf158LkCKtXUSxkKANb9VubwMKXRONlLUGcPVt - U5uR2kVe+qtLm95GMtEVqNJKAbbrgsCJduOkYH/dxAju6dT9th0oiGm5EO3JmvtL - SXMZY3o2h9esskFyPC67XpP0Yp3iC9iplxwaufxkZQUJvKwlzmXT45tBunE= - =EdcG + hQQOA7A9CHm0S6RyEA/6AsMSqbH5C/lmbZUyn09huypDCX65TOgMbz7U0fx41L8o + 7SwAqWJCPyV2/OyaAVEn+au02WscJUlQ2VmyPPh/YW5Y5s4FRXp9HIuu5gAaRvbW + 3GG40cMBqtM0+65RoJktYNdSJr+Tf+285/NLesOWx4boMxGOzlPxDXp0nW7m+q0q + Amwxk/x+pMEvnOop9g82URKZeitY5nBs31aAX2ZycYpjYwGVgmZP3WP2rpeqMTeb + 9o9+1+fAbQPYBzufReQTwoi7K8xJDMjWSs7mZ+QezfMulfdGEVqxhxk4hlAo/WbG + q5yBx3G+V63afDJ6eF1n+RtB1O5kAu2JH/lY8W71vrljwAA/iTz2ycyjRi0X8XKB + FlXPJc1HpOu35OAwI3I/qEKLGTnx8qYLNs6cJ5fQyvJ0mqt5dhwUEIhHeJBN3yTH + p1H3W5jK+1p/gdNwADwzteuSRQ8YH+iZsoW+FeVl2BVaq6XgLIvpoaSNJNboH1Hb + s/PuwMXO7LtvtpHtwKF/yvO/6b03y9fJZY0XQijMV8zM45jCPU7UMY+cQqFVh72x + ZvQ8Vtx9dSUuMdAC7ijnQXzuNKSnjiDPPTdAYvh0GvpnF2rjqhQDwKPD3mIIoDLs + o1h15dih2Cze8C0hXCFTgJtXCY/XbDYC4BJmiWWyrpPmbqBlBd6Q2A56x7/STq8P + /jhwgQUCZ2tUdNR23yxun3DY361CDJ5JbNlt5DtuRoi7MdeUqyPmh1ClH6JpTrlr + dCI9/l6egFGzNUJTWvja/nm/KAaIDc6MUngkIVRSp6utw5i+o0N6h/YbtYI93PBh + mUwfW/4DJiijFWQjTf3nRlrO5sDOH3KSMZXZlmo6M+zvYOt7f4mrgCljswpZyMyc + 8kldEPCOb4M8kbRUvrRsnn8grRYFodGylB49Cg83e+ho8kO//2raCieIA5lGIMcM + oQ7FOKhutHOSs7CMRoWXzl8z/VfNO5rNmN9Hk7gADdvFdTiQKngpiKhmbTyqnnuW + 2uyrvDcR/FAg2bOPWYGwG5HuMvGDKD+kBP8Z2cvGBMdtzPR5ko+gEWVy2Skjj+CL + oG3yn6iFhIVcdt3Ad8R7/ELU3Jq/2nB28aBEA7M4PJp7NvXOXULoNAbMLYNYh9hA + tFjEWS+48me5zAmsKpW7wiSjMjEfsIB5OUhc+RehWTWU55PZxBB94iob2hYtG7SD + aIgPIePDlaZyioPd1UEE95dUDUMjIMo7j4FOdWKXgsbT4vMGtI9OVeR0wIdEMCqj + 2PlYE5df7qfAqeHo+vzwtxjexrdPK3+LwOG5sJJbgMGUqAvd+fQXMGDkrzCEftbb + ocO4fO/V9oU2f0UJa64XkeP7hoJZZrowpaA1uyAezyFxhQIMA8amgupjyC8cARAA + xXvn7mw79iM6xNbHbxL9qa11xMfSHuuaLONvA/pfhJoSa1KbK+wJZDk4jUEo15sB + ioHN1gN42kxl92qEtTsh9Z4Ppl7xSRocJ4Y69iWbxUQh1pGg6stFzxEHnJDGqgIp + 6kYS2kLRx4L7G7kbQ2000bU+GhTf5gQz5ajdLN9cCJjbhvP9GMvVZB/LEGPx+8XQ + nxCuBCnOg+u2/KAVHW/s0lzUPmGnLv8872BlRtFatzcU1lSczp22G0DZOk07cLVW + TtF4pu8P44ymPqMyRtIi3fScNq2GstbwB8AXlITjrPRnYCNAVLNupuzA4cE7vOfx + smFcSjbuvbYIXbQSAMXV9mTqmzXAmKhTK26MncC8eJrcY/EU6jNYldo96GND+cx7 + uxocHlXpwZVg7v5XjoVbkz5z2UqqerKXCkhmTFrpm3U56FaI+pTBL9dX9jMvKs2e + 0TRzEwUcQqqa/uzjTosquwmKWOEjiViTFqnFXM7QMeZL7V44x7qnavrSNeN1hCBV + BDU4pdXOjgTSxxkeht1rKyJ9EgJIkx6ODqcQEwVfU+QAu13Y5su0qRGSg9Adsb3o + BY/AG/fLIV5OSMfefx43PzyGDCaZvwPq38pgbuEAMY19kQ6QEnozryOnMhvveYVN + 6k2eWfdBire9w/7FqpNV6+/VXj97I4RErAiS1vB+6B2FAQ4DslgfDDfB4G8QA/4o + cKPu7nQBfNn+KbzXA7weTTO9e4JjQbpHLI27VuqzQXq+x1WfZIYUxDNNfFHiWGsx + F9SlJBPVP1tpU8O4aHPvOZCmvgCeC/cAiBa0m2TQELnpsxL2aJtukNpY0WeElw97 + vIZIvhZeiQfuyiMmmCKMWkSlFSzlg9Yhfi8CC3NpmAQAjhJaqPtoy3sFfGRLBvHb + CcfiW/Kb+LrEbslm3nq/sdm1Chq3bAMqDg4qVBJ+kWdYzfyYCR1dWC7PvEQHP7w8 + 05E0r3cMxueNbn4C41Fx+GP3CDdi7fpRBSRoZNEjRBiMhg2wjypfjSrXr8RkLLKD + 5XA9Pcf9+3Of5NXzf2CESxSFAg4DiLcKbyvsTOYQB/4mLvVFOgNf9nL/Niyc/9iL + jR2ITOXfjaVvmuiOfCVKiCkzGNu9z6C5YzVjBOw8ljeohhzM6HK9CfwzggKfV9WF + Fi/MjStQkhGy1YhNiwHCki6RzWJtXg86OpiVy1+36pZi72qcFNDj5XI/YhWMbZ1U + chp05LilJ5ytyQhR8c4Md2gA2DZmytBpp/lDHeS/d9S+Vliciml6ft2tX3GccYbD + rrCrm2lz8Lyp4FLMMsOi82R2XyWtwZ1KCrlVni84FlYj0U/AQcu6RoSNqbCG/wF8 + tmry56/rvJBA69fI6KD47WNzFu5Yo5SCeLvG4gJq4Vq1LQgo0fYWrTZKC+bpuScp + CACQEXJRuRJpXcqzSFsg2wFdPCgy/urgoXBdCwVRZ/xLZHIKdahnAP2Ty8FBSYye + kjoh0s3AX1Xh9EoqHazAm7P8v07Sp9/0rtGQKUCrqpcrkBMh2cSCO4GuTs8uhEoF + MOw9mphWAGrWxIu5p3VPcZ30cH/JETzMkXZYR3592N8pk7Y7ClNAGqXBZDj3HS6J + sJuoKld67y7x8nKkwMb69jgCduCH0xYS4VMrNqi/MD/raYL4eiJNHXGLP5fdhgy2 + x7mAJ5BdXD7BFjKcVTNBXzmRmjySpFGw/VCfdsSS0kuACTG86ukLSjUoatXjpa6u + uSUYUvjGM+2YrCcBYlyrnY9YhQIMA3GiBwULdMTdAQ/9ELGIo+IeJAT/HQF6OXOa + aF5Z/QLQJeo6TLLHU51DAF2rCAHEiHCx0Lq5OMJR1u41TERwKJfufQdRpCp4uKFL + TkoWdK6KT4F1UO8lX5GvA5+ebhRGwrasMP2nGmYIm9k/EQ8GY8WWBSJuuQMlCm5N + QpFhDR541MC1R4AR3eqV/urBeEPCjFS5sVKL52YGAkHBjAa3xAQ287OBJXOf56fV + s/nI1dtGoGaxapSvjikqLFs4B9D9A23ihbcH1vLOc/Bt4XrpHc/ufa4QkbJF6lr/ + 7EpMLidMkvSx3arIU+2SPL8I5Oi0kvCsCJFAh8g81lNOvUWW0eqXjcmSGqG0Rsqu + m36fIka1gWxo4Pj5hPudSj91apXtDoqdRWHYpnA3ImQtP96hQOGhG9emPjBALXb6 + 71jCafda0YP9fmHR1/gKKtRiZ0lS6nh/m+Th+x+HAayeadhRghp8Hg2JQGV2hlDL + +C85PVuzdED5n+ubf5S4qaJSgOylFN0gTNhS3qh+s4D+QhjFJ0/p1JIJ4g/hF0rP + d5e02WtDSC9LmS+CDt8xb02Cs4ec5Am8FbxsexEZZWKTkxzm53ANh01nwyn4q9ra + CYOwE0qln6ds6URIqfuXgXv3RMeEiNoJmzzbKc7pcmYYJpbveJ0wflWUh8426OZ8 + UKiEPMpCz41Jz8gJQ9t9bg+FAgwDrPDOChusaZEBD/oDT7xBpZ7RKFGF1Sef1S3w + GuYgmI2B4oWDAC1sl5uEdLLr/YbkQUD1va9SpafVpEY9Mbh2t97ARc84k4Ps/J8f + fHRrfN3P9bTDD53spCaPDsXAwkreJwSxHyh8OHUA0xg/KVk83lm8de9b5yt/7gWn + z4Dd21XHet2A3BX5GGjYlsRSXPakqZFNW1rmXC/cDbeAs3NDTxIw9/c/4sHcatfY + F9F6x66KD/PalGt2nabkTUSABIJ+0R5r9dXdjR0IGG30h5hVUfgq/YKXkvu02H56 + D4U40oYmjsQ8VrecXdjOIZ/Eythe8C6MgLQS+eMCVzcwO1ha89ncwRtE1tmZzYQZ + S5fw/wEmeCgIV1SqcdWnM6GYJsnFswwiaDNkvMRTe1+gXEIdktiRhHnBZVR7qqrH + xJqYQpYQpkBLpf9D/+RzGzAaL11jQQrlrXraf8c9BIdAs4Rfm6oKyOHve2FYFDte + qWh7I/vpIqaMA3hv3jDUH08+ersIBLMDk8r9dd/ZAmCV7X7woarOdMjvF3arH5tY + Rk+RJok556MS5M6ZOOoeELEOmUyg5WRNX7w9IBzTdMc0Dm2DnGlq5Uv9XXCv6C8s + vqU2qAHd/cWrs6nB5XW0o169bamKz/jG1sctRDhVhIKb/5HTEdsOjaOX2ZRMdKl7 + rb186Kx64sHCJkExHvHtcNJrASaqGbxAUrr9Gzyqv/txMl5hBBr9EGfr7wFtdh2r + Jsnb5oSIKJBTA3yIvvcdNZyPGvUO5r2ZXNFWUuXUXRGWynLidYz3CDFJYbFMEETI + kUVLY+kQKd4G//2gJxDT3w1MSv1c+oz7zlA55So= + =9ml9 -----END PGP MESSAGE----- discord: openSUSE: diff --git a/salt/profile/matrix/config.sls b/salt/profile/matrix/config.sls index dc5d196..c6632df 100644 --- a/salt/profile/matrix/config.sls +++ b/salt/profile/matrix/config.sls @@ -50,10 +50,3 @@ synapse_conf_file: - mode: 640 - user: root - group: synapse - -/etc/matrix-synapse/irc_password.pem: - file.managed: - - contents_pillar: profile:matrix:appservices:irc:pass_enc_key - - mode: 640 - - user: root - - group: synapse diff --git a/salt/profile/matrix/files/config-telegram.yaml b/salt/profile/matrix/files/config-telegram.yaml index e849955..437a471 100644 --- a/salt/profile/matrix/files/config-telegram.yaml +++ b/salt/profile/matrix/files/config-telegram.yaml @@ -303,7 +303,7 @@ bridge: bot_messages_as_notices: true bridge_notices: # Whether or not Matrix bot messages (type m.notice) should be bridged. - default: false + default: true # List of user IDs for whom the previous flag is flipped. # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but # notices from users listed here will be bridged. diff --git a/salt/profile/matrix/files/homeserver.yaml b/salt/profile/matrix/files/homeserver.yaml index aa5d635..34f8a27 100644 --- a/salt/profile/matrix/files/homeserver.yaml +++ b/salt/profile/matrix/files/homeserver.yaml @@ -55,12 +55,12 @@ public_baseurl: https://matrix.opensuse.org/ # public rooms directory through the client API, meaning that anyone can # query the room directory. Defaults to 'false'. # -#allow_public_rooms_without_auth: true +allow_public_rooms_without_auth: true # If set to 'true', allows any other homeserver to fetch the server's public # rooms directory via federation. Defaults to 'false'. # -#allow_public_rooms_over_federation: true +allow_public_rooms_over_federation: true # The default room version for newly created rooms. # @@ -208,11 +208,12 @@ listeners: tls: false type: http x_forwarded: true - bind_addresses: ['::1', '127.0.0.1'] + bind_addresses: ['::'] resources: - - names: [client, federation] - compress: false + - names: [client] + compress: true + - names: [federation] # example additional_resources: # @@ -1048,6 +1049,7 @@ account_threepid_delegates: # auto_join_rooms: - "#support:opensuse.org" + - '#space:opensuse.org' # Where auto_join_rooms are specified, setting this flag ensures that the # the rooms exist by creating them when the first user on the @@ -1340,7 +1342,11 @@ saml2_config: # Enable OpenID Connect for registration and login. Uses authlib. # -oidc_config: +oidc_providers: + - idp_id: "openSUSE" + idp_name: "openSUSE Login" + idp_icon: "mxc://opensuse.org/KSTlFzuiXjVlynwiyCLYDPxy" + # enable OpenID Connect. Defaults to false. # enabled: true @@ -1364,11 +1370,11 @@ oidc_config: # auth method to use when exchanging the token. # Valid values are "client_secret_basic" (default), "client_secret_post" and "none". # - #client_auth_method: "client_auth_basic" + client_auth_method: "client_secret_post" # list of scopes to ask. This should include the "openid" scope. Defaults to ["openid"]. # - scopes: ["openid", "profile"] + scopes: ["openid", "profile", "email"] # the oauth2 authorization endpoint. Required if provider discovery is disabled. # @@ -1392,6 +1398,8 @@ oidc_config: # #skip_verification: false + user_profile_method: "userinfo_endpoint" + # An external module can be provided here as a custom solution to mapping # attributes returned from a OIDC provider onto a matrix user. @@ -1415,7 +1423,7 @@ oidc_config: # name of the claim containing a unique identifier for the user. # Defaults to `sub`, which OpenID Connect compliant providers should provide. # - #subject_claim: "sub" + subject_claim: "sub" {% raw %} # Jinja2 template for the localpart of the MXID # @@ -1424,6 +1432,8 @@ oidc_config: # Jinja2 template for the display name to set on first login. Optional. # display_name_template: "{{ user.given_name }} {{ user.last_name }}" + + email_template: "{{ user.email }}" {% endraw %} @@ -1450,13 +1460,13 @@ oidc_config: password_config: # Uncomment to disable password login # - #enabled: false + enabled: false # Uncomment to disable authentication against the local password # database. This is ignored if `enabled` is false, and is only useful # if you have other password_providers. # - #localdb_enabled: false + localdb_enabled: false # Uncomment and change to a secret random string for extra security. # DO NOT CHANGE THIS AFTER INITIAL SETUP! @@ -1840,3 +1850,5 @@ opentracing: # # logging: # false + +experimental_features: { spaces_enabled: true }