diff --git a/pillar/role/matrix.sls b/pillar/role/matrix.sls index 7b4123d..43ddc50 100644 --- a/pillar/role/matrix.sls +++ b/pillar/role/matrix.sls @@ -9,6 +9,127 @@ profile: database_host: 192.168.47.4 database_name: matrix database_user: matrix + workers: + generic_worker: + - rest: + - ^/_matrix/client/(v2_alpha|r0|v3)/sync$ + - ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$ + - ^/_matrix/client/(api/v1|r0|v3)/initialSync$ + - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ + workers: + sync1: 8501 + - rest: + - ^/_matrix/federation/v1/event/ + - ^/_matrix/federation/v1/state/ + - ^/_matrix/federation/v1/state_ids/ + - ^/_matrix/federation/v1/backfill/ + - ^/_matrix/federation/v1/get_missing_events/ + - ^/_matrix/federation/v1/publicRooms + - ^/_matrix/federation/v1/query/ + - ^/_matrix/federation/v1/make_join/ + - ^/_matrix/federation/v1/make_leave/ + - ^/_matrix/federation/v1/send_join/ + - ^/_matrix/federation/v2/send_join/ + - ^/_matrix/federation/v1/send_leave/ + - ^/_matrix/federation/v2/send_leave/ + - ^/_matrix/federation/v1/invite/ + - ^/_matrix/federation/v2/invite/ + - ^/_matrix/federation/v1/query_auth/ + - ^/_matrix/federation/v1/event_auth/ + - ^/_matrix/federation/v1/exchange_third_party_invite/ + - ^/_matrix/federation/v1/user/devices/ + - ^/_matrix/federation/v1/get_groups_publicised$ + - ^/_matrix/key/v2/query + - ^/_matrix/federation/unstable/org.matrix.msc2946/spaces/ + - ^/_matrix/federation/(v1|unstable/org.matrix.msc2946)/hierarchy/ + - ^/_matrix/federation/v1/send/ + - ^/_matrix/federation/v1/groups/ + workers: + federation_requests1: 8511 + federation_requests2: 8512 + upstream_balancing: ip_hash; + - rest: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ + - ^/_matrix/client/unstable/org.matrix.msc2946/rooms/.*/spaces$ + - ^/_matrix/client/(v1|unstable/org.matrix.msc2946)/rooms/.*/hierarchy$ + - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/devices$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/changes$ + - ^/_matrix/client/versions$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_groups$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ + workers: + client1: 8521 + client2: 8522 + - rest: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ + - ^/_matrix/client/(r0|v3|unstable)/register$ + - ^/_matrix/client/v1/register/m.login.registration_token/validity$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect + - ^/_synapse/client/pick_idp$ + - ^/_synapse/client/pick_username + - ^/_synapse/client/new_user_consent$ + - ^/_synapse/client/sso_register$ + - ^/_synapse/client/oidc/callback$ + - ^/_synapse/client/saml2/authn_response$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ + workers: + login: 8531 # There can be only one login worker + - rest: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ + workers: + event1: 8541 + event2: 8542 + pusher: + - workers: + pusher1: 8551 + pusher2: 8552 + appservice: + - workers: + appservice: 8561 + federation_sender: + - workers: + federation_sender1: 8571 + federation_sender2: 8572 + media_repository: + - rest: + - ^/_matrix/media/ + workers: + media1: 8581 + media2: 8582 + resources: + - media + user_dir: + - rest: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$ + workers: + user_dir: 8591 + frontend_proxy: + - rest: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/upload + workers: + frontend_proxy: 8601 + config: + - worker_main_http_uri: http://127.0.0.1:8008 + + appservices: discord: repo: https://github.com/Half-Shot/matrix-appservice-discord.git @@ -25,176 +146,6 @@ profile: telegram: appservice_id: oepzkscngbyqvopzn773ns7whfxyfslgjhy7mumy7syurqp3f4kvb4sgufz9nfsw api_id: 1331253 - matterbridge: - servers: - irc: - libera: - Server: "irc.libera.chat:6697" - UseTLS: true - Nick: "openSUSEBot" - RemoteNickFormat: "<{NICK}> " - matrix: - openSUSE: - Server: "https://matrix.opensuse.org" - MxId: "@matterbridge:opensuse.org" - RemoteNickFormat: "<{NICK}> " - discord: - openSUSE: - Server: "ID:366985425371398146" - AutoWebhooks: true - UseUserName: true - RemoteNickFormat: "{NICK}" - telegram: - default: - UseFirstName: true - RemoteNickFormat: "**{NICK}**: " - MessageFormat: "MarkdownV2" - gateways: - # kiwi: - # matrix.openSUSE: "#kiwi:matrix.org" - # discord.openSUSE: "ID:669467339158454283" - kubic: - irc.libera: "#kubic" - # matrix.openSUSE: "#kubic:opensuse.org" - discord.openSUSE: "ID:734445719825416216" - microos-desktop: - irc.libera: "microos-desktop" - # matrix.openSUSE: "#microos-desktop:opensuse.org" - discord.openSUSE: "ID:734445753975570563" - # telegram.default: "" - # openqa: - # matrix.openSUSE: "#openqa:opensuse.org" - # discord.openSUSE: "ID:817367056956653621" - opensuse-admin: - irc.libera: "#opensuse-admin" - matrix.openSUSE: "#admin:opensuse.org" - discord.openSUSE: "ID:700799844754784420" - opensuse-artwork: - irc.libera: "#opensuse-artwork" - # matrix.openSUSE: "#artwork:opensuse.org" - discord.openSUSE: "ID:496049131928682506" - opensuse-buildservice: - irc.libera: "#opensuse-buildservice" - # matrix.openSUSE: "#obs:opensuse.org" - discord.openSUSE: "ID:723545727816433664" - opensuse-chat: - irc.libera: "#opensuse-chat" - # matrix.openSUSE: "#chat:opensuse.org" - discord.openSUSE: "ID:366989996101730304" - # telegram.default: "" - opensuse-de: - irc.libera: "#opensuse-de" - # matrix.openSUSE: "#de:opensuse.org" - discord.openSUSE: "ID:561164428939100160" - # telegram.default: "" - # opensuse-docs: - # matrix.openSUSE: "#docs:opensuse.org" - # discord.openSUSE: "ID:570871796132478976" - # telegram.default: "" - opensuse-e: - irc.libera: "#opensuse-e" - # matrix.openSUSE: "#e:opensuse.org" - discord.openSUSE: "ID:582568672196034570" - opensuse-es: - irc.libera: "#opensuse-es" - # matrix.openSUSE: "#es:opensuse.org" - discord.openSUSE: "ID:561190353030348810" - # telegram.default: "" - opensuse-factory: - irc.libera: "#opensuse-factory" - # matrix.openSUSE: "#factory:opensuse.org" - discord.openSUSE: "ID:523947864439914496" - opensuse-forums: - irc.libera: "#opensuse-forums" - # matrix.openSUSE: "#forums:opensuse.org" - discord.openSUSE: "ID:700825520668934284" - # opensuse-fr: - # matrix.openSUSE: "#fr:opensuse.org" - # discord.openSUSE: "ID:664012710597492737" - # opensuse-gaming: - # matrix.openSUSE: "#gaming:opensuse.org" - # discord.openSUSE: "ID:570871874481815572" - opensuse-gnome: - irc.libera: "#opensuse-gnome" - # matrix.openSUSE: "#gnome:opensuse.org" - discord.openSUSE: "ID:523949043110379530" - # opensuse-haskell: - # matrix.openSUSE: "#haskell:opensuse.org" - # discord.openSUSE: "ID:760556011395874856" - # opensuse-it: - # matrix.openSUSE: "#it:opensuse.org" - # discord.openSUSE: "ID:561194459619000321" - # telegram.default: "" - opensuse-kde: - irc.libera: "#opensuse-kde" - # matrix.openSUSE: "#kde:opensuse.org" - discord.openSUSE: "ID:523949061674369024" - opensuse-marketing: - irc.libera: "#opensuse-marketing" - # matrix.openSUSE: "#marketing:opensuse.org" - discord.openSUSE: "ID:660902159910567966" - # telegram.default: "" - # opensuse-newscom: - # matrix.openSUSE: "#newscom:opensuse.org" - # discord.openSUSE: "ID:806162338188361728" - # telegram.default: "" - # opensuse-news: - # matrix.openSUSE: "#news:opensuse.org" - # discord.openSUSE: "ID:376527321869451271" - # opensuse-nl: - # matrix.openSUSE: "#nl:opensuse.org" - # discord.openSUSE: "ID:605150216965849107" - opensuse-packaging: - irc.libera: "#opensuse-packaging" - # matrix.openSUSE: "#packaging:opensuse.org" - discord.openSUSE: "ID:496005129959374868" - # opensuse-pine: - # matrix.openSUSE: "#pine:opensuse.org" - # discord.openSUSE: "ID:794874055043710996" - # telegram.default: "" - opensuse-pl: - irc.libera: "#suse.pl" - # matrix.openSUSE: "#pl:opensuse.org" - discord.openSUSE: "ID:561164407560863755" - # telegram.default: "" - opensuse-project: - irc.libera: "#opensuse-project" - # matrix.openSUSE: "#project:opensuse.org" - discord.openSUSE: "ID:407993213425680384" - # telegram.default: "" - # opensuse-reddit: - # matrix.openSUSE: "#reddit:opensuse.org" - # discord.openSUSE: "ID:619283903571820555" - opensuse-support: - irc.libera: "#opensuse" - # matrix.openSUSE: "#support:opensuse.org" - discord.openSUSE: "ID:366987951734784012" - # opensuse-telegram: - # matrix.openSUSE: "#telegram:opensuse.org" - # discord.openSUSE: "ID:557298959765209108" - # telegram.default: "" - # opensuse-tumbleweed: - # matrix.openSUSE: "#snapshots:opensuse.org" - # discord.openSUSE: "ID:619284844865650698" - # opensuse-twitter: - # matrix.openSUSE: "#twitter:opensuse.org" - # discord.openSUSE: "ID:619283940318117953" - opensuse-xfce: - irc.libera: "#opensuse-xfce" - # matrix.openSUSE: "#xfce:opensuse.org" - discord.openSUSE: "ID:523949083241742336" - # telegram.default: "" - # software-o-o: - # matrix.openSUSE: "#software-o-o:opensuse.org" - # discord.openSUSE: "ID:733713878055256155" - uyuni: - irc.libera: "#uyuni" - # matrix.openSUSE: "#uyuni:opensuse.org" - discord.openSUSE: "ID:723546275915628585" - yast: - irc.libera: "#yast" - # matrix.openSUSE: "#yast:opensuse.org" - discord.openSUSE: "ID:545922654570414090" nginx: ng: @@ -258,6 +209,7 @@ nginx: - location /_matrix: - proxy_set_header: X-Forwarded-For $remote_addr - proxy_pass: http://localhost:8008 + - include: /etc/matrix-synapse/workers/nginx.conf enabled: True webhook.opensuse.org: config: diff --git a/pillar/secrets/role/matrix.sls b/pillar/secrets/role/matrix.sls index 7260777..d1c7e7f 100644 --- a/pillar/secrets/role/matrix.sls +++ b/pillar/secrets/role/matrix.sls @@ -441,6 +441,85 @@ profile: xuH3rwe5ieSD/dICAw== =djN5 -----END PGP MESSAGE----- + worker_replication_secret: | + -----BEGIN PGP MESSAGE----- + + hQQOA7A9CHm0S6RyEA/9ExAg7VEMHm/al+bCN9/BeqP1JRyOGI082CznotKrKTOK + 1QBMqtxdp2kcQQgjTHUHBMUDGZon8/AVOvNK3SsS8863j7rwydqhKIALqOqq2w9U + 73kdmP3FTVAZ0Mx6mcv509tNK1eV5lOSqQEgZD+GlqOece+/uGzZyxYmEaZaCbnq + p/PRmrmEuGKT1JrrH6VmCWr9Jqi5DByktT9gmrkVWuvYIpt9FWm4N0zy3Iw2uiL0 + fRjp/hhJr99WrD+KS54aZUQ7pwBi5O8vkL7U15WlflmCbhdDIOoo2NgQ8vztusN4 + CFmlYeO1AevTps3h44OIWYx7z+95vAxl4TUF11djxSbbHXJbxqB5UpoKRIXpVBSx + TcT4vyh+lixU5Ye4pB2Pu7W3kNAH4YxmTmOmaAJQVj7CYlk66SNEoRdWFT33BT/2 + tsdVujmwJlJKwl5szd6kGVeFodkvquS3+EGzpdjDNHxJzQgogA+ab1+8LfeDRvOe + FQKitInJc8BSeCb8yfDuquj3ytSvG6EiCjd8nSMp7Q63/uI4tu6RJZJBKtj56YOi + VzJ6QLVjg+/xO8/ysWsswGOJ1GzEkvWw7V+ZbDd+y4gcodnjXr8iJhvXO8sERM2P + mGW7hI9D+/EXF6YBkhwG0MTlgdpuP/9pIVttFcxqzJcaj+9a7uel7XwC5X6OMscP + /A/dKoCJ4mN/GwVkGRjgGyN7ZtfBhqETM/l/zhXlHXJSEOVB5t94z+ATW+NmquOs + J40pLx6w2+Hhx1y/Yr6JqGZZi9bJ5/kzFqPt5eFTDVJZakFLmsu1WZBu8I7AO8Da + YYleJdU059lFTOqxPaKCi9qouXur4YTXlFgQ7ynCtb18m0AOfJ/tsg7DSwGAhMgJ + VpLp5y5tsCS+6QahwkBJr1SujiXa6PcYrn4Z6z6uNlc8uQ1iSqsMaRKtYgUdINIX + AyVgu19GgWlHggMl9Vyh31gxvWMJ8voZVEHy1UAv/nKg+nETHvfIbmHf+8fB191u + mGCjrRjQGQ1JuwpslW/qu09C9Dpf5kFIKaRWQNMT9gzI4ZVAQKNm5m9kQRk6gEm9 + wkFaw5N8IrrvrDRNizyzYePkx/RbQ1as5Ue+9GsjSXm76JQUpcC4CTkz1hE+wt3k + ABKVPTe124AG9ZUC3N8WUVNugai2VnOr0E3c5xoNuWx3xGpXWTdj+vhR23HV1Ihi + 019XxBQQhcgiRFEUdSp/hXgBB83j4sI/k5q29+4dcUy8cCq78XH5RLWoFX3kqpF3 + pdv4zJnQljz1JaC1xTHKkuYA2Wdwwm8XTIg6Nk+9CDd/HlyXcZuuD3Mn2IiPHz5N + wEVFMMhFUoWBNAFLzuTcjq1dBQPJn54Ecbu/jAu2kTnMhQIMA8amgupjyC8cAQ/+ + Je7Hms+sZwK8gwFNgsbEIW7orLSZF9C3Wdd6XpLrwoeAzPjR8QetLfwOBNEeEEvM + +w58J56+5wnRgMs7YFoiCodO2xblxi8Cibl7wF6B3dd2dM+KoA5qVuwHGKNmTfja + fWz3gHCi0OT8fWvI9YFwZdE6lT4fcup7kVoxV0e10y/Q0uhxwVJG9JQrZ97sjaYB + WKlunUEv0iKCoVi2W+MYg7lH1B4886J5LQu922YGnAjESatJXY3aBAKt8tKnKama + 0zsLthKSUJn1LyLosHk77hxXzYcWBRYSUbCBl5X327xoY7frVs0NkvhU6sG5dyG7 + S11YUd0mRZRfnWGrXB1zQIc5Lw6Koqg9RtZMWhO4OKLgDRTff8lQdf/AoL8qrpgh + WOhY1LrNej2rBgIDpqYvZutySbHpe1xLJsKzMF+nsAMu9QzEFSfce4LnU1GDb8RF + ySJIFmqh+eDfSBGK2AhAXcWjskblWhLWpfAXbCPEas6EWDcioT/hD4e++Vt2lJhq + 6xu25af0BB5dvK7Mcn+v1XDCuAqtME6/EiRPPRgHrRhPJC/Gy2lDks5kCLt6f6mR + gQ35PskAwZgSNat9Qdmj2hfyGNQ+2DNgPYgJJCl6BocnwFAT3m1dH14kU8gedoQD + G1mVE3y7TgBAkSshc0YUWe1N7b4/jQHPMV7HofZXQNOFAQ4DslgfDDfB4G8QBACU + FsjsXj0VWV+vK2LwbBhs2r3CgbiMUrv1T6kffaFPzbtHfcTBOyrTWAq67lFXai94 + FG4o9O7EL4qECpQCyxgRHTQVzrP8pNJAkCBBzTz6Znatwa2+6KSE1k5s5/M90Hci + 1y6GIlgIj3IwJNbvnmLtD8YQuwkre8bKY6LkCoJltwP/UBF0uBZC94HDIXszxOd5 + 2wX36gUmVdj1kC+VyhuXg5T4ohl9EQp8XvTav2xkXrqwGXCwSXuPF8YnYbukREEs + qyoOBX2Ck3cI+mbT60p3s0lUZfdqL9cXN6J4UfCHPSx7Y/qmPEdwMv4eAiMiOTm0 + FtNcM6dj33SvbJQtr5wpxFGFAg4DiLcKbyvsTOYQB/92moWrdgttNvk4j4LBWqPo + eJfnsCkG0jIDCgmOvdUJS0dJ4Mc92OpsTQenf3PZxquxHy08ZtELOwIEBuGYO39H + MajazYPd38pjuc5CrwefR+oAtfay8X016DoHe9NcL7YZzi1ah8VP4yaRp2OBRWa1 + jfC9xYqhfbzP+6JhCVg+o+nu3RimhkuhR2AfqwWKXRXkvsLt2/soB1w7KcRhJgR0 + 4DOVOHrZyBuEO9plUY4eIaVLAL+Qf9tfbovTb0PTnKWm2PHFLhzFe+n2OTFrJqAm + EOFHYIObEUvijkvEisX0kPPVkQmgUNly+522G3uFKI2oMotyngfpPCu4WCVWYhbg + B/9KgugRfUVcKxyZlTN/UNt5Ech7jaXH7GVbAwW2Hg6ApLT4IqnddVqffS7Rqp4c + TtLbFq377UIdJRviBBSTS+z33ZvTt6FVzb9kLWeBnyS8MhngWmTWLJkEelDWD/Y4 + SpZX5YmoQlxZWCUZ9lUTOEu/jwyQa3BOpKa+5DilDSAX++DeiApo31BAf9CopNDY + WwBc3ROGaJjJ3hYU4B8CLrbR2rc6Hw+mG/WX6YoUn9S6GJ/mbrqqZcVw07txiuTk + XJ7lIrgvLbC+eHRQtc2Go81qlNWdbjmdtbErtzNANyl7wrMeV0knbMNInIUIlsIM + vBNVpt9hgQbnI6psb5QEgnwphQIMA3GiBwULdMTdARAAk3MPJTYDOtr6jFjp1yJb + dQZoZrvBRDE/v1UZxYen8KXVaafWb8fhA63a03HqVQ/AV56Ha9DC99PE1DdaN+1y + bMqbPvzNCs4GRCqTdT/1fujoKiSyCy8nvyr0XFviNHH3HQZsBzhC4RFTTheSqyUY + 0IST16Ne+77e68ZI1fPyabdnOGRJAF0lPgh5l5/JWpIag9b+XJhai6ONJgxcpKjF + 6EMN4A7i/mkVkxaj22YsIVihjtQIRWemvKbNLC6nKaBbEvjohLlAg7Xm5I1UjCoe + QjCEki33dzD1dRA9Yksvt/C79m5MXEdbMVpklhJdOspsWkI3aS8+asYK+iKO2mUz + MSLKeYanEoD/g5InQEKKbqUGsFmzQQda86pOELnt07A/cfsy6+REq8kA4XPM/hSa + MqNs+gLG+Z8UKsyoRgY+AKRXX1Z3CdiznD0jQAjRyfLPNSBF664m/QBBdnfXuyom + 0swKtDsW5aXhFcngIV6UX3pKUozg4gJOVk8vOFECJq3SB7v5+npQ8TzZXe534UM7 + YcXFXBgVKo9RqQRE+qORTvVPMIDT12yyXZ421zlWL3L2xd90qhp4SFR2cjsS3Lcm + iVNKRAK6yqZU/VDvyKKy4EMtBgbiEIV0LIooOt0OZU4ic3uWn1LRYaIIms2COldC + PC4yGFhiI8fryzlvCSww0DiFAgwDrPDOChusaZEBD/4mQkbxlRO/Gxc+ZigrOJaA + DAzqab53ReXzB91Oh42/EbNU5VW5uAWiUKcO7qdyzrqz2F2kCO/2ysbe62FoSVXY + /RhJkc4XN4xSJIePTgL7vbjNvhIvN5xoUTuKECWxZr/WeKjNrDMFMeFqhBGA26ip + V4qqtXC48k//2PozQ0PwZ2WtyAxNnm2dQDDoA81w4iQNJK9QbFX8NLkaTjAuv/2p + dn+p4oFiPbUm1kJyFpW2fpHdHB35SXJ2aVCvkYvNrFX+tOuFwXtx2HQfIApzckCm + UfeuzjdUR3m4bAxQn8Dd51Lbe0ZRRubOfNTW3t8j25+svIVDYDTmWJ7H4Unj9gX+ + WbwZPZcQhTWuAinvhReRlhQGQrgH2U1LxDV7aSzgBykSDfM2BVznlyVyzRCr2+QY + X8USISngx3evyqrvL78hhOdT0Kvek/OAb2kEdI4vYp2D6AXj8MHR/Hfq/Y0Cv8xw + 6QS2PJsA2CFOs6iIA8+UP8GfeXg6DdyHIi9avPWMVvoHh/DXuch2SfoTerNOJctY + OGq8wHCtGKmJZ584aP2XNvsfw4JNEjJfp2bHelaA6imYwOLOOvDdTVB+4xTaQPZF + kLd+S2WYp+8UnbSkAH3TADODcm3FImtKrvha/izF/whKT9xF6ZJaeaD9XRl21Aed + RbcOqq8k1QmCcqh/1z3y3tJbAaD4LVR8l92hhhnpMUNtKhdJP0XgEspJHmdvFaJm + L3p3PZeEqLqbyvSOc1+Ncvr4WKaD8sfwIOp3eXmsY0f7Ehn5x1ie9qR78HIHNEOr + gfZqY3yHX/Y1YGz+Hw== + =PxXK + -----END PGP MESSAGE----- appservices: discord: homeserver_token: | @@ -626,92 +705,81 @@ profile: bot_token: | -----BEGIN PGP MESSAGE----- - hQQOA7A9CHm0S6RyEA/9GTl9gC6hX2tGo05koqOo78SZfgZw+iiYsI9B9JzknpFQ - uRBxYsCDDhx/vvXfVWiIDPeIf3Ig2LuNCrdTFqT0s35RiGFbeY0oIZyn8zx6IcvA - 3uaHD0lUiSGu3+eJlZdWg4JjC0u9ccWsJ6lm6IO1YQPULTLF/kHHrWqAYM9EeX4g - FdTI/Ws5iguJAn6PyRGe44au7C0qXCZB0e4NhGufFIJHddQWyLHUkaPSFiHqmhgz - gOwHWphYzzdoG0AFo5sGmrt3u2rIX+I07BnuHl13Bf2C/nffos3DfK/MtAaXQJTV - t1LH2WzSvUx4bhubMERW5aspYIi7MeAj1DRZTnCtD9+o8Bo2QsWj2/rwu9GXM9ai - WbNXXL398tfiq1NY3FkChkcWlXsJqMBZfdiD2S72iShoi3GTTheTykyiljloQy4V - dMHlpRSUEwgnN8QPMMgXnagqJ0bmV2oNsCHpfy96z0S8JXlCbC9VwUHVCMy7L214 - R8hYpUE0LE+P52WPCQ9fSbkpzu4KNVPwZJo8KLzgVXWSY7PNou1DzFrXnqp+cSPI - ZA1/Jt4H4IQcQyZp1KDQ8zbieo+DZeM4/LqHcZgp+PnEl8CoBgRP30KOte/NqFYQ - bSxagXP2gLsrNJbPHkAjtALWoFV9Yp9xY/afRtavGbDVNgL6R2CJSPgNReFIhvIP - +wZynGCFALtPVNM56tOjm7JHeNIvNPprdFz7BI8vbOuJ8zTKi3mCxzBjHRK3dmta - buKAkkaq3h0hdvCTa8TIG77S9Ag71uU1E8CmoJjayAL8NvhXYRGmap40TTaVIALr - b7mKz4FkrtUImlQxrxug8Hw9KnWeIPyGj5E9mK80rXnt83/+3blitV0C/IGpQXaa - zJxNZkOmKTLH6+PYbj2nYQj6e+ELOL0eNo8DhRFpqAKl+vZ4mqVTN6oLFJ5frFrW - mZ4xeY484t+WeYLDLF7PlTFfTOhJN4y+yVk6G1YzwrTUXiEL5K5QHPccrVS272l6 - /RaCSisOnruMIrOXTKYXzCs5wUkIciEBj2awdBEwxHPvFdTrJ5rkYELDbXAqc5ZT - YUYAvQzcBRTzMiDlf0HyVAY1XZsScp1f/gV1q4uBUoUfWQ71XNZnCOHNGl02oxcV - J6ZaGQrjw1dRrCe/pbVXooBUqKq5N0KNzrhaJKlvDsoIu/yZJ9h6gDtWrUInG092 - nqpmnnYyqvTsd4Yt80Nh4rQjqc5Qwnfzzy8uqG5usB81VSp50q8xHo4Sy/uoi90V - qC/Z3j3CCaCZgDLVne/jPsX6Gyw+xQOu+PNnQ/BNjggObFDW0LKH6/0RryKW/owi - vcn8x/EIuU1m6OlYi0ei61Xw8RQ0+5/aegZk7C41q5e9hQIMA8amgupjyC8cAQ/9 - H8kdpIZNC+0CjfGRSZSBiTYNCs2E4F0EToUsJa+dNUjArZBGf/jNFP8wSMORRU+r - SLQl7MsvdoQsU+mQfhHAjt1oT+C5lgVHxYEE8htHlvjO3UCRSdW96ydiy+ewCAai - ky4AFLEnQolEGahljkayg5+FFH1/nqCxi948umBrj25m2URmlEdqr8uBjaryakjz - 46uYX9/FNVUjtEztrR7mDw7QEdQ7aC8q4hYtmHx2pPdSqJzV/HfVHYTSBVX+gCwi - ziySv/t0ZBOkfJEHBoOKBl2YLuHo7bxvVy11lXe+g1vmTbICp892qjt3KxeWdB3N - u0I5i3WLEdAPQpzs2IJ1KyTivMqLTY+zUpo2jCrotbUZAAqPLZ2Ai6KklXzcnQwu - kNHzMPhy9fXsGBXpzpNDfAdUdWu0NvGrlkfZDn7JGkUtS8mazxBtlWJl9HUlWtZ8 - U1HVJOygr92Yj81lU4xnUELUq+Gxq5XCT6oy7TXwoWk3I5dC/WMAY8GhHO3CYDlO - J3giBIA6CeVCKV14Y/ucDEpztnEo3Jcee/jfBYo674u/nriHkIJq8pZUxtV0MJFc - GxDFrcrOhdsFk9cdbejsIV/DOBiIWGGnv6T4JpO2SNEm4ExRTmA2mffrL/k4/ui0 - rzjawouQY4AbynW3ObY16+TIC+5nmf4SqEDq7sOHkSaFAQ4DslgfDDfB4G8QBAC8 - EUItUezNE0w4gkKdpkayDDo/piaZQUklHeaklRwWLzinb5DsZrEMKLnt/dgepX7z - Y5nUGnrGGxLgz+U8R+XuWMdpWUknqheJBsRAYBlchimccAnCkTPVSpUiJ85zSOY6 - Wt+0vBJ92gyv5SsK8vRju+oM2MCWVm3+qSoqynfW5QP/WQS6uVnzT/ffXgeaaPv0 - bYKHB+kZDPn+5oAaJFy/b0kt5apWfK17bHS2Hpnb7vyF/Y7Bwny6SSw05EzN9gMZ - Y4hA39LUNf72vZ34lTQ+570b3+9lNyIfg/pqUSK4gAPGW4TktqxA6qO4ZyUmbxMq - 04nAb5ZiHSNo1o8+EXKTu72FAg4DiLcKbyvsTOYQCACUdexcX7amWhswYxHYbWPy - T8xIfpHlfPHxquLPMy9I+/siL6+NHZmOwJ18o+rYuA+r5wZ+KX4B7e3DrB3kXsLr - x1VHffMbTfeHiWA/+o2IvPyi3tmAcd+EMexS5CHTg8IVQVzTl9ioc8Tax/uo6wB7 - NLHGoNSQIshrc3zdll6sLlyXkIuuX6T0qt8JASc9u2x+oR+31Mdk2DgWl0wb+HuM - BCdEMKstNl9maKLIXnh4sBhXGtMsVygkftw4xeHlaeNzy9ArHmCTaO2vHxERLIyg - 7ksv+muKeC1/1bmY5lgbNzwUL5bqN9Sx9C1z2vsD4xaJW9q0CmgMsfIemgYMpw/W - B/0SMn5JejOoZbA4dH7CTUdF2eZ1Ch+E+Tp75ahcvChuG1B1WomgAG2wpvWvwhhl - PvObmEP76ldhkggmyqYGeFISegKCLxa+23tMcFbLX6TUMeLjsO/XgW9FWzT3OqvL - iaCSZtpFx0w0W4yGKC3AEtv66BTWabyhd+OPt3a94nIqOTQ6MZT7YHCo2qicgd/U - N7DFgC3cfRhfKSyAXN8USkvtxklAnNAaSJ4a+hN5+fLdBngtTLX9OwHUBJzELvrb - FKj1oJZQhuj8rSYHEnrOi+lEMHDyJBPPL88ciWL6KyMddHGC12Z7nIBt+FUXsN/0 - M8KTQir1PWcIema5/KvQwd1JhQIMA1tQWD9t5xGsAQ//f9DBfSriHPCIvD5ko8g7 - HimHLH7T9SOmLOcGsgnwzWLOh2oH4oe+Kz3wJo8oOTeAMMZpcf1IBnRrBrdLXDDX - 5svdqk3LvvYlAHIWADRNM1u1vJl6i9hzBi2RicFN73Lv1Le5wCcuVn9GFEVk3JCj - ywRWXZNBWF59M8kW1bMMkb7qS/jDhY17PGrk++TEO1IJQrTCTCKDV3stzZ7CQIPZ - 2OpzTITR/yNsc6Z1GfhCmGQ3pCjyxQXHU9WEvSf5jtgXNx1mPRtvJQfyqifWV70P - pU8xU478zg0kh0gQyVI6Vgh+s8e22pB+xiaBhgOiIEpA/aYx7KW1YnuB0RDKIt8V - y45WzvsXKzw3eqrzi5BaMTSL/gDAkjzc0JO4yPDNvMZxEnvOrc6ENaY/0tnaqyGS - AiC/MNDpYSpXoIqjja9J742RmWU/n2VEwHqqrFFOoNk/r2+3GwVJGG5HFVwOasQa - 6gkrzOhO/sPfb6DWB2yf73r48lG1DOTBVBrWi+yzlYLsRDhWaVZBkF8hx0zVouc9 - tf5LsECoKciqCzZAupq++9mC1mt2H0eA1aKFk2TrND3tknEWC8QQZ0xWcgZGUFIk - TZB36MugmMqc7HzYtRji+ldbVFEBeWRtge1arKnD33MJOOsvhYje8yvL68cilOLN - 2t7EgBYX7TqM+8BHz58Ytz2FAgwDcaIHBQt0xN0BEACdz2Gu1SCZHja/eQ9SLZZ1 - rbiNPpWVJWt25samHgvBKN67zDB/WS99XcbGbPVFCFZftcPtu1nJ0cI+ZuOruwkE - QENU9VY5tnRhlvT9eRGpRS0MNHqycJlKYrgJCWq0X1RmbgllBneXrs9P9nLGyPHr - r7jtAfAxYGOkFNjhxsLKhxbzp6Tgouhlp0jqp/N12ztNx/Pq49FrzEZ75lOJGXf/ - 2KHqziXupyS6g1vhVQxMHtr0fy8b8/e5EhywL4C5cL+ai+nTtFvNO0JWffUQDr9Z - dI5TDqogMPyLyh9NyRdflddY5h9a+gF6weA4phbq/WWbGu4WHbuCgOfSYaC/P5mi - UrLpHjYXvfHaAheb9TamfNVo2v1Lkw5E3yXbpVJhp5JwKX/OyiU5fKrqXEOsLwuu - opd0JwblsR0HVDgsNJz78lyH6unJ7xF7xH7QB9rFi7gIuOtPzfs24lGrrYwBsIkM - 8kCrB/drwtXn2N+3REJHCjtMdoGiIE9DX4xutStz3aI2L8rHCcB4h9DIY/Sfiw7v - ZQ6mAHKTdcbRgfhX7vB8CTXZtUlQkLk1Vt9hHREaO9r+1XPGktwaEAw08986RNO2 - b3hAWfmGfblj4hcFz1QMRjHYEnyXoh0qOBH44DQtbTp6b6tueGoRF8H1f7boafxz - Akr1PBryCQfbIO9CqxL424UCDAOs8M4KG6xpkQEQAKbuJpZNEZyRuk8g93ZAMnOf - r++C1FY4nx8E2kNV+BlYTv+keoYb1nVcO+uRM1pTpz6F9JJOzJiMFxRQNkadb/7i - dkAP2DEUeVgdyxgWbIaqlZMERBhUkXAVNw6HO5Nyrec2gPcMSAxSs5eBtcY3SfZk - X4wvdEVQbXAUy9GmVuiX6iQphakLGwO9vwrHlqamtGrRm9bg7vYqDZLKmXnma+Lm - IaGiFHIEKFtZ6bM8dF0lvuzsScDLYSrutZkYRh+aRnVVpKxGH8u3/D3w0Z6cZFXr - X2IT4wApAlST1qwG5cy5ynhblaTcl8OWDvp6xosC3A7It+BvEk0fB+B4hWfaaQ8/ - FjDeHFrXnOELz/jnik2GL4tM91kS8WdPo1JSVApP44wW9mxngjl4kXz9s8qBNVFO - wE/qD0Ei8zfOJ4g8H0qiZarDEPIvzEs6I2qs5UC6KPXX083y90lGCUpP4sxDSolk - DTpH1q/qcmqmcoqjiZ5917qloG9HC8hKSQ5FDsZqSVaWER8N6MpjHb2NbLtovRe9 - /M+3xrmrExa2WY3DmUXUMgkdNj6GgsFXHa0c/HUiOBKxqL9YNGiXz+vvLCWB1ZcG - Zm3hjhF2zGK4DtSsPfRPxb0TukghdgPSdeGBQKCwp+1LiUs4/reVUlxCadum58gy - mef/atEK6+rhQebywKQY0nYBCPoE2mH2MKm18eBDrn3FRwq19EuU2tmnEpNMaLj/ - mxei+tCWYj5O7x/P3BNS1MPtAl4B5qvaI3uxcnNtMEy5KPmO+6OdTv2wpnI8es2O - NooGs/b58lnQryLAd3HYRceYsvKT/dH6Pm1yZZUezfC5taeZxzzq - =RZbL + hQQOA7A9CHm0S6RyEA/9EB/3yXCojETsyOiFlgITfd49KmZS9D4aV1QSPCepZ0ma + FamZhwBANjlVC1BIa111SbCic7LudKpsqMKR2EyPMYWj3Sw9k/wGuYXEa3tbqgD3 + vc+KlZRCj8xR8S0oFOWnJRLIzJS59/N6m3MNpZeLO+rkOLf5ze+0DexfVi2Bn/3J + MnkqepPYyEMsQ/OCjXRI5CJQa1DhKWlMsYYEDC6wJZOS8kPO3uTzt9Bcd5nnfWS7 + XKTCHN2YEaJtK2iE/0rukz51fHf1gtWgamLIIYH/9IokD82u9gZbYzdU/7/D0hwe + +YBeP1+Tm5l3Y5qmDuDdzbf1yOg6FembkKUarR63mYJu/Brj2frEQx6q7JlgkL5S + UzCMIaUpGl0jFNRFvmyRWl7m4pYfN+Xv6pagziXvD82x50DAmcyIHbHYZf0YBqaD + UK86F0a9GgaXlRi+hUCTxsktH1MaBXX+kp+1HuO/B1+r9SV54OE9SzwWOYlZXnI5 + GdLvYaueronOK/ZvX/GsMcdpNhpZhJS+LlLvXyvJjlLSFpNUdGw64XoJ+HBDnYfW + qY7JLPRZugoGCfUDX62kuFCGeRMNkzs6ViZjhNQ9NOfg9U1968//JB6L/V/lnfIj + jn4jc6zxs47qjH16TbocMhev5/PIQlYIcrEIyV7EyQX7e+Y55eN24/ps2TtwHGEP + /RiF1gO4GesIhtlbmD4TCTWckFl2a0KcGzKJdGTgsX8OIVdrkVRiDqZiiXbzHZma + P8DgnQdaD3kgBkoFD2T+huTQDYJbOV+P1po8RzOj/2dWIZ7Nt8+aIouJcrdi8Uta + VpNtlUZS2hDJ91XVkARTzV5AODDVZBlQp819XZlMM28M1ATcHhgM4M5dE/YVm5xX + 1GTnTLn6LIJClzFGcIO1RGHbnvFe9CfV5xuseZ1Fu1PqYWX0px7UNqN7TRQc3dJD + phE7+ksS6AEvIfRDKiWb+l7z7pXTPvazqOf1Z2zfPP090JLk3DvVHLZGtH6o9gDT + m/OrgVP3UynavNk+iHJNveq8n3C4GHcyERv6SAkWd+8BrV6HGkCHHffAJvPZ5Bis + TDYrRTtKUXPvCLfX7RGTYE9zZ2HAQYbfc3I6Si97eA/chgsTu8+TbXSoVLbyNWo+ + L+e4sDqsbpY3ntZ363+Ff/gjIIH0jx+tduUxjGWQ1LIIADf/4iHBOaPOYTGdsutu + Rpp27jm3mGExSCMjimSlXPmfubpKZxAJs/30l1tn1WyqMMXRb7/n5OCQpg15GNak + Ip1BlSm2W4gZn2e312yT+kMwHsxAVxGkt6PrYl60dLwf6gq8v4lHu5JMDpnEiqft + SRerdxMKYus/ckbLUZtKV0/Z25ePeeCbE5FVB5JwGeYYhQIMA8amgupjyC8cARAA + nTEb0ok8gmY7EkxMT3blJp6NC+Nmd8glLVA45f/7gz5jf6B1cnRJN7LBbMTBW5wy + D+zSIAvjz/Iyv97DSCndvf2kIR6opxh6CWNolIdCDlz8hlSqyUFsV8gwKUtuwcPo + 8vs5FTqBopZGDS1PVB6t5hMHeWIU21TegjpGokm+O3rg8heSA5dRaxlc0wK3WQ/p + KwKNJUulsqAgHp1hOnwWPZkPqhPvwoekdoXHSmtzafNuxwhz0E3VNusjv1nW+7zV + XDHcvY3OUatYjA7qFbC1s81q6aKh0atkSF1FGFcpy1IcUOUYWQUxxBlUimUgeuAZ + SsYk2dxXjXUgmOAG+eLIu+FRpusjsQpdxCzij/HWGv67bJ+s9IxF9PgSdh2OTUMZ + 6HsqPpiFsvvXfE9IZ/3RfVNq2G0K18TVkQ+396OfLwzcthROrAHsMocGFSxmf6M7 + f669+7hpHzaOBOgjIHIWIRUwlajhj9LAX/XhSQLGH6lh+1Y2DUs0xlXOM91hgNyW + 6KCibHFPyGVDovUEyJs4F1ghqsB52biiaepNy6KY00DfPGNyhQD+Qg8nFLGUiRQJ + DCTjpDEO8WwPYld1Oqam239fpl+Yxisdj0S7+K0knJORhs6MkKYMSze9FHZRPgCq + k3RTdSlDHu4PnGhZllYnco8NzUY/sPUkfRXeCiFpvWiFAQ4DslgfDDfB4G8QA/9t + ushyu206e1fGKZsHaMSgEJ1oTvSiX9Mqv97MDIdIxLaivHgozH+hhyjGS1iQfi8E + ckhKOFzFCJgFq673/GD44fVM5d+zr/Yz8ttwTgBI6KyrhXhi+FOU3ycoSo3IiiYh + emliDgiPES5wffv4hZnbv7kV7MDUlhzaBxdWzQtwvgP/c1y0zafL2EyMFauIe7xU + S03mQ9kPoYdMsV8VWT2ze0uFgKNlD6wMNsI1yFlARUBE7EjzE7rhvKd+Yt5gw5L0 + N+41+FeaBa6iLfrXB9MjR6I43bVuluOLZF+Df9XWQfEW0qYP3Re6/a4P/vrE+DEj + vOfkjl9xA4iZH+pT8Fxz3EKFAg4DiLcKbyvsTOYQB/4kzF3dmqde4h997XtjalDv + IG5t/NgYqrn3upL8kOi+ESR8DuRV2/tw2h2lFB+S9XC2gJ3w8KDxBPA6KwBibUPK + mPU5sQZxYqkyhZWbA6k1451qeQsAHN0sOsb/TcrpUncWOqsymD3b7Lq8zqKOU4Wp + 5NlwdMb635ef3t+kUJduxzmFpVUGDwNvf1zYdZAtUS35qKp+qWpGiV71nVJ3KTQy + ReEUJxgnC1lRYUaj//X+Y1FMEH1iFPF4Ob0emsoRzVCWPQ1DD9jFM6USZcBbbE4W + W9mpl4l8hFnvfpnAbJtOIW1mF1ZBR+9INKA4+sCpct7903m1KRWbPQHSTRpcBzXa + B/93tXnoAeyFFHeUa7A4rIYyw+4TI0s3HcBa9NpAr1C/Mc+yfX4rpruVokkJ1BW3 + KOmbh3OP9NBOLMuCKVdN/CAfUOPHeDEJ9bXvRRoPQPyajbYQwoO4PWs24merftyt + WLVu5Dw/loKzOyz91QIFYot4MMmvXQ+bzwnFNEj+dehIMWju6TblCT6sQ25RdgP6 + SN2ojsa57m7C69p3Sq7/5Aap2p0GY3wMW/0GMJwdVks4Kb46emErTcYb2f+2RVYM + K6ONVoAY8J9X95kiRRQqeqeb57tysnEGOCk8lih7ypy6QEaGrNLRdHdkILJlvkc7 + E4loPCkzqDah9hSquKpefac8hQIMA3GiBwULdMTdARAAkObydUj8Ly8vm2U7FICo + ftJnLwGBlqBwnmwJjOp1d3UxhTa4IGhG88KKAU1v+oYsulklaxibs8cUTjjiBTWE + aKu3SdP4qfZz+uocGt5sH/6nvbh2uMFXIJmXOOB+VkCPjQ0HmmrgCyXnYhizZV4h + N2KXaNUb51Mo75UDydF4aEB6RpEFewwqk9QmSL2+5UgIjCdTnSQigzxZ88ups3zr + SZ9ta2Bq6PZgFj2HfjZsIpQSubmwMnD0IjK47NJO52GnBH9mB7F3a312LA2mm5cx + avAfbCUDIkHg2Zr2zU71Kluu/4OUtJ8jbpROaZfrrmz8NC7r1oD/c1+Wr0G+MyxZ + RyZAoaVhj4xClZVJOVuGT4Cqy4+9A9Cw+ax2SSre0D89zI9oz+VcxSUSgaV2BdB1 + 2cGmAt7vdr9w3JkI8p0Jj7U3dDMvMz4R0XPjRi1M85793yWc1q5F3y37hPzV16B+ + 2TflPylNeXwx0OEnZ+4eiMv46EIp6HdRgS6BfLqbSmGVHShCNvJADGZwoC0Ct/N3 + eGjeD9H+MRTwNP6zYQ+oE84i4U8t2jafHzgH8deKlXBJFTKt1l6T8uauYKJISkTy + e7SjayylyqNPoyiop4El4++h/nzVY+EpKokl5csYaiqoRFfTVPSSXac90yaZNING + 6obueB6K7eS93PO9VxbTECCFAgwDrPDOChusaZEBD/9Jiwz+X/Vg9tAjjDfDdVrx + 085kF/svZU81I6dinyPd2mGIGYceIfJqajqlVJao204COerOSW4m+6+z+JJK5+iN + hSMGNloLTGtvieq7tnhpnKSv/bpEpYOv3et0TDWDv77Dc2gVoxL31aGuv1kLVV2q + AnxKnRhjyn5nZSbSM+IEfeSaQKtQ5SZcTi7e4ZUJ0VYXpVGMl56eygq3sPoDr1tv + X7iFewTHPDRmP28bRTz2DVjgXi1eDU8SfcBUCgS+dpbU5rZy+2bwKvwcAP4Z6QzV + ZoKOBkBbUmpPq5ZSxpOUW2hdpIm9aCN55RU7We0KYibIvE2w6DYFdnt1O6/68OJk + viuUidpGdAi4f1RnrvhxIeCUbde1F7Y813tXM4HiyV+gr7VMyhd3Y+5BTNFH6bzn + XcihDISMoqgFuKGnlXxQkGsVDUh3bN1GE45VPu+xEgyOk2GgtjgAEfd9W8Hnzp/A + 6Xg0AQTH6+zWEIYViGGzzISrxNNeiO77qfMVe71InCHx4TgoXbCfV0SMBqSemnKQ + CemjoqvQsNjqmX211AiIK7L3t2o6a35txvDk8rX/O3FUAJ0jW4e/+2VnIGV6EZG3 + W79bEWst/GFn3QHwAr4VNEpinuL0lhoRjmpqYEVDnMReOwPteZZlAek2JfHBBNoQ + gVzEdpPPDGssX+j5PT2R8tJ2Ab0TcY0kVQHj6ov6EHvI0IG9Jnsq/2/cTppGgI+8 + bDf93c96ZKXIFi1C94KnvPXmLf+BNOU1GE04bf0zqZ1GD3VOegl47Tzoptpd9Kbx + ZvessCd/zuO99UvQFik2C7ov9OxZ80vM+nfonxNBjlrsYcNaGmDG3Q== + =i/H5 -----END PGP MESSAGE----- webhook: homeserver_token: | diff --git a/salt/profile/matrix/config.sls b/salt/profile/matrix/config.sls index c6632df..2473c55 100644 --- a/salt/profile/matrix/config.sls +++ b/salt/profile/matrix/config.sls @@ -50,3 +50,41 @@ synapse_conf_file: - mode: 640 - user: root - group: synapse + +workers_conf_dir: + file.directory: + - name: /etc/matrix-synapse/workers/ + +workers_nginx_file: + file.managed: + - name: /etc/matrix-synapse/workers/nginx.conf + - source: salt://profile/matrix/files/workers.nginx + - template: jinja + - require: + - file: workers_conf_dir + +{% set workers = salt['pillar.get']('profile:matrix:workers') %} + +{% for app, types in workers.items() %} +{% for type in types %} +{% for worker, port in type.get('workers').items() %} +/etc/matrix-synapse/workers/{{worker}}.yaml: + file.managed: + - source: salt://profile/matrix/files/worker.yaml + - template: jinja + - context: + worker: {{ worker }} + port: {{ port }} + app: {{ app }} + resources: {{ type.get('resources') }} + config: {{ type.get('config') }} + - require: + - file: workers_conf_dir + - require_in: + - service: {{worker}}_service + - watch_in: + - module: {{worker}}_restart + +{% endfor %} +{% endfor %} +{% endfor %} diff --git a/salt/profile/matrix/files/config-discord.yaml b/salt/profile/matrix/files/config-discord.yaml index cdcc196..e603d8c 100644 --- a/salt/profile/matrix/files/config-discord.yaml +++ b/salt/profile/matrix/files/config-discord.yaml @@ -7,6 +7,7 @@ bridge: domain: "opensuse.org" # This should be your publically facing URL because Discord may use it to # fetch media from the media store. + port: 9001 homeserverUrl: "https://matrix.opensuse.org" # Interval at which to process users in the 'presence queue'. If you have # 5 users, one user will be processed every 500 milliseconds according to the diff --git a/salt/profile/matrix/files/config-telegram.yaml b/salt/profile/matrix/files/config-telegram.yaml index 437a471..19c3714 100644 --- a/salt/profile/matrix/files/config-telegram.yaml +++ b/salt/profile/matrix/files/config-telegram.yaml @@ -8,6 +8,13 @@ homeserver: # Only applies if address starts with https:// verify_ssl: true asmux: false + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's Telegram connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: + # Application service host/registration related details # Changing these values requires regeneration of the registration. @@ -194,8 +201,11 @@ bridge: example.com: foobar # Set to false to disable link previews in messages sent to Telegram. telegram_link_preview: true + # Whether or not the !tg join command should do a HTTP request + # to resolve redirects in invite links. + invite_link_resolve: false # Use inline images instead of a separate message for the caption. - # N.B. Inline images are not supported on all clients (e.g. Riot iOS). + # N.B. Inline images are not supported on all clients (e.g. Element iOS/Android). inline_images: true # Maximum size of image in megabytes before sending to Telegram as a document. image_as_file_size: 10 @@ -204,6 +214,7 @@ bridge: # Enable experimental parallel file transfer, which makes uploads/downloads much faster by # streaming from/to Matrix and using many connections for Telegram. # Note that generating HQ thumbnails for videos is not possible with streamed transfers. + # This option uses internal Telethon implementation details and may break with minor updates. parallel_file_transfer: false # Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. @@ -250,7 +261,7 @@ bridge: require_cross_signing: false # Require devices to be verified by the bridge? # Verification by the bridge is not yet implemented. - require_verification: tru + require_verification: true # Whether or not to explicitly set the avatar and room name for private # chat portal rooms. This will be implicitly enabled if encryption.default is true. private_chat_portal_meta: false @@ -263,6 +274,15 @@ bridge: # This field will automatically be changed back to false after it, # except if the config file is not writable. resend_bridge_info: false + # When using double puppeting, should muted chats be muted in Matrix? + mute_bridging: false + # When using double puppeting, should pinned chats be moved to a specific tag in Matrix? + # The favorites tag is `m.favourite`. + pinned_tag: + # Same as above for archived chats, the low priority tag is `m.lowpriority`. + archive_tag: + # Whether or not mute status and tags should only be bridged when the portal room is created. + tag_only_on_create: true # Settings for backfilling messages from Telegram. backfill: # Whether or not the Telegram ghosts of logged in Matrix users should be @@ -293,7 +313,6 @@ bridge: # will likely cause problems if there are multiple Matrix users in the group. normal_groups: false - # Overrides for base power levels. initial_power_level_overrides: user: {} @@ -386,7 +405,7 @@ bridge: permissions: '*': relaybot '@hellcp:opensuse.org': admin - '@pontaoski:tchncs.de': admin + '@pontaoski:kde.org': admin '@carl:kde.org': user relaybot: private_chat: diff --git a/salt/profile/matrix/files/homeserver.yaml b/salt/profile/matrix/files/homeserver.yaml index 139332b..e8a59e4 100644 --- a/salt/profile/matrix/files/homeserver.yaml +++ b/salt/profile/matrix/files/homeserver.yaml @@ -215,6 +215,12 @@ listeners: compress: true - names: [federation] - names: [metrics] + - port: 9093 + bind_address: '127.0.0.1' + type: http + resources: + - names: [replication] + # example additional_resources: # @@ -231,6 +237,11 @@ listeners: # type: manhole +worker_replication_secret: "{{ pillar['profile']['matrix']['worker_replication_secret'] }}" + +redis: + enabled: true + ## Homeserver blocking ## # How to reach the server admin, used in ResourceLimitError diff --git a/salt/profile/matrix/files/matterbridge.toml b/salt/profile/matrix/files/matterbridge.toml deleted file mode 100644 index e3bdfe2..0000000 --- a/salt/profile/matrix/files/matterbridge.toml +++ /dev/null @@ -1,24 +0,0 @@ -#WARNING: as this file contains credentials, be sure to set correct file permissions -{%- set services = salt['pillar.get']('profile:matrix:matterbridge:servers') %} -{%- for service, servers in services.items() %} -[{{service}}] - {%- for server, options in servers.items() %} - [{{service}}.{{server}}] - {%- for key, value in options.items() %} - {{key}}={{value}} - {%- endfor %} - - {%- endfor %} -{%- endfor %} - -{%- set gateways = salt['pillar.get']('profile:matrix:matterbridge:gateways') %} -{%- for gateway, accounts in gateways.items() %} -[[gateway]] -name="{{gateway}}" -enable=true -inout = [ - {%- for account, channel in accounts.items() %} - { account="{{account}}", channel="{{channel}}" }, - {%- endfor %} -] -{%- endfor %} diff --git a/salt/profile/matrix/files/synapse.service b/salt/profile/matrix/files/synapse.service index 073ef79..7297770 100644 --- a/salt/profile/matrix/files/synapse.service +++ b/salt/profile/matrix/files/synapse.service @@ -1,16 +1,16 @@ [Unit] -Description=Synapse Matrix homeserver +PartOf=matrix-synapse.target +ReloadPropagatedFrom=matrix-synapse.target [Service] -Type=simple -Restart=on-failure -RestartSec=3600 - +Type=notify +Restart=always AppArmorProfile=matrix-synapse -User=synapse -Group=synapse -WorkingDirectory=/var/lib/matrix-synapse/ -ExecStart=/usr/bin/python3 -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml +WorkingDirectory=/data/var/lib/matrix-synapse/ +EnvironmentFile=-/etc/default/matrix-synapse +ExecStartPre=/usr/bin/python3 -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys +ExecReload=/bin/kill -HUP $MAINPID +Environment=SYNAPSE_CACHE_FACTOR=2.0 [Install] -WantedBy=multi-user.target +WantedBy=matrix-synapse.target diff --git a/salt/profile/matrix/files/synapse.target b/salt/profile/matrix/files/synapse.target new file mode 100644 index 0000000..e0eba1b --- /dev/null +++ b/salt/profile/matrix/files/synapse.target @@ -0,0 +1,6 @@ +[Unit] +Description=Synapse parent target +After=network.target + +[Install] +WantedBy=multi-user.target diff --git a/salt/profile/matrix/files/synapse@.service b/salt/profile/matrix/files/synapse@.service new file mode 100644 index 0000000..89581a1 --- /dev/null +++ b/salt/profile/matrix/files/synapse@.service @@ -0,0 +1,27 @@ +[Unit] +Description=Synapse %i +AssertPathExists=/etc/matrix-synapse/workers/%i.yaml + +# This service should be restarted when the synapse target is restarted. +PartOf=matrix-synapse.target +ReloadPropagatedFrom=matrix-synapse.target + +# if this is started at the same time as the main, let the main process start +# first, to initialise the database schema. +After=matrix-synapse.service + +[Service] +Type=notify +NotifyAccess=main +User=synapse +Group=synapse +WorkingDirectory=/data/var/lib/matrix-synapse +EnvironmentFile=-/etc/default/matrix-synapse +ExecStart=/usr/bin/python3 -m synapse.app.generic_worker --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --config-path=/etc/matrix-synapse/workers/%i.yaml +ExecReload=/bin/kill -HUP $MAINPID +Restart=always +RestartSec=3 +SyslogIdentifier=matrix-synapse-%i + +[Install] +WantedBy=matrix-synapse.target diff --git a/salt/profile/matrix/files/worker.yaml b/salt/profile/matrix/files/worker.yaml new file mode 100644 index 0000000..c890856 --- /dev/null +++ b/salt/profile/matrix/files/worker.yaml @@ -0,0 +1,26 @@ +worker_app: synapse.app.{{ app }} +worker_name: {{ worker }} + +# The replication listener on the main synapse process. +worker_replication_host: 127.0.0.1 +worker_replication_http_port: 9093 + +worker_listeners: + - type: http + port: {{ port }} + resources: + - names: + {%- if resources %} + {%- for resource in resources.items() %} + - {{ resource }} + {%- endfor %} + {%- else %} + - client + - federation + {%- endif %} + +{% for setting, value in config.items() %} +{{ setting }}: {{ value }} +{% endfor %} + +worker_log_config: /etc/matrix-synapse/worker-log.yaml diff --git a/salt/profile/matrix/files/workers.nginx b/salt/profile/matrix/files/workers.nginx new file mode 100644 index 0000000..e8a7044 --- /dev/null +++ b/salt/profile/matrix/files/workers.nginx @@ -0,0 +1,22 @@ +{% set workers = salt['pillar.get']('profile:matrix:workers') %} + +{% for app, types in workers.items() %} +{% for type in types %} + +upstream {{ app }}_{{ loop.index }} { + {{ type.get('upstream_balancing') }} + {%- for worker, port in type.get('workers').items() %} + server 127.0.0.1:{{ port }}; # {{ worker }} + {%- endfor %} +} + +{%- for uri in type.get('rest') %} +location ~ {{ uri }} { + proxy_pass http://{{ app }}_{{ loop.index }}$request_uri; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; +} +{% endfor %} + +{% endfor %} +{% endfor %} diff --git a/salt/profile/matrix/init.sls b/salt/profile/matrix/init.sls index 08ab61b..faf7496 100644 --- a/salt/profile/matrix/init.sls +++ b/salt/profile/matrix/init.sls @@ -1,11 +1,35 @@ synapse_service: service.running: - - name: synapse + - name: matrix-synapse.target - enable: True synapse_restart: module.wait: - name: service.restart - - m_name: synapse + - m_name: matrix-synapse.target - require: - service: synapse_service + +{% set workers = salt['pillar.get']('profile:matrix:workers') %} + +{% for app, types in workers.items() %} +{% for type in types %} +{% for worker, port in type.get('workers').items() %} + +{{worker}}_service: + service.running: + - name: matrix-synapse-worker@{{worker}}.service + - enable: True + - require: + - file: synapse_worker_systemd_file + +{{worker}}_restart: + module.wait: + - name: service.restart + - m_name: matrix-synapse-worker@{{worker}}.service + - require: + - service: {{worker}}_service + +{% endfor %} +{% endfor %} +{% endfor %} diff --git a/salt/profile/matrix/matterbridge.sls b/salt/profile/matrix/matterbridge.sls deleted file mode 100644 index 258be18..0000000 --- a/salt/profile/matrix/matterbridge.sls +++ /dev/null @@ -1,25 +0,0 @@ -matterbridge_dependencies: - pkg.installed: - - pkgs: - - matterbridge - -matterbridge_conf: - file.managed: - - name: /etc/matterbridge/matterbridge.toml - - source: salt://profile/matrix/files/matterbridge.toml - - template: jinja - - group: matterbridge - - require_in: - - service: matterbridge_service - -matterbridge_service: - service.running: - - name: matterbridge - - enable: True - -matterbridge_restart: - module.wait: - - name: service.restart - - m_name: matterbridge - - require: - - service: matterbridge_service diff --git a/salt/profile/matrix/synapse.sls b/salt/profile/matrix/synapse.sls index 47ce17a..8e26bb3 100644 --- a/salt/profile/matrix/synapse.sls +++ b/salt/profile/matrix/synapse.sls @@ -9,13 +9,27 @@ synapse: - members: - synapse -synapse_systemd_file: +synapse_systemd_override: file.managed: - - name: /etc/systemd/system/synapse.service + - name: /etc/systemd/system/matrix-synapse.service.d/override.conf - source: salt://profile/matrix/files/synapse.service - require_in: - service: synapse_service +synapse_systemd_file: + file.managed: + - name: /etc/systemd/system/matrix-synapse.taget + - source: salt://profile/matrix/files/synapse.target + - require_in: + - service: synapse_service + +synapse_worker_systemd_file: + file.managed: + - name: /etc/systemd/system/matrix-synapse-worker@.taget + - source: salt://profile/matrix/files/synapse@.target + - require_in: + - service: synapse_service + synapse_log_dir: file.directory: - name: /var/log/matrix-synapse/ diff --git a/salt/role/matrix.sls b/salt/role/matrix.sls index 88e9b72..3dd5dea 100644 --- a/salt/role/matrix.sls +++ b/salt/role/matrix.sls @@ -6,4 +6,3 @@ include: - profile.matrix.telegram - profile.matrix.dimension - profile.matrix.config - - profile.matrix.matterbridge