diff --git a/CHANGELOG.md b/CHANGELOG.md index e960fd8701e..7db0b809245 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +# 2025-XX-XX + +## Go-NEB has been removed from the playbook + +[Go-NEB](./docs/configuring-playbook-bot-go-neb.md) has been removed from the playbook, as it has been discontinued since June 2023. + +The playbook will let you know if you're using any `matrix_bot_go_neb_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the bot manually](./docs/configuring-playbook-bot-go-neb.md#uninstalling-go-neb-manually). + # 2025-11-09 ## matrix-appservice-webhooks has been removed from the playbook diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 9762176c6c1..c01f5aa7ff4 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -1,267 +1,26 @@ -# Setting up Go-NEB (optional, unmaintained) +# Setting up Go-NEB (optional, removed) -**Note**: [Go-NEB](https://github.com/matrix-org/go-neb) is now an archived (**unmaintained**) project. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bot instead of this one. +🪦 The playbook used to be able to install and configure [Go-NEB](https://github.com/matrix-org/go-neb), but no longer includes this component as it has been discontinued. -The playbook can install and configure [Go-NEB](https://github.com/matrix-org/go-neb) for you. +While not a 1:1 replacement, the bot's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md). -Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. +## Uninstalling Go-NEB manually -See the project's [documentation](https://github.com/matrix-org/go-neb/blob/master/README.md) to learn what it does and why it might be useful to you. - -## Prerequisites - -### Register the bot account - -The playbook does not automatically create users for you. You **need to register the bot user manually** before setting up the bot. - -Generate a strong password for the bot. You can create one with a command like `pwgen -s 64 1`. - -You can use the playbook to [register a new user](registering-users.md): +If you still have the Go-NEB component installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server: ```sh -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -### Obtain an access token - -The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). - -> [!WARNING] -> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. - -## Adjusting DNS records - -By default, this playbook installs Go-NEB on the `goneb.` subdomain (`goneb.example.com`) and requires you to create a CNAME record for `goneb`, which targets `matrix.example.com`. - -When setting, replace `example.com` with your own. - -## Adjusting the playbook configuration - -To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `ACCESS_TOKEN_FOR_GONEB_HERE` and `ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE` with the ones created [above](#obtain-an-access-token). - -```yaml -matrix_bot_go_neb_enabled: true - -# You need at least 1 client. -# Use the access token you obtained in the step above. -matrix_bot_go_neb_clients: - - UserID: "@goneb:{{ matrix_domain }}" - AccessToken: "ACCESS_TOKEN_FOR_GONEB_HERE" - DeviceID: "DEVICE1" - HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}" - Sync: true - AutoJoinRooms: true - DisplayName: "Go-NEB!" - AcceptVerificationFromUsers: [":{{ matrix_domain }}"] - - - UserID: "@another_goneb:{{ matrix_domain }}" - AccessToken: "ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE" - DeviceID: "DEVICE2" - HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}" - Sync: false - AutoJoinRooms: false - DisplayName: "Go-NEB!" - AcceptVerificationFromUsers: ["^@admin:{{ matrix_domain }}"] - -# Optional, for use with the github_cmd, github_webhooks or jira services -matrix_bot_go_neb_realms: - - ID: "github_realm" - Type: "github" - Config: {} # No need for client ID or Secret as Go-NEB isn't generating OAuth URLs - -# Optional. The list of *authenticated* sessions which Go-NEB is aware of. -matrix_bot_go_neb_sessions: - - SessionID: "your_github_session" - RealmID: "github_realm" - UserID: "@alice:{{ matrix_domain }}" # This needs to be the username of the person that's allowed to use the !github commands - Config: - # Populate these fields by generating a "Personal Access Token" on github.com - AccessToken: "YOUR_GITHUB_ACCESS_TOKEN" - Scopes: "admin:org_hook,admin:repo_hook,repo,user" - -# The list of services which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureService for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest -# You need at least 1 service. -matrix_bot_go_neb_services: - - ID: "echo_service" - Type: "echo" - UserID: "@goneb:{{ matrix_domain }}" - Config: {} - -# Can be obtained from https://developers.giphy.com/dashboard/ - - ID: "giphy_service" - Type: "giphy" - UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client - Config: - api_key: "qwg4672vsuyfsfe" - use_downsized: false - -# This service has been dead for over a year :/ - - ID: "guggy_service" - Type: "guggy" - UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client - Config: - api_key: "2356saaqfhgfe" - -# API Key via https://developers.google.com/custom-search/v1/introduction -# CX via http://www.google.com/cse/manage/all -# https://stackoverflow.com/questions/6562125/getting-a-cx-id-for-custom-search-google-api-python -# 'Search the entire web' and 'Image search' enabled for best results - - ID: "google_service" - Type: "google" - UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client - Config: - api_key: "AIzaSyA4FD39m9" - cx: "AIASDFWSRRtrtr" - -# Obtain a key via https://api.imgur.com/oauth2/addclient -# Select "oauth2 without callback url" - - ID: "imgur_service" - Type: "imgur" - UserID: "@imgur:{{ matrix_domain }}" # requires a Syncing client - Config: - client_id: "AIzaSyA4FD39m9" - client_secret: "somesecret" - - - ID: "wikipedia_service" - Type: "wikipedia" - UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client - Config: - - - ID: "rss_service" - Type: "rssbot" - UserID: "@another_goneb:{{ matrix_domain }}" - Config: - feeds: - "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": - rooms: ["!qporfwt:{{ matrix_domain }}"] - must_include: - author: - - author1 - description: - - lorem - - ipsum - must_not_include: - title: - - Lorem - - Ipsum - - - ID: "github_cmd_service" - Type: "github" - UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client - Config: - RealmID: "github_realm" - - # Make sure your BASE_URL can be accessed by Github! - - ID: "github_webhook_service" - Type: "github-webhook" - UserID: "@another_goneb:{{ matrix_domain }}" - Config: - RealmID: "github_realm" - ClientUserID: "@alice:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. - Rooms: - "!qporfwt:example.com": - Repos: - "element-hq/synapse": - Events: ["push", "issues"] - "matrix-org/dendron": - Events: ["pull_request"] - "!aaabaa:example.com": - Repos: - "element-hq/synapse": - Events: ["push", "issues"] - "matrix-org/dendron": - Events: ["pull_request"] +systemctl disable --now matrix-bot-go-neb.service - - ID: "slackapi_service" - Type: "slackapi" - UserID: "@slackapi:{{ matrix_domain }}" - Config: - Hooks: - "hook1": - RoomID: "!qporfwt:example.com" - MessageType: "m.text" # default is m.text - - - ID: "alertmanager_service" - Type: "alertmanager" - UserID: "@alertmanager:{{ matrix_domain }}" - Config: - # This is for information purposes only. It should point to Go-NEB path as follows: - # `/services/hooks/` - # Where in this case "service ID" is "alertmanager_service" - # Make sure your BASE_URL can be accessed by the Alertmanager instance! - webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" - # Each room will get the notification with the alert rendered with the given template - rooms: - "!qporfwt:example.com": - text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\" }}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" - html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\" }} {{ if eq .Status \"firing\" }} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" - msg_type: "m.text" # Must be either `m.text` or `m.notice` -``` - -### Adjusting the Go-NEB URL (optional) - -By tweaking the `matrix_bot_go_neb_hostname` and `matrix_bot_go_neb_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one. - -Example additional configuration for your `vars.yml` file: - -```yaml -# Switch to the domain used for Matrix services (`matrix.example.com`), -# so we won't need to add additional DNS records for Go-NEB. -matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_matrix }}" - -# Expose under the /go-neb subpath -matrix_bot_go_neb_path_prefix: /go-neb +rm -rf /matrix/go-neb ``` - -After changing the domain, **you may need to adjust your DNS** records to point the Go-NEB domain to the Matrix server. - -If you've decided to reuse the `matrix.` domain, you won't need to do any extra DNS configuration. - -### Extending the configuration - -There are some additional things you may wish to configure about the bot. - -Take a look at: - -- `roles/custom/matrix-bot-go-neb/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/custom/matrix-bot-go-neb/templates/config.yaml.j2` for the bot's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_bot_go_neb_configuration_extension_yaml` variable - -## Installing - -After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below: - - -```sh -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` - -The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all` - -`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too. - -## Usage - -To use the bot, invite it to any existing Matrix room (`/invite @bot.go-neb:example.com` where `example.com` is your base domain, not the `matrix.` domain). Make sure you are granted with the sufficient permission if you are not the room owner. - -Basic usage is like this: `!echo hi` or `!imgur puppies` or `!giphy matrix` - -If you enabled the github_cmd service, send `!github help` to the bot in the room to see the available commands. - -You can also refer to the upstream [Documentation](https://github.com/matrix-org/go-neb). - -## Troubleshooting - -As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bot-go-neb`. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a1c11cfde8c..451b1b670e6 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -277,8 +277,6 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-bot-baibot.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'baibot', 'bot-baibot']}] if matrix_bot_baibot_enabled else []) + - ([{'name': 'matrix-bot-go-neb.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'go-neb', 'bot-go-neb']}] if matrix_bot_go_neb_enabled else []) - + ([{'name': 'matrix-bot-honoroit.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'honoroit', 'bot-honoroit']}] if matrix_bot_honoroit_enabled else []) + ([{'name': 'matrix-bot-matrix-registration-bot.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'registration-bot', 'bot-matrix-registration-bot']}] if matrix_bot_matrix_registration_bot_enabled else []) @@ -2838,51 +2836,6 @@ matrix_bot_baibot_container_additional_networks_auto: |- # ###################################################################### -###################################################################### -# -# matrix-bot-go-neb -# -###################################################################### - -# We don't enable bots by default. -matrix_bot_go_neb_enabled: false - -matrix_bot_go_neb_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" - -matrix_bot_go_neb_hostname: "{{ matrix_server_fqn_bot_go_neb }}" - -matrix_bot_go_neb_systemd_required_services_list_auto: | - {{ - matrix_addons_homeserver_systemd_services_list - }} - -matrix_bot_go_neb_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_bot_go_neb_container_image_registry_prefix_upstream_default }}" - -matrix_bot_go_neb_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '4050') if matrix_playbook_service_host_bind_interface_prefix else '' }}" - -matrix_bot_go_neb_container_network: "{{ matrix_addons_container_network }}" - -matrix_bot_go_neb_container_additional_networks: | - {{ - ( - ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) - + - ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_bot_go_neb_container_labels_traefik_enabled else []) - ) | unique - }} - -matrix_bot_go_neb_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}" -matrix_bot_go_neb_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" -matrix_bot_go_neb_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" -matrix_bot_go_neb_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}" - -###################################################################### -# -# /matrix-bot-go-neb -# -###################################################################### - - ###################################################################### # # matrix-bot-mjolnir diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 5c6723926f0..36e9ca49c72 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -127,9 +127,6 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" # This is where you access the Etherpad (if enabled via etherpad_enabled; disabled by default). matrix_server_fqn_etherpad: "etherpad.{{ matrix_domain }}" -# For use with Go-NEB! (github callback url for example) -matrix_server_fqn_bot_go_neb: "goneb.{{ matrix_domain }}" - # This is where you access Jitsi. matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml deleted file mode 100644 index 5d5e8b97f70..00000000000 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ /dev/null @@ -1,360 +0,0 @@ -# SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev -# SPDX-FileCopyrightText: 2021 Yannick Goossens -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Nikita Chernyi -# SPDX-FileCopyrightText: 2023 Samuel Meenzen -# SPDX-FileCopyrightText: 2024 Suguru Hirahara -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -# Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python. -# Project source code URL: https://github.com/matrix-org/go-neb - -matrix_bot_go_neb_enabled: true - -# renovate: datasource=docker depName=matrixdotorg/go-neb -matrix_bot_go_neb_version: latest - -matrix_bot_go_neb_scheme: https - -# The hostname at which Go-NEB is served. -matrix_bot_go_neb_hostname: '' - -# The path at which Go-NEB is exposed. -# This value must either be `/` or not end with a slash (e.g. `/go-neb`). -matrix_bot_go_neb_path_prefix: / - -matrix_bot_go_neb_base_url: "{{ matrix_bot_go_neb_scheme }}://{{ matrix_bot_go_neb_hostname }}{{ matrix_bot_go_neb_path_prefix }}{{ '' if matrix_bot_go_neb_path_prefix == '/' else '/' }}" - -matrix_bot_go_neb_base_path: "{{ matrix_base_data_path }}/go-neb" -matrix_bot_go_neb_config_path: "{{ matrix_bot_go_neb_base_path }}/config" -matrix_bot_go_neb_config_path_in_container: "/config/config.yaml" -matrix_bot_go_neb_data_path: "{{ matrix_bot_go_neb_base_path }}/data" -matrix_bot_go_neb_data_store_path: "{{ matrix_bot_go_neb_data_path }}/store" - -matrix_bot_go_neb_container_image: "{{ matrix_bot_go_neb_container_image_registry_prefix }}matrixdotorg/go-neb:{{ matrix_bot_go_neb_container_image_tag }}" -matrix_bot_go_neb_container_image_tag: "{{ matrix_bot_go_neb_version }}" -matrix_bot_go_neb_container_image_force_pull: "{{ matrix_bot_go_neb_container_image.endswith(':latest') }}" -matrix_bot_go_neb_container_image_registry_prefix: "{{ matrix_bot_go_neb_container_image_registry_prefix_upstream }}" -matrix_bot_go_neb_container_image_registry_prefix_upstream: "{{ matrix_bot_go_neb_container_image_registry_prefix_upstream_default }}" -matrix_bot_go_neb_container_image_registry_prefix_upstream_default: "docker.io/" - -# The base container network. It will be auto-created by this role if it doesn't exist already. -matrix_bot_go_neb_container_network: matrix-bot-go-neb - -# A list of additional container networks that the container would be connected to. -# The role does not create these networks, so make sure they already exist. -# Use this to expose this container to another reverse proxy, which runs in a different container network. -matrix_bot_go_neb_container_additional_networks: [] - -# Controls whether the matrix-bot-go-neb container exposes its HTTP port (tcp/4050 in the container). -# -# Takes an ":" or "" value (e.g. "127.0.0.1:4050"), or empty string to not expose. -matrix_bot_go_neb_container_http_host_bind_port: '' - -# matrix_bot_go_neb_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. -# See `../templates/labels.j2` for details. -# -# To inject your own other container labels, see `matrix_bot_go_neb_container_labels_additional_labels`. -matrix_bot_go_neb_container_labels_traefik_enabled: true -matrix_bot_go_neb_container_labels_traefik_docker_network: "{{ matrix_bot_go_neb_container_network }}" -matrix_bot_go_neb_container_labels_traefik_hostname: "{{ matrix_bot_go_neb_hostname }}" -# The path prefix must either be `/` or not end with a slash (e.g. `/go-neb`). -matrix_bot_go_neb_container_labels_traefik_path_prefix: "{{ matrix_bot_go_neb_path_prefix }}" -matrix_bot_go_neb_container_labels_traefik_rule: "Host(`{{ matrix_bot_go_neb_container_labels_traefik_hostname }}`){% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ matrix_bot_go_neb_container_labels_traefik_path_prefix }}`){% endif %}" -matrix_bot_go_neb_container_labels_traefik_priority: 0 -matrix_bot_go_neb_container_labels_traefik_entrypoints: web-secure -matrix_bot_go_neb_container_labels_traefik_tls: "{{ matrix_bot_go_neb_container_labels_traefik_entrypoints != 'web' }}" -matrix_bot_go_neb_container_labels_traefik_tls_certResolver: default # noqa var-naming - -# Controls which additional headers to attach to all HTTP responses. -# To add your own headers, use `matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom` -matrix_bot_go_neb_container_labels_traefik_additional_response_headers: "{{ matrix_bot_go_neb_container_labels_traefik_additional_response_headers_auto | combine(matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom) }}" -matrix_bot_go_neb_container_labels_traefik_additional_response_headers_auto: | - {{ - {} - | combine ({'X-XSS-Protection': matrix_bot_go_neb_http_header_xss_protection} if matrix_bot_go_neb_http_header_xss_protection else {}) - | combine ({'X-Frame-Options': matrix_bot_go_neb_http_header_frame_options} if matrix_bot_go_neb_http_header_frame_options else {}) - | combine ({'X-Content-Type-Options': matrix_bot_go_neb_http_header_content_type_options} if matrix_bot_go_neb_http_header_content_type_options else {}) - | combine ({'Content-Security-Policy': matrix_bot_go_neb_http_header_content_security_policy} if matrix_bot_go_neb_http_header_content_security_policy else {}) - | combine ({'Permission-Policy': matrix_bot_go_neb_http_header_content_permission_policy} if matrix_bot_go_neb_http_header_content_permission_policy else {}) - | combine ({'Strict-Transport-Security': matrix_bot_go_neb_http_header_strict_transport_security} if matrix_bot_go_neb_http_header_strict_transport_security and matrix_bot_go_neb_container_labels_traefik_tls else {}) - }} -matrix_bot_go_neb_container_labels_traefik_additional_response_headers_custom: {} - -# matrix_bot_go_neb_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file. -# See `../templates/labels.j2` for details. -# -# Example: -# matrix_bot_go_neb_container_labels_additional_labels: | -# my.label=1 -# another.label="here" -matrix_bot_go_neb_container_labels_additional_labels: '' - -# A list of extra arguments to pass to the container -matrix_bot_go_neb_container_extra_arguments: [] - -# List of systemd services that matrix-bot-go-neb.service depends on -matrix_bot_go_neb_systemd_required_services_list: "{{ matrix_bot_go_neb_systemd_required_services_list_default + matrix_bot_go_neb_systemd_required_services_list_auto + matrix_bot_go_neb_systemd_required_services_list_custom }}" -matrix_bot_go_neb_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" -matrix_bot_go_neb_systemd_required_services_list_auto: [] -matrix_bot_go_neb_systemd_required_services_list_custom: [] - -# List of systemd services that matrix-bot-go-neb.service wants -matrix_bot_go_neb_systemd_wanted_services_list: [] - -# Specifies the value of the `X-XSS-Protection` header -# Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. -# -# Learn more about it is here: -# - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection -# - https://portswigger.net/web-security/cross-site-scripting/reflected -matrix_bot_go_neb_http_header_xss_protection: "1; mode=block" - -# Specifies the value of the `X-Frame-Options` header which controls whether framing can happen. -# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options -matrix_bot_go_neb_http_header_frame_options: SAMEORIGIN - -# Specifies the value of the `X-Content-Type-Options` header. -# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options -matrix_bot_go_neb_http_header_content_type_options: nosniff - -# Specifies the value of the `Content-Security-Policy` header. -# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy -matrix_bot_go_neb_http_header_content_security_policy: frame-ancestors 'self' - -# Specifies the value of the `Permission-Policy` header. -# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy -matrix_bot_go_neb_http_header_content_permission_policy: "{{ 'interest-cohort=()' if matrix_bot_go_neb_floc_optout_enabled else '' }}" - -# Specifies the value of the `Strict-Transport-Security` header. -# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security -matrix_bot_go_neb_http_header_strict_transport_security: "max-age=31536000; includeSubDomains{{ '; preload' if matrix_bot_go_neb_hsts_preload_enabled else '' }}" - -# Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses -# -# Learn more about what it is here: -# - https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea -# - https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network -# - https://amifloced.org/ -# -# Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices. -# See: `matrix_bot_go_neb_content_permission_policy` -matrix_bot_go_neb_floc_optout_enabled: true - -# Controls if HSTS preloading is enabled -# -# In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and -# indicates a willingness to be "preloaded" into browsers: -# `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload` -# For more information visit: -# - https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security -# - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security -# - https://hstspreload.org/#opt-in -# See: `matrix_bot_go_neb_http_header_strict_transport_security` -matrix_bot_go_neb_hsts_preload_enabled: false - -# Database-related configuration fields. -# -# MUST be "sqlite3". No other type is supported. -matrix_bot_go_neb_database_engine: 'sqlite3' - -matrix_bot_go_neb_sqlite_database_path_local: "{{ matrix_bot_go_neb_data_path }}/bot.db" -matrix_bot_go_neb_sqlite_database_path_in_container: "/data/bot.db" - -matrix_bot_go_neb_storage_database: "{{ - { - 'sqlite3': (matrix_bot_go_neb_sqlite_database_path_in_container + '?_busy_timeout=5000'), - }[matrix_bot_go_neb_database_engine] -}}" - -# The bot's username(s). These users need to be created manually beforehand. -# The access tokens that the bot uses to authenticate. -# Generate one as described in -# https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-dimension.md#access-token -# via curl. With the Element method, you might run into decryption problems (see https://github.com/matrix-org/go-neb#quick-start) -matrix_bot_go_neb_clients: [] -# - UserID: "@goneb:{{ matrix_domain }}" -# AccessToken: "MDASDASJDIASDJASDAFGFRGER" -# DeviceID: "DEVICE1" -# HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}" -# Sync: true -# AutoJoinRooms: true -# DisplayName: "Go-NEB!" -# AcceptVerificationFromUsers: [":{{ matrix_domain }}"] -# -# - UserID: "@another_goneb:{{ matrix_domain }}" -# AccessToken: "MDASDASJDIASDJASDAFGFRGER" -# DeviceID: "DEVICE2" -# HomeserverURL: "{{ matrix_addons_homeserver_client_api_url }}" -# Sync: false -# AutoJoinRooms: false -# DisplayName: "Go-NEB!" -# AcceptVerificationFromUsers: ["^@admin:{{ matrix_domain }}"] - -# The list of realms which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureAuthRealm for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureAuthRealmRequest -matrix_bot_go_neb_realms: [] -# - ID: "github_realm" -# Type: "github" -# Config: {} # No need for client ID or Secret as Go-NEB isn't generating OAuth URLs - -# The list of *authenticated* sessions which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# The full list of options are shown below: there is no single HTTP endpoint -# which maps to this section. -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#Session -matrix_bot_go_neb_sessions: [] -# - SessionID: "your_github_session" -# RealmID: "github_realm" -# UserID: "@alice:{{ matrix_domain }}" # This needs to be the username of the person that's allowed to use the !github commands -# Config: -# # Populate these fields by generating a "Personal Access Token" on github.com -# AccessToken: "YOUR_GITHUB_ACCESS_TOKEN" -# Scopes: "admin:org_hook,admin:repo_hook,repo,user" - -# The list of services which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureService for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest -matrix_bot_go_neb_services: [] -# - ID: "echo_service" -# Type: "echo" -# UserID: "@goneb:{{ matrix_domain }}" -# Config: {} - -## Can be obtained from https://developers.giphy.com/dashboard/ -# - ID: "giphy_service" -# Type: "giphy" -# UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client -# Config: -# api_key: "qwg4672vsuyfsfe" -# use_downsized: false -# -## This service has been dead for over a year :/ -# - ID: "guggy_service" -# Type: "guggy" -# UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client -# Config: -# api_key: "2356saaqfhgfe" -# -## API Key via https://developers.google.com/custom-search/v1/introduction -## CX via http://www.google.com/cse/manage/all -## https://stackoverflow.com/questions/6562125/getting-a-cx-id-for-custom-search-google-api-python -## 'Search the entire web' and 'Image search' enabled for best results -# - ID: "google_service" -# Type: "google" -# UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client -# Config: -# api_key: "AIzaSyA4FD39m9" -# cx: "AIASDFWSRRtrtr" -# -## Get a key via https://api.imgur.com/oauth2/addclient -## Select "oauth2 without callback url" -# - ID: "imgur_service" -# Type: "imgur" -# UserID: "@imgur:{{ matrix_domain }}" # requires a Syncing client -# Config: -# client_id: "AIzaSyA4FD39m9" -# client_secret: "somesecret" -# -# - ID: "wikipedia_service" -# Type: "wikipedia" -# UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client -# Config: -# -# - ID: "rss_service" -# Type: "rssbot" -# UserID: "@another_goneb:{{ matrix_domain }}" -# Config: -# feeds: -# "http://lorem-rss.herokuapp.com/feed?unit=second&interval=60": -# rooms: ["!qporfwt:localhost"] -# must_include: -# author: -# - author1 -# description: -# - lorem -# - ipsum -# must_not_include: -# title: -# - Lorem -# - Ipsum -# -# - ID: "github_cmd_service" -# Type: "github" -# UserID: "@goneb:{{ matrix_domain }}" # requires a Syncing client -# Config: -# RealmID: "github_realm" -# -# # Make sure your BASE_URL can be accessed by Github! -# - ID: "github_webhook_service" -# Type: "github-webhook" -# UserID: "@another_goneb:{{ matrix_domain }}" -# Config: -# RealmID: "github_realm" -# ClientUserID: "@alice:{{ matrix_domain }}" # needs to be an authenticated user so Go-NEB can create webhooks. Check the UserID field in the github_realm in matrix_bot_go_neb_sessions. -# Rooms: -# "!qporfwt:example.com": -# Repos: -# "element-hq/synapse": -# Events: ["push", "issues"] -# "matrix-org/dendron": -# Events: ["pull_request"] -# "!aaabaa:example.com": -# Repos: -# "element-hq/synapse": -# Events: ["push", "issues"] -# "matrix-org/dendron": -# Events: ["pull_request"] -# -# - ID: "slackapi_service" -# Type: "slackapi" -# UserID: "@slackapi:{{ matrix_domain }}" -# Config: -# Hooks: -# "hook1": -# RoomID: "!qporfwt:example.com" -# MessageType: "m.text" # default is m.text -# -# - ID: "alertmanager_service" -# Type: "alertmanager" -# UserID: "@alertmanager:{{ matrix_domain }}" -# Config: -# # This is for information purposes only. It should point to Go-NEB path as follows: -# # `/services/hooks/` -# # Where in this case "service ID" is "alertmanager_service" -# # Make sure your BASE_URL can be accessed by the Alertmanager instance! -# webhook_url: "http://localhost/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U" -# # Each room will get the notification with the alert rendered with the given template -# rooms: -# "!qporfwt:example.com": -# text_template: "{% raw %}{{range .Alerts -}} [{{ .Status }}] {{index .Labels \"alertname\"}}: {{index .Annotations \"description\"}} {{ end -}}{% endraw %}" -# html_template: "{% raw %}{{range .Alerts -}} {{ $severity := index .Labels \"severity\"}} {{ if eq .Status \"firing\"}} {{ if eq $severity \"critical\"}} [FIRING - CRITICAL] {{ else if eq $severity \"warning\"}} [FIRING - WARNING] {{ else }} [FIRING - {{ $severity }}] {{ end }} {{ else }} [RESOLVED] {{ end }} {{ index .Labels \"alertname\"}} : {{ index .Annotations \"description\"}} source
{{end -}}{% endraw %}" -# msg_type: "m.text" # Must be either `m.text` or `m.notice` - -# Default configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -# -# For a more advanced customization, you can extend the default (see `matrix_bot_go_neb_configuration_extension_yaml`) -# or completely replace this variable with your own template. -matrix_bot_go_neb_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" - -matrix_bot_go_neb_configuration_extension_yaml: | - # Your custom YAML configuration goes here. - # This configuration extends the default starting configuration (`matrix_bot_go_neb_configuration_yaml`). - # - # You can override individual variables from the default configuration, or introduce new ones. - # - # If you need something more special, you can take full control by - # completely redefining `matrix_bot_go_neb_configuration_yaml`. - -matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_extension_yaml | from_yaml if matrix_bot_go_neb_configuration_extension_yaml | from_yaml is mapping else {} }}" - -# Holds the final configuration (a combination of the default and its extension). -# You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`. -matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml | from_yaml | combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}" diff --git a/roles/custom/matrix-bot-go-neb/tasks/install.yml b/roles/custom/matrix-bot-go-neb/tasks/install.yml deleted file mode 100644 index 54cdec68069..00000000000 --- a/roles/custom/matrix-bot-go-neb/tasks/install.yml +++ /dev/null @@ -1,67 +0,0 @@ -# SPDX-FileCopyrightText: 2021 Yannick Goossens -# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev -# SPDX-FileCopyrightText: 2022 Jim Myhrberg -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Nikita Chernyi -# SPDX-FileCopyrightText: 2022 Sebastian Gumprich -# SPDX-FileCopyrightText: 2024 David Mehren -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Ensure go-neb paths exist - ansible.builtin.file: - path: "{{ item.path }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - with_items: - - {path: "{{ matrix_bot_go_neb_config_path }}", when: true} - - {path: "{{ matrix_bot_go_neb_data_path }}", when: true} - - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true} - when: "item.when | bool" - -- name: Ensure go-neb config installed - ansible.builtin.copy: - content: "{{ matrix_bot_go_neb_configuration | to_nice_yaml(indent=2, width=999999) }}" - dest: "{{ matrix_bot_go_neb_config_path }}/config.yaml" - mode: 0644 - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - -- name: Ensure go-neb support files installed - ansible.builtin.template: - src: "{{ role_path }}/templates/{{ item }}.j2" - dest: "{{ matrix_bot_go_neb_base_path }}/{{ item }}" - mode: 0640 - owner: "{{ matrix_user_name }}" - group: "{{ matrix_group_name }}" - with_items: - - env - - labels - -- name: Ensure go-neb container image is pulled - community.docker.docker_image: - name: "{{ matrix_bot_go_neb_container_image }}" - source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_bot_go_neb_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_go_neb_container_image_force_pull }}" - register: result - retries: "{{ devture_playbook_help_container_retries_count }}" - delay: "{{ devture_playbook_help_container_retries_delay }}" - until: result is not failed - -- name: Ensure go-neb container network is created - community.general.docker_network: - enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}" - name: "{{ matrix_bot_go_neb_container_network }}" - driver: bridge - driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}" - -- name: Ensure matrix-bot-go-neb.service installed - ansible.builtin.template: - src: "{{ role_path }}/templates/systemd/matrix-bot-go-neb.service.j2" - dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" - mode: 0644 diff --git a/roles/custom/matrix-bot-go-neb/tasks/main.yml b/roles/custom/matrix-bot-go-neb/tasks/main.yml deleted file mode 100644 index 09cf4bb84ba..00000000000 --- a/roles/custom/matrix-bot-go-neb/tasks/main.yml +++ /dev/null @@ -1,26 +0,0 @@ -# SPDX-FileCopyrightText: 2021 Yannick Goossens -# SPDX-FileCopyrightText: 2022 - 2023 Slavi Pantaleev -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- tags: - - setup-all - - setup-bot-go-neb - - install-all - - install-bot-go-neb - block: - - ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup | bool and matrix_bot_go_neb_enabled | bool" - - - ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml" - when: "run_setup | bool and matrix_bot_go_neb_enabled | bool" - -- tags: - - setup-all - - setup-bot-go-neb - block: - - ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml" - when: "run_setup | bool and not matrix_bot_go_neb_enabled | bool" diff --git a/roles/custom/matrix-bot-go-neb/tasks/uninstall.yml b/roles/custom/matrix-bot-go-neb/tasks/uninstall.yml deleted file mode 100644 index ad862821d6c..00000000000 --- a/roles/custom/matrix-bot-go-neb/tasks/uninstall.yml +++ /dev/null @@ -1,32 +0,0 @@ -# SPDX-FileCopyrightText: 2021 - 2023 Slavi Pantaleev -# SPDX-FileCopyrightText: 2021 Yannick Goossens -# SPDX-FileCopyrightText: 2022 Marko Weltzer -# SPDX-FileCopyrightText: 2022 Sebastian Gumprich -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Check existence of matrix-go-neb service - ansible.builtin.stat: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" - register: matrix_bot_go_neb_service_stat - -- when: matrix_bot_go_neb_service_stat.stat.exists | bool - block: - - name: Ensure matrix-go-neb is stopped - ansible.builtin.service: - name: matrix-bot-go-neb - state: stopped - enabled: false - daemon_reload: true - - - name: Ensure matrix-bot-go-neb.service doesn't exist - ansible.builtin.file: - path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" - state: absent - - - name: Ensure Matrix go-neb paths don't exist - ansible.builtin.file: - path: "{{ matrix_bot_go_neb_base_path }}" - state: absent diff --git a/roles/custom/matrix-bot-go-neb/tasks/validate_config.yml b/roles/custom/matrix-bot-go-neb/tasks/validate_config.yml deleted file mode 100644 index ead635626ca..00000000000 --- a/roles/custom/matrix-bot-go-neb/tasks/validate_config.yml +++ /dev/null @@ -1,18 +0,0 @@ -# SPDX-FileCopyrightText: 2021 Yannick Goossens -# SPDX-FileCopyrightText: 2022 Slavi Pantaleev -# -# SPDX-License-Identifier: AGPL-3.0-or-later - ---- - -- name: Fail if there's not at least 1 client - ansible.builtin.fail: - msg: >- - You need at least 1 client in the matrix_bot_go_neb_clients block. - when: matrix_bot_go_neb_clients is not defined or matrix_bot_go_neb_clients[0] is not defined - -- name: Fail if there's not at least 1 service - ansible.builtin.fail: - msg: >- - You need at least 1 service in the matrix_bot_go_neb_services block. - when: matrix_bot_go_neb_services is not defined or matrix_bot_go_neb_services[0] is not defined diff --git a/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 b/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 deleted file mode 100644 index c72dbf8df6d..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 +++ /dev/null @@ -1,44 +0,0 @@ -# Go-NEB Configuration File -# -# This file provides an alternative way to configure Go-NEB which does not involve HTTP APIs. -# -# This file can be supplied to go-neb by the environment variable `CONFIG_FILE=config.yaml`. -# It will force Go-NEB to operate in "config" mode. This means: -# - Go-NEB will ONLY use the data contained inside this file. -# - All of Go-NEB's /admin HTTP listeners will be disabled. You will be unable to add new services at runtime. -# - The environment variable `DATABASE_URL` will be ignored and an in-memory database will be used instead. -# -# This file is broken down into 4 sections which matches the following HTTP APIs: -# - /configureClient -# - /configureAuthRealm -# - /configureService -# - /requestAuthSession (redirects not supported) - -# The list of clients which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureClient for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ClientConfig -clients: - {{ matrix_bot_go_neb_clients|to_json }} - -# The list of realms which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureAuthRealm for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureAuthRealmRequest -realms: - {{ matrix_bot_go_neb_realms|to_json }} - -# The list of *authenticated* sessions which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# The full list of options are shown below: there is no single HTTP endpoint -# which maps to this section. -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#Session -sessions: - {{ matrix_bot_go_neb_sessions|to_json }} - -# The list of services which Go-NEB is aware of. -# Delete or modify this list as appropriate. -# See the docs for /configureService for the full list of options: -# https://matrix-org.github.io/go-neb/pkg/github.com/matrix-org/go-neb/api/index.html#ConfigureServiceRequest -services: - {{ matrix_bot_go_neb_services|to_json }} diff --git a/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2.license b/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2.license deleted file mode 100644 index c74bd679c68..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2.license +++ /dev/null @@ -1,4 +0,0 @@ -SPDX-FileCopyrightText: 2021 Yannick Goossens -SPDX-FileCopyrightText: 2022 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/roles/custom/matrix-bot-go-neb/templates/env.j2 b/roles/custom/matrix-bot-go-neb/templates/env.j2 deleted file mode 100644 index 7fd62d5d7f7..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/env.j2 +++ /dev/null @@ -1,14 +0,0 @@ -{# -SPDX-FileCopyrightText: 2023 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later -#} - -BIND_ADDRESS=:4050 - -DATABASE_TYPE={{ matrix_bot_go_neb_database_engine }} -DATABASE_URL={{ matrix_bot_go_neb_storage_database }} - -BASE_URL={{ matrix_bot_go_neb_base_url }} - -CONFIG_FILE={{ matrix_bot_go_neb_config_path_in_container }} diff --git a/roles/custom/matrix-bot-go-neb/templates/labels.j2 b/roles/custom/matrix-bot-go-neb/templates/labels.j2 deleted file mode 100644 index 4f8d1867098..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/labels.j2 +++ /dev/null @@ -1,52 +0,0 @@ -{# -SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later -#} - -{% if matrix_bot_go_neb_container_labels_traefik_enabled %} -traefik.enable=true - -{% if matrix_bot_go_neb_container_labels_traefik_docker_network %} -traefik.docker.network={{ matrix_bot_go_neb_container_labels_traefik_docker_network }} -{% endif %} - -traefik.http.services.matrix-bot-go-neb.loadbalancer.server.port=4050 - -{% set middlewares = [] %} - -{% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %} -traefik.http.middlewares.matrix-bot-go-neb-slashless-redirect.redirectregex.regex=({{ matrix_bot_go_neb_container_labels_traefik_path_prefix | quote }})$ -traefik.http.middlewares.matrix-bot-go-neb-slashless-redirect.redirectregex.replacement=${1}/ -{% set middlewares = middlewares + ['matrix-bot-go-neb-slashless-redirect'] %} -{% endif %} - -{% if matrix_bot_go_neb_container_labels_traefik_path_prefix != '/' %} -traefik.http.middlewares.matrix-bot-go-neb-strip-prefix.stripprefix.prefixes={{ matrix_bot_go_neb_container_labels_traefik_path_prefix }} -{% set middlewares = middlewares + ['matrix-bot-go-neb-strip-prefix'] %} -{% endif %} - -{% if matrix_bot_go_neb_container_labels_traefik_additional_response_headers.keys() | length > 0 %} -{% for name, value in matrix_bot_go_neb_container_labels_traefik_additional_response_headers.items() %} -traefik.http.middlewares.matrix-bot-go-neb-add-headers.headers.customresponseheaders.{{ name }}={{ value }} -{% endfor %} -{% set middlewares = middlewares + ['matrix-bot-go-neb-add-headers'] %} -{% endif %} - -traefik.http.routers.matrix-bot-go-neb.rule={{ matrix_bot_go_neb_container_labels_traefik_rule }} -{% if matrix_bot_go_neb_container_labels_traefik_priority | int > 0 %} -traefik.http.routers.matrix-bot-go-neb.priority={{ matrix_bot_go_neb_container_labels_traefik_priority }} -{% endif %} -traefik.http.routers.matrix-bot-go-neb.service=matrix-bot-go-neb -{% if middlewares | length > 0 %} -traefik.http.routers.matrix-bot-go-neb.middlewares={{ middlewares | join(',') }} -{% endif %} -traefik.http.routers.matrix-bot-go-neb.entrypoints={{ matrix_bot_go_neb_container_labels_traefik_entrypoints }} -traefik.http.routers.matrix-bot-go-neb.tls={{ matrix_bot_go_neb_container_labels_traefik_tls | to_json }} -{% if matrix_bot_go_neb_container_labels_traefik_tls %} -traefik.http.routers.matrix-bot-go-neb.tls.certResolver={{ matrix_bot_go_neb_container_labels_traefik_tls_certResolver }} -{% endif %} - -{% endif %} - -{{ matrix_bot_go_neb_container_labels_additional_labels }} diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 deleted file mode 100644 index d27909e4bfa..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ /dev/null @@ -1,55 +0,0 @@ -#jinja2: lstrip_blocks: True -[Unit] -Description=Matrix Go-NEB bot -{% for service in matrix_bot_go_neb_systemd_required_services_list %} -Requires={{ service }} -After={{ service }} -{% endfor %} -{% for service in matrix_bot_go_neb_systemd_wanted_services_list %} -Wants={{ service }} -{% endfor %} -DefaultDependencies=no - -[Service] -Type=simple -Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-go-neb 2>/dev/null || true' -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' - -ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ - --rm \ - --name=matrix-bot-go-neb \ - --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --cap-drop=ALL \ - --read-only \ - --network={{ matrix_bot_go_neb_container_network }} \ - {% if matrix_bot_go_neb_container_http_host_bind_port %} - -p {{ matrix_bot_go_neb_container_http_host_bind_port }}:4050 \ - {% endif %} - --env-file={{ matrix_bot_go_neb_base_path }}/env \ - --label-file={{ matrix_bot_go_neb_base_path }}/labels \ - --mount type=bind,src={{ matrix_bot_go_neb_config_path }},dst=/config,ro \ - --mount type=bind,src={{ matrix_bot_go_neb_data_path }},dst=/data \ - --entrypoint=/bin/sh \ - {% for arg in matrix_bot_go_neb_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - {{ matrix_bot_go_neb_container_image }} \ - -c "go-neb /config/config.yaml" - -{% for network in matrix_bot_go_neb_container_additional_networks %} -ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-go-neb -{% endfor %} - -ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-go-neb - -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-go-neb 2>/dev/null || true' -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' - -Restart=always -RestartSec=30 -SyslogIdentifier=matrix-bot-go-neb - -[Install] -WantedBy=multi-user.target diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2.license b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2.license deleted file mode 100644 index 99d44ac5bf0..00000000000 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2.license +++ /dev/null @@ -1,4 +0,0 @@ -SPDX-FileCopyrightText: 2021 Yannick Goossens -SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev - -SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index bee7e89e482..0a943c28691 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -534,6 +534,18 @@ The following variables in your configuration need to be renamed: {{ lookup('ansible.builtin.varnames', '^devture_container_socket_proxy_.+', wantlist=True) | join(', ') }} when: "lookup('ansible.builtin.varnames', '^devture_container_socket_proxy_.+', wantlist=True) | length > 0" +- name: (Deprecation) Catch and report Go-NEB variables + ansible.builtin.fail: + msg: |- + Go-NEB was completely removed from the playbook in November 2025. + + Please remove all `matrix_bot_go_neb_*` variables from your configuration file (vars.yml). + + You may also wish to uninstall the bot manually. See `docs/configuring-playbook-bot-go-neb.md` for more information. + + The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_bot_go_neb_.+', wantlist=True) | join(', ') }} + when: "lookup('ansible.builtin.varnames', '^matrix_bot_go_neb_.+', wantlist=True) | length > 0" + - name: (Deprecation) Catch and report matrix-appservice-webhooks variables ansible.builtin.fail: msg: |- diff --git a/setup.yml b/setup.yml index e89b40ef34a..669e3ed7cc2 100644 --- a/setup.yml +++ b/setup.yml @@ -88,7 +88,6 @@ - custom/matrix-bot-buscarron - custom/matrix-bot-baibot - custom/matrix-bot-honoroit - - custom/matrix-bot-go-neb - custom/matrix-bot-mjolnir - custom/matrix-bot-draupnir - custom/matrix-cactus-comments