From da24e6d9867069bcdbd3e5cba73a19bfcfda69ee Mon Sep 17 00:00:00 2001 From: nathanael-h <7300309+nathanael-h@users.noreply.github.com> Date: Tue, 19 Sep 2023 14:33:15 +0200 Subject: [PATCH] fix: update config.yaml to v0.4.3 template (#83) --- conf/config.yaml | 147 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 114 insertions(+), 33 deletions(-) diff --git a/conf/config.yaml b/conf/config.yaml index 666cdd7..7a311a7 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -2,15 +2,14 @@ homeserver: # The address that this appservice can use to connect to the homeserver. address: https://__DOMAIN__ - # The domain of the homeserver (for MXIDs, etc). + # The domain of the homeserver (also known as server_name, used for MXIDs, etc). domain: __SERVER_NAME__ # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true - # Whether or not the homeserver supports asmux-specific endpoints, - # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically - # updating m.direct. - asmux: false + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard # Number of retries for all HTTP requests if the homeserver isn't reachable. http_retry_count: 4 # The URL to push real-time bridge status to. @@ -21,7 +20,10 @@ homeserver: message_send_checkpoint_endpoint: null # Maximum number of simultaneous HTTP connections to the homeserver. connection_limit: 100 - + # Whether asynchronous uploads via MSC2246 should be enabled for media. + # Requires a media repo that supports MSC2246. + async_media: false + # Application service host/registration related details # Changing these values requires regeneration of the registration. appservice: @@ -39,7 +41,6 @@ appservice: max_body_size: 1 # The full URI to the database. SQLite and Postgres are supported. - # However, SQLite support is extremely experimental and should not be used. # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgres://username:password@hostname/dbname @@ -48,6 +49,7 @@ appservice: # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect # For sqlite, min_size is used as the connection thread pool size and max_size is ignored. + # Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs). database_opts: min_size: 5 max_size: 10 @@ -108,11 +110,11 @@ signal: # time of the messages will be determined by the first users to read the message, rather # than individually. If the bridge has a single user, this can be turned on safely. enable_disappearing_messages_in_groups: false - + # Bridge config bridge: # Localpart template of MXIDs for Signal users. - # {userid} is replaced with an identifier for the Signal user. + # {userid} is replaced with the UUID of the Signal user. username_template: "sg_{userid}" # Displayname template for Signal users. # {displayname} is replaced with the displayname of the Signal user, which is the first @@ -134,6 +136,9 @@ bridge: autocreate_group_portal: true # Whether or not to create portals for all contacts on login/connect. autocreate_contact_portal: false + # Whether or not to make portals of Signal groups in which joining via invite link does + # not need to be approved by an administrator publicly joinable on Matrix. + public_portals: false # Whether or not to use /sync to get read receipts and typing notifications # when double puppeting is enabled sync_with_custom_puppets: true @@ -141,12 +146,12 @@ bridge: # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. sync_direct_chat_list: false - # Servers to always allow double puppeting from, even if double_puppet_allow_discovery is false. - double_puppet_server_map: - example.com: https://example.com # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false - # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. + double_puppet_server_map: + example.com: https://example.com + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth # # If set, custom puppets will be enabled automatically for local users # instead of users having to find an access token and run `login-matrix` @@ -154,46 +159,104 @@ bridge: # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. login_shared_secret_map: - example.com: foobar + example.com: foo # Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. federate_rooms: true - # End-to-bridge encryption support options. You must install the e2be optional dependency for - # this to work. See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. encryption: # Allow encryption, work in group chat rooms with e2ee enabled allow: __ENCRYPTION__ # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. default: false - # Options for automatic key sharing. - key_sharing: - # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. - # You must use a client that supports requesting keys from other users to use this feature. - allow: false - # Require the requesting device to have a valid cross-signing signature? - # This doesn't require that the bridge has verified the device, only that the user has verified it. - # Not yet implemented. - require_cross_signing: false - # Require devices to be verified by the bridge? - # Verification by the bridge is not yet implemented. - require_verification: true - # Whether or not to explicitly set the avatar and room name for private - # chat portal rooms. This will be implicitly enabled if encryption.default is true. - private_chat_portal_meta: false + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default # Whether or not the bridge should send a read receipt from the bridge bot when a message has # been sent to Signal. This let's you check manually whether the bridge is receiving your # messages. # Note that this is not related to Signal delivery receipts. delivery_receipts: false - # Whether or not delivery errors should be reported as messages in the Matrix room. (not yet implemented) - delivery_error_reports: false + # Whether or not delivery errors should be reported as messages in the Matrix room. + delivery_error_reports: true + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. # This field will automatically be changed back to false after it, # except if the config file is not writable. resend_bridge_info: false # Interval at which to resync contacts (in seconds). periodic_sync: 0 + # Should leaving the room on Matrix make the user leave on Signal? + bridge_matrix_leave: true + # Should the bridge auto-create a group chat on Signal when a ghost is invited to a room? + # Requires the user to have sufficient power level and double puppeting enabled. + create_group_on_invite: true + hacky_contact_name_mixup_detection: false # Provisioning API part of the web server for automated portal creation and fetching information. # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). @@ -205,6 +268,13 @@ bridge: # The shared secret to authorize users of the API. # Set to "generate" to generate and save a new token. shared_secret: generate + # Segment API key to enable analytics tracking for web server + # endpoints. Set to null to disable. + # Currently the only events are login start, QR code scan, and login + # success/failure. + segment_key: null + # Optional user_id to use when sending Segment events. If null, defaults to using mxID. + segment_user_id: null # The prefix for commands. Only required in non-management rooms. command_prefix: "!sg" @@ -258,6 +328,17 @@ bridge: m.audio: '$sender_displayname sent an audio file' m.video: '$sender_displayname sent a video' m.location: '$sender_displayname sent a location' + # Specify a dedicated relay account. Must be a regular matrix account logged into this bridge + # and double puppeting working to auto-accept invites. When this user is invited to a room + # it will automatically be set as the relay user. May be overridden with `set-relay` or `unset-relay` + # relaybot: '@relaybot:example.com' + # Whether or not invites from non-logged-in users should be relayed + invite: true + + # Format for generating URLs from location messages for sending to Signal + # Google Maps: 'https://www.google.com/maps/place/{lat},{long}' + # OpenStreetMap: 'https://www.openstreetmap.org/?mlat={lat}&mlon={long}' + location_format: 'https://www.google.com/maps/place/{lat},{long}' # Python logging configuration. #