add facebook bridge

This commit is contained in:
histausse 2021-09-04 15:35:51 +02:00
parent f322008b52
commit 3fa19762bb
Signed by: histausse
GPG key ID: 67486F107F62E9E9
7 changed files with 464 additions and 58 deletions

View file

@ -8,10 +8,27 @@ matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }
matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}" matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}"
matrix_form_secret: "{{ vault_matrix_form_secret }}" matrix_form_secret: "{{ vault_matrix_form_secret }}"
matrix_apps_services:
- discord
- facebook
# bridge discord # bridge discord
matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}" matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}"
matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}" matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}"
matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}" matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}"
# bridge facebook
matrix_bridge_facebook_postgre_user_pwd: "{{ vault_matrix_bridge_facebook_postgre_user_pwd }}"
# Those values are generated by the bridge the first time the bridge is launched.
# we copied the values generated from our test config
matrix_bridge_facebook_integration_manager_shared_secret: "{{ vault_matrix_bridge_facebook_integration_manager_shared_secret }}"
matrix_bridge_facebook_as_token: "{{ vault_matrix_bridge_facebook_as_token }}"
matrix_bridge_facebook_hs_token: "{{ vault_matrix_bridge_facebook_hs_token }}"
matrix_bridge_facebook_admins:
- g33kex
- histausse
matrix_bridge_facebook_allowed_external_user:
- @dorianx:matrix.rezel.net
# Not configured for now # Not configured for now
matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push

View file

@ -1,58 +1,81 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
61343336343933626337616232353062353031343430323665613263313335643266646330613461 38386365383032383336346430353334613639636464383235646565306161323463363466383934
3333333934383932383835383363613632393366643133660a383337376364316266393534663734 3636386138346634386634373266643937356339373734370a366435343137643330393939353664
37623162663539353561373136396134306664353734383830636135613866326633663738626337 39386432396430306339326435323862373135323263663139373032646136333064373365313161
6234306163663336300a326130326561643361663665336266383265363166353536383066316466 6130343436313762620a633064326538393135626536343062383862366536646239656133366133
61623638336435386561613862393938373864366164613830653039623166333330633464656631 38616531393837313365643734303062353030333763303132646231376363386239336631643231
35383862346466646535633764633835653035383661393036366432323232323165333839656438 38303230643135653238333132633739363333656534643765623836333936363062613132316339
36363762653438343361376632373361376664613033333232613262353466303839343939373837 31646365623030343433623264633665353432623839393638643039653561623361366630393631
31396132643530363062333763386664393230623264656362343563616564653963666239353632 38333636316432323165316261323337306238633237653733376539323136663231376462623035
37393531316262613232613238613365383334386464386134393536363833366237393230343663 30336463353738373061346431333435626362383134306661343562633437656462333430653663
65653333383661653938653235303631666538376234653338366131646233613062376662306563 30396231336336353535373337343434366536333865623065653238333637383332613338613361
37343066656338643962616365656466363833313432373338316237636234346336373836366237 61653566303962626534636530313238363662316163336532353738313962623835343032643930
61393239313234376133343739303936383830313661633638383266643032333332356463343335 37333864366539363131333538643963353531663132353964306263316437323866666664633435
61313365643139333462643735643962323636306335366336333931333234663733313663623963 39636663383831393534623639343839343931363834383839363837623636643838623536396563
36303434353366333266323261613031623466663962316236643661356437383666373362303335 35396663326661386532303238353461636435366564366534393162663834363539363335393336
33353236616233643432623264666466643430623333383232626330343366326238336263336232 62636465666665643165653130326437393162616433386637613430623466666364333334663132
38646434363735663637656666656635336661613664316262643738666663626565383661366338 35356364646263653131363863303532633562306661636530313766636262386361623630326633
32356561333764626264653637623032343262396637616164396633653935366139313235663537 62653866383864366666663963643138363264363965346538306135386633626439313961623735
65636635393062396331626239366665633963316461643239386230333736643337353461623636 62363864373266333038333430613535633636343631316439353837376331666336326432663135
32386433643765613733396534613032333465613831373932626234646363313837613033303734 33356630353862386166306536643538643163346532663439303764396565323661373136366133
36326261336665646462316664333733336634613636666334326234326637666365383164336535 32373765376331323431386464396137666431613365363866323438663062386365326131616264
31646464343363383134393862343564666337303433663038633139646433326531353563326133 39616632613565323238323133343061303433653539653833653264383165333364323239643466
64623764653961626338316264316163353234373464393166336662363965646538333937653635 32613731393065323066396563363530393264323930653839396438356164356333333137656236
66623265366661396535646339326139666666613137313634363830376438616337313738633665 31346133343336666337633637613064666533613631313335616637653735363462663864636330
37623339393831346564626137386539353134656535623366346237383562653833623066386535 63646163383337323933323664303961346461613065356332383531333336326632316634656231
65616130303235373832346433346130626137333165663363383634383066646138643664303336 64346565363636363066646533303238633465653830613264663963326630366564336330343236
32373534653563646534313635626163386634333737633837373734613639613564346238643464 32623438306238396166666539363539646137643363666332366563663231326632363230666465
39326335626438373739323965313431636664376664666364376235386638653832623033343366 36656662313335656462386463366432656230616232663637303235646664343066363563666261
64633665396137326439373466393531643634306365373430613166346262373962656665303465 32393536666265663038353439623536633363386335326138383565643337353031356432396339
63626239363163313234366231363561383533376131383861666237366562646662366231396139 31323464353338326237646263366262346265643363343761313436396332646237346339346333
63386333373139313065396132383637646535313538323865666437363738346264323534656537 66323636336537303839653962306531643762366230303963636535633537613062366236613131
66393164336632396462343736356666383730396339616134636236613435646235646665643638 39376162363134376135656463626366343537626438656362343838323435316266656637636161
64653963386166666237666561666464366433373135626131316134626634323638303839373839 38623134386532383862303234666338306234646538623464613362623331396339613931653262
31353461356139643965313634323664313036363737313264636462336636646365656463376166 62633364363230353666343562343661316431333664646161616632643736646664396532303633
37386637663066663932643865643632306565396235636335643564636633383139303263353762 62336233316435626230386565383264313062646637313234626135626566343932343563653130
63366639303837313531373933373935333665346136613063346534306562323539616433383032 38313137306331636436633536396539373032393135393336303731633030393139616136366536
61363633643434343635623631303335383664636632626661333930313534323662313163336364 31633936613663303837306632643730613062663262616239343263636463386230313336363237
66376363386532353664633831663834303066333634313265373736633233336638306239343838 31626531303639666464376335366135623063343266663265393635316338306633363561376234
61323963373063386462316239666465333063323462623233353834383664323265303637343061 63653039313532376230626533353136666262663761376432633763636131653162386131366366
34303236663965363865643061646361333463343362366464353533343662636432383165333634 36396534303230353133306331626539623832323462393237633233393865363864656531646632
64336435393464313339366235636464643962353836643266343762313230663766646331666439 36613137366262393163386465656233373365636437616133393862663632636131393563613763
33643031626435383237663436636638373038616432646332646364626261656435633661373733 62376133356430303838386634363963653865336138303831636164626538633066316637643732
62393934313534306662353738336535373361616263343231653636666632353731316563346633 30363561393862623037616232653135663765336134383037346439373335393466646530616166
36383036323731363432623134636138326138653561646462326635623865383862666433653666 33646462313463346535346236363830643130313632366162633866373362653162623035306366
61316562383666383864336136336538343935616237323137366131383737616431356562316232 39623734306636356135393965646534313961306632623531303830343564393361343464653961
65633835343536303535623962323735616664616562323561626363656138353433633139643638 31623562396435616466653232623163393161336434623631313233353736303834333935626138
65373939393130663532383665333163353465396565363030623061303265623731616431373334 35613764633564313961316236623265353037636635656331363937356363323630646537393335
61366434616363366563306234633464303438373463356566643363626531316439643536396335 36396632383865336639393033653738323739396236383535333332396361306131303864616130
61656261393561333837323632653430353064376163626338346434373137306636613366643464 33613762643438393261353335383565316231623963386536653334666634623136343833613137
61666337393633666436353731643761373963623265653464323262613935613334646334373539 37396261623035353038636337323536346334613837343935386132656338633335643265616138
35646265366166323765643136343262636337333138376135326534633766316664643165303236 36663937376231333233646466633162346630653532336536373262313337373261656130643632
34336462303863353433626161326431353165666566393235663362616366643538643063306662 66613534363130313230323665613163356366386664653436363132356664306231356135383266
39623033383966616131613635623133613261363238656332353231343337396265353139353132 66376336323062323863616434323465356439343434646531373365313039303639343735323836
66323764326434363535633261653430353061336266353263386538646634346562343036663531 35613234343563356162326466366638343439333464656434643332663432393730643130623032
37356535663932306162323837633635356637663536663334653830643539316461373832663966 65663237333338323939616565333738306634383038643630376164306530623733623933333064
31353637346632613137373436313438376232663538656434643465636366336437306434316363 62623131323736643832616334383338383634393664653338663436626434306631643966613031
34313463663739383666383032323239366464653533383665663634316662633932313934356466 33616362313039666130613538306561343135626235343765396335396339373630373135313832
63343566383034653863623964343539656231663238393564373936383564663565 38383062366262663832343563613334623336343639316435386664353636643162636634653535
39623039643336393733626634363466353437353533373764313565653766663630386234626661
61393161383565386131636563323038373236663861363339333361646464613836623139366435
35363463623431343634653565363066623464653961313661343963363464386361306137393763
64616135633935393566356561363038613134363964356136643734366232366166643564653264
36613066366266646434323862643735643333613163666334363337643263626639623433663733
39383562363531656433633033313961303837643765626530383665316433353634396463333662
38353936633034636461303863356564653939393239316538663838643336346331363230616630
62353237353733326132646138373737306135653634383032363433663063613430373935653131
38646664393133363365303130623532373438313831643230396431363333386463643031653262
64396261303235326530636565353764316236643466623666623165383536333565633064333262
37316237643863626561613036303061346265613730626137316136623338626564666464333862
35393831656533616365316334633538626166616263306636313231313234306532636633646665
33336138333632396530333363613866376535316430656134613339626262666133666264376439
64303964633165333161613663343438393539643839366331303563613436613730383837356165
32363231653233346438313262393462313135636566343063626436326166373866356434656561
65386562666331316232336463373336623733393161666430616165306238616531306266626363
66636234333231666637616163353361306331393562393938353733303139393930633965373638
36336266343231366662643134613662643037373638316362653030383866373636386339346466
64396639353266316264653264343036616634343964646237363036313937323833633863316231
35363964393863346132373830383032646536356261616265353439316637396563336536373363
37313936393662353665653134613535393865333362636262656439326331336366303139653034
35626566333965616162663465613335316462326130396330383236396133383039636335343565
65386630653033376163

View file

@ -0,0 +1,5 @@
---
- name: Restart the facebook bridge
systemd:
name: bridge_facebook
state: restarted

View file

@ -0,0 +1,82 @@
---
- name: Setup postgres
include_role:
name: postgre
vars:
postgres_users:
- name: bridge_facebook_user
password: "{{ matrix_bridge_facebook_postgre_user_pwd }}"
databases:
- name: bridge_facebook
owner: bridge_facebook_user
local: C
template: template0
no_log: true
- name: Install dependencies
apt:
name:
- python3
- python3-virtualenv
- python3-pip
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Create the mautrix-facebook user
user:
name: mautrix-facebook
home: /opt/mautrix-facebook
password_lock: yes
system: yes
- name: Install bridge
become: yes
become_user: mautrix-facebook
pip:
chdir: /opt/mautrix-facebook # is it really needed?
name: mautrix-facebook[animated_stickers]
virtualenv: /opt/mautrix-facebook
virtualenv_command: virtualenv
virtualenv_python: /usr/bin/python3
- name: Configure the bridge
template:
src: config.yaml
dest: /opt/mautrix-facebook/config.yaml
owner: mautrix-facebook
group: nogroup
mode: '0600'
notify: Restart the facebook bridge
no_log: true
- name: Generate facebook-registration.yaml
shell:
cmd: "/opt/mautrix-facebook/bin/python -m mautrix_facebook -g"
chdir: /opt/mautrix-facebook
creates: /opt/mautrix-facebook/registration.yaml
notify: Restart synapse
no_log: true
- name: Copy config for synapse
become: yes
become_user: mautrix-facebook
file:
src: /opt/mautrix-facebook/registration.yaml
dest: /etc/matrix-synapse/facebook-registration.yaml
state: link
- name: Copy the daemon configuration
template:
src: bridge_facebook.service
dest: /etc/systemd/system/bridge_facebook.service
notify: Restart the facebook bridge
- name: Enable the daemon
systemd:
name: bridge_facebook
state: started
enabled: yes

View file

@ -0,0 +1,12 @@
{{ ansible_managed | comment }}
[Unit]
Description=mautrix-facebook bridge
[Service]
WorkingDirectory=~
ExecStart=/opt/mautrix-facebook/bin/python -m mautrix_facebook
User=mautrix-facebook
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,265 @@
{{ ansible_managed | comment }}
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: "https://{{ matrix_server_name }}"
# The domain of the homeserver (for MXIDs, etc).
domain: "{{ matrix_server_name }}"
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Whether or not the homeserver supports asmux-specific endpoints,
# such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
# updating m.direct.
asmux: false
# Number of retries for all HTTP requests if the homeserver isn't reachable.
http_retry_count: 4
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's Facebook MQTT connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint:
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://localhost:29319
# The hostname and port where this appservice should listen.
hostname: localhost
port: 29319
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
database: postgres://bridge_facebook_user:{{ matrix_bridge_facebook_postgre_user_pwd }}@localhost/bridge_facebook
# Additional arguments for asyncpg.create_pool()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
database_opts:
min_size: 5
max_size: 10
# Public part of web server for out-of-Matrix interaction with the bridge.
public:
# Whether or not the public-facing endpoints should be enabled.
enabled: false
# The prefix to use in the public-facing endpoints.
prefix: /public
# The base URL where the public-facing endpoints are available. The prefix is not added
# implicitly.
external:
# Shared secret for integration managers such as mautrix-manager.
# If set to "generate", a random string will be generated on the next startup.
# If null, integration manager access to the API will not be possible.
shared_secret: {{ matrix_bridge_facebook_integration_manager_shared_secret }}
# Allow logging in within Matrix. If false, users can only log in using the web interface.
allow_matrix_login: true
# The unique ID of this appservice.
id: facebook
# Username of the appservice bot.
bot_username: facebookbot
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Facebook bridge bot
bot_avatar: mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually. Example: "+facebook:example.com"
community_id:
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: {{ matrix_bridge_facebook_as_token }}
hs_token: {{ matrix_bridge_facebook_as_token }}
# Prometheus telemetry config. Requires prometheus-client to be installed.
metrics:
enabled: false
listen_port: 8000
# Bridge config
bridge:
# Localpart template of MXIDs for Facebook users.
# {userid} is replaced with the user ID of the Facebook user.
username_template: facebook_{userid}
# Localpart template for per-user room grouping community IDs.
# The bridge will create these communities and add all of the specific user's portals to the community.
# {localpart} is the MXID localpart and {server} is the MXID server part of the user.
# (Note that, by default, non-admins might not have your homeserver's permission to create
# communities. You should set `enable_group_creation: true` in homeserver.yaml to fix this.)
# `facebook_{localpart}={server}` is a good value.
community_template:
# Displayname template for Facebook users.
# {displayname} is replaced with the display name of the Facebook user
# as defined below in displayname_preference.
# Keys available for displayname_preference are also available here.
displayname_template: '{displayname} (FB)'
# Available keys:
# "name" (full name)
# "first_name"
# "last_name"
# "nickname"
# "own_nickname" (user-specific!)
displayname_preference:
- name
- first_name
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!fb'
# Number of chats to sync (and create portals for) on startup/login.
# Set 0 to disable automatic syncing.
initial_chat_sync: 20
# Whether or not the Facebook users of logged in Matrix users should be
# invited to private chats when the user sends a message from another client.
invite_own_puppet_to_pm: false
# Whether or not to use /sync to get presence, read receipts and typing notifications
# when double puppeting is enabled
sync_with_custom_puppets: true
# Whether or not to update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Servers to always allow double puppeting from
double_puppet_server_map:
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map:
# Whether or not to bridge presence in both directions. Facebook allows users not to broadcast
# presence, but then it won't send other users' presence to the client.
presence: true
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
# and login_shared_secret to be configured in order to get a device for the bridge bot.
#
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
# application service.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: false
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow: false
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Facebook.
delivery_receipts: false
# Whether to allow inviting arbitrary mxids to portal rooms
allow_invites: false
# Settings for backfilling messages from Facebook.
backfill:
# Whether or not the Facebook users of logged in Matrix users should be
# invited to private chats when backfilling history from Facebook. This is
# usually needed to prevent rate limits and to allow timestamp massaging.
invite_own_puppet: true
# Maximum number of messages to backfill initially.
# Set to 0 to disable backfilling when creating portal.
initial_limit: 0
# Maximum number of messages to backfill if messages were missed while
# the bridge was disconnected.
# Set to 0 to disable backfilling missed messages.
missed_limit: 1000
# If using double puppeting, should notifications be disabled
# while the initial backfill is in progress?
disable_notifications: false
periodic_reconnect:
# Interval in seconds in which to automatically reconnect all users.
# This can be used to automatically mitigate the bug where Facebook stops sending messages.
# Set to -1 to disable periodic reconnections entirely.
interval: -1
# What to do in periodic reconnects. Either "refresh" or "reconnect"
mode: refresh
# Should even disconnected users be reconnected?
always: false
# The number of seconds that a disconnection can last without triggering an automatic re-sync
# and missed message backfilling when reconnecting.
# Set to 0 to always re-sync, or -1 to never re-sync automatically.
resync_max_disconnected_time: 5
# Whether or not temporary disconnections should send notices to the notice room.
# If this is false, disconnections will never send messages and connections will only send
# messages if it was disconnected for more than resync_max_disconnected_time seconds.
temporary_disconnect_notices: true
# Disable bridge notices entirely
disable_bridge_notices: false
# Whether or not the bridge should try to "refresh" the connection if a normal reconnection
# attempt fails.
refresh_on_reconnection_fail: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# When using double puppeting, should muted chats be muted in Matrix?
mute_bridging: false
# Whether or not mute status and tags should only be bridged when the portal room is created.
tag_only_on_create: true
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
{{ matrix_server_name }}: user
{% for user in matrix_bridge_facebook_allowed_external_user %}
'{{ user }}': user
{% endfor %}
{% for admin in matrix_bridge_facebook_admins %}
'@{{ admin }}:{{ matrix_server_name }}': admin
{% endfor %}
logging:
version: 1
formatters:
colored:
(): mautrix_facebook.util.ColorFormatter
format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s'
normal:
format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s'
handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: ./mautrix-facebook.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: DEBUG
paho:
level: INFO
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [file, console]

View file

@ -1127,7 +1127,9 @@ room_prejoin_state:
# A list of application service config files to use # A list of application service config files to use
# #
app_service_config_files: app_service_config_files:
- "/etc/matrix-synapse/discord-registration.yaml" {% for app_service in matrix_apps_services %}
- "/etc/matrix-synapse/{{ app_service }}-registration.yaml"
{% endfor %}
# Uncomment to enable tracking of application service IP addresses. Implicitly # Uncomment to enable tracking of application service IP addresses. Implicitly
# enables MAU tracking for application service users. # enables MAU tracking for application service users.