diff --git a/webserver/docker_matterbridge/tasks/main.yml b/webserver/docker_matterbridge/tasks/main.yml
index 258c02a10483fd0eba0c5497b22488f050e3e209..63f16a81a3ba3c7656c5d4fee6b1a4583adbc640 100644
--- a/webserver/docker_matterbridge/tasks/main.yml
+++ b/webserver/docker_matterbridge/tasks/main.yml
@@ -8,12 +8,16 @@
- name: get secrets from server 1
slurp: src={{ item }}
with_items:
- - /srv/matterbridge/secret/telegram_token
+ - /srv/matterbridge/secret/mattermost_pass_cwbot
+ - /srv/matterbridge/secret/telegram_token_cw
+ - /srv/matterbridge/secret/telegram_token_wz
register: matterbridge_secrets
- name: get secrets from server 2
set_fact:
- telegram_token: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/telegram_token') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
+ mattermost_pass_cwbot: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/mattermost_pass_cwbot') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
+ telegram_token_cw: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/telegram_token_cw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
+ telegram_token_wz: "{{ matterbridge_secrets.results | selectattr('item', 'equalto', '/srv/matterbridge/secret/telegram_token_wz') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
# Folder Structure
@@ -31,16 +35,19 @@
# Konfigurationsdateien erstellen
-- name: Konfig-Datei Matterbridge
+- name: Konfig-Dateien Matterbridge
template:
- src: "matterbridge.toml"
- dest: "/srv/matterbridge/etc/matterbridge.toml"
+ src: "{{item}}"
+ dest: "/srv/matterbridge/etc/{{item}}"
+ with_items:
+ - "matterbridge_cw.toml"
+ - "matterbridge_wz.toml"
-- name: Konfig-Datei erstellen
+- name: Konfig-Dateie erstellen
template:
src: "docker-compose.yml"
dest: "/srv/matterbridge/docker-compose.yml"
-
+
- name: start matterbridge docker
docker_service:
project_src: /srv/matterbridge/
diff --git a/webserver/docker_matterbridge/templates/docker-compose.yml b/webserver/docker_matterbridge/templates/docker-compose.yml
index 8076016c47766477be70de1f0fa2406f6c1ed8c6..53a68e898c8549d513c2ac0710a2730f8b25b546 100644
--- a/webserver/docker_matterbridge/templates/docker-compose.yml
+++ b/webserver/docker_matterbridge/templates/docker-compose.yml
@@ -3,12 +3,17 @@ version: "3"
services:
- app:
+ cw:
- image: 42wim/matterbridge:0.9.2
+ image: 42wim/matterbridge:1.10.1
restart: always
- ports:
- - 172.17.0.1:9999:9999
volumes:
- - /srv/matterbridge/etc/matterbridge.toml:/matterbridge.toml
+ - /srv/matterbridge/etc/matterbridge_cw.toml:/matterbridge.toml
+
+ wz:
+
+ image: 42wim/matterbridge:1.10.1
+ restart: always
+ volumes:
+ - /srv/matterbridge/etc/matterbridge_wz.toml:/matterbridge.toml
diff --git a/webserver/docker_matterbridge/templates/matterbridge_cw.toml b/webserver/docker_matterbridge/templates/matterbridge_cw.toml
new file mode 100644
index 0000000000000000000000000000000000000000..8317585edfe2657e8246166bf3225c95990c4a8d
--- /dev/null
+++ b/webserver/docker_matterbridge/templates/matterbridge_cw.toml
@@ -0,0 +1,323 @@
+
+###################################################################
+#IRC section
+###################################################################
+#REQUIRED to start IRC section
+[irc]
+
+#You can configure multiple servers "[irc.name]" or "[irc.name2]"
+#REQUIRED
+[irc.hackint]
+#irc server to connect to.
+#REQUIRED
+Server="irc.hackint.org:6667"
+
+#Password for irc server (if necessary)
+#OPTIONAL (default "")
+#Password=""
+
+#Enable to use TLS connection to your irc server.
+#OPTIONAL (default false)
+UseTLS=false
+
+#Enable SASL (PLAIN) authentication. (freenode requires this from eg AWS hosts)
+#It uses NickServNick and NickServPassword as login and password
+#OPTIONAL (default false)
+UseSASL=false
+
+#Enable to not verify the certificate on your irc server.
+#e.g. when using selfsigned certificates
+#OPTIONAL (default false)
+SkipTLSVerify=true
+
+#Your nick on irc.
+#REQUIRED
+Nick="CW_Bot"
+
+#If you registered your bot with a service like Nickserv on freenode.
+#Also being used when UseSASL=true
+#OPTIONAL
+#NickServNick="nickserv"
+#NickServPassword="secret"
+
+#Flood control
+#Delay in milliseconds between each message send to the IRC server
+#OPTIONAL (default 1300)
+MessageDelay=1300
+
+#Maximum amount of messages to hold in queue. If queue is full
+#messages will be dropped.
+#<clipped> will be add to the message that fills the queue.
+#OPTIONAL (default 30)
+MessageQueue=30
+
+#Nicks you want to ignore.
+#Messages from those users will not be sent to other bridges.
+
+#OPTIONAL
+#IgnoreNicks="someuser"
+
+#Enable to show users joins/parts from other bridges (only from irc-bridge at the moment)
+#OPTIONAL (default false)
+ShowJoinPart=false
+
+
+
+
+###################################################################
+#telegram section
+###################################################################
+[telegram]
+
+#You can configure multiple servers "[telegram.name]" or "[telegram.name2]"
+
+## In Telegram muss ein Bot erstellt werden, was über den Kontakt @BotFather in Telegram geht.
+## Bot erstellen (Funktion /newbot), das API Token wird unten verwendet.
+## Die Privacy Funktion des Bots auss auf "DISAABLED" gettellt werden (Funktion: /setprivacy)
+## Anschließend muss der Bot in die entsprechende Gruppe eingefügt und dort als Admin eingerichtet werden.
+
+#REQUIRED
+[telegram.bot]
+#Token to connect with telegram API
+#Bot @chaos_west_bot
+#See https://core.telegram.org/bots#6-botfather and https://www.linkedin.com/pulse/telegram-bots-beginners-marco-frau
+#REQUIRED
+Token="{{ telegram_token_cw }}"
+
+#Nicks you want to ignore.
+#Messages from those users will not be sent to other bridges.
+
+#OPTIONAL
+#IgnoreNicks="Someuser"
+
+#Enable to show users joins/parts from other bridges (only from irc-bridge at the moment)
+#OPTIONAL (default false)
+ShowJoinPart=false
+
+
+###################################################################
+#mattermost section
+###################################################################
+[mattermost]
+#You can configure multiple servers "[mattermost.name]" or "[mattermost.name2]"
+#In this example we use [mattermost.work]
+#REQUIRED
+
+[mattermost.chaoswest]
+#The mattermost hostname. (do not prefix it with http or https)
+#REQUIRED (when not using webhooks)
+Server="chat.chaos-west.de"
+
+#Your team on mattermost.
+#REQUIRED (when not using webhooks)
+Team="chaos-west"
+
+#login/pass of your bot.
+#Use a dedicated user for this and not your own!
+#REQUIRED (when not using webhooks)
+Login="cwbot"
+Password="{{mattermost_pass_cwbot}}"
+
+#personal access token of the bot.
+#new feature since mattermost 4.1. See https://docs.mattermost.com/developer/personal-access-tokens.html
+#OPTIONAL (you can use token instead of login/password)
+#Token="abcdefghijklm"
+
+#Enable this to make a http connection (instead of https) to your mattermost.
+#OPTIONAL (default false)
+NoTLS=false
+
+#### Settings for webhook matterbridge.
+#NOT RECOMMENDED TO USE INCOMING/OUTGOING WEBHOOK. USE DEDICATED BOT USER WHEN POSSIBLE!
+#You don't need to configure this, if you have configured the settings
+#above.
+
+#Url is your incoming webhook url as specified in mattermost.
+#See account settings - integrations - incoming webhooks on mattermost.
+#If specified, messages will be sent to mattermost using this URL
+#OPTIONAL
+#WebhookURL="https://yourdomain/hooks/yourhookkey"
+
+#Address to listen on for outgoing webhook requests from mattermost.
+#See account settings - integrations - outgoing webhooks on mattermost.
+#If specified, messages will be received from mattermost on this ip:port
+#(this will only work if WebhookURL above is also configured)
+#OPTIONAL
+#WebhookBindAddress="0.0.0.0:9999"
+
+#Icon that will be showed in mattermost.
+#This only works when WebhookURL is configured
+#OPTIONAL
+#IconURL="http://youricon.png"
+
+#### End settings for webhook matterbridge.
+
+#Enable to not verify the certificate on your mattermost server.
+#e.g. when using selfsigned certificates
+#OPTIONAL (default false)
+SkipTLSVerify=true
+
+## RELOADABLE SETTINGS
+## Settings below can be reloaded by editing the file
+
+#how to format the list of IRC nicks when displayed in mattermost.
+#Possible options are "table" and "plain"
+#OPTIONAL (default plain)
+NickFormatter="plain"
+
+#How many nicks to list per row for formatters that support this.
+#OPTIONAL (default 4)
+NicksPerRow=4
+
+#Whether to prefix messages from other bridges to mattermost with the sender's nick.
+#Useful if username overrides for incoming webhooks isn't enabled on the
+#mattermost server. If you set PrefixMessagesWithNick to true, each message
+#from bridge to Mattermost will by default be prefixed by "bridge-" + nick. You can,
+#however, modify how the messages appear, by setting (and modifying) RemoteNickFormat
+#OPTIONAL (default false)
+PrefixMessagesWithNick=true
+
+#Disable sending of edits to other bridges
+#OPTIONAL (default false)
+EditDisable=false
+
+#Message to be appended to every edited message
+#OPTIONAL (default empty)
+EditSuffix=" (edited)"
+
+#Nicks you want to ignore.
+#Messages from those users will not be sent to other bridges.
+#OPTIONAL
+#IgnoreNicks="ircspammer1 ircspammer2"
+
+#Messages you want to ignore.
+#Messages matching these regexp will be ignored and not sent to other bridges
+#See https://regex-golang.appspot.com/assets/html/index.html for more regex info
+#OPTIONAL (example below ignores messages starting with ~~ or messages containing badword
+#IgnoreMessages="^~~ badword"
+
+#messages you want to replace.
+#it replaces outgoing messages from the bridge.
+#so you need to place it by the sending bridge definition.
+#regular expressions supported
+#some examples:
+#this replaces cat => dog and sleep => awake
+#replacemessages=[ ["cat","dog"], ["sleep","awake"] ]
+#this replaces every number with number. 123 => numbernumbernumber
+#replacemessages=[ ["[0-9]","number"] ]
+#optional (default empty)
+#ReplaceMessages=[ ["cat","dog"] ]
+
+#nicks you want to replace.
+#see replacemessages for syntaxa
+#optional (default empty)
+#ReplaceNicks=[ ["user--","user"] ]
+
+#extra label that can be used in the RemoteNickFormat
+#optional (default empty)
+Label=""
+
+#RemoteNickFormat defines how remote users appear on this bridge
+#The string "{NICK}" (case sensitive) will be replaced by the actual nick / username.
+#The string "{BRIDGE}" (case sensitive) will be replaced by the sending bridge
+#The string "{LABEL}" (case sensitive) will be replaced by label= field of the sending bridge
+#The string "{PROTOCOL}" (case sensitive) will be replaced by the protocol used by the bridge
+#OPTIONAL (default empty)
+#RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
+
+#Enable to show users joins/parts from other bridges
+#Currently works for messages from the following bridges: irc, mattermost, slack
+#OPTIONAL (default false)
+ShowJoinPart=false
+
+#Do not send joins/parts to other bridges
+#Currently works for messages from the following bridges: irc, mattermost, slack
+#OPTIONAL (default false)
+NoSendJoinPart=false
+
+#StripNick only allows alphanumerical nicks. See https://github.com/42wim/matterbridge/issues/285
+#It will strip other characters from the nick
+#OPTIONAL (default false)
+StripNick=false
+
+#Enable to show topic changes from other bridges
+#Only works hiding/show topic changes from slack bridge for now
+#OPTIONAL (default false)
+ShowTopicChange=false
+
+###################################################################
+#General configuration
+###################################################################
+#Settings here override specific settings for each protocol
+[general]
+#RemoteNickFormat defines how remote users appear on this bridge
+#The string "{NICK}" (case sensitive) will be replaced by the actual nick / username.
+#The string "{BRIDGE}" (case sensitive) will be replaced by the sending bridge
+#The string "{PROTOCOL}" (case sensitive) will be replaced by the protocol used by the bridge
+#OPTIONAL (default empty)
+RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
+
+###################################################################
+#Gateway configuration
+###################################################################
+
+#You can specify multiple gateways using [[gateway]]
+#Each gateway has a [[gateway.in]] and a [[gateway.out]]
+#[[gateway.in]] specifies the account and channels we will receive messages from.
+#[[gateway.out]] specifies the account and channels we will send the messages
+#from [[gateway.in]] to.
+#
+#Most of the time [[gateway.in]] and [[gateway.out]] are the same if you
+#want bidirectional bridging. You can then use [[gateway.inout]]
+
+[[gateway]]
+#OPTIONAL (not used for now)
+name="gateway1"
+#Enable enables this gateway
+##OPTIONAL (default false)
+enable=true
+
+ #[[gateway.in]] specifies the account and channels we will receive messages from.
+ #[[gateway.out]] specifies the account and channels we will sent messages to.
+
+ #account specified above
+ #REQUIRED
+ #account="irc.freenode"
+
+ #channel to connect on that account
+ #How to specify them for the different bridges:
+ #
+ #irc - #channel (# is required)
+ #mattermost - channel (the channel name as seen in the URL, not the displayname)
+ #gitter - username/room
+ #xmpp - channel
+ #slack - channel (the channel name as seen in the URL, not the displayname)
+ #discord - channel (without the #)
+ # - ID:123456789 (where 123456789 is the channel ID)
+ # (https://github.com/42wim/matterbridge/issues/57)
+ #telegram - chatid (a large negative number, eg -123456789)
+ # see (https://www.linkedin.com/pulse/telegram-bots-beginners-marco-frau)
+ #hipchat - id_channel (see https://www.hipchat.com/account/xmpp for the correct channel)
+ #rocketchat - #channel (# is required)
+ #matrix - room internal ID (looks like !QJFqjsGJwmQzbuBfff:matrix.org)
+ #REQUIRED
+ #channel="#somechannel"
+
+ [[gateway.inout]]
+ ## Der IRC Channel der Wapzone
+ account="irc.hackint"
+ channel="#chaoswest"
+
+ [[gateway.inout]]
+ ## Vorgehen um Guppen-ID zu bekommen:
+ ## - Bot in Gruppe einfügen
+ ## - Chatnachricht erstellen
+ ## - https://api.telegram.org/<API Token>/getUpdates ausrufen, die ID findet sich in der Eigenschaft "message.chat.id"
+ account="telegram.bot"
+ channel="-33814432"
+
+ [[gateway.inout]]
+ ## Raum Town-Squre auf dem Warpzone Mattermost Server
+ account="mattermost.chaoswest"
+ channel="town-square"
+
diff --git a/webserver/docker_matterbridge/templates/matterbridge.toml b/webserver/docker_matterbridge/templates/matterbridge_wz.toml
similarity index 99%
rename from webserver/docker_matterbridge/templates/matterbridge.toml
rename to webserver/docker_matterbridge/templates/matterbridge_wz.toml
index a6e65e44fb4e8be4329e776cde276027c4c3beaf..f479adc4ac7c52621954de9968d83510be59e307 100644
--- a/webserver/docker_matterbridge/templates/matterbridge.toml
+++ b/webserver/docker_matterbridge/templates/matterbridge_wz.toml
@@ -82,7 +82,7 @@ ShowJoinPart=false
#Bot @warpzonebot
#See https://core.telegram.org/bots#6-botfather and https://www.linkedin.com/pulse/telegram-bots-beginners-marco-frau
#REQUIRED
-Token="{{ telegram_token }}"
+Token="{{ telegram_token_wz }}"
#Nicks you want to ignore.
#Messages from those users will not be sent to other bridges.
diff --git a/webserver/nginx/templates/nginx-site b/webserver/nginx/templates/nginx-site
index cfcaad73a4c1900803721795d94ecc949abd77f1..b4e42c9b8e095d4beae80a2c9b4ed3055619277c 100644
--- a/webserver/nginx/templates/nginx-site
+++ b/webserver/nginx/templates/nginx-site
@@ -12,8 +12,8 @@ server {
{% if sslcert.stat.exists == True %}
# ab nginx > 1.13 spdy durch http2 ersetzen
- listen 443 ssl spdy;
- listen [::]:443 ssl spdy;
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/fullchain.pem;
ssl_certificate_key /etc/ssl/key.pem;
@@ -33,6 +33,9 @@ server {
{% endif %}
+ access_log /dev/null;
+ error_log /dev/null;
+
server_name {{ item }}.warpzone.ms;
root /dev/null;
index index.html;