From 0bbd3976b291b6108598ba3d458b8711b2d21355 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Wed, 8 Jul 2020 21:32:21 +0200 Subject: [PATCH] update config --- rootfs/etc/confd/templates/config.yaml.tmpl | 305 +++++++++++++++----- 1 file changed, 239 insertions(+), 66 deletions(-) diff --git a/rootfs/etc/confd/templates/config.yaml.tmpl b/rootfs/etc/confd/templates/config.yaml.tmpl index ba4b0d6..b2ebef5 100644 --- a/rootfs/etc/confd/templates/config.yaml.tmpl +++ b/rootfs/etc/confd/templates/config.yaml.tmpl @@ -13,10 +13,13 @@ homeserver: appservice: # The address that the homeserver can use to connect to this appservice. address: http://{{getenv "HOSTNAME"}}:8080 + # When using https:// the TLS certificate and key files for the address. + tls_cert: false + tls_key: false # The hostname and port where this appservice should listen. hostname: 0.0.0.0 - port: 8080 + port: 29317 # The maximum body size of appservice API requests (from the homeserver) in mebibytes # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s max_body_size: 1 @@ -27,16 +30,13 @@ appservice: # SQLite: sqlite:///filename.db # Postgres: postgres://username:password@hostname/dbname database: {{ getenv "DATABASE_DATASOURCE"}} - # Whether or not to use SQLAlchemy Core for common database actions. Use if the bridge is - # being bottlenecked on ORM commits. Only supported with PostgreSQL. - sqlalchemy_core_mode: false # Public part of web server for out-of-Matrix interaction with the bridge. # Used for things like login if the user wants to make sure the 2FA password isn't stored in # the HS database. public: # Whether or not the public-facing endpoints should be enabled. - enabled: true + enabled: false # The prefix to use in the public-facing endpoints. prefix: /public # The base URL where the public-facing endpoints are available. The prefix is not added @@ -63,21 +63,43 @@ appservice: bot_displayname: Telegram Bridge Bot bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX + # Community ID for bridged users (changes registration file) and rooms. + # Must be created manually. + # + # Example: "+telegram:example.com". Set to false to disable. + community_id: false + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "{{ getenv "AS_TOKEN" }}" hs_token: "{{ getenv "HS_TOKEN" }}" +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Manhole config. +manhole: + # Whether or not opening the manhole is allowed. + enabled: false + # The path for the unix socket. + path: /var/tmp/mautrix-telegram.manhole + # The list of UIDs who can be added to the whitelist. + # If empty, any UIDs can be specified in the open-manhole command. + whitelist: + - 0 + # Bridge config bridge: # Localpart template of MXIDs for Telegram users. # {userid} is replaced with the user ID of the Telegram user. - username_template: telegram_{userid} + username_template: "telegram_{userid}" # Localpart template of room aliases for Telegram portal rooms. # {groupname} is replaced with the name part of the public channel/group invite link ( https://t.me/{} ) - alias_template: telegram_{groupname} + alias_template: "telegram_{groupname}" # Displayname template for Telegram users. # {displayname} is replaced with the display name of the Telegram user. - displayname_template: '{displayname} (Telegram)' + displayname_template: "{displayname} (Telegram)" # Set the preferred order of user identifiers which to use in the Matrix puppet display name. # In the (hopefully unlikely) scenario that none of the given keys are found, the numeric user @@ -97,6 +119,12 @@ bridge: - full name - username - phone number + # Maximum length of displayname + displayname_max_length: 100 + # Remove avatars from Telegram ghost users when removed on Telegram. This is disabled by default + # as there's no way to determine whether an avatar is removed or just hidden from some users. If + # you're on a single-user instance, this should be safe to enable. + allow_avatar_remove: false # Maximum number of members to sync per portal when starting up. Other members will be # synced when they send messages. The maximum is 10000, after which the Telegram server @@ -107,26 +135,110 @@ bridge: # If no channel admins have logged into the bridge, the bridge won't be able to sync the member # list regardless of this setting. sync_channel_members: true + # Whether or not to skip deleted members when syncing members. + skip_deleted_members: true + # Whether or not to automatically synchronize contacts and chats of Matrix users logged into + # their Telegram account at startup. + startup_sync: true + # Number of most recently active dialogs to check when syncing chats. + # Set to 0 to remove limit. + sync_dialog_limit: 30 + # Whether or not to sync and create portals for direct chats at startup. + sync_direct_chats: false # The maximum number of simultaneous Telegram deletions to handle. # A large number of simultaneous redactions could put strain on your homeserver. max_telegram_delete: 10 - # Allow logging in within Matrix. If false, the only way to log in is using the out-of-Matrix - # login website (see appservice.public config section) + # Whether or not to automatically sync the Matrix room state (mostly unpuppeted displaynames) + # at startup and when creating a bridge. + sync_matrix_state: true + # Allow logging in within Matrix. If false, users can only log in using login-qr or the + # out-of-Matrix login website (see appservice.public config section) allow_matrix_login: true # Whether or not to bridge plaintext highlights. # Only enable this if your displayname_template has some static part that the bridge can use to # reliably identify what is a plaintext highlight. plaintext_highlights: false - # Highlight changed/added parts in edits. Requires lxml. - highlight_edits: true # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix. public_portals: true - # Whether or not to fetch and handle Telegram updates at startup from the time the bridge was down. - # Currently only works for private chats and normal groups. - catch_up: true # Whether or not to use /sync to get presence, read receipts and typing notifications when using # your own Matrix account as the Matrix puppet for your Telegram account. sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: null + # Set to false to disable link previews in messages sent to Telegram. + telegram_link_preview: true + # Use inline images instead of a separate message for the caption. + # N.B. Inline images are not supported on all clients (e.g. Riot iOS). + inline_images: false + # Maximum size of image in megabytes before sending to Telegram as a document. + image_as_file_size: 10 + # Maximum size of Telegram documents in megabytes to bridge. + max_document_size: 100 + # Enable experimental parallel file transfer, which makes uploads/downloads much faster by + # streaming from/to Matrix and using many connections for Telegram. + # Note that generating HQ thumbnails for videos is not possible with streamed transfers. + parallel_file_transfer: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Settings for converting animated stickers. + animated_sticker: + # Format to which animated stickers should be converted. + # disable - No conversion, send as-is (gzipped lottie) + # png - converts to non-animated png (fastest), + # gif - converts to animated gif, but loses transparency + # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support + target: gif + # Arguments for converter. All converters take width and height. + # GIF converter takes background as a hex color. + args: + width: 256 + height: 256 + background: "020202" # only for gif + fps: 30 # only for webm + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Whether or not to explicitly set the avatar and room name for private + # chat portal rooms. This will be implicitly enabled if encryption.default is true. + private_chat_portal_meta: false + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to Telegram. + delivery_receipts: false + # Whether or not delivery errors should be reported as messages in the Matrix room. + delivery_error_reports: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + + # Overrides for base power levels. + initial_power_level_overrides: + user: {} + group: {} + + # Whether to bridge Telegram bot messages as m.notices or m.texts. + bot_messages_as_notices: true + bridge_notices: + # Whether or not Matrix bot messages (type m.notice) should be bridged. + default: false + # List of user IDs for whom the previous flag is flipped. + # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but + # notices from users listed here will be bridged. + exceptions: + - "@importantbot:example.com" # Some config options related to Telegram message deduplication. # The default values are usually fine, but some debug messages/warnings might recommend you @@ -138,43 +250,30 @@ bridge: # You might need to increase this on high-traffic bridge instances. cache_queue_length: 20 - # Show message editing as a reply to the original message. - # If this is false, message edits are not shown at all, as Matrix does not support editing yet. - edits_as_replies: true - bridge_notices: - # Whether or not Matrix bot messages (type m.notice) should be bridged. - default: false - # List of user IDs for whom the previous flag is flipped. - # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but - # notices from users listed here will be bridged. - exceptions: [] - # Whether to bridge Telegram bot messages as m.notices or m.texts. - bot_messages_as_notices: true - # Use inline images instead of a separate message for the caption. - # N.B. Inline images are not supported on all clients (e.g. Riot iOS). - inline_images: false - # Whether to send stickers as the new native m.sticker type or normal m.images. - # Old versions of Riot don't support the new type at all. - # Remember that proper sticker support always requires Pillow to convert webp into png. - native_stickers: true - # The formats to use when sending messages to Telegram via the relay bot. - # - # Telegram doesn't have built-in emotes, so the m.emote format is also used for non-relaybot users. + # Text msgtypes (m.text, m.notice and m.emote) support HTML, media msgtypes don't. # # Available variables: - # $sender_displayname - The display name of the sender (e.g. Example User) - # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) - # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) - # $message - The message content as HTML + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content message_formats: - m.text: '$sender_displayname: $message' - m.emote: '* $sender_displayname $message' - m.file: '$sender_displayname sent a file: $message' - m.image: '$sender_displayname sent an image: $message' - m.audio: '$sender_displayname sent an audio file: $message' - m.video: '$sender_displayname sent a video: $message' - m.location: '$sender_displayname sent a location: $message' + m.text: "$sender_displayname: $message" + m.notice: "$sender_displayname: $message" + m.emote: "* $sender_displayname $message" + m.file: "$sender_displayname sent a file: $message" + m.image: "$sender_displayname sent an image: $message" + m.audio: "$sender_displayname sent an audio file: $message" + m.video: "$sender_displayname sent a video: $message" + m.location: "$sender_displayname sent a location: $message" + # Telegram doesn't have built-in emotes, this field specifies how m.emote's from authenticated + # users are sent to telegram. All fields in message_formats are supported. Additionally, the + # Telegram user info is available in the following variables: + # $displayname - Telegram displayname + # $username - Telegram username (may not exist) + # $mention - Telegram @username or displayname mention (depending on which exists) + emote_format: "* $mention $formatted_body" # The formats to use when sending state events to Telegram via the relay bot. # @@ -183,9 +282,9 @@ bridge: # # Set format to an empty string to disable the messages for that event. state_event_formats: - join: $displayname joined the room. - leave: $displayname left the room. - name_change: $prev_displayname changed their name to $displayname + join: "$displayname joined the room." + leave: "$displayname left the room." + name_change: "$prev_displayname changed their name to $displayname" # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and # `filter-mode` management commands. @@ -201,7 +300,7 @@ bridge: list: [] # The prefix for commands. Only required in non-management rooms. - command_prefix: '!tg' + command_prefix: "!tg" # Permissions for using the bridge. # Permitted values: @@ -215,12 +314,29 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '*': relaybot - "{{ getenv "SERVER_DOMAIN" }}": full - "{{ getenv "ADMIN_USER" }}": admin + "*": "relaybot" + "public.example.com": "user" + "example.com": "full" + "@admin:example.com": "admin" # Options related to the message relay Telegram bot. relaybot: + private_chat: + # List of users to invite to the portal when someone starts a private chat with the bot. + # If empty, private chats with the bot won't create a portal. + invite: [] + # Whether or not to bridge state change messages in relaybot private chats. + state_changes: true + # When private_chat_invite is empty, this message is sent to users /starting the + # relaybot. Telegram's "markdown" is supported. + message: This is a Matrix bridge relaybot and does not support direct chats + # List of users to invite to all group chat portals created by the bridge. + group_chat_invite: [] + # Whether or not the relaybot should not bridge events in unbridged group chats. + # If false, portals will be created when the relaybot receives messages, just like normal + # users. This behavior is usually not desirable, as it interferes with manually bridging + # the chat to another room. + ignore_unbridged_group_chat: true # Whether or not to allow creating portals from Telegram. authless_portals: true # Whether or not to allow Telegram group admins to use the bot commands. @@ -228,7 +344,9 @@ bridge: # Whether or not to ignore incoming events sent by the relay bot. ignore_own_incoming_events: true # List of usernames/user IDs who are also allowed to use the bot commands. - whitelist: [] + whitelist: + - myusername + - 12345678 # Telegram config telegram: @@ -237,19 +355,65 @@ telegram: api_hash: {{ getenv "API_HASH" }} # (Optional) Create your own bot at https://t.me/BotFather bot_token: disabled + + # Telethon connection options. + connection: + # The timeout in seconds to be used when connecting. + timeout: 120 + # How many times the reconnection should retry, either on the initial connection or when + # Telegram disconnects us. May be set to a negative or null value for infinite retries, but + # this is not recommended, since the program can get stuck in an infinite loop. + retries: 5 + # The delay in seconds to sleep between automatic reconnections. + retry_delay: 1 + # The threshold below which the library should automatically sleep on flood wait errors + # (inclusive). For instance, if a FloodWaitError for 17s occurs and flood_sleep_threshold + # is 20s, the library will sleep automatically. If the error was for 21s, it would raise + # the error instead. Values larger than a day (86400) will be changed to a day. + flood_sleep_threshold: 60 + # How many times a request should be retried. Request are retried when Telegram is having + # internal issues, when there is a FloodWaitError less than flood_sleep_threshold, or when + # there's a migrate error. May take a negative or null value for infinite retries, but this + # is not recommended, since some requests can always trigger a call fail (such as searching + # for messages). + request_retries: 5 + + # Device info sent to Telegram. + device_info: + # "auto" = OS name+version. + device_model: auto + # "auto" = Telethon version. + system_version: auto + # "auto" = mautrix-telegram version. + app_version: auto + lang_code: en + system_lang_code: en + + # Custom server to connect to. + server: + # Set to true to use these server settings. If false, will automatically + # use production server assigned by Telegram. Set to false in production. + enabled: false + # The DC ID to connect to. + dc: 2 + # The IP to connect to. + ip: 149.154.167.40 + # The port to connect to. 443 may not work, 80 is better and both are equally secure. + port: 80 + # Telethon proxy configuration. # You must install PySocks from pip for proxies to work. proxy: - # Allowed types: disabled, socks4, socks5, http + # Allowed types: disabled, socks4, socks5, http, mtproxy type: disabled # Proxy IP address and port. address: 127.0.0.1 port: 1080 - # Whether or not to perform DNS resolving remotely. + # Whether or not to perform DNS resolving remotely. Only for socks/http proxies. rdns: true - # Proxy authentication (optional). - username: '' - password: '' + # Proxy authentication (optional). Put MTProxy secret in password field. + username: "" + password: "" # Python logging configuration. # @@ -258,19 +422,28 @@ telegram: logging: version: 1 formatters: - precise: - format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' + colored: + (): mautrix_telegram.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: ./mautrix-telegram.log + maxBytes: 10485760 + backupCount: 10 console: class: logging.StreamHandler - formatter: precise + formatter: colored loggers: mau: level: DEBUG telethon: - level: DEBUG + level: INFO aiohttp: level: INFO root: level: DEBUG - handlers: [console] + handlers: [file, console]