From 465e258968f6b15107ca90002a48d6728661621c Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Mon, 22 Apr 2024 21:52:24 +0200 Subject: [PATCH] ipv6 is not well supported so far --- Containerfile | 4 +- rootfs/etc/confd/templates/config.yaml.tmpl | 100 ++++++++++++++------ 2 files changed, 72 insertions(+), 32 deletions(-) diff --git a/Containerfile b/Containerfile index 5b19794..dab8f1c 100644 --- a/Containerfile +++ b/Containerfile @@ -1,6 +1,5 @@ FROM docker.io/alpine:3.19 as builder - RUN apk --no-cache add \ sed \ gcc \ @@ -32,7 +31,7 @@ RUN apk --no-cache add \ py3-yarl \ py3-mako -ENV VERSION=v0.15.1 +ENV VERSION=43d17a335b1dd45fc81f3bed8ad6a7ee9f7a708f RUN git clone https://github.com/mautrix/telegram.git WORKDIR /telegram @@ -92,4 +91,3 @@ RUN chown -R matrix-bridge:matrix-bridge /var/lib/matrix-bridge ENV HOME /var/lib/matrix-bridge EXPOSE 8080 - diff --git a/rootfs/etc/confd/templates/config.yaml.tmpl b/rootfs/etc/confd/templates/config.yaml.tmpl index c86ba0e..9a5fec2 100644 --- a/rootfs/etc/confd/templates/config.yaml.tmpl +++ b/rootfs/etc/confd/templates/config.yaml.tmpl @@ -1,4 +1,3 @@ -# Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. address: {{ getenv "SERVER_URL" }} @@ -32,7 +31,7 @@ appservice: tls_key: false # The hostname and port where this appservice should listen. - hostname: [::] + hostname: 0.0.0.0 port: 29317 # The maximum body size of appservice API requests (from the homeserver) in mebibytes # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s @@ -40,7 +39,7 @@ appservice: # The full URI to the database. SQLite and Postgres are supported. # Format examples: - # SQLite: sqlite:///filename.db + # SQLite: sqlite:filename.db # Postgres: postgres://username:password@hostname/dbname database: {{ getenv "DATABASE_DATASOURCE"}} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() @@ -62,7 +61,7 @@ appservice: prefix: /public # The base URL where the public-facing endpoints are available. The prefix is not added # implicitly. - external: {{ getenv "SERVER_URL_PUBLIC" }} + external: https://example.com/public # Provisioning API part of the web server for automated portal creation and fetching information. # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). @@ -78,7 +77,7 @@ appservice: # The unique ID of this appservice. id: telegram # Username of the appservice bot. - bot_username: telegrambot + bot_username: telegram_bot # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. bot_displayname: Telegram bridge bot @@ -145,6 +144,9 @@ bridge: # as there's no way to determine whether an avatar is removed or just hidden from some users. If # you're on a single-user instance, this should be safe to enable. allow_avatar_remove: false + # Should contact names and profile pictures be allowed? + # This is only safe to enable on single-user instances. + allow_contact_info: false # Maximum number of members to sync per portal when starting up. Other members will be # synced when they send messages. The maximum is 10000, after which the Telegram server @@ -219,6 +221,11 @@ bridge: image_as_file_size: 10 # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 4096x4096 = 16777216. image_as_file_pixels: 16777216 + # Maximum size of Telegram documents before linking to Telegrm instead of bridge + # to Matrix media. + document_as_link_size: + channel: + bot: # Enable experimental parallel file transfer, which makes uploads/downloads much faster by # streaming from/to Matrix and using many connections for Telegram. # Note that generating HQ thumbnails for videos is not possible with streamed transfers. @@ -271,6 +278,27 @@ bridge: # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: true + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false # What level of device verification should be required from users? # # Valid levels: @@ -306,14 +334,27 @@ bridge: # default. messages: 100 - # Whether or not to explicitly set the avatar and room name for private - # chat portal rooms. This will be implicitly enabled if encryption.default is true. - private_chat_portal_meta: false + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + # Disable generating reply fallbacks? Some extremely bad clients still rely on them, + # but they're being phased out and will be completely removed in the future. + disable_reply_fallbacks: false + # Should cross-chat replies from Telegram be bridged? Most servers and clients don't support this. + cross_room_replies: false # Whether or not the bridge should send a read receipt from the bridge bot when a message has # been sent to Telegram. delivery_receipts: false # Whether or not delivery errors should be reported as messages in the Matrix room. delivery_error_reports: false + # Should errors in incoming message handling send a message to the Matrix room? + incoming_bridge_error_reports: false # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. message_status_events: false # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. @@ -342,20 +383,6 @@ bridge: backfill: # Allow backfilling at all? enable: true - # Use MSC2716 for backfilling? - # - # This requires a server with MSC2716 support, which is currently an experimental feature in Synapse. - # It can be enabled by setting experimental_features -> msc2716_enabled to true in homeserver.yaml. - msc2716: false - # Use double puppets for backfilling? - # - # If using MSC2716, the double puppets must be in the appservice's user ID namespace - # (because the bridge can't use the double puppet access token with batch sending). - # - # Even without MSC2716, bridging old messages with correct timestamps requires the double - # puppets to be in an appservice namespace, or the server to be modified to allow - # overriding timestamps anyway. - double_puppet_backfill: false # Whether or not to enable backfilling in normal groups. # Normal groups have numerous technical problems in Telegram, and backfilling normal groups # will likely cause problems if there are multiple Matrix users in the group. @@ -365,17 +392,26 @@ bridge: # Set to -1 to let any chat be unread. unread_hours_threshold: 720 - # Forward backfilling limits. These apply to both MSC2716 and legacy backfill. + # Forward backfilling limits. # # Using a negative initial limit is not recommended, as it would try to backfill everything in a single batch. - # MSC2716 and the incremental settings are meant for backfilling everything incrementally rather than at once. - forward: + forward_limits: # Number of messages to backfill immediately after creating a portal. - initial_limit: 10 + initial: + user: 50 + normal_group: 100 + supergroup: 10 + channel: 10 # Number of messages to backfill when syncing chats. - sync_limit: 100 + sync: + user: 100 + normal_group: 100 + supergroup: 100 + channel: 100 + # Timeout for forward backfills in seconds. If you have a high limit, you'll have to increase this too. + forward_timeout: 900 - # Settings for incremental backfill of history. These only apply when using MSC2716. + # Settings for incremental backfill of history. These only apply to Beeper, as upstream abandoned MSC2716. incremental: # Maximum number of messages to backfill per batch. messages_per_batch: 100 @@ -453,7 +489,6 @@ bridge: # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and # `filter-mode` management commands. # - # Filters do not affect direct chats. # An empty blacklist will essentially disable the filter. filter: # Filter mode to use. Either "blacklist" or "whitelist". @@ -462,6 +497,11 @@ bridge: mode: blacklist # The list of group/channel IDs to filter. list: [] + # How to handle direct chats: + # If users is "null", direct chats will follow the previous settings. + # If users is "true", direct chats will always be bridged. + # If users is "false", direct chats will never be bridged. + users: true # The prefix for commands. Only required in non-management rooms. command_prefix: "!tg" @@ -561,6 +601,8 @@ telegram: # is not recommended, since some requests can always trigger a call fail (such as searching # for messages). request_retries: 5 + # Use IPv6 for Telethon connection + use_ipv6: false # Device info sent to Telegram. device_info: