push to f6cb26f7

.gitea/workflows/container.yaml

@@ -0,0 +1,12 @@
+name: Build Multiarch Container Image
+on: [push]
+jobs:
+  call-reusable-workflow:
+    uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main
+    with:
+      repository: ${{ gitea.repository }}
+      ref_name: ${{ gitea.ref_name }}
+      sha: ${{ gitea.sha }}
+      registry_url: ${{ secrets.REGISTRY_URL }}
+      registry_user: ${{ secrets.REGISTRY_USER }}
+      registry_pw: ${{ secrets.REGISTRY_PW }}

.gitlab-ci.yml

@@ -1,20 +0,0 @@
-variables:
-  CONTAINER_NAME: thallian/matrix-appservice-telegram
-
-build:
-  stage: build
-  image:
-    name: gcr.io/kaniko-project/executor:debug
-    entrypoint: [""]
-  script:
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
-    - >-
-      /kaniko/executor
-      --cache=false
-      --context "$CI_PROJECT_DIR"
-      --dockerfile "$CI_PROJECT_DIR/Dockerfile"
-      --destination "$CONTAINER_NAME:$CI_COMMIT_SHA"
-      --destination "$CONTAINER_NAME:$CI_COMMIT_REF_NAME"
-      --destination "$CONTAINER_NAME:latest"
-

Containerfile

@@ -1,10 +1,8 @@
-FROM docker.io/alpine:3.16 as builder
-
-ENV VERSION=e3a067c27aa3d9dd5e82db307218cc66c8356ddd
+FROM docker.io/alpine:3.20 as builder
 
 RUN apk --no-cache add \
 	sed \
-    gcc \
+	gcc \
 	g++ \
 	git \
 	musl-dev \
@@ -12,8 +10,51 @@ RUN apk --no-cache add \
 	python3-dev \
 	rust \
 	cargo \
-    py3-pip \
+	py3-pip \
 	py3-wheel \
+	py3-olm \
+	py3-qrcode \
+	py3-pillow \
+	py3-unpaddedbase64 \
+	py3-pycryptodome \
+	py3-pyaes \
+	py3-rsa \
+	py3-cparser \
+	py3-cffi \
+	py3-decorator \
+	py3-tqdm \
+	py3-numpy \
+	py3-future \
+	py3-asn1 \
+	py3-magic \
+	py3-commonmark \
+	py3-yarl \
+	py3-mako
+
+ENV VERSION=f6cb26f7f53089488e085b45add5303fa283dc3e
+
+RUN git clone https://github.com/mautrix/telegram.git
+WORKDIR /telegram
+RUN git checkout "$VERSION"
+RUN pip3 install --prefix=/install --upgrade -r requirements.txt
+RUN pip3 install --prefix=/install --upgrade -r optional-requirements.txt
+RUN cp -r mautrix_telegram /install/lib/python3.12/site-packages/
+
+
+FROM docker.io/thallian/confd-env:3.20-3.1.6.2
+
+ENV FFMPEG_BINARY=/usr/bin/ffmpeg
+
+COPY --from=builder /install /py-pkgs
+
+RUN addgroup -g 2222 matrix-bridge
+RUN adduser -h /var/lib/matrix-bridge -u 2222 -D -G matrix-bridge matrix-bridge
+
+RUN apk --no-cache add \
+	ca-certificates \
+	ffmpeg \
+	libffi \
+	python3 \
 	py3-brotli \
 	py3-olm \
 	py3-qrcode \
@@ -38,59 +79,7 @@ RUN apk --no-cache add \
 	py3-mako \
 	py3-setuptools
 
-#RUN git clone -b v0.25.0 --recursive https://github.com/MagicStack/asyncpg.git
-#WORKDIR /asyncpg
-#RUN sed -ie '1,3d' pyproject.toml
-#RUN python3 setup.py install --prefix=/install
-#RUN pip3 install --prefix=/install mautrix-telegram[all]==$VERSION
-
-RUN git clone https://github.com/mautrix/telegram.git
-WORKDIR /telegram
-RUN git checkout "$VERSION"
-RUN pip3 install --prefix=/install --upgrade -r requirements.txt
-RUN pip3 install --prefix=/install --upgrade -r optional-requirements.txt
-RUN cp -r mautrix_telegram /install/lib/python3.10/site-packages/
-
-
-FROM docker.io/thallian/confd-env:3.16
-
-ENV FFMPEG_BINARY=/usr/bin/ffmpeg
-
-COPY --from=builder /install /py-pkgs
-
-RUN addgroup -g 2222 matrix-bridge
-RUN adduser -h /var/lib/matrix-bridge -u 2222 -D -G matrix-bridge matrix-bridge
-
-RUN apk --no-cache add \
-    ca-certificates \
-    ffmpeg \
-    libffi \
-	python3 \
-   	py3-brotli \
-	py3-olm \
-	py3-qrcode \
-	py3-pillow \
-	py3-phonenumbers \
-	py3-unpaddedbase64 \
-	py3-pycryptodome \
-	py3-pyaes \
-	py3-rsa \
-	py3-cparser \
-	py3-cffi \
-	py3-decorator \
-	py3-tqdm \
-	py3-numpy \
-	py3-future \
-	py3-asn1 \
-	py3-ruamel.yaml \
-	py3-magic \
-	py3-commonmark \
-	py3-aiohttp \
-	py3-yarl \
-	py3-mako \
-	py3-setuptools
-
-ENV PYTHONPATH=/usr/lib/python3.10/site-packages:/py-pkgs/lib/python3.10/site-packages/
+ENV PYTHONPATH=/usr/lib/python3.12/site-packages:/py-pkgs/lib/python3.12/site-packages/
 
 WORKDIR /var/lib/matrix-bridge
 
@@ -102,4 +91,3 @@ RUN chown -R matrix-bridge:matrix-bridge /var/lib/matrix-bridge
 ENV HOME /var/lib/matrix-bridge
 
 EXPOSE 8080
-

README.md

@@ -31,5 +31,10 @@ Telegram API hash (https://my.telegram.org/apps).
 ## ADMIN_USER
 Matrix id of the admin user.
 
+## BOT_TOKEN
+- default: disabled
+
+Token for the relay bot.
+
 # Ports
 - 8080

rootfs/etc/confd/templates/config.yaml.tmpl

@@ -1,4 +1,3 @@
-# Homeserver details
 homeserver:
     # The address that this appservice can use to connect to the homeserver.
     address: {{ getenv "SERVER_URL" }}
@@ -7,7 +6,9 @@ homeserver:
     # Whether or not to verify the SSL certificate of the homeserver.
     # Only applies if address starts with https://
     verify_ssl: true
-    asmux: false
+    # What software is the homeserver running?
+    # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
+    software: standard
     # Number of retries for all HTTP requests if the homeserver isn't reachable.
     http_retry_count: 4
     # The URL to push real-time bridge status to.
@@ -16,6 +17,9 @@ homeserver:
     status_endpoint: null
     # Endpoint for reporting per-message status.
     message_send_checkpoint_endpoint: null
+    # Whether asynchronous uploads via MSC2246 should be enabled for media.
+    # Requires a media repo that supports MSC2246.
+    async_media: false
 
 # Application service host/registration related details
 # Changing these values requires regeneration of the registration.
@@ -35,13 +39,14 @@ appservice:
 
     # The full URI to the database. SQLite and Postgres are supported.
     # Format examples:
-    #   SQLite:   sqlite:///filename.db
+    #   SQLite:   sqlite:filename.db
     #   Postgres: postgres://username:password@hostname/dbname
     database: {{ getenv "DATABASE_DATASOURCE"}}
     # Additional arguments for asyncpg.create_pool() or sqlite3.connect()
     # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
     # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
     # For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
+    # Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs).
     database_opts:
         min_size: 1
         max_size: 10
@@ -56,7 +61,7 @@ appservice:
         prefix: /public
         # The base URL where the public-facing endpoints are available. The prefix is not added
         # implicitly.
-        external: {{ getenv "SERVER_URL_PUBLIC" }}
+        external: https://example.com/public
 
     # Provisioning API part of the web server for automated portal creation and fetching information.
     # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
@@ -64,7 +69,7 @@ appservice:
         # Whether or not the provisioning API should be enabled.
         enabled: true
         # The prefix to use in the provisioning API endpoints.
-        prefix: /_matrix/provision/v1
+        prefix: /_matrix/provision
         # The shared secret to authorize users of the API.
         # Set to "generate" to generate and save a new token.
         shared_secret: generate
@@ -72,7 +77,7 @@ appservice:
     # The unique ID of this appservice.
     id: telegram
     # Username of the appservice bot.
-    bot_username: telegrambot
+    bot_username: telegram_bot
     # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
     # to leave display name/avatar as-is.
     bot_displayname: Telegram bridge bot
@@ -81,7 +86,7 @@ appservice:
     # Whether or not to receive ephemeral events via appservice transactions.
     # Requires MSC2409 support (i.e. Synapse 1.22+).
     # You should disable bridge -> sync_with_custom_puppets when this is enabled.
-    ephemeral_events: false
+    ephemeral_events: true
 
     # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
     as_token: "{{ getenv "AS_TOKEN" }}"
@@ -139,27 +144,37 @@ bridge:
     # as there's no way to determine whether an avatar is removed or just hidden from some users. If
     # you're on a single-user instance, this should be safe to enable.
     allow_avatar_remove: false
+    # Should contact names and profile pictures be allowed?
+    # This is only safe to enable on single-user instances.
+    allow_contact_info: false
 
     # Maximum number of members to sync per portal when starting up. Other members will be
     # synced when they send messages. The maximum is 10000, after which the Telegram server
     # will not send any more members.
     # -1 means no limit (which means it's limited to 10000 by the server)
     max_initial_member_sync: 100
+    # Maximum number of participants in chats to bridge. Only applies when the portal is being created.
+    # If there are more members when trying to create a room, the room creation will be cancelled.
+    # -1 means no limit (which means all chats can be bridged)
+    max_member_count: -1
     # Whether or not to sync the member list in channels.
     # If no channel admins have logged into the bridge, the bridge won't be able to sync the member
     # list regardless of this setting.
-    sync_channel_members: true
+    sync_channel_members: false
     # Whether or not to skip deleted members when syncing members.
     skip_deleted_members: true
     # Whether or not to automatically synchronize contacts and chats of Matrix users logged into
     # their Telegram account at startup.
-    startup_sync: true
+    startup_sync: false
     # Number of most recently active dialogs to check when syncing chats.
     # Set to 0 to remove limit.
     sync_update_limit: 0
     # Number of most recently active dialogs to create portals for when syncing chats.
     # Set to 0 to remove limit.
-    sync_create_limit: 30
+    sync_create_limit: 15
+    # Should all chats be scheduled to be created later?
+    # This is best used in combination with MSC2716 infinite backfill.
+    sync_deferred_create_all: false
     # Whether or not to sync and create portals for direct chats at startup.
     sync_direct_chats: false
     # The maximum number of simultaneous Telegram deletions to handle.
@@ -171,15 +186,11 @@ bridge:
     # Allow logging in within Matrix. If false, users can only log in using login-qr or the
     # out-of-Matrix login website (see appservice.public config section)
     allow_matrix_login: true
-    # Whether or not to bridge plaintext highlights.
-    # Only enable this if your displayname_template has some static part that the bridge can use to
-    # reliably identify what is a plaintext highlight.
-    plaintext_highlights: false
     # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix.
-    public_portals: true
+    public_portals: false
     # Whether or not to use /sync to get presence, read receipts and typing notifications
     # when double puppeting is enabled
-    sync_with_custom_puppets: true
+    sync_with_custom_puppets: false
     # Whether or not to update the m.direct account data event when double puppeting is enabled.
     # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
     # and is therefore prone to race conditions.
@@ -203,13 +214,18 @@ bridge:
     # Whether or not the !tg join command should do a HTTP request
     # to resolve redirects in invite links.
     invite_link_resolve: false
-    # Use inline images instead of a separate message for the caption.
-    # N.B. Inline images are not supported on all clients (e.g. Element iOS/Android).
-    inline_images: false
+    # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
+    # This is currently not supported in most clients.
+    caption_in_message: false
     # Maximum size of image in megabytes before sending to Telegram as a document.
     image_as_file_size: 10
-    # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 1280x1280 = 1638400.
-    image_as_file_pixels: 1638400
+    # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 4096x4096 = 16777216.
+    image_as_file_pixels: 16777216
+    # Maximum size of Telegram documents before linking to Telegrm instead of bridge
+    # to Matrix media.
+    document_as_link_size:
+        channel:
+        bot:
     # Enable experimental parallel file transfer, which makes uploads/downloads much faster by
     # streaming from/to Matrix and using many connections for Telegram.
     # Note that generating HQ thumbnails for videos is not possible with streamed transfers.
@@ -218,6 +234,9 @@ bridge:
     # Whether or not created rooms should have federation enabled.
     # If false, created portal rooms will never be federated.
     federate_rooms: true
+    # Should the bridge send all unicode reactions as custom emoji reactions to Telegram?
+    # By default, the bridge only uses custom emojis for unicode emojis that aren't allowed in reactions.
+    always_custom_emoji_reaction: false
     # Settings for converting animated stickers.
     animated_sticker:
         # Format to which animated stickers should be converted.
@@ -225,12 +244,24 @@ bridge:
         # png - converts to non-animated png (fastest),
         # gif - converts to animated gif
         # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support
+        # webp - converts to animated webp, requires ffmpeg executable with webp codec/container support
         target: gif
+        # Should video stickers be converted to the specified format as well?
+        convert_from_webm: false
         # Arguments for converter. All converters take width and height.
         args:
             width: 256
             height: 256
-            fps: 25 # only for webm and gif (2, 5, 10, 20 or 25 recommended)
+            fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended)
+    # Settings for converting animated emoji.
+    # Same as animated_sticker, but webm is not supported as the target
+    # (because inline images can only contain images, not videos).
+    animated_emoji:
+        target: webp
+        args:
+            width: 64
+            height: 64
+            fps: 25
     # End-to-bridge encryption support options.
     #
     # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
@@ -240,28 +271,92 @@ bridge:
         # Default to encryption, force-enable encryption in all portals the bridge creates
         # This will cause the bridge bot to be in private chats for the encryption to work properly.
         default: true
-        # Database for the encryption data. If set to `default`, will use the appservice database.
-        database: default
-        # Options for automatic key sharing.
-        key_sharing:
-            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
-            # You must use a client that supports requesting keys from other users to use this feature.
-            allow: true
-            # Require the requesting device to have a valid cross-signing signature?
-            # This doesn't require that the bridge has verified the device, only that the user has verified it.
-            # Not yet implemented.
-            require_cross_signing: false
-            # Require devices to be verified by the bridge?
-            # Verification by the bridge is not yet implemented.
-            require_verification: true
-    # Whether or not to explicitly set the avatar and room name for private
-    # chat portal rooms. This will be implicitly enabled if encryption.default is true.
-    private_chat_portal_meta: false
+        # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
+        appservice: false
+        # Require encryption, drop any unencrypted messages.
+        require: false
+        # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+        # You must use a client that supports requesting keys from other users to use this feature.
+        allow_key_sharing: true
+        # Options for deleting megolm sessions from the bridge.
+        delete_keys:
+            # Beeper-specific: delete outbound sessions when hungryserv confirms
+            # that the user has uploaded the key to key backup.
+            delete_outbound_on_ack: false
+            # Don't store outbound sessions in the inbound table.
+            dont_store_outbound: false
+            # Ratchet megolm sessions forward after decrypting messages.
+            ratchet_on_decrypt: false
+            # Delete fully used keys (index >= max_messages) after decrypting messages.
+            delete_fully_used_on_decrypt: false
+            # Delete previous megolm sessions from same device when receiving a new one.
+            delete_prev_on_new_session: false
+            # Delete megolm sessions received from a device when the device is deleted.
+            delete_on_device_delete: false
+            # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
+            periodically_delete_expired: false
+            # Delete inbound megolm sessions that don't have the received_at field used for
+            # automatic ratcheting and expired session deletion. This is meant as a migration
+            # to delete old keys prior to the bridge update.
+            delete_outdated_inbound: false
+        # What level of device verification should be required from users?
+        #
+        # Valid levels:
+        #   unverified - Send keys to all device in the room.
+        #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
+        #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
+        #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
+        #                           Note that creating user signatures from the bridge bot is not currently possible.
+        #   verified - Require manual per-device verification
+        #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
+        verification_levels:
+            # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix.
+            receive: unverified
+            # Minimum level that the bridge should accept for incoming Matrix messages.
+            send: unverified
+            # Minimum level that the bridge should require for accepting key requests.
+            share: cross-signed-tofu
+        # Options for Megolm room key rotation. These options allow you to
+        # configure the m.room.encryption event content. See:
+        # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
+        # more information about that event.
+        rotation:
+            # Enable custom Megolm room key rotation settings. Note that these
+            # settings will only apply to rooms created after this option is
+            # set.
+            enable_custom: false
+            # The maximum number of milliseconds a session should be used
+            # before changing it. The Matrix spec recommends 604800000 (a week)
+            # as the default.
+            milliseconds: 604800000
+            # The maximum number of messages that should be sent with a given a
+            # session before changing it. The Matrix spec recommends 100 as the
+            # default.
+            messages: 100
+
+            # Disable rotating keys when a user's devices change?
+            # You should not enable this option unless you understand all the implications.
+            disable_device_change_key_rotation: false
+
+    # Whether to explicitly set the avatar and room name for private chat portal rooms.
+    # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
+    # If set to `always`, all DM rooms will have explicit names and avatars set.
+    # If set to `never`, DM rooms will never have names and avatars set.
+    private_chat_portal_meta: default
+    # Disable generating reply fallbacks? Some extremely bad clients still rely on them,
+    # but they're being phased out and will be completely removed in the future.
+    disable_reply_fallbacks: false
+    # Should cross-chat replies from Telegram be bridged? Most servers and clients don't support this.
+    cross_room_replies: false
     # Whether or not the bridge should send a read receipt from the bridge bot when a message has
     # been sent to Telegram.
     delivery_receipts: false
     # Whether or not delivery errors should be reported as messages in the Matrix room.
     delivery_error_reports: false
+    # Should errors in incoming message handling send a message to the Matrix room?
+    incoming_bridge_error_reports: false
+    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
+    message_status_events: false
     # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
     # This field will automatically be changed back to false after it,
     # except if the config file is not writable.
@@ -279,36 +374,62 @@ bridge:
     bridge_matrix_leave: true
     # Should the user be kicked out of all portals when logging out of the bridge?
     kick_on_logout: true
+    # Should the "* user joined Telegram" notice always be marked as read automatically?
+    always_read_joined_telegram_notice: true
+    # Should the bridge auto-create a group chat on Telegram when a ghost is invited to a room?
+    # Requires the user to have sufficient power level and double puppeting enabled.
+    create_group_on_invite: true
     # Settings for backfilling messages from Telegram.
     backfill:
-        # Whether or not the Telegram ghosts of logged in Matrix users should be
-        # invited to private chats when backfilling history from Telegram. This is
-        # usually needed to prevent rate limits and to allow timestamp massaging.
-        invite_own_puppet: true
-        # Maximum number of messages to backfill without using a takeout.
-        # The first time a takeout is used, the user has to manually approve it from a different
-        # device. If initial_limit or missed_limit are higher than this value, the bridge will ask
-        # the user to accept the takeout after logging in before syncing any chats.
-        takeout_limit: 100
-        # Maximum number of messages to backfill initially.
-        # Set to 0 to disable backfilling when creating portal, or -1 to disable the limit.
-        #
-        # N.B. Initial backfill will only start after member sync. Make sure your
-        #      max_initial_member_sync is set to a low enough value so it doesn't take forever.
-        initial_limit: 0
-        # Maximum number of messages to backfill if messages were missed while the bridge was
-        # disconnected. Note that this only works for logged in users and only if the chat isn't
-        # older than sync_update_limit
-        # Set to 0 to disable backfilling missed messages.
-        missed_limit: 50
-        # If using double puppeting, should notifications be disabled
-        # while the initial backfill is in progress?
-        disable_notifications: false
+        # Allow backfilling at all?
+        enable: true
         # Whether or not to enable backfilling in normal groups.
         # Normal groups have numerous technical problems in Telegram, and backfilling normal groups
         # will likely cause problems if there are multiple Matrix users in the group.
         normal_groups: false
 
+        # If a backfilled chat is older than this number of hours, mark it as read even if it's unread on Telegram.
+        # Set to -1 to let any chat be unread.
+        unread_hours_threshold: 720
+
+        # Forward backfilling limits.
+        #
+        # Using a negative initial limit is not recommended, as it would try to backfill everything in a single batch.
+        forward_limits:
+            # Number of messages to backfill immediately after creating a portal.
+            initial:
+                user: 50
+                normal_group: 100
+                supergroup: 10
+                channel: 10
+            # Number of messages to backfill when syncing chats.
+            sync:
+                user: 100
+                normal_group: 100
+                supergroup: 100
+                channel: 100
+        # Timeout for forward backfills in seconds. If you have a high limit, you'll have to increase this too.
+        forward_timeout: 900
+
+        # Settings for incremental backfill of history. These only apply to Beeper, as upstream abandoned MSC2716.
+        incremental:
+            # Maximum number of messages to backfill per batch.
+            messages_per_batch: 100
+            # The number of seconds to wait after backfilling the batch of messages.
+            post_batch_delay: 20
+            # The maximum number of batches to backfill per portal, split by the chat type.
+            # If set to -1, all messages in the chat will eventually be backfilled.
+            max_batches:
+                # Direct chats
+                user: -1
+                # Normal groups. Note that the normal_groups option above must be enabled
+                # for these to be backfilled.
+                normal_group: -1
+                # Supergroups
+                supergroup: 10
+                # Broadcast channels
+                channel: -1
+
     # Overrides for base power levels.
     initial_power_level_overrides:
         user: {}
@@ -368,7 +489,6 @@ bridge:
     # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and
     # `filter-mode` management commands.
     #
-    # Filters do not affect direct chats.
     # An empty blacklist will essentially disable the filter.
     filter:
         # Filter mode to use. Either "blacklist" or "whitelist".
@@ -377,6 +497,11 @@ bridge:
         mode: blacklist
         # The list of group/channel IDs to filter.
         list: []
+        # How to handle direct chats:
+        # If users is "null", direct chats will follow the previous settings.
+        # If users is "true", direct chats will always be bridged.
+        # If users is "false", direct chats will never be bridged.
+        users: true
 
     # The prefix for commands. Only required in non-management rooms.
     command_prefix: "!tg"
@@ -447,7 +572,13 @@ telegram:
     api_id: {{ getenv "API_ID" }}
     api_hash: {{ getenv "API_HASH" }}
     # (Optional) Create your own bot at https://t.me/BotFather
-    bot_token: disabled
+    bot_token: {{ getenv "BOT_TOKEN" "disabled" }}
+
+    # Should the bridge request missed updates from Telegram when restarting?
+    catch_up: true
+    # Should incoming updates be handled sequentially to make sure order is preserved on Matrix?
+    sequential_updates: true
+    exit_on_update_error: false
 
     # Telethon connection options.
     connection:
@@ -470,11 +601,13 @@ telegram:
         # is not recommended, since some requests can always trigger a call fail (such as searching
         # for messages).
         request_retries: 5
+        # Use IPv6 for Telethon connection
+        use_ipv6: false
 
     # Device info sent to Telegram.
     device_info:
         # "auto" = OS name+version.
-        device_model: auto
+        device_model: mautrix-telegram
         # "auto" = Telethon version.
         system_version: auto
         # "auto" = mautrix-telegram version.