-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.yml
379 lines (338 loc) · 17.5 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
### Synapse Server Configuration - 'synapse_server'###
# Description: To manage users on the Synapse server, the bot need access to the Matrix and Admin Api. The authorization data will be configured in this chapter.
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER'
synapse_server:
### Server Name - 'server_name'###
# Type: string
# Description: Synapse's public facing domain https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#server_name
# This is not necessarily the domain under which the Synapse server is reachable. See the docs and your configuration.
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_SERVER_NAME'
# Example:
# > server_name: company.org
server_name: null
### Server Url - 'server_url'###
# Type: string
# Description: Url to reach the synapse server. This can (and should) be an internal url. This will prevent you from make your synapse admin api public.
# But the bot will work with the public URL as well fi you want to.
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_SERVER_URL'
# Example:
# > server_url: https://internal.matrix
server_url: null
### Bot User Id - 'bot_user_id'###
# Type: string
# Description: The full Matrix user ID for an existing matrix user account. The Bot will interact as this account.
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_BOT_USER_ID'
# Example:
# > bot_user_id: '@welcome-bot:company.org'
bot_user_id: null
### Bot Device Id - 'bot_device_id'###
# Type: string
# Description: A device ID the Bot account can provide, to access the API. You will get an device_id via https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3login
# Here is an curl example to get data.
# ```bash
# curl -XPOST -d '{"type":"m.login.password", "user":"my-bot-user", "password":"superSecrectPW"}' "https://matrix.company.org/_matrix/client/v3/login"
# ```
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_BOT_DEVICE_ID'
# Example:
# > bot_device_id: ZSIBBRS
bot_device_id: null
### Bot Access Token - 'bot_access_token'###
# Type: string
# Description: A Bearer token to authorize the Bot access to the Synapse APIs. You will get an Bearer token via https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3login
# Here is an curl example to get data.
# ```bash
# curl -XPOST -d '{"type":"m.login.password", "user":"my-bot-user", "password":"superSecrectPW"}' "https://matrix.company.org/_matrix/client/v3/login"
# ```
# Required: True
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_BOT_ACCESS_TOKEN'
# Example:
# > bot_access_token: Bearer q7289zhwoieuhrfq279ugdfq3_ONLY_A_EXMAPLE_TOKEN_sadaw4
bot_access_token: null
### Api Path - 'api_path'###
# Type: string
# Description: If your Synapse server API is reachable in a subpath you can adapt this here. If you dont know that this is for; keep the default value.
# Required: False
# Defaults to _matrix/
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_API_PATH'
# Example:
# > api_path: _synapse/admin/
api_path: _matrix/client/
### Admin Api Path - 'admin_api_path'###
# Type: string
# Description: If your Synapse server admin API is reachable in a subpath you can adapt this here. If you dont know that this is for; keep the default value.
# Required: False
# Defaults to _synapse/admin/
# EnvVar name to override: 'ONBOT_SYNAPSE_SERVER__ONBOT_ADMIN_API_PATH'
# Example:
# > admin_api_path: _synapse/admin/
admin_api_path: _synapse/admin/
### Authentik Server - 'authentik_server'###
# Required: True
# EnvVar name to override: 'ONBOT_AUTHENTIK_SERVER'
authentik_server:
### Public Api Url - 'public_api_url'###
# Type: string
# Description: The URL to reach your Authentik server.
# Required: True
# EnvVar name to override: 'ONBOT_AUTHENTIK_SERVER__ONBOT_PUBLIC_API_URL'
# Example:
# > public_api_url: https://authentik.company.org/api/v3
public_api_url: null
### Api Key - 'api_key'###
# Type: string
# Description: The Bearer token access your Authentik server.
# You can generate a new token for your existing Authentik user at https://authentik.company.org/if/admin/#/core/tokens
# Required: True
# EnvVar name to override: 'ONBOT_AUTHENTIK_SERVER__ONBOT_API_KEY'
# Example:
# > api_key: Bearer yEl4tFqeIBQwoHAd9hajmkm2PBjSAirY_THIS_IS_JUST_AN_EXAMPLE_i57e
api_key: null
### Sync Interval Seconds - 'sync_interval_seconds'###
# Type: integer
# Description: The bot will do polling to sync the Authentik server with your Synapse server (In a future version there maybe a event listing based system.).
# The intervall will determine how often the bot will look up, if data is in sync.
# That can mean when a new user enters your Synapse server, the user may need to wait `sync_interval_seconds` seconds until the bot will greet and allocates user groups.
# Required: False
# Defaults to 60
# EnvVar name to override: 'ONBOT_AUTHENTIK_SERVER__ONBOT_SYNC_INTERVAL_SECONDS'
# Example:
# > sync_interval_seconds: 120
sync_interval_seconds: 60
### Welcome New Users Messages - 'welcome_new_users_messages'###
# Type: array
# Required: False
# Defaults to ['Welcome to the company chat. I am the company bot. I will invite you to the groups you are assigned. If you have any technical questions write a message to @admin-person:matrix.company.org.', 'The Chat software will ask you to setup a Security Key Backup. This is very important. Otherwise you can lose access older messages later. Please follow the request.']
# EnvVar name to override: 'ONBOT_WELCOME_NEW_USERS_MESSAGES'
welcome_new_users_messages:
- Welcome to the company chat. I am the company bot. I will invite you to the groups you are assigned too. If you have any technical questions write a message to @admin-person:matrix.company.org.
- If you need some guidance on how to use this chat have a look at the official documentation - https://element.io/user-guide (You can skip the "1A registration step" as you obviously have an account)
- 🛑 🔐 The Chat software will ask you to setup a 'Secure Backup'. <b>This is very important<b>. Otherwise you could lose access to older enrypted messages later. Please follow the request.
### Sync Authentik Users With Matrix Rooms - 'sync_authentik_users_with_matrix_rooms'###
# Required: False
# Defaults to enabled=True authentik_username_mapping_attribute='username' kick_matrix_room_members_not_in_mapped_authentik_group_anymore=True sync_only_users_in_authentik_pathes=None sync_only_users_with_authentik_attributes=None sync_only_users_of_groups_with_id=None
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS'
sync_authentik_users_with_matrix_rooms:
### Enabled - 'enabled'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_ENABLED'
enabled: true
### Authentik Username Mapping Attribute - 'authentik_username_mapping_attribute'###
# Type: string
# Required: False
# Defaults to username
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_AUTHENTIK_USERNAME_MAPPING_ATTRIBUTE'
authentik_username_mapping_attribute: username
### Kick Matrix Room Members Not In Mapped Authentik Group Anymore - 'kick_matrix_room_members_not_in_mapped_authentik_group_anymore'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_KICK_MATRIX_ROOM_MEMBERS_NOT_IN_MAPPED_AUTHENTIK_GROUP_ANYMORE'
kick_matrix_room_members_not_in_mapped_authentik_group_anymore: true
### Sync Only Users In Authentik Pathes - 'sync_only_users_in_authentik_pathes'###
# Type: array
# Required: False
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_SYNC_ONLY_USERS_IN_AUTHENTIK_PATHES'
sync_only_users_in_authentik_pathes: null
### Sync Only Users With Authentik Attributes - 'sync_only_users_with_authentik_attributes'###
# Type: object
# Required: False
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_SYNC_ONLY_USERS_WITH_AUTHENTIK_ATTRIBUTES'
sync_only_users_with_authentik_attributes: null
### Sync Only Users Of Groups With Id - 'sync_only_users_of_groups_with_id'###
# Type: array
# Required: False
# EnvVar name to override: 'ONBOT_SYNC_AUTHENTIK_USERS_WITH_MATRIX_ROOMS__ONBOT_SYNC_ONLY_USERS_OF_GROUPS_WITH_ID'
sync_only_users_of_groups_with_id: null
### Create Matrix Rooms In A Matrix Space - 'create_matrix_rooms_in_a_matrix_space'###
# Required: False
# Defaults to enabled=True alias='MyCompanySpace' create_matrix_space_if_not_exists=CreateMatrixSpaceIfNotExists(enabled=True, name='Our cozy space', topic='The Company Space', space_params={'preset': 'private_chat', 'visibility': 'private'})
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE'
create_matrix_rooms_in_a_matrix_space:
### Enabled - 'enabled'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_ENABLED'
enabled: true
### Alias - 'alias'###
# Type: string
# Required: False
# Defaults to MyCompanySpace
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_ALIAS'
alias: MyCompanySpace
### Create Matrix Space If Not Exists - 'create_matrix_space_if_not_exists'###
# Required: False
# Defaults to enabled=True name='Our cozy space' topic='The Company Space' space_params={'preset': 'private_chat', 'visibility': 'private'}
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_CREATE_MATRIX_SPACE_IF_NOT_EXISTS'
create_matrix_space_if_not_exists:
### Enabled - 'enabled'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_CREATE_MATRIX_SPACE_IF_NOT_EXISTS__ONBOT_ENABLED'
enabled: true
### Name - 'name'###
# Type: string
# Required: False
# Defaults to Our cozy space
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_CREATE_MATRIX_SPACE_IF_NOT_EXISTS__ONBOT_NAME'
name: Our cozy space
### Topic - 'topic'###
# Type: string
# Required: False
# Defaults to The Company Space
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_CREATE_MATRIX_SPACE_IF_NOT_EXISTS__ONBOT_TOPIC'
topic: The Company Space
### Space Params - 'space_params'###
# Type: object
# Required: False
# Defaults to {'preset': 'private_chat', 'visibility': 'private'}
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_IN_A_MATRIX_SPACE__ONBOT_CREATE_MATRIX_SPACE_IF_NOT_EXISTS__ONBOT_SPACE_PARAMS'
space_params:
preset: private_chat
visibility: private
### Create Matrix Rooms Based On Authentik Groups - 'create_matrix_rooms_based_on_authentik_groups'###
# Required: False
# Defaults to enabled=True only_for_children_of_groups_with_uid=None only_groups_with_attributes={'attribute.chatroom': True} only_for_groupnames_starting_with=None
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_BASED_ON_AUTHENTIK_GROUPS'
create_matrix_rooms_based_on_authentik_groups:
### Enabled - 'enabled'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_BASED_ON_AUTHENTIK_GROUPS__ONBOT_ENABLED'
enabled: true
### Only For Children Of Groups With Uid - 'only_for_children_of_groups_with_uid'###
# Type: array
# Required: False
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_BASED_ON_AUTHENTIK_GROUPS__ONBOT_ONLY_FOR_CHILDREN_OF_GROUPS_WITH_UID'
only_for_children_of_groups_with_uid: null
### Only Groups With Attributes - 'only_groups_with_attributes'###
# Type: object
# Required: False
# Defaults to {'attribute.chatroom': True}
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_BASED_ON_AUTHENTIK_GROUPS__ONBOT_ONLY_GROUPS_WITH_ATTRIBUTES'
only_groups_with_attributes:
attribute.chatroom: true
### Only For Groupnames Starting With - 'only_for_groupnames_starting_with'###
# Type: string
# Required: False
# EnvVar name to override: 'ONBOT_CREATE_MATRIX_ROOMS_BASED_ON_AUTHENTIK_GROUPS__ONBOT_ONLY_FOR_GROUPNAMES_STARTING_WITH'
only_for_groupnames_starting_with: null
### Matrix Room Default Settings - 'matrix_room_default_settings'###
# Required: False
# Defaults to alias_prefix=None matrix_alias_from_authentik_attribute='pk' name_prefix=None matrix_name_from_authentik_attribute='name' topic_prefix=None matrix_topic_from_authentik_attribute='attributes.chatroom_topic' matrix_room_create_params_from_authentik_attribute='attribute.chatroom_params' default_room_create_params={'preset': 'private_chat', 'visibility': 'private'}
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS'
matrix_room_default_settings:
### Alias Prefix - 'alias_prefix'###
# Type: string
# Required: False
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_ALIAS_PREFIX'
alias_prefix: null
### Matrix Alias From Authentik Attribute - 'matrix_alias_from_authentik_attribute'###
# Type: string
# Required: False
# Defaults to pk
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_MATRIX_ALIAS_FROM_AUTHENTIK_ATTRIBUTE'
matrix_alias_from_authentik_attribute: pk
### Name Prefix - 'name_prefix'###
# Type: string
# Required: False
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_NAME_PREFIX'
name_prefix: null
### Matrix Name From Authentik Attribute - 'matrix_name_from_authentik_attribute'###
# Type: string
# Required: False
# Defaults to name
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_MATRIX_NAME_FROM_AUTHENTIK_ATTRIBUTE'
matrix_name_from_authentik_attribute: name
### Topic Prefix - 'topic_prefix'###
# Type: string
# Required: False
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_TOPIC_PREFIX'
topic_prefix: null
### Matrix Topic From Authentik Attribute - 'matrix_topic_from_authentik_attribute'###
# Type: string
# Required: False
# Defaults to attributes.chatroom_topic
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_MATRIX_TOPIC_FROM_AUTHENTIK_ATTRIBUTE'
matrix_topic_from_authentik_attribute: attributes.chatroom_topic
### Matrix Room Create Params From Authentik Attribute - 'matrix_room_create_params_from_authentik_attribute'###
# Type: string
# Required: False
# Defaults to attribute.chatroom_params
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_MATRIX_ROOM_CREATE_PARAMS_FROM_AUTHENTIK_ATTRIBUTE'
matrix_room_create_params_from_authentik_attribute: attribute.chatroom_params
### Default Room Create Params - 'default_room_create_params'###
# Type: object
# Required: False
# Defaults to {'preset': 'private_chat', 'visibility': 'private'}
# EnvVar name to override: 'ONBOT_MATRIX_ROOM_DEFAULT_SETTINGS__ONBOT_DEFAULT_ROOM_CREATE_PARAMS'
default_room_create_params:
preset: private_chat
visibility: private
### Per Authentik Group Pk Matrix Room Settings - 'per_authentik_group_pk_matrix_room_settings'###
# Type: object
# Required: False
# EnvVar name to override: 'ONBOT_PER_AUTHENTIK_GROUP_PK_MATRIX_ROOM_SETTINGS'
# Example:
# >per_authentik_group_pk_matrix_room_settings:
# > 80439f0d-d936-4118-8017-52a95d6dd1bc: '{"alias_prefix": null, "matrix_alias_from_authentik_attribute":
# > "attribute.custom", "name_prefix": null, "matrix_name_from_authentik_attribute":
# > "name", "topic_prefix": "TOPIC PREFIX FOR SPECIFIC ROOM:", "matrix_topic_from_authentik_attribute":
# > "attributes.chatroom_topic", "matrix_room_create_params_from_authentik_attribute":
# > "attribute.chatroom_params", "default_room_create_params": {"preset": "private_chat",
# > "visibility": "private"}}'
per_authentik_group_pk_matrix_room_settings: {}
### Matrix User Ignore List - 'matrix_user_ignore_list'###
# Type: array
# Required: False
# EnvVar name to override: 'ONBOT_MATRIX_USER_IGNORE_LIST'
# Example:
# >matrix_user_ignore_list:
# >- '@root:company.org'
# >- '@admin:company.org'
matrix_user_ignore_list: []
### Authentik User Ignore List - 'authentik_user_ignore_list'###
# Type: array
# Required: False
# Defaults to ['admin']
# EnvVar name to override: 'ONBOT_AUTHENTIK_USER_IGNORE_LIST'
authentik_user_ignore_list:
- admin
### Authentik Group Ignore List - 'authentik_group_id_ignore_list'###
# Type: array
# Required: False
# Defaults to ['internal_company_group']
# EnvVar name to override: 'ONBOT_authentik_group_id_ignore_list'
authentik_group_id_ignore_list:
- internal_company_group
### Deactivate Disabled Authentik Users In Matrix - 'deactivate_disabled_authentik_users_in_matrix'###
# Required: False
# Defaults to enabled=True erase=False gdpr_erase=True
# EnvVar name to override: 'ONBOT_DEACTIVATE_DISABLED_AUTHENTIK_USERS_IN_MATRIX'
deactivate_disabled_authentik_users_in_matrix:
### Enabled - 'enabled'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_DEACTIVATE_DISABLED_AUTHENTIK_USERS_IN_MATRIX__ONBOT_ENABLED'
enabled: true
### Erase - 'erase'###
# Type: boolean
# Required: False
# EnvVar name to override: 'ONBOT_DEACTIVATE_DISABLED_AUTHENTIK_USERS_IN_MATRIX__ONBOT_ERASE'
erase: false
### Gdpr Erase - 'gdpr_erase'###
# Type: boolean
# Required: False
# Defaults to True
# EnvVar name to override: 'ONBOT_DEACTIVATE_DISABLED_AUTHENTIK_USERS_IN_MATRIX__ONBOT_GDPR_ERASE'
gdpr_erase: true