WrenIX

https://wrenix.eu

affinity

object

{}

autoscaling.enabled

bool

false

autoscaling.maxReplicas

int

100

autoscaling.minReplicas

int

1

autoscaling.targetCPUUtilizationPercentage

int

80

config.appservice.address

string

"http://localhost:29328"

The address that the homeserver can use to connect to this appservice.

config.appservice.async_transactions

bool

false

Should incoming events be handled asynchronously? This may be necessary for large public instances with lots of messages going through. However, messages will not be guaranteed to be bridged in the same order they were sent in.

config.appservice.bot.avatar

string

"mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"

config.appservice.bot.displayname

string

"Signal bridge bot"

Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty to leave display name/avatar as-is.

config.appservice.bot.username

string

"signalbot"

Username of the appservice bot.

config.appservice.database.max_conn_idle_time

string

nil

Maximum connection idle time and lifetime before they’re closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration

config.appservice.database.max_conn_lifetime

string

nil

config.appservice.database.max_idle_conns

int

2

config.appservice.database.max_open_conns

int

20

Maximum number of connections. Mostly relevant for Postgres.

config.appservice.database.type

string

"postgres"

The database type. "sqlite3-fk-wal" and "postgres" are supported.

config.appservice.database.uri

string

"postgres://user:password@host/database?sslmode=disable"

The database URI. SQLite: A raw file path is supported, but file:<path>?_txlock=immediate is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql

config.appservice.ephemeral_events

bool

true

Whether or not to receive ephemeral events via appservice transactions. Requires MSC2409 support (i.e. Synapse 1.22+).

config.appservice.hostname

string

"0.0.0.0"

The hostname and port where this appservice should listen.

config.appservice.id

string

"signal"

The unique ID of this appservice.

config.appservice.port

int

29328

config.bridge

object

{"bridge_notices":true,"caption_in_message":false,"command_prefix":"!signal","delivery_receipts":false,"displayname_template":"{{or .ProfileName .PhoneNumber \"Unknown user\"}}","double_puppet_allow_discovery":false,"double_puppet_server_map":{"example.com":"https://example.com"},"encryption":{"allow":false,"allow_key_sharing":false,"appservice":false,"default":false,"delete_keys":{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false},"require":false,"rotation":{"disable_device_change_key_rotation":false,"enable_custom":false,"messages":100,"milliseconds":604800000},"verification_levels":{"receive":"unverified","send":"unverified","share":"cross-signed-tofu"}},"federate_rooms":true,"login_shared_secret_map":{"example.com":"foobar"},"management_room_text":{"additional_help":"","welcome":"Hello, I’m a Signal bridge bot.","welcome_connected":"Use `help for help.","welcome_unconnected":"Use help for help or login to log in."},"message_error_notices":true,"message_handling_timeout":{"deadline":"120s","error_after":null},"message_status_events":false,"note_to_self_avatar":"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL","number_in_topic":true,"permissions":{"":"relay","@admin:example.com":"admin","example.com":"user"},"personal_filtering_spaces":false,"portal_message_buffer":128,"private_chat_portal_meta":"default","provisioning":{"debug_endpoints":false,"prefix":"/matrix/provision","shared_secret":"generate"},"public_portals":false,"relay":{"admin_only":true,"enabled":false,"message_formats":{"m.audio":"<b>{{ .Sender.Displayname }}</b> sent an audio file","m.emote":" <b>{{ .Sender.Displayname }}</b> {{ .Message }}","m.file":"<b>{{ .Sender.Displayname }}</b> sent a file","m.image":"<b>{{ .Sender.Displayname }}</b> sent an image","m.location":"<b>{{ .Sender.Displayname }}</b> sent a location","m.notice":"<b>{{ .Sender.Displayname }}</b>: {{ .Message }}","m.text":"<b>{{ .Sender.Displayname }}</b>: {{ .Message }}","m.video":"<b>{{ .Sender.Displayname }}</b> sent a video"}},"resend_bridge_info":false,"sync_direct_chat_list":false,"use_contact_avatars":false,"username_template":"signal{{.}}"}`

Bridge config

config.bridge.bridge_notices

bool

true

Should Matrix m.notice-type messages be bridged?

config.bridge.caption_in_message

bool

false

Send captions in the same message as images. This will send data compatible with both MSC2530. This is currently not supported in most clients.

config.bridge.command_prefix

string

"!signal"

The prefix for commands. Only required in non-management rooms.

config.bridge.delivery_receipts

bool

false

Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?

config.bridge.displayname_template

string

"{{or .ProfileName .PhoneNumber \"Unknown user\"}}"

Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone’s contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile.

config.bridge.double_puppet_allow_discovery

bool

false

Allow using double puppeting from any server with a valid client .well-known file.

config.bridge.double_puppet_server_map

object

{"example.com":"https://example.com"}

Servers to always allow double puppeting from

config.bridge.encryption.allow

bool

false

Allow encryption, work in group chat rooms with e2ee enabled

config.bridge.encryption.allow_key_sharing

bool

false

Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature.

config.bridge.encryption.appservice

bool

false

Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.

config.bridge.encryption.default

bool

false

Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly.

config.bridge.encryption.delete_keys

object

{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}

Options for deleting megolm sessions from the bridge.

config.bridge.encryption.delete_keys.delete_fully_used_on_decrypt

bool

false

Delete fully used keys (index >= max_messages) after decrypting messages.

config.bridge.encryption.delete_keys.delete_on_device_delete

bool

false

Delete megolm sessions received from a device when the device is deleted.

config.bridge.encryption.delete_keys.delete_outbound_on_ack

bool

false

Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup.

config.bridge.encryption.delete_keys.delete_outdated_inbound

bool

false

Delete inbound megolm sessions that don’t have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update.

config.bridge.encryption.delete_keys.delete_prev_on_new_session

bool

false

Delete previous megolm sessions from same device when receiving a new one.

config.bridge.encryption.delete_keys.dont_store_outbound

bool

false

Don’t store outbound sessions in the inbound table.

config.bridge.encryption.delete_keys.periodically_delete_expired

bool

false

Periodically delete megolm sessions when 2x max_age has passed since receiving the session.

config.bridge.encryption.delete_keys.ratchet_on_decrypt

bool

false

Ratchet megolm sessions forward after decrypting messages.

config.bridge.encryption.require

bool

false

Require encryption, drop any unencrypted messages.

config.bridge.encryption.rotation.disable_device_change_key_rotation

bool

false

Disable rotating keys when a user’s devices change? You should not enable this option unless you understand all the implications.

config.bridge.encryption.rotation.enable_custom

bool

false

Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set.

config.bridge.encryption.rotation.messages

int

100

The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default.

config.bridge.encryption.rotation.milliseconds

int

604800000

The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default.

config.bridge.encryption.verification_levels.receive

string

"unverified"

Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.

config.bridge.encryption.verification_levels.send

string

"unverified"

Minimum level that the bridge should accept for incoming Matrix messages.

config.bridge.encryption.verification_levels.share

string

"cross-signed-tofu"

Minimum level that the bridge should require for accepting key requests.

config.bridge.federate_rooms

bool

true

Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated.

config.bridge.login_shared_secret_map

object

{"example.com":"foobar"}

Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth If set, double puppeting will be enabled automatically for local users instead of users having to find an access token and run login-matrix manually.

config.bridge.management_room_text.additional_help

string

""

Optional extra text sent when joining a management room.

config.bridge.management_room_text.welcome

string

"Hello, I’m a Signal bridge bot."

Sent when joining a room.

config.bridge.management_room_text.welcome_connected

string

"Use `help for help."`

Sent when joining a management room and the user is already logged in.

config.bridge.management_room_text.welcome_unconnected

string

"Use `help for help or login to log in."`

Sent when joining a management room and the user is not logged in.

config.bridge.message_error_notices

bool

true

Whether the bridge should send error notices via m.notice events when a message fails to bridge.

config.bridge.message_handling_timeout

object

{"deadline":"120s","error_after":null}

Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration Null means there’s no enforced timeout.

config.bridge.message_handling_timeout.deadline

string

"120s"

Drop messages after this timeout. They may still go through if the message got sent to the servers. This is counted from the time the bridge starts handling the message.

config.bridge.message_handling_timeout.error_after

string

nil

Send an error message after this timeout, but keep waiting for the response until the deadline. This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. If the message is older than this when it reaches the bridge, the message won’t be handled at all.

config.bridge.message_status_events

bool

false

Whether the bridge should send the message status as a custom com.beeper.message_send_status event.

config.bridge.note_to_self_avatar

string

"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"

Avatar image for the Note to Self room.

config.bridge.number_in_topic

bool

true

Should the Signal user’s phone number be included in the room topic in private chat portal rooms?

config.bridge.personal_filtering_spaces

bool

false

Should the bridge create a space for each logged-in user and add bridged rooms to it? Users who logged in before turning this on should run !signal sync-space to create and fill the space for the first time.

config.bridge.private_chat_portal_meta

string

"default"

Whether to explicitly set the avatar and room name for private chat portal rooms. If set to default, this will be enabled in encrypted rooms and disabled in unencrypted rooms. If set to always, all DM rooms will have explicit names and avatars set. If set to never, DM rooms will never have names and avatars set.

config.bridge.provisioning.debug_endpoints

bool

false

Enable debug API at /debug with provisioning authentication.

config.bridge.provisioning.prefix

string

"/_matrix/provision"

Prefix for the provisioning API paths.

config.bridge.provisioning.shared_secret

string

"generate"

Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled.

config.bridge.public_portals

bool

false

Whether or not to make portals of groups that don’t need approval of an admin to join by invite link publicly joinable on Matrix.

config.bridge.relay.admin_only

bool

true

Should only admins be allowed to set themselves as relay users?

config.bridge.relay.enabled

bool

false

Whether relay mode should be allowed. If allowed, !wa set-relay can be used to turn any authenticated user into a relaybot for that chat.

config.bridge.relay.message_formats

object

{"m.audio":"<b>{{ .Sender.Displayname }}</b> sent an audio file","m.emote":"* <b>{{ .Sender.Displayname }}</b> {{ .Message }}","m.file":"<b>{{ .Sender.Displayname }}</b> sent a file","m.image":"<b>{{ .Sender.Displayname }}</b> sent an image","m.location":"<b>{{ .Sender.Displayname }}</b> sent a location","m.notice":"<b>{{ .Sender.Displayname }}</b>: {{ .Message }}","m.text":"<b>{{ .Sender.Displayname }}</b>: {{ .Message }}","m.video":"<b>{{ .Sender.Displayname }}</b> sent a video"}

The formats to use when sending messages to Signal via the relaybot.

config.bridge.resend_bridge_info

bool

false

Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. This field will automatically be changed back to false after it, except if the config file is not writable.

config.bridge.sync_direct_chat_list

bool

false

Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions.

config.bridge.use_contact_avatars

bool

false

Should avatars from the user’s contact list be used? This is not safe on multi-user instances.

config.bridge.username_template

string

"signal_{{.}}"

Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user.

config.homeserver.address

string

"https://matrix.example.com"

The address that this appservice can use to connect to the homeserver.

config.homeserver.async_media

bool

false

Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?

config.homeserver.domain

string

"example.com"

The domain of the homeserver (also known as server_name, used for MXIDs, etc).

config.homeserver.message_send_checkpoint_endpoint

string

nil

Endpoint for reporting per-message status.

config.homeserver.ping_interval_seconds

int

0

How often should the websocket be pinged? Pinging will be disabled if this is zero.

config.homeserver.software

string

"standard"

What software is the homeserver running? Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.

config.homeserver.status_endpoint

string

nil

The URL to push real-time bridge status to. If set, the bridge will make POST requests to this URL whenever a user’s Signal connection state changes. The bridge will use the appservice as_token to authorize requests.

config.homeserver.websocket

bool

false

Should the bridge use a websocket for connecting to the homeserver? The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, mautrix-asmux (deprecated), and hungryserv (proprietary).

config.logging.min_level

string

"warn"

config.logging.writers[0].format

string

"json"

config.logging.writers[0].type

string

"stdout"

config.metrics.enabled

bool

true

Enable prometheus metrics?

config.metrics.listen

string

"0.0.0.0:8000"

IP and port where the metrics listener should be. The path is always /metrics

config.signal.device_name

string

"mautrix-signal"

Default device name that shows up in the Signal app.

fullnameOverride

string

""

global.image.pullPolicy

string

nil

if set it will overwrite all pullPolicy

global.image.registry

string

nil

if set it will overwrite all registry entries

image.pullPolicy

string

"IfNotPresent"

image.registry

string

"dock.mau.dev"

image.repository

string

"mautrix/signal"

image.tag

string

""

imagePullSecrets

list

[]

ingress.annotations

object

{}

ingress.className

string

""

ingress.enabled

bool

false

ingress.hosts[0].host

string

"chart-example.local"

ingress.hosts[0].paths[0].path

string

"/"

ingress.hosts[0].paths[0].pathType

string

"ImplementationSpecific"

ingress.tls

list

[]

livenessProbe.httpGet.path

string

"/_matrix/mau/live"

livenessProbe.httpGet.port

string

"http"

nameOverride

string

""

nodeSelector

object

{}

persistence.accessMode

string

"ReadWriteOnce"

accessMode

persistence.annotations

object

{}

persistence.enabled

bool

true

Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/

persistence.existingClaim

string

nil

A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound

persistence.hostPath

string

nil

Do not create an PVC, direct use hostPath in Pod

persistence.size

string

"10Gi"

size

persistence.storageClass

string

nil

Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)

podAnnotations

object

{}

podLabels

object

{}

podSecurityContext

object

{}

prometheus.servicemonitor.enabled

bool

false

prometheus.servicemonitor.labels

object

{}

readinessProbe.httpGet.path

string

"/_matrix/mau/ready"

readinessProbe.httpGet.port

string

"http"

registration."de.sorunome.msc2409.push_ephemeral"

bool

true

registration.namespaces.users[0].exclusive

bool

true

registration.namespaces.users[0].regex

string

"^@signalbot:example.org$"

registration.namespaces.users[1].exclusive

bool

true

registration.namespaces.users[1].regex

string

"^@signal_.*:example.org$"

registration.push_ephemeral

bool

true

registration.rate_limited

bool

false

replicaCount

int

1

resources

object

{}

securityContext

object

{}

service.type

string

"ClusterIP"

serviceAccount.annotations

object

{}

serviceAccount.automount

bool

false

serviceAccount.create

bool

false

serviceAccount.name

string

""

tolerations

list

[]

volumeMounts

list

[]

volumes

list

[]