Migration: consolidate Echo6 docs to cortex with full infrastructure cleanup sync
- Documents recent infrastructure cleanup (8 CTs destroyed, 35 DNS records removed, Headscale cleanup) - Adds 24 new runbooks covering Authentik, PeerTube, Meshtastic, RECON, Proxmox, Mailcow, Internet Archive, GPU routing - Adds project documentation for headscale, vaultwarden, peertube, matrix, mmud, advbbs, arr stack - Updates services.md, environment.md, caddy.md, authentik.md to match live infrastructure - Removes 4 deprecated runbook duplicates (canonical versions live in projects/) - Adds .gitignore for binary archives and editor temp files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
89834796ff
commit
e9231ac24a
93 changed files with 51223 additions and 254 deletions
103
mautrix_signal.ref
Normal file
103
mautrix_signal.ref
Normal file
|
|
@ -0,0 +1,103 @@
|
|||
# mautrix-signal Bridge Reference
|
||||
# Deployed: 2026-04-09 (Phase 3)
|
||||
# Updated: 2026-04-09 (Phase 5)
|
||||
|
||||
## Deployment
|
||||
|
||||
- **Image:** dock.mau.dev/mautrix/signal:v0.2603.0
|
||||
- **Container:** mautrix-signal
|
||||
- **Compose:** /opt/matrix/docker-compose.yml (same stack as Synapse)
|
||||
- **Config dir:** /opt/matrix/mautrix-signal/
|
||||
- **Network:** matrix-net (internal only, no host port mapping)
|
||||
- **Appservice port:** 29328 (container-internal)
|
||||
|
||||
## Database
|
||||
|
||||
- **DB name:** mautrix_signal
|
||||
- **DB role:** mautrix_signal (NOSUPERUSER, NOCREATEDB, NOCREATEROLE)
|
||||
- **Host:** matrix-postgres:5432 (same container as Synapse/MAS)
|
||||
- **Collation:** C/C (matches Synapse)
|
||||
|
||||
## Signal Account
|
||||
|
||||
- **Phone:** +12083080811
|
||||
- **Login ID:** 58f99d83-f3a8-487f-a2b7-3d118e236d23
|
||||
- **Matrix user:** @matt:echo6.co
|
||||
|
||||
## Bot
|
||||
|
||||
- **MXID:** @signalbot:echo6.co
|
||||
- **Device ID:** UPX4KKLZVY
|
||||
- **Management room:** !fDjIRTMjxILVQoAcEN:echo6.co
|
||||
|
||||
## Encryption
|
||||
|
||||
- **E2BE:** enabled (allow: true, default: true, require: true)
|
||||
- **MSC4190:** enabled (required for MAS compatibility)
|
||||
- **Pickle key:** auto-generated, stored in config
|
||||
- **Self-sign:** true
|
||||
|
||||
## Synapse Integration
|
||||
|
||||
- **Registration files:** /opt/matrix/synapse/registration.yaml, /opt/matrix/synapse/doublepuppet.yaml
|
||||
- **homeserver.yaml additions:**
|
||||
- `app_service_config_files: [/data/registration.yaml, /data/doublepuppet.yaml]`
|
||||
- `experimental_features.msc3202_transaction_extensions: true`
|
||||
- `experimental_features.msc2409_to_device_messages_enabled: true`
|
||||
- **Registration file permissions:** 644 (world-readable, Synapse UID 991)
|
||||
|
||||
## Double Puppeting
|
||||
|
||||
- **Method:** appservice-based (doublepuppet.yaml)
|
||||
- **as_token:** configured in bridge config `double_puppet.secrets`
|
||||
- **Effect:** Messages matt sends from Signal appear as @matt:echo6.co in Matrix
|
||||
|
||||
## MAS Compatibility
|
||||
|
||||
- **Confirmed working:** as_token auth bypasses MAS entirely
|
||||
- **MSC4190:** Parsed from registration.yaml `io.element.msc4190: true`, NOT a homeserver experimental_features flag
|
||||
- **Synapse handles appservice auth independently of MAS token introspection**
|
||||
|
||||
## Autocreate Behavior
|
||||
|
||||
- **No autocreate toggle exists** in bridgev2 signal connector
|
||||
- `portal_create_filter` config key is silently stripped on restart
|
||||
- Old keys (`autocreate_group_portal`, `autocreate_contact_portal`) don't exist
|
||||
- Portals auto-create when incoming Signal messages arrive for untracked groups/DMs
|
||||
- This is the default and only behavior — cannot be disabled
|
||||
|
||||
## Permissions
|
||||
|
||||
```yaml
|
||||
bridge:
|
||||
permissions:
|
||||
"*": relay
|
||||
"echo6.co": user
|
||||
"@matt:echo6.co": admin
|
||||
```
|
||||
|
||||
## Backup
|
||||
|
||||
- DB dumped by /opt/matrix/scripts/pg_backup.sh (added alongside synapse + mas dumps)
|
||||
- 14-day retention, daily at 3 AM
|
||||
|
||||
## Management Commands
|
||||
|
||||
Available in management room (!fDjIRTMjxILVQoAcEN:echo6.co):
|
||||
- `!signal help` — list commands
|
||||
- `!signal ping-matrix` — verify Matrix connectivity
|
||||
- `!signal list-logins` — show linked Signal accounts
|
||||
- `!signal sync-portal` — force-sync current portal
|
||||
- `!signal id` — show bridge IDs for current room
|
||||
- `!signal create-group` — create a new Signal group
|
||||
- `!signal start-chat` — start a DM with a Signal user
|
||||
- `!signal resolve-identifier` — look up a Signal user
|
||||
|
||||
NOT available (bridgev2 signal connector doesn't expose):
|
||||
- `list-chats`, `bridge`, `create-portal`, `filter`
|
||||
|
||||
## Provisioning API
|
||||
|
||||
- **Shared secret:** in config.yaml (do NOT log or put in ref files)
|
||||
- **Allow Matrix auth:** true
|
||||
- **Debug endpoints:** false
|
||||
Loading…
Add table
Add a link
Reference in a new issue