Update dependency traefik to v3.7.4-0

Update ghcr.io/matrix-construct/tuwunel Docker tag to v1.7.1
Update ghcr.io/etkecc/baibot Docker tag to v1.21.1
2026-06-06 17:33:11 +03:00 · 2026-06-06 08:09:03 +03:00 · 2026-06-06 07:16:06 +03:00 · 2026-06-05 13:16:27 +03:00 · 2026-06-05 12:56:39 +03:00 · 2026-06-05 12:56:21 +03:00
15 changed files with 30 additions and 23 deletions
@@ -65,7 +65,7 @@ Web clients for Matrix that you can host on your own domains.
 | [Element Web](https://github.com/element-hq/element-web) | ✅ | Default Matrix web client, configured to connect to your own Synapse server | [Link](docs/configuring-playbook-client-element-web.md) |
 | [Hydrogen](https://github.com/element-hq/hydrogen-web) | ❌ | Lightweight Matrix client with legacy and mobile browser support | [Link](docs/configuring-playbook-client-hydrogen.md) |
 | [Cinny](https://github.com/ajbura/cinny) |  ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-cinny.md) |
-| [Sable](https://github.com/7w1/sable) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-sable.md) |
+| [Sable](https://github.com/SableClient/Sable) | ❌ | Simple, elegant and secure web client | [Link](docs/configuring-playbook-client-sable.md) |
 | [SchildiChat Web](https://schildi.chat/) | ❌ | Based on Element Web, with a more traditional instant messaging experience | [Link](docs/configuring-playbook-client-schildichat-web.md) |
 | [FluffyChat Web](https://fluffychat.im/) | ❌ | The cutest messenger in Matrix | [Link](docs/configuring-playbook-client-fluffychat-web.md) |

@@ -8,7 +8,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later

 # Setting up Sable (optional)

-The playbook can install and configure the [Sable](https://github.com/7w1/sable) Matrix web client for you.
+The playbook can install and configure the [Sable](https://github.com/SableClient/Sable) Matrix web client for you.

 Sable is a web client focusing primarily on simple, elegant and secure interface. It can be installed alongside or instead of [Element Web](./configuring-playbook-client-element-web.md), [Cinny](./configuring-playbook-client-cinny.md) and others.

@@ -89,7 +89,7 @@ Web clients for Matrix that you can host on your own domains.

 - [Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabled [Cinny](https://github.com/ajbura/cinny), a web client focusing primarily on simple, elegant and secure interface

- [Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/7w1/sable), a web client focusing primarily on simple, elegant and secure interface
+- [Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/SableClient/Sable), a web client focusing primarily on simple, elegant and secure interface

 - [Setting up SchildiChat Web](configuring-playbook-client-schildichat-web.md), if you've enabled [SchildiChat Web](https://schildi.chat/), a web client based on [Element Web](https://element.io/) with some extras and tweaks

@@ -6235,8 +6235,6 @@ matrix_livekit_jwt_service_environment_variable_livekit_key: "{{ (matrix_homeser

 matrix_livekit_jwt_service_environment_variable_livekit_secret: "{{ (matrix_homeserver_generic_secret_key + ':lk.secret') | hash('sha512') | to_uuid }}"

-matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list: ["{{ matrix_domain }}"]
-
 ########################################################################
 #                                                                      #
 # /matrix-livekit-jwt-service                                          #
@@ -257,7 +257,7 @@ msgid "[Link](docs/configuring-playbook-client-cinny.md)"
 msgstr ""

 #: ../../../README.md:0
-msgid "[Sable](https://github.com/7w1/sable)"
+msgid "[Sable](https://github.com/SableClient/Sable)"
 msgstr ""

 #: ../../../README.md:0
@@ -21,7 +21,7 @@ msgid "Setting up Sable (optional)"
 msgstr ""

 #: ../../../docs/configuring-playbook-client-sable.md:11
-msgid "The playbook can install and configure the [Sable](https://github.com/7w1/sable) Matrix web client for you."
+msgid "The playbook can install and configure the [Sable](https://github.com/SableClient/Sable) Matrix web client for you."
 msgstr ""

 #: ../../../docs/configuring-playbook-client-sable.md:13
@@ -173,7 +173,7 @@ msgid "[Setting up Cinny](configuring-playbook-client-cinny.md), if you've enabl
 msgstr ""

 #: ../../../docs/configuring-playbook.md:92
-msgid "[Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/7w1/sable), a web client focusing primarily on simple, elegant and secure interface"
+msgid "[Setting up Sable](configuring-playbook-client-sable.md), if you've enabled [Sable](https://github.com/SableClient/Sable), a web client focusing primarily on simple, elegant and secure interface"
 msgstr ""

 #: ../../../docs/configuring-playbook.md:94
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later

 [tools]
-prek = "0.4.3"
+prek = "0.4.4"

 [settings]
 yes = true
@@ -45,7 +45,7 @@
  version: v1.12.0-0
  name: livekit_server
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
-  version: v2.22.0-1
+  version: v2.24.0-0
  name: ntfy
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
  version: ea8c5cc750c4e23d004c9a836dfd9eda82d45ff4
@@ -87,7 +87,7 @@
  version: v1.1.0-1
  name: timesync
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
-  version: v3.7.1-0
+  version: v3.7.4-0
  name: traefik
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
  version: v2.10.0-7
@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
 matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"

 # renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
-matrix_authentication_service_version: 1.17.0
+matrix_authentication_service_version: 1.18.0
 matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
 matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
 matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
 matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"

 # renovate: datasource=docker depName=ghcr.io/etkecc/baibot
-matrix_bot_baibot_version: v1.20.0
+matrix_bot_baibot_version: v1.21.1
 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
 matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
 matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
@@ -1,6 +1,6 @@
 # SPDX-FileCopyrightText: 2022 MDAD project contributors
 # SPDX-FileCopyrightText: 2024 wjbeckett
-# SPDX-FileCopyrightText: 2024 - 2025 Slavi Pantaleev
+# SPDX-FileCopyrightText: 2024 - 2026 Slavi Pantaleev
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

@@ -25,11 +25,11 @@ matrix_livekit_jwt_service_container_additional_networks_auto: []
 matrix_livekit_jwt_service_container_additional_networks_custom: []

 # renovate: datasource=docker depName=ghcr.io/element-hq/lk-jwt-service
-matrix_livekit_jwt_service_version: 0.4.4
+matrix_livekit_jwt_service_version: 0.5.0

 matrix_livekit_jwt_service_container_image_self_build: false
 matrix_livekit_jwt_service_container_repo: "https://github.com/element-hq/lk-jwt-service.git"
-matrix_livekit_jwt_service_container_repo_version: "{{ 'main' if matrix_livekit_jwt_service_version == 'latest' else ('v' + livekit_server_version) }}"
+matrix_livekit_jwt_service_container_repo_version: "{{ 'main' if matrix_livekit_jwt_service_version == 'latest' else ('v' + matrix_livekit_jwt_service_version) }}"
 matrix_livekit_jwt_service_container_src_files_path: "{{ matrix_livekit_jwt_service_base_path }}/container-src"

 matrix_livekit_jwt_service_container_image: "{{ matrix_livekit_jwt_service_container_image_registry_prefix }}element-hq/lk-jwt-service:{{ matrix_livekit_jwt_service_container_image_tag }}"
@@ -86,12 +86,20 @@ matrix_livekit_jwt_service_environment_variable_livekit_url: ""
 # Controls the LIVEKIT_SECRET environment variable
 matrix_livekit_jwt_service_environment_variable_livekit_secret: ""

-# Controls the LIVEKIT_FULL_ACCESS_HOMESERVERS environment variable
+# Controls the LIVEKIT_FULL_ACCESS_HOMESERVERS environment variable.
 # Comma-separated list of Matrix homeservers whose users are authorized with full access to LiveKit SFU features
-# (supports * as a wildcard to allow all homeservers).
+# (like creating rooms on the SFU).
+#
+# This is a required setting and the service refuses to start without it.
+# Setting it to `*` grants full access to any federated Matrix user, but listing only the homeserver(s)
+# you intend to serve is strongly recommended.
+#
+# To add additional homeservers, use `matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_custom`.
 matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers: "{{ matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list | join(',') }}"
-
-matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list: ["*"]
+matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list: "{{ matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_default + matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_auto + matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_custom }}"
+matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_default: ["{{ matrix_domain }}"]
+matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_auto: []
+matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers_list_custom: []

 # Additional environment variables to pass to the container.
 #
@@ -1,6 +1,6 @@
 # SPDX-FileCopyrightText: 2022 MDAD project contributors
 # SPDX-FileCopyrightText: 2024 wjbeckett
-# SPDX-FileCopyrightText: 2024 Slavi Pantaleev
+# SPDX-FileCopyrightText: 2024 - 2026 Slavi Pantaleev
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

@@ -27,3 +27,4 @@
    - {'name': 'matrix_livekit_jwt_service_environment_variable_livekit_key', when: true}
    - {'name': 'matrix_livekit_jwt_service_environment_variable_livekit_url', when: true}
    - {'name': 'matrix_livekit_jwt_service_environment_variable_livekit_secret', when: true}
+    - {'name': 'matrix_livekit_jwt_service_environment_variable_livekit_full_access_homeservers', when: true}
@@ -16,7 +16,7 @@ matrix_synapse_enabled: true
 matrix_synapse_github_org_and_repo: element-hq/synapse

 # renovate: datasource=docker depName=ghcr.io/element-hq/synapse
-matrix_synapse_version: v1.153.0
+matrix_synapse_version: v1.154.0

 matrix_synapse_username: ''
 matrix_synapse_uid: ''
@@ -13,7 +13,7 @@ matrix_tuwunel_enabled: true
 matrix_tuwunel_hostname: ''

 # renovate: datasource=docker depName=ghcr.io/matrix-construct/tuwunel
-matrix_tuwunel_version: v1.7.0
+matrix_tuwunel_version: v1.7.1

 matrix_tuwunel_container_image: "{{ matrix_tuwunel_container_image_registry_prefix }}matrix-construct/tuwunel:{{ matrix_tuwunel_container_image_tag }}"
 matrix_tuwunel_container_image_tag: "{{ matrix_tuwunel_version }}"
Author	SHA1	Message	Date
renovate[bot]	0ce46bae94	Update dependency traefik to v3.7.4-0	2026-06-06 08:09:03 +03:00
renovate[bot]	af37ca09cc	Update ghcr.io/matrix-construct/tuwunel Docker tag to v1.7.1	2026-06-06 07:16:06 +03:00
renovate[bot]	28165b5892	Update ghcr.io/etkecc/baibot Docker tag to v1.21.1	2026-06-05 13:16:27 +03:00
renovate[bot]	700976c47c	Update dependency ntfy to v2.24.0-0	2026-06-05 12:56:39 +03:00
renovate[bot]	66eabbb0ea	Update dependency traefik to v3.7.3-0	2026-06-05 12:56:21 +03:00
Suguru Hirahara	61a29cf718	Update links to the Sable repository Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2026-06-04 23:57:39 -04:00
renovate[bot]	47a4037ea2	Update ghcr.io/element-hq/synapse Docker tag to v1.154.0	2026-06-04 22:12:03 +03:00
renovate[bot]	93ec9095d5	Update ghcr.io/element-hq/matrix-authentication-service Docker tag to v1.18.0	2026-06-04 18:50:49 +03:00
renovate[bot]	92b7fed717	Update dependency prek to v0.4.4	2026-06-04 13:00:46 +03:00
Slavi Pantaleev	a7be5a2088	Fix self-build git ref for LiveKit JWT Service matrix_livekit_jwt_service_container_repo_version interpolated livekit_server_version (the LiveKit Server role's version) instead of this role's own matrix_livekit_jwt_service_version, so self-builds checked out the wrong git tag. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 10:17:07 +03:00
Slavi Pantaleev	738bff7a00	Upgrade LiveKit JWT Service (lk-jwt-service) to v0.5.0 v0.5.0 makes LIVEKIT_FULL_ACCESS_HOMESERVERS a required setting and drops the implicit `*` wildcard default upstream. Split the full-access-homeservers list into _default/_auto/_custom parts (following the convention used for other variables in this role), with a sane _default of the homeserver's own domain. This also lets group_vars/matrix_servers drop its now-redundant override. Add a validate_config.yml check requiring the setting to be defined. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 10:08:26 +03:00