chore(deps): update dependency idna to v3.13

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5154

docs/configuring-playbook-continuwuity.md

@@ -46,6 +46,13 @@ Take a look at:
 
 There are various Ansible variables that control settings in the `continuwuity.toml` file.
 
+💡 By default, the playbook wires Continuwuity into a few playbook-wide settings:
+
+- if `exim_relay_enabled: true` (the default), Continuwuity SMTP is automatically enabled and pointed at the [local Exim relay](configuring-playbook-email.md) service
+- `matrix_continuwuity_config_well_known_client` is automatically set to the public homeserver URL in the usual SSL-enabled setup, which helps email verification and password-reset links work in delegated-domain setups
+
+You can override any of these defaults in your `vars.yml` file if you want Continuwuity to use a different SMTP server or a different well-known client URL.
+
 If a specific setting you'd like to change does not have a dedicated Ansible variable, you can either submit a PR to us to add it, or you can [override the setting using an environment variable](https://continuwuity.org/configuration#environment-variables) using `matrix_continuwuity_environment_variables_extension`. For example:
 
 ```yaml

docs/configuring-playbook-email.md

@@ -23,7 +23,7 @@ The [Ansible role for exim-relay](https://github.com/mother-of-all-self-hosting/
 
 1. **Final delivery capability**: Can deliver emails directly if you don't have an SMTP server
 
-2. **Centralized configuration**: Configure your upstream SMTP server once in exim-relay, then point all services ([Synapse](configuring-playbook-synapse.md), [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), etc.) there—no need to configure SMTP in each component
+2. **Centralized configuration**: Configure your upstream SMTP server once in exim-relay, then point all services ([Synapse](configuring-playbook-synapse.md), [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), [Continuwuity](configuring-playbook-continuwuity.md), etc.) there, with no need to configure SMTP in each component
 
 3. **Local spooling**: Stores messages locally and retries delivery if your upstream SMTP server is temporarily unavailable
 

group_vars/matrix_servers

@@ -5760,6 +5760,12 @@ matrix_continuwuity_hostname: "{{ matrix_server_fqn_matrix }}"
 
 matrix_continuwuity_config_allow_federation: "{{ matrix_homeserver_federation_enabled }}"
 
+matrix_continuwuity_config_well_known_client: "{{ matrix_homeserver_url if matrix_playbook_ssl_enabled else '' }}"
+
+matrix_continuwuity_config_smtp_enabled: "{{ exim_relay_enabled }}"
+matrix_continuwuity_config_smtp_connection_uri: "{{ ('smtp://' ~ exim_relay_identifier ~ ':8025') if exim_relay_enabled else '' }}"
+matrix_continuwuity_config_smtp_sender: "{{ exim_relay_sender_address if exim_relay_enabled else '' }}"
+
 matrix_continuwuity_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_continuwuity_container_image_registry_prefix_upstream_default }}"
 
 matrix_continuwuity_container_network: "{{ matrix_homeserver_container_network }}"
@@ -5768,6 +5774,8 @@ matrix_continuwuity_container_additional_networks_auto: |
   {{
     (
       ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_continuwuity_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network else [])
+      +
+      ([exim_relay_container_network] if (exim_relay_enabled and matrix_continuwuity_config_smtp_enabled and matrix_continuwuity_config_smtp_connection_uri == ('smtp://' ~ exim_relay_identifier ~ ':8025') and matrix_continuwuity_container_network != exim_relay_container_network) else [])
     ) | unique
   }}
 
@@ -5795,6 +5803,11 @@ matrix_continuwuity_config_turn_password: "{{ coturn_lt_cred_mech_password if (c
 
 matrix_continuwuity_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabled }}"
 
+matrix_continuwuity_systemd_wanted_services_list_auto: |
+  {{
+    ([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_continuwuity_config_smtp_enabled and matrix_continuwuity_config_smtp_connection_uri == ('smtp://' ~ exim_relay_identifier ~ ':8025')) else [])
+  }}
+
 ######################################################################
 #
 # /matrix-continuwuity

i18n/requirements.txt

@@ -4,7 +4,7 @@ certifi==2026.2.25
 charset-normalizer==3.4.7
 click==8.3.2
 docutils==0.22.4
-idna==3.11
+idna==3.13
 imagesize==2.0.0
 Jinja2==3.1.6
 linkify-it-py==2.1.0

requirements.yml

@@ -42,10 +42,10 @@
   version: v10888-0
   name: jitsi
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
-  version: v1.10.1-0
+  version: v1.11.0-0
   name: livekit_server
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
-  version: v2.21.0-1
+  version: v2.22.0-0
   name: ntfy
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
   version: ea8c5cc750c4e23d004c9a836dfd9eda82d45ff4

roles/custom/matrix-alertmanager-receiver/defaults/main.yml

@@ -11,7 +11,7 @@
 matrix_alertmanager_receiver_enabled: true
 
 # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
-matrix_alertmanager_receiver_version: 2026.4.15
+matrix_alertmanager_receiver_version: 2026.4.22
 
 matrix_alertmanager_receiver_scheme: https
 

roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml

@@ -28,7 +28,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
-matrix_mautrix_whatsapp_version: v0.2603.0
+matrix_mautrix_whatsapp_version: v0.2604.0
 
 # See: https://mau.dev/mautrix/whatsapp/container_registry
 matrix_mautrix_whatsapp_container_image: "{{ matrix_mautrix_whatsapp_container_image_registry_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"

roles/custom/matrix-continuwuity/defaults/main.yml

@@ -37,7 +37,10 @@ matrix_continuwuity_systemd_required_services_list_auto: []
 matrix_continuwuity_systemd_required_services_list_custom: []
 
 # List of systemd services that matrix-continuwuity.service wants
-matrix_continuwuity_systemd_wanted_services_list: []
+matrix_continuwuity_systemd_wanted_services_list: "{{ matrix_continuwuity_systemd_wanted_services_list_default + matrix_continuwuity_systemd_wanted_services_list_auto + matrix_continuwuity_systemd_wanted_services_list_custom }}"
+matrix_continuwuity_systemd_wanted_services_list_default: []
+matrix_continuwuity_systemd_wanted_services_list_auto: []
+matrix_continuwuity_systemd_wanted_services_list_custom: []
 
 # Controls how long to sleep for after starting the matrix-synapse container.
 #
@@ -256,6 +259,31 @@ matrix_continuwuity_config_url_preview_domain_explicit_allowlist: []
 # Controls the `url_preview_check_root_domain` setting.
 matrix_continuwuity_config_url_preview_check_root_domain: false
 
+# Controls the value of `global.well_known.client`.
+matrix_continuwuity_config_well_known_client: ''
+
+# Controls whether SMTP features will be enabled
+# (such as setting the server's SMTP connection URL,
+#  enabling self-service password resets via email,
+#  requiring email for registration, etc.)
+matrix_continuwuity_config_smtp_enabled: false
+
+# Controls the value of `global.smtp.connection_uri` (if any).
+# Must be set to a non-empty value
+# together with `matrix_continuwuity_config_smtp_sender` to have effect.
+matrix_continuwuity_config_smtp_connection_uri: ''
+
+# Controls the value of `global.smtp.sender` (if any).
+# Must be set to a non-empty value
+# together with `matrix_continuwuity_config_smtp_connection_uri` to have effect.
+matrix_continuwuity_config_smtp_sender: ''
+
+# Controls the `global.smtp.require_email_for_registration` setting.
+matrix_continuwuity_config_smtp_require_email_for_registration: false
+
+# Controls the `global.smtp.require_email_for_token_registration ` setting.
+matrix_continuwuity_config_smtp_require_email_for_token_registration: false
+
 # Additional environment variables to pass to the container.
 #
 # Environment variables take priority over settings in the configuration file.

roles/custom/matrix-continuwuity/templates/continuwuity.toml.j2

@@ -1813,7 +1813,7 @@ url_preview_check_root_domain = {{ matrix_continuwuity_config_url_preview_check_
 #
 # example: "https://matrix.example.com"
 #
-#client =
+client = {{ matrix_continuwuity_config_well_known_client | to_json }}
 
 # The server base domain of the URL with a specific port that the server
 # well-known file will serve. This should contain a port at the end, and
@@ -2015,3 +2015,51 @@ foci = [
 # web->synapseHTTPAntispam->authorization
 #
 #secret =
+
+{% if matrix_continuwuity_config_smtp_enabled %}
+[global.smtp]
+
+# A `smtp://`` URI which will be used to connect to a mail server.
+# Uncommenting the [global.smtp] group and setting this option enables
+# features which depend on the ability to send email,
+# such as self-service password resets.
+#
+# For most modern mail servers, format the URI like this:
+# 	`smtps://username:password@hostname:port`
+# Note that you will need to URL-encode the username and password. If your
+# username _is_ your email address, you will need to replace the `@` with
+# `%40`.
+#
+# For a guide on the accepted URI syntax, consult Lettre's documentation:
+# https://docs.rs/lettre/latest/lettre/transport/smtp/struct.AsyncSmtpTransport.html#method.from_url
+#
+{% if matrix_continuwuity_config_smtp_connection_uri != '' and matrix_continuwuity_config_smtp_sender != '' %}
+connection_uri = {{ matrix_continuwuity_config_smtp_connection_uri | to_json }}
+{% else %}
+#connection_uri =
+{% endif %}
+
+# The outgoing address which will be used for sending emails.
+#
+# For a syntax guide, see https://datatracker.ietf.org/doc/html/rfc2822#section-3.4
+#
+# ...or if you don't want to read the RFC, for some reason:
+# - `Name <address@domain.org>` to specify a sender name
+# - `address@domain.org` to not use a name
+#
+{% if matrix_continuwuity_config_smtp_connection_uri != '' and matrix_continuwuity_config_smtp_sender != '' %}
+sender = {{ matrix_continuwuity_config_smtp_sender | to_json }}
+{% else %}
+#sender =
+{% endif %}
+
+# Whether to require that users provide an email address when they
+# register.
+#
+require_email_for_registration = {{ matrix_continuwuity_config_smtp_require_email_for_registration | to_json }}
+
+# Whether to require that users who register with a registration token
+# provide an email address.
+#
+require_email_for_token_registration = {{ matrix_continuwuity_config_smtp_require_email_for_token_registration | to_json }}
+{% endif %}

roles/custom/matrix-continuwuity/templates/systemd/matrix-continuwuity.service.j2

@@ -5,6 +5,9 @@ Description=continuwuity Matrix homeserver
 Requires={{ service }}
 After={{ service }}
 {% endfor %}
+{% for service in matrix_continuwuity_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
 
 [Service]
 Type=simple

roles/custom/matrix-livekit-jwt-service/defaults/main.yml

@@ -25,7 +25,7 @@ matrix_livekit_jwt_service_container_additional_networks_auto: []
 matrix_livekit_jwt_service_container_additional_networks_custom: []
 
 # renovate: datasource=docker depName=ghcr.io/element-hq/lk-jwt-service
-matrix_livekit_jwt_service_version: 0.4.3
+matrix_livekit_jwt_service_version: 0.4.4
 
 matrix_livekit_jwt_service_container_image_self_build: false
 matrix_livekit_jwt_service_container_repo: "https://github.com/element-hq/lk-jwt-service.git"