update borgmatic (1.9.9 -> 1.9.10); update cinny (v4.2.3 -> v4.3.0); …

…update element (v1.11.91 -> v1.11.92); update synapse (v1.123.0 -> v1.124.0);
etkecc · Feb 11, 2025 · c9508de · c9508de
1 parent ba91b5c
commit c9508de
Show file tree

Hide file tree

Showing 7 changed files with 125 additions and 48 deletions.
diff --git a/VERSIONS.diff.md b/VERSIONS.diff.md
@@ -1,4 +1,10 @@
 **Stable Updates Published**
 
 * [Alertmanager Receiver](https://github.com/metio/matrix-alertmanager-receiver): [2024.12.18](https://github.com/metio/matrix-alertmanager-receiver/releases/tag/2024.12.18) -> [2025.2.9](https://github.com/metio/matrix-alertmanager-receiver/releases/tag/2025.2.9)
+* Borgmatic: 1.9.9 -> 1.9.10
+* [Cactus Comments Client](https://gitlab.com/cactus-comments/cactus-client): [2.35.0](https://gitlab.com/cactus-comments/cactus-client/-/tags/2.35.0) -> [2.36.0](https://gitlab.com/cactus-comments/cactus-client/-/tags/2.36.0)
+* [Cinny](https://github.com/ajbura/cinny): [v4.2.3](https://github.com/ajbura/cinny/releases/tag/v4.2.3) -> [v4.3.0](https://github.com/ajbura/cinny/releases/tag/v4.3.0)
+* [Element](https://github.com/element-hq/element-web): [v1.11.91](https://github.com/element-hq/element-web/releases/tag/v1.11.91) -> [v1.11.92](https://github.com/element-hq/element-web/releases/tag/v1.11.92)
+* Static Files: 2.35.0 -> 2.36.0
+* [Synapse](https://github.com/element-hq/synapse): [v1.123.0](https://github.com/element-hq/synapse/releases/tag/v1.123.0) -> [v1.124.0](https://github.com/element-hq/synapse/releases/tag/v1.124.0)
 * [Vaultwarden](https://github.com/dani-garcia/vaultwarden): [1.33.1](https://github.com/dani-garcia/vaultwarden/releases/tag/1.33.1) -> [1.33.2](https://github.com/dani-garcia/vaultwarden/releases/tag/1.33.2)
diff --git a/VERSIONS.md b/VERSIONS.md
@@ -9,12 +9,12 @@
 * Authentication Service Syn2Mas: 0.13.0
 * Baibot: v1.4.1
 * Borg: 1.4.0
-* Borgmatic: 1.9.9
+* Borgmatic: 1.9.10
 * Buscarron: v1.4.3
 * Cactus Comments: 0.9.0
-* Cactus Comments Client: 2.35.0
+* Cactus Comments Client: 2.36.0
 * Chatgpt: 3.1.4
-* Cinny: v4.2.3
+* Cinny: v4.3.0
 * Container Socket Proxy: 0.2.0
 * Corporal: 3.1.3
 * Coturn: 4.6.2-r11
@@ -23,7 +23,7 @@
 * Docker Compose: v2.32.1
 * Draupnir: v2.1.0
 * Dynamic Dns: 4.0.0
-* Element: v1.11.91
+* Element: v1.11.92
 * Email2Matrix: 1.1.0
 * Etherpad: 2.2.6
 * Exim Relay: 4.98-r0-4
@@ -80,9 +80,9 @@
 * Sms Bridge: 0.5.9
 * Spam Checker Mjolnir Antispam Git: v1.6.4
 * Spam Checker Synapse Simple Antispam Git: 5ab711971e3a4541a7a40310ff85e17f8262cc05
-* Static Files: 2.35.0
+* Static Files: 2.36.0
 * Sygnal: v0.15.1
-* Synapse: v1.123.0
+* Synapse: v1.124.0
 * Synapse Admin: v0.10.3-etke37
 * Synapse Auto Accept Invite: 1.1.3
 * Synapse Auto Compressor: v0.1.4

diff --git a/roles/galaxy/backup_borg/README.md b/roles/galaxy/backup_borg/README.md
@@ -1,9 +1,8 @@
-# Borg Backup Ansible Role
+# BorgBackup Ansible Role
 
-This is an [Ansible](https://www.ansible.com/) role which install and configure [borgbackup](https://www.borgbackup.org/) with [borgmatic](https://torsion.org/borgmatic/) a [Docker](https://www.docker.com/) container wrapped in a systemd service.
-BorgBackup is a deduplicating backup program with optional compression and encryption.
-That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
+This is an [Ansible](https://www.ansible.com/) role which installs and configures [BorgBackup](https://www.borgbackup.org/) (short: Borg) with [borgmatic](https://torsion.org/borgmatic/) in a [Docker](https://www.docker.com/) container wrapped in a systemd service.
 
+BorgBackup is a deduplicating backup program with optional compression and encryption. That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
 
 This role *implicitly* depends on:
 
@@ -14,6 +13,8 @@ This role *implicitly* depends on:
 
 ## Usage
 
+💡 See the [document](docs/configure-backup-borg.md) for details about setting up BorgBackup.
+
 Example playbook:
 
 ```yaml
@@ -89,5 +90,3 @@ backup_borg_ssh_key_private: |
   asdjfioghuifskermvbsjfhawuifui
   -----END OPENSSH PRIVATE KEY-----
 ```
-
-
diff --git a/roles/galaxy/backup_borg/defaults/main.yml b/roles/galaxy/backup_borg/defaults/main.yml
@@ -26,7 +26,7 @@ backup_borg_docker_src_files_path: "{{ backup_borg_base_path }}/docker-src"
 backup_borg_version: "{{ (backup_borg_postgres_version ~ '-' ~ backup_borg_borg_version ~ '-' ~ backup_borg_borgmatic_version) if backup_borg_postgres_version else 'latest' }}"
 backup_borg_postgres_version: ""
 backup_borg_borg_version: 1.4.0
-backup_borg_borgmatic_version: 1.9.9
+backup_borg_borgmatic_version: 1.9.10
 backup_borg_docker_image: "{{ backup_borg_docker_image_name_prefix }}etkecc/borgmatic:{{ backup_borg_version }}"
 backup_borg_docker_image_name_prefix: "{{ 'localhost/' if backup_borg_container_image_self_build else 'ghcr.io/' }}"
 backup_borg_docker_image_force_pull: "{{ backup_borg_docker_image.endswith(':latest') }}"

diff --git a/roles/galaxy/backup_borg/docs/configure-backup-borg.md b/roles/galaxy/backup_borg/docs/configure-backup-borg.md
@@ -1,49 +1,78 @@
-# Setting up borg backup
+<!--
+SPDX-FileCopyrightText: 2022 - 2025 Nikita Chernyi
+SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
+SPDX-FileCopyrightText: 2022 MDAD project contributors
+SPDX-FileCopyrightText: 2022 - 2023 Julian-Samuel Gebühr
+SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
 
-This role can install and configure [borgbackup](https://www.borgbackup.org/) with [borgmatic](https://torsion.org/borgmatic/) for you.
-BorgBackup is a deduplicating backup program with optional compression and encryption.
-That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
+# Setting up BorgBackup
+
+The playbook can install and configure [BorgBackup](https://www.borgbackup.org/) (short: Borg) with [borgmatic](https://torsion.org/borgmatic/) for you.
+
+BorgBackup is a deduplicating backup program with optional compression and encryption. That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service.
+
+## Prerequisites
+
+### Set up a remote server for storing backups
 
 You will need a remote server where borg will store the backups. There are hosted, borg compatible solutions available, such as [BorgBase](https://www.borgbase.com).
 
-The backup will run based on `backup_borg_schedule` var (systemd timer calendar), default: 4am every day.
+### Check the Postgres version
 
-For some playbooks the with an integrated Postgres database server Borg backups will also include dumps of your Postgres database. 
-An alternative solution for backing up the Postgres database is [postgres backup](https://github.com/devture/com.devture.ansible.role.postgres_backup).
-If you decide to go with another solution, you can disable Postgres-backup support for Borg using the `backup_borg_postgresql_enabled` variable.
+For some playbooks, if you're using the integrated Postgres database server, backups with BorgBackup will also include dumps of your Postgres database by default.
 
+Unless you disable the Postgres-backup support, make sure that the Postgres version of your homeserver's database is compatible with borgmatic. You can check the compatible versions [here](../defaults/main.yml).
 
-## Prerequisites
+An alternative solution for backing up the Postgres database is [postgres backup](https://github.com/devture/com.devture.ansible.role.postgres_backup). If you decide to go with another solution, you can disable Postgres-backup support for BorgBackup using the `backup_borg_postgresql_enabled` variable.
+
+### Create a new SSH key
 
-1. Create a new SSH key:
+Run the command below on any machine to create a new SSH key:
 
 ```bash
 ssh-keygen -t ed25519 -N '' -f borg-backup -C borg-backup
 ```
 
-This can be done on any machine, and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later.
+You don't need to place the key in the `.ssh` folder.
 
-2. Add the **public** part of this SSH key (the `borg-backup.pub` file) to your borg provider/server:
+### Add the public key
 
-If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over:
+Next, add the **public** part of this SSH key (the `borg-backup.pub` file) to your BorgBackup provider/server.
 
-```bash
-# example to append the new PUBKEY contents, where:
-# PUBKEY is path to the public key,
-# USER is a ssh user on a provider / server
-# HOST is a ssh host of a provider / server
+If you are using a hosted solution, follow their instructions. If you have your own server, copy the key to it with the command like below:
+
+```sh
+# Example to append the new PUBKEY contents, where:
+# - PUBKEY is path to the public key
+# - USER is a ssh user on a provider / server
+# - HOST is a ssh host of a provider / server
 cat PUBKEY | ssh USER@HOST 'dd of=.ssh/authorized_keys oflag=append conv=notrunc'
 ```
 
+The **private** key needs to be added to `backup_borg_ssh_key_private` on your `vars.yml` file as below.
+
 ## Adjusting the playbook configuration
 
-Minimal working configuration to enable borg backup (this has to be added to your `vars.yml`:
+To enable BorgBackup, add the following configuration to your `vars.yml` file (adapt to your needs):
 
 ```yaml
 backup_borg_enabled: true
+
+# Set the repository location, where:
+# - USER is a ssh user on a provider / server
+# - HOST is a ssh host of a provider / server
+# - REPO is a BorgBackup repository name
 backup_borg_location_repositories:
  - ssh://USER@HOST/./REPO
+
+# Generate a strong password used for encrypting backups. You can create one with a command like `pwgen -s 64 1`.
 backup_borg_storage_encryption_passphrase: "PASSPHRASE"
+
+# Add the content of the **private** part of the SSH key you have created.
+# Note: the whole key (all of its belonging lines) under the variable needs to be indented with 2 spaces.
 backup_borg_ssh_key_private: |
   -----BEGIN OPENSSH PRIVATE KEY-----
   TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2NpbmcgZW
@@ -54,27 +83,70 @@ backup_borg_ssh_key_private: |
   -----END OPENSSH PRIVATE KEY-----
 ```
 
-where:
+**Note**: `REPO` will be initialized on backup start, for example: `matrix`. See [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls) for the syntax.
+
+### Set backup archive name (optional)
+
+You can specify the backup archive name format. To set it, add the following configuration to your `vars.yml` file (adapt to your needs):
+
+```yaml
+backup_borg_storage_archive_name_format: backup-borg-{now:%Y-%m-%d-%H%M%S}
+```
+
+### Configure retention policy (optional)
 
-* USER - SSH user of a provider/server
-* HOST - SSH host of a provider/server
-* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`, regarding Syntax see [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls)
-* PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager
-* PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `backup_borg_ssh_key_private` needs to be indented with 2 spaces
+It is also possible to configure a retention strategy. To configure it, add the following configuration to your `vars.yml` file (adapt to your needs):
 
-To backup without encryption, add `backup_borg_encryption: 'none'` to your vars. This will also enable the `backup_borg_unknown_unencrypted_repo_access_is_ok` variable.
+```yaml
+backup_borg_retention_keep_hourly: 0
+backup_borg_retention_keep_daily: 7
+backup_borg_retention_keep_weekly: 4
+backup_borg_retention_keep_monthly: 12
+backup_borg_retention_keep_yearly: 2
+```
+
+### Edit the schedule (optional)
+
+By default the task will run 4 a.m. every day based on the `backup_borg_schedule` variable. It is defined in the format of systemd timer calendar.
+
+To edit the schedule, add the following configuration to your `vars.yml` file (adapt to your needs):
+
+```yaml
+backup_borg_schedule: "*-*-* 04:00:00"
+```
+
+**Note**: the actual job may run with a delay. See `backup_borg_schedule_randomized_delay_sec` [here](https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg/blob/f5d5b473d48c6504be10b3d946255ef5c186c2a6/defaults/main.yml#L50) for its default value.
+
+### Set include and/or exclude directories (optional)
 
 `backup_borg_location_source_directories` defines the list of directories to back up.
-You might want to exclude certain directories or file patterns from the backup using the `backup_borg_location_exclude_patterns` variable.
 
-Check the `defaults/main.yml` file for the full list of available options.
+You might also want to exclude certain directories or file patterns from the backup using the `backup_borg_location_exclude_patterns` variable.
+
+### Extending the configuration
+
+There are some additional things you may wish to configure about the component.
+
+Take a look at:
+
+- [`defaults/main.yml`](../defaults/main.yml) for some variables that you can customize via your `vars.yml` file. You can override settings (even those that don't have dedicated playbook variables) using the `backup_borg_configuration_extension_yaml` variable
 
 ## Installing
 
 After configuring the playbook, run the installation command of your playbook again.
 
+## Usage
+
+After installation, `backup-borg` will run automatically every day at `04:00:00` (as defined in `backup_borg_schedule` by default).
+
 ## Manually start a backup
 
-For testing your setup it can be helpful to not wait until 4am. If you want to run the backup immediately, log onto the server
-and run `systemctl start backup-borg` (or how you/your playbook named the service, e.g. `matrix-backup-borg`). This will not return until the backup is done, so possibly a long time.
-Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable.
+Sometimes it can be helpful to run the backup as you'd like, avoiding to wait until 4 a.m., like when you test your configuration.
+
+If you want to run it immediately, log in to the server with SSH and run `systemctl start backup-borg` (or how you/your playbook named the service, e.g. `matrix-backup-borg`).
+
+This will not return until the backup is done, so it can possibly take a long time. Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable.
+
+## Troubleshooting
+
+As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu backup-borg`.
diff --git a/roles/galaxy/backup_borg/meta/.galaxy_install_info b/roles/galaxy/backup_borg/meta/.galaxy_install_info
@@ -1,3 +1,3 @@
-install_date: 'Tue 04 Feb 2025 03:36:52 PM '
-install_commit: f659bd250d22f3b95948ea579b8ef7679c852988
-version: v1.4.0-1.9.9-0
+install_date: 'Tue 11 Feb 2025 03:38:30 PM '
+install_commit: a5600c93f8bf78eb263ac6eec70fe315de3094a0
+version: v1.4.0-1.9.10-0
diff --git a/upstream b/upstream
+11 −1		docs/configuring-playbook-backup-borg.md
+31 −9		docs/configuring-playbook-bridge-hookshot.md
+36 −6		docs/configuring-playbook-matrix-media-repo.md
+35 −14		docs/configuring-playbook-prometheus-grafana.md
+1 −1		docs/configuring-playbook-synapse.md
+1 −1		docs/configuring-well-known.md
+2 −6		docs/maintenance-postgres.md
+0 −1		docs/registering-users.md
+1 −1		requirements.yml
+1 −1		roles/custom/matrix-cactus-comments-client/defaults/main.yml
+1 −1		roles/custom/matrix-client-cinny/defaults/main.yml
+1 −1		roles/custom/matrix-client-element/defaults/main.yml
+1 −1		roles/custom/matrix-static-files/defaults/main.yml
+1 −1		roles/custom/matrix-synapse/defaults/main.yml