From 0838cb819e1fb5a32d9e12446d3ee691f2da7620 Mon Sep 17 00:00:00 2001
From: decentral1se <cellarspoon@riseup.net>
Date: Fri, 15 Jul 2022 16:04:52 +0200
Subject: [PATCH] chore: publish 2.1.0+v1.62.0 release

---
 .env.sample           | 11 +++++++++++
 abra.sh               |  2 +-
 compose.keycloak2.yml |  2 ++
 compose.yml           |  4 ++--
 homeserver.yaml.tmpl  |  9 ++++++++-
 release/2.1.0+v1.62.0 |  5 +++++
 6 files changed, 29 insertions(+), 4 deletions(-)
 create mode 100644 release/2.1.0+v1.62.0

diff --git a/.env.sample b/.env.sample
index 66b5b6a..9b3c013 100644
--- a/.env.sample
+++ b/.env.sample
@@ -50,10 +50,21 @@ ENCRYPTED_BY_DEFAULT=all
 #KEYCLOAK_ALLOW_EXISTING_USERS=false
 #SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1
 
+#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak2.yml"
+#KEYCLOAK2_ENABLED=1
+#KEYCLOAK2_ID=keycloak2
+#KEYCLOAK2_NAME=
+#KEYCLOAK2_URL=
+#KEYCLOAK2_CLIENT_ID=
+#KEYCLOAK2_CLIENT_DOMAIN=
+#KEYCLOAK2_ALLOW_EXISTING_USERS=false
+#SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION=v1
+
 #COMPOSE_FILE="$COMPOSE_FILE:compose.turn.yml"
 #TURN_ENABLED=1
 #TURN_URIS="[\"turns:coturn.foo.zone?transport=udp\", \"turns:coturn.foo.zone?transport=tcp\"]"
 #TURN_ALLOW_GUESTS=true
+#KEYCLOAK2_ALLOW_EXISTING_USERS=false
 #SECRET_TURN_SHARED_SECRET_VERSION=v1
 
 #COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
diff --git a/abra.sh b/abra.sh
index 0a6f4a7..9561a32 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,5 +1,5 @@
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v10
+export HOMESERVER_YAML_VERSION=v11
 export LOG_CONFIG_VERSION=v2
 export TELEGRAM_BRIDGE_YAML_VERSION=v2
 export DISCORD_BRIDGE_YAML_VERSION=v1
diff --git a/compose.keycloak2.yml b/compose.keycloak2.yml
index a956e61..971b6cc 100644
--- a/compose.keycloak2.yml
+++ b/compose.keycloak2.yml
@@ -6,8 +6,10 @@ services:
     secrets:
       - keycloak2_client_secret
     environment:
+      - KEYCLOAK2_ALLOW_EXISTING_USERS
       - KEYCLOAK2_CLIENT_ID
       - KEYCLOAK2_ENABLED
+      - KEYCLOAK2_ID
       - KEYCLOAK2_NAME
       - KEYCLOAK2_URL
 
diff --git a/compose.yml b/compose.yml
index 5e9ddb3..54b8f4e 100644
--- a/compose.yml
+++ b/compose.yml
@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "matrixdotorg/synapse:v1.58.1"
+    image: "matrixdotorg/synapse:v1.62.0"
     volumes:
       - "data:/data"
     depends_on:
@@ -58,7 +58,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=2.0.0+v1.58.1"
+        - "coop-cloud.${STACK_NAME}.version=2.1.0+v1.62.0"
 
   db:
     image: postgres:13-alpine
diff --git a/homeserver.yaml.tmpl b/homeserver.yaml.tmpl
index 8fc0408..4eff2f4 100644
--- a/homeserver.yaml.tmpl
+++ b/homeserver.yaml.tmpl
@@ -463,6 +463,12 @@ limit_remote_rooms:
 #
 #allow_per_room_profiles: false
 
+# The largest allowed file size for a user avatar. Defaults to no restriction.
+# Note that user avatar changes will not work if this is set without
+# using Synapse's media repository.
+#
+max_avatar_size: 10M
+
 # How long to keep redacted events in unredacted form in the database. After
 # this period redacted events get replaced with their redacted form in the DB.
 #
@@ -1899,12 +1905,13 @@ oidc_providers:
   {{ end }}
 
   {{ if eq (env "KEYCLOAK2_ENABLED") "1" }}
-  - idp_id: keycloak2
+  - idp_id: {{ env "KEYCLOAK2_ID" }}
     idp_name: {{ env "KEYCLOAK2_NAME" }}
     issuer: "{{ env "KEYCLOAK2_URL" }}"
     client_id: "{{ env "KEYCLOAK2_CLIENT_ID" }}"
     client_secret: "{{ secret "keycloak2_client_secret" }}"
     scopes: ["openid", "profile"]
+    allow_existing_users: {{ env "KEYCLOAK2_ALLOW_EXISTING_USERS" }}
     user_mapping_provider:
       config:
         localpart_template: "{{ "{{ user.preferred_username }}" }}"
diff --git a/release/2.1.0+v1.62.0 b/release/2.1.0+v1.62.0
new file mode 100644
index 0000000..911f498
--- /dev/null
+++ b/release/2.1.0+v1.62.0
@@ -0,0 +1,5 @@
+The only release note worthy point for this release is: if you're using the
+horrendous `compose.keycloak2.yml` (as creator of this horrible hack, I am
+allowed to call it horrendous ;)), you will need to re-check the new
+~/.abra/recipes/matrix-synapse/.env.sample, there are some new default env vars
+which you'll have to add in (e.g. KEYCLOAK2_ID=...).