chore: publish 2.0.0+v1.58.1 release

Migrating from an idp old homeserver.yaml config could require to set
the idp_id to 'oidc' see this issue for reference:
https://github.com/matrix-org/synapse/issues/9514#issuecomment-788805476

.env.sample

@@ -16,7 +16,7 @@ COMPOSE_FILE="compose.yml"
 #DISABLE_FEDERATION=1
 
 # Set "true" to enable federation endpoint on $DOMAIN/.well-known/matrix/server
-SERVE_SERVER_WELLKNOWN=false 
+SERVE_SERVER_WELLKNOWN=false
 
 ENABLE_REGISTRATION=false
 PASSWORD_LOGIN_ENABLED=true
@@ -29,7 +29,7 @@ ROOT_LOG_LEVEL=WARN
 
 REDACTION_RETENTION_PERIOD=7d
 
-RETENTION_MAX_LIFETIME=1m
+RETENTION_MAX_LIFETIME=4w
 
 ENABLE_3PID_LOOKUP=true
 
@@ -40,21 +40,23 @@ ENCRYPTED_BY_DEFAULT=all
 #ENABLE_ALLOWLIST=1
 #FEDERATION_ALLOWLIST="[]"
 
-#COMPOSE_FILE="compose.yml:compose.keycloak.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
 #KEYCLOAK_ENABLED=1
+#KEYCLOAK_ID=keycloak
 #KEYCLOAK_NAME=
 #KEYCLOAK_URL=
 #KEYCLOAK_CLIENT_ID=
 #KEYCLOAK_CLIENT_DOMAIN=
+#KEYCLOAK_ALLOW_EXISTING_USERS=false
 #SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1
 
-#COMPOSE_FILE="compose.yml:compose.turn.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.turn.yml"
 #TURN_ENABLED=1
 #TURN_URIS="[\"turns:coturn.foo.zone?transport=udp\", \"turns:coturn.foo.zone?transport=tcp\"]"
 #TURN_ALLOW_GUESTS=true
 #SECRET_TURN_SHARED_SECRET_VERSION=v1
 
-#COMPOSE_FILE="compose.yml:compose.smtp.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
 #SMTP_ENABLED=1
 #SMTP_APP_NAME=
 #SMTP_FROM=

abra.sh

@@ -1,3 +1,3 @@
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v8
+export HOMESERVER_YAML_VERSION=v9
 export LOG_CONFIG_VERSION=v2

compose.keycloak.yml

@@ -14,7 +14,9 @@ services:
       - KEYCLOAK_CLIENT_ID
       - KEYCLOAK_ENABLED
       - KEYCLOAK_NAME
+      - KEYCLOAK_ID
       - KEYCLOAK_URL
+      - KEYCLOAK_ALLOW_EXISTING_USERS
 
 secrets:
   keycloak_client_secret:

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "matrixdotorg/synapse:v1.55.2"
+    image: "matrixdotorg/synapse:v1.58.1"
     volumes:
       - "data:/data"
     secrets:
@@ -34,6 +34,7 @@ services:
       - USER_IPS_MAX_AGE
       - VIRTUAL_HOST=${DOMAIN}
       - VIRTUAL_PORT=8008
+      - RETENTION_MAX_LIFETIME
     networks:
       - proxy
       - internal
@@ -55,7 +56,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=1.3.0+v1.55.2"
+        - "coop-cloud.${STACK_NAME}.version=2.0.0+v1.58.1"
 
   db:
     image: postgres:13-alpine

homeserver.yaml.tmpl

@@ -1885,12 +1885,13 @@ saml2_config:
 oidc_providers:
 
   {{ if eq (env "KEYCLOAK_ENABLED") "1" }}
-  - idp_id: keycloak
+  - idp_id: {{ env "KEYCLOAK_ID" }} 
     idp_name: {{ env "KEYCLOAK_NAME" }}
     issuer: "{{ env "KEYCLOAK_URL" }}"
     client_id: "{{ env "KEYCLOAK_CLIENT_ID" }}"
     client_secret: "{{ secret "keycloak_client_secret" }}"
     scopes: ["openid", "profile"]
+    allow_existing_users: {{ env "KEYCLOAK_ALLOW_EXISTING_USERS" }}
     user_mapping_provider:
       config:
         localpart_template: "{{ "{{ user.preferred_username }}" }}"

release/2.0.0+v1.58.1

@@ -0,0 +1,9 @@
+This upgrade adds new env variables for homeserver.yml, please add them to your .env file:
+
+```
+ENCRYPTED_BY_DEFAULT=all
+SERVE_SERVER_WELLKNOWN=false
+
+#KEYCLOAK_ID=keycloak
+#KEYCLOAK_ALLOW_EXISTING_USERS=false
+```