Add the ability to update user passwords with ansible (when using the matrix-postgres container).
This commit is contained in:
Lyubomir Popov
@ -37,3 +37,8 @@
|
||||
when: run_self_check
|
||||
tags:
|
||||
- self-check
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
|
||||
when: run_update_user_password
|
||||
tags:
|
||||
- update-user-password
|
||||
@ -79,3 +79,9 @@
|
||||
dest: "/usr/local/bin/matrix-synapse-register-user"
|
||||
mode: 0750
|
||||
|
||||
- name: Ensure matrix-synapse-generate-password-hash script created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2"
|
||||
dest: "/usr/local/bin/matrix-synapse-generate-password-hash"
|
||||
mode: 0750
|
||||
|
||||
|
||||
48
roles/matrix-synapse/tasks/update_user_password.yml
Normal file
48
roles/matrix-synapse/tasks/update_user_password.yml
Normal file
@ -0,0 +1,48 @@
|
||||
---
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
msg: "The `username` variable needs to be provided to this playbook, via --extra-vars"
|
||||
when: "username is not defined or username == '<your-username>'"
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
msg: "The `password` variable needs to be provided to this playbook, via --extra-vars"
|
||||
when: "password is not defined or password == '<your-password>'"
|
||||
|
||||
- name: Fail if not using matrix-postgres container
|
||||
fail:
|
||||
msg: "This command is working only when matrix-postgres container is being used"
|
||||
when: "not matrix_postgres_enabled"
|
||||
|
||||
- name: Ensure matrix-synapse is started
|
||||
service:
|
||||
name: matrix-synapse
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: start_result
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: postgres_start_result
|
||||
|
||||
|
||||
- name: Wait a while, so that Matrix Synapse can manage to start
|
||||
pause:
|
||||
seconds: 7
|
||||
when: start_result.changed
|
||||
|
||||
- name: Wait a while, so that Matrix Postgres can manage to start
|
||||
pause:
|
||||
seconds: 7
|
||||
when: postgres_start_result.changed
|
||||
|
||||
- name: Generate password hash
|
||||
shell: "/usr/local/bin/matrix-synapse-generate-password-hash {{ password }}"
|
||||
register: password_hash
|
||||
|
||||
- name: Update user password hash
|
||||
shell: "/usr/local/bin/matrix-postgres-update-user-password-hash {{ username }} '{{ password_hash.stdout }}'"
|
||||
@ -0,0 +1,31 @@
|
||||
#!/usr/bin/env expect
|
||||
|
||||
# Read the password string
|
||||
set pass [lindex $argv 0]
|
||||
|
||||
# Check if password was provided
|
||||
if { $pass == "" } {
|
||||
puts "Usage: $argv0 <password>"
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Disable output
|
||||
log_user 0
|
||||
|
||||
# Execute password hashing script
|
||||
spawn docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml
|
||||
expect "Password: "
|
||||
send "$pass\r"
|
||||
expect "Confirm password: "
|
||||
send "$pass\r"
|
||||
expect "%"
|
||||
|
||||
# Save the hash output to a variable
|
||||
set output $expect_out(buffer)
|
||||
|
||||
# Trim the whitespace
|
||||
regexp {\S+} $output passwordHash
|
||||
|
||||
# Output the password hash
|
||||
puts -nonewline stdout $passwordHash
|
||||
close stdout
|
||||
Reference in New Issue
Block a user