From 44aa0dce7b9f4a0dc57a6a87b6a174a5fc13a691 Mon Sep 17 00:00:00 2001 From: Aeris One Date: Wed, 29 Mar 2023 20:11:22 +0200 Subject: [PATCH] Add ability to disable password auth (#2612) * Add ability to disable password auth * Allow disabling password authentication --- roles/custom/matrix-synapse/defaults/main.yml | 5 +++++ .../matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 6c6b73445..5e45859c2 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -371,6 +371,11 @@ matrix_synapse_auto_join_rooms: [] # automatically if they don't already exist. matrix_synapse_autocreate_auto_join_rooms: true +# Controls whether password authentication is allowed +# It may be useful when you've configured OAuth, SAML or CAS and want authentication +# to happen only through them +matrix_synapse_password_config_enabled: true + # Controls password-peppering for Synapse. Not to be changed after initial setup. matrix_synapse_password_config_pepper: "" diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 9b039ff52..db693582a 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2241,7 +2241,7 @@ sso: password_config: # Uncomment to disable password login # - #enabled: false + enabled: {{ matrix_synapse_password_config_enabled|to_json }} # Uncomment to disable authentication against the local password # database. This is ignored if `enabled` is false, and is only useful