diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md
index 6d3c4dfbd..131d3abad 100644
--- a/docs/configuring-playbook-bridge-mautrix-signal.md
+++ b/docs/configuring-playbook-bridge-mautrix-signal.md
@@ -12,6 +12,51 @@ Use the following playbook configuration:
 matrix_mautrix_signal_enabled: true
 ```
 
+There are some additional things you may wish to configure about the bridge before you continue.
+
+The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_relaybot_enabled: true
+```
+If you want to activate the relay bot in a room, use `!signal set-relay`.
+Use `!signal unset-relay` to deactivate.
+By default, any user on your homeserver will be able to use the bridge.
+If you enable the relay bot functionality, it will relay every user's messages in a portal room - no matter which homeserver they're from.
+
+Different levels of permission can be granted to users:
+
+* relay - Allowed to be relayed through the bridge, no access to commands;
+* user - Use the bridge with puppeting;
+* admin - Use and administer the bridge.
+
+The permissions are following the sequence: nothing < relay < user < admin.
+
+The default permissions are set as follows:
+```yaml
+permissions:
+  '*': relay
+  YOUR_DOMAIN: user
+```
+
+If you want to augment the preset permissions, you might want to set the additional permissions with the following settings in your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_configuration_extension_yaml: |
+  bridge:
+    permissions:
+      '@YOUR_USERNAME:YOUR_DOMAIN': admin
+```
+
+This will add the admin permission to the specific user, while keepting the default permissions.
+
+In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_bridge_permissions: |
+  '@ADMIN:YOUR_DOMAIN': admin
+  '@USER:YOUR_DOMAIN' : user
+```
+
+You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure.
+
 ## Set up Double Puppeting
 
 If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-signal/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it.
diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
index 8ff2fbb6d..93993fa11 100644
--- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -70,14 +70,30 @@ matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
 matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'
 
 matrix_mautrix_signal_appservice_database: "{{
- 	{
- 		'postgres': matrix_mautrix_signal_database_connection_string,
- 	}[matrix_mautrix_signal_database_engine]
+  {
+    'postgres': matrix_mautrix_signal_database_connection_string,
+  }[matrix_mautrix_signal_database_engine]
  }}"
 
 # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
 matrix_mautrix_signal_login_shared_secret: ''
 
+# Enable bridge relay bot functionality
+matrix_mautrix_signal_relaybot_enabled: false
+
+# Permissions for using the bridge.
+# Permitted values:
+#      relay - Allowed to be relayed through the bridge, no access to commands.
+#       user - Use the bridge with puppeting.
+#      admin - Use and administrate the bridge.
+# Permitted keys:
+#        * - All Matrix users
+#   domain - All users on that homeserver
+#     mxid - Specific user
+matrix_mautrix_signal_bridge_permissions: |
+  '*': relay
+  '{{ matrix_mautrix_signal_homeserver_domain }}': user
+
 # Default configuration template which covers the generic use case.
 # You can customize it by controlling the various variables inside it.
 #
diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
index d4f64c790..1c7a637fc 100644
--- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
+++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
@@ -188,14 +188,13 @@ bridge:
     #        * - All Matrix users
     #   domain - All users on that homeserver
     #     mxid - Specific user
-    permissions:
-      '{{ matrix_mautrix_signal_homeserver_domain }}': relay
-      '{{ matrix_mautrix_signal_homeserver_domain }}': user
+    permissions: 
+        {{ matrix_mautrix_signal_bridge_permissions|from_yaml }}
 
     relay:
         # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
         # authenticated user into a relaybot for that chat.
-        enabled: true
+        enabled: {{ matrix_mautrix_signal_relaybot_enabled }}
         # The formats to use when sending messages to Signal via a relay user.
         #
         # Available variables: