Add the ability to controll password-peppering for Synapse
Closes Github issue #5
This commit is contained in:
parent
6d6a6412fa
commit
b52d91e180
@ -1,6 +1,11 @@
|
||||
# 2018-09-07
|
||||
|
||||
## Statistics-reporting support
|
||||
## Password-peppering support for Matrix Synapse
|
||||
|
||||
The playbook now supports enabling password-peppering for increased security in Matrix Synapse via the `matrix_synapse_password_config_pepper` playbook variable. Using a password pepper is disabled by default (just like it used to be before this playbook variable got introduced) and is not to be enabled/disabled after initial setup, as that would invalidate all existing passwords.
|
||||
|
||||
|
||||
## Statistics-reporting support for Matrix Synapse
|
||||
|
||||
There's now a new `matrix_synapse_report_stats` playbook variable, which controls the `report_stats` configuration option for Matrix Synapse. It defaults to `false`, so no change is required to retain your privacy.
|
||||
|
||||
|
@ -68,6 +68,9 @@ matrix_synapse_rc_message_burst_count: 10.0
|
||||
# (things like number of users, number of messages sent, uptime, load, etc.)
|
||||
matrix_synapse_report_stats: false
|
||||
|
||||
# Controls password-peppering for Matrix Synapse. Not to be changed after initial setup.
|
||||
matrix_synapse_password_config_pepper: ""
|
||||
|
||||
# A list of additional "volumes" to mount in the container.
|
||||
# This list gets populated dynamically based on Synapse extensions that have been enabled.
|
||||
# Contains definition objects like this: `{"src": "/outside", "dst": "/inside", "options": "rw|ro|slave|.."}
|
||||
|
@ -538,7 +538,7 @@ password_config:
|
||||
enabled: true
|
||||
# Uncomment and change to a secret random string for extra security.
|
||||
# DO NOT CHANGE THIS AFTER INITIAL SETUP!
|
||||
#pepper: ""
|
||||
pepper: "{{ matrix_synapse_password_config_pepper }}"
|
||||
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user