fix template and vars for ldap auth, add setup

2018-11-28 09:04:09 +01:00 · 2018-11-28 09:04:09 +01:00 · bbf8928831
commit bbf8928831
parent 9cf9a1ec54
4 changed files with 25 additions and 14 deletions
--- a/roles/matrix-server/defaults/main.yml
+++ b/roles/matrix-server/defaults/main.yml
@ -155,13 +155,13 @@ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
 # Enable this to activate LDAP password provider
 matrix_synapse_ext_password_provider_ldap: false
 matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.mydomain.tld:389"
-matrix_synapse_ext_password_provider_ldap_tls: true
+matrix_synapse_ext_password_provider_ldap_start_tls: true
 matrix_synapse_ext_password_provider_ldap_base: ""
-matrix_synapse_ext_password_provider_ldap_attr_uid: "uid"
-matrix_synapse_ext_password_provider_ldap_attr_mail: "mail"
-matrix_synapse_ext_password_provider_ldap_attr_name: "name"
-matrix_synapse_ext_password_provider_ldap_binddn: ""
-matrix_synapse_ext_password_provider_ldap_bindpwd: ""
+matrix_synapse_ext_password_provider_ldap_attributes_uid: "uid"
+matrix_synapse_ext_password_provider_ldap_attributes_mail: "mail"
+matrix_synapse_ext_password_provider_ldap_attributes_name: "cn"
+matrix_synapse_ext_password_provider_ldap_bind_dn: ""
+matrix_synapse_ext_password_provider_ldap_bind_password: ""
 matrix_synapse_ext_password_provider_ldap_filter: ""


--- a/roles/matrix-server/tasks/setup/setup_synapse_ext.yml
+++ b/roles/matrix-server/tasks/setup/setup_synapse_ext.yml
@ -4,6 +4,8 @@

 - include: tasks/setup/setup_synapse_ext_shared_secret_auth.yml

+- include: tasks/setup/setup_synapse_ext_ldap.yml
+
 - include: tasks/setup/setup_synapse_ext_mautrix_telegram.yml

 - include: tasks/setup/setup_synapse_ext_mautrix_whatsapp.yml
--- a/roles/matrix-server/tasks/setup/setup_synapse_ext_ldap.yml
+++ b/roles/matrix-server/tasks/setup/setup_synapse_ext_ldap.yml
@ -0,0 +1,11 @@
+- set_fact:
+    matrix_synapse_password_providers_enabled: true
+  when: "matrix_synapse_ext_password_provider_ldap"
+
+- set_fact:
+    matrix_synapse_additional_loggers: >
+      {{ matrix_synapse_additional_loggers }}
+      +
+      {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
+  when: "matrix_synapse_ext_password_provider_ldap"
+
--- a/roles/matrix-server/templates/synapse/homeserver.yaml.j2
+++ b/roles/matrix-server/templates/synapse/homeserver.yaml.j2
@ -654,17 +654,15 @@ password_providers:
    config:
      enabled: true
      uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}"
-      start_tls: {{ matrix_synapse_ext_password_provider_ldap_tls }}
+      start_tls: "{{ matrix_synapse_ext_password_provider_ldap_start_tls }}"
      base: "{{ matrix_synapse_ext_password_provider_ldap_base }}"
      attributes:
-        uid: "{{ matrix_synapse_ext_password_provider_ldap_attr_uid }}"
-        mail: "{{ matrix_synapse_ext_password_provider_ldap_attr_mail }}"
-        name: "{{ matrix_synapse_ext_password_provider_ldap_attr_name }}"
-      bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_binddn }}"
-      bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bindpwd }}"
-      {% if matrix_synapse_ext_password_provider_ldap_filter %}
+        uid: "{{ matrix_synapse_ext_password_provider_ldap_attributes_uid }}"
+        mail: "{{ matrix_synapse_ext_password_provider_ldap_attributes_mail }}"
+        name: "{{ matrix_synapse_ext_password_provider_ldap_attributes_name }}"
+      bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}"
+      bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}"
      filter: "{{ matrix_synapse_ext_password_provider_ldap_filter }}"
-      {% endif %}
 {% endif %}
 {% endif %}