From bf95ad2235962c155f127f4d75f5a3cced18d60a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Jan 2024 10:19:41 +0200 Subject: [PATCH] Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars --- docs/configuring-playbook-bot-matrix-registration-bot.md | 5 +---- group_vars/matrix_servers | 1 + .../matrix-bot-matrix-registration-bot/defaults/main.yml | 1 - .../tasks/validate_config.yml | 4 ++-- 4 files changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 30a9a1a78..938dd36db 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -21,9 +21,6 @@ matrix_bot_matrix_registration_bot_enabled: true # To use a different username, uncomment & adjust the variable below: # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot -# Generate a strong password here. Consider generating it with `pwgen -s 64 1` -matrix_bot_matrix_registration_bot_bot_password: PASSWORD_FOR_THE_BOT - # Enables registration matrix_synapse_enable_registration: true @@ -31,7 +28,7 @@ matrix_synapse_enable_registration: true matrix_synapse_registration_requires_token: true ``` -The bot account will be created automatically. +The bot's user account will be created automatically. ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 42ca31f00..8210882d5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1714,6 +1714,7 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} +matrix_bot_matrix_registration_bot_bot_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'registration.bot', rounds=655555) | to_uuid }}" ###################################################################### # diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 512306e95..32b23a03b 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -22,7 +22,6 @@ matrix_bot_matrix_registration_bot_data_path: "{{ matrix_bot_matrix_registration matrix_bot_matrix_registration_bot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_matrix_registration_bot_api_base_url: "https://{{ matrix_server_fqn_matrix }}" - # The bot's password (can also be used to login via a client like element) matrix_bot_matrix_registration_bot_bot_password: '' diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml index b7a475639..f961fb40e 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml @@ -1,6 +1,6 @@ --- -- name: Fail if required settings not defined +- name: Fail if required matrix-registration-bot settings not defined ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). @@ -8,7 +8,7 @@ with_items: - "matrix_bot_matrix_registration_bot_bot_password" -- name: (Deprecation) Catch and report old settings +- name: (Deprecation) Catch and report old matrix-registration-bot settings ansible.builtin.fail: msg: >- Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot.