finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add matrix-user-creator role - automatic user account creation support

Browse Source 
We no longer ask users to create Matrix user accounts for these bots:

- Postmoogle
- Honoroit
- Reminder Bot

Other bots and services (matrix-registration-bot, maubot, mjolnir,
Dimension, etc.) require an Access Token to run (not a password),
so this new role doesn't help for them.

It does help for the above bots though, and for defining your own
"initial user accounts" in the `matrix_user_creator_users_additional`
variable.
This commit is contained in:
Slavi Pantaleev
2022-11-01 16:22:58 +02:00
parent 125ca5569d
commit c3dc64b1d5
15 changed files with 294 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Ensure Conduit user registered - {{ user.username | quote }}
ansible.builtin.debug:
msg: "Not registering user. To register Conduit users, message the Conduit bot"

17
roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: Ensure Dendrite user registered - {{ user.username | quote }}
ansible.builtin.command:
cmd: |-
{{ matrix_host_command_docker }} exec matrix-dendrite
create-account
-config /data/dendrite.yaml
-username {{ user.username | quote }}
-password {{ user.initial_password | quote }}
{% if user.initial_type == 'admin' %}
-admin
{% endif %}
-url http://localhost:{{ matrix_dendrite_http_bind_port }}
register: matrix_dendrite_register_user_result
changed_when: matrix_dendrite_register_user_result.rc == 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr
failed_when: matrix_dendrite_register_user_result.rc != 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr

22
roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml Normal file
View File

@ -0,0 +1,22 @@
---
- name: Ensure Synapse user registered - {{ user.username | quote }}
ansible.builtin.command:
cmd: |-
{{ matrix_host_command_docker }} exec matrix-synapse
register_new_matrix_user
-u {{ user.username | quote }}
-p {{ user.initial_password | quote }}
-c /data/homeserver.yaml
{% if user.initial_type == 'admin' %}
--admin
{% else %}
--no-admin
{% if user.initial_type != 'user' %}
--user_type={{ user.initial_type | quote }}
{% endif %}
{% endif %}
http://localhost:{{ matrix_synapse_container_client_api_port }}
register: matrix_synapse_register_user_result
changed_when: matrix_synapse_register_user_result.rc == 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout
failed_when: matrix_synapse_register_user_result.rc != 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout

16
roles/matrix-user-creator/tasks/util/validate_user.yml Normal file
View File

@ -0,0 +1,16 @@
---
- name: Fail if invalid username
ansible.builtin.fail:
msg: "Empty usernames values are not allowed ({{ user }})"
when: not (user.username | default(''))
- name: Fail if invalid initial_password for user - {{ user.username }}
ansible.builtin.fail:
msg: "Empty initial_password values are not allowed"
when: not (user.initial_password | default(''))
- name: Fail if invalid initial_type for user - {{ user.username }}
ansible.builtin.fail:
msg: "User initial_type `{{ user.initial_type | default('undefined') }}` is not supported"
when: user.initial_type | default('undefined') not in ['admin', 'user', 'bot', 'support']