Revert "Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars"

This reverts commit bf95ad2235.

This was a bad idea.
It's better to have people manually define the password.

Otherwise, `matrix_homeserver_generic_secret_key` changing some day in
the future would break the bot and one would have to figure out how to
reset its password manually.

Using an explicit password is more stable.
This commit is contained in:
Slavi Pantaleev 2024-01-09 10:22:20 +02:00
parent bf95ad2235
commit 998e9ce655
4 changed files with 7 additions and 4 deletions

View File

@ -21,6 +21,9 @@ matrix_bot_matrix_registration_bot_enabled: true
# To use a different username, uncomment & adjust the variable below: # To use a different username, uncomment & adjust the variable below:
# matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot # matrix_bot_matrix_registration_bot_matrix_user_id_localpart: bot.matrix-registration-bot
# Generate a strong password here. Consider generating it with `pwgen -s 64 1`
matrix_bot_matrix_registration_bot_bot_password: PASSWORD_FOR_THE_BOT
# Enables registration # Enables registration
matrix_synapse_enable_registration: true matrix_synapse_enable_registration: true
@ -28,7 +31,7 @@ matrix_synapse_enable_registration: true
matrix_synapse_registration_requires_token: true matrix_synapse_registration_requires_token: true
``` ```
The bot's user account will be created automatically. The bot account will be created automatically.
## Installing ## Installing

View File

@ -1714,7 +1714,6 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: |
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
}} }}
matrix_bot_matrix_registration_bot_bot_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'registration.bot', rounds=655555) | to_uuid }}"
###################################################################### ######################################################################
# #

View File

@ -22,6 +22,7 @@ matrix_bot_matrix_registration_bot_data_path: "{{ matrix_bot_matrix_registration
matrix_bot_matrix_registration_bot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_matrix_registration_bot_bot_server: "https://{{ matrix_server_fqn_matrix }}"
matrix_bot_matrix_registration_bot_api_base_url: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_matrix_registration_bot_api_base_url: "https://{{ matrix_server_fqn_matrix }}"
# The bot's password (can also be used to login via a client like element) # The bot's password (can also be used to login via a client like element)
matrix_bot_matrix_registration_bot_bot_password: '' matrix_bot_matrix_registration_bot_bot_password: ''

View File

@ -1,6 +1,6 @@
--- ---
- name: Fail if required matrix-registration-bot settings not defined - name: Fail if required settings not defined
ansible.builtin.fail: ansible.builtin.fail:
msg: >- msg: >-
You need to define a required configuration setting (`{{ item }}`). You need to define a required configuration setting (`{{ item }}`).
@ -8,7 +8,7 @@
with_items: with_items:
- "matrix_bot_matrix_registration_bot_bot_password" - "matrix_bot_matrix_registration_bot_bot_password"
- name: (Deprecation) Catch and report old matrix-registration-bot settings - name: (Deprecation) Catch and report old settings
ansible.builtin.fail: ansible.builtin.fail:
msg: >- msg: >-
Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot. Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot.