mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-26 01:44:56 +01:00
Switch mautrix-slack double-puppeting method (shared secret auth -> appservice-double-puppet)
Since upgrading mautrix-slack (and pinning to v0.1.0) in e4b54c37fe258b17f49dd7ed58a18ef3abac1c41, we expect double-puppeting to require the new appservice double-puppeting method. This commit switches the mautrix-slack bridge to it.
This commit is contained in:
parent
999f2bf8dd
commit
1722e4bd83
@ -47,9 +47,9 @@ Take a look at:
|
|||||||
|
|
||||||
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
|
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
|
||||||
|
|
||||||
#### Method 1: automatically, by enabling Shared Secret Auth
|
#### Method 1: automatically, by enabling Appservice Double Puppet
|
||||||
|
|
||||||
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
|
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service for this playbook.
|
||||||
|
|
||||||
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
||||||
|
|
||||||
|
@ -1047,7 +1047,14 @@ matrix_mautrix_slack_appservice_token: "{{ '%s' | format(matrix_homeserver_gener
|
|||||||
matrix_mautrix_slack_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
matrix_mautrix_slack_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||||
matrix_mautrix_slack_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.hs.tok', rounds=655555) | to_uuid }}"
|
matrix_mautrix_slack_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauslack.hs.tok', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
matrix_mautrix_slack_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
matrix_mautrix_slack_double_puppet_secrets_auto: |-
|
||||||
|
{{
|
||||||
|
{
|
||||||
|
matrix_mautrix_slack_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token)
|
||||||
|
}
|
||||||
|
if matrix_appservice_double_puppet_enabled
|
||||||
|
else {}
|
||||||
|
}}
|
||||||
|
|
||||||
# Postgres is the default, except if not using internal Postgres server
|
# Postgres is the default, except if not using internal Postgres server
|
||||||
matrix_mautrix_slack_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
matrix_mautrix_slack_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||||
|
@ -94,14 +94,9 @@ matrix_mautrix_slack_appservice_database_uri: "{{
|
|||||||
}[matrix_mautrix_slack_database_engine]
|
}[matrix_mautrix_slack_database_engine]
|
||||||
}}"
|
}}"
|
||||||
|
|
||||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
matrix_mautrix_slack_double_puppet_secrets: "{{ matrix_mautrix_slack_double_puppet_secrets_auto | combine(matrix_mautrix_slack_double_puppet_secrets_custom) }}"
|
||||||
matrix_mautrix_slack_login_shared_secret: ''
|
matrix_mautrix_slack_double_puppet_secrets_auto: {}
|
||||||
matrix_mautrix_slack_bridge_login_shared_secret_map:
|
matrix_mautrix_slack_double_puppet_secrets_custom: {}
|
||||||
"{{ {matrix_mautrix_slack_homeserver_domain: matrix_mautrix_slack_login_shared_secret} if matrix_mautrix_slack_login_shared_secret else {} }}"
|
|
||||||
|
|
||||||
# Servers to always allow double puppeting from
|
|
||||||
matrix_mautrix_slack_bridge_double_puppet_server_map:
|
|
||||||
"{{ matrix_mautrix_slack_homeserver_domain : matrix_mautrix_slack_homeserver_address }}"
|
|
||||||
|
|
||||||
# Default mautrix-slack configuration template which covers the generic use case.
|
# Default mautrix-slack configuration template which covers the generic use case.
|
||||||
# You can customize it by controlling the various variables inside it.
|
# You can customize it by controlling the various variables inside it.
|
||||||
|
@ -20,3 +20,14 @@
|
|||||||
To resolve the conflict, make one of these components use a different username.
|
To resolve the conflict, make one of these components use a different username.
|
||||||
Consider either changing `matrix_mautrix_slack_appservice_bot_username` (the bot username for the mautrix-slack component) or `matrix_appservice_slack_bot_name` (the bot username for the appservice-slack component).
|
Consider either changing `matrix_mautrix_slack_appservice_bot_username` (the bot username for the mautrix-slack component) or `matrix_appservice_slack_bot_name` (the bot username for the appservice-slack component).
|
||||||
We recommend that you change the username for the newly-added (and yet unused) component.
|
We recommend that you change the username for the newly-added (and yet unused) component.
|
||||||
|
|
||||||
|
- name: (Deprecation) Catch and report renamed settings
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
Your configuration contains a variable, which now has a different name.
|
||||||
|
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||||
|
when: "item.old in vars"
|
||||||
|
with_items:
|
||||||
|
- {'old': 'matrix_mautrix_slack_login_shared_secret', 'new': '<removed>'}
|
||||||
|
- {'old': 'matrix_mautrix_slack_bridge_login_shared_secret_map', 'new': '<superseded by matrix_mautrix_slack_double_puppet_secrets>'}
|
||||||
|
- {'old': 'matrix_mautrix_slack_bridge_double_puppet_server_map', 'new': '<removed>'}
|
||||||
|
@ -351,15 +351,14 @@ backfill:
|
|||||||
double_puppet:
|
double_puppet:
|
||||||
# Servers to always allow double puppeting from.
|
# Servers to always allow double puppeting from.
|
||||||
# This is only for other servers and should NOT contain the server the bridge is on.
|
# This is only for other servers and should NOT contain the server the bridge is on.
|
||||||
servers:
|
servers: {}
|
||||||
"{{ matrix_mautrix_slack_homeserver_domain }}": {{ matrix_mautrix_slack_homeserver_address }}
|
|
||||||
# Whether to allow client API URL discovery for other servers. When using this option,
|
# Whether to allow client API URL discovery for other servers. When using this option,
|
||||||
# users on other servers can use double puppeting even if their server URLs aren't
|
# users on other servers can use double puppeting even if their server URLs aren't
|
||||||
# explicitly added to the servers map above.
|
# explicitly added to the servers map above.
|
||||||
allow_discovery: false
|
allow_discovery: false
|
||||||
# Shared secrets for automatic double puppeting.
|
# Shared secrets for automatic double puppeting.
|
||||||
# See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
|
# See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
|
||||||
secrets: {{ matrix_mautrix_slack_bridge_login_shared_secret_map | to_json }}
|
secrets: {{ matrix_mautrix_slack_double_puppet_secrets | to_json }}
|
||||||
|
|
||||||
# End-to-bridge encryption support options.
|
# End-to-bridge encryption support options.
|
||||||
#
|
#
|
||||||
|
Loading…
x
Reference in New Issue
Block a user