diff --git a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml index b36cd2dbb..81104c7f4 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml @@ -57,6 +57,8 @@ matrix_mautrix_discord_homeserver_token: '' matrix_mautrix_discord_appservice_bot_username: discordbot +matrix_mautrix_discord_provisioning_shared_secret: disable + # Minimum severity of journal log messages. # Options: debug, info, warn, error, fatal matrix_mautrix_discord_logging_level: 'warn' diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index 322bc763a..bed044bcb 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -277,7 +277,7 @@ bridge: prefix: /_matrix/provision # Shared secret for authentication. If set to "generate", a random secret will be generated, # or if set to "disable", the provisioning API will be disabled. - shared_secret: generate + shared_secret: {{ matrix_mautrix_discord_provisioning_shared_secret | to_json }} # Permissions for using the bridge. # Permitted values: diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index 0fac573f8..848e86bde 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -156,6 +156,8 @@ matrix_mautrix_meta_instagram_meta_mode: instagram # When in `instagram` mode (see `matrix_mautrix_meta_instagram_meta_mode`), should the bridge connect to WhatsApp servers for encrypted chats? matrix_mautrix_meta_instagram_meta_ig_e2ee: false +matrix_mautrix_meta_instagram_provisioning_shared_secret: disable + # Whether or not metrics endpoint should be enabled. # Enabling them is usually enough for a local (in-container) Prometheus to consume them. # If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_meta_instagram_metrics_proxying_enabled`. diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 index 465a861fb..e905b1771 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 @@ -263,7 +263,7 @@ provisioning: prefix: /_matrix/provision # Shared secret for authentication. If set to "generate" or null, a random secret will be generated, # or if set to "disable", the provisioning API will be disabled. - shared_secret: disable + shared_secret: {{ matrix_mautrix_meta_instagram_provisioning_shared_secret | to_json }} # Whether to allow provisioning API requests to be authed using Matrix access tokens. # This follows the same rules as double puppeting to determine which server to contact to check the token, # which means that by default, it only works for users on the same server as the bridge. diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index e7a59c913..ca951a333 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -156,6 +156,8 @@ matrix_mautrix_meta_messenger_meta_mode: messenger # When in `instagram` mode (see `matrix_mautrix_meta_messenger_meta_mode`), should the bridge connect to WhatsApp servers for encrypted chats? matrix_mautrix_meta_messenger_meta_ig_e2ee: false +matrix_mautrix_meta_messenger_provisioning_shared_secret: disable + # Whether or not metrics endpoint should be enabled. # Enabling them is usually enough for a local (in-container) Prometheus to consume them. # If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_meta_messenger_metrics_proxying_enabled`. diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 index dbfc69b35..b5f9404b3 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 @@ -263,7 +263,7 @@ provisioning: prefix: /_matrix/provision # Shared secret for authentication. If set to "generate" or null, a random secret will be generated, # or if set to "disable", the provisioning API will be disabled. - shared_secret: disable + shared_secret: {{ matrix_mautrix_meta_messenger_provisioning_shared_secret | to_json }} # Whether to allow provisioning API requests to be authed using Matrix access tokens. # This follows the same rules as double puppeting to determine which server to contact to check the token, # which means that by default, it only works for users on the same server as the bridge. diff --git a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml index 3c5989b44..619dfee86 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -136,6 +136,8 @@ matrix_mautrix_telegram_systemd_wanted_services_list: [] matrix_mautrix_telegram_appservice_token: '' matrix_mautrix_telegram_homeserver_token: '' +matrix_mautrix_telegram_provisioning_shared_secret: disable + # Whether or not metrics endpoint should be enabled. # Enabling them is usually enough for a local (in-container) Prometheus to consume them. # If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_telegram_metrics_proxying_enabled`. diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 5e21b2778..6cbd30130 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -71,7 +71,7 @@ appservice: prefix: /_matrix/provision/v1 # The shared secret to authorize users of the API. # Set to "generate" to generate and save a new token. - shared_secret: generate + shared_secret: {{ matrix_mautrix_telegram_provisioning_shared_secret | to_json }} # The unique ID of this appservice. id: telegram diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index c6224525c..832234832 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -384,7 +384,7 @@ direct_media: allow_proxy: true # Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. # This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. - server_key: generate + server_key: "" # Settings for backfilling messages. # Note that the exact way settings are applied depends on the network connector.