aboutsummaryrefslogtreecommitdiffstats
path: root/roles/synapse
diff options
context:
space:
mode:
Diffstat (limited to 'roles/synapse')
-rw-r--r--roles/synapse/README.md3
-rw-r--r--roles/synapse/tasks/main.yml14
2 files changed, 11 insertions, 6 deletions
diff --git a/roles/synapse/README.md b/roles/synapse/README.md
index 7e6255e..19cec2c 100644
--- a/roles/synapse/README.md
+++ b/roles/synapse/README.md
@@ -18,6 +18,8 @@ If your Matrix domain differs from the public hostname of your synapse server
in order to federate with other instances. See the [sample webserver playbook](../../playbooks/webserver_public_example.yml)
for an example of how to do this.
+The secrets can be generated using `python -m synapse.app.homeserver --generate-config`.
+
Variables
---------
@@ -44,6 +46,7 @@ Variable | Default
`synapse_registration_shared_secret` |   | Secret passphrase to allow registration even when disabled (optional)
`synapse_macaroon_secret_key` |   | Secret signing key for various tokens (required)
`synapse_form_secret` |   | Secret key for various form HMACs (required)
+`synapse_signing_key` |   | Signing key (required)
`synapse_turn_host` | `{{ coturn_realm }}` | TURN server hostname
`synapse_turn_secret` | `{{ coturn_auth_secret }}` | TURN server shared secret
`synapse_enable_email_notifications` | yes | Enable email notifications
diff --git a/roles/synapse/tasks/main.yml b/roles/synapse/tasks/main.yml
index febe3c6..b8140c4 100644
--- a/roles/synapse/tasks/main.yml
+++ b/roles/synapse/tasks/main.yml
@@ -31,18 +31,20 @@
dest: '{{ synapse_home }}/{{ item }}'
owner: '{{ synapse_user }}'
group: '{{ synapse_user }}'
- mode: 0600
+ mode: 0644
notify: restart synapse
loop:
- homeserver.yaml
- logging.config
- name: generate signing key
- shell:
- cmd: >-
- source {{ synapse_venv }}/bin/activate &&
- python -m synapse.app.homeserver --config-path {{ synapse_home }}/homeserver.yaml --generate-keys
- creates: '{{ synapse_home }}/{{ synapse_domain }}.signing.key'
+ copy:
+ content: |
+ {{ synapse_signing_key }}
+ dest: '{{ synapse_home }}/{{ synapse_domain }}.signing.key'
+ owner: '{{ synapse_user }}'
+ group: '{{ synapse_user }}'
+ mode: 0644
become: yes
become_user: '{{ synapse_user }}'
generated by cgit (git 2.34.1) at 2024-09-19 12:31:37 -0400