matrix-docker-ansible-deploy/docs/configuring-playbook-shared-secret-auth.md

# Setting up the Shared Secret Auth password provider module (optional, advanced)

The playbook can install and configure [matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) for you.

See that project's documentation to learn what it does and why it might be useful to you.

## Adjusting the playbook configuration

Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:

```yaml
matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HERE
```

You can generate a strong shared secret with a command like this: `pwgen -s 64 1`


## Authenticating only using a password provider

If you wish for users to **authenticate only against configured password providers** (like this one), **without consulting Synapse's local database**, feel free to disable it:

```yaml
matrix_synapse_password_config_localdb_enabled: false
```
Annotate certain features as optional/advanced We've had some people get confused into installing Matrix Corporal and having pain with that. With this documentation change, we try to make it clearer that it's an advanced feature not to be touched unless you know what you're doing. On a similar note, we also make sure other things are properly labeled as "(optional)" and/or "(advanced)". 2018-11-26 07:23:42 +02:00			`# Setting up the Shared Secret Auth password provider module (optional, advanced)`
Add support for matrix-synapse-shared-secret-auth 2018-08-20 16:11:55 +02:00
			`The playbook can install and configure [matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) for you.`

			`See that project's documentation to learn what it does and why it might be useful to you.`

Use common expression on documentation regarding playbook configuration Overall the playbook uses the expression "Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:" with the heading "Adjusting the playbook configuration" for sections to explain what to be added as variables Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-12 13:48:24 +02:00			`## Adjusting the playbook configuration`

			Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
Add support for matrix-synapse-shared-secret-auth 2018-08-20 16:11:55 +02:00
			```yaml
			`matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true`
			`matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HERE`
Add support for disabling Synapse's local database for user auth This is a new feature of Synapse v1.1.0. Discussed in #145 (Github Pull Request). 2019-07-04 16:11:51 +02:00			```

Mention pwgen for generating a strong shared secret 2020-05-29 09:38:12 +02:00			You can generate a strong shared secret with a command like this: `pwgen -s 64 1`

Add support for disabling Synapse's local database for user auth This is a new feature of Synapse v1.1.0. Discussed in #145 (Github Pull Request). 2019-07-04 16:11:51 +02:00
			`## Authenticating only using a password provider`

			`If you wish for users to authenticate only against configured password providers (like this one), without consulting Synapse's local database, feel free to disable it:`

			```yaml
			`matrix_synapse_password_config_localdb_enabled: false`
			```