The playbook can install and configure matrix-synapse-rest-auth for you.
See the project's documentation to learn what it does and why it might be useful to you.
Add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file (adapt to your needs):
matrix_synapse_ext_password_provider_rest_auth_enabled: true
matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"
matrix_synapse_ext_password_provider_rest_auth_registration_enforce_lowercase: false
matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofill: true
matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: falseIf you wish for users to authenticate only against configured password providers (like this one), without consulting Synapse's local database, you can disable it by adding the following configuration to your vars.yml file:
matrix_synapse_password_config_localdb_enabled: falseAfter configuring the playbook, run it with playbook tags as below:
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,startThe shortcut commands with the just program are also available: just install-all or just setup-all
just install-all is useful for maintaining your setup quickly (2x-5x faster than just setup-all) when its components remain unchanged. If you adjust your vars.yml to remove other components, you'd need to run just setup-all, or these components will still remain installed. Note these shortcuts run the ensure-matrix-users-created tag too.
This module does not provide direct integration with any backend. For the backend you can use ma1sd Identity Server, which can be configured with the playbook.
Warning
We recommend not bothering with installing ma1sd as it has been unmaintained for years. If you wish to install it anyway, consult the ma1sd Identity Server configuration.