The playbook can install and configure matrix-synapse-shared-secret-auth for you.
See the project's documentation to learn what it does and why it might be useful to you.
Add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file:
matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
# Generate a strong shared secret here. Consider generating it with `pwgen -s 64 1`
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HEREIf you wish for users to authenticate only against configured password providers (like this one), without consulting Synapse's local database, feel free to disable it:
matrix_synapse_password_config_localdb_enabled: falseAfter configuring the playbook, run it with playbook tags as below:
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,startThe shortcut commands with the just program are also available: just install-all or just setup-all
just install-all is useful for maintaining your setup quickly (2x-5x faster than just setup-all) when its components remain unchanged. If you adjust your vars.yml to remove other components, you'd need to run just setup-all, or these components will still remain installed. Note these shortcuts run the ensure-matrix-users-created tag too.