[fix] role:synapse:auth
This commit is contained in:
parent
81bef7dd44
commit
aefe805a10
2 changed files with 21 additions and 21 deletions
|
|
@ -13,12 +13,12 @@
|
|||
"var_synapse_federation_whitelist": [],
|
||||
"var_synapse_password_strict_policy": true,
|
||||
"var_synapse_registration_shared_secret": "REPLACE_ME",
|
||||
"var_synapse_oidc_enable": false,
|
||||
"var_synapse_oidc_provider_id": "external_auth",
|
||||
"var_synapse_oidc_provider_name": "external auth",
|
||||
"var_synapse_oidc_client_id": "synapse",
|
||||
"var_synapse_oidc_client_secret": "REPLACE_ME",
|
||||
"var_synapse_oidc_issuer_url": "https://auth.example.org",
|
||||
"var_synapse_authentication_kind": "internal",
|
||||
"var_synapse_authentication_data_authelia_provider_id": "authelia",
|
||||
"var_synapse_authentication_data_authelia_provider_name": "Authelia",
|
||||
"var_synapse_authentication_data_authelia_client_id": "synapse",
|
||||
"var_synapse_authentication_data_authelia_client_secret": "REPLACE_ME",
|
||||
"var_synapse_authentication_data_authelia_url_base": "https://authelia.example.org",
|
||||
"var_synapse_smtp_host": "smtp.example.org",
|
||||
"var_synapse_smtp_port": 587,
|
||||
"var_synapse_smtp_username": "synapse@smtp.example.org",
|
||||
|
|
|
|||
|
|
@ -91,29 +91,29 @@ recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify"
|
|||
registration_shared_secret: "{{var_synapse_registration_shared_secret}}"
|
||||
{% endif %}
|
||||
|
||||
{% if var_synapse_oidc_enable %}
|
||||
enable_registration: false
|
||||
enable_registration_without_verification: false
|
||||
{% else %}
|
||||
enable_registration: true
|
||||
enable_registration_without_verification: true
|
||||
{% endif %}
|
||||
|
||||
oidc_config:
|
||||
user_mapping_provider:
|
||||
config:
|
||||
# NOT an Ansible variable
|
||||
localpart_template: "{{"{{"}} user.preferred_username {{"}}"}}"
|
||||
|
||||
{% if var_synapse_oidc_enable %}
|
||||
{% if var_synapse_authentication_kind == 'internal' %}
|
||||
enable_registration: true
|
||||
enable_registration_without_verification: true
|
||||
{% endif %}
|
||||
|
||||
{% if var_synapse_authentication_kind == 'authelia' %}
|
||||
enable_registration: false
|
||||
enable_registration_without_verification: false
|
||||
|
||||
oidc_providers:
|
||||
- idp_id: "{{var_synapse_oidc_provider_id}}"
|
||||
idp_name: "{{var_synapse_oidc_provider_name}}"
|
||||
# idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
|
||||
- idp_id: "{{var_synapse_authentication_data_authelia_provider_id}}"
|
||||
idp_name: "{{var_synapse_authentication_data_authelia_provider_name}}"
|
||||
idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
|
||||
discover: true
|
||||
issuer: "{{var_synapse_oidc_issuer_url}}"
|
||||
client_id: "{{var_synapse_oidc_client_id}}"
|
||||
client_secret: "{{var_synapse_oidc_client_secret}}"
|
||||
issuer: "{{var_synapse_authentication_data_authelia_url_base}}"
|
||||
client_id: "{{var_synapse_authentication_data_authelia_client_id}}"
|
||||
client_secret: "{{var_synapse_authentication_data_authelia_client_secret}}"
|
||||
scopes: ["openid", "profile", "email"]
|
||||
allow_existing_users: true
|
||||
user_mapping_provider:
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue