configuring-playbook-shared-secret-auth.md

Setting up the Shared Secret Auth password provider module (optional, advanced)

The playbook can install and configure matrix-synapse-shared-secret-auth for you.

See that project's documentation to learn what it does and why it might be useful to you.

Adjusting the playbook configuration

Add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file:

matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true

# Generate a strong shared secret here. Consider generating it with `pwgen -s 64 1`
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HERE

Authenticating only using a password provider

If you wish for users to authenticate only against configured password providers (like this one), without consulting Synapse's local database, feel free to disable it:

matrix_synapse_password_config_localdb_enabled: false

Installing

After configuring the playbook, run the installation command: just install-all or just setup-all