Przeglądaj źródła
Update docs for Draupnir and Mjolnir: add the instruction to run the playbook before the instruction to run the curl command
It is necessary to run the playbook to apply the configuration so that the curl command, which is described below, can be successfully executed. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>pull/3966/head
Suguru Hirahara
1 rok temu
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: E4F9743DAB4B7B75
2 zmienionych plików z 14 dodań i 2 usunięć
+ 7
- 1
docs/configuring-playbook-bot-draupnir.md
Wyświetl plik
| @@ -90,6 +90,12 @@ To expose the APIs publicly, add the following configuration to your `vars.yml` | |||||
| matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true | matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true | ||||
| ``` | ``` | ||||
| Then, run the playbook with the following command to apply the configuration to the server *without starting the systemd services*: | |||||
| ```sh | |||||
| ansible-playbook -i inventory/hosts setup.yml --tags=setup-all | |||||
| ``` | |||||
| **Notes**: | **Notes**: | ||||
| - Access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). | - Access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). | ||||
| @@ -102,7 +108,7 @@ Manual access to Synapse's Admin APIs requires an access token for a homeserver | |||||
| #### Run the `curl` command | #### Run the `curl` command | ||||
| After obtaining the access token for the admin account, run the following command on systems that ship curl to discharge rate limiting. | |||||
| After applying the configuration to the server and obtaining the access token for the admin account, run the following command on systems that ship curl to discharge rate limiting. | |||||
| Before running it, make sure to replace: | Before running it, make sure to replace: | ||||
| - `ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account | - `ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account | ||||
+ 7
- 1
docs/configuring-playbook-bot-mjolnir.md
Wyświetl plik
| @@ -38,6 +38,12 @@ To expose the APIs publicly, add the following configuration to your `inventory/ | |||||
| matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true | matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true | ||||
| ``` | ``` | ||||
| Then, run the playbook with the following command to apply the configuration to the server *without starting the systemd services*: | |||||
| ```sh | |||||
| ansible-playbook -i inventory/hosts setup.yml --tags=setup-all | |||||
| ``` | |||||
| **Notes**: | **Notes**: | ||||
| - Access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). | - Access to the APIs is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, doing so is not recommended for additional security. See [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). | ||||
| @@ -52,7 +58,7 @@ If you have made Mjolnir an admin, you can just use the Mjolnir token. | |||||
| #### Run the `curl` command | #### Run the `curl` command | ||||
| After obtaining the access token for the admin account, run the following command on systems that ship curl to discharge rate limiting. | |||||
| After applying the configuration to the server and obtaining the access token for the admin account, run the following command on systems that ship curl to discharge rate limiting. | |||||
| Before running it, make sure to replace: | Before running it, make sure to replace: | ||||
| - `ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account | - `ADMIN_ACCESS_TOKEN_HERE` with the access token of the admin account | ||||