Add appservice-double-puppet double-puppeting support to mautrix-discord

Shared Secret Auth double puppeting still works for this bridge, but is deprecated and will go away in the future.
hace 1 año · 77c59aaea0
--- a/docs/configuring-playbook-bridge-mautrix-discord.md
+++ b/docs/configuring-playbook-bridge-mautrix-discord.md
@@ -44,11 +44,13 @@ Take a look at:

 If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.

 #### Method 1: automatically, by enabling Shared Secret Auth
 #### Method 1: automatically, by enabling Appservice Double Puppet or Shared Secret Auth

 The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
 The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service or the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service for this playbook.

 This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
 Enabling [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.

 Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service works at the time of writing, but is deprecated and will stop working in the future.

 #### Method 2: manually, by asking each user to provide a working access token

--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -999,7 +999,18 @@ matrix_mautrix_discord_homeserver_address: "{{ matrix_addons_homeserver_client_a
 matrix_mautrix_discord_homeserver_public_address: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_server_fqn_matrix }}"
 matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok', rounds=655555) | to_uuid }}"

 matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 matrix_mautrix_discord_bridge_login_shared_secret_map_auto: |-
  {{
    ({
      matrix_mautrix_discord_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token)
    })
    if matrix_appservice_double_puppet_enabled
    else (
      {matrix_mautrix_discord_homeserver_domain: matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret}
      if matrix_synapse_ext_password_provider_shared_secret_auth_enabled
      else {}
    )
  }}

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_discord_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
--- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
@@ -100,10 +100,9 @@ matrix_mautrix_discord_appservice_database_uri: "{{
 	}[matrix_mautrix_discord_database_engine]
 }}"

 # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
 matrix_mautrix_discord_login_shared_secret: ''
 matrix_mautrix_discord_bridge_login_shared_secret_map:
  "{{ {matrix_mautrix_discord_homeserver_domain: matrix_mautrix_discord_login_shared_secret} if matrix_mautrix_discord_login_shared_secret else {} }}"
 matrix_mautrix_discord_bridge_login_shared_secret_map: "{{ matrix_mautrix_discord_bridge_login_shared_secret_map_auto | combine(matrix_mautrix_discord_bridge_login_shared_secret_map_custom) }}"
 matrix_mautrix_discord_bridge_login_shared_secret_map_auto: {}
 matrix_mautrix_discord_bridge_login_shared_secret_map_custom: {}

 # Servers to always allow double puppeting from
 matrix_mautrix_discord_bridge_double_puppet_server_map:
--- a/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml
@@ -12,3 +12,12 @@
    - {'name': 'matrix_mautrix_discord_homeserver_public_address', when: true}
    - {'name': 'matrix_mautrix_discord_container_network', when: true}
    - {'name': 'matrix_mautrix_discord_database_hostname', when: "{{ matrix_mautrix_discord_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed settings
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
  when: "item.old in vars"
  with_items:
    - {'old': 'matrix_mautrix_discord_login_shared_secret', 'new': '<removed>'}