fix template and vars for ldap auth, add setup

roles/matrix-server/defaults/main.yml

@@ -155,13 +155,13 @@ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
 # Enable this to activate LDAP password provider
 matrix_synapse_ext_password_provider_ldap: false
 matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.mydomain.tld:389"
-matrix_synapse_ext_password_provider_ldap_tls: true
+matrix_synapse_ext_password_provider_ldap_start_tls: true
 matrix_synapse_ext_password_provider_ldap_base: ""
-matrix_synapse_ext_password_provider_ldap_attr_uid: "uid"
-matrix_synapse_ext_password_provider_ldap_attr_mail: "mail"
-matrix_synapse_ext_password_provider_ldap_attr_name: "name"
-matrix_synapse_ext_password_provider_ldap_binddn: ""
-matrix_synapse_ext_password_provider_ldap_bindpwd: ""
+matrix_synapse_ext_password_provider_ldap_attributes_uid: "uid"
+matrix_synapse_ext_password_provider_ldap_attributes_mail: "mail"
+matrix_synapse_ext_password_provider_ldap_attributes_name: "cn"
+matrix_synapse_ext_password_provider_ldap_bind_dn: ""
+matrix_synapse_ext_password_provider_ldap_bind_password: ""
 matrix_synapse_ext_password_provider_ldap_filter: ""
 
 

roles/matrix-server/tasks/setup/setup_synapse_ext.yml

@@ -4,6 +4,8 @@
 
 - include: tasks/setup/setup_synapse_ext_shared_secret_auth.yml
 
+- include: tasks/setup/setup_synapse_ext_ldap.yml
+
 - include: tasks/setup/setup_synapse_ext_mautrix_telegram.yml
 
 - include: tasks/setup/setup_synapse_ext_mautrix_whatsapp.yml

roles/matrix-server/tasks/setup/setup_synapse_ext_ldap.yml

@@ -0,0 +1,11 @@
+- set_fact:
+    matrix_synapse_password_providers_enabled: true
+  when: "matrix_synapse_ext_password_provider_ldap"
+
+- set_fact:
+    matrix_synapse_additional_loggers: >
+      {{ matrix_synapse_additional_loggers }}
+      +
+      {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
+  when: "matrix_synapse_ext_password_provider_ldap"
+

roles/matrix-server/templates/synapse/homeserver.yaml.j2

@@ -654,17 +654,15 @@ password_providers:
     config:
       enabled: true
       uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}"
-      start_tls: {{ matrix_synapse_ext_password_provider_ldap_tls }}
+      start_tls: "{{ matrix_synapse_ext_password_provider_ldap_start_tls }}"
       base: "{{ matrix_synapse_ext_password_provider_ldap_base }}"
       attributes:
-        uid: "{{ matrix_synapse_ext_password_provider_ldap_attr_uid }}"
-        mail: "{{ matrix_synapse_ext_password_provider_ldap_attr_mail }}"
-        name: "{{ matrix_synapse_ext_password_provider_ldap_attr_name }}"
-      bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_binddn }}"
-      bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bindpwd }}"
-      {% if matrix_synapse_ext_password_provider_ldap_filter %}
+        uid: "{{ matrix_synapse_ext_password_provider_ldap_attributes_uid }}"
+        mail: "{{ matrix_synapse_ext_password_provider_ldap_attributes_mail }}"
+        name: "{{ matrix_synapse_ext_password_provider_ldap_attributes_name }}"
+      bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}"
+      bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}"
       filter: "{{ matrix_synapse_ext_password_provider_ldap_filter }}"
-      {% endif %}
 {% endif %}
 {% endif %}