From 3a92b63f9806c0e5a2f0f3248e8f8fc681c9b5e1 Mon Sep 17 00:00:00 2001 From: Catalan Lover Date: Fri, 28 Jun 2024 23:38:43 +0200 Subject: [PATCH] Add Config variable for Draupnir Hijack command And also make the internal admin API be automatically activated when this capability is used. --- group_vars/matrix_servers | 2 ++ roles/custom/matrix-bot-draupnir/defaults/main.yml | 7 +++++++ .../matrix-bot-draupnir/templates/production.yaml.j2 | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 0d14b36e7..92ab2f90b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2747,6 +2747,8 @@ matrix_bot_draupnir_container_image_self_build: "{{ matrix_architecture not in [ matrix_bot_draupnir_container_network: "{{ matrix_addons_container_network }}" +matrix_bot_draupnir_admin_api_enabled: "{{ matrix_bot_draupnir_room_hijack_enabled }}" + matrix_bot_draupnir_container_additional_networks_auto: |- {{ ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) diff --git a/roles/custom/matrix-bot-draupnir/defaults/main.yml b/roles/custom/matrix-bot-draupnir/defaults/main.yml index 53dd53e43..0dea1ef64 100644 --- a/roles/custom/matrix-bot-draupnir/defaults/main.yml +++ b/roles/custom/matrix-bot-draupnir/defaults/main.yml @@ -75,6 +75,13 @@ matrix_bot_draupnir_raw_homeserver_url: "" # Its Exposed here because its common enough to be valid to expose. matrix_bot_draupnir_disable_server_acl: "false" +# Used to control if the Synapse Admin API is exposed internally to the containers and therefore giving Draupnir Access. +matrix_bot_draupnir_admin_api_enabled: "" + +# Controls if the draupnir room hijack command is activated or not. This also automatically enables the internal admin API +# in the process of activation. +matrix_bot_draupnir_room_hijack_enabled: "false" + # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 index b4d3a0bcc..fc0d1fbc6 100644 --- a/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 +++ b/roles/custom/matrix-bot-draupnir/templates/production.yaml.j2 @@ -138,7 +138,7 @@ admin: # (with enough permissions) to "make" a user an admin. # # This only works if a local user with enough admin permissions is present in the room. - enableMakeRoomAdminCommand: false + enableMakeRoomAdminCommand: {{ matrix_bot_draupnir_room_hijack_enabled | to_json }} # Misc options for command handling and commands commands: