From 3ad2211d742934a49ce45e736b47e702a564f689 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 23 Dec 2024 10:47:54 +0900 Subject: [PATCH 1/4] Use common instructions for referring to the documentation on obtaining an access token Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bot-maubot.md | 2 +- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-user-verification-service.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 04eeb0cb8..2e43df041 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -79,4 +79,4 @@ You should start in the following order This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`. -Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation. Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will give your bot issues in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). +Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 6566015d8..6b7362c1d 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -30,7 +30,7 @@ The admin interface is accessible within Element Web by accessing it in any room We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. -You are required to specify an access token (belonging to this new user) for Dimension to work. To get an access token for the Dimension user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). +You are required to specify an access token (belonging to this new user) for Dimension to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 37802c30a..cf89fcca7 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -45,7 +45,7 @@ The Synapse Access Token is used to verify RoomMembership and PowerLevel against We recommend that you create a dedicated Matrix user for uvs (`uvs` is a good username). Follow our [Registering users](registering-users.md) guide to register a user with administration privileges. -You are required to specify an access token (belonging to this new user) for UVS to work. To get an access token for the UVS user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md). +You are required to specify an access token (belonging to this new user) for UVS to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). **Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** From fb05eace5a17886945cf02452a906ed607dc24b6 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 23 Dec 2024 18:14:33 +0900 Subject: [PATCH 2/4] Edit instructions to obtain an access token Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-bridge-appservice-kakaotalk.md | 2 +- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- docs/configuring-playbook-bridge-mautrix-facebook.md | 2 +- docs/configuring-playbook-bridge-mautrix-gmessages.md | 2 +- docs/configuring-playbook-bridge-mautrix-googlechat.md | 2 +- docs/configuring-playbook-bridge-mautrix-hangouts.md | 2 +- docs/configuring-playbook-bridge-mautrix-meta-instagram.md | 2 +- docs/configuring-playbook-bridge-mautrix-meta-messenger.md | 2 +- docs/configuring-playbook-bridge-mautrix-signal.md | 2 +- docs/configuring-playbook-bridge-mautrix-slack.md | 2 +- docs/configuring-playbook-bridge-mautrix-telegram.md | 2 +- docs/configuring-playbook-bridge-mautrix-twitter.md | 2 +- docs/configuring-playbook-bridge-mautrix-whatsapp.md | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index f5dfcbe9f..e10f880a8 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -70,7 +70,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index fbcd2b1e8..df93b246c 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -101,7 +101,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index e42d58058..8baf793b9 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -96,7 +96,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-gmessages.md b/docs/configuring-playbook-bridge-mautrix-gmessages.md index 1ca27424e..40305e06b 100644 --- a/docs/configuring-playbook-bridge-mautrix-gmessages.md +++ b/docs/configuring-playbook-bridge-mautrix-gmessages.md @@ -55,7 +55,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-googlechat.md b/docs/configuring-playbook-bridge-mautrix-googlechat.md index ac16c09ba..2b077dfcf 100644 --- a/docs/configuring-playbook-bridge-mautrix-googlechat.md +++ b/docs/configuring-playbook-bridge-mautrix-googlechat.md @@ -65,7 +65,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index ba0fecbe4..e2a808ec3 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -65,7 +65,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md index 5e11f50e7..6514cac90 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-instagram.md @@ -104,7 +104,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md index 65afac8d0..9e40720bb 100644 --- a/docs/configuring-playbook-bridge-mautrix-meta-messenger.md +++ b/docs/configuring-playbook-bridge-mautrix-meta-messenger.md @@ -121,7 +121,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index ef2102441..f89ca1c42 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -106,7 +106,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-slack.md b/docs/configuring-playbook-bridge-mautrix-slack.md index 19f0f75aa..dd2ee5342 100644 --- a/docs/configuring-playbook-bridge-mautrix-slack.md +++ b/docs/configuring-playbook-bridge-mautrix-slack.md @@ -82,7 +82,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 835bc87fb..fc775f61c 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -88,7 +88,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send `login-matrix` to the bot and follow instructions about how to send the access token to it diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index 7aeaca436..81813d2d1 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -62,7 +62,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index a3bc81559..2fa6e9914 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -73,7 +73,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps: -- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md). +- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md). - send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE` From 7911cdb23213e8e4a9fc74e5c098b3ceb325509a Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 23 Dec 2024 11:01:30 +0900 Subject: [PATCH 3/4] Add a common warning message about not to share an access token Based on docs/obtaining-access-tokens.md Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-alertmanager-receiver.md | 2 ++ docs/configuring-playbook-bot-chatgpt.md | 2 ++ docs/configuring-playbook-bot-draupnir.md | 2 ++ docs/configuring-playbook-bot-go-neb.md | 2 ++ docs/configuring-playbook-bot-maubot.md | 2 ++ docs/configuring-playbook-bot-mjolnir.md | 2 ++ docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-email2matrix.md | 2 ++ docs/configuring-playbook-user-verification-service.md | 2 +- docs/maintenance-synapse.md | 2 ++ docs/obtaining-access-tokens.md | 2 +- 11 files changed, 19 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index c42747e99..351432662 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -26,6 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.alertma The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + ### Join to rooms as the bot manually ℹ️ **This bot does not accept room invitations automatically**. To deliver messages to rooms, the bot must be joined to all rooms manually. diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index e3ff7a431..3ed5ef729 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -28,6 +28,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6). ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-bot-draupnir.md b/docs/configuring-playbook-bot-draupnir.md index 288a8547c..3863b616b 100644 --- a/docs/configuring-playbook-bot-draupnir.md +++ b/docs/configuring-playbook-bot-draupnir.md @@ -28,6 +28,8 @@ If you would like Draupnir to be able to deactivate users, move aliases, shutdow The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + ### Make sure the account is free from rate limiting If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a required step. If you do not configure it, Draupnir will crash.** diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index 1c3118dfb..c8c84f876 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -26,6 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + ## Adjusting the playbook configuration To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `ACCESS_TOKEN_FOR_GONEB_HERE` and `ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE` with the ones created [above](#obtain-an-access-token). diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 2e43df041..cab21137e 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -80,3 +80,5 @@ You should start in the following order This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`. Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). + +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 53fd17784..e7737420b 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -24,6 +24,8 @@ If you would like Mjolnir to be able to deactivate users, move aliases, shutdown The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + ### Make sure the account is free from rate limiting If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a required step. If you do not configure it, Mjolnir will crash.** diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 6b7362c1d..90d299e17 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -32,7 +32,7 @@ We recommend that you create a dedicated Matrix user for Dimension (`dimension` You are required to specify an access token (belonging to this new user) for Dimension to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. Add access token to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`): diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 4ceda308f..f57904986 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -42,6 +42,8 @@ Take note of each room's room ID (different clients show the room ID in a differ In order for the sender user created above to be able to send messages to the room, we'll need to obtain an access token for it. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + ## Adjusting the playbook configuration After doing the preparation steps above, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs): diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index cf89fcca7..341026ab8 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -47,7 +47,7 @@ We recommend that you create a dedicated Matrix user for uvs (`uvs` is a good us You are required to specify an access token (belonging to this new user) for UVS to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ```yaml matrix_user_verification_service_uvs_access_token: "YOUR ACCESS TOKEN HERE" diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index 749e9deba..0c2eded9b 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -18,6 +18,8 @@ You can use the **[Purge History API](https://github.com/element-hq/synapse/blob To make use of this Synapse Admin API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. + Synapse's Admin API is not exposed to the internet by default, following [official Synapse reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). To expose it you will need to add `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` to your `vars.yml` file. Follow the [Purge History API](https://github.com/element-hq/synapse/blob/master/docs/admin_api/purge_history_api.md) documentation page for the actual purging instructions. diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index 860621f70..e1f69b226 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -2,7 +2,7 @@ When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token. -**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.** +⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ## Prerequisites From 66ea709cb32478ae3fc22ae32ffee8b057e0080c Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 23 Dec 2024 11:22:31 +0900 Subject: [PATCH 4/4] Replace headers for sections about obtaining an access token Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-dimension.md | 2 +- docs/configuring-playbook-user-verification-service.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 90d299e17..652ed6e83 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -26,7 +26,7 @@ matrix_dimension_admins: The admin interface is accessible within Element Web by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element Web by the "Add widgets, bridges, & bots" link in the room information. -### Access token +### Obtain an access token We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**. diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 341026ab8..6a8dfccb9 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -39,7 +39,7 @@ For a list of all configuration options see the role defaults [`roles/matrix-use In the default configuration, the UVS Server is only reachable via the docker network, which is fine if e.g. Jitsi is also running in a container on the host. However, it is possible to expose UVS via setting `matrix_user_verification_service_container_http_host_bind_port`. -### Access token +### Obtain an access token The Synapse Access Token is used to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`.