From 0dac5ea508a0ab0f65eb95c8db64e9ecb6332ed5 Mon Sep 17 00:00:00 2001 From: Plailect Date: Thu, 31 Jan 2019 11:38:54 -0500 Subject: [PATCH] Use native OpenSSL module to generate `passkey.pem` --- docs/configuring-playbook-bridge-appservice-irc.md | 2 ++ .../matrix-synapse/tasks/ext/appservice-irc/setup.yml | 11 +++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 5f70384d..71d2f69a 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -4,6 +4,8 @@ The playbook can install and configure [matrix-appservice-irc](https://github.co See the project's [documentation](https://github.com/TeDomum/matrix-appservice-irc/blob/master/HOWTO.md) to learn what it does and why it might be useful to you. +The Appservice IRC bridge configuration using Ansible will require that you have `python-pyOpenSSL` installed on your local machine. + You'll need to use the following playbook configuration: ```yaml diff --git a/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml b/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml index 79d800a0..c241853a 100644 --- a/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml +++ b/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml @@ -22,13 +22,12 @@ group: "{{ matrix_user_username }}" when: "matrix_appservice_irc_enabled" -- stat: - path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" - register: irc_passkey_file - - name: Generate matrix-appservice-irc passkey if it doesn't exist - shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_base_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 - when: "matrix_appservice_irc_enabled and irc_passkey_file.stat.exists == False" + openssl_privatekey: + path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" + size: 2048 + force: false + when: "matrix_appservice_irc_enabled" - name: Ensure matrix-appservice-irc.service installed template: