From bbbfc0708f662927158df508ba7b10f0b26ad6f7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 23 Dec 2021 17:39:56 +0200 Subject: [PATCH] Derive matrix_coturn_turn_static_auth_secret from matrix_homeserver_generic_secret_key Doing this further simplifies examples/vars.yml. --- examples/vars.yml | 4 ---- group_vars/matrix_servers | 2 ++ 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/examples/vars.yml b/examples/vars.yml index 0f6c1a55..f5776962 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -28,10 +28,6 @@ matrix_homeserver_generic_secret_key: '' # Example value: someone@example.com matrix_ssl_lets_encrypt_support_email: '' -# A shared secret (between Coturn and Synapse) used for authentication. -# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`). -matrix_coturn_turn_static_auth_secret: '' - # A Postgres password to use for the superuser Postgres user (called `matrix` by default). # # The playbook creates additional Postgres users and databases (one for each enabled service) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a39b4665..4441ca05 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1087,6 +1087,8 @@ matrix_coturn_container_image_self_build: "{{ matrix_architecture != 'amd64'}}" matrix_coturn_turn_external_ip_address: "{{ ansible_host }}" +matrix_coturn_turn_static_auth_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'coturn.sas') | to_uuid }}" + matrix_coturn_tls_enabled: "{{ matrix_ssl_retrieval_method != 'none' }}" matrix_coturn_tls_cert_path: "{{ matrix_ssl_config_dir_path }}/live/{{ matrix_server_fqn_matrix }}/fullchain.pem" matrix_coturn_tls_key_path: "{{ matrix_ssl_config_dir_path }}/live/{{ matrix_server_fqn_matrix }}/privkey.pem"