The playbook can install and configure matrix-synapse-rest-auth for you.
See that project's documentation to learn what it does and why it might be useful to you.
Add the following configuration to your inventory/host_vars/matrix.example.com/vars.yml file (adapt to your needs):
matrix_synapse_ext_password_provider_rest_auth_enabled: true
matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"
matrix_synapse_ext_password_provider_rest_auth_registration_enforce_lowercase: false
matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofill: true
matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: falseIf you wish for users to authenticate only against configured password providers (like this one), without consulting Synapse's local database, feel free to disable it:
matrix_synapse_password_config_localdb_enabled: falseAfter configuring the playbook, run it with playbook tags as below:
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,startThe shortcut commands with the just program are also available: just install-all or just setup-all
just install-all is useful for maintaining your setup quickly (2x-5x faster than just setup-all) when its components remain unchanged. If you adjust your vars.yml to remove other components, you'd need to run just setup-all, or these components will still remain installed. Note these shortcuts run the ensure-matrix-users-created tag too.