Make every mxisd configuration option accessible

22523c0e42 added role variables that wrap certain mxisd configuration
keys. This has the obvious drawback that not all keys are accessible but
only the wrapped.

This change replaces the previously added wrapper role variables by a
single dictionary variable `matrix_mxisd_extra_config` in which arbirary
mxisd configuration keys can be added.

There's still the same default mxisd configuration. Keys of that default
are overwritten individually when added to `matrix_mxisd_extra_config`.

roles/matrix-server/defaults/main.yml

@@ -239,37 +239,19 @@ matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data"
 # Enabling this is discouraged. Learn more here: https://github.com/kamax-io/mxisd/blob/master/docs/features/identity.md#lookups
 matrix_mxisd_matrixorg_forwarding_enabled: false
 
-# mxisd has serveral supported identity stores.
-# One of them is storing identities directly in Synapse's database.
-# Learn more here: https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/synapse.md
-matrix_mxisd_synapsesql_enabled: true
-matrix_mxisd_synapsesql_type: postgresql
-matrix_mxisd_synapsesql_connection: //{{ matrix_postgres_connection_hostname }}/{{ matrix_postgres_db_name }}?user={{ matrix_postgres_connection_username }}&password={{ matrix_postgres_connection_password }}
 
-# LDAP is another identity store that's supported by mxisd.
+# You can add arbirary mxisd config by specifying matrix_mxisd_extra_config.
-# Learn more here: https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/ldap.md
+# Example:
-matrix_mxisd_ldap_enabled: false
+# matrix_mxisd_extra_config:
-matrix_mxisd_ldap_connection_host: ldapHostnameOrIp
+#   synapseSql.enabled: false
-matrix_mxisd_ldap_connection_tls: false
+#   ldap.enabled: true
-matrix_mxisd_ldap_connection_port: 389
+#   ldap.connection.host: ldapHostnameOrIp
-matrix_mxisd_ldap_connection_baseDns: ['OU=Users,DC=example,DC=org']
+#   ldap.connection.tls: false
-matrix_mxisd_ldap_connection_bindDn: CN=My Mxisd User,OU=Users,DC=example,DC=org
+#   ldap.connection.port: 389
-matrix_mxisd_ldap_connection_bindPassword: TheUserPassword
+#   ldap.connection.baseDn: OU=Users,DC=example,DC=org
-# The following keys are optional:
+#   ldap.connection.bindDn: CN=My Mxisd User,OU=Users,DC=example,DC=org
-# matrix_mxisd_ldap_filter: ""
+#   ldap.connection.bindPassword: TheUserPassword
-# matrix_mxisd_ldap_attribute_uid_type: uid
+matrix_mxisd_extra_config:
-# matrix_mxisd_ldap_attribute_uid_value: sAMAccountName
-# matrix_mxisd_ldap_attribute_name: cn
-# matrix_mxisd_ldap_attribute_threepid_email:
-#   - mail
-#   - otherMailAttribute
-# matrix_mxisd_ldap_attribute_threepid_msisdn:
-#   - phone
-#   - otherPhoneAttribute
-# matrix_mxisd_ldap_identity_filter: ""
-# matrix_mxisd_ldap_identity_medium: ""
-# matrix_mxisd_ldap_auth_filter: ""
-# matrix_mxisd_ldap_directory_filter: ""
 
 
 # Specifies which template files to use when configuring mxisd.

roles/matrix-server/templates/mxisd/mxisd.yaml.j2

@@ -1,69 +1,21 @@
-matrix.domain: {{ hostname_identity }}
+{% set matrix_mxisd_default_config = {
-server.name: {{ hostname_matrix }}
+  "matrix.domain": hostname_identity,
-
+  "server.name": hostname_matrix,
-key.path: /var/mxisd/sign.key
+  "key.path": "/var/mxisd/sign.key",
-
+  "storage.provider.sqlite.database": "/var/mxisd/mxisd.db",
-storage.provider.sqlite.database: /var/mxisd/mxisd.db
+  "threepid.medium.email.identity.from": matrix_mailer_sender_address,
-
+  "threepid.medium.email.connectors.smtp.host": "matrix-mailer",
-threepid.medium.email.identity.from: {{ matrix_mailer_sender_address }}
+  "threepid.medium.email.connectors.smtp.port": 587,
-threepid.medium.email.connectors.smtp.host: matrix-mailer
+  "threepid.medium.email.connectors.smtp.tls": 0,
-threepid.medium.email.connectors.smtp.port: 587
+  "synapseSql.enabled": true,
-threepid.medium.email.connectors.smtp.tls: 0
+  "synapseSql.type": "postgresql",
+  "synapseSql.connection": "//" + matrix_postgres_connection_hostname + "/" + matrix_postgres_db_name + "?user=" + matrix_postgres_connection_username + "&password=" + matrix_postgres_connection_password
+} %}
 
 {% if matrix_mxisd_matrixorg_forwarding_enabled %}
-forward.servers: ['matrix-org']
+  {% set matrix_mxisd_default_config = matrix_mxisd_default_config | combine(
-{% endif %}
+    { "forward.servers": [ "matrix-org" ] }
-
+  ) %}
-synapseSql.enabled: {{ matrix_mxisd_synapsesql_enabled }}
-synapseSql.type: {{ matrix_mxisd_synapsesql_type }}
-synapseSql.connection: {{ matrix_mxisd_synapsesql_connection }}
-
-ldap.enabled: {{ matrix_mxisd_ldap_enabled }}
-ldap.connection.host: {{ matrix_mxisd_ldap_connection_host }}
-ldap.connection.tls: {{ matrix_mxisd_ldap_connection_tls }}
-ldap.connection.port: {{ matrix_mxisd_ldap_connection_port }}
-ldap.connection.baseDns:
-{{ matrix_mxisd_ldap_connection_baseDns|to_nice_yaml }}
-ldap.connection.bindDn: {{ matrix_mxisd_ldap_connection_bindDn }}
-ldap.connection.bindPassword: {{ matrix_mxisd_ldap_connection_bindPassword }}
-
-{% if matrix_mxisd_ldap_filter is defined %}
-ldap.filter: {{ matrix_mxisd_ldap_filter }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_attribute_uid_type is defined %}
-ldap.attribute.uid.type: {{ matrix_mxisd_ldap_attribute_uid_type }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_attribute_uid_value is defined %}
-ldap.attribute.uid.value: {{ matrix_mxisd_ldap_attribute_uid_value }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_attribute_name is defined %}
-ldap.attribute.name: {{ matrix_mxisd_ldap_attribute_name }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_attribute_threepid_email is defined %}
-ldap.attribute.threepid.email: {{ matrix_mxisd_ldap_attribute_threepid_email|to_yaml }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_attribute_threepid_msisdn is defined %}
-ldap.attribute.threepid.msisdn: {{ matrix_mxisd_ldap_attribute_threepid_msisdn|to_yaml }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_identity_filter is defined %}
-ldap.identity.filter: {{ matrix_mxisd_ldap_identity_filter }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_identity_medium is defined %}
-ldap.identity.medium: {{ matrix_mxisd_ldap_identity_medium }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_auth_filter is defined %}
-ldap.auth.filter: {{ matrix_mxisd_ldap_auth_filter }}
-{% endif %}
-
-{% if matrix_mxisd_ldap_directory_filter is defined %}
-ldap.directory.filter: {{ matrix_mxisd_ldap_directory_filter }}
 {% endif %}
 
+{{ matrix_mxisd_default_config | combine(matrix_mxisd_extra_config, recursive=true) | to_nice_yaml }}