Fix passkey.pem permissions breaking IRC bridge

Regression since 174a6fcd1b, #204 (Github Pull Request),
which only affects new servers.

Old servers which had their passkey.pem file relocated were okay.
This commit is contained in:
Slavi Pantaleev 2019-07-08 10:13:45 +03:00
parent e317de5ac1
commit 9d07aaefbf

View file

@ -59,8 +59,19 @@
- name: Generate Appservice IRC passkey if it doesn't exist
shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048
become: true
become_user: "{{ matrix_user_username }}"
when: "not irc_passkey_file.stat.exists"
# In the past, we used to generate the passkey.pem file with root, so permissions may not be okay.
# Fix it.
- name: (Migration) Ensure Appservice IRC passkey permissions are okay
file:
path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}"
# Ideally, we'd like to generate the final registration.yaml file by ourselves.
#
# However, the IRC bridge supports multiple servers, which leads to multiple