From a206b65ed7e1d5f2e1e8af48a7537c8dbe0913be Mon Sep 17 00:00:00 2001
From: Lyubomir Popov <lyubo@lpopov.net>
Date: Fri, 3 May 2019 11:02:17 +0300
Subject: [PATCH] Use the '-p' non-interactive option to generate password hash
 instead of 'expect'

---
 roles/matrix-base/tasks/setup_server_base.yml |  2 --
 .../tasks/setup_synapse_main.yml              |  6 ----
 .../tasks/update_user_password.yml            |  2 +-
 .../matrix-synapse-generate-password-hash.j2  | 31 -------------------
 4 files changed, 1 insertion(+), 40 deletions(-)
 delete mode 100644 roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2

diff --git a/roles/matrix-base/tasks/setup_server_base.yml b/roles/matrix-base/tasks/setup_server_base.yml
index 2ccdbd83..1aadfb12 100644
--- a/roles/matrix-base/tasks/setup_server_base.yml
+++ b/roles/matrix-base/tasks/setup_server_base.yml
@@ -25,7 +25,6 @@
       - docker-python
       - ntp
       - fuse
-      - expect
     state: latest
     update_cache: yes
   when: ansible_distribution == 'CentOS'
@@ -63,7 +62,6 @@
       - python-docker
       - ntp
       - fuse
-      - expect
     state: latest
     update_cache: yes
   when: ansible_os_family == 'Debian'
diff --git a/roles/matrix-synapse/tasks/setup_synapse_main.yml b/roles/matrix-synapse/tasks/setup_synapse_main.yml
index 7be5f045..6e56b659 100644
--- a/roles/matrix-synapse/tasks/setup_synapse_main.yml
+++ b/roles/matrix-synapse/tasks/setup_synapse_main.yml
@@ -79,9 +79,3 @@
     dest: "/usr/local/bin/matrix-synapse-register-user"
     mode: 0750
 
-- name: Ensure matrix-synapse-generate-password-hash script created
-  template:
-    src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2"
-    dest: "/usr/local/bin/matrix-synapse-generate-password-hash"
-    mode: 0750
-
diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml
index c464e0d7..d28adfb4 100644
--- a/roles/matrix-synapse/tasks/update_user_password.yml
+++ b/roles/matrix-synapse/tasks/update_user_password.yml
@@ -41,7 +41,7 @@
   when: postgres_start_result.changed
 
 - name: Generate password hash
-  shell: "/usr/local/bin/matrix-synapse-generate-password-hash {{ password }}"
+  shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"
   register: password_hash
 
 - name: Update user password hash
diff --git a/roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2 b/roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2
deleted file mode 100644
index c6858aa8..00000000
--- a/roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-generate-password-hash.j2
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env expect
-
-# Read the password string
-set pass [lindex $argv 0]
-
-# Check if password was provided
-if { $pass == "" }  {
-  puts "Usage: $argv0 <password>"
-  exit 1
-}
-
-# Disable output
-log_user 0
-
-# Execute password hashing script
-spawn docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml
-expect "Password: "
-send "$pass\r"
-expect "Confirm password: "
-send "$pass\r"
-expect "%"
-
-# Save the hash output to a variable
-set output $expect_out(buffer)
-
-# Trim the whitespace
-regexp {\S+} $output passwordHash
-
-# Output the password hash
-puts -nonewline stdout $passwordHash
-close stdout