From a9fae8e3b1d419e8f96d69063d6bc5502d20057c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 31 Jan 2019 20:45:14 +0200 Subject: [PATCH] Revert "Use native OpenSSL module to generate `passkey.pem`" This reverts commit 0dac5ea508a0ab0f65eb95c8db64e9ecb6332ed5. Relying on pyOpenSSL is the Ansible way of doing things, but is impractical and annoying for users. `openssl` is easily available on most servers, even by default. We'd better use that. --- docs/configuring-playbook-bridge-appservice-irc.md | 2 -- .../matrix-synapse/tasks/ext/appservice-irc/setup.yml | 11 ++++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-irc.md b/docs/configuring-playbook-bridge-appservice-irc.md index 71d2f69a..5f70384d 100644 --- a/docs/configuring-playbook-bridge-appservice-irc.md +++ b/docs/configuring-playbook-bridge-appservice-irc.md @@ -4,8 +4,6 @@ The playbook can install and configure [matrix-appservice-irc](https://github.co See the project's [documentation](https://github.com/TeDomum/matrix-appservice-irc/blob/master/HOWTO.md) to learn what it does and why it might be useful to you. -The Appservice IRC bridge configuration using Ansible will require that you have `python-pyOpenSSL` installed on your local machine. - You'll need to use the following playbook configuration: ```yaml diff --git a/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml b/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml index c241853a..79d800a0 100644 --- a/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml +++ b/roles/matrix-synapse/tasks/ext/appservice-irc/setup.yml @@ -22,12 +22,13 @@ group: "{{ matrix_user_username }}" when: "matrix_appservice_irc_enabled" -- name: Generate matrix-appservice-irc passkey if it doesn't exist - openssl_privatekey: +- stat: path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" - size: 2048 - force: false - when: "matrix_appservice_irc_enabled" + register: irc_passkey_file + +- name: Generate matrix-appservice-irc passkey if it doesn't exist + shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_base_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 + when: "matrix_appservice_irc_enabled and irc_passkey_file.stat.exists == False" - name: Ensure matrix-appservice-irc.service installed template: