always generate pepper salt

2023-12-08 11:24:20 +01:00
parent 5a73f8790c
commit 8a7e098f4f
1 changed files with 1 additions and 1 deletions
--- a/start.sh
+++ b/start.sh
@@ -37,10 +37,10 @@ if [[ ! -f /app/data/configs/homeserver.yaml ]]; then

    if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
        yq eval -i ".enable_registration=true" /app/data/configs/homeserver.yaml
-        yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml
        # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
        yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
    fi
+    yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml # always set this so that users can enable password login if needed
 fi

 echo "==> Ensure we log to console"