mirrors/synapse-admin
1
0
Fork 0
mirror of https://github.com/etkecc/synapse-admin.git synced 2024-12-14 20:21:42 +03:00
Code Issues Projects Releases Packages Wiki Activity
synapse-admin/docs/system-users.md
Aine 75b9aeea01
add docs/
2024-11-20 12:36:12 +02:00

1.6 KiB
Raw Blame History

System / Appservice-managed Users

Inadvertently altering system user accounts managed by appservices (such as bridges) / system (such as bots) is a common issue. Editing, deleting, locking, or changing the passwords of these appservice-managed accounts can cause serious problems. To prevent this, we've added a new feature that blocks these types of modifications to such accounts, while still allowing other risk-free changes (changing display names and avatars). By defining a list of MXID regex patterns in the new asManagedUsers configuration setting, you can protect these accounts from accidental changes.

Configuration

The examples below contain the configuration settings to mark Telegram bridge (mautrix-telegram), Slack bridge (mautrix-slack), and Baibot users of example.com homeserver as appservice-managed users, just to illustrate the options to protect both specific MXIDs (as in the Baibot example) and all puppets of a bridge (as in the Telegram and Slack examples).

config.json

"asManagedUsers": [
  "^@baibot:example\\.com$",
  "^@slackbot:example\\.com$",
  "^@slack_[a-zA-Z0-9\\-]+:example\\.com$",
  "^@telegrambot:example\\.com$",
  "^@telegram_[a-zA-Z0-9]+:example\\.com$"
]

/.well-known/matrix/client

"cc.etke.synapse-admin": {
  "asManagedUsers": [
    "^@baibot:example\\.com$",
    "^@slackbot:example\\.com$",
    "^@slack_[a-zA-Z0-9\\-]+:example\\.com$",
    "^@telegrambot:example\\.com$",
    "^@telegram_[a-zA-Z0-9]+:example\\.com$"
  ]
}