Skip to main content

A bot to manage user registration tokens on a matrix server.

Project description

Matrix Registration Bot

Pypi badge License Docker pulls

This bot aims to create and manage registration tokens for a matrix server. It wants to help invitation based servers to maintain usability. It does not create a user itself, but allows registration only with a valid token as defined by Matrix standard MSC3231. The benefit is, that an administrator minimizes manual work and does not know a user’s password at any time.

This means, that a user that registers on your server has to provide a registration token to successfully create an account. The token can be created by interacting with this bot. So to invite a friend you would send create to the bot which answers with a token. You send the token to the friend, and they can use this to create an account.

The feature was added in Matrix v1.2. More information can be found in the Synapse Documentation .

If you have any questions, or if you need help setting it up, read the troublshooting guide or join #matrix-registration-bot:hyteck.de.

Supported commands

Unrestricted commands

  • help: Shows this help

Restricted commands

  • list: Lists all registration tokens

  • show <token>: Shows token details in human-readable format

  • create: Creates a token that that is valid for one registration for seven days

  • delete <token> Deletes the specified token(s)

  • delete-all Deletes all tokens

  • allow @user:example.com Allows the specified user (or a user matching a regex pattern) to use restricted commands

  • disallow @user:example.com Stops a specified user (or a user matching a regex pattern) from using restricted commands

Permissions

By default, any user on the homeserver of the bot is allowed to use restricted commands. You can change that, by using the allow command to configure one (or multiple) specific user. Read the simple-matrix-bot documentation for more information. If you get locked out for any reason, simply modify the config.toml that is created in the bots working directory.

Getting started

Install via matrix-docker-ansible-deploy

If you already installed your homeserver with this ansible playbook you can make use of a very simple setup. Check out the setup instructions in the project’s repo.

Prerequisites for all other installation methods

Server configuration

Your server should be configured to a token restricted registration. Add the following to your homeserver.yaml:

enable_registration: true
registration_requires_token: true

Create a bot account

Then you need to create an account for the bot on the server, like you would do with any other account. A good username is registration-bot. If you want to use token based login, note the access token of the bot. One way to get the token is to log in as the bot and got to Settings -> Help & About -> Access Token in Element, however you mustn’t log out or the token will be invalidated. As an alternative you can use the command

curl -X POST --header 'Content-Type: application/json' -d '{
    "identifier": { "type": "m.id.user", "user": "YourBotUsername" },
    "password": "YourBotPassword",
    "type": "m.login.password"
}' 'https://matrix.YOURDOMAIN/_matrix/client/r0/login'

Once you are finished you can start the installation of the bot.

Manual Installation

The installation can easily be done via PyPi

$ pip install matrix-registration-bot

Configuration

Configure the bot with a file named config.yml. It should look like this

bot:
  server: "https://synapse.example.com"
  username: "registration-bot"
  access_token: "verysecret"
  # It is also possible to use a password based login by commenting out the access token line and adjusting the line below
  # password: "secretpassword"
  prefix: ""
api:
  # API endpoint of the registration tokens
  base_url: 'https://synapse.example.com'
  # Access token of an administrator on the server. If you configured the bot to be an admin on the sever you can use the same token as above.
  token: "supersecret"
logging:
  level: DEBUG/INFO/ERROR

It is also possible to use environment variables to configure the bot. The variable names are all upper case, concatenated with _ e.g. LOGGING_LEVEL.

Start the bot

Start the bot with

python -m matrix_registration_bot.bot

and then open a Direct Message to the bot. The type one of the following commands.

Automatically (re-)start the bot with Systemd

To have the bot start automatically after reboots create the file /etc/systemd/system/matrix-registration-bot.service with the following content on your server. This assumes you use that you place your configuration in /matrix/matrix-registration-bot/config.yml.

[Unit]
Description=matrix-registration-bot

[Service]
Type=simple

WorkingDirectory=/matrix/matrix-registration-bot
ExecStart=python3 -m matrix_registration_bot.bot

Restart=always
RestartSec=30
SyslogIdentifier=matrix-registration-bot

[Install]
WantedBy=multi-user.target

After creating the service reload your daemon and start+enable the service.

$ sudo systemctl daemon-reload
$ sudo systemctl start matrix-registration-bot
$ sudo systemclt enable matrix-registration-bot

Install using docker-compose

To use this container via docker you can create the following docker-compose.yml and start the container with docker-compose up -d. Explanation on how to obtain the correct values of the configuration can be found in the Manual installation section.

version: "3.7"

services:
  matrix-registration-bot:
    image: moanos/matrix-registration-bot:latest
    environment:
      LOGGING_LEVEL: DEBUG
      BOT_SERVER: "https://synapse.example.com"
      BOT_USERNAME: "registration-bot"
      BOT_PASSWORD: "password"
      API_BASE_URL: 'https://synapse.example.com'
      API_TOKEN: "syt_xxxxxxxxxxxxxxxxxxxxxxxx"

git checkout de # End-to-End Encryption

From version 1.2.0 the bot supports E2E encryption. This is a bit safer and also allows to create direct messages (which are by default encrypted). This will be enabled by default.

Contributing

Feel free to contribute or discuss this bot at #matrix-registration-bot:hyteck.de or simply open issues and PRs here.

Code of Conduct

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

matrix-registration-bot-1.2.2.tar.gz (30.8 kB view details)

Uploaded Source

Built Distribution

matrix_registration_bot-1.2.2-py3-none-any.whl (35.1 kB view details)

Uploaded Python 3

File details

Details for the file matrix-registration-bot-1.2.2.tar.gz.

File metadata

File hashes

Hashes for matrix-registration-bot-1.2.2.tar.gz
Algorithm Hash digest
SHA256 4047cfc972cdce2765d451a57ca913780364d79175eba085c5c41617058727a3
MD5 7d7437bbb689f8e6dfca997565bdd99d
BLAKE2b-256 d1eb77172cebeab7141f287a899cde23202e9b53000645409fe98c94292fa048

See more details on using hashes here.

File details

Details for the file matrix_registration_bot-1.2.2-py3-none-any.whl.

File metadata

File hashes

Hashes for matrix_registration_bot-1.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 136516eb36610d3b7775a6af03dc468e0e29e221f91f92e92db128262e9d50ce
MD5 64e658faed561f83b028c2b1bc631991
BLAKE2b-256 bf0d548e5747ae6359d81968bf4255f62e4c5d6265036d0301704a3605eff9ff

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page