system-config/playbooks/roles/matrix-gerritbot/README.rst
Tristan Cacqueray 690c8ec24e Add matrix term accept instruction
This change adds a missing step to accept matrix term required
to use the identity lookup service.

Change-Id: I4f6ad60d983bfc82342ee7d69659074c91296dc1
2021-08-20 18:06:15 +00:00

1.6 KiB

Run the gerritbot-matrix bot.

Create the gerritbot_matrix_access_token with this command:

HOMESERVER_URL="https://opendev.ems.host"
USER="@gerritbot:opendev.org"
PASS="supersecret"

export MATRIX_TOKEN=$(curl -XPOST ${HOMESERVER_URL}/_matrix/client/r0/login -d '{"user": "'${USER}'", "password": "'${PASS}'", "type": "m.login.password"}' | jq -r ".access_token")
echo "gerritbot_matrix_access_token: ${MATRIX_TOKEN}"

Verify the token:

curl -H "Authorization: Bearer ${MATRIX_TOKEN}" ${HOMESERVER_URL}/_matrix/client/r0/account/whoami

Delete the token:

curl -H "Authorization: Bearer ${MATRIX_TOKEN}" -X POST ${HOMESERVER_URL}/_matrix/client/r0/logout -d{}

Create the gerritbot_matrix_identity_token with this command:

MATRIX_OPENID=$(curl -XPOST ${HOMESERVER_URL}/_matrix/client/r0/user/${USER}/openid/request_token -H "Authorization: Bearer ${MATRIX_TOKEN}" -d '{}')
IDENTITY_URL="https://matrix.org"

export MATRIX_IDENTITY_TOKEN=$(curl -XPOST ${IDENTITY_URL}/_matrix/identity/v2/account/register -d "${MATRIX_OPENID}" | jq -r '.access_token')
echo "gerritbot_matrix_identity_token: ${MATRIX_IDENTITY_TOKEN}"

You might need to accept matrix terms:

curl -H "Authorization: Bearer ${MATRIX_IDENTITY_TOKEN}" ${IDENTITY_URL}/_matrix/identity/v2/terms
curl -XPOST ${IDENTITY_URL}/_matrix/identity/v2/terms -H "Authorization: Bearer ${MATRIX_IDENTITY_TOKEN}" -d \
  '{"user_accepts": ["https://matrix.org/legal/identity-server-privacy-notice-1"]}'