chore(synapse): fix lints

2024-11-10 05:34:16 +00:00 · 2023-07-07 00:42:09 +02:00 · 2023-07-07 00:42:09 +02:00 · 5b2d02b802
commit 5b2d02b802
parent 629a0450ca
13 changed files with 148 additions and 138 deletions
--- a/roles/synapse/handlers/main.yml
+++ b/roles/synapse/handlers/main.yml
@ -1,30 +1,32 @@
 ---
- name: "reload systemd"
+- name: Reload systemd
  systemd:
-    daemon_reload: yes
+    daemon_reload: true
+  listen: reload-systemd

- name: "restart matrix-synapse using systemd"
+- name: Restart matrix-synapse using systemd
  service:
    name: matrix-synapse.service
    state: restarted
-    enabled: yes
+    enabled: true
  when: matrix_synapse_supervision_method == "systemd"
-  listen: "restart matrix-synapse"
+  listen: restart-matrix-synapse

- name: "restart synapse using docker"
-  docker_container:
+- name: Restart synapse using docker
+  community.docker.docker_container:
    name: "{{ matrix_synapse_container_name }}"
    state: started
-    restart: yes
+    restart: true
  when: matrix_synapse_supervision_method == "docker"
-  listen: "restart matrix-synapse"
+  listen: restart-matrix-synapse
  loop: >-2
    {{ [matrix_synapse_container_name]
    + matrix_synapse_workers | default([]) | map(attribute='container_name') }}

- name: restart rsyslog
-  become: yes
+- name: Restart rsyslog
+  become: true
  service:
    name: rsyslog
    state: restarted
  when: matrix_synapse_supervision_method == "systemd"
+  listen: restart-rsyslog
--- a/roles/synapse/meta/main.yml
+++ b/roles/synapse/meta/main.yml
@ -1,15 +1,15 @@
 galaxy_info:
-  author: michaelkaye
+  author: Jan Christian Grünhage
  description: Deploys a synapse server

-  license: Apache 2.0
+  license: AGPL-3.0-only

-  min_ansible_version: 2.0
+  min_ansible_version: "6"

  platforms:
-  - name: Debian
-    versions:
-    - jessie
+    - name: Debian
+      versions:
+        - all

  galaxy_tags: []

--- a/roles/synapse/tasks/configure.yml
+++ b/roles/synapse/tasks/configure.yml
@ -5,7 +5,7 @@
    state: directory
    owner: synapse
    group: synapse
-    mode: 0750
+    mode: "0755"
  tags: ['prepare', 'prepare-synapse']

 - name: Generate secrets
@ -27,7 +27,7 @@
    state: directory
    owner: synapse
    group: synapse
-    mode: 0770
+    mode: "0775"
  tags: ['prepare', 'prepare-synapse']

 - name: Create directories for media storage
@ -36,7 +36,7 @@
    state: directory
    owner: synapse
    group: synapse
-    mode: 0770
+    mode: "0775"
  loop:
    - "{{ matrix_synapse_config.media_store_path }}"
    - "{{ matrix_synapse_config.uploads_path }}"
@ -51,13 +51,13 @@

 - name: Deploy config
  copy:
-    content: "{{ matrix_synapse_config | to_nice_yaml }}"
+    # default required to make linter happy
+    content: "{{ matrix_synapse_config | default({}) | to_nice_yaml }}"
    dest: "{{ matrix_synapse_base_path }}/homeserver.yaml"
    owner: synapse
    group: synapse
-    mode: 0660
-  notify:
-    - "restart matrix-synapse"
+    mode: "0660"
+  notify: "restart-matrix-synapse"
  tags: ['deploy', 'deploy-synapse']

 - name: Configure logging
--- a/roles/synapse/tasks/configure_workers.yml
+++ b/roles/synapse/tasks/configure_workers.yml
@ -3,12 +3,12 @@
 # Client API config (multiple instances)
 - name: Collect client API worker config
  set_fact:
-    worker_client_info: "{{ worker_client_info|default([]) + [ worker_config ] }}"
+    worker_client_info: "{{ worker_client_info | default([]) + [worker_config] }}"
  vars:
    name: "worker_client_{{ item }}"
    app: "synapse.app.generic_worker"
    config_file: "{{ matrix_synapse_base_path }}/{{ name }}.yaml"
-    port: "{{ (matrix_synapse_worker_listener_base_port|int + item|int)|int }}"
+    port: "{{ (matrix_synapse_worker_listener_base_port | int + item | int) | int }}"
    worker_labels:
      labels: "{{ matrix_synapse_worker_labels_base }}"
    worker: |
@ -28,18 +28,18 @@
          port: {{ port }}
          resources:
            - names: [ client ]
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  loop: "{{ range(1, matrix_synapse_workers_client + 1) | list }}"

 # Federation API (inbound) config (multiple instances, federation listener)
 - name: Collect federation API worker config (inbound)
  set_fact:
-    worker_fed_in_info: "{{ worker_fed_in_info|default([]) + [ worker_config ] }}"
+    worker_fed_in_info: "{{ worker_fed_in_info | default([]) + [worker_config] }}"
  vars:
    name: "worker_fed_in_{{ item }}"
    app: "synapse.app.generic_worker"
    config_file: "{{ matrix_synapse_base_path }}/{{ name }}.yaml"
-    port: "{{ matrix_synapse_worker_listener_base_port|int + 100 + item|int }}"
+    port: "{{ matrix_synapse_worker_listener_base_port | int + 100 + item | int }}"
    worker_labels:
      labels: "{{ matrix_synapse_worker_labels_base }}"
    worker: |
@ -56,16 +56,16 @@
        - "{{ matrix_synapse_worker_listener_bind_base_ip }}:{{ port }}:{{ port }}"
      listeners:
        - type: http
-          port: {{ port|int }}
+          port: {{ port | int }}
          resources:
            - names: [ federation ]
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  loop: "{{ range(1, matrix_synapse_workers_federation_in + 1) | list }}"

 # Federation sender config (multiple instances)
 - name: Collect federation sender worker config (outbound)
  set_fact:
-    worker_fed_out_info: "{{ worker_fed_out_info|default([]) + [ worker_config ] }}"
+    worker_fed_out_info: "{{ worker_fed_out_info | default([]) + [worker_config] }}"
  vars:
    name: "worker_fed_out_{{ item }}"
    app: "synapse.app.generic_worker"
@ -83,18 +83,18 @@
        - "{{ config_file }}:{{ config_file }}:z"
      ports: []
      listeners: []
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  loop: "{{ range(1, matrix_synapse_workers_federation_out + 1) | list }}"

 # Media workers config (multiple instances)
 - name: Collect media worker config
  set_fact:
-    worker_media_info: "{{ worker_media_info|default([]) + [ worker_config ] }}"
+    worker_media_info: "{{ worker_media_info | default([]) + [worker_config] }}"
  vars:
    name: "worker_media_{{ item }}"
    app: "synapse.app.media_repository"
    config_file: "{{ matrix_synapse_base_path }}/{{ name }}.yaml"
-    port: "{{ matrix_synapse_worker_listener_base_port|int + 200 + item|int }}"
+    port: "{{ matrix_synapse_worker_listener_base_port | int + 200 + item | int }}"
    worker_labels:
      labels: "{{ matrix_synapse_worker_labels_base }}"
    worker: |
@ -111,16 +111,16 @@
        - "{{ matrix_synapse_worker_listener_bind_base_ip }}:{{ port }}:{{ port }}"
      listeners:
        - type: http
-          port: {{ port|int }}
+          port: {{ port | int }}
          resources:
            - names: [ media ]
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  loop: "{{ range(1, matrix_synapse_workers_media + 1) | list }}"

 # Pusher worker config (single instance)
 - name: Collect pusher worker config
  set_fact:
-    worker_pusher_info: "{{ [ worker_config ] }}"
+    worker_pusher_info: "{{ [worker_config] }}"
  vars:
    name: "worker_pusher"
    app: "synapse.app.generic_worker"
@ -138,13 +138,13 @@
        - "{{ config_file }}:{{ config_file }}:z"
      ports: []
      listeners: []
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  when: matrix_synapse_worker_push

 # Appservice worker config (single instance)
 - name: Collect appservice worker config
  set_fact:
-    worker_appservice_info: "{{ [ worker_config ] }}"
+    worker_appservice_info: "{{ [worker_config] }}"
  vars:
    name: "worker_appservice"
    app: "synapse.app.generic_worker"
@ -162,18 +162,18 @@
        - "{{ config_file }}:{{ config_file }}:z"
      ports: []
      listeners: []
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  when: matrix_synapse_worker_appservice

 # Userdirectory worker config (single instance)
 - name: Collect user directory worker config
  set_fact:
-    worker_user_dir_info: "{{ [ worker_config ] }}"
+    worker_user_dir_info: "{{ [worker_config] }}"
  vars:
    name: "worker_user_dir"
    app: "synapse.app.generic_worker"
    config_file: "{{ matrix_synapse_base_path }}/{{ name }}.yaml"
-    port: "{{ matrix_synapse_worker_listener_base_port|int + 300 }}"
+    port: "{{ matrix_synapse_worker_listener_base_port | int + 300 }}"
    worker_labels:
      labels: "{{ matrix_synapse_worker_labels_base }}"
    worker: |
@ -193,24 +193,33 @@
          port: {{ port }}
          resources:
            - names: [ client ]
-    worker_config: "{{ worker | from_yaml | combine( worker_labels ) }}"
+    worker_config: "{{ worker | from_yaml | combine(worker_labels) }}"
  when: matrix_synapse_worker_user_search

 - name: Collect worker configuration
  set_fact:
-    matrix_synapse_workers: "{{ worker_client_info|default([]) + worker_fed_in_info|default([]) + worker_fed_out_info|default([]) + worker_media_info|default([]) + worker_pusher_info|default([]) + worker_appservice_info|default([]) + worker_user_dir_info|default([]) }}"
+    matrix_synapse_workers: >-
+      {{
+        worker_client_info | default([])
+        + worker_fed_in_info | default([])
+        + worker_fed_out_info | default([])
+        + worker_media_info | default([])
+        + worker_pusher_info | default([])
+        + worker_appservice_info | default([])
+        + worker_user_dir_info | default([])
+      }}

 - name: Write worker configuration files
  copy:
    content: |
      worker_app: {{ item.app }}
      worker_name: {{ item.name }}
-      {% if item.listeners|length > 0 or matrix_synapse_worker_metrics_enabled %}
+      {% if item.listeners | length > 0 or matrix_synapse_worker_metrics_enabled %}
      worker_listeners:
      {{ (item.listeners + (matrix_synapse_worker_metrics_listener if matrix_synapse_worker_metrics_enabled else [])) | to_nice_yaml }}
      {% endif %}
    dest: "{{ item.config_file }}"
    owner: synapse
    group: synapse
-    mode: 0640
+    mode: "0640"
  loop: "{{ matrix_synapse_workers }}"
--- a/roles/synapse/tasks/crypto.yml
+++ b/roles/synapse/tasks/crypto.yml
@ -7,14 +7,15 @@
 - name: Create signing key
  matrix_signing_key:
    path: "{{ matrix_synapse_config.signing_key_path }}"
-  notify:
-    - "restart matrix-synapse"
+  notify: "restart-matrix-synapse"
  tags: ['deploy', 'deploy-synapse']

 - name: Write server's certificate and private key
+  when: not matrix_synapse_config.no_tls
+  tags: ['deploy', 'deploy-synapse']
  block:
-    - name: create DH parameters
-      openssl_dhparam:
+    - name: Create DH parameters
+      community.crypto.openssl_dhparam:
        path: "{{ matrix_synapse_dh_path }}"
        owner: synapse
    - name: Write certificate
@ -31,5 +32,3 @@
        owner: synapse
        group: synapse
        mode: "0600"
-  when: not matrix_synapse_config.no_tls
-  tags: ['deploy', 'deploy-synapse']
--- a/roles/synapse/tasks/deploy_workers.yml
+++ b/roles/synapse/tasks/deploy_workers.yml
@ -4,8 +4,8 @@
  block:

    - name: Query all running docker containers
-      docker_host_info:
-        containers: yes
+      community.docker.docker_host_info:
+        containers: true
      register: matrix_docker_host_res

    - name: Filter all running synapse workers
@ -20,13 +20,13 @@
          }}

    - name: Stop leftover running containers
-      docker_container:
+      community.docker.docker_container:
        name: "{{ item }}"
        state: absent
      loop: "{{ matrix_synapse_running_workers | difference(matrix_synapse_workers | map(attribute='container_name')) }}"

    - name: Deploy workers (docker)
-      docker_container:
+      community.docker.docker_container:
        name: "{{ item.container_name }}"
        image: "{{ matrix_synapse_container_image_reference }}"
        labels: >-
@ -54,7 +54,6 @@
 - name: Deploy workers using systemd
  when: matrix_synapse_supervision_method == "systemd"
  block:
-
    - name: Query all running services
      service_facts:

@ -97,7 +96,6 @@
      template:
        src: worker.service.j2
        dest: "/etc/systemd/system/matrix-{{ item.name }}.service"
+        mode: "0644"
      loop: "{{ matrix_synapse_workers }}"
-      notify:
-        - "reload systemd"
-        - "restart matrix-synapse"
+      notify: ["reload-systemd", "restart-matrix-synapse"]
--- a/roles/synapse/tasks/deployment.yml
+++ b/roles/synapse/tasks/deployment.yml
@ -1,5 +1,6 @@
 ---
- name: install synapse with pip into virtualenv
+- name: Install synapse with pip into virtualenv
+  when: matrix_synapse_deployment_method == "pip"
  block:
    - name: Install dependencies
      apt:
@ -49,12 +50,11 @@
        virtualenv: "{{ matrix_synapse_base_path }}/env"
        version: "{{ matrix_synapse_version }}"
        state: "{{ 'forcereinstall' if clone_removed.changed else 'present' }}"
-      notify: restart matrix-synapse
+      notify: restart-matrix-synapse
      tags: ['deploy', 'deploy-synapse', 'skip_ansible_lint']
-  when: matrix_synapse_deployment_method == "pip"

 - name: Ensure synapse container image is present
-  docker_image:
+  community.docker.docker_image:
    name: "{{ matrix_synapse_container_image_reference }}"
    force_source: "{{ matrix_synapse_docker_pull }}"
    source: pull
@ -67,7 +67,7 @@
  tags: ['prepare', 'prepare-synapse']

 - name: Ensure synapse container is running
-  docker_container:
+  community.docker.docker_container:
    name: "{{ matrix_synapse_container_name }}"
    image: "{{ matrix_synapse_container_image_reference }}"
    networks: "{{ matrix_synapse_docker_networks }}"
@ -92,5 +92,5 @@
    command: "{{ matrix_synapse_container_certificate_refresh_command }}"
    user: "{{ matrix_synapse_container_certificate_refresh_user_id }}"
  when: matrix_synapse_container_certificate_refresh and matrix_synapse_deployment_method == "docker" and matrix_synapse_container_started.changed
-  notify: restart matrix-synapse
+  notify: restart-matrix-synapse
  tags: ['deploy', 'deploy-synapse']
--- a/roles/synapse/tasks/generate_secret.yml
+++ b/roles/synapse/tasks/generate_secret.yml
@ -29,5 +29,5 @@
  tags: ['deploy', 'deploy-synapse']

 - name: Set secret.var fact
-  set_fact: { "{{ secret.var }}": "{{ secret_var }}" }
+  set_fact: { "{{ secret.var }}": "{{ secret_var }}" } # no-qa var-naming
  tags: ['deploy', 'deploy-synapse']
--- a/roles/synapse/tasks/logging.yml
+++ b/roles/synapse/tasks/logging.yml
@ -1,37 +1,40 @@
 ---
 - name: Logging config (systemd)
+  when: matrix_synapse_supervision_method == "systemd"
  block:
-    - name: create logging folder
+    - name: Create logging folder
      file:
        name: "{{ matrix_synapse_log_dir }}"
        state: directory
        owner: synapse
        group: synapse
+        mode: "0755"
      tags: ['prepare', 'prepare-synapse']

-    - name: copy syslog config
+    - name: Copy syslog config
      template:
        src: syslog-synapse.conf.j2
        dest: /etc/rsyslog.d/matrix_synapse.conf
        owner: root
-      notify: restart rsyslog
+        mode: "0644"
+      notify: restart-rsyslog
      tags: ['deploy', 'deploy-synapse']

-    - name: template logrotate config
+    - name: Template logrotate config
      template:
        src: logrotate.j2
        dest: /etc/logrotate.d/matrix_synapse
        owner: root
+        mode: "0644"
      tags: ['deploy', 'deploy-synapse']
-  when: matrix_synapse_supervision_method == "systemd"
-  # TODO: Figure out how to make sure that logging ends up in rsyslog no matter what system we run on

+# TODO: Figure out how to make sure that logging ends up in rsyslog no matter what system we run on
 - name: Deploy log config
  copy:
    src: "log.config"
    dest: "{{ matrix_synapse_base_path }}/log.config"
    owner: synapse
    group: synapse
-  notify:
-    - "restart matrix-synapse"
+    mode: "0644"
+  notify: restart-matrix-synapse
  tags: ['deploy', 'deploy-synapse']
--- a/roles/synapse/tasks/main.yml
+++ b/roles/synapse/tasks/main.yml
@ -1,5 +1,5 @@
 ---
- name: check that sypervision and deployment are compatible
+- name: Check that sypervision and deployment are compatible
  fail:
    msg: "Either both or neither of deployment and supervision method should be docker."
  when: (matrix_synapse_supervision_method == "docker" and matrix_synapse_deployment_method != "docker") or
@ -9,33 +9,33 @@
 - name: Fail if workers are enabled but no redis is configured for synapse
  fail:
    msg: "Redis needs to be enabled on synapse in order for workers to be able to be run"
-  when: matrix_synapse_workers_enabled|bool and not matrix_synapse_redis_enabled|bool
+  when: matrix_synapse_workers_enabled | bool and not matrix_synapse_redis_enabled | bool
  tags: ['deploy', 'deploy-synapse']

- name: prepare user, group and base directory
+- name: Prepare user, group and base directory
  import_tasks: prepare.yml
  tags: ['prepare', 'prepare-synapse',
         'deploy', 'deploy-synapse']

- name: configure workers
+- name: Configure workers
  import_tasks: configure_workers.yml
  tags: ['deploy', 'deploy-synapse']
  when: matrix_synapse_workers_enabled

- name: configure synapse
+- name: Configure synapse
  include_tasks: configure.yml
  tags: ['always']

- name: deploy workers
+- name: Deploy workers
  import_tasks: deploy_workers.yml
  tags: ['deploy', 'deploy-synapse']
  when: matrix_synapse_workers_enabled

- name: deploy synapse
+- name: Deploy synapse
  include_tasks: deployment.yml
  tags: ['always']

- name: configure service
+- name: Configure service
  import_tasks: systemd.yml
  tags: ['deploy', 'deploy-synapse']
  when: matrix_synapse_supervision_method == "systemd"
--- a/roles/synapse/tasks/prepare.yml
+++ b/roles/synapse/tasks/prepare.yml
@ -1,23 +1,23 @@
 ---
- name: create appservice group
+- name: Create appservice group
  group:
    name: "matrix-appservices"
    state: present
-    system: yes
+    system: true
  register: appservice_group

- name: create user
+- name: Create user
  user:
    name: synapse
    state: present
-    groups: [ "matrix-appservices" ]
-    append: yes
+    groups: [matrix-appservices]
+    append: true
  register: synapse_user

- name: create directory
+- name: Create directory
  file:
    path: "{{ matrix_synapse_base_path }}"
    state: directory
    owner: synapse
    group: synapse
-    mode: 0750
+    mode: "0750"
--- a/roles/synapse/tasks/systemd.yml
+++ b/roles/synapse/tasks/systemd.yml
@ -3,6 +3,5 @@
  template:
    src: "matrix-synapse.service.j2"
    dest: "/etc/systemd/system/matrix-synapse.service"
-  notify:
-    - "reload systemd"
-    - "restart matrix-synapse"
+    mode: "0644"
+  notify: ["reload-systemd", "restart-matrix-synapse"]
--- a/roles/synapse/vars/main.yml
+++ b/roles/synapse/vars/main.yml
@ -25,7 +25,7 @@ matrix_synapse_worker_config_base:
      bind_addresses: "{{ matrix_synapse_worker_replication_bind_addresses }}"
      type: http
      resources:
-        - names: [ replication ]
+        - names: [replication]
  instance_map:
    main:
      host: "{{ matrix_synapse_worker_replication_host }}"
@ -124,57 +124,57 @@ matrix_synapse_base_config:
  max_image_pixels: "32M"
  dynamic_thumbnails: false
  thumbnail_sizes:
-  - width: 32
-    height: 32
-    method: crop
-  - width: 96
-    height: 96
-    method: crop
-  - width: 320
-    height: 240
-    method: scale
-  - width: 640
-    height: 480
-    method: scale
-  - width: 800
-    height: 600
-    method: scale
+    - width: 32
+      height: 32
+      method: crop
+    - width: 96
+      height: 96
+      method: crop
+    - width: 320
+      height: 240
+      method: scale
+    - width: 640
+      height: 480
+      method: scale
+    - width: 800
+      height: 600
+      method: scale
  url_preview_enabled: true
  url_preview_ip_range_blacklist:
-  - '127.0.0.0/8'
-  - '10.0.0.0/8'
-  - '172.16.0.0/12'
-  - '192.168.0.0/16'
-  - '100.64.0.0/10'
-  - '169.254.0.0/16'
-  - '::1/128'
-  - 'fe80::/64'
-  - 'fc00::/7'
+    - '127.0.0.0/8'
+    - '10.0.0.0/8'
+    - '172.16.0.0/12'
+    - '192.168.0.0/16'
+    - '100.64.0.0/10'
+    - '169.254.0.0/16'
+    - '::1/128'
+    - 'fe80::/64'
+    - 'fc00::/7'
  url_preview_url_blacklist:
-  - username: '*'
-  - netloc: 'google.com'
-  - netloc: '*.google.com'
-  - netloc: 'twitter.com'
-  - netloc: '*.twitter.com'
-  - netloc: 't.co'
-  - netloc: '*.t.co'
+    - username: '*'
+    - netloc: 'google.com'
+    - netloc: '*.google.com'
+    - netloc: 'twitter.com'
+    - netloc: '*.twitter.com'
+    - netloc: 't.co'
+    - netloc: '*.t.co'
  max_spider_size: "10M"
-  enable_registration: False
+  enable_registration: false
  registration_shared_secret: >-
    {{ registration_shared_secret_file.content | b64decode }}
  form_secret: "{{ form_secret_file.content | b64decode }}"
  bcrypt_rounds: 12
-  allow_guest_access: False
+  allow_guest_access: false
  trusted_third_party_id_servers:
-      - matrix.org
-      - vector.im
+    - matrix.org
+    - vector.im
  autocreate_auto_join_rooms: true
  enable_metrics: "{{ matrix_synapse_metrics_enabled }}"
  report_stats: "{{ matrix_synapse_report_stats }}"
  app_service_config_files: []
-  track_appservice_user_ips: False
+  track_appservice_user_ips: false
  macaroon_secret_key: "{{ macaroon_file.content | b64decode }}"
-  expire_access_token: False
+  expire_access_token: false
  signing_key_path: "{{ matrix_synapse_signing_key_path }}"
  old_signing_keys: {}
  key_refresh_interval: "1d" # 1 Day.
@ -191,9 +191,9 @@ matrix_synapse_base_config:
    include_content: false
  enable_group_creation: true
  alias_creation_rules:
-      - user_id: "*"
-        alias: "*"
-        action: allow
+    - user_id: "*"
+      alias: "*"
+      action: allow
 matrix_synapse_docker_labels_complete: "{{ matrix_synapse_docker_labels_base | combine(matrix_synapse_docker_labels) }}"
 matrix_synapse_docker_labels_base:
  version: "{{ matrix_synapse_container_image_tag | default(matrix_synapse_version) }}"
@ -297,6 +297,6 @@ matrix_synapse_worker_sso_generic_endpoints:
  - "/_synapse/client/pick_username"
  - "/_synapse/client/new_user_consent$"
  - "/_synapse/client/sso_register$"
-matrix_synapse_worker_sso_oidc_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_synapse/client/oidc/callback$' ] }}"
-matrix_synapse_worker_sso_saml_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_synapse/client/saml2/authn_response$' ] }}"
-matrix_synapse_worker_sso_cas_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$' ] }}"
+matrix_synapse_worker_sso_oidc_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + ['/_synapse/client/oidc/callback$'] }}"
+matrix_synapse_worker_sso_saml_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + ['/_synapse/client/saml2/authn_response$'] }}"
+matrix_synapse_worker_sso_cas_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + ['/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$'] }}"