add new Synapse Admin config options

group_vars/matrix_servers

@@ -5124,6 +5124,8 @@ matrix_synapse_admin_container_labels_traefik_docker_network: "{{ matrix_playboo
 matrix_synapse_admin_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
 matrix_synapse_admin_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
 
+matrix_synapse_admin_config_externalAuthProvider: "{{ matrix_authentication_service_enabled | default(false) or matrix_synapse_ext_password_provider_ldap_enabled | default(false) }}"
+
 matrix_synapse_admin_config_asManagedUsers_auto: |
   {{
     ([

requirements.yml

@@ -16,7 +16,7 @@
   version: 129c8590e106b83e6f4c259649a613c6279e937a
   name: docker_sdk_for_python
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
-  version: v2.5.0-0
+  version: v2.5.0-1
   name: etherpad
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
   version: v4.98.1-r0-2-1

roles/custom/matrix-synapse-admin/defaults/main.yml

@@ -166,6 +166,8 @@ matrix_synapse_admin_path_prefix: /synapse-admin
 # This is unlike what it does when looking up YAML template files (no automatic parsing there).
 matrix_synapse_admin_configuration_default:
   restrictBaseUrl: "{{ matrix_synapse_admin_config_restrictBaseUrl }}"
+  externalAuthProvider: "{{ matrix_synapse_admin_config_externalAuthProvider }}"
+  corsCredentials: "{{ matrix_synapse_admin_config_corsCredentials }}"
   asManagedUsers: "{{ matrix_synapse_admin_config_asManagedUsers }}"
   menu: "{{ matrix_synapse_admin_config_menu }}"
 
@@ -199,6 +201,15 @@ matrix_synapse_admin_configuration: "{{ matrix_synapse_admin_configuration_defau
 # restricts the homeserver(s), so that the user can no longer define a homeserver manually during login.
 matrix_synapse_admin_config_restrictBaseUrl: "{{ matrix_homeserver_url }}"  # noqa var-naming
 
+# Controls the externalAuthProvider configuration setting, which, if defined,
+# enables a special compatibility mode that works better for external auth providers like LDAP, MAS, etc.
+matrix_synapse_admin_config_externalAuthProvider: false  # noqa var-naming
+
+# Controls the corsCredentials configuration setting, which, if defined,
+# allows including credentials (cookies, authorization headers, or TLS client certificates) in requests
+# ref: https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch#including_credentials
+matrix_synapse_admin_config_corsCredentials: "same-origin"  # noqa var-naming
+
 # Controls the menu configuration setting, which, if defined, adds new menu items to the Synapse Admin UI.
 # The format is a list of objects, where each object has the following keys:
 # - `label` (string): The label of the menu item.