Move Synapse OIDC client id/secret from synapse_secrets to authelia_secrets.

roles/authelia/templates/configuration.yml

@@ -86,9 +86,9 @@ identity_providers:
           - 'email'
         token_endpoint_auth_method: client_secret_post
 
-      - client_id: '{{ synapse_secrets["oidc_client_id"] }}'
+      - client_id: '{{ authelia_secrets["synapse_client_id"] }}'
         client_name: Synapse
-        client_secret: '{{ synapse_secrets["oidc_client_secret_hash"] }}'
+        client_secret: '{{ authelia_secrets["synapse_client_secret_hash"] }}'
         redirect_uris: 'https://matrix.{{ domain }}/_synapse/client/oidc/callback'
         scopes:
           - 'openid'

roles/synapse/templates/homeserver.yaml

@@ -113,8 +113,8 @@ oidc_providers:
     idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
     discover: false
     issuer: "https://auth.{{ domain }}"
-    client_id: '{{ synapse_secrets["oidc_client_id"] }}'
-    client_secret: '{{ synapse_secrets["oidc_client_secret"] }}'
+    client_id: '{{ authelia_secrets["synapse_client_id"] }}'
+    client_secret: '{{ authelia_secrets["synapse_client_secret"] }}'
     scopes: ["openid", "profile", "email"]
     authorization_endpoint: 'https://auth.{{ domain }}/api/oidc/authorization'
     token_endpoint: 'https://auth.{{ domain }}/api/oidc/token'

secrets.yml.example

@@ -18,6 +18,9 @@ authelia_secrets:
   hedgedoc_client_id:
   hedgedoc_client_secret:
   hedgedoc_client_secret_hash:
+  synapse_client_id:
+  synapse_client_secret:
+  synapse_client_secret_hash:
 
   hmac_secret:
   jwks_key: | # openssl genrsa 4096
@@ -61,9 +64,6 @@ searxng_secrets:
   searxng_secret:
 
 synapse_secrets:
-  oidc_client_id:
-  oidc_client_secret:
-  oidc_client_secret_hash:
   smtp_user:
   smtp_pass:
   postgres_user: