From 72cb30e706b1590ed6ce1f7274f5f98bec06947c Mon Sep 17 00:00:00 2001
From: gyurix <gyurix@gmail.com>
Date: Tue, 2 Sep 2025 10:27:22 +0200
Subject: [PATCH] Remove registration_shared_secret from homeserver.yaml for
 security; trigger restart of Synapse after admin user creation

---
 start.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/start.sh b/start.sh
index a9e4037..380954b 100644
--- a/start.sh
+++ b/start.sh
@@ -116,6 +116,14 @@ register_admin_user() {
 
     if echo "$response" | grep -q '"user_id"\|"access_token"'; then
         echo "Admin user created successfully!"
+        
+        # renmove registration_shared_secret from homeserver.yaml for security
+        yq eval '.registration_shared_secret = ""' /data/homeserver.yaml > /data/homeserver.yaml.tmp && mv /data/homeserver.yaml.tmp /data/homeserver.yaml
+        
+        # trigger a restart of synapse to reload config
+        echo '{"NAME":"service-matrix.containers.matrixserver-app"}' | jq -r > /var/tmp/input/upgrade.json
+        echo "Matrix server app restart requested"
+
         return 0
     else
         echo "Failed to create admin user. Response: $response"
@@ -135,7 +143,6 @@ check_admin_by_login() {
     
     if echo "$response" | grep -q access_token; then 
         echo "Successfully logged in as admin user"
-        yq eval '.registration_shared_secret = ""' /data/homeserver.yaml > /data/homeserver.yaml.tmp && mv /data/homeserver.yaml.tmp /data/homeserver.yaml
         return 0  # User exists and password is correct
 
     fi