Make enable open registration a parameter

build/docker/config/dendrite.yaml

@@ -142,11 +142,6 @@ client_api:
   # using the registration shared secret below.
   registration_disabled: true
 
-  # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended,
-  # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect
-  # unless `registration_disabled` is set to false.
-  enable_registration_without_verification: false
-
   # If set, allows registration by anyone who knows the shared secret, regardless of
   # whether registration is otherwise disabled.
   registration_shared_secret: ""

dendrite-config.yaml

@@ -161,11 +161,6 @@ client_api:
   # using the registration shared secret below.
   registration_disabled: true
 
-  # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended,
-  # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect
-  # unless `registration_disabled` is set to false.
-  enable_registration_without_verification: false
-
   # Prevents new guest accounts from being created. Guest registration is also
   # disabled implicitly by setting 'registration_disabled' above.
   guests_disabled: true

setup/config/config_clientapi.go

@@ -19,7 +19,7 @@ type ClientAPI struct {
 	// Enable registration without captcha verification or shared secret. Note: this option is *not* recommended,
 	// as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect
 	// unless `registration_disabled` is set to false.
-	RegistrationWithoutVerificationEnabled bool `yaml:"enable_registration_without_verification"`
+	RegistrationWithoutVerificationEnabled bool `yaml:"-"`
 
 	// If set, allows registration by anyone who also has the shared
 	// secret, even if registration is otherwise disabled.
@@ -63,6 +63,9 @@ func (c *ClientAPI) Defaults(generate bool) {
 	c.RecaptchaSiteVerifyAPI = ""
 	c.RegistrationDisabled = false
 	c.RegistrationWithoutVerificationEnabled = false
+	if generate {
+		c.RegistrationWithoutVerificationEnabled = true
+	}
 	c.RateLimiting.Defaults()
 }
 

setup/flags.go

@@ -25,8 +25,9 @@ import (
 )
 
 var (
-	configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.")
+	configPath                            = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.")
-	version    = flag.Bool("version", false, "Shows the current version and exits immediately.")
+	version                               = flag.Bool("version", false, "Shows the current version and exits immediately.")
+	enableRegistrationWithoutVerification = flag.Bool("really-enable-open-registration", false, "This allows open registration without verification (captcha, shared secret etc). (NOT RECOMMENDED)")
 )
 
 // ParseFlags parses the commandline flags and uses them to create a config.
@@ -48,5 +49,9 @@ func ParseFlags(monolith bool) *config.Dendrite {
 		logrus.Fatalf("Invalid config file: %s", err)
 	}
 
+	if *enableRegistrationWithoutVerification {
+		cfg.ClientAPI.RegistrationWithoutVerificationEnabled = true
+	}
+
 	return cfg
 }