Refactor the vault/secrets

playbooks/roles/synapse/defaults/main.yml

@@ -1,4 +1,8 @@
 ---
+synapse_macaroon_secret_key: "{{ undef() }}"
+synapse_form_secret: "{{ undef() }}"
+synapse_signing_key: "{{ undef() }}"
+
 synapse_svc:
   domain: "{{ all_services | service_get_domain(role_name) }}"
   docker_host: synapse-admin
@@ -66,8 +70,8 @@ synapse_yml:
   enable_metrics: true
   report_stats: true
 
-  macaroon_secret_key: "{{ vault_synapse.macaroon_secret_key }}"
-  form_secret: "{{ vault_synapse.form_secret }}"
+  macaroon_secret_key: "{{ synapse_macaroon_secret_key | mandatory }}"
+  form_secret: "{{ synapse_form_secret | mandatory }}"
   signing_key_path: "{{ (svc.config_path, 'msrg.cc.signing.key') | path_join }}"
 
   trusted_key_servers: