From 9dcf289c7a1f57bfb512f406ddcfb22895e30846 Mon Sep 17 00:00:00 2001
From: bumpsoo <bumpsoo063@protonmail.ch>
Date: Sun, 5 Jan 2025 11:37:40 +0900
Subject: [PATCH] (doc): Update docker-compose.yml and conduwuit-example.toml

The server cannot start without a registration token when registration is configured

Signed-off-by: bumpsoo <bumpsoo063@protonmail.ch>
---
 conduwuit-example.toml                        | 7 +++++--
 docs/deploying/docker-compose.for-traefik.yml | 2 ++
 docs/deploying/docker-compose.with-caddy.yml  | 2 ++
 docs/deploying/docker-compose.yml             | 2 ++
 src/core/config/mod.rs                        | 6 +++++-
 5 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/conduwuit-example.toml b/conduwuit-example.toml
index 79efbd14..3ecc1628 100644
--- a/conduwuit-example.toml
+++ b/conduwuit-example.toml
@@ -389,13 +389,16 @@
 #
 #allow_registration = false
 
-# This item is undocumented. Please contribute documentation for it.
+# Enabling this setting opens registration to anyone without restrictions.
+# This makes your server vulnerable to abuse
 #
 #yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = false
 
 # A static registration token that new users will have to provide when
 # creating an account. If unset and `allow_registration` is true,
-# registration is open without any condition.
+# you must set
+# `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`
+# to true to allow open registration without any conditions.
 #
 # YOU NEED TO EDIT THIS OR USE registration_token_file.
 #
diff --git a/docs/deploying/docker-compose.for-traefik.yml b/docs/deploying/docker-compose.for-traefik.yml
index b4316426..366f6999 100644
--- a/docs/deploying/docker-compose.for-traefik.yml
+++ b/docs/deploying/docker-compose.for-traefik.yml
@@ -17,6 +17,8 @@ services:
       CONDUWUIT_PORT: 6167 # should match the loadbalancer traefik label
       CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
       CONDUWUIT_ALLOW_REGISTRATION: 'true'
+      CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
+      #CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
       CONDUWUIT_ALLOW_FEDERATION: 'true'
       CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
       CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
diff --git a/docs/deploying/docker-compose.with-caddy.yml b/docs/deploying/docker-compose.with-caddy.yml
index c080293f..431cf2d4 100644
--- a/docs/deploying/docker-compose.with-caddy.yml
+++ b/docs/deploying/docker-compose.with-caddy.yml
@@ -33,6 +33,8 @@ services:
             CONDUWUIT_PORT: 6167
             CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
             CONDUWUIT_ALLOW_REGISTRATION: 'true'
+            CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
+            #CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
             CONDUWUIT_ALLOW_FEDERATION: 'true'
             CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
             CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
diff --git a/docs/deploying/docker-compose.yml b/docs/deploying/docker-compose.yml
index 3b7d84ed..ca33b5f5 100644
--- a/docs/deploying/docker-compose.yml
+++ b/docs/deploying/docker-compose.yml
@@ -17,6 +17,8 @@ services:
             CONDUWUIT_PORT: 6167
             CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
             CONDUWUIT_ALLOW_REGISTRATION: 'true'
+            CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
+            #CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
             CONDUWUIT_ALLOW_FEDERATION: 'true'
             CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
             CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
diff --git a/src/core/config/mod.rs b/src/core/config/mod.rs
index c541c7e4..133f0887 100644
--- a/src/core/config/mod.rs
+++ b/src/core/config/mod.rs
@@ -492,12 +492,16 @@ pub struct Config {
 	#[serde(default)]
 	pub allow_registration: bool,
 
+	/// Enabling this setting opens registration to anyone without restrictions.
+	/// This makes your server vulnerable to abuse
 	#[serde(default)]
 	pub yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse: bool,
 
 	/// A static registration token that new users will have to provide when
 	/// creating an account. If unset and `allow_registration` is true,
-	/// registration is open without any condition.
+	/// you must set
+	/// `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`
+	/// to true to allow open registration without any conditions.
 	///
 	/// YOU NEED TO EDIT THIS OR USE registration_token_file.
 	///