`hash_password` should fail if you don't supply a configuration file

[reivilibre]

synapse/scripts/hash_password

Lines 52 to 56 in 3b88722

	if "config" in args and args.config:
	config = yaml.safe_load(args.config)
	bcrypt_rounds = config.get("bcrypt_rounds", bcrypt_rounds)
	password_config = config.get("password_config", None) or {}
	password_pepper = password_config.get("pepper", password_pepper)

It seems to have some defaults but I somewhat doubt they are actually useful to anyone who generated their homeserver config 'properly'.
I guess it's too late to make it fail in case the current behaviour is useful to someone, but I wish it would at least print a warning.

Bit me just now (well, since last night...) as I needed to reset a LP.net user's password, and come to think of it it's not the first time either!

[richvdh]

I don't think it would be at all unreasonable to make it fail without a config file.

[madduck]

I would find it very beneficial if the situation was clarified a bit more in the manpage:

1. The defaults are 12 and "" and they cannot be changed without invalidating existing passwords;
2. The example YAML file in the manpage should probably be changed to these defaults;
3. The YAML file to use should be homeserver.yaml or the appropriate file in conf.d;
4. homseserver.yaml does not need to specify these values, as the defaults will be used in case of absence.

Thanks,