Merge commit 'f299441cc' into anoa/dinsic_release_1_18_x

* commit 'f299441cc': Add ability to shard the federation sender (#7798)
author: Andrew Morgan <andrew@amorgan.xyz> 2020-08-03 17:28:09 -0700
committer: Andrew Morgan <andrew@amorgan.xyz> 2020-08-03 17:28:09 -0700
commit: bf6cf4b6512ce2553e34932de0de18ec994cfd39 (patch)
tree: 45c499f7a24908324029fc1ba0c5ce065b1c127f /docs
parent: Merge commit 'f1245dc3c' into anoa/dinsic_release_1_18_x (diff)
parent: Add ability to shard the federation sender (#7798) (diff)
download: synapse-bf6cf4b6512ce2553e34932de0de18ec994cfd39.tar.xz
1 files changed, 33 insertions, 32 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 390cd7d607..31ed49da33 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -118,38 +118,6 @@ pid_file: DATADIR/homeserver.pid
 #
 #enable_search: false
 
-# Restrict federation to the following whitelist of domains.
-# N.B. we recommend also firewalling your federation listener to limit
-# inbound federation traffic as early as possible, rather than relying
-# purely on this application-layer restriction.  If not specified, the
-# default is to whitelist everything.
-#
-#federation_domain_whitelist:
-#  - lon.example.com
-#  - nyc.example.com
-#  - syd.example.com
-
-# Prevent federation requests from being sent to the following
-# blacklist IP address CIDR ranges. If this option is not specified, or
-# specified with an empty list, no ip range blacklist will be enforced.
-#
-# As of Synapse v1.4.0 this option also affects any outbound requests to identity
-# servers provided by user input.
-#
-# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
-# listed here, since they correspond to unroutable addresses.)
-#
-federation_ip_range_blacklist:
-  - '127.0.0.0/8'
-  - '10.0.0.0/8'
-  - '172.16.0.0/12'
-  - '192.168.0.0/16'
-  - '100.64.0.0/10'
-  - '169.254.0.0/16'
-  - '::1/128'
-  - 'fe80::/64'
-  - 'fc00::/7'
-
 # List of ports that Synapse should listen on, their purpose and their
 # configuration.
 #
@@ -676,6 +644,39 @@ acme:
 
 
 
+# Restrict federation to the following whitelist of domains.
+# N.B. we recommend also firewalling your federation listener to limit
+# inbound federation traffic as early as possible, rather than relying
+# purely on this application-layer restriction.  If not specified, the
+# default is to whitelist everything.
+#
+#federation_domain_whitelist:
+#  - lon.example.com
+#  - nyc.example.com
+#  - syd.example.com
+
+# Prevent federation requests from being sent to the following
+# blacklist IP address CIDR ranges. If this option is not specified, or
+# specified with an empty list, no ip range blacklist will be enforced.
+#
+# As of Synapse v1.4.0 this option also affects any outbound requests to identity
+# servers provided by user input.
+#
+# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
+# listed here, since they correspond to unroutable addresses.)
+#
+federation_ip_range_blacklist:
+  - '127.0.0.0/8'
+  - '10.0.0.0/8'
+  - '172.16.0.0/12'
+  - '192.168.0.0/16'
+  - '100.64.0.0/10'
+  - '169.254.0.0/16'
+  - '::1/128'
+  - 'fe80::/64'
+  - 'fc00::/7'
+
+
 ## Caching ##
 
 # Caching can be configured through the following options.
author	Andrew Morgan <andrew@amorgan.xyz>	2020-08-03 17:28:09 -0700
committer	Andrew Morgan <andrew@amorgan.xyz>	2020-08-03 17:28:09 -0700
commit	bf6cf4b6512ce2553e34932de0de18ec994cfd39 (patch)
tree	45c499f7a24908324029fc1ba0c5ce065b1c127f /docs
parent	Merge commit 'f1245dc3c' into anoa/dinsic_release_1_18_x (diff)
parent	Add ability to shard the federation sender (#7798) (diff)
download	synapse-bf6cf4b6512ce2553e34932de0de18ec994cfd39.tar.xz