From 589a5c1756b805cde8b95b7d1328ce73066bd0fa Mon Sep 17 00:00:00 2001 From: richvdh Date: Mon, 9 Aug 2021 15:13:21 +0000 Subject: deploy: 189c055eb6d8a0db7aa520ecec23819d15bfaa26 --- develop/print.html | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'develop/print.html') diff --git a/develop/print.html b/develop/print.html index 8e0e68c76a..cb2d07ee7d 100644 --- a/develop/print.html +++ b/develop/print.html @@ -864,6 +864,14 @@ Beware that Apache will canonicalise URIs unless you specify https://matrix.example.com, and other servers to connect at https://example.com:8448. The following sections detail the configuration of the reverse proxy and the homeserver.

+

Homeserver Configuration

+

The HTTP configuration will need to be updated for Synapse to correctly record +client IP addresses and generate redirect URLs while behind a reverse proxy.

+

In homeserver.yaml set x_forwarded: true in the port 8008 section and +consider setting bind_addresses: ['127.0.0.1'] so that the server only +listens to traffic on localhost. (Do not change bind_addresses to 127.0.0.1 +when using a containerized Synapse, as that will prevent it from responding +to proxied traffic.)

Reverse-proxy configuration examples

NOTE: You only need one of these.

nginx

@@ -1043,13 +1051,6 @@ relay "matrix_federation" { forward to <matrixserver> port 8008 check tcp } -

Homeserver Configuration

-

You will also want to set bind_addresses: ['127.0.0.1'] and -x_forwarded: true for port 8008 in homeserver.yaml to ensure that -client IP addresses are recorded correctly.

-

Having done so, you can then use https://matrix.example.com (instead -of https://matrix.example.com:8448) as the "Custom server" when -connecting to Synapse from a client.

Health check endpoint

Synapse exposes a health check endpoint for use by reverse proxies. Each configured HTTP listener has a /health endpoint which always returns -- cgit 1.5.1