From ad01c39914eb78e2c9007a94d6f91d4885ab9752 Mon Sep 17 00:00:00 2001
From: MadLittleMods <MadLittleMods@users.noreply.github.com>
Date: Tue, 11 Jul 2023 18:09:05 +0000
Subject: deploy: 224ef0b669fdd85925d66deb38ba1b51c5aaa1bd

---
 .../usage/configuration/config_documentation.html  | 51 +++++++++++++++++++++-
 1 file changed, 50 insertions(+), 1 deletion(-)

(limited to 'develop/usage/configuration/config_documentation.html')

diff --git a/develop/usage/configuration/config_documentation.html b/develop/usage/configuration/config_documentation.html
index 9c26da6455..dc2bac0c7f 100644
--- a/develop/usage/configuration/config_documentation.html
+++ b/develop/usage/configuration/config_documentation.html
@@ -523,6 +523,23 @@ on this port. Sub-options for each resource are:</p>
 additional endpoints which should be loaded via dynamic modules.</p>
 </li>
 </ul>
+<p>Unix socket support (<em>Added in Synapse 1.88.0</em>):</p>
+<ul>
+<li><code>path</code>: A path and filename for a Unix socket. Make sure it is located in a
+directory with read and write permissions, and that it already exists (the directory
+will not be created). Defaults to <code>None</code>.
+<ul>
+<li><strong>Note</strong>: The use of both <code>path</code> and <code>port</code> options for the same <code>listener</code> is not
+compatible.</li>
+<li>The <code>x_forwarded</code> option defaults to true  when using Unix sockets and can be omitted.</li>
+<li>Other options that would not make sense to use with a UNIX socket, such as 
+<code>bind_addresses</code> and <code>tls</code> will be ignored and can be removed.</li>
+</ul>
+</li>
+<li><code>mode</code>: The file permissions to set on the UNIX socket. Defaults to <code>666</code></li>
+<li><strong>Note:</strong> Must be set as <code>type: http</code> (does not support <code>metrics</code> and <code>manhole</code>). 
+Also make sure that <code>metrics</code> is not included in <code>resources</code> -&gt; <code>names</code></li>
+</ul>
 <p>Valid resource names are:</p>
 <ul>
 <li>
@@ -541,7 +558,7 @@ additional endpoints which should be loaded via dynamic modules.</p>
 <p><code>media</code>: the media API (/_matrix/media).</p>
 </li>
 <li>
-<p><code>metrics</code>: the metrics interface. See <a href="../../metrics-howto.html">here</a>.</p>
+<p><code>metrics</code>: the metrics interface. See <a href="../../metrics-howto.html">here</a>. (Not compatible with Unix sockets)</p>
 </li>
 <li>
 <p><code>openid</code>: OpenID authentication. See <a href="../../openid.html">here</a>.</p>
@@ -603,6 +620,20 @@ for <a href="../../workers.html">workers</a> and containers without listener e.g
     bind_addresses: ['::1', '127.0.0.1']
     type: manhole
 </code></pre>
+<p>Example configuration #3:</p>
+<pre><code class="language-yaml">listeners:
+  # Unix socket listener: Ideal for Synapse deployments behind a reverse proxy, offering
+  # lightweight interprocess communication without TCP/IP overhead, avoid port
+  # conflicts, and providing enhanced security through system file permissions.
+  #
+  # Note that x_forwarded will default to true, when using a UNIX socket. Please see
+  # https://matrix-org.github.io/synapse/latest/reverse_proxy.html.
+  #
+  - path: /var/run/synapse/main_public.sock
+    type: http
+    resources:
+      - names: [client, federation]
+</code></pre>
 <hr />
 <h3 id="manhole_settings"><a class="header" href="#manhole_settings"><code>manhole_settings</code></a></h3>
 <p>Connection settings for the manhole. You can find more information
@@ -3531,6 +3562,13 @@ inside the <code>listener</code> block for a <code>replication</code> listener.<
     host: localhost
     port: 8034
 </code></pre>
+<p>Example configuration(#2, for UNIX sockets):</p>
+<pre><code class="language-yaml">instance_map:
+  main:
+    path: /var/run/synapse/main_replication.sock
+  worker1:
+    path: /var/run/synapse/worker1_replication.sock
+</code></pre>
 <hr />
 <h3 id="stream_writers"><a class="header" href="#stream_writers"><code>stream_writers</code></a></h3>
 <p>Experimental: When using workers you can define which workers should
@@ -3670,6 +3708,17 @@ requests from other workers.</p>
     resources:
       - names: [client, federation]
 </code></pre>
+<p>Example configuration(#2, using UNIX sockets with a <code>replication</code> listener):</p>
+<pre><code class="language-yaml">worker_listeners:
+  - type: http
+    path: /var/run/synapse/worker_public.sock
+    resources:
+      - names: [client, federation]
+  - type: http
+    path: /var/run/synapse/worker_replication.sock
+    resources:
+      - names: [replication]
+</code></pre>
 <hr />
 <h3 id="worker_manhole"><a class="header" href="#worker_manhole"><code>worker_manhole</code></a></h3>
 <p>A worker may have a listener for <a href="../../manhole.html"><code>manhole</code></a>.
-- 
cgit 1.5.1