diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2022-08-30 08:21:19 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-30 12:21:19 +0000 |
commit | e761e8b475e26341d6d26ecc1499233c5f57c7ec (patch) | |
tree | e89cfa62b6cd2d8d95e0e4dcce6e4470fe35a49a | |
parent | Fix bug where we wedge media plugins if clients disconnect early (#13660) (diff) | |
download | synapse-e761e8b475e26341d6d26ecc1499233c5f57c7ec.tar.xz |
Clarify documentation about replication traffic. (#13656)
It can be authenticated with the worker_replication_secret setting, but is always unencrypted.
Diffstat (limited to '')
-rw-r--r-- | changelog.d/13656.doc | 1 | ||||
-rw-r--r-- | docs/workers.md | 5 |
2 files changed, 5 insertions, 1 deletions
diff --git a/changelog.d/13656.doc b/changelog.d/13656.doc new file mode 100644 index 0000000000..61013a0daf --- /dev/null +++ b/changelog.d/13656.doc @@ -0,0 +1 @@ +Clarify documentation that HTTP replication traffic can be protected with a shared secret. diff --git a/docs/workers.md b/docs/workers.md index 6969c424d8..dce584972d 100644 --- a/docs/workers.md +++ b/docs/workers.md @@ -120,7 +120,10 @@ redis: See the sample config for the full documentation of each option. Under **no circumstances** should the replication listener be exposed to the -public internet; it has no authentication and is unencrypted. +public internet; replication traffic is: + +* always unencrypted +* unauthenticated, unless `worker_replication_secret` is configured ### Worker configuration |