summary refs log tree commit diff
diff options
context:
space:
mode:
authorDrew Short <warrick@sothr.com>2021-08-09 10:12:53 -0500
committerGitHub <noreply@github.com>2021-08-09 15:12:53 +0000
commit189c055eb6d8a0db7aa520ecec23819d15bfaa26 (patch)
tree08d47de7865fa1850c67ff2c5ff7d6081ff9e9ad
parentMerge branch 'release-v1.40' into develop (diff)
downloadsynapse-189c055eb6d8a0db7aa520ecec23819d15bfaa26.tar.xz
Moved homeserver documentation above reverse proxy examples (#10551)
Signed-off-by: Drew Short <warrick@sothr.com>
-rw-r--r--changelog.d/10551.doc1
-rw-r--r--docs/reverse_proxy.md23
2 files changed, 14 insertions, 10 deletions
diff --git a/changelog.d/10551.doc b/changelog.d/10551.doc
new file mode 100644
index 0000000000..4a2b0785bf
--- /dev/null
+++ b/changelog.d/10551.doc
@@ -0,0 +1 @@
+Updated the reverse proxy documentation to highlight the homserver configuration that is needed to make Synapse aware that is is intentionally reverse proxied.
diff --git a/docs/reverse_proxy.md b/docs/reverse_proxy.md
index 76bb45aff2..5f8d20129e 100644
--- a/docs/reverse_proxy.md
+++ b/docs/reverse_proxy.md
@@ -33,6 +33,19 @@ Let's assume that we expect clients to connect to our server at
 `https://example.com:8448`.  The following sections detail the configuration of
 the reverse proxy and the homeserver.
 
+
+## Homeserver Configuration
+
+The HTTP configuration will need to be updated for Synapse to correctly record 
+client IP addresses and generate redirect URLs while behind a reverse proxy. 
+
+In `homeserver.yaml` set `x_forwarded: true` in the port 8008 section and 
+consider setting `bind_addresses: ['127.0.0.1']` so that the server only
+listens to traffic on localhost. (Do not change `bind_addresses` to `127.0.0.1` 
+when using a containerized Synapse, as that will prevent it from responding
+to proxied traffic.)
+
+
 ## Reverse-proxy configuration examples
 
 **NOTE**: You only need one of these.
@@ -239,16 +252,6 @@ relay "matrix_federation" {
 }
 ```
 
-## Homeserver Configuration
-
-You will also want to set `bind_addresses: ['127.0.0.1']` and
-`x_forwarded: true` for port 8008 in `homeserver.yaml` to ensure that
-client IP addresses are recorded correctly.
-
-Having done so, you can then use `https://matrix.example.com` (instead
-of `https://matrix.example.com:8448`) as the "Custom server" when
-connecting to Synapse from a client.
-
 
 ## Health check endpoint