diff options
| author | Neil Johnson <neil@matrix.org> | 2019-06-06 17:23:02 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-06 17:23:02 +0100 |
| commit | 833c406b9b34392eb64780eeef6b670be762ea21 (patch) | |
| tree | bdaae34b3fbaea7af8c7dadb205c37f173c926da /INSTALL.md | |
| parent | Regen sample config before kicking off agents (#5370) (diff) | |
| download | synapse-833c406b9b34392eb64780eeef6b670be762ea21.tar.xz | |
Neilj/1.0 upgrade notes (#5371)
1.0 upgrade/install notes
Diffstat (limited to 'INSTALL.md')
| -rw-r--r-- | INSTALL.md | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/INSTALL.md b/INSTALL.md index 1934593148..d3a450f40f 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -5,6 +5,7 @@ * [Prebuilt packages](#prebuilt-packages) * [Setting up Synapse](#setting-up-synapse) * [TLS certificates](#tls-certificates) + * [Email](#email) * [Registering a user](#registering-a-user) * [Setting up a TURN server](#setting-up-a-turn-server) * [URL previews](#url-previews) @@ -394,9 +395,31 @@ To configure Synapse to expose an HTTPS port, you will need to edit instance, if using certbot, use `fullchain.pem` as your certificate, not `cert.pem`). -For those of you upgrading your TLS certificate in readiness for Synapse 1.0, +For those of you upgrading your TLS certificate for Synapse 1.0 compliance, please take a look at [our guide](docs/MSC1711_certificates_FAQ.md#configuring-certificates-for-compatibility-with-synapse-100). +## Email + +It is desirable for Synapse to have the capability to send email. For example, +this is required to support the 'password reset' feature. + +To configure an SMTP server for Synapse, modify the configuration section +headed ``email``, and be sure to have at least the ``smtp_host``, ``smtp_port`` +and ``notif_from`` fields filled out. You may also need to set ``smtp_user``, +``smtp_pass``, and ``require_transport_security``.. + +If Synapse is not configured with an SMTP server, password reset via email will + be disabled by default. + +Alternatively it is possible delegate the sending of email to the server's +identity server. Doing so is convenient but not recommended, since a malicious +or compromised identity server could theoretically hijack a given user's +account by redirecting mail. + +If you are absolutely certain that you wish to use the server's identity server +for password resets, set ``trust_identity_server_for_password_resets`` to +``true`` under the ``email:`` configuration section. + ## Registering a user You will need at least one user on your server in order to use a Matrix |