diff options
author | Tuomas Ojamies <tuomas.ojamies@gmail.com> | 2022-11-15 13:55:00 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-11-15 12:55:00 +0000 |
commit | b5ab2c428a1c5edd634ff084019811e5f6b963d8 (patch) | |
tree | c2d8ac06e38f34df6b7a73f628fdec61e1ea04e3 /docs/usage/configuration | |
parent | Update docstring to clarify that `get_partial_state_events_batch` does not ju... (diff) | |
download | synapse-b5ab2c428a1c5edd634ff084019811e5f6b963d8.tar.xz |
Support using SSL on worker endpoints. (#14128)
* Fix missing SSL support in worker endpoints. * Add changelog * SSL for Replication endpoint * Remove unit test change * Refactor listener creation to reduce duplicated code * Fix the logger message * Update synapse/app/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Update synapse/app/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Update synapse/app/_base.py Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> * Add config documentation for new TLS option Co-authored-by: Tuomas Ojamies <tojamies@palantir.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
Diffstat (limited to 'docs/usage/configuration')
-rw-r--r-- | docs/usage/configuration/config_documentation.md | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index 9a6bd08d01..f5937dd902 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -3893,6 +3893,26 @@ Example configuration: worker_replication_http_port: 9093 ``` --- +### `worker_replication_http_tls` + +Whether TLS should be used for talking to the HTTP replication port on the main +Synapse process. +The main Synapse process defines this with the `tls` option on its [listener](#listeners) that +has the `replication` resource enabled. + +**Please note:** by default, it is not safe to expose replication ports to the +public Internet, even with TLS enabled. +See [`worker_replication_secret`](#worker_replication_secret). + +Defaults to `false`. + +*Added in Synapse 1.72.0.* + +Example configuration: +```yaml +worker_replication_http_tls: true +``` +--- ### `worker_listeners` A worker can handle HTTP requests. To do so, a `worker_listeners` option |