diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2019-12-19 11:11:14 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-19 11:11:14 +0000 |
| commit | b95b762560441b28f06e6458da796327e394953e (patch) | |
| tree | bfb47790bd2efa34bf85b2cb543d536b8894d900 /docs | |
| parent | Clean up startup for the pusher (#6558) (diff) | |
| download | synapse-b95b762560441b28f06e6458da796327e394953e.tar.xz | |
Add an export_signing_key script (#6546)
I want to do some key rotation, and it is silly that we don't have a way to do this.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/code_style.md | 13 | ||||
| -rw-r--r-- | docs/sample_config.yaml | 21 |
2 files changed, 20 insertions, 14 deletions
diff --git a/docs/code_style.md b/docs/code_style.md index f983f72d6c..71aecd41f7 100644 --- a/docs/code_style.md +++ b/docs/code_style.md @@ -137,6 +137,7 @@ Some guidelines follow: correctly handles the top-level option being set to `None` (as it will be if no sub-options are enabled). - Lines should be wrapped at 80 characters. +- Use two-space indents. Example: @@ -155,13 +156,13 @@ Example: # Settings for the frobber # frobber: - # frobbing speed. Defaults to 1. - # - #speed: 10 + # frobbing speed. Defaults to 1. + # + #speed: 10 - # frobbing distance. Defaults to 1000. - # - #distance: 100 + # frobbing distance. Defaults to 1000. + # + #distance: 100 Note that the sample configuration is generated from the synapse code and is maintained by a script, `scripts-dev/generate_sample_config`. diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 1787248f53..e3b05423b8 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -1122,14 +1122,19 @@ metrics_flags: signing_key_path: "CONFDIR/SERVERNAME.signing.key" # The keys that the server used to sign messages with but won't use -# to sign new messages. E.g. it has lost its private key -# -#old_signing_keys: -# "ed25519:auto": -# # Base64 encoded public key -# key: "The public part of your old signing key." -# # Millisecond POSIX timestamp when the key expired. -# expired_ts: 123456789123 +# to sign new messages. +# +old_signing_keys: + # For each key, `key` should be the base64-encoded public key, and + # `expired_ts`should be the time (in milliseconds since the unix epoch) that + # it was last used. + # + # It is possible to build an entry from an old signing.key file using the + # `export_signing_key` script which is provided with synapse. + # + # For example: + # + #"ed25519:id": { key: "base64string", expired_ts: 123456789123 } # How long key response published by this server is valid for. # Used to set the valid_until_ts in /key/v2 APIs. |