diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2020-12-04 10:56:28 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-04 10:56:28 -0500 |
commit | 96358cb42410a4be6268eaa3ffec229c550208ea (patch) | |
tree | 5edef7ceff55c023747f5084ea4304649b15781d /synapse/config | |
parent | Pass room_id to get_auth_chain_difference (#8879) (diff) | |
download | synapse-96358cb42410a4be6268eaa3ffec229c550208ea.tar.xz |
Add authentication to replication endpoints. (#8853)
Authentication is done by checking a shared secret provided in the Synapse configuration file.
Diffstat (limited to 'synapse/config')
-rw-r--r-- | synapse/config/workers.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/synapse/config/workers.py b/synapse/config/workers.py index 57ab097eba..7ca9efec52 100644 --- a/synapse/config/workers.py +++ b/synapse/config/workers.py @@ -85,6 +85,9 @@ class WorkerConfig(Config): # The port on the main synapse for HTTP replication endpoint self.worker_replication_http_port = config.get("worker_replication_http_port") + # The shared secret used for authentication when connecting to the main synapse. + self.worker_replication_secret = config.get("worker_replication_secret", None) + self.worker_name = config.get("worker_name", self.worker_app) self.worker_main_http_uri = config.get("worker_main_http_uri", None) @@ -185,6 +188,13 @@ class WorkerConfig(Config): # data). If not provided this defaults to the main process. # #run_background_tasks_on: worker1 + + # A shared secret used by the replication APIs to authenticate HTTP requests + # from workers. + # + # By default this is unused and traffic is not authenticated. + # + #worker_replication_secret: "" """ def read_arguments(self, args): |