diff --git a/contrib/docker/README.md b/contrib/docker/README.md
index 221d9c53b5..25c358c847 100644
--- a/contrib/docker/README.md
+++ b/contrib/docker/README.md
@@ -111,6 +111,8 @@ variables are available for configuration:
* ``SYNAPSE_SERVER_NAME`` (mandatory), the current server public hostname.
* ``SYNAPSE_REPORT_STATS``, (mandatory, ``yes`` or ``no``), enable anonymous
statistics reporting back to the Matrix project which helps us to get funding.
+* ``SYNAPSE_MACAROON_SECRET_KEY`` (mandatory) secret for signing access tokens
+ to the server, set this to a proper random key.
* ``SYNAPSE_NO_TLS``, set this variable to disable TLS in Synapse (use this if
you run your own TLS-capable reverse proxy).
* ``SYNAPSE_ENABLE_REGISTRATION``, set this variable to enable registration on
@@ -130,7 +132,6 @@ Shared secrets, that will be initialized to random values if not set:
* ``SYNAPSE_REGISTRATION_SHARED_SECRET``, secret for registrering users if
registration is disable.
-* ``SYNAPSE_MACAROON_SECRET_KEY``, secret for Macaroon.
Database specific values (will use SQLite if not set):
diff --git a/contrib/docker/start.py b/contrib/docker/start.py
index 32142bbe00..d4c1140b1d 100755
--- a/contrib/docker/start.py
+++ b/contrib/docker/start.py
@@ -44,8 +44,8 @@ else:
if "SYNAPSE_CONFIG_PATH" in environ:
args += ["--config-path", environ["SYNAPSE_CONFIG_PATH"]]
else:
- check_arguments(environ, ("SYNAPSE_SERVER_NAME", "SYNAPSE_REPORT_STATS"))
- generate_secrets(environ, ("SYNAPSE_REGISTRATION_SHARED_SECRET", "SYNAPSE_MACAROON_SECRET_KEY"))
+ check_arguments(environ, ("SYNAPSE_SERVER_NAME", "SYNAPSE_REPORT_STATS", "SYNAPSE_MACAROON_SECRET_KEY"))
+ generate_secrets(environ, ("SYNAPSE_REGISTRATION_SHARED_SECRET",))
environ["SYNAPSE_APPSERVICES"] = glob.glob("/data/appservices/*.yaml")
if not os.path.exists("/compiled"): os.mkdir("/compiled")
convert("/conf/homeserver.yaml", "/compiled/homeserver.yaml", environ)
|
