From 36ef2c6131ae355e341c8d9b3f77949bcc8bf68d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 19 Jan 2023 16:59:37 +0200 Subject: [PATCH] Do not recommend SSE-C in default s3-storage-provider config This is an advanced feature with dubious usefulness. Putting it in the default config just confuses people. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2220 --- docs/configuring-playbook-synapse-s3-storage-provider.md | 7 ------- 1 file changed, 7 deletions(-) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 4f6314e4..6022eaad 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -39,13 +39,6 @@ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key- matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: secret-key-goes-here matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. -# S3 Server Side Encryption with a Customer provided key (SSE-C) can also be configured as follows -# This is not recommended unless you understand what you are doing, and may make restoring from backups additionally challenging -# You can read more about SSE-C here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html -matrix_synapse_ext_synapse_s3_storage_provider_config_sse_customer_enabled: true -matrix_synapse_ext_synapse_s3_storage_provider_config_sse_customer_key: ssec-key-goes-here # Generate with: cat /dev/urandom | base64 | head -c 32 -matrix_synapse_ext_synapse_s3_storage_provider_config_sse_customer_algo: AES256 - # For additional advanced settings, take a look at `roles/custom/matrix-synapse/defaults/main.yml` ```