Upgrade Synapse (v1.27.0 -> v1.28.0)
This commit is contained in:
parent
1ef683d366
commit
ae091d7b2d
|
@ -15,7 +15,7 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
||||||
# amd64 gets released first.
|
# amd64 gets released first.
|
||||||
# arm32 relies on self-building, so the same version can be built immediately.
|
# arm32 relies on self-building, so the same version can be built immediately.
|
||||||
# arm64 users need to wait for a prebuilt image to become available.
|
# arm64 users need to wait for a prebuilt image to become available.
|
||||||
matrix_synapse_version: v1.27.0
|
matrix_synapse_version: v1.28.0
|
||||||
matrix_synapse_version_arm64: v1.26.0
|
matrix_synapse_version_arm64: v1.26.0
|
||||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||||
|
|
|
@ -141,6 +141,7 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }}
|
||||||
# - '100.64.0.0/10'
|
# - '100.64.0.0/10'
|
||||||
# - '192.0.0.0/24'
|
# - '192.0.0.0/24'
|
||||||
# - '169.254.0.0/16'
|
# - '169.254.0.0/16'
|
||||||
|
# - '192.88.99.0/24'
|
||||||
# - '198.18.0.0/15'
|
# - '198.18.0.0/15'
|
||||||
# - '192.0.2.0/24'
|
# - '192.0.2.0/24'
|
||||||
# - '198.51.100.0/24'
|
# - '198.51.100.0/24'
|
||||||
|
@ -149,6 +150,9 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }}
|
||||||
# - '::1/128'
|
# - '::1/128'
|
||||||
# - 'fe80::/10'
|
# - 'fe80::/10'
|
||||||
# - 'fc00::/7'
|
# - 'fc00::/7'
|
||||||
|
# - '2001:db8::/32'
|
||||||
|
# - 'ff00::/8'
|
||||||
|
# - 'fec0::/10'
|
||||||
|
|
||||||
# List of IP address CIDR ranges that should be allowed for federation,
|
# List of IP address CIDR ranges that should be allowed for federation,
|
||||||
# identity servers, push servers, and for checking key validity for
|
# identity servers, push servers, and for checking key validity for
|
||||||
|
@ -993,6 +997,7 @@ url_preview_ip_range_blacklist:
|
||||||
- '100.64.0.0/10'
|
- '100.64.0.0/10'
|
||||||
- '192.0.0.0/24'
|
- '192.0.0.0/24'
|
||||||
- '169.254.0.0/16'
|
- '169.254.0.0/16'
|
||||||
|
- '192.88.99.0/24'
|
||||||
- '198.18.0.0/15'
|
- '198.18.0.0/15'
|
||||||
- '192.0.2.0/24'
|
- '192.0.2.0/24'
|
||||||
- '198.51.100.0/24'
|
- '198.51.100.0/24'
|
||||||
|
@ -1001,6 +1006,9 @@ url_preview_ip_range_blacklist:
|
||||||
- '::1/128'
|
- '::1/128'
|
||||||
- 'fe80::/10'
|
- 'fe80::/10'
|
||||||
- 'fc00::/7'
|
- 'fc00::/7'
|
||||||
|
- '2001:db8::/32'
|
||||||
|
- 'ff00::/8'
|
||||||
|
- 'fec0::/10'
|
||||||
|
|
||||||
# List of IP address CIDR ranges that the URL preview spider is allowed
|
# List of IP address CIDR ranges that the URL preview spider is allowed
|
||||||
# to access even if they are specified in url_preview_ip_range_blacklist.
|
# to access even if they are specified in url_preview_ip_range_blacklist.
|
||||||
|
@ -1327,6 +1335,8 @@ account_threepid_delegates:
|
||||||
# By default, any room aliases included in this list will be created
|
# By default, any room aliases included in this list will be created
|
||||||
# as a publicly joinable room when the first user registers for the
|
# as a publicly joinable room when the first user registers for the
|
||||||
# homeserver. This behaviour can be customised with the settings below.
|
# homeserver. This behaviour can be customised with the settings below.
|
||||||
|
# If the room already exists, make certain it is a publicly joinable
|
||||||
|
# room. The join rule of the room must be set to 'public'.
|
||||||
#
|
#
|
||||||
#auto_join_rooms:
|
#auto_join_rooms:
|
||||||
# - "#example:example.com"
|
# - "#example:example.com"
|
||||||
|
@ -1869,9 +1879,9 @@ oidc_providers:
|
||||||
# user_mapping_provider:
|
# user_mapping_provider:
|
||||||
# config:
|
# config:
|
||||||
# subject_claim: "id"
|
# subject_claim: "id"
|
||||||
# localpart_template: "{ user.login }"
|
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
|
||||||
# display_name_template: "{ user.name }"
|
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
||||||
# email_template: "{ user.email }"
|
# email_template: "{% raw %}{{ user.email }}{% endraw %}"
|
||||||
|
|
||||||
# For use with Keycloak
|
# For use with Keycloak
|
||||||
#
|
#
|
||||||
|
@ -1898,8 +1908,8 @@ oidc_providers:
|
||||||
# user_mapping_provider:
|
# user_mapping_provider:
|
||||||
# config:
|
# config:
|
||||||
# subject_claim: "id"
|
# subject_claim: "id"
|
||||||
# localpart_template: "{ user.login }"
|
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
|
||||||
# display_name_template: "{ user.name }"
|
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
||||||
|
|
||||||
|
|
||||||
# Enable Central Authentication Service (CAS) for registration and login.
|
# Enable Central Authentication Service (CAS) for registration and login.
|
||||||
|
@ -2227,11 +2237,11 @@ password_config:
|
||||||
#require_uppercase: true
|
#require_uppercase: true
|
||||||
|
|
||||||
ui_auth:
|
ui_auth:
|
||||||
# The number of milliseconds to allow a user-interactive authentication
|
# The amount of time to allow a user-interactive authentication session
|
||||||
# session to be active.
|
# to be active.
|
||||||
#
|
#
|
||||||
# This defaults to 0, meaning the user is queried for their credentials
|
# This defaults to 0, meaning the user is queried for their credentials
|
||||||
# before every action, but this can be overridden to alow a single
|
# before every action, but this can be overridden to allow a single
|
||||||
# validation to be re-used. This weakens the protections afforded by
|
# validation to be re-used. This weakens the protections afforded by
|
||||||
# the user-interactive authentication process, by allowing for multiple
|
# the user-interactive authentication process, by allowing for multiple
|
||||||
# (and potentially different) operations to use the same validation session.
|
# (and potentially different) operations to use the same validation session.
|
||||||
|
@ -2239,7 +2249,7 @@ ui_auth:
|
||||||
# Uncomment below to allow for credential validation to last for 15
|
# Uncomment below to allow for credential validation to last for 15
|
||||||
# seconds.
|
# seconds.
|
||||||
#
|
#
|
||||||
#session_timeout: 15000
|
#session_timeout: "15s"
|
||||||
|
|
||||||
|
|
||||||
{% if matrix_synapse_email_enabled %}
|
{% if matrix_synapse_email_enabled %}
|
||||||
|
|
|
@ -107,7 +107,8 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||||
|
|
||||||
# Ensure that all SSO logins go to a single process.
|
# Ensure that all SSO logins go to a single process.
|
||||||
# For multiple workers not handling the SSO endpoints properly, see
|
# For multiple workers not handling the SSO endpoints properly, see
|
||||||
# [#7530](https://github.com/matrix-org/synapse/issues/7530).
|
# [#7530](https://github.com/matrix-org/synapse/issues/7530) and
|
||||||
|
# [#9427](https://github.com/matrix-org/synapse/issues/9427).
|
||||||
|
|
||||||
# Note that a HTTP listener with `client` and `federation` resources must be
|
# Note that a HTTP listener with `client` and `federation` resources must be
|
||||||
# configured in the `worker_listeners` option in the worker config.
|
# configured in the `worker_listeners` option in the worker config.
|
||||||
|
@ -203,7 +204,15 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||||
# REST endpoints itself, but you should set `start_pushers: False` in the
|
# REST endpoints itself, but you should set `start_pushers: False` in the
|
||||||
# shared configuration file to stop the main synapse sending push notifications.
|
# shared configuration file to stop the main synapse sending push notifications.
|
||||||
|
|
||||||
# Note this worker cannot be load-balanced: only one instance should be active.
|
# To run multiple instances at once the `pusher_instances` option should list all
|
||||||
|
# pusher instances by their worker name, e.g.:
|
||||||
|
|
||||||
|
# ```yaml
|
||||||
|
# pusher_instances:
|
||||||
|
# - pusher_worker1
|
||||||
|
# - pusher_worker2
|
||||||
|
# ```
|
||||||
|
|
||||||
# ]
|
# ]
|
||||||
|
|
||||||
# appservice worker (no API endpoints) [
|
# appservice worker (no API endpoints) [
|
||||||
|
|
Loading…
Reference in a new issue