Upgrade Synapse to 1.8.0

This commit is contained in:
Slavi Pantaleev 2020-01-09 15:33:29 +02:00
parent e6d1556059
commit fddd3f922f
2 changed files with 63 additions and 26 deletions

View file

@ -3,7 +3,7 @@
matrix_synapse_enabled: true matrix_synapse_enabled: true
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.7.3" matrix_synapse_docker_image: "matrixdotorg/synapse:v1.8.0"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"

View file

@ -45,6 +45,13 @@ use_presence: {{ matrix_synapse_use_presence|to_json }}
# #
#require_auth_for_profile_requests: true #require_auth_for_profile_requests: true
# Uncomment to require a user to share a room with another user in order
# to retrieve their profile information. Only checked on Client-Server
# requests. Profile requests from other servers should be checked by the
# requesting server. Defaults to 'false'.
#
#limit_profile_requests_to_users_who_share_rooms: true
# If set to 'true', removes the need for authentication to access the server's # If set to 'true', removes the need for authentication to access the server's
# public rooms directory through the client API, meaning that anyone can # public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'. # query the room directory. Defaults to 'false'.
@ -1137,14 +1144,19 @@ form_secret: {{ matrix_synapse_form_secret|string|to_json }}
signing_key_path: "/data/{{ matrix_server_fqn_matrix }}.signing.key" signing_key_path: "/data/{{ matrix_server_fqn_matrix }}.signing.key"
# The keys that the server used to sign messages with but won't use # The keys that the server used to sign messages with but won't use
# to sign new messages. E.g. it has lost its private key # to sign new messages.
# #
#old_signing_keys: old_signing_keys:
# "ed25519:auto": # For each key, `key` should be the base64-encoded public key, and
# # Base64 encoded public key # `expired_ts`should be the time (in milliseconds since the unix epoch) that
# key: "The public part of your old signing key." # it was last used.
# # Millisecond POSIX timestamp when the key expired. #
# expired_ts: 123456789123 # It is possible to build an entry from an old signing.key file using the
# `export_signing_key` script which is provided with synapse.
#
# For example:
#
#"ed25519:id": { key: "base64string", expired_ts: 123456789123 }
# How long key response published by this server is valid for. # How long key response published by this server is valid for.
# Used to set the valid_until_ts in /key/v2 APIs. # Used to set the valid_until_ts in /key/v2 APIs.
@ -1241,7 +1253,7 @@ saml2_config:
# - url: https://our_idp/metadata.xml # - url: https://our_idp/metadata.xml
# #
# # By default, the user has to go to our login page first. If you'd like # # By default, the user has to go to our login page first. If you'd like
# # to allow IdP-initiated login, set 'allow_unsolicited: True' in a # # to allow IdP-initiated login, set 'allow_unsolicited: true' in a
# # 'service.sp' section: # # 'service.sp' section:
# # # #
# #service: # #service:
@ -1272,33 +1284,58 @@ saml2_config:
# #
#config_path: "/data/sp_conf.py" #config_path: "/data/sp_conf.py"
# the lifetime of a SAML session. This defines how long a user has to # The lifetime of a SAML session. This defines how long a user has to
# complete the authentication process, if allow_unsolicited is unset. # complete the authentication process, if allow_unsolicited is unset.
# The default is 5 minutes. # The default is 5 minutes.
# #
#saml_session_lifetime: 5m #saml_session_lifetime: 5m
# The SAML attribute (after mapping via the attribute maps) to use to derive # An external module can be provided here as a custom solution to
# the Matrix ID from. 'uid' by default. # mapping attributes returned from a saml provider onto a matrix user.
# #
#mxid_source_attribute: displayName user_mapping_provider:
# The custom module's class. Uncomment to use a custom module.
#
#module: mapping_provider.SamlMappingProvider
# The mapping system to use for mapping the saml attribute onto a matrix ID. # Custom configuration values for the module. Below options are
# Options include: # intended for the built-in provider, they should be changed if
# * 'hexencode' (which maps unpermitted characters to '=xx') # using a custom module. This section will be passed as a Python
# * 'dotreplace' (which replaces unpermitted characters with '.'). # dictionary to the module's `parse_config` method.
# The default is 'hexencode'. #
# config:
#mxid_mapping: dotreplace # The SAML attribute (after mapping via the attribute maps) to use
# to derive the Matrix ID from. 'uid' by default.
#
# Note: This used to be configured by the
# saml2_config.mxid_source_attribute option. If that is still
# defined, its value will be used instead.
#
#mxid_source_attribute: displayName
# In previous versions of synapse, the mapping from SAML attribute to MXID was # The mapping system to use for mapping the saml attribute onto a
# always calculated dynamically rather than stored in a table. For backwards- # matrix ID.
# compatibility, we will look for user_ids matching such a pattern before #
# creating a new account. # Options include:
# * 'hexencode' (which maps unpermitted characters to '=xx')
# * 'dotreplace' (which replaces unpermitted characters with
# '.').
# The default is 'hexencode'.
#
# Note: This used to be configured by the
# saml2_config.mxid_mapping option. If that is still defined, its
# value will be used instead.
#
#mxid_mapping: dotreplace
# In previous versions of synapse, the mapping from SAML attribute to
# MXID was always calculated dynamically rather than stored in a
# table. For backwards- compatibility, we will look for user_ids
# matching such a pattern before creating a new account.
# #
# This setting controls the SAML attribute which will be used for this # This setting controls the SAML attribute which will be used for this
# backwards-compatibility lookup. Typically it should be 'uid', but if the # backwards-compatibility lookup. Typically it should be 'uid', but if
# attribute maps are changed, it may be necessary to change it. # the attribute maps are changed, it may be necessary to change it.
# #
# The default is 'uid'. # The default is 'uid'.
# #