Upgrade Synapse (1.30.1 -> 1.31.0)
This commit is contained in:
parent
a1a0d91604
commit
3f426de599
@ -15,7 +15,7 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
||||
# amd64 gets released first.
|
||||
# arm32 relies on self-building, so the same version can be built immediately.
|
||||
# arm64 users need to wait for a prebuilt image to become available.
|
||||
matrix_synapse_version: v1.30.1
|
||||
matrix_synapse_version: v1.31.0
|
||||
matrix_synapse_version_arm64: v1.30.1
|
||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||
|
@ -869,10 +869,10 @@ rc_admin_redaction: {{ matrix_synapse_rc_admin_redaction|to_json }}
|
||||
#rc_joins:
|
||||
# local:
|
||||
# per_second: 0.1
|
||||
# burst_count: 3
|
||||
# burst_count: 10
|
||||
# remote:
|
||||
# per_second: 0.01
|
||||
# burst_count: 3
|
||||
# burst_count: 10
|
||||
rc_joins: {{ matrix_synapse_rc_joins|to_json }}
|
||||
#
|
||||
#rc_3pid_validation:
|
||||
@ -1772,6 +1772,9 @@ saml2_config:
|
||||
# Note that, if this is changed, users authenticating via that provider
|
||||
# will no longer be recognised as the same user!
|
||||
#
|
||||
# (Use "oidc" here if you are migrating from an old "oidc_config"
|
||||
# configuration.)
|
||||
#
|
||||
# idp_name: A user-facing name for this identity provider, which is used to
|
||||
# offer the user a choice of login mechanisms.
|
||||
#
|
||||
@ -1887,6 +1890,24 @@ saml2_config:
|
||||
# which is set to the claims returned by the UserInfo Endpoint and/or
|
||||
# in the ID Token.
|
||||
#
|
||||
# It is possible to configure Synapse to only allow logins if certain attributes
|
||||
# match particular values in the OIDC userinfo. The requirements can be listed under
|
||||
# `attribute_requirements` as shown below. All of the listed attributes must
|
||||
# match for the login to be permitted. Additional attributes can be added to
|
||||
# userinfo by expanding the `scopes` section of the OIDC config to retrieve
|
||||
# additional information from the OIDC provider.
|
||||
#
|
||||
# If the OIDC claim is a list, then the attribute must match any value in the list.
|
||||
# Otherwise, it must exactly match the value of the claim. Using the example
|
||||
# below, the `family_name` claim MUST be "Stephensson", but the `groups`
|
||||
# claim MUST contain "admin".
|
||||
#
|
||||
# attribute_requirements:
|
||||
# - attribute: family_name
|
||||
# value: "Stephensson"
|
||||
# - attribute: groups
|
||||
# value: "admin"
|
||||
#
|
||||
# See https://github.com/matrix-org/synapse/blob/master/docs/openid.md
|
||||
# for information on how to configure these options.
|
||||
#
|
||||
@ -1918,34 +1939,9 @@ oidc_providers:
|
||||
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
|
||||
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
||||
# email_template: "{% raw %}{{ user.email }}{% endraw %}"
|
||||
|
||||
# For use with Keycloak
|
||||
#
|
||||
#- idp_id: keycloak
|
||||
# idp_name: Keycloak
|
||||
# issuer: "https://127.0.0.1:8443/auth/realms/my_realm_name"
|
||||
# client_id: "synapse"
|
||||
# client_secret: "copy secret generated in Keycloak UI"
|
||||
# scopes: ["openid", "profile"]
|
||||
|
||||
# For use with Github
|
||||
#
|
||||
#- idp_id: github
|
||||
# idp_name: Github
|
||||
# idp_brand: github
|
||||
# discover: false
|
||||
# issuer: "https://github.com/"
|
||||
# client_id: "your-client-id" # TO BE FILLED
|
||||
# client_secret: "your-client-secret" # TO BE FILLED
|
||||
# authorization_endpoint: "https://github.com/login/oauth/authorize"
|
||||
# token_endpoint: "https://github.com/login/oauth/access_token"
|
||||
# userinfo_endpoint: "https://api.github.com/user"
|
||||
# scopes: ["read:user"]
|
||||
# user_mapping_provider:
|
||||
# config:
|
||||
# subject_claim: "id"
|
||||
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
|
||||
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
||||
# attribute_requirements:
|
||||
# - attribute: userGroup
|
||||
# value: "synapseUsers"
|
||||
|
||||
|
||||
# Enable Central Authentication Service (CAS) for registration and login.
|
||||
|
@ -55,9 +55,6 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||
# Registration/login requests
|
||||
- ^/_matrix/client/(api/v1|r0|unstable)/login$
|
||||
- ^/_matrix/client/(r0|unstable)/register$
|
||||
# FIXME: possible bug with SSO and multiple generic workers
|
||||
# see https://github.com/matrix-org/synapse/issues/7530
|
||||
# ^/_matrix/client/(r0|unstable)/auth/.*/fallback/web$
|
||||
|
||||
# Event sending requests
|
||||
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/redact
|
||||
@ -107,7 +104,7 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||
|
||||
# Ensure that all SSO logins go to a single process.
|
||||
# For multiple workers not handling the SSO endpoints properly, see
|
||||
# [#7530](https://github.com/matrix-org/synapse/issues/7530) and
|
||||
# [#7530](https://github.com/matrix-org/synapse/issues/7530) and
|
||||
# [#9427](https://github.com/matrix-org/synapse/issues/9427).
|
||||
|
||||
# Note that a HTTP listener with `client` and `federation` resources must be
|
||||
|
Loading…
Reference in New Issue
Block a user