Upgrade Synapse (1.30.1 -> 1.31.0)

This commit is contained in:
Slavi Pantaleev 2021-04-06 16:00:10 +03:00
parent a1a0d91604
commit 3f426de599
3 changed files with 28 additions and 35 deletions

View File

@ -15,7 +15,7 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
# amd64 gets released first.
# arm32 relies on self-building, so the same version can be built immediately.
# arm64 users need to wait for a prebuilt image to become available.
matrix_synapse_version: v1.30.1
matrix_synapse_version: v1.31.0
matrix_synapse_version_arm64: v1.30.1
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"

View File

@ -869,10 +869,10 @@ rc_admin_redaction: {{ matrix_synapse_rc_admin_redaction|to_json }}
#rc_joins:
# local:
# per_second: 0.1
# burst_count: 3
# burst_count: 10
# remote:
# per_second: 0.01
# burst_count: 3
# burst_count: 10
rc_joins: {{ matrix_synapse_rc_joins|to_json }}
#
#rc_3pid_validation:
@ -1772,6 +1772,9 @@ saml2_config:
# Note that, if this is changed, users authenticating via that provider
# will no longer be recognised as the same user!
#
# (Use "oidc" here if you are migrating from an old "oidc_config"
# configuration.)
#
# idp_name: A user-facing name for this identity provider, which is used to
# offer the user a choice of login mechanisms.
#
@ -1887,6 +1890,24 @@ saml2_config:
# which is set to the claims returned by the UserInfo Endpoint and/or
# in the ID Token.
#
# It is possible to configure Synapse to only allow logins if certain attributes
# match particular values in the OIDC userinfo. The requirements can be listed under
# `attribute_requirements` as shown below. All of the listed attributes must
# match for the login to be permitted. Additional attributes can be added to
# userinfo by expanding the `scopes` section of the OIDC config to retrieve
# additional information from the OIDC provider.
#
# If the OIDC claim is a list, then the attribute must match any value in the list.
# Otherwise, it must exactly match the value of the claim. Using the example
# below, the `family_name` claim MUST be "Stephensson", but the `groups`
# claim MUST contain "admin".
#
# attribute_requirements:
# - attribute: family_name
# value: "Stephensson"
# - attribute: groups
# value: "admin"
#
# See https://github.com/matrix-org/synapse/blob/master/docs/openid.md
# for information on how to configure these options.
#
@ -1918,34 +1939,9 @@ oidc_providers:
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
# email_template: "{% raw %}{{ user.email }}{% endraw %}"
# For use with Keycloak
#
#- idp_id: keycloak
# idp_name: Keycloak
# issuer: "https://127.0.0.1:8443/auth/realms/my_realm_name"
# client_id: "synapse"
# client_secret: "copy secret generated in Keycloak UI"
# scopes: ["openid", "profile"]
# For use with Github
#
#- idp_id: github
# idp_name: Github
# idp_brand: github
# discover: false
# issuer: "https://github.com/"
# client_id: "your-client-id" # TO BE FILLED
# client_secret: "your-client-secret" # TO BE FILLED
# authorization_endpoint: "https://github.com/login/oauth/authorize"
# token_endpoint: "https://github.com/login/oauth/access_token"
# userinfo_endpoint: "https://api.github.com/user"
# scopes: ["read:user"]
# user_mapping_provider:
# config:
# subject_claim: "id"
# localpart_template: "{% raw %}{{ user.login }}{% endraw %}"
# display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
# attribute_requirements:
# - attribute: userGroup
# value: "synapseUsers"
# Enable Central Authentication Service (CAS) for registration and login.

View File

@ -55,9 +55,6 @@ matrix_synapse_workers_generic_worker_endpoints:
# Registration/login requests
- ^/_matrix/client/(api/v1|r0|unstable)/login$
- ^/_matrix/client/(r0|unstable)/register$
# FIXME: possible bug with SSO and multiple generic workers
# see https://github.com/matrix-org/synapse/issues/7530
# ^/_matrix/client/(r0|unstable)/auth/.*/fallback/web$
# Event sending requests
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/redact
@ -107,7 +104,7 @@ matrix_synapse_workers_generic_worker_endpoints:
# Ensure that all SSO logins go to a single process.
# For multiple workers not handling the SSO endpoints properly, see
# [#7530](https://github.com/matrix-org/synapse/issues/7530) and
# [#7530](https://github.com/matrix-org/synapse/issues/7530) and
# [#9427](https://github.com/matrix-org/synapse/issues/9427).
# Note that a HTTP listener with `client` and `federation` resources must be