Moved homeserver documentation above reverse proxy examples (#10551)

Signed-off-by: Drew Short <warrick@sothr.com>
This commit is contained in:
Drew Short 2021-08-09 10:12:53 -05:00 committed by GitHub
parent f8e86b7d2e
commit 189c055eb6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 10 deletions

1
changelog.d/10551.doc Normal file
View file

@ -0,0 +1 @@
Updated the reverse proxy documentation to highlight the homserver configuration that is needed to make Synapse aware that is is intentionally reverse proxied.

View file

@ -33,6 +33,19 @@ Let's assume that we expect clients to connect to our server at
`https://example.com:8448`. The following sections detail the configuration of `https://example.com:8448`. The following sections detail the configuration of
the reverse proxy and the homeserver. the reverse proxy and the homeserver.
## Homeserver Configuration
The HTTP configuration will need to be updated for Synapse to correctly record
client IP addresses and generate redirect URLs while behind a reverse proxy.
In `homeserver.yaml` set `x_forwarded: true` in the port 8008 section and
consider setting `bind_addresses: ['127.0.0.1']` so that the server only
listens to traffic on localhost. (Do not change `bind_addresses` to `127.0.0.1`
when using a containerized Synapse, as that will prevent it from responding
to proxied traffic.)
## Reverse-proxy configuration examples ## Reverse-proxy configuration examples
**NOTE**: You only need one of these. **NOTE**: You only need one of these.
@ -239,16 +252,6 @@ relay "matrix_federation" {
} }
``` ```
## Homeserver Configuration
You will also want to set `bind_addresses: ['127.0.0.1']` and
`x_forwarded: true` for port 8008 in `homeserver.yaml` to ensure that
client IP addresses are recorded correctly.
Having done so, you can then use `https://matrix.example.com` (instead
of `https://matrix.example.com:8448`) as the "Custom server" when
connecting to Synapse from a client.
## Health check endpoint ## Health check endpoint