Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update MSC1711 FAQ to be explicit about well-known #4584

Merged
merged 4 commits into from Feb 7, 2019

Conversation

Projects
None yet
3 participants
@erikjohnston
Copy link
Member

erikjohnston commented Feb 7, 2019

A surprising number of people are using the well-known method, and are
simply copying the example configuration. This is problematic as the
example includes an explicit port, which causes inbound federation
requests to have the HTTP Host header include the port, upsetting some
reverse proxies.

Given that, we update the well-known example to be more explicit about
the various ways you can set it up, and the consequence of using an
explict port.


I don't know whether we want to be a bit more opinionated about how this sort of thing should be set up? For some reason people seem to be using .well-known (even when not hosting on a separate domain), and it feels to me like using .well-known is overly complicated for most people (specifically managing multiple domains and certs).

@codecov-io

This comment has been minimized.

Copy link

codecov-io commented Feb 7, 2019

Codecov Report

Merging #4584 into develop will increase coverage by 0.02%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           develop    #4584      +/-   ##
===========================================
+ Coverage    74.89%   74.91%   +0.02%     
===========================================
  Files          338      338              
  Lines        34511    34511              
  Branches      5620     5620              
===========================================
+ Hits         25846    25853       +7     
+ Misses        7083     7075       -8     
- Partials      1582     1583       +1
@richvdh

This comment has been minimized.

Copy link
Member

richvdh commented Feb 7, 2019

this looks good. I'm going to rebase it on master since it's only docs and I'd like it to go live.

erikjohnston added some commits Feb 7, 2019

Update MSC1711 FAQ to be explicit about well-known
A surprising number of people are using the well-known method, and are
simply copying the example configuration. This is problematic as the
example includes an explicit port, which causes inbound federation
requests to have the HTTP Host header include the port, upsetting some
reverse proxies.

Given that, we update the well-known example to be more explicit about
the various ways you can set it up, and the consequence of using an
explict port.

@richvdh richvdh force-pushed the erikj/msc1711_faq branch from 84d26ed to 43e16ea Feb 7, 2019

@richvdh

This comment has been minimized.

Copy link
Member

richvdh commented Feb 7, 2019

I don't know whether we want to be a bit more opinionated about how this sort of thing should be set up? For some reason people seem to be using .well-known (even when not hosting on a separate domain), and it feels to me like using .well-known is overly complicated for most people (specifically managing multiple domains and certs).

Yes, I think we do.

@richvdh

This comment has been minimized.

Copy link
Member

richvdh commented Feb 7, 2019

I'm pushing this out now because we are getting people confused about this all the time.

@richvdh richvdh merged commit acb2ac5 into develop Feb 7, 2019

0 of 5 checks passed

ci/circleci: sytestpy2merged Your tests are queued behind your running builds
Details
ci/circleci: sytestpy2postgresmerged Your tests are queued behind your running builds
Details
ci/circleci: sytestpy3merged Your tests are queued behind your running builds
Details
ci/circleci: sytestpy3postgresmerged Your tests are queued behind your running builds
Details
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details

richvdh added a commit that referenced this pull request Feb 14, 2019

Merge tag 'v0.99.1'
Synapse 0.99.1 (2019-02-14)
===========================

Features
--------

- Include m.room.encryption on invites by default ([\#3902](#3902))
- Federation OpenID listener resource can now be activated even if federation is disabled ([\#4420](#4420))
- Synapse's ACME support will now correctly reprovision a certificate that approaches its expiry while Synapse is running. ([\#4522](#4522))
- Add ability to update backup versions ([\#4580](#4580))
- Allow the "unavailable" presence status for /sync.
  This change makes Synapse compliant with r0.4.0 of the Client-Server specification. ([\#4592](#4592))
- There is no longer any need to specify `no_tls`: it is inferred from the absence of TLS listeners ([\#4613](#4613), [\#4615](#4615), [\#4617](#4617), [\#4636](#4636))
- The default configuration no longer requires TLS certificates. ([\#4614](#4614))

Bugfixes
--------

- Copy over room federation ability on room upgrade. ([\#4530](#4530))
- Fix noisy "twisted.internet.task.TaskStopped" errors in logs ([\#4546](#4546))
- Synapse is now tolerant of the `tls_fingerprints` option being None or not specified. ([\#4589](#4589))
- Fix 'no unique or exclusion constraint' error ([\#4591](#4591))
- Transfer Server ACLs on room upgrade. ([\#4608](#4608))
- Fix failure to start when not TLS certificate was given even if TLS was disabled. ([\#4618](#4618))
- Fix self-signed cert notice from generate-config. ([\#4625](#4625))
- Fix performance of `user_ips` table deduplication background update ([\#4626](#4626), [\#4627](#4627))

Internal Changes
----------------

- Change the user directory state query to use a filtered call to the db instead of a generic one. ([\#4462](#4462))
- Reject federation transactions if they include more than 50 PDUs or 100 EDUs. ([\#4513](#4513))
- Reduce duplication of ``synapse.app`` code. ([\#4567](#4567))
- Fix docker upload job to push -py2 images. ([\#4576](#4576))
- Add port configuration information to ACME instructions. ([\#4578](#4578))
- Update MSC1711 FAQ to calrify .well-known usage ([\#4584](#4584))
- Clean up default listener configuration ([\#4586](#4586))
- Clarifications for reverse proxy docs ([\#4607](#4607))
- Move ClientTLSOptionsFactory init out of `refresh_certificates` ([\#4611](#4611))
- Fail cleanly if listener config lacks a 'port' ([\#4616](#4616))
- Remove redundant entries from docker config ([\#4619](#4619))
- README updates ([\#4621](#4621))

@erikjohnston erikjohnston deleted the erikj/msc1711_faq branch Mar 5, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.