Neilj/readme wellknown #4766
Neilj/readme wellknown #4766
Conversation
| @@ -134,6 +134,11 @@ ACME setup | |||
| For details on having Synapse manage your federation TLS certificates | |||
| automatically, please see `<docs/ACME.md>`_. | |||
|
|
|||
| .well-known setup | |||
There was a problem hiding this comment.
I'd prefer it if we could avoid adding more top-level headings to the README, which is already pretty complicated.
| For those of you upgrading your TLS certificate in readiness for Synapse 1.0, | ||
| please take a look at `our guide <https://github.com/matrix-org/synapse/blob/master/docs/MSC1711_certificates_FAQ.md#configuring-certificates-for-compatibility-with-synapse-100>`_ | ||
|
|
||
| Having created a valid TLS certificate you can then configure your homeserver |
There was a problem hiding this comment.
In practice we now encourage people to create their configs up-front, and then tweak them later to enable TLS and federation. This is therefore backwards.
| @@ -242,8 +247,16 @@ should have the format ``_matrix._tcp.<yourdomain.com> <ttl> IN SRV 10 0 <port> | |||
| Note that the server hostname cannot be an alias (CNAME record): it has to point | |||
| directly to the server hosting the synapse instance. | |||
|
|
|||
| You can then configure your homeserver to use ``<yourdomain.com>`` as the domain in | |||
There was a problem hiding this comment.
I kinda feel like it would make more sense to move the whole "setting up federation" section to a separate file, rather than just the well-known info, but up to you.
README.rst
Outdated
| its user-ids, by setting ``server_name``:: | ||
| If it is not possible to acquire a certificate valid for you matrix domain, | ||
| the correct method is create a .well-known entry. For more details on how to | ||
| configure .well-known `see <https://github.com/matrix-org/synapse/blob/master/docs/well_known.md`_ |
README.rst
Outdated
| configure .well-known `see <https://github.com/matrix-org/synapse/blob/master/docs/well_known.md`_ | ||
|
|
||
| For those of you upgrading your TLS certificate in readiness for Synapse 1.0, | ||
| please take a look at `our guide <https://github.com/matrix-org/synapse/blob/master/docs/MSC1711_certificates_FAQ.md#configuring-certificates-for-compatibility-with-synapse-100>`_ |
…e into neilj/readme-wellknown
Codecov Report
@@ Coverage Diff @@
## develop #4766 +/- ##
===========================================
- Coverage 75.1% 75.09% -0.01%
===========================================
Files 340 340
Lines 34918 34918
Branches 5722 5722
===========================================
- Hits 26224 26223 -1
+ Misses 7083 7078 -5
- Partials 1611 1617 +6 |
Codecov Report
@@ Coverage Diff @@
## develop #4766 +/- ##
===========================================
- Coverage 75.1% 67.62% -7.48%
===========================================
Files 340 340
Lines 34918 34918
Branches 5722 5722
===========================================
- Hits 26224 23613 -2611
- Misses 7083 9655 +2572
- Partials 1611 1650 +39 |
| ## Configuring `.well-known` | ||
|
|
||
| 1. Give synapse a certificate corresponding to the target domain | ||
| (`customer.example.com`). Currently Synapse's ACME |
There was a problem hiding this comment.
Hmm, this feels a bit harder to follow than it could be otherwise since ExampleCorp supposedly owns example.com but then that Matrix HS supplier controls customer.example.com if I am following, which seems unlikely... Perhaps customer.example.com should be customer.homeservers.com or really anything other than *.example.com, so it's clear that they are controlled by different parties?
Co-Authored-By: neilisfragile <[email protected]>
|
superceded by #4832 |
No description provided.