From d1646bb49772e13bea551ce4903fd311b38554b2 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Fri, 3 May 2019 12:07:58 -0500 Subject: [PATCH] Update Synapse (0.99.3 -> 0.99.3.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 15 +++++++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 8edc6b621..be449a466 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -1,4 +1,4 @@ -matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.3-py3" +matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.3.1" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 4c8b96547..386c392bb 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -521,9 +521,10 @@ max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M" # height: 600 # method: scale -# Is the preview URL API enabled? If enabled, you *must* specify -# an explicit url_preview_ip_range_blacklist of IPs that the spider is -# denied from accessing. +# Is the preview URL API enabled? +# +# 'false' by default: uncomment the following to enable it (and specify a +# url_preview_ip_range_blacklist blacklist). # url_preview_enabled: true @@ -534,7 +535,13 @@ url_preview_enabled: true # to connect to, otherwise anyone in any Matrix room could cause your # synapse to issue arbitrary GET requests to your internal services, # causing serious security issues. - +# +# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly +# listed here, since they correspond to unroutable addresses.) +# +# This must be specified if url_preview_enabled is set. It is recommended that +# you uncomment the following list as a starting point. +# url_preview_ip_range_blacklist: - '127.0.0.0/8' - '10.0.0.0/8'