fix keyserver problems when federating

2023-04-08 23:09:16 +02:00 · 2023-04-08 23:09:16 +02:00 · fd1a6c7a4a
parent 6e556c8b2d
commit fd1a6c7a4a
3 changed files with 8 additions and 1 deletions
--- a/.env.sample
+++ b/.env.sample
@ -48,6 +48,9 @@ ENCRYPTED_BY_DEFAULT=all
 #ENABLE_ALLOWLIST=1
 #FEDERATION_ALLOWLIST="[]"

+# Set these to keyservers you trust - usually the same as your federation allowlist
+#TRUSTED_KEYSERVERS="trusted_key_servers:\n  - server_name: 'example.com'\n  - server_name: 'example2.com'"
+
 ## Retention

 ALLOWED_LIFETIME_MAX=4w
--- a/abra.sh
+++ b/abra.sh
@ -1,6 +1,6 @@
 export DISCORD_BRIDGE_YAML_VERSION=v2
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v19
+export HOMESERVER_YAML_VERSION=v21
 export LOG_CONFIG_VERSION=v2
 export SHARED_SECRET_AUTH_VERSION=v1
 export SIGNAL_BRIDGE_YAML_VERSION=v4
--- a/homeserver.yaml.tmpl
+++ b/homeserver.yaml.tmpl
@ -427,8 +427,12 @@ signing_key_path: "/data/{{ env "DOMAIN" }}.signing.key"
 #      "ed25519:auto": "abcdefghijklmnopqrstuvwxyzabcdefghijklmopqr"
 #  - server_name: "my_other_trusted_server.example.com"
 #
+{{ if eq (env "ENABLE_ALLOWLIST") "1" }}
+{{ env "TRUSTED_KEYSERVERS" }}
+{{ else }}
 trusted_key_servers:
  - server_name: "matrix.org"
+{{ end }}

 ## Single sign-on integration ##