diff options
author | IndeedNotJames <git@indeednotjames.com> | 2023-05-19 15:38:07 +0200 |
---|---|---|
committer | IndeedNotJames <git@indeednotjames.com> | 2023-05-19 15:46:53 +0200 |
commit | d212ec13b8907f631606f0130f6cd73e10b95285 (patch) | |
tree | f74731dffc3ef7e2947f5610373ad09bb08feeb7 /nixos | |
parent | 48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a (diff) | |
download | nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar.gz nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar.bz2 nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar.lz nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar.xz nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.tar.zst nixlib-d212ec13b8907f631606f0130f6cd73e10b95285.zip |
nixos/synapse: allow omitting `trusted_key_servers[].verify_keys`
Synapse does not require the `verify_keys` attr/object to be set. It made sense back in the day, when federation traffic used to use self-signed certificates. But this is no longer the case. The previous `types.nullOr` didn't actually allow omitting `verify_keys` because Synapse's config parser is unable to parse that. Not a breaking change. Upstream docs: https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html?highlight=verify_keys#trusted_key_servers
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/matrix/synapse.nix | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/nixos/modules/services/matrix/synapse.nix b/nixos/modules/services/matrix/synapse.nix index 2a4104a4ec2b..3dca3ff94f21 100644 --- a/nixos/modules/services/matrix/synapse.nix +++ b/nixos/modules/services/matrix/synapse.nix @@ -636,6 +636,7 @@ in { trusted_key_servers = mkOption { type = types.listOf (types.submodule { + freeformType = format.type; options = { server_name = mkOption { type = types.str; @@ -644,22 +645,6 @@ in { Hostname of the trusted server. ''; }; - - verify_keys = mkOption { - type = types.nullOr (types.attrsOf types.str); - default = null; - example = literalExpression '' - { - "ed25519:auto" = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"; - } - ''; - description = lib.mdDoc '' - Attribute set from key id to base64 encoded public key. - - If specified synapse will check that the response is signed - by at least one of the given keys. - ''; - }; }; }); default = [ { |