I am by no means a relayd expert, but it looks fine to me.
On 17/04/2020 15:20, Andrea Fleckenstein wrote:
Hello, First off, net/synapse builds and installs on amd64 -current. With some basic usage everything is going fine, but I haven't tried federation yet. Second, I ended up using relayd(8) to do the reverse proxying recommended by synapse. Since this is OpenBSD after all, I thought it might be nice to put a relayd.conf(5) example in the README as well as the nginx one. How does it look? In my actual configuration I have a table so I can do path matching in the protocol, which allows the relay to forward the port 443 traffic to only synapse which is helpful if there's other port 443 traffic, but I wasn't sure if this should be included in an example. Thanks, Andrea --- README Fri Apr 17 08:40:37 2020 +++ README_relayd Fri Apr 17 09:03:47 2020 @@ -27,6 +27,29 @@ This means that you will not be able to connect to your server remotely. The best way to achieve remote connectivity is through a reverse proxy.+Here is a relayd.conf(5) example:+ + http protocol synapse { + match request header append "X-Forwarded-For" value "$REMOTE_ADDR" + match request header append "X-Forwaded-By" value "$SERVER_ADDR:$SERVER_PORT" + + tls keypair "matrix.example.com" + + match request header set "Connection" value "close" + } + + relay "synapse" { + listen on matrix.example.com port 443 tls + protocol "synapse" + forward to 127.0.0.1 port 8008 + } + + relay "synapse-server" { + listen on matrix.example.com port 8448 tls + protocol "synapse" + forward to 127.0.0.1 port 8008 + } + Here is an Nginx vhost reverse proxy example:server {
smime.p7s
Description: S/MIME Cryptographic Signature
