iartamonov/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-02-07 22:43:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove old map-based user identifier extraction for sync workers

Browse Source 
The whoami-based approach is now the only implementation for sync worker routing.
It works with all token types (native Synapse, MAS, etc.) and is automatically
enabled when sync workers exist.

The old map-based approach only worked with native Synapse tokens (syt_<b64>_...)
and would give poor results with MAS or other auth systems.
This commit is contained in:
Slavi Pantaleev
2026-02-04 03:48:55 +02:00
parent 5cc69ca7eb
commit 45c855c853
2 changed files with 0 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2
View File

@@ -64,25 +64,6 @@
{% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %}
# Access token to user identifier mapping logic.
# This is used for sticky routing to ensure requests from the same user are routed to the same worker.
{% if not matrix_synapse_reverse_proxy_companion_whoami_sync_worker_router_enabled %}
# Extracts the base64-encoded localpart from native Synapse access tokens.
# Native Synapse tokens have the format: syt_<base64 localpart>_<random>_<crc>
# See: https://github.com/element-hq/synapse/blob/1bddd25a85d82b2ef4a2a42f6ecd476108d7dd96/synapse/handlers/auth.py#L1448-L1459
# Maps from https://tcpipuk.github.io/synapse/deployment/nginx.html#mapsconf
# Note: This only works with native Synapse tokens, not with MAS or other auth systems.
map $arg_access_token $accesstoken_from_urlparam {
default $arg_access_token;
"~syt_(?<b64localpart>.*?)_.*" $b64localpart;
}
map $http_authorization $user_identifier {
default $http_authorization;
"~Bearer syt_(?<b64localpart>.*?)_.*" $b64localpart;
"" $accesstoken_from_urlparam;
}
{% endif %}
# Whether to upgrade HTTP connection
map $http_upgrade $connection_upgrade {
default upgrade;
@@ -246,11 +227,7 @@ server {
# sync workers
# https://tcpipuk.github.io/synapse/deployment/workers.html
# https://tcpipuk.github.io/synapse/deployment/nginx.html#locationsconf
{% if matrix_synapse_reverse_proxy_companion_whoami_sync_worker_router_enabled %}
{{ render_locations_to_upstream_with_whoami_sync_worker_router(matrix_synapse_reverse_proxy_companion_synapse_sync_worker_client_server_locations, 'sync_workers_upstream') }}
{% else %}
{{ render_locations_to_upstream(matrix_synapse_reverse_proxy_companion_synapse_sync_worker_client_server_locations, 'sync_workers_upstream') }}
{% endif %}
{% endif %}
{% if client_reader_workers | length > 0 %}