mirror of
https://github.com/element-hq/dendrite.git
synced 2025-09-13 12:52:24 +03:00
Merge commit from fork
* Support configuring allow/deny networks * Make the DNS cache aware of the allow/deny networks * Allow all networks in CI * Update GMSL * Add missed file --------- Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
This commit is contained in:
Travis Ralston
GitHub
parent
4fb83354ca
commit
e9cc37ac52
9 changed files with 50 additions and 3 deletions
|
|
@ -254,6 +254,24 @@ federation_api:
|
|||
# last resort.
|
||||
prefer_direct_fetch: false
|
||||
|
||||
# deny_networks and allow_networks are the CIDR ranges used to prevent requests
|
||||
# from accessing private IPs. If your system has specific IPs it should never
|
||||
# contact, add them here with CIDR notation.
|
||||
#
|
||||
# The deny list is checked before the allow list.
|
||||
deny_networks:
|
||||
- "127.0.0.1/8"
|
||||
- "10.0.0.0/8"
|
||||
- "172.16.0.0/12"
|
||||
- "192.168.0.0/16"
|
||||
- "100.64.0.0/10"
|
||||
- "169.254.0.0/16"
|
||||
- "::1/128"
|
||||
- "fe80::/64"
|
||||
- "fc00::/7"
|
||||
allow_networks:
|
||||
- "0.0.0.0/0" # "Everything". The deny list will help limit this.
|
||||
|
||||
# Configuration for the Media API.
|
||||
media_api:
|
||||
# Storage path for uploaded media. May be relative or absolute.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue