Hello, On Sun, 1 Aug 2021 12:08:50 +0200 Nicolas George <geo...@nsup.org> wrote: > I have a tidbit of information to add: > > The systemd service configuration says: > > ExecStartPre=/usr/bin/python3 -m synapse.app.homeserver > --config-path=/etc/matrix-synapse/homeserver.yaml > --config-path=/etc/matrix-synapse/conf.d/ --generate-keys > > The "--generate-keys" exists in the source code Python files. > > Yet if I run this command explicitly, it does nothing at all, and strace > shows it does nothing about the keys.
yes, since synapse!4509 [1] the `--generate-keys` argument does not trigger the creation of TLS files anymore. (the new alias `--generate-missing-config` for that option is less misleading) Thus it would probably be a good idea for the matrix-synapse package to disable the TLS configuration by default and to use the new `--generate-missing-config` (instead of `--generate-keys`) to avoid any confusion. Disabled TLS is also the default configuration provided by `/usr/bin/synapse_generate_config`. Probably most users will use a separate reverse proxy. Thus, the enabled TLS setting could infact complicate deployment for many people. Thank you for maintaining the package! Cheers, Lars [1] https://github.com/matrix-org/synapse/pull/4509
