cqrenet/matrix-docker-ansible-deploy
4
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-06-30 07:21:18 +00:00
Code Issues Wiki Activity

Add matrix_tuwunel_config_ip_range_denylist (mirrors tuwunel's upstream default)

Browse Source 
As of tuwunel v1.8.0, the ip_range_denylist applies to push gateway
delivery as well, so surface it as an Ansible variable using the
default/auto/custom merge pattern. The default mirrors tuwunel's own
upstream denylist (RFC1918, loopback, multicast, and other unroutable
ranges), matching the identical list already used for Synapse's
matrix_synapse_url_preview_ip_range_blacklist.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Slavi Pantaleev
2026-06-27 20:39:16 +03:00
parent 129d4e74b4
commit e43add179b
2 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
roles/custom/matrix-tuwunel/templates/tuwunel.toml.j2
+1
View File
@@ -56,6 +56,7 @@ forbidden_remote_room_directory_server_names = {{ matrix_tuwunel_config_forbidde
{% if matrix_tuwunel_config_prevent_media_downloads_from | length > 0 %}
prevent_media_downloads_from = {{ matrix_tuwunel_config_prevent_media_downloads_from | to_json }}
{% endif %}
ip_range_denylist = {{ matrix_tuwunel_config_ip_range_denylist | to_json }}
enable_policy_servers = {{ matrix_tuwunel_config_enable_policy_servers | to_json }}
policy_server_request_timeout = {{ matrix_tuwunel_config_policy_server_request_timeout }}