feat: Add allowed_remote_server_names
This allows explicitly allowing servers. Can be combined with the opposite to create allowlist-only federation. See also #31 Closes #673
This commit is contained in:
Jade Ellis
parent
0eb9e4f3d2
commit
9e62076baa
3 changed files with 39 additions and 2 deletions
|
|
@ -1383,12 +1383,24 @@ pub struct Config {
|
|||
///
|
||||
/// Basically "global" ACLs.
|
||||
///
|
||||
/// You can set this to ["*"] to block all servers by default, and then
|
||||
/// use `allowed_remote_server_names` to allow only specific servers.
|
||||
///
|
||||
/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub forbidden_remote_server_names: RegexSet,
|
||||
|
||||
/// List of allowed server names via regex patterns that we will allow,
|
||||
/// regardless of if they match `forbidden_remote_server_names`.
|
||||
///
|
||||
/// example: ["goodserver\.tld$", "goodphrase"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub allowed_remote_server_names: RegexSet,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block all
|
||||
/// outgoing federated room directory requests for. Useful for preventing
|
||||
/// our users from wandering into bad servers or spaces.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue