Add option to not bind to HTTPS port. This is useful if running behind an ssl load balancer

2024-10-01 01:36:05 -04:00 · 2014-11-03 15:06:40 +00:00 · 2014-11-03 15:06:40 +00:00 · af7ae048f8
commit af7ae048f8
parent ad6eacb3e9
3 changed files with 8 additions and 2 deletions
--- a/demo/start.sh
+++ b/demo/start.sh
@ -32,7 +32,7 @@ for port in 8080 8081 8082; do
        -D --pid-file "$DIR/$port.pid" \
        --manhole $((port + 1000)) \
        --tls-dh-params-path "demo/demo.tls.dh" \
-		$PARAMS
+		$PARAMS $SYNAPSE_PARAMS

    python -m synapse.app.homeserver \
        --config-path "demo/etc/$port.config" \
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@ -233,7 +233,10 @@ def setup():
        f.namespace['hs'] = hs
        reactor.listenTCP(config.manhole, f, interface='127.0.0.1')

-    hs.start_listening(config.bind_port, config.unsecure_port)
+    bind_port = config.bind_port
+    if config.no_tls:
+        bind_port = None
+    hs.start_listening(bind_port, config.unsecure_port)

    if config.daemonize:
        print config.pid_file
--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@ -30,6 +30,7 @@ class ServerConfig(Config):
        self.pid_file = self.abspath(args.pid_file)
        self.webclient = True
        self.manhole = args.manhole
+        self.no_tls = args.no_tls

        if not args.content_addr:
            host = args.server_name
@ -67,6 +68,8 @@ class ServerConfig(Config):
        server_group.add_argument("--content-addr", default=None,
                                  help="The host and scheme to use for the "
                                  "content repository")
+        server_group.add_argument("--no-tls", action='store_true',
+                                  help="Don't bind to the https port.")

    def read_signing_key(self, signing_key_path):
        signing_keys = self.read_file(signing_key_path, "signing_key")