Add recaptcha_{private,public}_key_path config option (#17984)

Another config option on my quest to a `*_path` variant for every secret. Adds the config options `recaptcha_private_key_path` and `recaptcha_public_key_path`. Tests and docs are included. A public key is of course no secret, but it is closely related to the private key, so it’s still useful to have a `*_path` variant for it.
2025-07-14 18:37:36 +02:00
parent 5129668449
commit 481c4e2b55
5 changed files with 96 additions and 1 deletions
--- a/schema/synapse-config.schema.yaml
+++ b/schema/synapse-config.schema.yaml
@@ -2692,6 +2692,21 @@ properties:
    default: null
    examples:
      - YOUR_PUBLIC_KEY
+  recaptcha_public_key_path:
+    type: ["string", "null"]
+    description: >-
+      An alternative to [`recaptcha_public_key`](#recaptcha_public_key): allows
+      the public key to be specified in an external file.
+
+
+      The file should be a plain text file, containing only the public key.
+      Synapse reads the public key from the given file once at startup.
+
+
+      _Added in Synapse 1.134.0._
+    default: null
+    examples:
+      - /path/to/key/file
  recaptcha_private_key:
    type: ["string", "null"]
    description: >-
@@ -2700,6 +2715,21 @@ properties:
    default: null
    examples:
      - YOUR_PRIVATE_KEY
+  recaptcha_private_key_path:
+    type: ["string", "null"]
+    description: >-
+      An alternative to [`recaptcha_private_key`](#recaptcha_private_key):
+      allows the private key to be specified in an external file.
+
+
+      The file should be a plain text file, containing only the private key.
+      Synapse reads the private key from the given file once at startup.
+
+
+      _Added in Synapse 1.134.0._
+    default: null
+    examples:
+      - /path/to/key/file
  enable_registration_captcha:
    type: boolean
    description: >-