From 1e67191a79a06fb4031b17c24b4621c066345182 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erikj@matrix.org>
Date: Tue, 3 Oct 2023 11:55:29 +0300
Subject: [PATCH] Add note to 'federation_domain_whitelist' option (#16416)

---
 changelog.d/16416.doc                            | 1 +
 docs/usage/configuration/config_documentation.md | 5 +++++
 2 files changed, 6 insertions(+)
 create mode 100644 changelog.d/16416.doc

diff --git a/changelog.d/16416.doc b/changelog.d/16416.doc
new file mode 100644
index 0000000000..be2b7d2805
--- /dev/null
+++ b/changelog.d/16416.doc
@@ -0,0 +1 @@
+Add note to `federation_domain_whitelist` config option to clarify its usage.
diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md
index 502cd9f823..92e00c1380 100644
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@@ -1190,6 +1190,11 @@ inbound federation traffic as early as possible, rather than relying
 purely on this application-layer restriction.  If not specified, the
 default is to whitelist everything.
 
+Note: this does not stop a server from joining rooms that servers not on the
+whitelist are in. As such, this option is really only useful to establish a
+"private federation", where a group of servers all whitelist each other and have
+the same whitelist.
+
 Example configuration:
 ```yaml
 federation_domain_whitelist:
-- 
GitLab