2019-02-12 01:30:50 +00:00
|
|
|
---
|
2019-12-09 13:47:21 +00:00
|
|
|
matrix_synapse_docker_volumes: "{{ matrix_synapse_base_docker_volumes + matrix_synapse_extra_docker_volumes }}"
|
|
|
|
matrix_synapse_base_docker_volumes:
|
|
|
|
- "{{ matrix_synapse_config.media_store_path }}:{{ matrix_synapse_config.media_store_path }}"
|
|
|
|
- "{{ matrix_synapse_config.uploads_path }}:{{ matrix_synapse_config.uploads_path }}"
|
|
|
|
- "{{ matrix_synapse_base_path }}/homeserver.yaml:{{ matrix_synapse_base_path }}/homeserver.yaml"
|
|
|
|
- "{{ matrix_synapse_base_path }}/log.config:{{ matrix_synapse_base_path }}/log.config"
|
|
|
|
- "{{ matrix_synapse_base_path }}/tls:{{ matrix_synapse_base_path }}/tls"
|
2019-02-16 10:25:04 +00:00
|
|
|
matrix_synapse_config: "{{ matrix_synapse_base_config | combine(matrix_synapse_extra_config, recursive=True) }}"
|
2020-10-02 07:49:51 +00:00
|
|
|
|
|
|
|
# Worker-specific config
|
2023-05-26 14:39:34 +00:00
|
|
|
matrix_synapse_worker_fed_senders: >-2
|
|
|
|
{{
|
|
|
|
['worker_fed_out_']
|
|
|
|
| product(range(1, matrix_synapse_workers_federation_out + 1))
|
|
|
|
| list
|
|
|
|
| map('join', '')
|
|
|
|
}}
|
2020-10-02 07:49:51 +00:00
|
|
|
matrix_synapse_worker_metrics_listener:
|
|
|
|
- type: metrics
|
|
|
|
port: "{{ matrix_synapse_worker_metrics_port }}"
|
2023-05-26 14:39:34 +00:00
|
|
|
matrix_synapse_worker_config_base:
|
2020-10-02 07:49:51 +00:00
|
|
|
listeners:
|
|
|
|
- port: "{{ matrix_synapse_worker_replication_port }}"
|
2023-05-25 12:58:45 +00:00
|
|
|
bind_addresses: "{{ matrix_synapse_worker_replication_bind_addresses }}"
|
2020-10-02 07:49:51 +00:00
|
|
|
type: http
|
|
|
|
resources:
|
|
|
|
- names: [ replication ]
|
2023-05-25 12:55:03 +00:00
|
|
|
instance_map:
|
|
|
|
main:
|
|
|
|
host: "{{ matrix_synapse_worker_replication_host }}"
|
|
|
|
port: "{{ matrix_synapse_worker_replication_port }}"
|
2023-05-26 14:39:34 +00:00
|
|
|
matrix_synapse_worker_config_media:
|
|
|
|
enable_media_repo: false
|
|
|
|
media_instance_running_background_jobs: "worker_media_1"
|
|
|
|
matrix_synapse_worker_config_federation_sender:
|
|
|
|
federation_sender_instances: "{{ matrix_synapse_worker_fed_senders }}"
|
|
|
|
matrix_synapse_worker_config_pusher:
|
|
|
|
pusher_instances: ["worker_pusher"]
|
|
|
|
matrix_synapse_worker_config_appservice:
|
|
|
|
notify_appservices_from_worker: "worker_appservice"
|
|
|
|
matrix_synapse_worker_config_user_dir:
|
|
|
|
update_user_directory_from_worker: "worker_user_dir"
|
|
|
|
matrix_synapse_worker_config: >-2
|
|
|
|
{{
|
|
|
|
(
|
|
|
|
[matrix_synapse_worker_config_base]
|
|
|
|
+ ([matrix_synapse_worker_config_media] if matrix_synapse_workers_media > 0 else [])
|
|
|
|
+ ([matrix_synapse_worker_config_federation_sender] if matrix_synapse_workers_federation_out > 0 else [])
|
|
|
|
+ ([matrix_synapse_worker_config_pusher] if matrix_synapse_worker_push else [])
|
|
|
|
+ ([matrix_synapse_worker_config_appservice] if matrix_synapse_worker_appservice else [])
|
|
|
|
+ ([matrix_synapse_worker_config_user_dir] if matrix_synapse_worker_user_search else [])
|
|
|
|
) | combine(recursive=True)
|
|
|
|
}}
|
2020-10-02 07:49:51 +00:00
|
|
|
|
|
|
|
# homeserver.yml
|
2019-02-16 10:25:04 +00:00
|
|
|
matrix_synapse_base_config:
|
2019-02-12 01:30:50 +00:00
|
|
|
server_name: "{{ matrix_server_name }}"
|
2021-02-08 05:20:48 +00:00
|
|
|
public_baseurl: "{{ matrix_synapse_public_baseurl }}"
|
2019-02-21 22:17:57 +00:00
|
|
|
tls_certificate_path: "{{ matrix_synapse_base_path }}/tls/{{ matrix_server_name }}.crt"
|
|
|
|
tls_private_key_path: "{{ matrix_synapse_base_path }}/tls/{{ matrix_server_name }}.key"
|
2019-02-12 01:30:50 +00:00
|
|
|
acme:
|
2021-01-22 20:07:31 +00:00
|
|
|
enabled: false
|
2019-02-12 01:30:50 +00:00
|
|
|
url: https://acme-v01.api.letsencrypt.org/directory
|
|
|
|
port: 80
|
2019-02-12 00:36:57 +00:00
|
|
|
bind_addresses: ['::', '0.0.0.0']
|
2019-02-12 01:30:50 +00:00
|
|
|
reprovision_threshold: 30
|
2019-02-17 20:52:15 +00:00
|
|
|
no_tls: false
|
2019-02-12 01:30:50 +00:00
|
|
|
tls_fingerprints: []
|
2019-02-21 22:17:57 +00:00
|
|
|
pid_file: "{{ matrix_synapse_base_path }}/synapse.pid"
|
2019-02-12 01:30:50 +00:00
|
|
|
soft_file_limit: 0
|
|
|
|
use_presence: true
|
|
|
|
listeners:
|
|
|
|
- port: 8448
|
|
|
|
bind_addresses:
|
|
|
|
- '::'
|
|
|
|
- '0.0.0.0'
|
|
|
|
type: http
|
2019-02-17 20:52:15 +00:00
|
|
|
tls: true
|
2019-02-12 01:30:50 +00:00
|
|
|
x_forwarded: false
|
|
|
|
resources:
|
|
|
|
- names: [client]
|
|
|
|
compress: true
|
|
|
|
- names: [federation]
|
|
|
|
compress: false
|
|
|
|
- port: 8008
|
|
|
|
tls: false
|
2019-02-17 20:53:05 +00:00
|
|
|
bind_addresses:
|
|
|
|
- '::'
|
|
|
|
- '0.0.0.0'
|
2019-02-12 01:30:50 +00:00
|
|
|
type: http
|
|
|
|
x_forwarded: false
|
|
|
|
resources:
|
|
|
|
- names: [client]
|
|
|
|
compress: true
|
|
|
|
- names: [federation]
|
|
|
|
compress: false
|
|
|
|
database:
|
|
|
|
name: "psycopg2"
|
|
|
|
args:
|
|
|
|
user: "{{ matrix_synapse_pg_user }}"
|
|
|
|
password: "{{ matrix_synapse_pg_pass }}"
|
|
|
|
database: "{{ matrix_synapse_pg_db }}"
|
|
|
|
host: "{{ matrix_synapse_pg_host }}"
|
|
|
|
cp_min: 5
|
|
|
|
cp_max: 10
|
2020-10-02 07:49:51 +00:00
|
|
|
redis:
|
|
|
|
enabled: "{{ matrix_synapse_redis_enabled }}"
|
|
|
|
host: "{{ matrix_synapse_redis_host }}"
|
|
|
|
port: "{{ matrix_synapse_redis_port }}"
|
|
|
|
password: "{{ matrix_synapse_redis_pass }}"
|
2019-08-15 22:41:34 +00:00
|
|
|
log_config: "{{ matrix_synapse_base_path }}/log.config"
|
2019-02-12 01:30:50 +00:00
|
|
|
event_cache_size: "10K"
|
|
|
|
rc_messages_per_second: 0.2
|
|
|
|
rc_message_burst_count: 10.0
|
|
|
|
federation_rc_window_size: 1000
|
|
|
|
federation_rc_sleep_limit: 10
|
|
|
|
federation_rc_sleep_delay: 500
|
|
|
|
federation_rc_reject_limit: 50
|
|
|
|
federation_rc_concurrent: 3
|
2019-02-21 22:17:57 +00:00
|
|
|
media_store_path: "{{ matrix_synapse_base_path }}/media_store"
|
|
|
|
uploads_path: "{{ matrix_synapse_base_path }}/uploads"
|
2019-02-14 23:24:21 +00:00
|
|
|
max_upload_size: "23M"
|
2019-02-12 01:30:50 +00:00
|
|
|
max_image_pixels: "32M"
|
|
|
|
dynamic_thumbnails: false
|
|
|
|
thumbnail_sizes:
|
|
|
|
- width: 32
|
|
|
|
height: 32
|
|
|
|
method: crop
|
|
|
|
- width: 96
|
|
|
|
height: 96
|
|
|
|
method: crop
|
|
|
|
- width: 320
|
|
|
|
height: 240
|
|
|
|
method: scale
|
|
|
|
- width: 640
|
|
|
|
height: 480
|
|
|
|
method: scale
|
|
|
|
- width: 800
|
|
|
|
height: 600
|
|
|
|
method: scale
|
2021-01-22 20:07:31 +00:00
|
|
|
url_preview_enabled: true
|
2019-02-12 01:30:50 +00:00
|
|
|
url_preview_ip_range_blacklist:
|
|
|
|
- '127.0.0.0/8'
|
|
|
|
- '10.0.0.0/8'
|
|
|
|
- '172.16.0.0/12'
|
|
|
|
- '192.168.0.0/16'
|
|
|
|
- '100.64.0.0/10'
|
|
|
|
- '169.254.0.0/16'
|
|
|
|
- '::1/128'
|
|
|
|
- 'fe80::/64'
|
|
|
|
- 'fc00::/7'
|
|
|
|
url_preview_url_blacklist:
|
|
|
|
- username: '*'
|
|
|
|
- netloc: 'google.com'
|
|
|
|
- netloc: '*.google.com'
|
|
|
|
- netloc: 'twitter.com'
|
|
|
|
- netloc: '*.twitter.com'
|
|
|
|
- netloc: 't.co'
|
|
|
|
- netloc: '*.t.co'
|
|
|
|
max_spider_size: "10M"
|
|
|
|
enable_registration: False
|
2021-01-22 19:35:38 +00:00
|
|
|
registration_shared_secret: >-
|
|
|
|
{{ registration_shared_secret_file.content | b64decode }}
|
2019-02-21 00:34:50 +00:00
|
|
|
form_secret: "{{ form_secret_file.content | b64decode }}"
|
2019-02-12 01:30:50 +00:00
|
|
|
bcrypt_rounds: 12
|
|
|
|
allow_guest_access: False
|
|
|
|
trusted_third_party_id_servers:
|
|
|
|
- matrix.org
|
|
|
|
- vector.im
|
|
|
|
autocreate_auto_join_rooms: true
|
2021-09-10 08:19:57 +00:00
|
|
|
enable_metrics: "{{ matrix_synapse_metrics_enabled }}"
|
2021-01-22 20:07:31 +00:00
|
|
|
report_stats: "{{ matrix_synapse_report_stats }}"
|
2019-02-12 01:30:50 +00:00
|
|
|
app_service_config_files: []
|
|
|
|
track_appservice_user_ips: False
|
2019-02-21 00:34:50 +00:00
|
|
|
macaroon_secret_key: "{{ macaroon_file.content | b64decode }}"
|
2019-02-12 01:30:50 +00:00
|
|
|
expire_access_token: False
|
|
|
|
signing_key_path: "{{ matrix_synapse_signing_key_path }}"
|
|
|
|
old_signing_keys: {}
|
|
|
|
key_refresh_interval: "1d" # 1 Day.
|
|
|
|
# TODO: More servers should be added
|
|
|
|
perspectives:
|
|
|
|
servers:
|
|
|
|
"matrix.org":
|
|
|
|
verify_keys:
|
|
|
|
"ed25519:auto":
|
|
|
|
key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
|
|
|
|
password_config:
|
|
|
|
enabled: true
|
|
|
|
push:
|
2021-01-22 20:07:31 +00:00
|
|
|
include_content: false
|
2019-02-12 01:45:09 +00:00
|
|
|
enable_group_creation: true
|
2019-02-12 01:30:50 +00:00
|
|
|
alias_creation_rules:
|
|
|
|
- user_id: "*"
|
|
|
|
alias: "*"
|
|
|
|
action: allow
|
2020-06-22 18:35:26 +00:00
|
|
|
matrix_synapse_docker_labels_complete: "{{ matrix_synapse_docker_labels_base | combine(matrix_synapse_docker_labels) }}"
|
|
|
|
matrix_synapse_docker_labels_base:
|
2023-03-09 14:54:40 +00:00
|
|
|
version: "{{ matrix_synapse_container_image_tag | default(matrix_synapse_version) }}"
|
2021-04-30 06:13:09 +00:00
|
|
|
matrix_synapse_worker_labels_base: "{{ matrix_synapse_docker_labels_base }}"
|
2020-10-02 07:49:51 +00:00
|
|
|
|
|
|
|
# Control where which paths get routed
|
|
|
|
matrix_synapse_worker_client_sync_endpoints:
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(r0|v3)/sync$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3)/events$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3)/initialSync$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$"
|
2020-10-02 07:49:51 +00:00
|
|
|
matrix_synapse_worker_client_api_endpoints:
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$"
|
|
|
|
- "/_matrix/client/(v1|unstable)/org.matrix.msc2946/rooms/.*/hierarchy$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(v1|unstable)/rooms/.*/relations/"
|
|
|
|
- "/_matrix/client/v1/rooms/.*/threads$"
|
|
|
|
- "/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$"
|
2021-10-07 05:41:39 +00:00
|
|
|
- "/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(r0|v3|unstable)/account/whoami$"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/devices$"
|
2020-10-02 07:49:51 +00:00
|
|
|
- "/_matrix/client/versions$"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/v1/rooms/.*/timestamp_to_event$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/search$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/capabilities$"
|
2022-04-22 09:42:47 +00:00
|
|
|
matrix_synapse_worker_client_encryption_endpoints:
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/keys/query$"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/keys/changes$"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/keys/claim$"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/room_keys/"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(r0|v3|unstable)/keys/upload/"
|
2020-10-02 07:49:51 +00:00
|
|
|
matrix_synapse_worker_client_login_endpoints:
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/login$"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/register$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(r0|v3|unstable)/register/available$"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/v1/register/m.login.registration_token/validity$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(r0|v3|unstable)/password_policy$"
|
2022-04-22 09:42:47 +00:00
|
|
|
matrix_synapse_worker_client_send_endpoints:
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/join/"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/knock/"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/profile/"
|
|
|
|
matrix_synapse_worker_client_device_endpoints:
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/sendToDevice/"
|
|
|
|
matrix_synapse_worker_client_account_data_endpoints:
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/.*/tags"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/.*/account_data"
|
|
|
|
matrix_synapse_worker_client_receipts_endpoints:
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt"
|
|
|
|
- "/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers"
|
|
|
|
matrix_synapse_worker_client_presence_endpoints:
|
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/presence/"
|
2020-10-02 07:49:51 +00:00
|
|
|
matrix_synapse_worker_federation_endpoints:
|
|
|
|
- "/_matrix/federation/v1/event/"
|
|
|
|
- "/_matrix/federation/v1/state/"
|
|
|
|
- "/_matrix/federation/v1/state_ids/"
|
|
|
|
- "/_matrix/federation/v1/backfill/"
|
|
|
|
- "/_matrix/federation/v1/get_missing_events/"
|
|
|
|
- "/_matrix/federation/v1/publicRooms"
|
|
|
|
- "/_matrix/federation/v1/query/"
|
|
|
|
- "/_matrix/federation/v1/make_join/"
|
|
|
|
- "/_matrix/federation/v1/make_leave/"
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/federation/(v1|v2)/send_join/"
|
|
|
|
- "/_matrix/federation/(v1|v2)/send_leave/"
|
|
|
|
- "/_matrix/federation/(v1|v2)/invite/"
|
2020-10-02 07:49:51 +00:00
|
|
|
- "/_matrix/federation/v1/event_auth/"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/federation/v1/timestamp_to_event/"
|
2020-10-02 07:49:51 +00:00
|
|
|
- "/_matrix/federation/v1/exchange_third_party_invite/"
|
|
|
|
- "/_matrix/federation/v1/user/devices/"
|
|
|
|
- "/_matrix/key/v2/query"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_matrix/federation/v1/hierarchy/"
|
|
|
|
matrix_synapse_worker_inbound_federation_transaction_request_endpoint:
|
2020-10-02 07:49:51 +00:00
|
|
|
- "/_matrix/federation/v1/send/"
|
|
|
|
matrix_synapse_worker_media_endpoints:
|
|
|
|
- "/_matrix/media/"
|
|
|
|
- "/_synapse/admin/v1/purge_media_cache$"
|
|
|
|
- "/_synapse/admin/v1/room/.*/media.*$"
|
|
|
|
- "/_synapse/admin/v1/user/.*/media.*$"
|
|
|
|
- "/_synapse/admin/v1/media/.*$"
|
|
|
|
- "/_synapse/admin/v1/quarantine_media/.*$"
|
2023-05-16 13:12:38 +00:00
|
|
|
- "/_synapse/admin/v1/users/.*/media$"
|
2020-10-02 07:49:51 +00:00
|
|
|
matrix_synapse_worker_user_search_endpoints:
|
|
|
|
- "/_matrix/client/(api/v1|r0|unstable)/user_directory/search$"
|
2021-10-07 05:41:39 +00:00
|
|
|
matrix_synapse_worker_sso_generic_endpoints:
|
2022-04-22 09:42:47 +00:00
|
|
|
- "/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect"
|
2021-10-07 05:41:39 +00:00
|
|
|
- "/_synapse/client/pick_idp$"
|
|
|
|
- "/_synapse/client/pick_username"
|
|
|
|
- "/_synapse/client/new_user_consent$"
|
|
|
|
- "/_synapse/client/sso_register$"
|
|
|
|
matrix_synapse_worker_sso_oidc_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_synapse/client/oidc/callback$' ] }}"
|
|
|
|
matrix_synapse_worker_sso_saml_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_synapse/client/saml2/authn_response$' ] }}"
|
2022-04-22 09:42:47 +00:00
|
|
|
matrix_synapse_worker_sso_cas_endpoints: "{{ matrix_synapse_worker_sso_generic_endpoints + [ '/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$' ] }}"
|