Piotr Dobrowolski | c39fb04 | 2019-05-17 09:13:56 +0200 | [diff] [blame] | 1 | # vim:ft=yaml |
| 2 | |
| 3 | ## TLS ## |
| 4 | |
| 5 | {% if not SYNAPSE_NO_TLS %} |
| 6 | |
| 7 | tls_certificate_path: "/data/{{ SYNAPSE_SERVER_NAME }}.tls.crt" |
| 8 | tls_private_key_path: "/data/{{ SYNAPSE_SERVER_NAME }}.tls.key" |
| 9 | |
| 10 | {% if SYNAPSE_ACME %} |
| 11 | acme: |
| 12 | enabled: true |
| 13 | port: 8009 |
| 14 | {% endif %} |
| 15 | |
| 16 | {% endif %} |
| 17 | |
| 18 | ## Server ## |
| 19 | |
| 20 | server_name: "{{ SYNAPSE_SERVER_NAME }}" |
| 21 | pid_file: /homeserver.pid |
| 22 | web_client: False |
| 23 | soft_file_limit: 0 |
| 24 | log_config: "/compiled/log.config" |
| 25 | |
| 26 | ## Ports ## |
| 27 | |
| 28 | listeners: |
| 29 | {% if not SYNAPSE_NO_TLS %} |
| 30 | - |
| 31 | port: 8448 |
| 32 | bind_addresses: ['::'] |
| 33 | type: http |
| 34 | tls: true |
Piotr Dobrowolski | 3ea979d | 2019-05-23 16:11:52 +0200 | [diff] [blame] | 35 | x_forwarded: true |
Piotr Dobrowolski | c39fb04 | 2019-05-17 09:13:56 +0200 | [diff] [blame] | 36 | resources: |
| 37 | - names: [client] |
| 38 | compress: true |
| 39 | - names: [federation] # Federation APIs |
| 40 | compress: false |
| 41 | {% endif %} |
| 42 | |
| 43 | - port: 8008 |
| 44 | tls: false |
| 45 | bind_addresses: ['::'] |
| 46 | type: http |
Piotr Dobrowolski | 3ea979d | 2019-05-23 16:11:52 +0200 | [diff] [blame] | 47 | x_forwarded: true |
Piotr Dobrowolski | c39fb04 | 2019-05-17 09:13:56 +0200 | [diff] [blame] | 48 | |
| 49 | resources: |
| 50 | - names: [client] |
| 51 | compress: true |
| 52 | - names: [federation] |
| 53 | compress: false |
| 54 | |
| 55 | ## Database ## |
| 56 | |
| 57 | {% if POSTGRES_PASSWORD %} |
| 58 | database: |
| 59 | name: "psycopg2" |
| 60 | args: |
| 61 | user: "{{ POSTGRES_USER or "synapse" }}" |
| 62 | password: "{{ POSTGRES_PASSWORD }}" |
| 63 | database: "{{ POSTGRES_DB or "synapse" }}" |
| 64 | host: "{{ POSTGRES_HOST or "db" }}" |
| 65 | port: "{{ POSTGRES_PORT or "5432" }}" |
| 66 | cp_min: 5 |
| 67 | cp_max: 10 |
| 68 | {% else %} |
| 69 | database: |
| 70 | name: "sqlite3" |
| 71 | args: |
| 72 | database: "/data/homeserver.db" |
| 73 | {% endif %} |
| 74 | |
| 75 | ## Performance ## |
| 76 | |
| 77 | event_cache_size: "{{ SYNAPSE_EVENT_CACHE_SIZE or "10K" }}" |
| 78 | |
| 79 | ## Ratelimiting ## |
| 80 | |
| 81 | rc_messages_per_second: 0.2 |
| 82 | rc_message_burst_count: 10.0 |
| 83 | federation_rc_window_size: 1000 |
| 84 | federation_rc_sleep_limit: 10 |
| 85 | federation_rc_sleep_delay: 500 |
| 86 | federation_rc_reject_limit: 50 |
| 87 | federation_rc_concurrent: 3 |
| 88 | |
| 89 | ## Files ## |
| 90 | |
| 91 | media_store_path: "/data/media" |
| 92 | uploads_path: "/data/uploads" |
| 93 | max_upload_size: "{{ SYNAPSE_MAX_UPLOAD_SIZE or "10M" }}" |
| 94 | max_image_pixels: "32M" |
| 95 | dynamic_thumbnails: false |
| 96 | |
| 97 | # List of thumbnail to precalculate when an image is uploaded. |
| 98 | thumbnail_sizes: |
| 99 | - width: 32 |
| 100 | height: 32 |
| 101 | method: crop |
| 102 | - width: 96 |
| 103 | height: 96 |
| 104 | method: crop |
| 105 | - width: 320 |
| 106 | height: 240 |
| 107 | method: scale |
| 108 | - width: 640 |
| 109 | height: 480 |
| 110 | method: scale |
| 111 | - width: 800 |
| 112 | height: 600 |
| 113 | method: scale |
| 114 | |
| 115 | url_preview_enabled: False |
| 116 | max_spider_size: "10M" |
| 117 | |
| 118 | ## Captcha ## |
| 119 | |
| 120 | {% if SYNAPSE_RECAPTCHA_PUBLIC_KEY %} |
| 121 | recaptcha_public_key: "{{ SYNAPSE_RECAPTCHA_PUBLIC_KEY }}" |
| 122 | recaptcha_private_key: "{{ SYNAPSE_RECAPTCHA_PRIVATE_KEY }}" |
| 123 | enable_registration_captcha: True |
| 124 | recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" |
| 125 | {% else %} |
| 126 | recaptcha_public_key: "YOUR_PUBLIC_KEY" |
| 127 | recaptcha_private_key: "YOUR_PRIVATE_KEY" |
| 128 | enable_registration_captcha: False |
| 129 | recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" |
| 130 | {% endif %} |
| 131 | |
| 132 | ## Turn ## |
| 133 | |
| 134 | {% if SYNAPSE_TURN_URIS %} |
| 135 | turn_uris: |
| 136 | {% for uri in SYNAPSE_TURN_URIS.split(',') %} - "{{ uri }}" |
| 137 | {% endfor %} |
| 138 | turn_shared_secret: "{{ SYNAPSE_TURN_SECRET }}" |
| 139 | turn_user_lifetime: "1h" |
| 140 | turn_allow_guests: True |
| 141 | {% else %} |
| 142 | turn_uris: [] |
| 143 | turn_shared_secret: "YOUR_SHARED_SECRET" |
| 144 | turn_user_lifetime: "1h" |
| 145 | turn_allow_guests: True |
| 146 | {% endif %} |
| 147 | |
| 148 | ## Registration ## |
| 149 | |
| 150 | enable_registration: {{ "True" if SYNAPSE_ENABLE_REGISTRATION else "False" }} |
| 151 | registration_shared_secret: "{{ SYNAPSE_REGISTRATION_SHARED_SECRET }}" |
| 152 | bcrypt_rounds: 12 |
| 153 | allow_guest_access: {{ "True" if SYNAPSE_ALLOW_GUEST else "False" }} |
| 154 | enable_group_creation: true |
| 155 | |
| 156 | # The list of identity servers trusted to verify third party |
| 157 | # identifiers by this server. |
| 158 | # |
| 159 | # Also defines the ID server which will be called when an account is |
| 160 | # deactivated (one will be picked arbitrarily). |
| 161 | trusted_third_party_id_servers: |
| 162 | - matrix.org |
| 163 | - vector.im |
| 164 | |
| 165 | ## Metrics ### |
| 166 | |
| 167 | {% if SYNAPSE_REPORT_STATS.lower() == "yes" %} |
| 168 | enable_metrics: True |
| 169 | report_stats: True |
| 170 | {% else %} |
| 171 | enable_metrics: False |
| 172 | report_stats: False |
| 173 | {% endif %} |
| 174 | |
| 175 | ## API Configuration ## |
| 176 | |
| 177 | room_invite_state_types: |
| 178 | - "m.room.join_rules" |
| 179 | - "m.room.canonical_alias" |
| 180 | - "m.room.avatar" |
| 181 | - "m.room.name" |
| 182 | |
| 183 | {% if SYNAPSE_APPSERVICES %} |
| 184 | app_service_config_files: |
| 185 | {% for appservice in SYNAPSE_APPSERVICES %} - "{{ appservice }}" |
| 186 | {% endfor %} |
| 187 | {% else %} |
| 188 | app_service_config_files: [] |
| 189 | {% endif %} |
| 190 | |
| 191 | macaroon_secret_key: "{{ SYNAPSE_MACAROON_SECRET_KEY }}" |
| 192 | expire_access_token: False |
| 193 | |
| 194 | ## Signing Keys ## |
| 195 | |
| 196 | signing_key_path: "/data/{{ SYNAPSE_SERVER_NAME }}.signing.key" |
| 197 | old_signing_keys: {} |
| 198 | key_refresh_interval: "1d" # 1 Day. |
| 199 | |
| 200 | # The trusted servers to download signing keys from. |
| 201 | perspectives: |
| 202 | servers: |
| 203 | "matrix.org": |
| 204 | verify_keys: |
| 205 | "ed25519:auto": |
| 206 | key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" |
| 207 | |
| 208 | password_config: |
| 209 | enabled: true |
| 210 | |
| 211 | {% if SYNAPSE_SMTP_HOST %} |
| 212 | email: |
| 213 | enable_notifs: false |
| 214 | smtp_host: "{{ SYNAPSE_SMTP_HOST }}" |
| 215 | smtp_port: {{ SYNAPSE_SMTP_PORT or "25" }} |
| 216 | smtp_user: "{{ SYNAPSE_SMTP_USER }}" |
| 217 | smtp_pass: "{{ SYNAPSE_SMTP_PASSWORD }}" |
| 218 | require_transport_security: False |
| 219 | notif_from: "{{ SYNAPSE_SMTP_FROM or "hostmaster@" + SYNAPSE_SERVER_NAME }}" |
| 220 | app_name: Matrix |
| 221 | # if template_dir is unset, uses the example templates that are part of |
| 222 | # the Synapse distribution. |
| 223 | #template_dir: res/templates |
| 224 | notif_template_html: notif_mail.html |
| 225 | notif_template_text: notif_mail.txt |
| 226 | notif_for_new_users: True |
| 227 | riot_base_url: "https://{{ SYNAPSE_SERVER_NAME }}" |
| 228 | {% endif %} |
| 229 | |
| 230 | cas_config: |
| 231 | enabled: true |
| 232 | server_url: "https://matrix.hackerspace.pl/_cas" |
| 233 | service_url: "https://matrix.hackerspace.pl" |