author | Luke Hoersten <luke@hoersten.org> |
Tue, 09 Jun 2020 14:39:54 -0500 | |
changeset 38 | b4e705f4cda4 |
parent 37 | 2ef98b7b40d4 |
child 39 | 90b1b7c4be70 |
permissions | -rw-r--r-- |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1 |
# Configuration file for Synapse. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
2 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
3 |
# This is a YAML file: see [1] for a quick introduction. Note in particular |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
4 |
# that *indentation is important*: all the elements of a list or dictionary |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
5 |
# should have the same indentation. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
6 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
7 |
# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
8 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
9 |
## Server ## |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
10 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
11 |
# The domain name of the server, with optional explicit port. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
12 |
# This is used by remote servers to connect to this server, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
13 |
# e.g. matrix.org, localhost:8080, etc. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
14 |
# This is also the last part of your UserID. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
15 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
16 |
server_name: "{{nginx_server_name}}" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
17 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
18 |
# When running as a daemon, the file to store the pid in |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
19 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
20 |
pid_file: "/var/run/matrix-synapse.pid" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
21 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
22 |
# The absolute URL to the web client which /_matrix/client will redirect |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
23 |
# to if 'webclient' is configured under the 'listeners' configuration. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
24 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
25 |
# This option can be also set to the filesystem path to the web client |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
26 |
# which will be served at /_matrix/client/ if 'webclient' is configured |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
27 |
# under the 'listeners' configuration, however this is a security risk: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
28 |
# https://github.com/matrix-org/synapse#security-note |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
29 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
30 |
#web_client_location: https://riot.example.com/ |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
31 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
32 |
# The public-facing base URL that clients use to access this HS |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
33 |
# (not including _matrix/...). This is the same URL a user would |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
34 |
# enter into the 'custom HS URL' field on their client. If you |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
35 |
# use synapse with a reverse proxy, this should be the URL to reach |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
36 |
# synapse via the proxy. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
37 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
38 |
#public_baseurl: https://example.com/ |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
39 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
40 |
# Set the soft limit on the number of file descriptors synapse can use |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
41 |
# Zero is used to indicate synapse should set the soft limit to the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
42 |
# hard limit. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
43 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
44 |
#soft_file_limit: 0 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
45 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
46 |
# Set to false to disable presence tracking on this homeserver. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
47 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
48 |
#use_presence: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
49 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
50 |
# Whether to require authentication to retrieve profile data (avatars, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
51 |
# display names) of other users through the client API. Defaults to |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
52 |
# 'false'. Note that profile data is also available via the federation |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
53 |
# API, so this setting is of limited value if federation is enabled on |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
54 |
# the server. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
55 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
56 |
#require_auth_for_profile_requests: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
57 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
58 |
# Uncomment to require a user to share a room with another user in order |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
59 |
# to retrieve their profile information. Only checked on Client-Server |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
60 |
# requests. Profile requests from other servers should be checked by the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
61 |
# requesting server. Defaults to 'false'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
62 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
63 |
#limit_profile_requests_to_users_who_share_rooms: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
64 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
65 |
# If set to 'true', removes the need for authentication to access the server's |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
66 |
# public rooms directory through the client API, meaning that anyone can |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
67 |
# query the room directory. Defaults to 'false'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
68 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
69 |
#allow_public_rooms_without_auth: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
70 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
71 |
# If set to 'true', allows any other homeserver to fetch the server's public |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
72 |
# rooms directory via federation. Defaults to 'false'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
73 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
74 |
#allow_public_rooms_over_federation: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
75 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
76 |
# The default room version for newly created rooms. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
77 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
78 |
# Known room versions are listed here: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
79 |
# https://matrix.org/docs/spec/#complete-list-of-room-versions |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
80 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
81 |
# For example, for room version 1, default_room_version should be set |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
82 |
# to "1". |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
83 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
84 |
#default_room_version: "5" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
85 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
86 |
# The GC threshold parameters to pass to `gc.set_threshold`, if defined |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
87 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
88 |
#gc_thresholds: [700, 10, 10] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
89 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
90 |
# Set the limit on the returned events in the timeline in the get |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
91 |
# and sync operations. The default value is -1, means no upper limit. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
92 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
93 |
#filter_timeline_limit: 5000 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
94 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
95 |
# Whether room invites to users on this server should be blocked |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
96 |
# (except those sent by local server admins). The default is False. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
97 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
98 |
#block_non_admin_invites: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
99 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
100 |
# Room searching |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
101 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
102 |
# If disabled, new messages will not be indexed for searching and users |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
103 |
# will receive errors when searching for messages. Defaults to enabled. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
104 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
105 |
#enable_search: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
106 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
107 |
# Restrict federation to the following whitelist of domains. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
108 |
# N.B. we recommend also firewalling your federation listener to limit |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
109 |
# inbound federation traffic as early as possible, rather than relying |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
110 |
# purely on this application-layer restriction. If not specified, the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
111 |
# default is to whitelist everything. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
112 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
113 |
#federation_domain_whitelist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
114 |
# - lon.example.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
115 |
# - nyc.example.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
116 |
# - syd.example.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
117 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
118 |
# Prevent federation requests from being sent to the following |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
119 |
# blacklist IP address CIDR ranges. If this option is not specified, or |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
120 |
# specified with an empty list, no ip range blacklist will be enforced. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
121 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
122 |
# As of Synapse v1.4.0 this option also affects any outbound requests to identity |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
123 |
# servers provided by user input. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
124 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
125 |
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
126 |
# listed here, since they correspond to unroutable addresses.) |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
127 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
128 |
federation_ip_range_blacklist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
129 |
- '127.0.0.0/8' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
130 |
- '10.0.0.0/8' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
131 |
- '172.16.0.0/12' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
132 |
- '192.168.0.0/16' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
133 |
- '100.64.0.0/10' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
134 |
- '169.254.0.0/16' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
135 |
- '::1/128' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
136 |
- 'fe80::/64' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
137 |
- 'fc00::/7' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
138 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
139 |
# List of ports that Synapse should listen on, their purpose and their |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
140 |
# configuration. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
141 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
142 |
# Options for each listener include: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
143 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
144 |
# port: the TCP port to bind to |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
145 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
146 |
# bind_addresses: a list of local addresses to listen on. The default is |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
147 |
# 'all local interfaces'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
148 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
149 |
# type: the type of listener. Normally 'http', but other valid options are: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
150 |
# 'manhole' (see docs/manhole.md), |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
151 |
# 'metrics' (see docs/metrics-howto.md), |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
152 |
# 'replication' (see docs/workers.md). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
153 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
154 |
# tls: set to true to enable TLS for this listener. Will use the TLS |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
155 |
# key/cert specified in tls_private_key_path / tls_certificate_path. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
156 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
157 |
# x_forwarded: Only valid for an 'http' listener. Set to true to use the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
158 |
# X-Forwarded-For header as the client IP. Useful when Synapse is |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
159 |
# behind a reverse-proxy. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
160 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
161 |
# resources: Only valid for an 'http' listener. A list of resources to host |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
162 |
# on this port. Options for each resource are: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
163 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
164 |
# names: a list of names of HTTP resources. See below for a list of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
165 |
# valid resource names. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
166 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
167 |
# compress: set to true to enable HTTP comression for this resource. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
168 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
169 |
# additional_resources: Only valid for an 'http' listener. A map of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
170 |
# additional endpoints which should be loaded via dynamic modules. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
171 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
172 |
# Valid resource names are: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
173 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
174 |
# client: the client-server API (/_matrix/client), and the synapse admin |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
175 |
# API (/_synapse/admin). Also implies 'media' and 'static'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
176 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
177 |
# consent: user consent forms (/_matrix/consent). See |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
178 |
# docs/consent_tracking.md. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
179 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
180 |
# federation: the server-server API (/_matrix/federation). Also implies |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
181 |
# 'media', 'keys', 'openid' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
182 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
183 |
# keys: the key discovery API (/_matrix/keys). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
184 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
185 |
# media: the media API (/_matrix/media). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
186 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
187 |
# metrics: the metrics interface. See docs/metrics-howto.md. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
188 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
189 |
# openid: OpenID authentication. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
190 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
191 |
# replication: the HTTP replication API (/_synapse/replication). See |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
192 |
# docs/workers.md. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
193 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
194 |
# static: static resources under synapse/static (/_matrix/static). (Mostly |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
195 |
# useful for 'fallback authentication'.) |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
196 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
197 |
# webclient: A web client. Requires web_client_location to be set. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
198 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
199 |
listeners: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
200 |
# TLS-enabled listener: for when matrix traffic is sent directly to synapse. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
201 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
202 |
# Disabled by default. To enable it, uncomment the following. (Note that you |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
203 |
# will also need to give Synapse a TLS key and certificate: see the TLS section |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
204 |
# below.) |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
205 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
206 |
#- port: 8448 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
207 |
# type: http |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
208 |
# tls: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
209 |
# resources: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
210 |
# - names: [client, federation] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
211 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
212 |
# Unsecure HTTP listener: for when matrix traffic passes through a reverse proxy |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
213 |
# that unwraps TLS. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
214 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
215 |
# If you plan to use a reverse proxy, please see |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
216 |
# https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
217 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
218 |
- port: 8008 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
219 |
tls: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
220 |
type: http |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
221 |
x_forwarded: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
222 |
bind_addresses: ['::1', '127.0.0.1'] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
223 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
224 |
resources: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
225 |
- names: [client, federation] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
226 |
compress: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
227 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
228 |
# example additional_resources: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
229 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
230 |
#additional_resources: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
231 |
# "/_matrix/my/custom/endpoint": |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
232 |
# module: my_module.CustomRequestHandler |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
233 |
# config: {} |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
234 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
235 |
# Turn on the twisted ssh manhole service on localhost on the given |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
236 |
# port. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
237 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
238 |
#- port: 9000 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
239 |
# bind_addresses: ['::1', '127.0.0.1'] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
240 |
# type: manhole |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
241 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
242 |
# Forward extremities can build up in a room due to networking delays between |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
243 |
# homeservers. Once this happens in a large room, calculation of the state of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
244 |
# that room can become quite expensive. To mitigate this, once the number of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
245 |
# forward extremities reaches a given threshold, Synapse will send an |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
246 |
# org.matrix.dummy_event event, which will reduce the forward extremities |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
247 |
# in the room. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
248 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
249 |
# This setting defines the threshold (i.e. number of forward extremities in the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
250 |
# room) at which dummy events are sent. The default value is 10. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
251 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
252 |
#dummy_events_threshold: 5 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
253 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
254 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
255 |
## Homeserver blocking ## |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
256 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
257 |
# How to reach the server admin, used in ResourceLimitError |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
258 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
259 |
#admin_contact: 'mailto:[email protected]' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
260 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
261 |
# Global blocking |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
262 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
263 |
#hs_disabled: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
264 |
#hs_disabled_message: 'Human readable reason for why the HS is blocked' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
265 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
266 |
# Monthly Active User Blocking |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
267 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
268 |
# Used in cases where the admin or server owner wants to limit to the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
269 |
# number of monthly active users. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
270 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
271 |
# 'limit_usage_by_mau' disables/enables monthly active user blocking. When |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
272 |
# anabled and a limit is reached the server returns a 'ResourceLimitError' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
273 |
# with error type Codes.RESOURCE_LIMIT_EXCEEDED |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
274 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
275 |
# 'max_mau_value' is the hard limit of monthly active users above which |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
276 |
# the server will start blocking user actions. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
277 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
278 |
# 'mau_trial_days' is a means to add a grace period for active users. It |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
279 |
# means that users must be active for this number of days before they |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
280 |
# can be considered active and guards against the case where lots of users |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
281 |
# sign up in a short space of time never to return after their initial |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
282 |
# session. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
283 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
284 |
# 'mau_limit_alerting' is a means of limiting client side alerting |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
285 |
# should the mau limit be reached. This is useful for small instances |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
286 |
# where the admin has 5 mau seats (say) for 5 specific people and no |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
287 |
# interest increasing the mau limit further. Defaults to True, which |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
288 |
# means that alerting is enabled |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
289 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
290 |
#limit_usage_by_mau: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
291 |
#max_mau_value: 50 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
292 |
#mau_trial_days: 2 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
293 |
#mau_limit_alerting: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
294 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
295 |
# If enabled, the metrics for the number of monthly active users will |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
296 |
# be populated, however no one will be limited. If limit_usage_by_mau |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
297 |
# is true, this is implied to be true. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
298 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
299 |
#mau_stats_only: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
300 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
301 |
# Sometimes the server admin will want to ensure certain accounts are |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
302 |
# never blocked by mau checking. These accounts are specified here. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
303 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
304 |
#mau_limit_reserved_threepids: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
305 |
# - medium: 'email' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
306 |
# address: '[email protected]' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
307 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
308 |
# Used by phonehome stats to group together related servers. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
309 |
#server_context: context |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
310 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
311 |
# Resource-constrained homeserver Settings |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
312 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
313 |
# If limit_remote_rooms.enabled is True, the room complexity will be |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
314 |
# checked before a user joins a new remote room. If it is above |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
315 |
# limit_remote_rooms.complexity, it will disallow joining or |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
316 |
# instantly leave. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
317 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
318 |
# limit_remote_rooms.complexity_error can be set to customise the text |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
319 |
# displayed to the user when a room above the complexity threshold has |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
320 |
# its join cancelled. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
321 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
322 |
# Uncomment the below lines to enable: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
323 |
#limit_remote_rooms: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
324 |
# enabled: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
325 |
# complexity: 1.0 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
326 |
# complexity_error: "This room is too complex." |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
327 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
328 |
# Whether to require a user to be in the room to add an alias to it. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
329 |
# Defaults to 'true'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
330 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
331 |
#require_membership_for_aliases: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
332 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
333 |
# Whether to allow per-room membership profiles through the send of membership |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
334 |
# events with profile information that differ from the target's global profile. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
335 |
# Defaults to 'true'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
336 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
337 |
#allow_per_room_profiles: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
338 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
339 |
# How long to keep redacted events in unredacted form in the database. After |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
340 |
# this period redacted events get replaced with their redacted form in the DB. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
341 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
342 |
# Defaults to `7d`. Set to `null` to disable. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
343 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
344 |
#redaction_retention_period: 28d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
345 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
346 |
# How long to track users' last seen time and IPs in the database. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
347 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
348 |
# Defaults to `28d`. Set to `null` to disable clearing out of old rows. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
349 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
350 |
#user_ips_max_age: 14d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
351 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
352 |
# Message retention policy at the server level. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
353 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
354 |
# Room admins and mods can define a retention period for their rooms using the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
355 |
# 'm.room.retention' state event, and server admins can cap this period by setting |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
356 |
# the 'allowed_lifetime_min' and 'allowed_lifetime_max' config options. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
357 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
358 |
# If this feature is enabled, Synapse will regularly look for and purge events |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
359 |
# which are older than the room's maximum retention period. Synapse will also |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
360 |
# filter events received over federation so that events that should have been |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
361 |
# purged are ignored and not stored again. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
362 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
363 |
retention: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
364 |
# The message retention policies feature is disabled by default. Uncomment the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
365 |
# following line to enable it. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
366 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
367 |
#enabled: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
368 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
369 |
# Default retention policy. If set, Synapse will apply it to rooms that lack the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
370 |
# 'm.room.retention' state event. Currently, the value of 'min_lifetime' doesn't |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
371 |
# matter much because Synapse doesn't take it into account yet. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
372 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
373 |
#default_policy: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
374 |
# min_lifetime: 1d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
375 |
# max_lifetime: 1y |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
376 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
377 |
# Retention policy limits. If set, a user won't be able to send a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
378 |
# 'm.room.retention' event which features a 'min_lifetime' or a 'max_lifetime' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
379 |
# that's not within this range. This is especially useful in closed federations, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
380 |
# in which server admins can make sure every federating server applies the same |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
381 |
# rules. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
382 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
383 |
#allowed_lifetime_min: 1d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
384 |
#allowed_lifetime_max: 1y |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
385 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
386 |
# Server admins can define the settings of the background jobs purging the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
387 |
# events which lifetime has expired under the 'purge_jobs' section. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
388 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
389 |
# If no configuration is provided, a single job will be set up to delete expired |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
390 |
# events in every room daily. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
391 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
392 |
# Each job's configuration defines which range of message lifetimes the job |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
393 |
# takes care of. For example, if 'shortest_max_lifetime' is '2d' and |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
394 |
# 'longest_max_lifetime' is '3d', the job will handle purging expired events in |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
395 |
# rooms whose state defines a 'max_lifetime' that's both higher than 2 days, and |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
396 |
# lower than or equal to 3 days. Both the minimum and the maximum value of a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
397 |
# range are optional, e.g. a job with no 'shortest_max_lifetime' and a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
398 |
# 'longest_max_lifetime' of '3d' will handle every room with a retention policy |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
399 |
# which 'max_lifetime' is lower than or equal to three days. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
400 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
401 |
# The rationale for this per-job configuration is that some rooms might have a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
402 |
# retention policy with a low 'max_lifetime', where history needs to be purged |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
403 |
# of outdated messages on a more frequent basis than for the rest of the rooms |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
404 |
# (e.g. every 12h), but not want that purge to be performed by a job that's |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
405 |
# iterating over every room it knows, which could be heavy on the server. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
406 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
407 |
#purge_jobs: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
408 |
# - shortest_max_lifetime: 1d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
409 |
# longest_max_lifetime: 3d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
410 |
# interval: 12h |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
411 |
# - shortest_max_lifetime: 3d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
412 |
# longest_max_lifetime: 1y |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
413 |
# interval: 1d |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
414 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
415 |
# Inhibits the /requestToken endpoints from returning an error that might leak |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
416 |
# information about whether an e-mail address is in use or not on this |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
417 |
# homeserver. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
418 |
# Note that for some endpoints the error situation is the e-mail already being |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
419 |
# used, and for others the error is entering the e-mail being unused. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
420 |
# If this option is enabled, instead of returning an error, these endpoints will |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
421 |
# act as if no error happened and return a fake session ID ('sid') to clients. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
422 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
423 |
#request_token_inhibit_3pid_errors: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
424 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
425 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
426 |
## TLS ## |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
427 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
428 |
# PEM-encoded X509 certificate for TLS. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
429 |
# This certificate, as of Synapse 1.0, will need to be a valid and verifiable |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
430 |
# certificate, signed by a recognised Certificate Authority. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
431 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
432 |
# See 'ACME support' below to enable auto-provisioning this certificate via |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
433 |
# Let's Encrypt. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
434 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
435 |
# If supplying your own, be sure to use a `.pem` file that includes the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
436 |
# full certificate chain including any intermediate certificates (for |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
437 |
# instance, if using certbot, use `fullchain.pem` as your certificate, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
438 |
# not `cert.pem`). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
439 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
440 |
#tls_certificate_path: "/home/lhoersten/nth.io.tls.crt" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
441 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
442 |
# PEM-encoded private key for TLS |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
443 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
444 |
#tls_private_key_path: "/home/lhoersten/nth.io.tls.key" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
445 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
446 |
# Whether to verify TLS server certificates for outbound federation requests. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
447 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
448 |
# Defaults to `true`. To disable certificate verification, uncomment the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
449 |
# following line. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
450 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
451 |
#federation_verify_certificates: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
452 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
453 |
# The minimum TLS version that will be used for outbound federation requests. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
454 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
455 |
# Defaults to `1`. Configurable to `1`, `1.1`, `1.2`, or `1.3`. Note |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
456 |
# that setting this value higher than `1.2` will prevent federation to most |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
457 |
# of the public Matrix network: only configure it to `1.3` if you have an |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
458 |
# entirely private federation setup and you can ensure TLS 1.3 support. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
459 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
460 |
#federation_client_minimum_tls_version: 1.2 |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
461 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
462 |
# Skip federation certificate verification on the following whitelist |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
463 |
# of domains. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
464 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
465 |
# This setting should only be used in very specific cases, such as |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
466 |
# federation over Tor hidden services and similar. For private networks |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
467 |
# of homeservers, you likely want to use a private CA instead. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
468 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
469 |
# Only effective if federation_verify_certicates is `true`. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
470 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
471 |
#federation_certificate_verification_whitelist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
472 |
# - lon.example.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
473 |
# - *.domain.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
474 |
# - *.onion |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
475 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
476 |
# List of custom certificate authorities for federation traffic. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
477 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
478 |
# This setting should only normally be used within a private network of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
479 |
# homeservers. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
480 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
481 |
# Note that this list will replace those that are provided by your |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
482 |
# operating environment. Certificates must be in PEM format. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
483 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
484 |
#federation_custom_ca_list: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
485 |
# - myCA1.pem |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
486 |
# - myCA2.pem |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
487 |
# - myCA3.pem |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
488 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
489 |
# ACME support: This will configure Synapse to request a valid TLS certificate |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
490 |
# for your configured `server_name` via Let's Encrypt. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
491 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
492 |
# Note that ACME v1 is now deprecated, and Synapse currently doesn't support |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
493 |
# ACME v2. This means that this feature currently won't work with installs set |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
494 |
# up after November 2019. For more info, and alternative solutions, see |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
495 |
# https://github.com/matrix-org/synapse/blob/master/docs/ACME.md#deprecation-of-acme-v1 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
496 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
497 |
# Note that provisioning a certificate in this way requires port 80 to be |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
498 |
# routed to Synapse so that it can complete the http-01 ACME challenge. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
499 |
# By default, if you enable ACME support, Synapse will attempt to listen on |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
500 |
# port 80 for incoming http-01 challenges - however, this will likely fail |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
501 |
# with 'Permission denied' or a similar error. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
502 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
503 |
# There are a couple of potential solutions to this: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
504 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
505 |
# * If you already have an Apache, Nginx, or similar listening on port 80, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
506 |
# you can configure Synapse to use an alternate port, and have your web |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
507 |
# server forward the requests. For example, assuming you set 'port: 8009' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
508 |
# below, on Apache, you would write: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
509 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
510 |
# ProxyPass /.well-known/acme-challenge http://localhost:8009/.well-known/acme-challenge |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
511 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
512 |
# * Alternatively, you can use something like `authbind` to give Synapse |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
513 |
# permission to listen on port 80. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
514 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
515 |
acme: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
516 |
# ACME support is disabled by default. Set this to `true` and uncomment |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
517 |
# tls_certificate_path and tls_private_key_path above to enable it. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
518 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
519 |
enabled: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
520 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
521 |
# Endpoint to use to request certificates. If you only want to test, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
522 |
# use Let's Encrypt's staging url: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
523 |
# https://acme-staging.api.letsencrypt.org/directory |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
524 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
525 |
#url: https://acme-v01.api.letsencrypt.org/directory |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
526 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
527 |
# Port number to listen on for the HTTP-01 challenge. Change this if |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
528 |
# you are forwarding connections through Apache/Nginx/etc. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
529 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
530 |
port: 80 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
531 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
532 |
# Local addresses to listen on for incoming connections. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
533 |
# Again, you may want to change this if you are forwarding connections |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
534 |
# through Apache/Nginx/etc. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
535 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
536 |
bind_addresses: ['::', '0.0.0.0'] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
537 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
538 |
# How many days remaining on a certificate before it is renewed. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
539 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
540 |
reprovision_threshold: 30 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
541 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
542 |
# The domain that the certificate should be for. Normally this |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
543 |
# should be the same as your Matrix domain (i.e., 'server_name'), but, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
544 |
# by putting a file at 'https://<server_name>/.well-known/matrix/server', |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
545 |
# you can delegate incoming traffic to another server. If you do that, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
546 |
# you should give the target of the delegation here. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
547 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
548 |
# For example: if your 'server_name' is 'example.com', but |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
549 |
# 'https://example.com/.well-known/matrix/server' delegates to |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
550 |
# 'matrix.example.com', you should put 'matrix.example.com' here. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
551 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
552 |
# If not set, defaults to your 'server_name'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
553 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
554 |
domain: matrix.example.com |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
555 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
556 |
# file to use for the account key. This will be generated if it doesn't |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
557 |
# exist. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
558 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
559 |
# If unspecified, we will use CONFDIR/client.key. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
560 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
561 |
account_key_file: /home/lhoersten/acme_account.key |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
562 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
563 |
# List of allowed TLS fingerprints for this server to publish along |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
564 |
# with the signing keys for this server. Other matrix servers that |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
565 |
# make HTTPS requests to this server will check that the TLS |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
566 |
# certificates returned by this server match one of the fingerprints. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
567 |
# |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
568 |
# Synapse automatically adds the fingerprint of its own certificate |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
569 |
# to the list. So if federation traffic is handled directly by synapse |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
570 |
# then no modification to the list is required. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
571 |
# |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
572 |
# If synapse is run behind a load balancer that handles the TLS then it |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
573 |
# will be necessary to add the fingerprints of the certificates used by |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
574 |
# the loadbalancers to this list if they are different to the one |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
575 |
# synapse is using. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
576 |
# |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
577 |
# Homeservers are permitted to cache the list of TLS fingerprints |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
578 |
# returned in the key responses up to the "valid_until_ts" returned in |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
579 |
# key. It may be necessary to publish the fingerprints of a new |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
580 |
# certificate and wait until the "valid_until_ts" of the previous key |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
581 |
# responses have passed before deploying it. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
582 |
# |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
583 |
# You can calculate a fingerprint from a given TLS listener via: |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
584 |
# openssl s_client -connect $host:$port < /dev/null 2> /dev/null | |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
585 |
# openssl x509 -outform DER | openssl sha256 -binary | base64 | tr -d '=' |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
586 |
# or by checking matrix.org/federationtester/api/report?server_name=$host |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
587 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
588 |
#tls_fingerprints: [{"sha256": "<base64_encoded_sha256_fingerprint>"}] |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
589 |
|
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
590 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
591 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
592 |
## Database ## |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
593 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
594 |
# The 'database' setting defines the database that synapse uses to store all of |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
595 |
# its data. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
596 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
597 |
# 'name' gives the database engine to use: either 'sqlite3' (for SQLite) or |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
598 |
# 'psycopg2' (for PostgreSQL). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
599 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
600 |
# 'args' gives options which are passed through to the database engine, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
601 |
# except for options starting 'cp_', which are used to configure the Twisted |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
602 |
# connection pool. For a reference to valid arguments, see: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
603 |
# * for sqlite: https://docs.python.org/3/library/sqlite3.html#sqlite3.connect |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
604 |
# * for postgres: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
605 |
# * for the connection pool: https://twistedmatrix.com/documents/current/api/twisted.enterprise.adbapi.ConnectionPool.html#__init__ |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
606 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
607 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
608 |
# Example SQLite configuration: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
609 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
610 |
#database: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
611 |
# name: sqlite3 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
612 |
# args: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
613 |
# database: /path/to/homeserver.db |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
614 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
615 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
616 |
# Example Postgres configuration: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
617 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
618 |
#database: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
619 |
# name: psycopg2 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
620 |
# args: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
621 |
# user: synapse |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
622 |
# password: secretpassword |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
623 |
# database: synapse |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
624 |
# host: localhost |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
625 |
# cp_min: 5 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
626 |
# cp_max: 10 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
627 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
628 |
# For more information on using Synapse with Postgres, see `docs/postgres.md`. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
629 |
# |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
630 |
database: |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
631 |
name: sqlite3 |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
632 |
args: |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
633 |
database: "{{matrix_synapse_db}}" |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
634 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
635 |
# Number of events to cache in memory. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
636 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
637 |
#event_cache_size: 10K |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
638 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
639 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
640 |
## Logging ## |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
641 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
642 |
# A yaml python logging config file as described by |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
643 |
# https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
644 |
# |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
645 |
log_config: "/etc/matrix-synapse/log.yaml" |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
646 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
647 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
648 |
## Ratelimiting ## |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
649 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
650 |
# Ratelimiting settings for client actions (registration, login, messaging). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
651 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
652 |
# Each ratelimiting configuration is made of two parameters: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
653 |
# - per_second: number of requests a client can send per second. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
654 |
# - burst_count: number of requests a client can send before being throttled. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
655 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
656 |
# Synapse currently uses the following configurations: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
657 |
# - one for messages that ratelimits sending based on the account the client |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
658 |
# is using |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
659 |
# - one for registration that ratelimits registration requests based on the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
660 |
# client's IP address. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
661 |
# - one for login that ratelimits login requests based on the client's IP |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
662 |
# address. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
663 |
# - one for login that ratelimits login requests based on the account the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
664 |
# client is attempting to log into. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
665 |
# - one for login that ratelimits login requests based on the account the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
666 |
# client is attempting to log into, based on the amount of failed login |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
667 |
# attempts for this account. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
668 |
# - one for ratelimiting redactions by room admins. If this is not explicitly |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
669 |
# set then it uses the same ratelimiting as per rc_message. This is useful |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
670 |
# to allow room admins to deal with abuse quickly. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
671 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
672 |
# The defaults are as shown below. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
673 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
674 |
#rc_message: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
675 |
# per_second: 0.2 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
676 |
# burst_count: 10 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
677 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
678 |
#rc_registration: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
679 |
# per_second: 0.17 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
680 |
# burst_count: 3 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
681 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
682 |
#rc_login: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
683 |
# address: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
684 |
# per_second: 0.17 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
685 |
# burst_count: 3 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
686 |
# account: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
687 |
# per_second: 0.17 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
688 |
# burst_count: 3 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
689 |
# failed_attempts: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
690 |
# per_second: 0.17 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
691 |
# burst_count: 3 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
692 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
693 |
#rc_admin_redaction: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
694 |
# per_second: 1 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
695 |
# burst_count: 50 |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
696 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
697 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
698 |
# Ratelimiting settings for incoming federation |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
699 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
700 |
# The rc_federation configuration is made up of the following settings: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
701 |
# - window_size: window size in milliseconds |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
702 |
# - sleep_limit: number of federation requests from a single server in |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
703 |
# a window before the server will delay processing the request. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
704 |
# - sleep_delay: duration in milliseconds to delay processing events |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
705 |
# from remote servers by if they go over the sleep limit. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
706 |
# - reject_limit: maximum number of concurrent federation requests |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
707 |
# allowed from a single server |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
708 |
# - concurrent: number of federation requests to concurrently process |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
709 |
# from a single server |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
710 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
711 |
# The defaults are as shown below. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
712 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
713 |
#rc_federation: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
714 |
# window_size: 1000 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
715 |
# sleep_limit: 10 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
716 |
# sleep_delay: 500 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
717 |
# reject_limit: 50 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
718 |
# concurrent: 3 |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
719 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
720 |
# Target outgoing federation transaction frequency for sending read-receipts, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
721 |
# per-room. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
722 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
723 |
# If we end up trying to send out more read-receipts, they will get buffered up |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
724 |
# into fewer transactions. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
725 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
726 |
#federation_rr_transactions_per_room_per_second: 50 |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
727 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
728 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
729 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
730 |
## Media Store ## |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
731 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
732 |
# Enable the media store service in the Synapse master. Uncomment the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
733 |
# following if you are using a separate media store worker. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
734 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
735 |
#enable_media_repo: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
736 |
|
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
737 |
# Directory where uploaded images and attachments are stored. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
738 |
# |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
739 |
media_store_path: "{{matrix_synapse_media_store}}" |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
740 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
741 |
# Media storage providers allow media to be stored in different |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
742 |
# locations. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
743 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
744 |
#media_storage_providers: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
745 |
# - module: file_system |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
746 |
# # Whether to store newly uploaded local files |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
747 |
# store_local: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
748 |
# # Whether to store newly downloaded remote files |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
749 |
# store_remote: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
750 |
# # Whether to wait for successful storage for local uploads |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
751 |
# store_synchronous: false |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
752 |
# config: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
753 |
# directory: /mnt/some/other/directory |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
754 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
755 |
# The largest allowed upload size in bytes |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
756 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
757 |
#max_upload_size: 10M |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
758 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
759 |
# Maximum number of pixels that will be thumbnailed |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
760 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
761 |
#max_image_pixels: 32M |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
762 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
763 |
# Whether to generate new thumbnails on the fly to precisely match |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
764 |
# the resolution requested by the client. If true then whenever |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
765 |
# a new resolution is requested by the client the server will |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
766 |
# generate a new thumbnail. If false the server will pick a thumbnail |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
767 |
# from a precalculated list. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
768 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
769 |
#dynamic_thumbnails: false |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
770 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
771 |
# List of thumbnails to precalculate when an image is uploaded. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
772 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
773 |
#thumbnail_sizes: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
774 |
# - width: 32 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
775 |
# height: 32 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
776 |
# method: crop |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
777 |
# - width: 96 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
778 |
# height: 96 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
779 |
# method: crop |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
780 |
# - width: 320 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
781 |
# height: 240 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
782 |
# method: scale |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
783 |
# - width: 640 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
784 |
# height: 480 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
785 |
# method: scale |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
786 |
# - width: 800 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
787 |
# height: 600 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
788 |
# method: scale |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
789 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
790 |
# Is the preview URL API enabled? |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
791 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
792 |
# 'false' by default: uncomment the following to enable it (and specify a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
793 |
# url_preview_ip_range_blacklist blacklist). |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
794 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
795 |
#url_preview_enabled: true |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
796 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
797 |
# List of IP address CIDR ranges that the URL preview spider is denied |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
798 |
# from accessing. There are no defaults: you must explicitly |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
799 |
# specify a list for URL previewing to work. You should specify any |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
800 |
# internal services in your network that you do not want synapse to try |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
801 |
# to connect to, otherwise anyone in any Matrix room could cause your |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
802 |
# synapse to issue arbitrary GET requests to your internal services, |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
803 |
# causing serious security issues. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
804 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
805 |
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
806 |
# listed here, since they correspond to unroutable addresses.) |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
807 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
808 |
# This must be specified if url_preview_enabled is set. It is recommended that |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
809 |
# you uncomment the following list as a starting point. |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
810 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
811 |
#url_preview_ip_range_blacklist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
812 |
# - '127.0.0.0/8' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
813 |
# - '10.0.0.0/8' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
814 |
# - '172.16.0.0/12' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
815 |
# - '192.168.0.0/16' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
816 |
# - '100.64.0.0/10' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
817 |
# - '169.254.0.0/16' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
818 |
# - '::1/128' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
819 |
# - 'fe80::/64' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
820 |
# - 'fc00::/7' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
821 |
|
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
822 |
# List of IP address CIDR ranges that the URL preview spider is allowed |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
823 |
# to access even if they are specified in url_preview_ip_range_blacklist. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
824 |
# This is useful for specifying exceptions to wide-ranging blacklisted |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
825 |
# target IP ranges - e.g. for enabling URL previews for a specific private |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
826 |
# website only visible in your network. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
827 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
828 |
#url_preview_ip_range_whitelist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
829 |
# - '192.168.1.1' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
830 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
831 |
# Optional list of URL matches that the URL preview spider is |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
832 |
# denied from accessing. You should use url_preview_ip_range_blacklist |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
833 |
# in preference to this, otherwise someone could define a public DNS |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
834 |
# entry that points to a private IP address and circumvent the blacklist. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
835 |
# This is more useful if you know there is an entire shape of URL that |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
836 |
# you know that will never want synapse to try to spider. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
837 |
# |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
838 |
# Each list entry is a dictionary of url component attributes as returned |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
839 |
# by urlparse.urlsplit as applied to the absolute form of the URL. See |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
840 |
# https://docs.python.org/2/library/urlparse.html#urlparse.urlsplit |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
841 |
# The values of the dictionary are treated as an filename match pattern |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
842 |
# applied to that component of URLs, unless they start with a ^ in which |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
843 |
# case they are treated as a regular expression match. If all the |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
844 |
# specified component matches for a given list item succeed, the URL is |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
845 |
# blacklisted. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
846 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
847 |
#url_preview_url_blacklist: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
848 |
# # blacklist any URL with a username in its URI |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
849 |
# - username: '*' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
850 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
851 |
# # blacklist all *.google.com URLs |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
852 |
# - netloc: 'google.com' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
853 |
# - netloc: '*.google.com' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
854 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
855 |
# # blacklist all plain HTTP URLs |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
856 |
# - scheme: 'http' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
857 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
858 |
# # blacklist http(s)://www.acme.com/foo |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
859 |
# - netloc: 'www.acme.com' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
860 |
# path: '/foo' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
861 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
862 |
# # blacklist any URL with a literal IPv4 address |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
863 |
# - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
864 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
865 |
# The largest allowed URL preview spidering size in bytes |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
866 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
867 |
#max_spider_size: 10M |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
868 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
869 |
# A list of values for the Accept-Language HTTP header used when |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
870 |
# downloading webpages during URL preview generation. This allows |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
871 |
# Synapse to specify the preferred languages that URL previews should |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
872 |
# be in when communicating with remote servers. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
873 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
874 |
# Each value is a IETF language tag; a 2-3 letter identifier for a |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
875 |
# language, optionally followed by subtags separated by '-', specifying |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
876 |
# a country or region variant. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
877 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
878 |
# Multiple values can be provided, and a weight can be added to each by |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
879 |
# using quality value syntax (;q=). '*' translates to any language. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
880 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
881 |
# Defaults to "en". |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
882 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
883 |
# Example: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
884 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
885 |
# url_preview_accept_language: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
886 |
# - en-UK |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
887 |
# - en-US;q=0.9 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
888 |
# - fr;q=0.8 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
889 |
# - *;q=0.7 |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
890 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
891 |
url_preview_accept_language: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
892 |
# - en |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
893 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
894 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
895 |
## Captcha ## |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
896 |
# See docs/CAPTCHA_SETUP for full details of configuring this. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
897 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
898 |
# This homeserver's ReCAPTCHA public key. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
899 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
900 |
#recaptcha_public_key: "YOUR_PUBLIC_KEY" |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
901 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
902 |
# This homeserver's ReCAPTCHA private key. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
903 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
904 |
#recaptcha_private_key: "YOUR_PRIVATE_KEY" |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
905 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
906 |
# Enables ReCaptcha checks when registering, preventing signup |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
907 |
# unless a captcha is answered. Requires a valid ReCaptcha |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
908 |
# public/private key. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
909 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
910 |
#enable_registration_captcha: false |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
911 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
912 |
# The API endpoint to use for verifying m.login.recaptcha responses. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
913 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
914 |
#recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify" |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
915 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
916 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
917 |
## TURN ## |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
918 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
919 |
# The public URIs of the TURN server to give to clients |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
920 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
921 |
#turn_uris: [] |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
922 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
923 |
# The shared secret used to compute passwords for the TURN server |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
924 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
925 |
#turn_shared_secret: "YOUR_SHARED_SECRET" |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
926 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
927 |
# The Username and password if the TURN server needs them and |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
928 |
# does not use a token |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
929 |
# |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
930 |
#turn_username: "TURNSERVER_USERNAME" |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
931 |
#turn_password: "TURNSERVER_PASSWORD" |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
932 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
933 |
# How long generated TURN credentials last |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
934 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
935 |
#turn_user_lifetime: 1h |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
936 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
937 |
# Whether guests should be allowed to use the TURN server. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
938 |
# This defaults to True, otherwise VoIP will be unreliable for guests. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
939 |
# However, it does introduce a slight security risk as it allows users to |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
940 |
# connect to arbitrary endpoints without having first signed up for a |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
941 |
# valid account (e.g. by passing a CAPTCHA). |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
942 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
943 |
#turn_allow_guests: true |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
944 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
945 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
946 |
## Registration ## |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
947 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
948 |
# Registration can be rate-limited using the parameters in the "Ratelimiting" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
949 |
# section of this file. |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
950 |
|
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
951 |
# Enable registration for new users. |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
952 |
# |
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
953 |
enable_registration: {{matrix_synapse_enable_registrations}} |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
954 |
|
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
955 |
# Optional account validity configuration. This allows for accounts to be denied |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
956 |
# any request after a given period. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
957 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
958 |
# Once this feature is enabled, Synapse will look for registered users without an |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
959 |
# expiration date at startup and will add one to every account it found using the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
960 |
# current settings at that time. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
961 |
# This means that, if a validity period is set, and Synapse is restarted (it will |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
962 |
# then derive an expiration date from the current validity period), and some time |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
963 |
# after that the validity period changes and Synapse is restarted, the users' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
964 |
# expiration dates won't be updated unless their account is manually renewed. This |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
965 |
# date will be randomly selected within a range [now + period - d ; now + period], |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
966 |
# where d is equal to 10% of the validity period. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
967 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
968 |
account_validity: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
969 |
# The account validity feature is disabled by default. Uncomment the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
970 |
# following line to enable it. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
971 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
972 |
#enabled: true |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
973 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
974 |
# The period after which an account is valid after its registration. When |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
975 |
# renewing the account, its validity period will be extended by this amount |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
976 |
# of time. This parameter is required when using the account validity |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
977 |
# feature. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
978 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
979 |
#period: 6w |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
980 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
981 |
# The amount of time before an account's expiry date at which Synapse will |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
982 |
# send an email to the account's email address with a renewal link. By |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
983 |
# default, no such emails are sent. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
984 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
985 |
# If you enable this setting, you will also need to fill out the 'email' and |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
986 |
# 'public_baseurl' configuration sections. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
987 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
988 |
#renew_at: 1w |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
989 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
990 |
# The subject of the email sent out with the renewal link. '%(app)s' can be |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
991 |
# used as a placeholder for the 'app_name' parameter from the 'email' |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
992 |
# section. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
993 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
994 |
# Note that the placeholder must be written '%(app)s', including the |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
995 |
# trailing 's'. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
996 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
997 |
# If this is not set, a default value is used. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
998 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
999 |
#renew_email_subject: "Renew your %(app)s account" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1000 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1001 |
# Directory in which Synapse will try to find templates for the HTML files to |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1002 |
# serve to the user when trying to renew an account. If not set, default |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1003 |
# templates from within the Synapse package will be used. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1004 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1005 |
#template_dir: "res/templates" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1006 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1007 |
# File within 'template_dir' giving the HTML to be displayed to the user after |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1008 |
# they successfully renewed their account. If not set, default text is used. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1009 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1010 |
#account_renewed_html_path: "account_renewed.html" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1011 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1012 |
# File within 'template_dir' giving the HTML to be displayed when the user |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1013 |
# tries to renew an account with an invalid renewal token. If not set, |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1014 |
# default text is used. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1015 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1016 |
#invalid_token_html_path: "invalid_token.html" |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1017 |
|
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1018 |
# Time that a user's session remains valid for, after they log in. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1019 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1020 |
# Note that this is not currently compatible with guest logins. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1021 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1022 |
# Note also that this is calculated at login time: changes are not applied |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1023 |
# retrospectively to users who have already logged in. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1024 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1025 |
# By default, this is infinite. |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1026 |
# |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1027 |
#session_lifetime: 24h |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1028 |
|
36
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
1029 |
# The user must provide all of the below types of 3PID when registering. |
a8627367c7be
Add matrix synapse server role.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
1030 |
# |
37
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1031 |
#registrations_require_3pid: |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1032 |
# - email |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1033 |
# - msisdn |
2ef98b7b40d4
Updated to buster-backports matrix.
Luke Hoersten <luke@hoersten.org>
parents:
36
diff
changeset
|
1034 |
|