# For more information on how to configure Synapse, including a complete accounting of # each option, go to docs/usage/configuration/config_documentation.md or # https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html # Server server_name: "{{ domain }}" pid_file: /data/homeserver.pid public_baseurl: "https://matrix.{{ domain }}" listeners: - port: 8008 tls: false type: http x_forwarded: true resources: - names: [client, federation] compress: false email: smtp_host: "mail.{{ domain }}" smtp_port: {{ ports['mailserver_smtps'] }} smtp_user: "{{ synapse_secrets['smtp_user'] }}" smtp_pass: '{{ synapse_secrets["smtp_pass"] }}' force_tls: true notif_from: "Matrix " invite_client_location: "https://element.{{ domain }}" # Homeserver blocking max_avatar_size: 2M # Database database: name: psycopg2 args: user: '{{ synapse_secrets["postgres_user"] }}' password: '{{ synapse_secrets["postgres_password"] }}' dbname: synapse host: 'postgres.{{ domain }}' cp_min: 5 cp_max: 10 # Logging log_config: "/data/{{ domain }}.log.config" # Media Store media_store_path: /data/media_store # Changer aussi le max_body_size dans le reverse proxy max_upload_size: {{ synapse['max_upload_size'] }} media_retention: remote_media_lifetime: 14d url_preview_enabled: true url_preview_ip_range_blacklist: - '127.0.0.0/8' - '10.0.0.0/8' - '172.16.0.0/12' - '192.168.0.0/16' - '100.64.0.0/10' - '192.0.0.0/24' - '169.254.0.0/16' - '192.88.99.0/24' - '198.18.0.0/15' - '192.0.2.0/24' - '198.51.100.0/24' - '203.0.113.0/24' - '224.0.0.0/4' - '::1/128' - 'fe80::/10' - 'fc00::/7' - '2001:db8::/32' - 'ff00::/8' - 'fec0::/10' url_preview_accept_language: - 'en' - 'fr' - '*;q=0.2' # TURN turn_uris: ["turns:turn.{{ domain }}?transport=udp", "turns:turn.{{ domain }}?transport=tcp"] turn_shared_secret: "{{ synapse_secrets['turn_shared_secret'] }}" turn_user_lifetime: 86400000 turn_allow_guests: true # Registration enable_registration: true registration_requires_token: true # Metrics report_stats: true # API Configuration macaroon_secret_key: "{{ synapse_secrets['macaroon_secret_key'] }}" form_secret: "{{ synapse_secrets['form_secret'] }}" # Signing Keys signing_key_path: "/data/{{ domain }}.signing.key" trusted_key_servers: - server_name: "matrix.org" suppress_key_server_warning: true # Single sign-on integration oidc_providers: - idp_id: keycloak idp_name: "Keycloak" issuer: "https://kc.{{ domain }}/realms/master" client_id: '{{ synapse_secrets["client_id"] }}' client_secret: '{{ synapse_secrets["client_secret"] }}' scopes: ["openid", "profile", "email"] allow_existing_users: true user_mapping_provider: config: subject_claim: "sub" localpart_template: "{% raw %}{{ user.preferred_username }}{% endraw %}" display_name_template: "{% raw %}{{ user.name }}{% endraw %}" email_template: "{% raw %}{{ user.email }}{% endraw %}" backchannel_logout_enabled: true password_config: enabled: false