128 lines
3.3 KiB
YAML
128 lines
3.3 KiB
YAML
# For more information on how to configure Synapse, including a complete accounting of
|
|
# each option, go to docs/usage/configuration/config_documentation.md or
|
|
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
|
|
|
|
|
|
# Server
|
|
server_name: "{{ domain }}"
|
|
pid_file: /data/homeserver.pid
|
|
public_baseurl: "https://matrix.{{ domain }}"
|
|
listeners:
|
|
- port: 8008
|
|
tls: false
|
|
type: http
|
|
x_forwarded: true
|
|
resources:
|
|
- names: [client, federation]
|
|
compress: false
|
|
email:
|
|
smtp_host: "mail.{{ domain }}"
|
|
smtp_port: {{ ports['mailserver_smtps'] }}
|
|
smtp_user: "{{ synapse_secrets['smtp_user'] }}"
|
|
smtp_pass: '{{ synapse_secrets["smtp_pass"] }}'
|
|
force_tls: true
|
|
notif_from: "Matrix <matrix@{{ domain }}>"
|
|
invite_client_location: "https://element.{{ domain }}"
|
|
|
|
|
|
# Homeserver blocking
|
|
max_avatar_size: 2M
|
|
|
|
|
|
# Database
|
|
database:
|
|
name: psycopg2
|
|
args:
|
|
user: '{{ synapse_secrets["postgres_user"] }}'
|
|
password: '{{ synapse_secrets["postgres_password"] }}'
|
|
dbname: synapse
|
|
host: 'postgres.{{ domain }}'
|
|
cp_min: 5
|
|
cp_max: 10
|
|
|
|
|
|
# Logging
|
|
log_config: "/data/{{ domain }}.log.config"
|
|
|
|
|
|
# Media Store
|
|
media_store_path: /data/media_store
|
|
# Changer aussi le max_body_size dans le reverse proxy
|
|
max_upload_size: {{ synapse['max_upload_size'] }}
|
|
media_retention:
|
|
remote_media_lifetime: 14d
|
|
url_preview_enabled: true
|
|
url_preview_ip_range_blacklist:
|
|
- '127.0.0.0/8'
|
|
- '10.0.0.0/8'
|
|
- '172.16.0.0/12'
|
|
- '192.168.0.0/16'
|
|
- '100.64.0.0/10'
|
|
- '192.0.0.0/24'
|
|
- '169.254.0.0/16'
|
|
- '192.88.99.0/24'
|
|
- '198.18.0.0/15'
|
|
- '192.0.2.0/24'
|
|
- '198.51.100.0/24'
|
|
- '203.0.113.0/24'
|
|
- '224.0.0.0/4'
|
|
- '::1/128'
|
|
- 'fe80::/10'
|
|
- 'fc00::/7'
|
|
- '2001:db8::/32'
|
|
- 'ff00::/8'
|
|
- 'fec0::/10'
|
|
url_preview_accept_language:
|
|
- 'en'
|
|
- 'fr'
|
|
- '*;q=0.2'
|
|
|
|
|
|
# TURN
|
|
turn_uris: ["turns:turn.{{ domain }}?transport=udp", "turns:turn.{{ domain }}?transport=tcp"]
|
|
turn_shared_secret: "{{ synapse_secrets['turn_shared_secret'] }}"
|
|
turn_user_lifetime: 86400000
|
|
turn_allow_guests: true
|
|
|
|
|
|
# Registration
|
|
enable_registration: true
|
|
registration_requires_token: true
|
|
|
|
|
|
# Metrics
|
|
report_stats: true
|
|
|
|
|
|
# API Configuration
|
|
macaroon_secret_key: "{{ synapse_secrets['macaroon_secret_key'] }}"
|
|
form_secret: "{{ synapse_secrets['form_secret'] }}"
|
|
|
|
|
|
# Signing Keys
|
|
signing_key_path: "/data/{{ domain }}.signing.key"
|
|
trusted_key_servers:
|
|
- server_name: "matrix.org"
|
|
suppress_key_server_warning: true
|
|
|
|
|
|
# Single sign-on integration
|
|
oidc_providers:
|
|
- idp_id: authelia
|
|
idp_name: "Authelia"
|
|
idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
|
|
discover: false
|
|
issuer: "https://auth.{{ domain }}"
|
|
client_id: '{{ authelia_secrets["synapse_client_id"] }}'
|
|
client_secret: '{{ authelia_secrets["synapse_client_secret"] }}'
|
|
scopes: ["openid", "profile", "email"]
|
|
authorization_endpoint: 'https://auth.{{ domain }}/api/oidc/authorization'
|
|
token_endpoint: 'https://auth.{{ domain }}/api/oidc/token'
|
|
jwks_uri: 'https://auth.{{ domain }}/jwks.json'
|
|
allow_existing_users: true
|
|
user_mapping_provider:
|
|
config:
|
|
subject_claim: "sub"
|
|
localpart_template: "{% raw %}{{ user.preferred_username }}{% endraw %}"
|
|
display_name_template: "{% raw %}{{ user.name }}{% endraw %}"
|
|
email_template: "{% raw %}{{ user.email }}{% endraw %}"
|