--- {% if synapse_tls %} tls_certificate_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.crt" tls_private_key_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.tls.key" tls_dh_params_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.tls.dh" {% endif %} server_name: "{{ synapse_server_name }}" public_baseurl: {{ synapse_public_baseurl | default('https://matrix.' + synapse_server_name) }} pid_file: {{ synapse_root_dir }}/tmp/homeserver.pid web_client: False soft_file_limit: 0 filter_timeline_limit: {{ synapse_timeline_limit }} listeners: {% if synapse_tls %} - port: {{ synapse_tls_port }} bind_addresses: [ {{ synapse_tls_listen_ip | join(',') }} ] type: http tls: true x_forwarded: {{ ('0.0.0.0/0' in synapse_tls_src_ip) | ternary('False','True') }} resources: - names: [ client ] compress: True - names: [ federation ] compress: False {% endif %} - port: {{ synapse_port }} bind_addresses: [ {{ synapse_listen_ip | join(',') }} ] type: http tls: False x_forwarded: {{ ('0.0.0.0/0' in synapse_src_ip) | ternary('False','True') }} resources: - names: [ client ] compress: {{ ('0.0.0.0/0' in synapse_src_ip) | ternary('True','False') }} - names: [ federation ] compress: False database: name: psycopg2 args: database: {{ synapse_pg_db_name }} host: {{ synapse_pg_db_server }} user: {{ synapse_pg_db_user }} password: {{ synapse_pg_db_pass }} cp_min: 5 cp_max: 10 event_cache_size: "10K" verbose: 0 log_config: "{{ synapse_root_dir }}/etc/logging.conf" {% if '*' not in synapse_federation_domain_whitelist %} {% if synapse_federation_domain_whitelist | length > 0 %} federation_domain_whitelist: {% for domain in synapse_federation_domain_whitelist %} - {{ domain }} {% endfor %} {% else %} federation_domain_whitelist: [] {% endif %} {% endif %} {% if synapse_federation_ip_blacklist | length > 0 %} federation_ip_range_blacklist: {% for ip in synapse_federation_ip_blacklist %} - {{ ip }} {% endfor %} {% else %} federation_ip_range_blacklist: [] {% endif %} rc_message: per_second: {{ synapse_rc_message_per_sec }} burst_count: {{ synapse_rc_message_burst }} rc_login: address: per_second: {{ synapse_rc_login_per_sec }} burst_count: {{ synapse_rc_login_burst }} account: per_second: {{ synapse_rc_login_per_sec }} burst_count: {{ synapse_rc_login_burst }} failed_attempts: per_second: {{ synapse_rc_login_per_sec }} burst_count: {{ synapse_rc_login_burst }} media_store_path: "{{ synapse_root_dir }}/media_store" uploads_path: "{{ synapse_root_dir }}/uploads" max_upload_size: "{{ synapse_upload_max_size }}" max_image_pixels: "32M" dynamic_thumbnails: False thumbnail_sizes: - width: 32 height: 32 method: crop - width: 96 height: 96 method: crop - width: 320 height: 240 method: scale - width: 640 height: 480 method: scale - width: 800 height: 600 method: scale {% if synapse_recaptcha_public_key is defined and synapse_recaptcha_private_key is defined %} recaptcha_public_key: "{{ synapse_recaptcha_public_key }}" recaptcha_private_key: "{{ synapse_recaptcha_private_key }}" enable_registration_captcha: True recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" {% endif %} {% if synapse_turn_uris is defined and synapse_turn_uris | length > 0 %} turn_uris: {% for uri in synapse_turn_uris %} - {{ uri }} {% endfor %} turn_shared_secret: "{{ synapse_turn_shared_secret | default(turnserver_auth_secret) }}" turn_user_lifetime: "1h" turn_allow_guests: {{ synapse_turn_allow_guests | ternary('True', 'False') }} {% endif %} enable_registration: {{ synapse_enable_registration | ternary('True', 'False') }} {% if synapse_registration_shared_secret is defined %} registration_shared_secret: "{{ synapse_registration_shared_secret }}" {% endif %} bcrypt_rounds: 12 allow_guest_access: {{ synapse_allow_guest_access | ternary('True', 'False') }} enable_metrics: False report_stats: False {% if synapse_trusted_third_party_id_servers is defined and synapse_trusted_third_party_id_servers | length > 0 %} trusted_third_party_id_servers: {% for server in synapse_trusted_third_party_id_servers %} - {{ server }} {% endfor %} {% endif %} room_invite_state_types: - "m.room.join_rules" - "m.room.canonical_alias" - "m.room.avatar" - "m.room.name" app_service_config_files: [] macaroon_secret_key: "{{ synapse_macaroon_key }}" expire_access_token: False {% if synapse_url_preview %} url_preview_enabled: True {% if synapse_url_preview_ip_range_blacklist is defined and synapse_url_preview_ip_range_blacklist | length > 0 %} url_preview_ip_range_blacklist: {% for ip in synapse_url_preview_ip_range_blacklist %} - {{ ip }} {% endfor %} {% endif %} {% if synapse_url_preview_ip_range_whitelist is defined and synapse_url_preview_ip_range_whitelist | length > 0 %} url_preview_ip_range_whitelist: {% for ip in synapse_url_preview_ip_range_whitelist %} - {{ ip }} {% endfor %} {% endif %} max_spider_size: {{ synapse_max_spider_size }} {% endif %} form_secret: "{{ synapse_form_secret }}" signing_key_path: "{{ synapse_root_dir }}/etc/{{ synapse_server_name }}.signing.key" key_refresh_interval: "1d" perspectives: servers: "matrix.org": verify_keys: "ed25519:auto": key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" {% if synapse_email_notifs %} email: enable_notifs: True smtp_host: "{{ synapse_smtp_server }}" smtp_port: {{ synapse_smtp_port }} {% if synapse_smtp_user is defined and synapse_smtp_pass is defined %} smtp_user: "{{ synapse_smtp_user }}" smtp_pass: "{{ synapse_smtp_pass }}" {% endif %} require_transport_security: {{ synapse_smtp_tls | ternary('True', 'False') }} notif_from: "{{ synapse_smtp_from }}" app_name: {{ synapse_app_name }} notif_for_new_users: True notif_template_html: notif_mail.html notif_template_text: notif_mail.txt {% if synapse_riot_url is defined %} riot_base_url: "{{ synapse_riot_base_url }}" {% endif %} {% endif %} push: include_content: true {% if synapse_auth == 'ldap' %} password_providers: - module: "ldap_auth_provider.LdapAuthProvider" config: enabled: True uri: "{{ synapse_ldap_uri }}" start_tls: {{ synapse_ldap_start_tls | ternary('True', 'False') }} base: "{{ synapse_ldap_user_base }}" attributes: uid: "{{ synapse_ldap_attr_uid }}" mail: "{{ synapse_ldap_attr_email }}" name: "{{ synapse_ldap_attr_name }}" {% if synapse_ldap_bind_dn is defined and synapse_ldap_bind_pass is defined %} bind_dn: {{ synapse_ldap_bind_dn }} bind_password: {{ synapse_ldap_bind_pass }} {% endif %} {% if synapse_ldap_filter is defined %} filter: "{{ synapse_ldap_filter }}" {% endif %} {% elif synapse_auth == 'rest' %} password_providers: - module: "rest_auth_provider.RestAuthProvider" config: endpoint: "{{ synapse_auth_rest_uri }}" {% endif %} alias_creation_rules: - user_id: "*" alias: "*" action: allow ...