|
|
|
@ -89,7 +89,9 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }}
|
|
|
|
#gc_thresholds: [700, 10, 10]
|
|
|
|
#gc_thresholds: [700, 10, 10]
|
|
|
|
|
|
|
|
|
|
|
|
# Set the limit on the returned events in the timeline in the get
|
|
|
|
# Set the limit on the returned events in the timeline in the get
|
|
|
|
# and sync operations. The default value is -1, means no upper limit.
|
|
|
|
# and sync operations. The default value is 100. -1 means no upper limit.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Uncomment the following to increase the limit to 5000.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
#filter_timeline_limit: 5000
|
|
|
|
#filter_timeline_limit: 5000
|
|
|
|
|
|
|
|
|
|
|
|
@ -105,41 +107,6 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }}
|
|
|
|
#
|
|
|
|
#
|
|
|
|
#enable_search: false
|
|
|
|
#enable_search: false
|
|
|
|
|
|
|
|
|
|
|
|
# Restrict federation to the following whitelist of domains.
|
|
|
|
|
|
|
|
# N.B. we recommend also firewalling your federation listener to limit
|
|
|
|
|
|
|
|
# inbound federation traffic as early as possible, rather than relying
|
|
|
|
|
|
|
|
# purely on this application-layer restriction. If not specified, the
|
|
|
|
|
|
|
|
# default is to whitelist everything.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#federation_domain_whitelist:
|
|
|
|
|
|
|
|
# - lon.example.com
|
|
|
|
|
|
|
|
# - nyc.example.com
|
|
|
|
|
|
|
|
# - syd.example.com
|
|
|
|
|
|
|
|
{% if matrix_synapse_federation_domain_whitelist is not none %}
|
|
|
|
|
|
|
|
{# Cannot use `|to_nice_yaml` here, as an empty list does not get serialized properly by it. #}
|
|
|
|
|
|
|
|
federation_domain_whitelist: {{ matrix_synapse_federation_domain_whitelist|to_json }}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Prevent federation requests from being sent to the following
|
|
|
|
|
|
|
|
# blacklist IP address CIDR ranges. If this option is not specified, or
|
|
|
|
|
|
|
|
# specified with an empty list, no ip range blacklist will be enforced.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# As of Synapse v1.4.0 this option also affects any outbound requests to identity
|
|
|
|
|
|
|
|
# servers provided by user input.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
|
|
|
|
|
|
|
# listed here, since they correspond to unroutable addresses.)
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
federation_ip_range_blacklist:
|
|
|
|
|
|
|
|
- '127.0.0.0/8'
|
|
|
|
|
|
|
|
- '10.0.0.0/8'
|
|
|
|
|
|
|
|
- '172.16.0.0/12'
|
|
|
|
|
|
|
|
- '192.168.0.0/16'
|
|
|
|
|
|
|
|
- '100.64.0.0/10'
|
|
|
|
|
|
|
|
- '169.254.0.0/16'
|
|
|
|
|
|
|
|
- '::1/128'
|
|
|
|
|
|
|
|
- 'fe80::/64'
|
|
|
|
|
|
|
|
- 'fc00::/7'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# List of ports that Synapse should listen on, their purpose and their
|
|
|
|
# List of ports that Synapse should listen on, their purpose and their
|
|
|
|
# configuration.
|
|
|
|
# configuration.
|
|
|
|
@ -169,7 +136,7 @@ federation_ip_range_blacklist:
|
|
|
|
# names: a list of names of HTTP resources. See below for a list of
|
|
|
|
# names: a list of names of HTTP resources. See below for a list of
|
|
|
|
# valid resource names.
|
|
|
|
# valid resource names.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
# compress: set to true to enable HTTP comression for this resource.
|
|
|
|
# compress: set to true to enable HTTP compression for this resource.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
# additional_resources: Only valid for an 'http' listener. A map of
|
|
|
|
# additional_resources: Only valid for an 'http' listener. A map of
|
|
|
|
# additional endpoints which should be loaded via dynamic modules.
|
|
|
|
# additional endpoints which should be loaded via dynamic modules.
|
|
|
|
@ -610,6 +577,43 @@ acme:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Restrict federation to the following whitelist of domains.
|
|
|
|
|
|
|
|
# N.B. we recommend also firewalling your federation listener to limit
|
|
|
|
|
|
|
|
# inbound federation traffic as early as possible, rather than relying
|
|
|
|
|
|
|
|
# purely on this application-layer restriction. If not specified, the
|
|
|
|
|
|
|
|
# default is to whitelist everything.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#federation_domain_whitelist:
|
|
|
|
|
|
|
|
# - lon.example.com
|
|
|
|
|
|
|
|
# - nyc.example.com
|
|
|
|
|
|
|
|
# - syd.example.com
|
|
|
|
|
|
|
|
{% if matrix_synapse_federation_domain_whitelist is not none %}
|
|
|
|
|
|
|
|
{# Cannot use `|to_nice_yaml` here, as an empty list does not get serialized properly by it. #}
|
|
|
|
|
|
|
|
federation_domain_whitelist: {{ matrix_synapse_federation_domain_whitelist|to_json }}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Prevent federation requests from being sent to the following
|
|
|
|
|
|
|
|
# blacklist IP address CIDR ranges. If this option is not specified, or
|
|
|
|
|
|
|
|
# specified with an empty list, no ip range blacklist will be enforced.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# As of Synapse v1.4.0 this option also affects any outbound requests to identity
|
|
|
|
|
|
|
|
# servers provided by user input.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
|
|
|
|
|
|
|
|
# listed here, since they correspond to unroutable addresses.)
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
federation_ip_range_blacklist:
|
|
|
|
|
|
|
|
- '127.0.0.0/8'
|
|
|
|
|
|
|
|
- '10.0.0.0/8'
|
|
|
|
|
|
|
|
- '172.16.0.0/12'
|
|
|
|
|
|
|
|
- '192.168.0.0/16'
|
|
|
|
|
|
|
|
- '100.64.0.0/10'
|
|
|
|
|
|
|
|
- '169.254.0.0/16'
|
|
|
|
|
|
|
|
- '::1/128'
|
|
|
|
|
|
|
|
- 'fe80::/64'
|
|
|
|
|
|
|
|
- 'fc00::/7'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Caching ##
|
|
|
|
## Caching ##
|
|
|
|
|
|
|
|
|
|
|
|
# Caching can be configured through the following options.
|
|
|
|
# Caching can be configured through the following options.
|
|
|
|
@ -1788,6 +1792,9 @@ sso:
|
|
|
|
# Each JSON Web Token needs to contain a "sub" (subject) claim, which is
|
|
|
|
# Each JSON Web Token needs to contain a "sub" (subject) claim, which is
|
|
|
|
# used as the localpart of the mxid.
|
|
|
|
# used as the localpart of the mxid.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
|
|
|
|
# Additionally, the expiration time ("exp"), not before time ("nbf"),
|
|
|
|
|
|
|
|
# and issued at ("iat") claims are validated if present.
|
|
|
|
|
|
|
|
#
|
|
|
|
# Note that this is a non-standard login type and client support is
|
|
|
|
# Note that this is a non-standard login type and client support is
|
|
|
|
# expected to be non-existant.
|
|
|
|
# expected to be non-existant.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
@ -1879,8 +1886,8 @@ email:
|
|
|
|
#notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
|
|
|
|
#notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>"
|
|
|
|
notif_from: {{ matrix_synapse_email_notif_from|string|to_json }}
|
|
|
|
notif_from: {{ matrix_synapse_email_notif_from|string|to_json }}
|
|
|
|
|
|
|
|
|
|
|
|
# app_name defines the default value for '%(app)s' in notif_from. It
|
|
|
|
# app_name defines the default value for '%(app)s' in notif_from and email
|
|
|
|
# defaults to 'Matrix'.
|
|
|
|
# subjects. It defaults to 'Matrix'.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
#app_name: my_branded_matrix_server
|
|
|
|
#app_name: my_branded_matrix_server
|
|
|
|
app_name: Matrix
|
|
|
|
app_name: Matrix
|
|
|
|
@ -1946,6 +1953,73 @@ email:
|
|
|
|
# https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
|
|
|
|
# https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
|
|
|
|
#
|
|
|
|
#
|
|
|
|
#template_dir: "res/templates"
|
|
|
|
#template_dir: "res/templates"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Subjects to use when sending emails from Synapse.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# The placeholder '%(app)s' will be replaced with the value of the 'app_name'
|
|
|
|
|
|
|
|
# setting above, or by a value dictated by the Matrix client application.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# If a subject isn't overridden in this configuration file, the value used as
|
|
|
|
|
|
|
|
# its example will be used.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#subjects:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Subjects for notification emails.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# On top of the '%(app)s' placeholder, these can use the following
|
|
|
|
|
|
|
|
# placeholders:
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# * '%(person)s', which will be replaced by the display name of the user(s)
|
|
|
|
|
|
|
|
# that sent the message(s), e.g. "Alice and Bob".
|
|
|
|
|
|
|
|
# * '%(room)s', which will be replaced by the name of the room the
|
|
|
|
|
|
|
|
# message(s) have been sent to, e.g. "My super room".
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# See the example provided for each setting to see which placeholder can be
|
|
|
|
|
|
|
|
# used and how to use them.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about one message from one or more user(s) in a
|
|
|
|
|
|
|
|
# room which has a name.
|
|
|
|
|
|
|
|
#message_from_person_in_room: "[%(app)s] You have a message on %(app)s from %(person)s in the %(room)s room..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about one message from one or more user(s) in a
|
|
|
|
|
|
|
|
# room which doesn't have a name.
|
|
|
|
|
|
|
|
#message_from_person: "[%(app)s] You have a message on %(app)s from %(person)s..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about multiple messages from one or more users in
|
|
|
|
|
|
|
|
# a room which doesn't have a name.
|
|
|
|
|
|
|
|
#messages_from_person: "[%(app)s] You have messages on %(app)s from %(person)s..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about multiple messages in a room which has a
|
|
|
|
|
|
|
|
# name.
|
|
|
|
|
|
|
|
#messages_in_room: "[%(app)s] You have messages on %(app)s in the %(room)s room..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about multiple messages in multiple rooms.
|
|
|
|
|
|
|
|
#messages_in_room_and_others: "[%(app)s] You have messages on %(app)s in the %(room)s room and others..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about multiple messages from multiple persons in
|
|
|
|
|
|
|
|
# multiple rooms. This is similar to the setting above except it's used when
|
|
|
|
|
|
|
|
# the room in which the notification was triggered has no name.
|
|
|
|
|
|
|
|
#messages_from_person_and_others: "[%(app)s] You have messages on %(app)s from %(person)s and others..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about an invite to a room which has a name.
|
|
|
|
|
|
|
|
#invite_from_person_to_room: "[%(app)s] %(person)s has invited you to join the %(room)s room on %(app)s..."
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use to notify about an invite to a room which doesn't have a
|
|
|
|
|
|
|
|
# name.
|
|
|
|
|
|
|
|
#invite_from_person: "[%(app)s] %(person)s has invited you to chat on %(app)s..."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Subject for emails related to account administration.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# On top of the '%(app)s' placeholder, these one can use the
|
|
|
|
|
|
|
|
# '%(server_name)s' placeholder, which will be replaced by the value of the
|
|
|
|
|
|
|
|
# 'server_name' setting in your Synapse configuration.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use when sending a password reset email.
|
|
|
|
|
|
|
|
#password_reset: "[%(server_name)s] Password reset"
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# Subject to use when sending a verification email to assert an address's
|
|
|
|
|
|
|
|
# ownership.
|
|
|
|
|
|
|
|
#email_validation: "[%(server_name)s] Validate your email"
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
|
|
# Password providers allow homeserver administrators to integrate
|
|
|
|
# Password providers allow homeserver administrators to integrate
|
|
|
|
@ -2303,4 +2377,57 @@ opentracing:
|
|
|
|
# false
|
|
|
|
# false
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Workers ##
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Disables sending of outbound federation transactions on the main process.
|
|
|
|
|
|
|
|
# Uncomment if using a federation sender worker.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#send_federation: false
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# It is possible to run multiple federation sender workers, in which case the
|
|
|
|
|
|
|
|
# work is balanced across them.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
# This configuration must be shared between all federation sender workers, and if
|
|
|
|
|
|
|
|
# changed all federation sender workers must be stopped at the same time and then
|
|
|
|
|
|
|
|
# started, to ensure that all instances are running with the same config (otherwise
|
|
|
|
|
|
|
|
# events may be dropped).
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#federation_sender_instances:
|
|
|
|
|
|
|
|
# - federation_sender1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# When using workers this should be a map from `worker_name` to the
|
|
|
|
|
|
|
|
# HTTP replication listener of the worker, if configured.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#instance_map:
|
|
|
|
|
|
|
|
# worker1:
|
|
|
|
|
|
|
|
# host: localhost
|
|
|
|
|
|
|
|
# port: 8034
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Experimental: When using workers you can define which workers should
|
|
|
|
|
|
|
|
# handle event persistence and typing notifications. Any worker
|
|
|
|
|
|
|
|
# specified here must also be in the `instance_map`.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#stream_writers:
|
|
|
|
|
|
|
|
# events: worker1
|
|
|
|
|
|
|
|
# typing: worker1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Configuration for Redis when using workers. This *must* be enabled when
|
|
|
|
|
|
|
|
# using workers (unless using old style direct TCP configuration).
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
redis:
|
|
|
|
|
|
|
|
# Uncomment the below to enable Redis support.
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#enabled: true
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Optional host and port to use to connect to redis. Defaults to
|
|
|
|
|
|
|
|
# localhost and 6379
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#host: localhost
|
|
|
|
|
|
|
|
#port: 6379
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Optional password if configured on the Redis instance
|
|
|
|
|
|
|
|
#
|
|
|
|
|
|
|
|
#password: <secret_password>
|
|
|
|
|
|
|
|
|
|
|
|
# vim:ft=yaml
|
|
|
|
# vim:ft=yaml
|
|
|
|
|
Slavi Pantaleev
4 years ago