matrix: rebase homeserver config against current upstream

This commit is contained in:
Markus 2022-03-23 18:04:48 +01:00
parent dac19a26b6
commit 3cd42908be

View File

@ -11,7 +11,7 @@
# Server admins can expand Synapse's functionality with external modules. # Server admins can expand Synapse's functionality with external modules.
# #
# See https://matrix-org.github.io/synapse/latest/modules.html for more # See https://matrix-org.github.io/synapse/latest/modules/index.html for more
# documentation on how to configure or create custom modules for Synapse. # documentation on how to configure or create custom modules for Synapse.
# #
modules: modules:
@ -50,13 +50,7 @@ modules:
# #
pid_file: "/var/run/matrix-synapse.pid" pid_file: "/var/run/matrix-synapse.pid"
# The absolute URL to the web client which /_matrix/client will redirect # The absolute URL to the web client which / will redirect to.
# to if 'webclient' is configured under the 'listeners' configuration.
#
# This option can be also set to the filesystem path to the web client
# which will be served at /_matrix/client/ if 'webclient' is configured
# under the 'listeners' configuration, however this is a security risk:
# https://github.com/matrix-org/synapse#security-note
# #
#web_client_location: https://riot.example.com/ #web_client_location: https://riot.example.com/
@ -140,12 +134,12 @@ allow_public_rooms_over_federation: true
# The default room version for newly created rooms. # The default room version for newly created rooms.
# #
# Known room versions are listed here: # Known room versions are listed here:
# https://matrix.org/docs/spec/#complete-list-of-room-versions # https://spec.matrix.org/latest/rooms/#complete-list-of-room-versions
# #
# For example, for room version 1, default_room_version should be set # For example, for room version 1, default_room_version should be set
# to "1". # to "1".
# #
#default_room_version: "6" #default_room_version: "9"
# The GC threshold parameters to pass to `gc.set_threshold`, if defined # The GC threshold parameters to pass to `gc.set_threshold`, if defined
# #
@ -286,8 +280,6 @@ allow_public_rooms_over_federation: true
# static: static resources under synapse/static (/_matrix/static). (Mostly # static: static resources under synapse/static (/_matrix/static). (Mostly
# useful for 'fallback authentication'.) # useful for 'fallback authentication'.)
# #
# webclient: A web client. Requires web_client_location to be set.
#
listeners: listeners:
# TLS-enabled listener: for when matrix traffic is sent directly to synapse. # TLS-enabled listener: for when matrix traffic is sent directly to synapse.
# #
@ -455,6 +447,20 @@ limit_remote_rooms:
# #
#allow_per_room_profiles: false #allow_per_room_profiles: false
# The largest allowed file size for a user avatar. Defaults to no restriction.
#
# Note that user avatar changes will not work if this is set without
# using Synapse's media repository.
#
#max_avatar_size: 10M
# The MIME types allowed for user avatars. Defaults to no restriction.
#
# Note that user avatar changes will not work if this is set without
# using Synapse's media repository.
#
#allowed_avatar_mimetypes: ["image/png", "image/jpeg", "image/gif"]
# How long to keep redacted events in unredacted form in the database. After # How long to keep redacted events in unredacted form in the database. After
# this period redacted events get replaced with their redacted form in the DB. # this period redacted events get replaced with their redacted form in the DB.
# #
@ -623,8 +629,8 @@ retention:
# #
#federation_certificate_verification_whitelist: #federation_certificate_verification_whitelist:
# - lon.example.com # - lon.example.com
# - *.domain.com # - "*.domain.com"
# - *.onion # - "*.onion"
# List of custom certificate authorities for federation traffic. # List of custom certificate authorities for federation traffic.
# #
@ -721,11 +727,16 @@ caches:
per_cache_factors: per_cache_factors:
#get_users_who_share_room_with_user: 2.0 #get_users_who_share_room_with_user: 2.0
# Controls how long an entry can be in a cache without having been # Controls whether cache entries are evicted after a specified time
# accessed before being evicted. Defaults to None, which means # period. Defaults to true. Uncomment to disable this feature.
# entries are never evicted based on time.
# #
#expiry_time: 30m #expire_caches: false
# If expire_caches is enabled, this flag controls how long an entry can
# be in a cache without having been accessed before being evicted.
# Defaults to 30m. Uncomment to set a different time to live for cache entries.
#
#cache_entry_ttl: 30m
# Controls how long the results of a /sync request are cached for after # Controls how long the results of a /sync request are cached for after
# a successful response is returned. A higher duration can help clients with # a successful response is returned. A higher duration can help clients with
@ -832,6 +843,9 @@ log_config: "/etc/matrix-synapse/log.yaml"
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID. # - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
# - two for ratelimiting how often invites can be sent in a room or to a # - two for ratelimiting how often invites can be sent in a room or to a
# specific user. # specific user.
# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
# such as an email address or a phone number) based on the account that's
# sending the invite.
# #
# The defaults are as shown below. # The defaults are as shown below.
# #
@ -881,6 +895,10 @@ log_config: "/etc/matrix-synapse/log.yaml"
# per_user: # per_user:
# per_second: 0.003 # per_second: 0.003
# burst_count: 5 # burst_count: 5
#
#rc_third_party_invite:
# per_second: 0.2
# burst_count: 10
# Ratelimiting settings for incoming federation # Ratelimiting settings for incoming federation
# #
@ -1190,6 +1208,44 @@ enable_registration: false
# #
#session_lifetime: 24h #session_lifetime: 24h
# Time that an access token remains valid for, if the session is
# using refresh tokens.
# For more information about refresh tokens, please see the manual.
# Note that this only applies to clients which advertise support for
# refresh tokens.
#
# Note also that this is calculated at login time and refresh time:
# changes are not applied to existing sessions until they are refreshed.
#
# By default, this is 5 minutes.
#
#refreshable_access_token_lifetime: 5m
# Time that a refresh token remains valid for (provided that it is not
# exchanged for another one first).
# This option can be used to automatically log-out inactive sessions.
# Please see the manual for more information.
#
# Note also that this is calculated at login time and refresh time:
# changes are not applied to existing sessions until they are refreshed.
#
# By default, this is infinite.
#
#refresh_token_lifetime: 24h
# Time that an access token remains valid for, if the session is NOT
# using refresh tokens.
# Please note that not all clients support refresh tokens, so setting
# this to a short value may be inconvenient for some users who will
# then be logged out frequently.
#
# Note also that this is calculated at login time: changes are not applied
# retrospectively to existing sessions for users that have already logged in.
#
# By default, this is infinite.
#
#nonrefreshable_access_token_lifetime: 24h
# The user must provide all of the below types of 3PID when registering. # The user must provide all of the below types of 3PID when registering.
# #
#registrations_require_3pid: #registrations_require_3pid:
@ -1379,6 +1435,16 @@ enable_3pid_changes: false
# #
#auto_join_rooms_for_guests: false #auto_join_rooms_for_guests: false
# Whether to inhibit errors raised when registering a new account if the user ID
# already exists. If turned on, that requests to /register/available will always
# show a user ID as available, and Synapse won't raise an error when starting
# a registration with a user ID that already exists. However, Synapse will still
# raise an error if the registration completes and the username conflicts.
#
# Defaults to false.
#
#inhibit_user_in_use_error: true
## Metrics ### ## Metrics ###
@ -1431,6 +1497,7 @@ room_prejoin_state:
# - m.room.encryption # - m.room.encryption
# - m.room.name # - m.room.name
# - m.room.create # - m.room.create
# - m.room.topic
# #
# Uncomment the following to disable these defaults (so that only the event # Uncomment the following to disable these defaults (so that only the event
# types listed in 'additional_event_types' are shared). Defaults to 'false'. # types listed in 'additional_event_types' are shared). Defaults to 'false'.
@ -1812,10 +1879,13 @@ saml2_config:
# Defaults to false. Avoid this in production. # Defaults to false. Avoid this in production.
# #
# user_profile_method: Whether to fetch the user profile from the userinfo # user_profile_method: Whether to fetch the user profile from the userinfo
# endpoint. Valid values are: 'auto' or 'userinfo_endpoint'. # endpoint, or to rely on the data returned in the id_token from the
# token_endpoint.
# #
# Defaults to 'auto', which fetches the userinfo endpoint if 'openid' is # Valid values are: 'auto' or 'userinfo_endpoint'.
# included in 'scopes'. Set to 'userinfo_endpoint' to always fetch the #
# Defaults to 'auto', which uses the userinfo endpoint if 'openid' is
# not included in 'scopes'. Set to 'userinfo_endpoint' to always use the
# userinfo endpoint. # userinfo endpoint.
# #
# allow_existing_users: set to 'true' to allow a user logging in via OIDC to # allow_existing_users: set to 'true' to allow a user logging in via OIDC to
@ -1843,8 +1913,14 @@ saml2_config:
# #
# localpart_template: Jinja2 template for the localpart of the MXID. # localpart_template: Jinja2 template for the localpart of the MXID.
# If this is not set, the user will be prompted to choose their # If this is not set, the user will be prompted to choose their
# own username (see 'sso_auth_account_details.html' in the 'sso' # own username (see the documentation for the
# section of this file). # 'sso_auth_account_details.html' template). This template can
# use the 'localpart_from_email' filter.
#
# confirm_localpart: Whether to prompt the user to validate (or
# change) the generated localpart (see the documentation for the
# 'sso_auth_account_details.html' template), instead of
# registering the account right away.
# #
# display_name_template: Jinja2 template for the display name to set # display_name_template: Jinja2 template for the display name to set
# on first login. If unset, no displayname will be set. # on first login. If unset, no displayname will be set.
@ -2020,6 +2096,12 @@ sso:
# #
#algorithm: "provided-by-your-issuer" #algorithm: "provided-by-your-issuer"
# Name of the claim containing a unique identifier for the user.
#
# Optional, defaults to `sub`.
#
#subject_claim: "sub"
# The issuer to validate the "iss" claim against. # The issuer to validate the "iss" claim against.
# #
# Optional, if provided the "iss" claim will be required and # Optional, if provided the "iss" claim will be required and
@ -2369,8 +2451,8 @@ user_directory:
# indexes were (re)built was before Synapse 1.44, you'll have to # indexes were (re)built was before Synapse 1.44, you'll have to
# rebuild the indexes in order to search through all known users. # rebuild the indexes in order to search through all known users.
# These indexes are built the first time Synapse starts; admins can # These indexes are built the first time Synapse starts; admins can
# manually trigger a rebuild following the instructions at # manually trigger a rebuild via API following the instructions at
# https://matrix-org.github.io/synapse/latest/user_directory.html # https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/background_updates.html#run
# #
# Uncomment to return search results containing all known users, even if that # Uncomment to return search results containing all known users, even if that
# user does not share a room with the requester. # user does not share a room with the requester.
@ -2647,3 +2729,35 @@ redis:
# Optional password if configured on the Redis instance # Optional password if configured on the Redis instance
# #
#password: <secret_password> #password: <secret_password>
## Background Updates ##
# Background updates are database updates that are run in the background in batches.
# The duration, minimum batch size, default batch size, whether to sleep between batches and if so, how long to
# sleep can all be configured. This is helpful to speed up or slow down the updates.
#
background_updates:
# How long in milliseconds to run a batch of background updates for. Defaults to 100. Uncomment and set
# a time to change the default.
#
#background_update_duration_ms: 500
# Whether to sleep between updates. Defaults to True. Uncomment to change the default.
#
#sleep_enabled: false
# If sleeping between updates, how long in milliseconds to sleep for. Defaults to 1000. Uncomment
# and set a duration to change the default.
#
#sleep_duration_ms: 300
# Minimum size a batch of background updates can be. Must be greater than 0. Defaults to 1. Uncomment and
# set a size to change the default.
#
#min_batch_size: 10
# The batch size to use for the first iteration of a new background update. The default is 100.
# Uncomment and set a size to change the default.
#
#default_batch_size: 50