forked from infra/ansible
matrix: rebase homeserver config against current upstream
This commit is contained in:
parent
dac19a26b6
commit
3cd42908be
@ -11,7 +11,7 @@
|
|||||||
|
|
||||||
# Server admins can expand Synapse's functionality with external modules.
|
# Server admins can expand Synapse's functionality with external modules.
|
||||||
#
|
#
|
||||||
# See https://matrix-org.github.io/synapse/latest/modules.html for more
|
# See https://matrix-org.github.io/synapse/latest/modules/index.html for more
|
||||||
# documentation on how to configure or create custom modules for Synapse.
|
# documentation on how to configure or create custom modules for Synapse.
|
||||||
#
|
#
|
||||||
modules:
|
modules:
|
||||||
@ -50,13 +50,7 @@ modules:
|
|||||||
#
|
#
|
||||||
pid_file: "/var/run/matrix-synapse.pid"
|
pid_file: "/var/run/matrix-synapse.pid"
|
||||||
|
|
||||||
# The absolute URL to the web client which /_matrix/client will redirect
|
# The absolute URL to the web client which / will redirect to.
|
||||||
# to if 'webclient' is configured under the 'listeners' configuration.
|
|
||||||
#
|
|
||||||
# This option can be also set to the filesystem path to the web client
|
|
||||||
# which will be served at /_matrix/client/ if 'webclient' is configured
|
|
||||||
# under the 'listeners' configuration, however this is a security risk:
|
|
||||||
# https://github.com/matrix-org/synapse#security-note
|
|
||||||
#
|
#
|
||||||
#web_client_location: https://riot.example.com/
|
#web_client_location: https://riot.example.com/
|
||||||
|
|
||||||
@ -140,12 +134,12 @@ allow_public_rooms_over_federation: true
|
|||||||
# The default room version for newly created rooms.
|
# The default room version for newly created rooms.
|
||||||
#
|
#
|
||||||
# Known room versions are listed here:
|
# Known room versions are listed here:
|
||||||
# https://matrix.org/docs/spec/#complete-list-of-room-versions
|
# https://spec.matrix.org/latest/rooms/#complete-list-of-room-versions
|
||||||
#
|
#
|
||||||
# For example, for room version 1, default_room_version should be set
|
# For example, for room version 1, default_room_version should be set
|
||||||
# to "1".
|
# to "1".
|
||||||
#
|
#
|
||||||
#default_room_version: "6"
|
#default_room_version: "9"
|
||||||
|
|
||||||
# The GC threshold parameters to pass to `gc.set_threshold`, if defined
|
# The GC threshold parameters to pass to `gc.set_threshold`, if defined
|
||||||
#
|
#
|
||||||
@ -286,8 +280,6 @@ allow_public_rooms_over_federation: true
|
|||||||
# static: static resources under synapse/static (/_matrix/static). (Mostly
|
# static: static resources under synapse/static (/_matrix/static). (Mostly
|
||||||
# useful for 'fallback authentication'.)
|
# useful for 'fallback authentication'.)
|
||||||
#
|
#
|
||||||
# webclient: A web client. Requires web_client_location to be set.
|
|
||||||
#
|
|
||||||
listeners:
|
listeners:
|
||||||
# TLS-enabled listener: for when matrix traffic is sent directly to synapse.
|
# TLS-enabled listener: for when matrix traffic is sent directly to synapse.
|
||||||
#
|
#
|
||||||
@ -455,6 +447,20 @@ limit_remote_rooms:
|
|||||||
#
|
#
|
||||||
#allow_per_room_profiles: false
|
#allow_per_room_profiles: false
|
||||||
|
|
||||||
|
# The largest allowed file size for a user avatar. Defaults to no restriction.
|
||||||
|
#
|
||||||
|
# Note that user avatar changes will not work if this is set without
|
||||||
|
# using Synapse's media repository.
|
||||||
|
#
|
||||||
|
#max_avatar_size: 10M
|
||||||
|
|
||||||
|
# The MIME types allowed for user avatars. Defaults to no restriction.
|
||||||
|
#
|
||||||
|
# Note that user avatar changes will not work if this is set without
|
||||||
|
# using Synapse's media repository.
|
||||||
|
#
|
||||||
|
#allowed_avatar_mimetypes: ["image/png", "image/jpeg", "image/gif"]
|
||||||
|
|
||||||
# How long to keep redacted events in unredacted form in the database. After
|
# How long to keep redacted events in unredacted form in the database. After
|
||||||
# this period redacted events get replaced with their redacted form in the DB.
|
# this period redacted events get replaced with their redacted form in the DB.
|
||||||
#
|
#
|
||||||
@ -623,8 +629,8 @@ retention:
|
|||||||
#
|
#
|
||||||
#federation_certificate_verification_whitelist:
|
#federation_certificate_verification_whitelist:
|
||||||
# - lon.example.com
|
# - lon.example.com
|
||||||
# - *.domain.com
|
# - "*.domain.com"
|
||||||
# - *.onion
|
# - "*.onion"
|
||||||
|
|
||||||
# List of custom certificate authorities for federation traffic.
|
# List of custom certificate authorities for federation traffic.
|
||||||
#
|
#
|
||||||
@ -721,11 +727,16 @@ caches:
|
|||||||
per_cache_factors:
|
per_cache_factors:
|
||||||
#get_users_who_share_room_with_user: 2.0
|
#get_users_who_share_room_with_user: 2.0
|
||||||
|
|
||||||
# Controls how long an entry can be in a cache without having been
|
# Controls whether cache entries are evicted after a specified time
|
||||||
# accessed before being evicted. Defaults to None, which means
|
# period. Defaults to true. Uncomment to disable this feature.
|
||||||
# entries are never evicted based on time.
|
|
||||||
#
|
#
|
||||||
#expiry_time: 30m
|
#expire_caches: false
|
||||||
|
|
||||||
|
# If expire_caches is enabled, this flag controls how long an entry can
|
||||||
|
# be in a cache without having been accessed before being evicted.
|
||||||
|
# Defaults to 30m. Uncomment to set a different time to live for cache entries.
|
||||||
|
#
|
||||||
|
#cache_entry_ttl: 30m
|
||||||
|
|
||||||
# Controls how long the results of a /sync request are cached for after
|
# Controls how long the results of a /sync request are cached for after
|
||||||
# a successful response is returned. A higher duration can help clients with
|
# a successful response is returned. A higher duration can help clients with
|
||||||
@ -832,6 +843,9 @@ log_config: "/etc/matrix-synapse/log.yaml"
|
|||||||
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
|
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
|
||||||
# - two for ratelimiting how often invites can be sent in a room or to a
|
# - two for ratelimiting how often invites can be sent in a room or to a
|
||||||
# specific user.
|
# specific user.
|
||||||
|
# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
|
||||||
|
# such as an email address or a phone number) based on the account that's
|
||||||
|
# sending the invite.
|
||||||
#
|
#
|
||||||
# The defaults are as shown below.
|
# The defaults are as shown below.
|
||||||
#
|
#
|
||||||
@ -881,6 +895,10 @@ log_config: "/etc/matrix-synapse/log.yaml"
|
|||||||
# per_user:
|
# per_user:
|
||||||
# per_second: 0.003
|
# per_second: 0.003
|
||||||
# burst_count: 5
|
# burst_count: 5
|
||||||
|
#
|
||||||
|
#rc_third_party_invite:
|
||||||
|
# per_second: 0.2
|
||||||
|
# burst_count: 10
|
||||||
|
|
||||||
# Ratelimiting settings for incoming federation
|
# Ratelimiting settings for incoming federation
|
||||||
#
|
#
|
||||||
@ -1190,6 +1208,44 @@ enable_registration: false
|
|||||||
#
|
#
|
||||||
#session_lifetime: 24h
|
#session_lifetime: 24h
|
||||||
|
|
||||||
|
# Time that an access token remains valid for, if the session is
|
||||||
|
# using refresh tokens.
|
||||||
|
# For more information about refresh tokens, please see the manual.
|
||||||
|
# Note that this only applies to clients which advertise support for
|
||||||
|
# refresh tokens.
|
||||||
|
#
|
||||||
|
# Note also that this is calculated at login time and refresh time:
|
||||||
|
# changes are not applied to existing sessions until they are refreshed.
|
||||||
|
#
|
||||||
|
# By default, this is 5 minutes.
|
||||||
|
#
|
||||||
|
#refreshable_access_token_lifetime: 5m
|
||||||
|
|
||||||
|
# Time that a refresh token remains valid for (provided that it is not
|
||||||
|
# exchanged for another one first).
|
||||||
|
# This option can be used to automatically log-out inactive sessions.
|
||||||
|
# Please see the manual for more information.
|
||||||
|
#
|
||||||
|
# Note also that this is calculated at login time and refresh time:
|
||||||
|
# changes are not applied to existing sessions until they are refreshed.
|
||||||
|
#
|
||||||
|
# By default, this is infinite.
|
||||||
|
#
|
||||||
|
#refresh_token_lifetime: 24h
|
||||||
|
|
||||||
|
# Time that an access token remains valid for, if the session is NOT
|
||||||
|
# using refresh tokens.
|
||||||
|
# Please note that not all clients support refresh tokens, so setting
|
||||||
|
# this to a short value may be inconvenient for some users who will
|
||||||
|
# then be logged out frequently.
|
||||||
|
#
|
||||||
|
# Note also that this is calculated at login time: changes are not applied
|
||||||
|
# retrospectively to existing sessions for users that have already logged in.
|
||||||
|
#
|
||||||
|
# By default, this is infinite.
|
||||||
|
#
|
||||||
|
#nonrefreshable_access_token_lifetime: 24h
|
||||||
|
|
||||||
# The user must provide all of the below types of 3PID when registering.
|
# The user must provide all of the below types of 3PID when registering.
|
||||||
#
|
#
|
||||||
#registrations_require_3pid:
|
#registrations_require_3pid:
|
||||||
@ -1379,6 +1435,16 @@ enable_3pid_changes: false
|
|||||||
#
|
#
|
||||||
#auto_join_rooms_for_guests: false
|
#auto_join_rooms_for_guests: false
|
||||||
|
|
||||||
|
# Whether to inhibit errors raised when registering a new account if the user ID
|
||||||
|
# already exists. If turned on, that requests to /register/available will always
|
||||||
|
# show a user ID as available, and Synapse won't raise an error when starting
|
||||||
|
# a registration with a user ID that already exists. However, Synapse will still
|
||||||
|
# raise an error if the registration completes and the username conflicts.
|
||||||
|
#
|
||||||
|
# Defaults to false.
|
||||||
|
#
|
||||||
|
#inhibit_user_in_use_error: true
|
||||||
|
|
||||||
|
|
||||||
## Metrics ###
|
## Metrics ###
|
||||||
|
|
||||||
@ -1431,6 +1497,7 @@ room_prejoin_state:
|
|||||||
# - m.room.encryption
|
# - m.room.encryption
|
||||||
# - m.room.name
|
# - m.room.name
|
||||||
# - m.room.create
|
# - m.room.create
|
||||||
|
# - m.room.topic
|
||||||
#
|
#
|
||||||
# Uncomment the following to disable these defaults (so that only the event
|
# Uncomment the following to disable these defaults (so that only the event
|
||||||
# types listed in 'additional_event_types' are shared). Defaults to 'false'.
|
# types listed in 'additional_event_types' are shared). Defaults to 'false'.
|
||||||
@ -1812,10 +1879,13 @@ saml2_config:
|
|||||||
# Defaults to false. Avoid this in production.
|
# Defaults to false. Avoid this in production.
|
||||||
#
|
#
|
||||||
# user_profile_method: Whether to fetch the user profile from the userinfo
|
# user_profile_method: Whether to fetch the user profile from the userinfo
|
||||||
# endpoint. Valid values are: 'auto' or 'userinfo_endpoint'.
|
# endpoint, or to rely on the data returned in the id_token from the
|
||||||
|
# token_endpoint.
|
||||||
#
|
#
|
||||||
# Defaults to 'auto', which fetches the userinfo endpoint if 'openid' is
|
# Valid values are: 'auto' or 'userinfo_endpoint'.
|
||||||
# included in 'scopes'. Set to 'userinfo_endpoint' to always fetch the
|
#
|
||||||
|
# Defaults to 'auto', which uses the userinfo endpoint if 'openid' is
|
||||||
|
# not included in 'scopes'. Set to 'userinfo_endpoint' to always use the
|
||||||
# userinfo endpoint.
|
# userinfo endpoint.
|
||||||
#
|
#
|
||||||
# allow_existing_users: set to 'true' to allow a user logging in via OIDC to
|
# allow_existing_users: set to 'true' to allow a user logging in via OIDC to
|
||||||
@ -1843,8 +1913,14 @@ saml2_config:
|
|||||||
#
|
#
|
||||||
# localpart_template: Jinja2 template for the localpart of the MXID.
|
# localpart_template: Jinja2 template for the localpart of the MXID.
|
||||||
# If this is not set, the user will be prompted to choose their
|
# If this is not set, the user will be prompted to choose their
|
||||||
# own username (see 'sso_auth_account_details.html' in the 'sso'
|
# own username (see the documentation for the
|
||||||
# section of this file).
|
# 'sso_auth_account_details.html' template). This template can
|
||||||
|
# use the 'localpart_from_email' filter.
|
||||||
|
#
|
||||||
|
# confirm_localpart: Whether to prompt the user to validate (or
|
||||||
|
# change) the generated localpart (see the documentation for the
|
||||||
|
# 'sso_auth_account_details.html' template), instead of
|
||||||
|
# registering the account right away.
|
||||||
#
|
#
|
||||||
# display_name_template: Jinja2 template for the display name to set
|
# display_name_template: Jinja2 template for the display name to set
|
||||||
# on first login. If unset, no displayname will be set.
|
# on first login. If unset, no displayname will be set.
|
||||||
@ -2020,6 +2096,12 @@ sso:
|
|||||||
#
|
#
|
||||||
#algorithm: "provided-by-your-issuer"
|
#algorithm: "provided-by-your-issuer"
|
||||||
|
|
||||||
|
# Name of the claim containing a unique identifier for the user.
|
||||||
|
#
|
||||||
|
# Optional, defaults to `sub`.
|
||||||
|
#
|
||||||
|
#subject_claim: "sub"
|
||||||
|
|
||||||
# The issuer to validate the "iss" claim against.
|
# The issuer to validate the "iss" claim against.
|
||||||
#
|
#
|
||||||
# Optional, if provided the "iss" claim will be required and
|
# Optional, if provided the "iss" claim will be required and
|
||||||
@ -2369,8 +2451,8 @@ user_directory:
|
|||||||
# indexes were (re)built was before Synapse 1.44, you'll have to
|
# indexes were (re)built was before Synapse 1.44, you'll have to
|
||||||
# rebuild the indexes in order to search through all known users.
|
# rebuild the indexes in order to search through all known users.
|
||||||
# These indexes are built the first time Synapse starts; admins can
|
# These indexes are built the first time Synapse starts; admins can
|
||||||
# manually trigger a rebuild following the instructions at
|
# manually trigger a rebuild via API following the instructions at
|
||||||
# https://matrix-org.github.io/synapse/latest/user_directory.html
|
# https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/background_updates.html#run
|
||||||
#
|
#
|
||||||
# Uncomment to return search results containing all known users, even if that
|
# Uncomment to return search results containing all known users, even if that
|
||||||
# user does not share a room with the requester.
|
# user does not share a room with the requester.
|
||||||
@ -2647,3 +2729,35 @@ redis:
|
|||||||
# Optional password if configured on the Redis instance
|
# Optional password if configured on the Redis instance
|
||||||
#
|
#
|
||||||
#password: <secret_password>
|
#password: <secret_password>
|
||||||
|
|
||||||
|
|
||||||
|
## Background Updates ##
|
||||||
|
|
||||||
|
# Background updates are database updates that are run in the background in batches.
|
||||||
|
# The duration, minimum batch size, default batch size, whether to sleep between batches and if so, how long to
|
||||||
|
# sleep can all be configured. This is helpful to speed up or slow down the updates.
|
||||||
|
#
|
||||||
|
background_updates:
|
||||||
|
# How long in milliseconds to run a batch of background updates for. Defaults to 100. Uncomment and set
|
||||||
|
# a time to change the default.
|
||||||
|
#
|
||||||
|
#background_update_duration_ms: 500
|
||||||
|
|
||||||
|
# Whether to sleep between updates. Defaults to True. Uncomment to change the default.
|
||||||
|
#
|
||||||
|
#sleep_enabled: false
|
||||||
|
|
||||||
|
# If sleeping between updates, how long in milliseconds to sleep for. Defaults to 1000. Uncomment
|
||||||
|
# and set a duration to change the default.
|
||||||
|
#
|
||||||
|
#sleep_duration_ms: 300
|
||||||
|
|
||||||
|
# Minimum size a batch of background updates can be. Must be greater than 0. Defaults to 1. Uncomment and
|
||||||
|
# set a size to change the default.
|
||||||
|
#
|
||||||
|
#min_batch_size: 10
|
||||||
|
|
||||||
|
# The batch size to use for the first iteration of a new background update. The default is 100.
|
||||||
|
# Uncomment and set a size to change the default.
|
||||||
|
#
|
||||||
|
#default_batch_size: 50
|
||||||
|
Loading…
Reference in New Issue
Block a user