## Server ## # The domain name of the server, with optional explicit port. # This is used by remote servers to connect to this server, # e.g. matrix.org, localhost:8080, etc. # This is also the last part of your UserID. # server_name: '${BASE_DOMAIN}' # The public-facing base URL that clients use to access this HS # (not including _matrix/...). This is the same URL a user would # enter into the 'custom HS URL' field on their client. If you # use synapse with a reverse proxy, this should be the URL to reach # synapse via the proxy. # public_baseurl: https://${BASE_DOMAIN}/ # When running as a daemon, the file to store the pid in # pid_file: /data/homeserver.pid # Prevent federation requests from being sent to the following # blacklist IP address CIDR ranges. If this option is not specified, or # specified with an empty list, no ip range blacklist will be enforced. # # As of Synapse v1.4.0 this option also affects any outbound requests to identity # servers provided by user input. # # (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly # listed here, since they correspond to unroutable addresses.) # federation_ip_range_blacklist: - '127.0.0.0/8' - '10.0.0.0/8' - '172.16.0.0/12' - '192.168.0.0/16' - '100.64.0.0/10' - '169.254.0.0/16' - '::1/128' - 'fe80::/64' - 'fc00::/7' # List of ports that Synapse should listen on, their purpose and their # configuration. # listeners: - port: 8008 tls: false type: http x_forwarded: true resources: - names: [client, federation] compress: false ## Database ## database: name: psycopg2 args: user: matrix password: ${MATRIX_PG_PWD} database: matrix host: pg-matrix cp_min: 5 cp_max: 10 ## Logging ## # A yaml python logging config file as described by # https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema # log_config: '/config/log.config' ## Media Store ## # Directory where uploaded images and attachments are stored. # media_store_path: '/data/media_store' # Directory where in-progress uploads are stored. # uploads_path: '/data/uploads' # If set, allows registration of standard or admin accounts by anyone who # has the shared secret, even if registration is otherwise disabled. # registration_shared_secret: '${MATRIX_REGISTRATION_SECRET}' # a secret which is used to sign access tokens. If none is specified, # the registration_shared_secret is used, if one is given; otherwise, # a secret key is derived from the signing key. # macaroon_secret_key: '${MATRIX_MAROON_SECRET}' # a secret which is used to calculate HMACs for form values, to stop # falsification of values. Must be specified for the User Consent # forms to work. # form_secret: '${MATRIX_FORM_SECRET}' ## Signing Keys ## # Path to the signing key to sign messages with # signing_key_path: '/config/signing.key' # The trusted servers to download signing keys from. trusted_key_servers: - server_name: 'matrix.org' # Uncomment the following to disable the warning that is emitted when the # trusted_key_servers include 'matrix.org'. See above. # suppress_key_server_warning: true password_config: # Uncomment and change to a secret random string for extra security. # DO NOT CHANGE THIS AFTER INITIAL SETUP! # #pepper: 'EVEN_MORE_SECRET' # Enable sending emails for password resets, notification events or # account expiry notices # # If your SMTP server requires authentication, the optional smtp_user & # smtp_pass variables should be used # email: enable_notifs: false smtp_host: 'mail' smtp_port: 25 # SSL: 465, STARTTLS: 587 smtp_user: '${MATRIX_MAIL_USER}@${BASE_DOMAIN}' smtp_pass: '${MATRIX_MAIL_PASS}' require_transport_security: false notif_from: 'Your Friendly %(app)s Home Server <${MATRIX_MAIL_FROM}@${BASE_DOMAIN}>' app_name: Matrix # Configure the time that a validation email or text message code # will expire after sending # # This is currently used for password resets validation_token_lifetime: 1h # Whether or not to report anonymized homeserver usage statistics. report_stats: false