container-server/matrix/config/homeserver.yaml.template
2019-11-24 21:51:03 +01:00

146 lines
4.1 KiB
Text

## Server ##
# The domain name of the server, with optional explicit port.
# This is used by remote servers to connect to this server,
# e.g. matrix.org, localhost:8080, etc.
# This is also the last part of your UserID.
#
server_name: '${BASE_DOMAIN}'
# The public-facing base URL that clients use to access this HS
# (not including _matrix/...). This is the same URL a user would
# enter into the 'custom HS URL' field on their client. If you
# use synapse with a reverse proxy, this should be the URL to reach
# synapse via the proxy.
#
public_baseurl: https://${BASE_DOMAIN}/
# When running as a daemon, the file to store the pid in
#
pid_file: /data/homeserver.pid
# Prevent federation requests from being sent to the following
# blacklist IP address CIDR ranges. If this option is not specified, or
# specified with an empty list, no ip range blacklist will be enforced.
#
# As of Synapse v1.4.0 this option also affects any outbound requests to identity
# servers provided by user input.
#
# (0.0.0.0 and :: are always blacklisted, whether or not they are explicitly
# listed here, since they correspond to unroutable addresses.)
#
federation_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '169.254.0.0/16'
- '::1/128'
- 'fe80::/64'
- 'fc00::/7'
# List of ports that Synapse should listen on, their purpose and their
# configuration.
#
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
resources:
- names: [client, federation]
compress: false
## Database ##
database:
name: psycopg2
args:
user: matrix
password: ${MATRIX_PG_PWD}
database: matrix
host: pg-matrix
cp_min: 5
cp_max: 10
## Logging ##
# A yaml python logging config file as described by
# https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
#
log_config: '/config/log.config'
## Media Store ##
# Directory where uploaded images and attachments are stored.
#
media_store_path: '/data/media_store'
# Directory where in-progress uploads are stored.
#
uploads_path: '/data/uploads'
# If set, allows registration of standard or admin accounts by anyone who
# has the shared secret, even if registration is otherwise disabled.
#
registration_shared_secret: '${MATRIX_REGISTRATION_SECRET}'
# a secret which is used to sign access tokens. If none is specified,
# the registration_shared_secret is used, if one is given; otherwise,
# a secret key is derived from the signing key.
#
macaroon_secret_key: '${MATRIX_MAROON_SECRET}'
# a secret which is used to calculate HMACs for form values, to stop
# falsification of values. Must be specified for the User Consent
# forms to work.
#
form_secret: '${MATRIX_FORM_SECRET}'
## Signing Keys ##
# Path to the signing key to sign messages with
#
signing_key_path: '/config/signing.key'
# The trusted servers to download signing keys from.
trusted_key_servers:
- server_name: 'matrix.org'
# Uncomment the following to disable the warning that is emitted when the
# trusted_key_servers include 'matrix.org'. See above.
#
suppress_key_server_warning: true
password_config:
# Uncomment and change to a secret random string for extra security.
# DO NOT CHANGE THIS AFTER INITIAL SETUP!
#
#pepper: 'EVEN_MORE_SECRET'
# Enable sending emails for password resets, notification events or
# account expiry notices
#
# If your SMTP server requires authentication, the optional smtp_user &
# smtp_pass variables should be used
#
email:
enable_notifs: false
smtp_host: 'mail'
smtp_port: 25 # SSL: 465, STARTTLS: 587
smtp_user: '${MATRIX_MAIL_USER}@${BASE_DOMAIN}'
smtp_pass: '${MATRIX_MAIL_PASS}'
require_transport_security: false
notif_from: 'Your Friendly %(app)s Home Server <${MATRIX_MAIL_FROM}@${BASE_DOMAIN}>'
app_name: Matrix
# Configure the time that a validation email or text message code
# will expire after sending
#
# This is currently used for password resets
validation_token_lifetime: 1h
# Whether or not to report anonymized homeserver usage statistics.
report_stats: false