aboutsummaryrefslogtreecommitdiff
path: root/files/usr
diff options
context:
space:
mode:
Diffstat (limited to 'files/usr')
-rw-r--r--files/usr/local/etc/matrix-synapse/homeserver.yaml.matrix_server19
-rw-r--r--files/usr/local/etc/matrix-synapse/log.config.matrix_server36
-rw-r--r--files/usr/local/etc/matrix-synapse/signing.key.matrix_server1
-rw-r--r--files/usr/local/etc/nginx/vhosts.conf.matrix_server46
-rw-r--r--files/usr/local/etc/poudriere.d/pkglist.pkg_repository1
-rw-r--r--files/usr/local/etc/sudoers.d/acme.matrix_server1
-rw-r--r--files/usr/local/www/element/config.json.matrix_server45
7 files changed, 140 insertions, 9 deletions
diff --git a/files/usr/local/etc/matrix-synapse/homeserver.yaml.matrix_server b/files/usr/local/etc/matrix-synapse/homeserver.yaml.matrix_server
index d52c351..d255bd3 100644
--- a/files/usr/local/etc/matrix-synapse/homeserver.yaml.matrix_server
+++ b/files/usr/local/etc/matrix-synapse/homeserver.yaml.matrix_server
@@ -1,6 +1,6 @@
server_name: ${synapse_domain}
pid_file: /var/run/matrix-synapse/homeserver.pid
-public_baseurl: https://${synapse_public_fqdn}:${synapse_client_port}/
+public_baseurl: https://${synapse_public_fqdn}/
listeners:
- port: ${synapse_local_client_port}
@@ -32,9 +32,9 @@ client_base_url: https://${synapse_public_fqdn}
database:
name: psycopg2
args:
- user: ${synapse_db_user}
- database: ${synapse_username}
- host: ${synapse_db_host}
+ user: ${synapse_username}
+ database: ${synapse_dbname}
+ host: ${synapse_dbhost}
cp_min: 5
cp_max: 10
keepalives_idle: 10
@@ -78,15 +78,15 @@ autocreate_auto_join_rooms: true
autocreate_auto_join_rooms_federated: false
turn_uris: ['turn:${synapse_turn_host}']
-turn_shared_secret: ${synapse_turn_secret}
+turn_shared_secret: "${synapse_turn_secret}"
turn_allow_guests: false
report_stats: false
-macaroon_secret_key: ${synapse_macaroon_secret_key}
-form_secret: ${synapse_form_secret}
+macaroon_secret_key: "${synapse_macaroon_secret_key}"
+form_secret: "${synapse_form_secret}"
-signing_key_path: ${synapse_conf_dir}/${synapse_domain}.signing.key
+signing_key_path: ${synapse_conf_dir}/signing.key
trusted_key_servers:
- server_name: matrix.org
@@ -96,7 +96,8 @@ modules:
- module: ldap_auth_provider.LdapAuthProviderModule
config:
enabled: true
- uri: ${ldap_uri}
+ uri:
+$(printf -- ' - ldap://%s:389\n' $ldap_hosts)
start_tls: true
base: ${users_basedn}
attributes:
diff --git a/files/usr/local/etc/matrix-synapse/log.config.matrix_server b/files/usr/local/etc/matrix-synapse/log.config.matrix_server
new file mode 100644
index 0000000..c131919
--- /dev/null
+++ b/files/usr/local/etc/matrix-synapse/log.config.matrix_server
@@ -0,0 +1,36 @@
+version: 1
+
+formatters:
+ precise:
+ format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
+
+filters:
+ context:
+ (): synapse.util.logcontext.LoggingContextFilter
+ request: ""
+
+handlers:
+ file:
+ class: logging.handlers.RotatingFileHandler
+ formatter: precise
+ filename: /var/log/matrix-synapse/homeserver.log
+ maxBytes: 104857600
+ backupCount: 10
+ filters: [context]
+ level: INFO
+ encoding: utf8
+ console:
+ class: logging.StreamHandler
+ formatter: precise
+ filters: [context]
+
+loggers:
+ synapse:
+ level: INFO
+
+ synapse.storage.SQL:
+ level: INFO
+
+root:
+ level: INFO
+ handlers: [file, console]
diff --git a/files/usr/local/etc/matrix-synapse/signing.key.matrix_server b/files/usr/local/etc/matrix-synapse/signing.key.matrix_server
new file mode 100644
index 0000000..896f036
--- /dev/null
+++ b/files/usr/local/etc/matrix-synapse/signing.key.matrix_server
@@ -0,0 +1 @@
+${synapse_signing_key}
diff --git a/files/usr/local/etc/nginx/vhosts.conf.matrix_server b/files/usr/local/etc/nginx/vhosts.conf.matrix_server
new file mode 100644
index 0000000..4819b4d
--- /dev/null
+++ b/files/usr/local/etc/nginx/vhosts.conf.matrix_server
@@ -0,0 +1,46 @@
+server {
+ listen ${synapse_federation_port} ssl default_server;
+ listen [::]:${synapse_federation_port} ssl default_server;
+
+ http2 on;
+
+ ssl_certificate ${synapse_https_cert};
+ ssl_certificate_key ${synapse_https_key};
+ ssl_trusted_certificate ${synapse_https_cacert};
+
+ add_header Strict-Transport-Security "max-age=63072000" always;
+
+ location / {
+ proxy_http_version 1.1;
+ proxy_set_header Host \$host;
+ proxy_set_header X-Real-IP \$remote_addr;
+ proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto \$scheme;
+ proxy_pass http://127.0.0.1:${synapse_local_federation_port};
+ }
+}
+
+server {
+ listen 443 ssl default_server;
+ listen [::]:433 ssl default_server;
+
+ http2 on;
+
+ ssl_certificate ${synapse_https_cert};
+ ssl_certificate_key ${synapse_https_key};
+ ssl_trusted_certificate ${synapse_https_cacert};
+
+ root ${synapse_element_webroot};
+
+ add_header Strict-Transport-Security "max-age=63072000" always;
+ client_max_body_size ${synapse_upload_sizelimit};
+
+ location ~ ^(/_matrix|/_synapse/client) {
+ proxy_http_version 1.1;
+ proxy_set_header Host \$host;
+ proxy_set_header X-Real-IP \$remote_addr;
+ proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto \$scheme;
+ proxy_pass http://127.0.0.1:${synapse_local_client_port};
+ }
+}
diff --git a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
index a310d67..0af0716 100644
--- a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
@@ -159,6 +159,7 @@ textproc/py-docutils
textproc/py-markdown
textproc/py-pygments
www/chromium
+www/element-web
www/fcgiwrap
www/firefox
www/linux-widevine-cdm
diff --git a/files/usr/local/etc/sudoers.d/acme.matrix_server b/files/usr/local/etc/sudoers.d/acme.matrix_server
new file mode 100644
index 0000000..9ca89b8
--- /dev/null
+++ b/files/usr/local/etc/sudoers.d/acme.matrix_server
@@ -0,0 +1 @@
+${acme_user} ALL=(root) NOPASSWD: /usr/sbin/service nginx reload
diff --git a/files/usr/local/www/element/config.json.matrix_server b/files/usr/local/www/element/config.json.matrix_server
new file mode 100644
index 0000000..94bcbb1
--- /dev/null
+++ b/files/usr/local/www/element/config.json.matrix_server
@@ -0,0 +1,45 @@
+{
+ "default_server_config": {
+ "m.homeserver": {
+ "base_url": "https://${synapse_public_fqdn}",
+ "server_name": "${synapse_domain}"
+ },
+ "m.identity_server": {
+ "base_url": null
+ }
+ },
+ "disable_custom_urls": true,
+ "disable_guests": true,
+ "disable_login_language_selector": false,
+ "disable_3pid_login": true,
+ "force_verification": false,
+ "brand": "Element",
+ "integrations_ui_url": null,
+ "integrations_rest_url": null,
+ "integrations_widgets_urls": null,
+ "default_widget_container_height": 280,
+ "default_country_code": "US",
+ "show_labs_settings": false,
+ "features": {},
+ "default_federate": true,
+ "default_theme": "light",
+ "room_directory": {
+ "servers": ["${synapse_domain}", "matrix.org"]
+ },
+ "enable_presence_by_hs_url": {
+ "https://matrix.org": false,
+ "https://matrix-client.matrix.org": false
+ },
+ "setting_defaults": {
+ "breadcrumbs": true
+ },
+ "jitsi": {
+ "preferred_domain": "meet.element.io"
+ },
+ "element_call": {
+ "url": "https://call.element.io",
+ "participant_limit": 8,
+ "brand": "Element Call"
+ },
+ "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
+}