blob: d255bd3dc06f94cf401161a0286f47f3b5a80a5f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
server_name: ${synapse_domain}
pid_file: /var/run/matrix-synapse/homeserver.pid
public_baseurl: https://${synapse_public_fqdn}/
listeners:
- port: ${synapse_local_client_port}
tls: false
type: http
x_forwarded: true
bind_addresses: ['::1', '127.0.0.1']
resources:
- names: [client]
compress: false
- port: ${synapse_local_federation_port}
tls: false
type: http
x_forwarded: true
bind_addresses: ['::1', '127.0.0.1']
resources:
- names: [federation]
compress: false
email:
smtp_host: ${smtp_host}
smtp_port: 25
notif_from: ${synapse_email_from}
enable_notifs: true
client_base_url: https://${synapse_public_fqdn}
database:
name: psycopg2
args:
user: ${synapse_username}
database: ${synapse_dbname}
host: ${synapse_dbhost}
cp_min: 5
cp_max: 10
keepalives_idle: 10
keepalives_interval: 10
keepalives_count: 3
log_config: ${synapse_conf_dir}/log.config
media_store_path: ${synapse_db_dir}/media_store
media_retention:
local_media_retention: ${synapse_local_media_retention}
remote_media_retention: ${synapse_remote_media_retention}
max_upload_size: ${synapse_upload_sizelimit}
url_preview_enabled: true
url_preview_ip_range_whitelist: []
url_preview_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '192.0.0.0/24'
- '169.254.0.0/16'
- '192.88.99.0/24'
- '198.18.0.0/15'
- '192.0.2.0/24'
- '198.51.100.0/24'
- '203.0.113.0/24'
- '224.0.0.0/4'
- '::1/128'
- 'fe80::/10'
- 'fc00::/7'
- '2001:db8::/32'
- 'ff00::/8'
- 'fec0::/10'
enable_registration: false
auto_join_rooms: []
autocreate_auto_join_rooms: true
autocreate_auto_join_rooms_federated: false
turn_uris: ['turn:${synapse_turn_host}']
turn_shared_secret: "${synapse_turn_secret}"
turn_allow_guests: false
report_stats: false
macaroon_secret_key: "${synapse_macaroon_secret_key}"
form_secret: "${synapse_form_secret}"
signing_key_path: ${synapse_conf_dir}/signing.key
trusted_key_servers:
- server_name: matrix.org
suppress_key_server_warning: true
modules:
- module: ldap_auth_provider.LdapAuthProviderModule
config:
enabled: true
uri:
$(printf -- ' - ldap://%s:389\n' $ldap_hosts)
start_tls: true
base: ${users_basedn}
attributes:
uid: uid
mail: mail
name: cn
bind_dn: uid=${synapse_username},${robots_basedn}
bind_password: ${synapse_ldap_password}
filter: '(memberOf=cn=${synapse_access_role},${roles_basedn})'
|
