98 lines
3.3 KiB
YAML
98 lines
3.3 KiB
YAML
server_name: "janky.solutions"
|
|
pid_file: /data/homeserver.pid
|
|
listeners:
|
|
- port: 8008
|
|
tls: false
|
|
type: http
|
|
x_forwarded: true
|
|
resources:
|
|
- names: [client, federation]
|
|
compress: false
|
|
- port: 8000
|
|
type: metrics
|
|
enable_metrics: true
|
|
database:
|
|
name: psycopg2
|
|
args:
|
|
host: janky-solutions-homeserver-database.matrix.svc.cluster.local
|
|
dbname: matrix
|
|
log_config: "/config/log.yaml"
|
|
media_store_path: /data/media_store
|
|
registration_shared_secret: "SECRET_registration_shared_secret"
|
|
report_stats: false
|
|
form_secret: "SECRET_form_secret"
|
|
signing_key_path: "/secrets/janky.solutions.signing.key"
|
|
trusted_key_servers:
|
|
- server_name: "matrix.org"
|
|
public_baseurl: https://matrix.janky.solutions
|
|
ip_range_whitelist: [10.5.1.245,10.5.1.1]
|
|
# oidc_providers:
|
|
# - idp_id: keycloak
|
|
# idp_name: "Janky Solutions Auth"
|
|
# issuer: "https://auth.janky.solutions/realms/janky.solutions/"
|
|
# client_id: "synapse"
|
|
# client_secret: SECRET_oidc_secret
|
|
# scopes: ["openid", "profile"]
|
|
# user_mapping_provider:
|
|
# config:
|
|
# localpart_template: "{{ user.preferred_username }}"
|
|
# display_name_template: "{{ user.name }}"
|
|
# backchannel_logout_enabled: true # Optional
|
|
password_config:
|
|
enabled: false
|
|
app_service_config_files:
|
|
- /appservices/facebook.yaml
|
|
- /appservices/telegram.yaml
|
|
- /appservices/signal.yaml
|
|
media_storage_providers:
|
|
- module: s3_storage_provider.S3StorageProviderBackend
|
|
store_local: True
|
|
store_remote: True
|
|
store_synchronous: True
|
|
config:
|
|
bucket: matrix-media
|
|
# All of the below options are optional, for use with non-AWS S3-like
|
|
# services, or to specify access tokens here instead of some external method.
|
|
region_name: sea-01
|
|
endpoint_url: https://storage.home.finn.io
|
|
access_key_id: SECRET_AWS_ACCESS_KEY_ID
|
|
secret_access_key: SECRET_AWS_SECRET_ACCESS_KEY
|
|
|
|
# Server Side Encryption for Customer-provided keys
|
|
#sse_customer_key: <S3_SSEC_KEY>
|
|
# Your SSE-C algorithm is very likely AES256
|
|
# Default is AES256.
|
|
#sse_customer_algo: <S3_SSEC_ALGO>
|
|
|
|
# The object storage class used when uploading files to the bucket.
|
|
# Default is STANDARD.
|
|
#storage_class: "STANDARD_IA"
|
|
|
|
# Prefix for all media in bucket, can't be changed once media has been uploaded
|
|
# Useful if sharing the bucket between Synapses
|
|
# Blank if not provided
|
|
prefix: "janky.solutions/"
|
|
|
|
# The maximum number of concurrent threads which will be used to connect
|
|
# to S3. Each thread manages a single connection. Default is 40.
|
|
#
|
|
#threadpool_size: 20
|
|
experimental_features:
|
|
msc3861:
|
|
enabled: true
|
|
|
|
# Synapse will call `{issuer}/.well-known/openid-configuration` to get the OIDC configuration
|
|
issuer: https://matrix-auth.janky.solutions/
|
|
|
|
# Matches the `client_id` in the auth service config
|
|
client_id: 01J5VH0VE08DMM5TMNSS9A4J31
|
|
# Matches the `client_auth_method` in the auth service config
|
|
client_auth_method: client_secret_basic
|
|
# Matches the `client_secret` in the auth service config
|
|
client_secret: "SECRET_CLIENT_SECRET"
|
|
|
|
# Matches the `matrix.secret` in the auth service config
|
|
admin_token: "SECRET_ADMIN_SECRET"
|
|
|
|
# URL to advertise to clients where users can self-manage their account
|
|
account_management_url: "https://matrix-auth.janky.solutions/account"
|