ansible/roles/matrix/templates/homeserver.yaml

# Configuration file for Synapse.
#
# Note: Commented-out values that came from the default config are, strangely,
# the non-default options.
#
# This file is managed via Ansible; any changes made here will be overwritten
#

## Server ##
pid_file: "/var/run/matrix-synapse.pid"
public_baseurl: https://matrix.9iron.club/
filter_timeline_limit: 5000
federation_ip_range_blacklist:
  - '127.0.0.0/8'
  - '10.0.0.0/8'
  - '172.16.0.0/12'
  - '192.168.0.0/16'
  - '100.64.0.0/10'
  - '169.254.0.0/16'
  - '::1/128'
  - 'fe80::/64'
  - 'fc00::/7'
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['::1', '127.0.0.1']
    resources:
      - names: [client, federation]
        compress: false

## Homeserver blocking ##
admin_contact: '{{ matrix_admin_contact }}'
#hs_disabled: false
#hs_disabled_message: '{{ matrix_disabled_message }}'
retention:
  enabled: true
  default_policy:
    max_lifetime: 3y

## Database ##
database:
  name: sqlite3
  args:
    database: /var/lib/matrix-synapse/homeserver.db

## Logging ##
log_config: "/etc/matrix-synapse/log.yaml"

## Ratelimiting ##
rc_message:
  per_second: 0.3
  burst_count: 10
rc_registration:
  per_second: 0.17
  burst_count: 3
rc_login:
  address:
    per_second: 0.17
    burst_count: 3
  account:
    per_second: 0.17
    burst_count: 3
  failed_attempts:
    per_second: 0.17
    burst_count: 3
rc_admin_redaction:
  per_second: 2
  burst_count: 50
rc_federation:
  window_size: 1000
  sleep_limit: 10
  sleep_delay: 500
  reject_limit: 50
  concurrent: 3

## Media Store ##
media_store_path: "/var/lib/matrix-synapse/media"
max_upload_size: 32M
max_image_pixels: 32M
url_preview_enabled: true
url_preview_ip_range_blacklist:
  - '127.0.0.0/8'
  - '10.0.0.0/8'
  - '172.16.0.0/12'
  - '192.168.0.0/16'
  - '100.64.0.0/10'
  - '169.254.0.0/16'
  - '::1/128'
  - 'fe80::/64'
  - 'fc00::/7'
url_preview_url_blacklist:
  # blacklist any URL with a username in its URI
  - username: '*'
  # blacklist all plain HTTP URLs
  - scheme: 'http'
max_spider_size: 10M

## Registration ##
enable_registration: {{ matrix_enable_registration }}
enable_3pid_lookup: true
default_identity_server: https://vector.im
auto_join_rooms:
  - "#welcome:9iron.club"

## Signing Keys ##
signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"
trusted_key_servers:
  - server_name: "matrix.org"

## Email ##
email:
  smtp_host: email-smtp.us-east-1.amazonaws.com
  smtp_port: 587
  smtp_user: "{{ aws_ses_user }}"
  smtp_pass: "{{ aws_ses_pass }}"
  require_transport_security: true
  notif_from: "%(app)s <noreply@9iron.club>"
  app_name: "9iron Matrix"

## Privileges ##
enable_group_creation: true
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`# Configuration file for Synapse.`
			`#`
Polish up our Matrix config a bit 2020-06-22 05:03:32 -05:00			`# Note: Commented-out values that came from the default config are, strangely,`
			`# the non-default options.`
			`#`
			`# This file is managed via Ansible; any changes made here will be overwritten`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`#`

			`## Server ##`
			`pid_file: "/var/run/matrix-synapse.pid"`
Polish up our Matrix config a bit 2020-06-22 05:03:32 -05:00			`public_baseurl: https://matrix.9iron.club/`
			`filter_timeline_limit: 5000`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`federation_ip_range_blacklist:`
			`- '127.0.0.0/8'`
			`- '10.0.0.0/8'`
			`- '172.16.0.0/12'`
			`- '192.168.0.0/16'`
			`- '100.64.0.0/10'`
			`- '169.254.0.0/16'`
			`- '::1/128'`
			`- 'fe80::/64'`
			`- 'fc00::/7'`
			`listeners:`
			`- port: 8008`
			`tls: false`
			`type: http`
			`x_forwarded: true`
			`bind_addresses: ['::1', '127.0.0.1']`
			`resources:`
			`- names: [client, federation]`
			`compress: false`

			`## Homeserver blocking ##`
Template out matrix vars a bit more nicely, make config changes 2020-06-23 09:47:48 -05:00			`admin_contact: '{{ matrix_admin_contact }}'`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`#hs_disabled: false`
Template out matrix vars a bit more nicely, make config changes 2020-06-23 09:47:48 -05:00			`#hs_disabled_message: '{{ matrix_disabled_message }}'`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`retention:`
Polish up our Matrix config a bit 2020-06-22 05:03:32 -05:00			`enabled: true`
			`default_policy:`
			`max_lifetime: 3y`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00
			`## Database ##`
			`database:`
			`name: sqlite3`
			`args:`
			`database: /var/lib/matrix-synapse/homeserver.db`

			`## Logging ##`
			`log_config: "/etc/matrix-synapse/log.yaml"`

			`## Ratelimiting ##`
Work on polishout our homeserver.yaml 2020-06-23 09:40:16 -05:00			`rc_message:`
			`per_second: 0.3`
			`burst_count: 10`
			`rc_registration:`
			`per_second: 0.17`
			`burst_count: 3`
			`rc_login:`
			`address:`
			`per_second: 0.17`
			`burst_count: 3`
			`account:`
			`per_second: 0.17`
			`burst_count: 3`
			`failed_attempts:`
			`per_second: 0.17`
			`burst_count: 3`
			`rc_admin_redaction:`
			`per_second: 2`
			`burst_count: 50`
			`rc_federation:`
			`window_size: 1000`
			`sleep_limit: 10`
			`sleep_delay: 500`
			`reject_limit: 50`
			`concurrent: 3`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00
			`## Media Store ##`
			`media_store_path: "/var/lib/matrix-synapse/media"`
Work on polishout our homeserver.yaml 2020-06-23 09:40:16 -05:00			`max_upload_size: 32M`
			`max_image_pixels: 32M`
			`url_preview_enabled: true`
			`url_preview_ip_range_blacklist:`
			`- '127.0.0.0/8'`
			`- '10.0.0.0/8'`
			`- '172.16.0.0/12'`
			`- '192.168.0.0/16'`
			`- '100.64.0.0/10'`
			`- '169.254.0.0/16'`
			`- '::1/128'`
			`- 'fe80::/64'`
			`- 'fc00::/7'`
			`url_preview_url_blacklist:`
			`# blacklist any URL with a username in its URI`
			`- username: '*'`
			`# blacklist all plain HTTP URLs`
			`- scheme: 'http'`
			`max_spider_size: 10M`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00
			`## Registration ##`
Polish up our Matrix config a bit 2020-06-22 05:03:32 -05:00			`enable_registration: {{ matrix_enable_registration }}`
Work on polishout our homeserver.yaml 2020-06-23 09:40:16 -05:00			`enable_3pid_lookup: true`
Set default id server for matrix 2020-06-22 07:22:40 -05:00			`default_identity_server: https://vector.im`
Polish up our Matrix config a bit 2020-06-22 05:03:32 -05:00			`auto_join_rooms:`
			`- "#welcome:9iron.club"`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00
			`## Signing Keys ##`
			`signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"`
			`trusted_key_servers:`
			`- server_name: "matrix.org"`

Work on polishout our homeserver.yaml 2020-06-23 09:40:16 -05:00			`## Email ##`
Working on more Matrix stuffs, adding creds for SES 2020-06-21 10:46:49 -05:00			`email:`
			`smtp_host: email-smtp.us-east-1.amazonaws.com`
			`smtp_port: 587`
			`smtp_user: "{{ aws_ses_user }}"`
			`smtp_pass: "{{ aws_ses_pass }}"`
			`require_transport_security: true`
			`notif_from: "%(app)s <noreply@9iron.club>"`
			`app_name: "9iron Matrix"`

Work on polishout our homeserver.yaml 2020-06-23 09:40:16 -05:00			`## Privileges ##`
			`enable_group_creation: true`