Skip to content

Commit e2a8784

Browse files
thestingerthestinger
committed
add main synapse configuration
1 parent 2ea4d75 commit e2a8784

File tree

2 files changed

+154
-0
lines changed

2 files changed

+154
-0
lines changed

deploy-static

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@ ssh $remote 'usermod -aG io_uring postgres && usermod -aG synapse http && usermo
5151
rsync -pcv --chmod=644 --fsync --preallocate syslog-ng/conf.d/synapse.conf $remote:/etc/syslog-ng/conf.d/synapse.conf
5252
ssh $remote syslog-ng-ctl reload
5353
rsync -pcv --chmod=644 --fsync --preallocate logrotate.d/synapse $remote:/etc/logrotate.d/synapse
54+
rsync -pcv --chmod=644 --fsync --preallocate synapse/homeserver.yaml $remote:/etc/synapse/homeserver.yaml
5455
rsync -pcv --chmod=644 --fsync --preallocate synapse/log_config.yaml $remote:/etc/synapse/log_config.yaml
5556
rsync -rpcv --chmod=D755,F644 --delete synapse/workers/ $remote:/etc/synapse/workers/
5657

synapse/homeserver.yaml

Lines changed: 153 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,153 @@
1+
modules:
2+
- module: mjolnir.Module
3+
config:
4+
block_invites: true
5+
ban_lists:
6+
- "!WoQgyUIOTcwfyOuZGY:grapheneos.org"
7+
8+
server_name: grapheneos.org
9+
web_client_location: https://element.grapheneos.org/
10+
public_baseurl: https://matrix.grapheneos.org/
11+
admin_contact: 'mailto:[email protected]'
12+
13+
registration_shared_secret_path: /etc/synapse/grapheneos.org.registration.shared.secret
14+
macaroon_secret_key_path: /etc/synapse/grapheneos.org.macaroon.secret.key
15+
form_secret_path: /etc/synapse/grapheneos.org.form.secret
16+
signing_key_path: /etc/synapse/grapheneos.org.signing.key
17+
18+
federation_client_minimum_tls_version: 1.2
19+
20+
presence:
21+
enabled: false
22+
23+
listeners:
24+
- path: /run/synapse/main_public.sock
25+
mode: 0660
26+
type: http
27+
resources:
28+
- names: [client, federation]
29+
- path: /run/synapse/main_replication.sock
30+
mode: 0600
31+
type: http
32+
resources:
33+
- names: [replication]
34+
35+
instance_map:
36+
main:
37+
path: /run/synapse/main_replication.sock
38+
stream_writer:
39+
path: /run/synapse/stream_writer_replication.sock
40+
41+
run_background_tasks_on: background
42+
43+
federation_sender_instances:
44+
- federation_sender1
45+
- federation_sender2
46+
- federation_sender3
47+
- federation_sender4
48+
49+
enable_media_repo: false
50+
51+
pusher_instances:
52+
- pusher
53+
54+
stream_writers:
55+
events:
56+
- stream_writer
57+
typing:
58+
- stream_writer
59+
to_device:
60+
- stream_writer
61+
account_data:
62+
- stream_writer
63+
receipts:
64+
- stream_writer
65+
presence:
66+
- stream_writer
67+
push_rules:
68+
- stream_writer
69+
device_lists:
70+
- stream_writer
71+
72+
redis:
73+
enabled: true
74+
path: /run/valkey/valkey.sock
75+
76+
database:
77+
name: psycopg2
78+
args:
79+
user: synapse
80+
database: synapse
81+
cp_min: 10
82+
cp_max: 10
83+
84+
caches:
85+
global_factor: 1.0
86+
cache_autotuning:
87+
max_cache_memory_usage: 1024M
88+
target_cache_memory_usage: 768M
89+
min_cache_ttl: 5m
90+
91+
max_upload_size: 100M
92+
media_store_path: /var/lib/synapse/media_store
93+
media_retention:
94+
local_media_lifetime: 365d
95+
remote_media_lifetime: 2d
96+
97+
log_config: /etc/synapse/log_config.yaml
98+
99+
trusted_key_servers:
100+
- server_name: "matrix.org"
101+
suppress_key_server_warning: true
102+
103+
default_room_version: "12"
104+
105+
experimental_features:
106+
# allow moderators to view redacted events
107+
msc2815_enabled: true
108+
109+
allow_public_rooms_without_auth: true
110+
allow_public_rooms_over_federation: true
111+
112+
user_directory:
113+
prefer_local_users: true
114+
115+
limit_remote_rooms:
116+
enabled: true
117+
complexity: 50.0
118+
complexity_error: "This room is above complexity 50.0 and joining is forbidden to prevent denial of service."
119+
120+
max_avatar_size: 10M
121+
allowed_avatar_mimetypes: ["image/png", "image/jpeg", "image/gif"]
122+
123+
redaction_retention_period: 90d
124+
forgotten_room_retention_period: 28d
125+
user_ips_max_age: 28d
126+
delete_stale_devices_after: 1y
127+
128+
password_config:
129+
policy:
130+
enabled: true
131+
minimum_length: 16
132+
133+
alias_creation_rules:
134+
- user_id: "@admin:grapheneos.org"
135+
alias: "*"
136+
room_id: "*"
137+
action: allow
138+
- user_id: "@grapheneos:grapheneos.org"
139+
alias: "*"
140+
room_id: "*"
141+
action: allow
142+
143+
room_list_publication_rules:
144+
- user_id: "@admin:grapheneos.org"
145+
alias: "*"
146+
room_id: "*"
147+
action: allow
148+
- user_id: "@grapheneos:grapheneos.org"
149+
alias: "*"
150+
room_id: "*"
151+
action: allow
152+
153+
report_stats: false

0 commit comments

Comments
 (0)