mirror of
https://github.com/matrix-org/dendrite
synced 2024-11-15 06:11:08 +01:00
d6e18a33ce
Missed this when first setting up my instance, and it feels important enough that it should be part of the sample config
168 lines
6.7 KiB
YAML
168 lines
6.7 KiB
YAML
# The config file format version
|
|
# This is used by dendrite to tell if it understands the config format.
|
|
# This will change if the structure of the config file changes or if the meaning
|
|
# of an existing config key changes.
|
|
version: 0
|
|
|
|
# The matrix specific config
|
|
matrix:
|
|
# The name of the server. This is usually the domain name, e.g 'matrix.org', 'localhost'.
|
|
server_name: "example.com"
|
|
# The path to the PEM formatted matrix private key.
|
|
private_key: "/etc/dendrite/matrix_key.pem"
|
|
# The x509 certificates used by the federation listeners for this server
|
|
federation_certificates: ["/etc/dendrite/server.crt"]
|
|
# The list of identity servers trusted to verify third party identifiers by this server.
|
|
# Defaults to no trusted servers.
|
|
trusted_third_party_id_servers:
|
|
- vector.im
|
|
- matrix.org
|
|
# Perspective key servers which are used when direct key requests fail
|
|
#key_perspectives:
|
|
# - server_name: matrix.org
|
|
# keys:
|
|
# - key_id: ed25519:auto
|
|
# public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
|
|
# - key_id: ed25519:a_RXGa
|
|
# public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
|
|
# Disables new users from registering (except via shared secrets)
|
|
registration_disabled: false
|
|
|
|
# The media repository config
|
|
media:
|
|
# The base path to where the media files will be stored. May be relative or absolute.
|
|
base_path: /var/dendrite/media
|
|
|
|
# The maximum file size in bytes that is allowed to be stored on this server.
|
|
# Note: if max_file_size_bytes is set to 0, the size is unlimited.
|
|
# Note: if max_file_size_bytes is not set, it will default to 10485760 (10MB)
|
|
max_file_size_bytes: 10485760
|
|
|
|
# Whether to dynamically generate thumbnails on-the-fly if the requested resolution is not already generated
|
|
# NOTE: This is a possible denial-of-service attack vector - use at your own risk
|
|
dynamic_thumbnails: false
|
|
|
|
# A list of thumbnail sizes to be pre-generated for downloaded remote / uploaded content
|
|
# method is one of crop or scale. If omitted, it will default to scale.
|
|
# crop scales to fill the requested dimensions and crops the excess.
|
|
# scale scales to fit the requested dimensions and one dimension may be smaller than requested.
|
|
thumbnail_sizes:
|
|
- width: 32
|
|
height: 32
|
|
method: crop
|
|
- width: 96
|
|
height: 96
|
|
method: crop
|
|
- width: 320
|
|
height: 240
|
|
method: scale
|
|
- width: 640
|
|
height: 480
|
|
method: scale
|
|
- width: 800
|
|
height: 600
|
|
method: scale
|
|
|
|
# Metrics config for Prometheus
|
|
metrics:
|
|
# Whether or not metrics are enabled
|
|
enabled: false
|
|
# Use basic auth to protect the metrics. Uncomment to the complete block to enable.
|
|
#basic_auth:
|
|
# username: prometheusUser
|
|
# password: y0ursecr3tPa$$w0rd
|
|
|
|
# The config for the TURN server
|
|
turn:
|
|
# Whether or not guests can request TURN credentials
|
|
turn_allow_guests: true
|
|
# How long the authorization should last
|
|
turn_user_lifetime: "1h"
|
|
# The list of TURN URIs to pass to clients
|
|
turn_uris: []
|
|
|
|
# Authorization via Shared Secret
|
|
# The shared secret from coturn
|
|
turn_shared_secret: "<SECRET STRING GOES HERE>"
|
|
|
|
# Authorization via Static Username & Password
|
|
# Hardcoded Username and Password
|
|
turn_username: ""
|
|
turn_password: ""
|
|
|
|
# The config for communicating with kafka
|
|
kafka:
|
|
# Where the kafka servers are running.
|
|
addresses: ["localhost:9092"]
|
|
# Whether to use naffka instead of kafka.
|
|
# Naffka can only be used when running dendrite as a single monolithic server.
|
|
# Kafka can be used both with a monolithic server and when running the
|
|
# components as separate servers.
|
|
# If enabled database.naffka must also be specified.
|
|
use_naffka: false
|
|
# The names of the kafka topics to use.
|
|
topics:
|
|
output_room_event: roomserverOutput
|
|
output_client_data: clientapiOutput
|
|
output_typing_event: eduServerOutput
|
|
user_updates: userUpdates
|
|
|
|
# The postgres connection configs for connecting to the databases e.g a postgres:// URI
|
|
database:
|
|
account: "postgres://dendrite:itsasecret@localhost/dendrite_account?sslmode=disable"
|
|
device: "postgres://dendrite:itsasecret@localhost/dendrite_device?sslmode=disable"
|
|
media_api: "postgres://dendrite:itsasecret@localhost/dendrite_mediaapi?sslmode=disable"
|
|
sync_api: "postgres://dendrite:itsasecret@localhost/dendrite_syncapi?sslmode=disable"
|
|
room_server: "postgres://dendrite:itsasecret@localhost/dendrite_roomserver?sslmode=disable"
|
|
server_key: "postgres://dendrite:itsasecret@localhost/dendrite_serverkey?sslmode=disable"
|
|
federation_sender: "postgres://dendrite:itsasecret@localhost/dendrite_federationsender?sslmode=disable"
|
|
appservice: "postgres://dendrite:itsasecret@localhost/dendrite_appservice?sslmode=disable"
|
|
public_rooms_api: "postgres://dendrite:itsasecret@localhost/dendrite_publicroomsapi?sslmode=disable"
|
|
max_open_conns: 100
|
|
max_idle_conns: 2
|
|
conn_max_lifetime: -1
|
|
# If using naffka you need to specify a naffka database
|
|
# naffka: "postgres://dendrite:itsasecret@localhost/dendrite_naffka?sslmode=disable"
|
|
|
|
# The TCP host:port pairs to bind the internal HTTP APIs to.
|
|
# These shouldn't be exposed to the public internet.
|
|
# These aren't needed when running dendrite as a monolithic server.
|
|
listen:
|
|
room_server: "localhost:7770"
|
|
client_api: "localhost:7771"
|
|
federation_api: "localhost:7772"
|
|
sync_api: "localhost:7773"
|
|
media_api: "localhost:7774"
|
|
public_rooms_api: "localhost:7775"
|
|
federation_sender: "localhost:7776"
|
|
appservice_api: "localhost:7777"
|
|
edu_server: "localhost:7778"
|
|
|
|
# The configuration for tracing the dendrite components.
|
|
tracing:
|
|
# Config for the jaeger opentracing reporter.
|
|
# See https://godoc.org/github.com/uber/jaeger-client-go/config#Configuration
|
|
# for documentation.
|
|
jaeger:
|
|
disabled: true
|
|
|
|
# A list of application service config files to use
|
|
application_services:
|
|
config_files: []
|
|
|
|
# The configuration for dendrite logs
|
|
logging:
|
|
# The logging type, only "file" is supported at the moment
|
|
- type: "file"
|
|
# The logging level, must be one of debug, info, warn, error, fatal, panic.
|
|
level: "info"
|
|
# Parameters for this type of log
|
|
params:
|
|
# File logging must be given a path to a directory. Each component will write to a different file. Logs are rotated each day and gzipped
|
|
path: "/var/log/dendrite"
|
|
# It is possible to have multiple logging hooks at the same time.
|
|
# To save only errors in a different directory, uncomment the following.
|
|
# - type: "file"
|
|
# level: "error"
|
|
# params:
|
|
# path: "/var/log/dendrite/errors"
|