mirror of
https://mau.dev/maunium/synapse.git
synced 2025-01-23 09:00:03 +01:00
11a8ae0632
* complement: enable dirty runs * Add changelog * Set a low connpool limit when running in Complement Dirty runs can cause many containers to be running concurrently, which seems to easily exhaust resources on the host. The increased speedup from dirty runs also seems to use more db connections on workers, which are misconfigured currently to have `SUM(workers * cp_max) > max_connections`, causing ``` FATAL: sorry, too many clients already ``` which results in tests failing. * Try p=2 concurrency to restrict slowness of servers which causes partial state join tests to flake * Debug logging * Only run flakey tests * Only adjust connection pool limits in worker mode * Move cp vars to somewhere where they get executed in CI * Move cp values back to where they actually work * Debug logging * Try p=1 to see if this makes worker mode happier * Remove debug logging
194 lines
4.4 KiB
YAML
194 lines
4.4 KiB
YAML
# vim:ft=yaml
|
|
|
|
## TLS ##
|
|
|
|
{% if not SYNAPSE_NO_TLS %}
|
|
|
|
tls_certificate_path: "/data/{{ SYNAPSE_SERVER_NAME }}.tls.crt"
|
|
tls_private_key_path: "/data/{{ SYNAPSE_SERVER_NAME }}.tls.key"
|
|
|
|
{% endif %}
|
|
|
|
## Server ##
|
|
|
|
server_name: "{{ SYNAPSE_SERVER_NAME }}"
|
|
pid_file: /homeserver.pid
|
|
web_client: False
|
|
soft_file_limit: 0
|
|
log_config: "{{ SYNAPSE_LOG_CONFIG }}"
|
|
|
|
## Ports ##
|
|
|
|
listeners:
|
|
{% if not SYNAPSE_NO_TLS %}
|
|
-
|
|
port: 8448
|
|
bind_addresses: ['::']
|
|
type: http
|
|
tls: true
|
|
x_forwarded: false
|
|
resources:
|
|
- names: [client]
|
|
compress: true
|
|
- names: [federation] # Federation APIs
|
|
compress: false
|
|
{% endif %}
|
|
|
|
# Allow configuring in case we want to reverse proxy 8008
|
|
# using another process in the same container
|
|
{% if SYNAPSE_USE_UNIX_SOCKET %}
|
|
# Unix sockets don't care about TLS or IP addresses or ports
|
|
- path: '/run/main_public.sock'
|
|
type: http
|
|
{% else %}
|
|
- port: {{ SYNAPSE_HTTP_PORT or 8008 }}
|
|
tls: false
|
|
bind_addresses: ['::']
|
|
type: http
|
|
x_forwarded: false
|
|
{% endif %}
|
|
resources:
|
|
- names: [client]
|
|
compress: true
|
|
- names: [federation]
|
|
compress: false
|
|
|
|
## Database ##
|
|
|
|
{% if POSTGRES_PASSWORD %}
|
|
database:
|
|
name: "psycopg2"
|
|
args:
|
|
user: "{{ POSTGRES_USER or "synapse" }}"
|
|
password: "{{ POSTGRES_PASSWORD }}"
|
|
database: "{{ POSTGRES_DB or "synapse" }}"
|
|
{% if not SYNAPSE_USE_UNIX_SOCKET %}
|
|
{# Synapse will use a default unix socket for Postgres when host/port is not specified (behavior from `psycopg2`). #}
|
|
host: "{{ POSTGRES_HOST or "db" }}"
|
|
port: "{{ POSTGRES_PORT or "5432" }}"
|
|
{% endif %}
|
|
cp_min: {{ POSTGRES_CP_MIN or 5 }}
|
|
cp_max: {{ POSTGRES_CP_MAX or 10 }}
|
|
{% else %}
|
|
database:
|
|
name: "sqlite3"
|
|
args:
|
|
database: "/data/homeserver.db"
|
|
{% endif %}
|
|
|
|
## Performance ##
|
|
|
|
event_cache_size: "{{ SYNAPSE_EVENT_CACHE_SIZE or "10K" }}"
|
|
|
|
## Ratelimiting ##
|
|
|
|
rc_messages_per_second: 0.2
|
|
rc_message_burst_count: 10.0
|
|
federation_rc_window_size: 1000
|
|
federation_rc_sleep_limit: 10
|
|
federation_rc_sleep_delay: 500
|
|
federation_rc_reject_limit: 50
|
|
federation_rc_concurrent: 3
|
|
|
|
## Files ##
|
|
|
|
media_store_path: "/data/media"
|
|
max_upload_size: "{{ SYNAPSE_MAX_UPLOAD_SIZE or "50M" }}"
|
|
max_image_pixels: "32M"
|
|
dynamic_thumbnails: false
|
|
|
|
# List of thumbnail to precalculate when an image is uploaded.
|
|
thumbnail_sizes:
|
|
- width: 32
|
|
height: 32
|
|
method: crop
|
|
- width: 96
|
|
height: 96
|
|
method: crop
|
|
- width: 320
|
|
height: 240
|
|
method: scale
|
|
- width: 640
|
|
height: 480
|
|
method: scale
|
|
- width: 800
|
|
height: 600
|
|
method: scale
|
|
|
|
url_preview_enabled: False
|
|
max_spider_size: "10M"
|
|
|
|
## Captcha ##
|
|
|
|
{% if SYNAPSE_RECAPTCHA_PUBLIC_KEY %}
|
|
recaptcha_public_key: "{{ SYNAPSE_RECAPTCHA_PUBLIC_KEY }}"
|
|
recaptcha_private_key: "{{ SYNAPSE_RECAPTCHA_PRIVATE_KEY }}"
|
|
enable_registration_captcha: True
|
|
recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify"
|
|
{% else %}
|
|
recaptcha_public_key: "YOUR_PUBLIC_KEY"
|
|
recaptcha_private_key: "YOUR_PRIVATE_KEY"
|
|
enable_registration_captcha: False
|
|
recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify"
|
|
{% endif %}
|
|
|
|
## Turn ##
|
|
|
|
{% if SYNAPSE_TURN_URIS %}
|
|
turn_uris:
|
|
{% for uri in SYNAPSE_TURN_URIS.split(',') %} - "{{ uri }}"
|
|
{% endfor %}
|
|
turn_shared_secret: "{{ SYNAPSE_TURN_SECRET }}"
|
|
turn_user_lifetime: "1h"
|
|
turn_allow_guests: True
|
|
{% else %}
|
|
turn_uris: []
|
|
turn_shared_secret: "YOUR_SHARED_SECRET"
|
|
turn_user_lifetime: "1h"
|
|
turn_allow_guests: True
|
|
{% endif %}
|
|
|
|
## Registration ##
|
|
|
|
enable_registration: {{ "True" if SYNAPSE_ENABLE_REGISTRATION else "False" }}
|
|
registration_shared_secret: "{{ SYNAPSE_REGISTRATION_SHARED_SECRET }}"
|
|
bcrypt_rounds: 12
|
|
allow_guest_access: {{ "True" if SYNAPSE_ALLOW_GUEST else "False" }}
|
|
enable_group_creation: true
|
|
|
|
|
|
## Metrics ###
|
|
|
|
{% if SYNAPSE_REPORT_STATS.lower() == "yes" %}
|
|
enable_metrics: True
|
|
report_stats: True
|
|
{% else %}
|
|
enable_metrics: False
|
|
report_stats: False
|
|
{% endif %}
|
|
|
|
## API Configuration ##
|
|
|
|
{% if SYNAPSE_APPSERVICES %}
|
|
app_service_config_files:
|
|
{% for appservice in SYNAPSE_APPSERVICES %} - "{{ appservice }}"
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
macaroon_secret_key: "{{ SYNAPSE_MACAROON_SECRET_KEY }}"
|
|
expire_access_token: False
|
|
|
|
## Signing Keys ##
|
|
|
|
signing_key_path: "/data/{{ SYNAPSE_SERVER_NAME }}.signing.key"
|
|
old_signing_keys: {}
|
|
key_refresh_interval: "1d" # 1 Day.
|
|
|
|
# The trusted servers to download signing keys from.
|
|
trusted_key_servers:
|
|
- server_name: matrix.org
|
|
verify_keys:
|
|
"ed25519:auto": "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
|
|
|
|
password_config:
|
|
enabled: true
|