update our configs

etc/matrix-media-repo/media-repo.yaml

@@ -73,13 +73,13 @@ homeservers:
 # sent straight through the client - they are simply used to invalidate the cache faster for
 # a particular user. Without these, the access tokens might still work for a short period of time
 # after the user has already invalidated them.
-# 
+#
 # This will also cache errors from the homeserver.
 #
 # Note that when this config block is used outside of a per-domain config, all hosts will be
 # subject to the same cache. This also means that application services on limited homeservers
 # could be authorized on the wrong domain.
-#   
+#
 # ***************************************************************************
 # *  IT IS HIGHLY RECOMMENDED TO USE PER-DOMAIN CONFIGS WITH THIS FEATURE.  *
 # ***************************************************************************
@@ -174,7 +174,7 @@ datastores:
       # An optional region for where this S3 endpoint is located. Typically not needed, though
       # some providers will need this (like Scaleway). Uncomment to use.
       #region: "sfo2"
-    
+
   # The media repo does support an IPFS datastore, but only if the IPFS feature is enabled. If
   # the feature is not enabled, this will not work. Note that IPFS support is experimental at
   # the moment and not recommended for general use.
@@ -366,7 +366,7 @@ thumbnails:
   # The maximum number of bytes an image can be before the thumbnailer refuses.
   maxSourceBytes: 10485760 # 10MB default, 0 to disable
 
-  # The maximum number of pixels an image can have before the thumbnailer refuses. Note that 
+  # The maximum number of pixels an image can have before the thumbnailer refuses. Note that
   # this only applies to image types: file types like audio and video are affected solely by
   # the maxSourceBytes.
   maxPixels: 96000000 # 32M default

etc/matrix-synapse/homeserver.yaml

@@ -93,13 +93,7 @@ server_name: envs.net
 #
 pid_file: "/etc/matrix-synapse/matrix-synapse.pid"
 
-# The absolute URL to the web client which /_matrix/client will redirect
+# The absolute URL to the web client which / will redirect to.
-# to if 'webclient' is configured under the 'listeners' configuration.
-#
-# This option can be also set to the filesystem path to the web client
-# which will be served at /_matrix/client/ if 'webclient' is configured
-# under the 'listeners' configuration, however this is a security risk:
-# https://github.com/matrix-org/synapse#security-note
 #
 web_client_location: "https://element.envs.net/"
 
@@ -329,8 +323,6 @@ allow_public_rooms_over_federation: true
 #   static: static resources under synapse/static (/_matrix/static). (Mostly
 #       useful for 'fallback authentication'.)
 #
-#   webclient: A web client. Requires web_client_location to be set.
-#
 listeners:
   # TLS-enabled listener: for when matrix traffic is sent directly to synapse.
   #
@@ -362,7 +354,7 @@ listeners:
     tls: false
     x_forwarded: true
     resources:
-      - names: [federation, client, webclient, consent]
+      - names: [federation, client, consent]
         compress: false
 
     # example additional_resources:
@@ -594,7 +586,7 @@ retention:
   #
   #default_policy:
   #  min_lifetime: 30d
-  #  max_lifetime: 1y
+  #  max_lifetime: 3y
 
   # Retention policy limits. If set, and the state of a room contains a
   # 'm.room.retention' event in its state which contains a 'min_lifetime' or a
@@ -2453,7 +2445,7 @@ user_directory:
     # These indexes are built the first time Synapse starts; admins can
     # manually trigger a rebuild via API following the instructions at
     #     https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/background_updates.html#run
-    #   
+    #
     # Uncomment to return search results containing all known users, even if that
     # user does not share a room with the requester.
     #
@@ -2709,6 +2701,9 @@ instance_map:
   generic_worker3:
     host: localhost
     port: 9096
+  generic_worker4:
+    host: localhost
+    port: 9097
 
 # Experimental: When using workers you can define which workers should
 # handle event persistence and typing notifications. Any worker
@@ -2722,6 +2717,7 @@ stream_writers:
     - generic_worker1
     - generic_worker2
     - generic_worker3
+    - generic_worker4
 #  typing: worker1
 
 # The worker that is used to run background tasks (e.g. cleaning up expired

etc/nginx/include.d/generic_worker.conf

@@ -259,6 +259,18 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ {
 }
 
 
+## Encryption requests
+#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/claim {
+#	include include.d/synapse-proxy.conf;
+#	proxy_pass http://generic_worker_lc;
+#}
+
+#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/room_keys {
+#	include include.d/synapse-proxy.conf;
+#	proxy_pass http://generic_worker_lc;
+#}
+
+
 ## Registration/login requests
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ {
 	include include.d/synapse-proxy.conf;
@@ -276,74 +288,74 @@ location ~ ^/_matrix/client/unstable/org.matrix.msc3231/register/org.matrix.msc3
 }
 
 
-# STREAM WORKERS
+# STREAM WRITERS
 ## Event sending requests
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ {
 	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc_instancemap;
+	proxy_pass http://generic_worker_lc;
 }
 
 ## Typing requests
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 ## Device requests
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/sendToDevice/ {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 ## Account data requests
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/.*/tags {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/.*/account_data {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 ## Receipts requests
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/receipt {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/read_markers {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}
 
 ## Presence requests
 #location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/.*/status$ {
 #	include include.d/synapse-proxy.conf;
-#	proxy_pass http://generic_worker_lc_instancemap;
+#	proxy_pass http://generic_worker_lc;
 #}

etc/nginx/include.d/upstream_workers.conf

@@ -13,11 +13,3 @@ upstream generic_worker_lc {
        server localhost:8512;
        server localhost:8513;
 }
-
-## STREAM WORKER
-upstream generic_worker_lc_instancemap {
-       least_conn;
-       server localhost:8510;
-       server localhost:8511;
-       server localhost:8512;
-}

etc/nginx/sites-available/element.envs.net.conf

@@ -27,7 +27,7 @@ server {
 	}
 }
 
-#ALIAS   
+#ALIAS
 server {
 	listen 80;
 	listen [::]:80;

etc/nginx/sites-available/matrix.envs.net.conf

@@ -68,16 +68,3 @@ server {
 		proxy_pass http://localhost:8008;
 	}
 }
-
-server {
-        listen 8448 ssl http2;
-	listen [::]:8448 ssl http2;
-        server_name matrix.envs.net;
-
-        include snippets/ssl.conf;
-
-        location / {
-		include include.d/synapse-proxy.conf;
-                proxy_pass http://localhost:8008;
-        }
-}