update outdated configs

2025-08-24 14:16:02 -04:00 · 2024-11-13 19:57:43 +01:00 · 2024-11-13 19:57:43 +01:00 · 86a18749a6
commit 86a18749a6
parent 88dbd169c2
7 changed files with 219 additions and 268 deletions
--- a/etc/matrix-media-repo/media-repo.yaml
+++ b/etc/matrix-media-repo/media-repo.yaml
@ -19,6 +19,11 @@ repo:
  # incompatible with the log color option and will always render without colors.
  jsonLogs: false
  # The log level to log at. Note that this will need to be at least "info" to receive support.
  #
  # Values (in increasing spam): panic | fatal | error | warn | info | debug | trace
  logLevel: "warn"
  # If true, the media repo will accept any X-Forwarded-For header without validation. In most cases
  # this option should be left as "false". Note that the media repo already expects an X-Forwarded-For
  # header, but validates it to ensure the IP being given makes sense.
@ -26,9 +31,20 @@ repo:
  # If false, the media repo will not use the X-Forwarded-Host header commonly added by reverse proxies.
  # Typically this should remain as true, though in some circumstances it may need to be disabled.
-  # See https://github.com/turt2live/matrix-media-repo/issues/202 for more information.
+  # See https://github.com/t2bot/matrix-media-repo/issues/202 for more information.
  useForwardedHost: true
  # If true, media uploaded or cached from that point forwards will require authentication in order to
  # be accessed. Media uploaded or cached prior will remain accessible on the unauthenticated endpoints.
  # If set to false after being set to true, media uploaded or cached while the flag was true will still
  # only be accessible over authenticated endpoints, though future media will be accessible on both
  # authenticated and unauthenticated media.
  #
  # This flag currently defaults to false. A future release, likely in August 2024, will remove this flag
  # and have the same effect as it being true (always on). This flag is primarily intended for servers to
  # opt-in to the behaviour early.
  freezeUnauthenticatedMedia: false
 # Options for dealing with federation
 federation:
  # On a per-host basis, the number of consecutive failures in calling the host before the
@ -36,6 +52,18 @@ federation:
  # the remote server do not count towards this.
  backoffAt: 20
  # The domains the media repo should never serve media for. Existing media already stored from
  # these domains will remain, however will not be downloadable without a data export. Media
  # repo administrators will bypass this check. Admin APIs will still work for media on these
  # domains.
  #
  # This will not prevent the listed domains from accessing media on this media repo - it only
  # stops users on *this* media repo from accessing media originally uploaded to the listed domains.
  #
  # Note: Adding domains controlled by the media repo itself to this list is not advisable.
  ignoredHosts:
    - example.org
 # The database configuration for the media repository
 # Do NOT put your homeserver's existing database credentials here. Create a new database and
 # user instead. Using the same server is fine, just not the same username and database.
@ -56,16 +84,29 @@ database:
 # The configuration for the homeservers this media repository is known to control. Servers
 # not listed here will not be able to upload media.
 homeservers:
-  - name: envs.net # This should match the server_name of your homeserver, and the Host header
+  - # Keep the dash from this line.
    # This should match the server_name of your homeserver, and the Host header
    # provided to the media repo.
-    csApi: "https://matrix.envs.net/" # The base URL to where the homeserver can actually be reached
+    name: envs.net
-    backoffAt: 10 # The number of consecutive failures in calling this homeserver before the
+
    # The base URL to where the homeserver can actually be reached by MMR.
    csApi: "https://matrix.envs.net/"
    # The number of consecutive failures in calling this homeserver before the
    # media repository will start backing off. This defaults to 10 if not given.
-    adminApiKind: "matrix" # The kind of admin API the homeserver supports. If set to "matrix",
+    backoffAt: 10
-                           # the media repo will use the Synapse-defined endpoints under the
+
-                           # unstable client-server API. When this is "synapse", the new /_synapse
+    # The admin API interface supported by the homeserver. MMR uses a subset of the admin API
-                           # endpoints will be used instead. Unknown values are treated as the
+    # during certain operations, like attempting to purge media from a room or validating server
-                           # default, "matrix".
+    # admin status. This should be set to one of "synapse", "dendrite", or "matrix". When set
    # to "matrix", most functionality requiring the admin API will not work.
    adminApiKind: "synapse"
    # The signing key to use for authorizing outbound federation requests. If not specified,
    # requests will not be authorized. See https://docs.t2bot.io/matrix-media-repo/v1.3.5/installation/signing-key/
    # for details.
    signingKeyPath: "/etc/matrix-media-repo/mmr.signing.key"
 # Options for controlling how access tokens work with the media repo. It is recommended that if
 # you are going to use these options that the `/logout` and `/logout/all` client-server endpoints
@ -137,7 +178,7 @@ sharedSecretAuth:
 # for a datastore to use, will always use the smallest datastore first.
 datastores:
  - type: file
-    enabled: true
+    id: "b2ca79fa0b75955e59e52d2286a30f4c8e053d72"
    # Datastores can be split into many areas when handling uploads. Media is still de-duplicated
    # across all datastores (local content which duplicates remote content will re-use the remote
    # content's location). This option is useful if your datastore is becoming very large, or if
@ -151,43 +192,6 @@ datastores:
    forKinds: ["all"]
    opts:
      path: /var/matrix-media
 #  - type: file
 #    enabled: true
    #forKinds: ["all"]
 #    opts:
 #      path: /var/matrix/media
  - type: s3
    enabled: false # Enable this to set up s3 uploads
    forKinds: ["thumbnails", "remote_media", "local_media", "archives"]
    opts:
      # The s3 uploader needs a temporary location to buffer files to reduce memory usage on
      # small file uploads. If the file size is unknown, the file is written to this location
      # before being uploaded to s3 (then the file is deleted). If you aren't concerned about
      # memory usage, set this to an empty string.
      tempPath: "/tmp/mediarepo_s3_upload"
      endpoint: sfo2.digitaloceanspaces.com
      accessKeyId: ""
      accessSecret: ""
      ssl: true
      bucketName: "your-media-bucket"
      # An optional region for where this S3 endpoint is located. Typically not needed, though
      # some providers will need this (like Scaleway). Uncomment to use.
      #region: "sfo2"
  # The media repo does support an IPFS datastore, but only if the IPFS feature is enabled. If
  # the feature is not enabled, this will not work. Note that IPFS support is experimental at
  # the moment and not recommended for general use.
  #
  # NOTE: Everything you upload to IPFS will be publicly accessible, even when the media repo
  # puts authentication on the download endpoints. Only use this option for cases where you
  # expect your media to be publicly accessible.
  - type: ipfs
    enabled: false
    forKinds: ["local_media"]
    # The IPFS datastore currently has no options. It will use the daemon or HTTP API configured
    # in the IPFS section of your main config.
    opts: {}
 # Options for controlling archives. Archives are exports of a particular user's content for
 # the purpose of GDPR or moving media to a different server.
@ -224,29 +228,49 @@ uploads:
  # Set this to -1 to indicate that there is no limit. Zero will force the use of maxBytes.
  #reportedMaxBytes: 104857600
  # The number of pending uploads a user is permitted to have at a given time. They must cancel,
  # complete, or otherwise let pending requests expire before uploading any more media. Set to
  # zero to disable.
  maxPending: 5
  # The duration the server will wait to receive media that was asynchronously uploaded before
  # expiring it entirely. This should be set sufficiently high for a client on poor connectivity
  # to upload something. The Matrix specification recommends 24 hours (86400 seconds), however
  # this project recommends 30 minutes (1800 seconds).
  maxAgeSeconds: 1800
  # Options for limiting how much content a user can upload. Quotas are applied to content
  # associated with a user regardless of de-duplication. Quotas which affect remote servers
  # or users will not take effect. When a user exceeds their quota they will be unable to
  # upload any more media.
  quotas:
-    # Whether or not quotas are enabled/enforced. Note that even when disabled the media repo
+    # Whether quotas are enabled/enforced. Note that even when disabled the media repo will
-    # will track how much media a user has uploaded. This is disabled by default.
+    # track how much media a user has uploaded. Quotas are disabled by default.
    enabled: false
-    # The quota rules that affect users. The first rule to match the uploader will take effect.
+    # The upload quota rules which affect users. The first rule to match the user ID will take
-    # An implied rule which matches all users and has no quota is always last in this list,
+    # effect. If a user does not match a rule, the defaults implied by the above config will
-    # meaning that if no rules are supplied then users will be able to upload anything. Similarly,
+    # take effect instead. The user will not be permitted to upload anything above these quota
-    # if no rules match a user then the implied rule will match, allowing the user to have no
+    # values, but can match them exactly.
    # quota. The quota will let the user upload to 1 media past their quota, meaning that from
    # a statistics perspective the user might exceed their quota however only by a small amount.
    users:
      - glob: "@*:*"  # Affect all users. Use asterisks (*) to match any character.
-        maxBytes: 53687063712 # 50GB default, 0 to disable
+        # The maximum number of TOTAL bytes a user can upload. Defaults to zero (no limit).
        maxBytes: 53687063712 # 50gb
        # The same as maxPending above - the number of uploads the user can have waiting to
        # complete before starting another one. Defaults to maxPending above. Set to 0 to
        # disable.
        maxPending: 5
        # The maximum number of uploaded files a user can have. Defaults to zero (no limit).
        # If both maxBytes and maxFiles are in use then the first condition a user triggers
        # will prevent upload. Note that a user can still have uploads contributing to maxPending,
        # but will not be able to complete them if they are at maxFiles.
        maxFiles: 0
 # Settings related to downloading files from the media repository
 downloads:
  # The maximum number of bytes to download from other servers
-  maxBytes: 268435456 # 100MB default, 0 to disable
+  #maxBytes: 104857600 # 100MB default, 0 to disable
  maxBytes: 268435456 # 256
  # The number of workers to use when downloading remote media. Raise this number if remote
  # media is downloading slowly or timing out.
@ -259,42 +283,16 @@ downloads:
  # has passed, the media is able to be re-requested.
  failureCacheMinutes: 5
  # The cache control settings for downloads. This can help speed up downloads for users by
  # keeping popular media in the cache. This cache is also used for thumbnails.
  cache:
    enabled: false
    # The maximum size of cache to have. Higher numbers are better.
    maxSizeBytes: 1048576000 # 1GB default
    # The maximum file size to cache. This should normally be the same size as your maximum
    # upload size.
    maxFileSizeBytes: 104857600 # 100MB default
    # The number of minutes to track how many downloads a file gets
    trackedMinutes: 30
    # The number of downloads a file must receive in the window above (trackedMinutes) in
    # order to be cached.
    minDownloads: 5
    # The minimum amount of time an item should remain in the cache. This prevents the cache
    # from cycling out the file if it needs more room during this time. Note that the media
    # repo regularly cleans out media which is past this point from the cache, so this number
    # may need increasing depending on your use case. If the maxSizeBytes is reached for the
    # media repo, and some cached items are still under this timer, new items will not be able
    # to enter the cache. When this happens, consider raising maxSizeBytes or lowering this
    # timer.
    minCacheTimeSeconds: 300
    # The minimum amount of time an item should remain outside the cache once it is removed.
    minEvictedTimeSeconds: 60
  # How many days after a piece of remote content is downloaded before it expires. It can be
  # re-downloaded on demand, this just helps free up space in your datastore. Set to zero or
  # negative to disable. Defaults to disabled.
  expireAfterDays: 90
  # The default size, in bytes, to return for range requests on media. Range requests are used
  # by clients when they only need part of a file, such as a video or audio element. Note that
  # the entire file will still be cached (if enabled), but only part of it will be returned.
  # If the client requests a larger or smaller range, that will be honoured.
  defaultRangeChunkSizeBytes: 10485760 # 10MB default
 # URL Preview settings
 urlPreviews:
@ -341,7 +339,7 @@ urlPreviews:
    - 'fe80::/64'
    - 'fc00::/7'
  allowedNetworks:
-    - "0.0.0.0/0" # "Everything". The blacklist will help limit this.
+    - "0.0.0.0/0" # "Everything". The deny list will help limit this.
                  # This is the default value for this field.
  # How many days after a preview is generated before it expires and is deleted. The preview
@ -354,7 +352,10 @@ urlPreviews:
  # Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language
  defaultLanguage: "en-US,en"
-  # When true, oEmbed previews will be enabled. Typically these kinds of previews are used for
+  # Set the User-Agent header to supply when generating URL previews
  userAgent: "matrix-media-repo"
  # When true, oEmbed previews will be enabled. Typically, these kinds of previews are used for
  # sites that do not support OpenGraph or page scraping, such as Twitter. For information on
  # specifying providers for oEmbed, including your own, see the following documentation:
  # https://docs.t2bot.io/matrix-media-repo/url-previews/oembed.html
@ -370,7 +371,6 @@ thumbnails:
  # this only applies to image types: file types like audio and video are affected solely by
  # the maxSourceBytes.
  maxPixels: 96000000 # 32M default
  #maxPixels: 0
  # The number of workers to use when generating thumbnails. Raise this number if thumbnails
  # are slow to generate or timing out.
@ -412,7 +412,10 @@ thumbnails:
    - "image/apng"
    - "image/gif"
    - "image/heif"
    - "image/heic"
    - "image/webp"
    - "image/bmp"
    - "image/tiff"
    - "image/svg+xml" # Be sure to have ImageMagick installed to thumbnail SVG files
    - "audio/mpeg"
    - "audio/ogg"
@ -452,6 +455,30 @@ rateLimit:
  # The number of requests an IP can send at once before the rate limit is actually considered.
  burst: 10
  # The 'leaky bucket' configurations for MMR. Leaky buckets are limited in size and have a slow
  # drain rate, minimizing the ability for a user to consume large amounts of resources.
  #
  # Buckets are checked and applied after the requests per second configuration above. Buckets are
  # disabled when rate limiting is disabled.
  #
  # Note: buckets are *not* shared across processes. If download requests could end up at two different
  # processes, two different buckets may be filled. This behaviour may change in the future.
  buckets:
    # The download bucket applies to both download requests and thumbnail requests. Each anonymous
    # user is assigned a single bucket from their IP address. Authenticated requests (when supported)
    # will use the authenticated entity as the subject - either a user or remote server.
    downloads:
      # The maximum size of each bucket.
      capacityBytes: 524288000 # 500mb default
      # The number of bytes to "drain" from the bucket every minute.
      drainBytesPerMinute: 5242880 # 5mb default
      # The number of bytes a requester can go over the capacity, once. This is used to give some
      # buffer to allow a single file to be downloaded when the caller is near the limit. This
      # should be set to either your max remote download size or 30% of the capacityBytes, whichever
      # is smaller.
      overflowLimitBytes: 268435456 # 100mb default (the same as the default remote download maxBytes)
 # Identicons are generated avatars for a given username. Some clients use these to give users a
 # default avatar after signing up. Identicons are not part of the official matrix spec, therefore
 # this feature is completely optional.
@ -472,6 +499,7 @@ quarantine:
  replaceDownloads: false
  # If provided, the given image will be returned as a thumbnail for media that is quarantined.
  # The recommended size is at least 512x512.
  #thumbnailPath: "/path/to/thumbnail.png"
  # If true, administrators of the configured homeservers may quarantine media for their server
@ -483,7 +511,7 @@ quarantine:
 timeouts:
  # The maximum amount of time the media repo should spend trying to fetch a resource that is
  # being previewed.
-  urlPreviewTimeoutSeconds: 10
+  urlPreviewTimeoutSeconds: 30
  # The maximum amount of time the media repo will spend making remote requests to other repos
  # or homeservers. This is primarily used to download media.
@ -495,7 +523,7 @@ timeouts:
 # Prometheus metrics configuration
 # For an example Grafana dashboard, import the following JSON:
-# https://github.com/turt2live/matrix-media-repo/blob/master/docs/grafana.json
+# https://github.com/t2bot/matrix-media-repo/blob/main/docs/grafana.json
 metrics:
  # If true, the bindAddress and port below will serve GET /metrics for Prometheus to scrape.
  enabled: true
@ -510,45 +538,7 @@ metrics:
 # Sections of this config might disappear or be added over time. By default all
 # features are disabled in here and must be explicitly enabled to be used.
 featureSupport:
-  # MSC2248 - Blurhash
+  # No unstable features are currently supported.
  MSC2448:
    # Whether or not this MSC is enabled for use in the media repo
    enabled: false
    # Maximum dimensions for converting a blurhash to an image. When no width and
    # height options are supplied, the default will be half these values.
    maxWidth: 1024
    maxHeight: 1024
    # Thumbnail size in pixels to use to generate the blurhash string
    thumbWidth: 64
    thumbHeight: 64
    # The X and Y components to use. Higher numbers blur less, lower numbers blur more.
    xComponents: 4
    yComponents: 3
    # The amount of contrast to apply when converting a blurhash to an image. Lower values
    # make the effect more subtle, larger values make it stronger.
    punch: 1
  # IPFS Support
  # This is currently experimental and might not work at all.
  IPFS:
    # Whether or not IPFS support is enabled for use in the media repo.
    enabled: false
    # Options for the built in IPFS daemon
    builtInDaemon:
      # Enable this to spawn an in-process IPFS node to use instead of a localhost
      # HTTP agent. If this is disabled, the media repo will assume you have an HTTP
      # IPFS agent running and accessible. Defaults to using a daemon (true).
      enabled: true
      # If the Daemon is enabled, set this to the location where the IPFS files should
      # be stored. If you're using Docker, this should be something like "/data/ipfs"
      # so it can be mapped to a volume.
      repoPath: "./ipfs"
 # Support for redis as a cache mechanism
 #
@ -568,3 +558,41 @@ redis:
  shards:
    - name: "127.0.0.1"
      addr: ":6379"
 # Optional sentry (https://sentry.io/) configuration for the media repo
 sentry:
  # Whether or not to set up error reporting. Defaults to off.
  enabled: false
  # Get this value from the setup instructions in Sentry
  dsn: "https://examplePublicKey@ingest.sentry.io/0"
  # Optional environment flag. Defaults to an empty string.
  environment: ""
  # Whether or not to turn on sentry's built in debugging. This will increase log output.
  debug: false
 # Configuration for the internal tasks engine in the media repo. Note that this only applies
 # to the media repo process with machine ID zero (the default in single-instance mode).
 #
 # Tasks include things like data imports/exports.
 tasks:
  # The number of workers to have available for tasks. Defaults to 5.
  numWorkers: 5
 # Options for collecting PGO-compatible CPU profiles and submitting them to a hosted pgo-fleet
 # server. See https://github.com/t2bot/pgo-fleet for collection/more detail.
 #
 # If you process more than 1Hz of requests or have more than a dozen media repos deployed, please
 # get in contact with `@travis:t2l.io` to submit profiles directly to MMR. Submitted profiles are
 # used to improve the build speed for everyone.
 pgo:
  # Whether collection is enabled. Defaults to false.
  enabled: false
  # The pgo-fleet submit URL.
  submitUrl: "https://pgo-mmr.t2host.io/v1/submit"
  # The pgo-fleet submit key.
  submitKey: "INSERT_VALUE_HERE"
--- a/etc/matrix-synapse/homeserver.yaml
+++ b/etc/matrix-synapse/homeserver.yaml
@ -160,7 +160,7 @@ presence:
  # Uncomment to disable presence tracking on this homeserver. This option
  # replaces the previous top-level 'use_presence' option.
  #
-  enabled: true
+  enabled: false
 # Whether to require authentication to retrieve profile data (avatars,
 # display names) of other users through the client API. Defaults to
@ -203,7 +203,7 @@ allow_public_rooms_over_federation: true
 # For example, for room version 1, default_room_version should be set
 # to "1".
 #
-#default_room_version: "9"
+#default_room_version: "10"
 # The GC threshold parameters to pass to `gc.set_threshold`, if defined
 #
@ -928,7 +928,7 @@ database:
    user: matrix
    password: xxx
    database: matrix
-    host: localhost
+    host: 127.0.0.1
    cp_min: 5
    cp_max: 10
@ -2687,7 +2687,9 @@ server_notices:
  system_mxid_display_name: "Server Notices"
  system_mxid_avatar_url: "mxc://envs.net/83c0eed9ea5cf72417cc20b5e3b5fb01aa0c3967"
  room_name: "Server Notices"
-
+  room_avatar_url: "mxc://envs.net/83c0eed9ea5cf72417cc20b5e3b5fb01aa0c3967"
  room_topic: "room used by your server admin to notice you of important information"
  auto_join: true
 # Uncomment to disable searching the public room list. When disabled
@ -2810,6 +2812,7 @@ worker_app: synapse.app.homeserver
 #notify_appservices_from_worker: worker_name
 #update_user_directory_from_worker: worker_name
 start_pushers: false
 pusher_instances:
  - pusher
@ -2821,6 +2824,7 @@ pusher_instances:
 # started, to ensure that all instances are running with the same config (otherwise
 # events may be dropped).
 #
 send_federation: false
 federation_sender_instances:
  - federation_sender1
  - federation_sender2
@ -2830,50 +2834,39 @@ federation_sender_instances:
 # When using workers this should be a map from `worker_name` to the
 # HTTP replication listener of the worker, if configured.
 #
 #instance_map:
 #  worker1:
 #    host: localhost
 #    port: 8034
 instance_map:
  main:
-    host: localhost
+    host: 127.0.0.1
    port: 9093
  generic_worker1:
-    host: localhost
+    host: 127.0.0.1
    port: 9094
  generic_worker2:
-    host: localhost
+    host: 127.0.0.1
    port: 9095
  generic_worker3:
-    host: localhost
+    host: 127.0.0.1
    port: 9096
  generic_worker4:
-    host: localhost
+    host: 127.0.0.1
    port: 9097
  generic_worker5:
    host: localhost
    port: 9098
  additional1:
-    host: localhost
+    host: 127.0.0.1
    port: 9099
  presence:
-    host: localhost
+    host: 127.0.0.1
    port: 9100
 # Experimental: When using workers you can define which workers should
 # handle event persistence and typing notifications. Any worker
 # specified here must also be in the `instance_map`.
 #
 #stream_writers:
 #  events: worker1
 #  typing: worker1
 stream_writers:
  events:
    - generic_worker1
    - generic_worker2
    - generic_worker3
    - generic_worker4
    - generic_worker5
  typing:
    - additional1
  to_device:
@ -2909,14 +2902,13 @@ redis:
  # Optional host and port to use to connect to redis. Defaults to
  # localhost and 6379
  #
-  #host: localhost
+  host: 127.0.0.1
-  #port: 6379
+  port: 6379
  # Optional password if configured on the Redis instance
  #
  #password: <secret_password>
 ## Background Updates ##
 # Background updates are database updates that are run in the background in batches.
@ -2951,3 +2943,4 @@ background_updates:
 experimental_features:
  msc2285_enabled: true
  msc2815_enabled: true
--- a/etc/matrix-synapse/workers/generic_worker5.yaml
+++ b/etc/matrix-synapse/workers/generic_worker5.yaml
@ -1,24 +0,0 @@
 worker_app: synapse.app.generic_worker
 worker_name: generic_worker5
 worker_log_config: /etc/matrix-synapse/workers/generic_worker5_log_config.yaml
 worker_listeners:
  - type: http
    bind_addresses: ['127.0.0.1']
    port: 8514
    tls: false
    x_forwarded: true
    resources:
      - names: [client, federation]
        compress: false
  - type: http
    bind_addresses: ['127.0.0.1']
    port: 9098
    resources:
      - names: [replication]
  - type: metrics
    bind_addresses: ['0.0.0.0']
    port: 9135
--- a/etc/matrix-synapse/workers/generic_worker5_log_config.yaml
+++ b/etc/matrix-synapse/workers/generic_worker5_log_config.yaml
@ -1,77 +0,0 @@
 # Log configuration for Synapse.
 #
 # This is a YAML file containing a standard Python logging configuration
 # dictionary. See [1] for details on the valid settings.
 #
 # Synapse also supports structured logging for machine readable logs which can
 # be ingested by ELK stacks. See [2] for details.
 #
 # [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
 # [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html
 version: 1
 formatters:
    precise:
        format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
 handlers:
    file:
        class: logging.handlers.TimedRotatingFileHandler
        formatter: precise
        filename: /var/log/matrix-synapse/worker_generic_worker5.log
        when: midnight
        backupCount: 2  # Does not include the current log file.
        encoding: utf8
    # Default to buffering writes to log file for efficiency.
    # WARNING/ERROR logs will still be flushed immediately, but there will be a
    # delay (of up to `period` seconds, or until the buffer is full with
    # `capacity` messages) before INFO/DEBUG logs get written.
    buffer:
        class: synapse.logging.handlers.PeriodicallyFlushingMemoryHandler
        target: file
        # The capacity is the maximum number of log lines that are buffered
        # before being written to disk. Increasing this will lead to better
        # performance, at the expensive of it taking longer for log lines to
        # be written to disk.
        # This parameter is required.
        capacity: 10
        # Logs with a level at or above the flush level will cause the buffer to
        # be flushed immediately.
        # Default value: 40 (ERROR)
        # Other values: 50 (CRITICAL), 30 (WARNING), 20 (INFO), 10 (DEBUG)
        flushLevel: 30  # Flush immediately for WARNING logs and higher
        # The period of time, in seconds, between forced flushes.
        # Messages will not be delayed for longer than this time.
        # Default value: 5 seconds
        period: 5
    # A handler that writes logs to stderr. Unused by default, but can be used
    # instead of "buffer" and "file" in the logger handlers.
    console:
        class: logging.StreamHandler
        formatter: precise
 loggers:
    synapse.storage.SQL:
        # beware: increasing this to DEBUG will make synapse log sensitive
        # information such as access tokens.
        level: WARN
 root:
    level: WARN
    # Write logs to the `buffer` handler, which will buffer them together in memory,
    # then write them to a file.
    #
    # Replace "buffer" with "console" to log to stderr instead. (Note that you'll
    # also need to update the configuration for the `twisted` logger above, in
    # this case.)
    #
    handlers: [buffer]
 disable_existing_loggers: false
--- a/etc/nginx/include.d/media-repo.conf
+++ b/etc/nginx/include.d/media-repo.conf
@ -14,3 +14,36 @@ location ^~ /_matrix/media {
 	proxy_buffering    off;
 	proxy_pass http://localhost:8000;
 }
 location ^~ /_matrix/client/v1/media {
 	client_max_body_size 100M;
 	proxy_set_header Host envs.net;
 	proxy_set_header X-Real-IP $remote_addr;
 	proxy_set_header X-Forwarded-For $remote_addr;
 	port_in_redirect    off;
 	proxy_redirect      off;
 	proxy_connect_timeout 3600;
 	proxy_read_timeout 3600;
 	proxy_send_timeout 3600;
 	proxy_buffering    off;
 	proxy_pass http://localhost:8000;
 }
 location ^~ /_matrix/federation/v1/media {
 	client_max_body_size 100M;
 	proxy_set_header Host envs.net;
 	proxy_set_header X-Real-IP $remote_addr;
 	proxy_set_header X-Forwarded-For $remote_addr;
 	port_in_redirect    off;
 	proxy_redirect      off;
 	proxy_connect_timeout 3600;
 	proxy_read_timeout 3600;
 	proxy_send_timeout 3600;
 	proxy_buffering    off;
 	proxy_pass http://localhost:8000;
 }
--- a/etc/nginx/include.d/mjolnir-report.conf
+++ b/etc/nginx/include.d/mjolnir-report.conf
@ -1,5 +1,5 @@
-# Abuse reports should be sent to Mjolnir.
+# Abuse reports should be sent to Mjolnir/Draupnir.
-location ~ ^/_matrix/client/r0/rooms/([^/]*)/report/(.*)$ {
+location ~ ^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/(.*)$ {
 #	add_header 'Access-Control-Allow-Origin' '*' always;
 	add_header 'Access-Control-Allow-Credentials' 'true' always;
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
@ -8,7 +8,7 @@ location ~ ^/_matrix/client/r0/rooms/([^/]*)/report/(.*)$ {
 	add_header 'Access-Control-Max-Age' 1728000;
 	# Alias the regexps, to ensure that they're not rewritten.
-	set $room_id $1;
+	set $room_id $2;
-	set $event_id $2;
+	set $event_id $3;
 	proxy_pass http://127.0.0.1:9002/api/1/report/$room_id/$event_id;
 }
--- a/etc/nginx/include.d/upstream_workers.conf
+++ b/etc/nginx/include.d/upstream_workers.conf
@ -4,7 +4,6 @@ upstream generic_worker_ih {
       server localhost:8511;
       server localhost:8512;
       server localhost:8513;
       server localhost:8514;
 }
 upstream generic_worker_lc {
@ -13,7 +12,6 @@ upstream generic_worker_lc {
       server localhost:8511;
       server localhost:8512;
       server localhost:8513;
       server localhost:8514;
 }
 upstream additional {