update configs to the current version

This commit is contained in:
creme 2022-03-08 16:24:25 +01:00
parent 2abee38762
commit eddb4a0c55
No known key found for this signature in database
GPG Key ID: C147C3B7FBDF08D0
6 changed files with 158 additions and 82 deletions

View File

@ -246,7 +246,7 @@ uploads:
# Settings related to downloading files from the media repository
downloads:
# The maximum number of bytes to download from other servers
maxBytes: 104857600 # 100MB default, 0 to disable
maxBytes: 268435456 # 100MB default, 0 to disable
# The number of workers to use when downloading remote media. Raise this number if remote
# media is downloading slowly or timing out.

View File

@ -37,11 +37,11 @@
# Server admins can expand Synapse's functionality with external modules.
#
# See https://matrix-org.github.io/synapse/latest/modules.html for more
# See https://matrix-org.github.io/synapse/latest/modules/index.html for more
# documentation on how to configure or create custom modules for Synapse.
#
modules:
- module: mjolnir.AntiSpam
- module: mjolnir.Module
config:
# Prevent servers/users in the ban lists from inviting users on this
# server to rooms. Default true.
@ -64,6 +64,12 @@ modules:
- "!WuBtumawCeOGEieRrp:matrix.org"
# matrix-tos-bl
- "!tUPwPPmVTaiKXMiijj:matrix.org"
# tchncs-ban-list
- "!hTMIYoLoENZQwslaHP:tchncs.de"
# asragr-ban-list
- "!YImXsibeOfGBYVaElT:asra.gr"
# banlist-spam
- "!eVqHGneqdbqBDmQwXs:systemtest.tk"
## Server ##
@ -177,12 +183,12 @@ allow_public_rooms_over_federation: true
# The default room version for newly created rooms.
#
# Known room versions are listed here:
# https://matrix.org/docs/spec/#complete-list-of-room-versions
# https://spec.matrix.org/latest/rooms/#complete-list-of-room-versions
#
# For example, for room version 1, default_room_version should be set
# to "1".
#
#default_room_version: "6"
#default_room_version: "9"
# The GC threshold parameters to pass to `gc.set_threshold`, if defined
#
@ -337,7 +343,7 @@ listeners:
# bind_addresses: ['0.0.0.0']
# resources:
# - names: [client, webclient]
# - names: [client]
# compress: true
# - names: [federation]
# compress: false
@ -508,6 +514,20 @@ limit_remote_rooms:
#
#allow_per_room_profiles: false
# The largest allowed file size for a user avatar. Defaults to no restriction.
#
# Note that user avatar changes will not work if this is set without
# using Synapse's media repository.
#
#max_avatar_size: 10M
# The MIME types allowed for user avatars. Defaults to no restriction.
#
# Note that user avatar changes will not work if this is set without
# using Synapse's media repository.
#
#allowed_avatar_mimetypes: ["image/png", "image/jpeg", "image/gif"]
# How long to keep redacted events in unredacted form in the database. After
# this period redacted events get replaced with their redacted form in the DB.
#
@ -694,8 +714,8 @@ retention:
#
#federation_certificate_verification_whitelist:
# - lon.example.com
# - *.domain.com
# - *.onion
# - "*.domain.com"
# - "*.onion"
# List of custom certificate authorities for federation traffic.
#
@ -794,11 +814,16 @@ caches:
#get_joined_profile_from_event_id: 5.0
#get_users_who_share_room_with_user: 2.0
# Controls how long an entry can be in a cache without having been
# accessed before being evicted. Defaults to None, which means
# entries are never evicted based on time.
# Controls whether cache entries are evicted after a specified time
# period. Defaults to true. Uncomment to disable this feature.
#
#expiry_time: 24h
#expire_caches: false
# If expire_caches is enabled, this flag controls how long an entry can
# be in a cache without having been accessed before being evicted.
# Defaults to 30m. Uncomment to set a different time to live for cache entries.
#
#cache_entry_ttl: 30m
# Controls how long the results of a /sync request are cached for after
# a successful response is returned. A higher duration can help clients with
@ -886,6 +911,9 @@ log_config: "/etc/matrix-synapse/log.yaml"
# - one for ratelimiting how often a user or IP can attempt to validate a 3PID.
# - two for ratelimiting how often invites can be sent in a room or to a
# specific user.
# - one for ratelimiting 3PID invites (i.e. invites sent to a third-party ID
# such as an email address or a phone number) based on the account that's
# sending the invite.
#
# The defaults are as shown below.
#
@ -935,6 +963,9 @@ log_config: "/etc/matrix-synapse/log.yaml"
# per_user:
# per_second: 0.003
# burst_count: 5
#rc_third_party_invite:
# per_second: 0.2
# burst_count: 10
# Ratelimiting settings for incoming federation
#
@ -1176,18 +1207,18 @@ oembed:
# This homeserver's ReCAPTCHA public key. Must be specified if
# enable_registration_captcha is enabled.
#
#recaptcha_public_key: "YOUR_PUBLIC_KEY"
recaptcha_public_key: "xxx"
# This homeserver's ReCAPTCHA private key. Must be specified if
# enable_registration_captcha is enabled.
#
#recaptcha_private_key: "YOUR_PRIVATE_KEY"
recaptcha_private_key: "xxx"
# Uncomment to enable ReCaptcha checks when registering, preventing signup
# unless a captcha is answered. Requires a valid ReCaptcha
# public/private key. Defaults to 'false'.
#
#enable_registration_captcha: true
enable_registration_captcha: true
# The API endpoint to use for verifying m.login.recaptcha responses.
# Defaults to "https://www.recaptcha.net/recaptcha/api/siteverify".
@ -1477,6 +1508,16 @@ autocreate_auto_join_rooms: true
#
#auto_join_rooms_for_guests: false
# Whether to inhibit errors raised when registering a new account if the user ID
# already exists. If turned on, that requests to /register/available will always
# show a user ID as available, and Synapse won't raise an error when starting
# a registration with a user ID that already exists. However, Synapse will still
# raise an error if the registration completes and the username conflicts.
#
# Defaults to false.
#
#inhibit_user_in_use_error: true
## Metrics ###
@ -1529,6 +1570,7 @@ room_prejoin_state:
# - m.room.encryption
# - m.room.name
# - m.room.create
# - m.room.topic
#
# Uncomment the following to disable these defaults (so that only the event
# types listed in 'additional_event_types' are shared). Defaults to 'false'.
@ -1543,6 +1585,21 @@ room_prejoin_state:
#additional_event_types:
# - org.example.custom.event.type
# We record the IP address of clients used to access the API for various
# reasons, including displaying it to the user in the "Where you're signed in"
# dialog.
#
# By default, when puppeting another user via the admin API, the client IP
# address is recorded against the user who created the access token (ie, the
# admin user), and *not* the puppeted user.
#
# Uncomment the following to also record the IP address against the puppeted
# user. (This also means that the puppeted user will count as an "active" user
# for the purpose of monthly active user tracking - see 'limit_usage_by_mau' etc
# above.)
#
#track_puppeted_user_ips: true
# A list of application service config files to use
#
@ -1909,10 +1966,13 @@ saml2_config:
# Defaults to false. Avoid this in production.
#
# user_profile_method: Whether to fetch the user profile from the userinfo
# endpoint. Valid values are: 'auto' or 'userinfo_endpoint'.
# endpoint, or to rely on the data returned in the id_token from the
# token_endpoint.
#
# Defaults to 'auto', which fetches the userinfo endpoint if 'openid' is
# included in 'scopes'. Set to 'userinfo_endpoint' to always fetch the
# Valid values are: 'auto' or 'userinfo_endpoint'.
#
# Defaults to 'auto', which uses the userinfo endpoint if 'openid' is
# not included in 'scopes'. Set to 'userinfo_endpoint' to always use the
# userinfo endpoint.
#
# allow_existing_users: set to 'true' to allow a user logging in via OIDC to
@ -2718,7 +2778,31 @@ stream_writers:
- generic_worker2
- generic_worker3
- generic_worker4
# typing: worker1
# typing:
# - generic_worker1
# - generic_worker2
# - generic_worker3
# - generic_worker4
to_device:
- generic_worker1
- generic_worker2
- generic_worker3
- generic_worker4
account_data:
- generic_worker1
- generic_worker2
- generic_worker3
- generic_worker4
receipts:
- generic_worker1
- generic_worker2
- generic_worker3
- generic_worker4
# presence:
# - generic_worker1
# - generic_worker2
# - generic_worker3
# - generic_worker4
# The worker that is used to run background tasks (e.g. cleaning up expired
# data). If not provided this defaults to the main process.
@ -2751,5 +2835,6 @@ redis:
#
#password: <secret_password>
experimental_features:
msc2285_enabled: true

View File

@ -198,22 +198,12 @@ location ~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$ {
location ~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/devices$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/changes$ {
location ~ ^/_matrix/client/(r0|v3|unstable)/devices$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
@ -228,17 +218,17 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_groups$ {
location ~ ^/_matrix/client/(r0|v3|unstable)/joined_groups$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups$ {
location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups/ {
location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
@ -260,15 +250,25 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ {
## Encryption requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/claim {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/keys/query$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/room_keys {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/room_keys/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
## Registration/login requests
@ -282,7 +282,7 @@ location ~ ^/_matrix/client/(r0|v3|unstable)/register$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/unstable/org.matrix.msc3231/register/org.matrix.msc3231.login.registration_token/validity$ {
location ~ ^/_matrix/client/v1/register/m.login.registration_token/validity$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
@ -320,42 +320,36 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ {
proxy_pass http://generic_worker_lc;
}
## Typing requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
## Device requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/sendToDevice/ {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
## Account data requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/.*/tags {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/.*/tags {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/.*/account_data {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
## Receipts requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/receipt {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/read_markers {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}
location ~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
## Presence requests
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/.*/status$ {
#location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ {
# include include.d/synapse-proxy.conf;
# proxy_pass http://generic_worker_lc;
#}

View File

@ -39,7 +39,7 @@ server {
location /.well-known/matrix/client {
add_header Access-Control-Allow-Origin '*' always;
add_header Content-Type application/json;
return 200 '{"m.homeserver": {"base_url": "https://matrix.envs.net"}, "m.integrations": {"managers": [{"ui_url": "https://dimension.envs.net/riot", "api_url": "https://dimension.envs.net/api/v1/scalar"}, {"ui_url": "https://scalar.vector.im/", "api_url": "https://scalar.vector.im/api"}]}, "m.integrations_widget": {"url": "https://dimension.envs.net/riot", "data": {"api_url": "https://dimension.envs.net/api/v1/scalar"}}}';
return 200 '{"m.homeserver": {"base_url": "https://matrix.envs.net"}, "m.integrations": {"managers": [{"ui_url": "https://dimension.envs.net/riot", "api_url": "https://dimension.envs.net/api/v1/scalar"}, {"ui_url": "https://scalar.vector.im/", "api_url": "https://scalar.vector.im/api"}]}, "m.integrations_widget": {"url": "https://dimension.envs.net/riot", "data": {"api_url": "https://dimension.envs.net/api/v1/scalar"}}, "m.tile_server": {"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=jrKVgM1ozvdgREfvtZ8X"}}';
}
# workers

View File

@ -74,13 +74,6 @@ scrape_configs:
group: synapse
worker: federation_sender3
- targets: ['matrix.envs.net:9110']
labels:
job: background_worker
instance: All
group: synapse
worker: background_worker
- targets: ['matrix.envs.net:9111']
labels:
job: pusher
@ -123,8 +116,12 @@ scrape_configs:
group: synapse
worker: generic_worker4
- job_name: 'media-repo'
metrics_path: '/metrics'
static_configs:
- targets: ['matrix.envs.net:9001']
- job_name: 'matrix-monitor'
metrics_path: '/_monitorbot/metrics'
static_configs:
- targets: ['matrix.envs.net:9005']