update to lastest configs

This commit is contained in:
creme 2022-06-14 21:06:03 +02:00
parent e4641c7b11
commit f26fa0b768
No known key found for this signature in database
GPG key ID: C147C3B7FBDF08D0
6 changed files with 161 additions and 52 deletions

View file

@ -327,7 +327,7 @@ allow_public_rooms_over_federation: true
# federation: the server-server API (/_matrix/federation). Also implies
# 'media', 'keys', 'openid'
#
# keys: the key discovery API (/_matrix/keys).
# keys: the key discovery API (/_matrix/key).
#
# media: the media API (/_matrix/media).
#
@ -602,6 +602,15 @@ templates:
#
#custom_template_directory: /var/lib/matrix-synapse/res/templates/
# List of rooms to exclude from sync responses. This is useful for server
# administrators wishing to group users into a room without these users being able
# to see it from their client.
#
# By default, no room is excluded.
#
#exclude_rooms_from_sync:
# - !foo:example.com
# Message retention policy at the server level.
#
@ -625,8 +634,8 @@ retention:
# matter much because Synapse doesn't take it into account yet.
#
#default_policy:
# min_lifetime: 30d
# max_lifetime: 3y
# min_lifetime: 30m
# max_lifetime: 10y
# Retention policy limits. If set, and the state of a room contains a
# 'm.room.retention' event in its state which contains a 'min_lifetime' or a
@ -683,7 +692,7 @@ retention:
longest_max_lifetime: 1d
interval: 12h
- shortest_max_lifetime: 1d
longest_max_lifetime: 3y
longest_max_lifetime: 10y
interval: 24h
@ -795,6 +804,12 @@ retention:
# A cache 'factor' is a multiplier that can be applied to each of
# Synapse's caches in order to increase or decrease the maximum
# number of entries that can be stored.
#
# The configuration for cache factors (caches.global_factor and
# caches.per_cache_factors) can be reloaded while the application is running,
# by sending a SIGHUP signal to the Synapse process. Changes to other parts of
# the caching config will NOT be applied after a SIGHUP is received; a restart
# is necessary.
# The number of events to cache in memory. Not affected by
# caches.global_factor.
@ -845,6 +860,24 @@ caches:
#
#cache_entry_ttl: 30m
# This flag enables cache autotuning, and is further specified by the sub-options `max_cache_memory_usage`,
# `target_cache_memory_usage`, `min_cache_ttl`. These flags work in conjunction with each other to maintain
# a balance between cache memory usage and cache entry availability. You must be using jemalloc to utilize
# this option, and all three of the options must be specified for this feature to work.
#cache_autotuning:
# This flag sets a ceiling on much memory the cache can use before caches begin to be continuously evicted.
# They will continue to be evicted until the memory usage drops below the `target_memory_usage`, set in
# the flag below, or until the `min_cache_ttl` is hit.
#max_cache_memory_usage: 1024M
# This flag sets a rough target for the desired memory usage of the caches.
#target_cache_memory_usage: 758M
# 'min_cache_ttl` sets a limit under which newer cache entries are not evicted and is only applied when
# caches are actively being evicted/`max_cache_memory_usage` has been exceeded. This is to protect hot caches
# from being emptied while Synapse is evicting due to memory.
#min_cache_ttl: 5m
# Controls how long the results of a /sync request are cached for after
# a successful response is returned. A higher duration can help clients with
# intermittent connections, at the cost of higher memory usage.
@ -866,6 +899,12 @@ caches:
# 'txn_limit' gives the maximum number of transactions to run per connection
# before reconnecting. Defaults to 0, which means no limit.
#
# 'allow_unsafe_locale' is an option specific to Postgres. Under the default behavior, Synapse will refuse to
# start if the postgres db is set to a non-C locale. You can override this behavior (which is *not* recommended)
# by setting 'allow_unsafe_locale' to true. Note that doing so may corrupt your database. You can find more information
# here: https://matrix-org.github.io/synapse/latest/postgres.html#fixing-incorrect-collate-or-ctype and here:
# https://wiki.postgresql.org/wiki/Locale_data_changes
#
# 'args' gives options which are passed through to the database engine,
# except for options starting 'cp_', which are used to configure the Twisted
# connection pool. For a reference to valid arguments, see:
@ -1227,7 +1266,7 @@ oembed:
# This homeserver's ReCAPTCHA public key. Must be specified if
# enable_registration_captcha is enabled.
#
recaptcha_public_key: "xxx"
recaptcha_public_key: "6Ld8CXQeAAAAAFDdclTQL43Ox4BvrUKkH56Y_zWQ"
# This homeserver's ReCAPTCHA private key. Must be specified if
# enable_registration_captcha is enabled.
@ -1285,10 +1324,18 @@ turn_allow_guests: true
# Registration can be rate-limited using the parameters in the "Ratelimiting"
# section of this file.
# Enable registration for new users.
# Enable registration for new users. Defaults to 'false'. It is highly recommended that if you enable registration,
# you use either captcha, email, or token-based verification to verify that new users are not bots. In order to enable registration
# without any verification, you must also set `enable_registration_without_verification`, found below.
#
enable_registration: true
# Enable registration without email or captcha verification. Note: this option is *not* recommended,
# as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect
# unless `enable_registration` is also enabled.
#
#enable_registration_without_verification: true
# Time that a user's session remains valid for, after they log in.
#
# Note that this is not currently compatible with guest logins.
@ -1373,6 +1420,12 @@ registrations_require_3pid:
#
#registration_requires_token: true
# Allow users to submit a token during registration to bypass any required 3pid
# steps configured in `registrations_require_3pid`.
# Defaults to false, requiring that registration tokens (if enabled) complete a 3pid flow.
#
#enable_registration_token_3pid_bypass: false
# If set, allows registration of standard or admin accounts by anyone who
# has the shared secret, even if registration is otherwise disabled.
#
@ -2020,8 +2073,14 @@ saml2_config:
#
# localpart_template: Jinja2 template for the localpart of the MXID.
# If this is not set, the user will be prompted to choose their
# own username (see 'sso_auth_account_details.html' in the 'sso'
# section of this file).
# own username (see the documentation for the
# 'sso_auth_account_details.html' template). This template can
# use the 'localpart_from_email' filter.
#
# confirm_localpart: Whether to prompt the user to validate (or
# change) the generated localpart (see the documentation for the
# 'sso_auth_account_details.html' template), instead of
# registering the account right away.
#
# display_name_template: Jinja2 template for the display name to set
# on first login. If unset, no displayname will be set.
@ -2223,7 +2282,9 @@ sso:
password_config:
# Uncomment to disable password login
# Uncomment to disable password login.
# Set to `only_for_reauth` to permit reauthentication for users that
# have passwords and are already logged in.
#
#enabled: false
@ -2492,15 +2553,39 @@ push:
#
#encryption_enabled_by_default_for_room_type: invite
# Uncomment to allow non-server-admin users to create groups on this server
# Override the default power levels for rooms created on this server, per
# room creation preset.
#
enable_group_creation: true
# If enabled, non server admins can only create groups with local parts
# starting with this prefix
# The appropriate dictionary for the room preset will be applied on top
# of the existing power levels content.
#
#group_creation_prefix: "unofficial_"
# Useful if you know that your users need special permissions in rooms
# that they create (e.g. to send particular types of state events without
# needing an elevated power level). This takes the same shape as the
# `power_level_content_override` parameter in the /createRoom API, but
# is applied before that parameter.
#
# Valid keys are some or all of `private_chat`, `trusted_private_chat`
# and `public_chat`. Inside each of those should be any of the
# properties allowed in `power_level_content_override` in the
# /createRoom API. If any property is missing, its default value will
# continue to be used. If any property is present, it will overwrite
# the existing default completely (so if the `events` property exists,
# the default event power levels will be ignored).
#
#default_power_level_content_override:
# private_chat:
# "events":
# "com.example.myeventtype" : 0
# "m.room.avatar": 50
# "m.room.canonical_alias": 50
# "m.room.encryption": 100
# "m.room.history_visibility": 100
# "m.room.name": 50
# "m.room.power_levels": 100
# "m.room.server_acl": 100
# "m.room.tombstone": 100
# "events_default": 1
@ -2847,5 +2932,37 @@ redis:
#password: <secret_password>
## Background Updates ##
# Background updates are database updates that are run in the background in batches.
# The duration, minimum batch size, default batch size, whether to sleep between batches and if so, how long to
# sleep can all be configured. This is helpful to speed up or slow down the updates.
#
background_updates:
# How long in milliseconds to run a batch of background updates for. Defaults to 100. Uncomment and set
# a time to change the default.
#
#background_update_duration_ms: 500
# Whether to sleep between updates. Defaults to True. Uncomment to change the default.
#
#sleep_enabled: false
# If sleeping between updates, how long in milliseconds to sleep for. Defaults to 1000. Uncomment
# and set a duration to change the default.
#
#sleep_duration_ms: 300
# Minimum size a batch of background updates can be. Must be greater than 0. Defaults to 1. Uncomment and
# set a size to change the default.
#
#min_batch_size: 10
# The batch size to use for the first iteration of a new background update. The default is 100.
# Uncomment and set a size to change the default.
#
#default_batch_size: 50
experimental_features:
msc2285_enabled: true

View file

@ -21,7 +21,7 @@ handlers:
formatter: precise
filename: /var/log/matrix-synapse/homeserver.log
when: midnight
backupCount: 3 # Does not include the current log file.
backupCount: 2 # Does not include the current log file.
encoding: utf8
# Default to buffering writes to log file for efficiency.
@ -65,13 +65,6 @@ loggers:
synapse.state.metrics:
level: DEBUG
twisted:
# We send the twisted logging directly to the file handler,
# to work around https://github.com/matrix-org/synapse/issues/3471
# when using "buffer" logger. Use "console" to log to stderr instead.
handlers: [file]
propagate: false
root:
level: WARN

View file

@ -104,17 +104,12 @@ location ~ ^/_matrix/federation/v1/user/devices/ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/federation/v1/get_groups_publicised$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/key/v2/query {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/federation/(v1|unstable/org.matrix.msc2946)/hierarchy/ {
location ~ ^/_matrix/federation/v1/hierarchy/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
@ -158,7 +153,12 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(v1|unstable/org.matrix.msc2946)/rooms/.*/hierarchy$ {
location ~ ^/_matrix/client/v1/rooms/.*/hierarchy$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
@ -173,6 +173,11 @@ location ~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/account/whoami$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/devices$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
@ -188,21 +193,6 @@ location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ {
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/joined_groups$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups$ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;
}
location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ {
include include.d/synapse-proxy.conf;
proxy_pass http://generic_worker_lc;

View file

@ -1,7 +1,6 @@
# Abuse reports should be sent to Mjölnir.
# Abuse reports should be sent to Mjolnir.
location ~ ^/_matrix/client/r0/rooms/([^/]*)/report/(.*)$ {
add_header 'Access-Control-Allow-Origin' '*' always;
# add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since' always;

View file

@ -25,6 +25,16 @@ server {
location = /index.html {
add_header Cache-Control "no-cache";
}
location = /version {
add_header Cache-Control "no-cache";
add_header Content-Type text/plain;
}
# covers config.json and config.hostname.json requests as it is prefix.
location /config {
add_header Cache-Control "no-cache";
add_header Content-Type application/json;
}
}
#ALIAS

View file

@ -25,19 +25,19 @@ server {
## well-known
location /.well-known/matrix/support {
add_header Access-Control-Allow-Origin '*' always;
add_header Access-Control-Allow-Origin '*';
add_header Content-Type application/json;
return 200 '{"admins": [{"matrix_id": "@creme:envs.net", "email_address": "hostmaster@envs.net", "role": "admin"}], "support_page": "https://matrix.to/#/#envs:envs.net"}';
}
location /.well-known/matrix/server {
add_header Access-Control-Allow-Origin '*' always;
add_header Access-Control-Allow-Origin '*';
add_header Content-Type application/json;
return 200 '{"m.server": "matrix.envs.net:443"}';
}
location /.well-known/matrix/client {
add_header Access-Control-Allow-Origin '*' always;
add_header Access-Control-Allow-Origin '*';
add_header Content-Type application/json;
return 200 '{"m.homeserver": {"base_url": "https://matrix.envs.net"}, "m.integrations": {"managers": [{"ui_url": "https://dimension.envs.net/riot", "api_url": "https://dimension.envs.net/api/v1/scalar"}, {"ui_url": "https://scalar.vector.im/", "api_url": "https://scalar.vector.im/api"}]}, "m.integrations_widget": {"url": "https://dimension.envs.net/riot", "data": {"api_url": "https://dimension.envs.net/api/v1/scalar"}}, "m.tile_server": {"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=jrKVgM1ozvdgREfvtZ8X"}}';
}