servers/roles/synapse/templates/homeserver.yaml.j2

server_name: "{{ password.server_name }}"
public_baseurl: "https://{{ dns_name }}"
report_stats: false

log_config: "/etc/synapse/{{ password.server_name }}.log.config"
signing_key_path: "/etc/synapse/{{ password.server_name }}.signing.key"
media_store_path: /var/lib/synapse/media_store
pid_file: /var/lib/synapse/homeserver.pid

listeners:
  - path: /var/lib/synapse/socket/main.sock
    type: http
    x_forwarded: true
    resources:
      - names: [client, federation]
        compress: false

database:
  name: psycopg2
  args:
    host: localhost
    user: "{{ user }}"
    password: "{{ password.db_pass }}"
    cp_min: 5
    cp_max: 10

allow_public_rooms_over_federation: true
presence:
  enabled: false

#trusted_key_servers:
#  - server_name: "matrix.org"

oidc_providers:
  - idp_id: microsoft
    idp_name: {{ password.oidc_name }}
    issuer: "{{ password.oidc_url }}/v2.0"
    client_id: "{{ password.oidc_client_id }}"
    client_secret: "{{ password.oidc_client_secret }}"
    scopes: ["openid", "profile"]
    authorization_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/authorize"
    token_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/token"
    userinfo_endpoint: "{{ password.oidc_userinfo_endpoint }}"

    user_mapping_provider:
      config:
{% raw %}
        localpart_template: "{{ user.preferred_username.split('@')[0] }}"
        display_name_template: "{{ user.name }}"
{% endraw %}

{% for secret in ["form_secret", "macaroon_secret_key", "registration_shared_secret"] %}
{{ secret }}: "
{%- if secret in config -%}
{{ config[secret] }}
{%- else -%}
{{ lookup("password", "/dev/null", length=64, chars=["ascii_letters", "digits"]) }}
{%- endif -%}
"
{% endfor %}
Add synapse role For all the hipster kids. 2024-06-25 07:45:53 +00:00			`server_name: "{{ password.server_name }}"`
			`public_baseurl: "https://{{ dns_name }}"`
			`report_stats: false`

			`log_config: "/etc/synapse/{{ password.server_name }}.log.config"`
			`signing_key_path: "/etc/synapse/{{ password.server_name }}.signing.key"`
			`media_store_path: /var/lib/synapse/media_store`
			`pid_file: /var/lib/synapse/homeserver.pid`

			`listeners:`
			`- path: /var/lib/synapse/socket/main.sock`
			`type: http`
			`x_forwarded: true`
			`resources:`
			`- names: [client, federation]`
			`compress: false`

			`database:`
			`name: psycopg2`
			`args:`
			`host: localhost`
synapse: read DB password from secret store Missed this one a while ago. 2024-09-06 14:30:51 +00:00			`user: "{{ user }}"`
			`password: "{{ password.db_pass }}"`
Add synapse role For all the hipster kids. 2024-06-25 07:45:53 +00:00			`cp_min: 5`
			`cp_max: 10`

synapse: allow listing public rooms over federation 2024-06-25 16:08:54 +00:00			`allow_public_rooms_over_federation: true`
Add synapse role For all the hipster kids. 2024-06-25 07:45:53 +00:00			`presence:`
			`enabled: false`

			`#trusted_key_servers:`
			`# - server_name: "matrix.org"`

			`oidc_providers:`
			`- idp_id: microsoft`
			`idp_name: {{ password.oidc_name }}`
			`issuer: "{{ password.oidc_url }}/v2.0"`
			`client_id: "{{ password.oidc_client_id }}"`
			`client_secret: "{{ password.oidc_client_secret }}"`
			`scopes: ["openid", "profile"]`
			`authorization_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/authorize"`
			`token_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/token"`
			`userinfo_endpoint: "{{ password.oidc_userinfo_endpoint }}"`

			`user_mapping_provider:`
			`config:`
			`{% raw %}`
			`localpart_template: "{{ user.preferred_username.split('@')[0] }}"`
			`display_name_template: "{{ user.name }}"`
			`{% endraw %}`

			`{% for secret in ["form_secret", "macaroon_secret_key", "registration_shared_secret"] %}`
			`{{ secret }}: "`
			`{%- if secret in config -%}`
			`{{ config[secret] }}`
			`{%- else -%}`
			`{{ lookup("password", "/dev/null", length=64, chars=["ascii_letters", "digits"]) }}`
			`{%- endif -%}`
			`"`
			`{% endfor %}`