Add synapse role

For all the hipster kids.

roles/synapse/templates/homeserver.yaml.j2

@@ -0,0 +1,60 @@
+server_name: "{{ password.server_name }}"
+public_baseurl: "https://{{ dns_name }}"
+report_stats: false
+
+log_config: "/etc/synapse/{{ password.server_name }}.log.config"
+signing_key_path: "/etc/synapse/{{ password.server_name }}.signing.key"
+media_store_path: /var/lib/synapse/media_store
+pid_file: /var/lib/synapse/homeserver.pid
+
+listeners:
+  - path: /var/lib/synapse/socket/main.sock
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+
+database:
+  name: psycopg2
+  args:
+    #user: <user>
+    #password: <pass>
+    #dbname: <db>
+    host: localhost
+    cp_min: 5
+    cp_max: 10
+
+presence:
+  enabled: false
+
+#trusted_key_servers:
+#  - server_name: "matrix.org"
+
+oidc_providers:
+  - idp_id: microsoft
+    idp_name: {{ password.oidc_name }}
+    issuer: "{{ password.oidc_url }}/v2.0"
+    client_id: "{{ password.oidc_client_id }}"
+    client_secret: "{{ password.oidc_client_secret }}"
+    scopes: ["openid", "profile"]
+    authorization_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/authorize"
+    token_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/token"
+    userinfo_endpoint: "{{ password.oidc_userinfo_endpoint }}"
+
+    user_mapping_provider:
+      config:
+{% raw %}
+        localpart_template: "{{ user.preferred_username.split('@')[0] }}"
+        display_name_template: "{{ user.name }}"
+{% endraw %}
+
+{% for secret in ["form_secret", "macaroon_secret_key", "registration_shared_secret"] %}
+{{ secret }}: "
+{%- if secret in config -%}
+{{ config[secret] }}
+{%- else -%}
+{{ lookup("password", "/dev/null", length=64, chars=["ascii_letters", "digits"]) }}
+{%- endif -%}
+"
+{% endfor %}