server_name: "{{ password.server_name }}" public_baseurl: "https://{{ dns_name }}" report_stats: false log_config: "/etc/synapse/{{ password.server_name }}.log.config" signing_key_path: "/etc/synapse/{{ password.server_name }}.signing.key" media_store_path: /var/lib/synapse/media_store pid_file: /var/lib/synapse/homeserver.pid listeners: - path: /var/lib/synapse/socket/main.sock type: http x_forwarded: true resources: - names: [client, federation] compress: false database: name: psycopg2 args: host: localhost user: "{{ user }}" password: "{{ password.db_pass }}" cp_min: 5 cp_max: 10 allow_public_rooms_over_federation: true presence: enabled: false #trusted_key_servers: # - server_name: "matrix.org" oidc_providers: - idp_id: microsoft idp_name: {{ password.oidc_name }} issuer: "{{ password.oidc_url }}/v2.0" client_id: "{{ password.oidc_client_id }}" client_secret: "{{ password.oidc_client_secret }}" scopes: ["openid", "profile"] authorization_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/authorize" token_endpoint: "{{ password.oidc_url }}/oauth2/v2.0/token" userinfo_endpoint: "{{ password.oidc_userinfo_endpoint }}" user_mapping_provider: config: {% raw %} localpart_template: "{{ user.preferred_username.split('@')[0] }}" display_name_template: "{{ user.name }}" {% endraw %} {% for secret in ["form_secret", "macaroon_secret_key", "registration_shared_secret"] %} {{ secret }}: " {%- if secret in config -%} {{ config[secret] }} {%- else -%} {{ lookup("password", "/dev/null", length=64, chars=["ascii_letters", "digits"]) }} {%- endif -%} " {% endfor %}