synapse: delete unnessary parts of the default config
(i.e. those parts which are managable by nix, and a couple which were defined twice were deduplicated)
This commit is contained in:
parent
27c9c054c2
commit
f585346204
1 changed files with 4 additions and 131 deletions
|
@ -96,11 +96,11 @@
|
||||||
enable_notifs: true
|
enable_notifs: true
|
||||||
client_base_url: "https://element.hacc.space"
|
client_base_url: "https://element.hacc.space"
|
||||||
invite_client_location: "https://element.hacc.space"
|
invite_client_location: "https://element.hacc.space"
|
||||||
|
|
||||||
enable_registration = true;
|
enable_registration = true;
|
||||||
allow_guest_access = true;
|
allow_guest_access = true;
|
||||||
admin_contact: 'mailto:admin@hacc.space'
|
admin_contact: 'mailto:admin@hacc.space'
|
||||||
web_client_location: https://element.hacc.space/
|
web_client_location: https://element.hacc.space/
|
||||||
public_baseurl: https://matrix.hacc.space/
|
|
||||||
use_presence: false # uses lots of CPU for bacially nothing
|
use_presence: false # uses lots of CPU for bacially nothing
|
||||||
limit_profile_requests_to_users_who_share_rooms: true # limits unoticed stalking/network analysis
|
limit_profile_requests_to_users_who_share_rooms: true # limits unoticed stalking/network analysis
|
||||||
allow_public_rooms_without_auth: true # public rooms should be public. can be changed if too much spam occurs
|
allow_public_rooms_without_auth: true # public rooms should be public. can be changed if too much spam occurs
|
||||||
|
@ -130,135 +130,10 @@
|
||||||
interval: 1d
|
interval: 1d
|
||||||
|
|
||||||
|
|
||||||
## TLS ##
|
|
||||||
|
|
||||||
# PEM-encoded X509 certificate for TLS.
|
|
||||||
# This certificate, as of Synapse 1.0, will need to be a valid and verifiable
|
|
||||||
# certificate, signed by a recognised Certificate Authority.
|
|
||||||
#
|
|
||||||
# See 'ACME support' below to enable auto-provisioning this certificate via
|
|
||||||
# Let's Encrypt.
|
|
||||||
#
|
|
||||||
# If supplying your own, be sure to use a `.pem` file that includes the
|
|
||||||
# full certificate chain including any intermediate certificates (for
|
|
||||||
# instance, if using certbot, use `fullchain.pem` as your certificate,
|
|
||||||
# not `cert.pem`).
|
|
||||||
#
|
|
||||||
#tls_certificate_path: "CONFDIR/SERVERNAME.tls.crt"
|
|
||||||
|
|
||||||
# PEM-encoded private key for TLS
|
|
||||||
#
|
|
||||||
#tls_private_key_path: "CONFDIR/SERVERNAME.tls.key"
|
|
||||||
|
|
||||||
# The minimum TLS version that will be used for outbound federation requests.
|
|
||||||
#
|
|
||||||
# Defaults to `1`. Configurable to `1`, `1.1`, `1.2`, or `1.3`. Note
|
|
||||||
# that setting this value higher than `1.2` will prevent federation to most
|
|
||||||
# of the public Matrix network: only configure it to `1.3` if you have an
|
|
||||||
# entirely private federation setup and you can ensure TLS 1.3 support.
|
|
||||||
#
|
|
||||||
#federation_client_minimum_tls_version: 1.2 # also eigentlich will ich ja 1.3 und wieso zur hölle das nicht standard ist, keine Ahnung. Ich lass die Option mal drin, dass wir ran kommen, wenn 1.2 engültig broken ist
|
|
||||||
|
|
||||||
acme:
|
|
||||||
# ACME support is disabled by default. Set this to `true` and uncomment
|
|
||||||
# tls_certificate_path and tls_private_key_path above to enable it.
|
|
||||||
#
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
# Endpoint to use to request certificates. If you only want to test,
|
|
||||||
# use Let's Encrypt's staging url:
|
|
||||||
# https://acme-staging.api.letsencrypt.org/directory
|
|
||||||
#
|
|
||||||
#url: https://acme-v01.api.letsencrypt.org/directory
|
|
||||||
|
|
||||||
# Port number to listen on for the HTTP-01 challenge. Change this if
|
|
||||||
# you are forwarding connections through Apache/Nginx/etc.
|
|
||||||
#
|
|
||||||
port: 80
|
|
||||||
|
|
||||||
# Local addresses to listen on for incoming connections.
|
|
||||||
# Again, you may want to change this if you are forwarding connections
|
|
||||||
# through Apache/Nginx/etc.
|
|
||||||
#
|
|
||||||
bind_addresses: ['::', '0.0.0.0']
|
|
||||||
|
|
||||||
# How many days remaining on a certificate before it is renewed.
|
|
||||||
#
|
|
||||||
reprovision_threshold: 30
|
|
||||||
|
|
||||||
# The domain that the certificate should be for. Normally this
|
|
||||||
# should be the same as your Matrix domain (i.e., 'server_name'), but,
|
|
||||||
# by putting a file at 'https://<server_name>/.well-known/matrix/server',
|
|
||||||
# you can delegate incoming traffic to another server. If you do that,
|
|
||||||
# you should give the target of the delegation here.
|
|
||||||
#
|
|
||||||
# For example: if your 'server_name' is 'example.com', but
|
|
||||||
# 'https://example.com/.well-known/matrix/server' delegates to
|
|
||||||
# 'matrix.example.com', you should put 'matrix.example.com' here.
|
|
||||||
#
|
|
||||||
# If not set, defaults to your 'server_name'.
|
|
||||||
#
|
|
||||||
domain: matrix.example.com
|
|
||||||
|
|
||||||
# file to use for the account key. This will be generated if it doesn't
|
|
||||||
# exist.
|
|
||||||
#
|
|
||||||
# If unspecified, we will use CONFDIR/client.key.
|
|
||||||
#
|
|
||||||
account_key_file: DATADIR/acme_account.key
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Database ##
|
|
||||||
|
|
||||||
# The 'database' setting defines the database that synapse uses to store all of
|
|
||||||
# its data.
|
|
||||||
#
|
|
||||||
# 'name' gives the database engine to use: either 'sqlite3' (for SQLite) or
|
|
||||||
# 'psycopg2' (for PostgreSQL).
|
|
||||||
#
|
|
||||||
# 'args' gives options which are passed through to the database engine,
|
|
||||||
# except for options starting 'cp_', which are used to configure the Twisted
|
|
||||||
# connection pool. For a reference to valid arguments, see:
|
|
||||||
# * for sqlite: https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
|
|
||||||
# * for postgres: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS
|
|
||||||
# * for the connection pool: https://twistedmatrix.com/documents/current/api/twisted.enterprise.adbapi.ConnectionPool.html#__init__
|
|
||||||
#
|
|
||||||
#
|
|
||||||
# Example SQLite configuration:
|
|
||||||
#
|
|
||||||
#database:
|
|
||||||
# name: sqlite3
|
|
||||||
# args:
|
|
||||||
# database: /path/to/homeserver.db
|
|
||||||
#
|
|
||||||
#
|
|
||||||
# Example Postgres configuration:
|
|
||||||
#
|
|
||||||
#database:
|
|
||||||
# name: psycopg2
|
|
||||||
# args:
|
|
||||||
# user: synapse_user
|
|
||||||
# password: secretpassword
|
|
||||||
# database: synapse
|
|
||||||
# host: localhost
|
|
||||||
# cp_min: 5
|
|
||||||
# cp_max: 10
|
|
||||||
#
|
|
||||||
# For more information on using Synapse with Postgres, see `docs/postgres.md`.
|
|
||||||
#
|
|
||||||
#database:
|
|
||||||
# name: sqlite3
|
|
||||||
# args:
|
|
||||||
# database: DATADIR/homeserver.db
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
max_upload_size: 50M
|
max_upload_size: 50M
|
||||||
max_image_pixels: 24M
|
max_image_pixels: 24M
|
||||||
url_preview_enabled: false # disabled, can leak urls of encrypted communication
|
url_preview_enabled: false # disabled, can leak urls of encrypted communication
|
||||||
|
|
||||||
enable_registration: false
|
|
||||||
|
|
||||||
auto_join_rooms:
|
auto_join_rooms:
|
||||||
- "#lobby:hacc.space"
|
- "#lobby:hacc.space"
|
||||||
|
@ -342,8 +217,6 @@
|
||||||
enabled: true # disabling this apparently breaks the room directory
|
enabled: true # disabling this apparently breaks the room directory
|
||||||
bucket_size: 1w
|
bucket_size: 1w
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
";
|
";
|
||||||
'';
|
'';
|
||||||
listeners = [ {
|
listeners = [ {
|
||||||
|
|
Loading…
Reference in a new issue