homelab/roles/synapse/templates/synapse.yaml.j2

server_name: "{{ server_name }}"
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    resources:
      - names: [client, federation]
        compress: false
database:
  name: psycopg2
  args:
    user: "{{ postgresql_user }}"
    password: "{{ postgresql_password }}"
    dbname: "{{ postgresql_dbname }}"
    host: "{{ postgresql_host }}"
    cp_max: {{ postgresql_conn_max }}
media_store_path: /data/media_store
signing_key_path: /data/{{ server_name }}.signing.key
log_config: /etc/synapse/log.config
report_stats: true
trusted_key_servers:
  - server_name: "matrix.org"

{% if turn_uris is defined and turn_shared_secret is defined %}
turn_uris:
{% for uri in turn_uris %}
  - {{ uri }}
{% endfor %}
turn_shared_secret: "{{ turn_shared_secret }}"
turn_user_lifetime: 86400000
turn_allow_guests: true
{% endif %}

{% if openid_client_id is defined and openid_client_secret is defined and openid_issuer_url is defined %}
oidc_providers:
  - idp_id: "{{ openid_idp_id }}"
    idp_name: "{{ openid_idp_name }}"
    discover: {{ openid_discover }}
    issuer: "{{ openid_issuer_url }}"
    client_id: "{{ openid_client_id }}"
    client_secret: "{{ openid_client_secret }}"
    scopes:
{% for scope in openid_scopes %}
      - {{ scope }}
{% endfor %}
    user_mapping_provider:
      config:
        localpart_template: "{{ '{{' }} {{ openid_localpart_template }} {{ '}}' }}"
        display_name_template: "{{ '{{' }} {{ openid_display_name_template }} {{ '}}' }}"
{% endif %}
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`server_name: "{{ server_name }}"`
Run matrix-synapse 2024-10-03 00:29:14 +05:00			`listeners:`
			`- port: 8008`
			`tls: false`
			`type: http`
			`x_forwarded: true`
			`resources:`
			`- names: [client, federation]`
			`compress: false`
			`database:`
			`name: psycopg2`
			`args:`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`user: "{{ postgresql_user }}"`
Run matrix-synapse 2024-10-03 00:29:14 +05:00			`password: "{{ postgresql_password }}"`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`dbname: "{{ postgresql_dbname }}"`
			`host: "{{ postgresql_host }}"`
			`cp_max: {{ postgresql_conn_max }}`
Run matrix-synapse 2024-10-03 00:29:14 +05:00			`media_store_path: /data/media_store`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`signing_key_path: /data/{{ server_name }}.signing.key`
Run matrix-synapse 2024-10-03 00:29:14 +05:00			`log_config: /etc/synapse/log.config`
			`report_stats: true`
Add coturn server 2024-10-04 02:09:16 +05:00			`trusted_key_servers:`
			`- server_name: "matrix.org"`
Configure open id connect for synapse 2024-10-20 19:58:03 +05:00
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`{% if turn_uris is defined and turn_shared_secret is defined %}`
			`turn_uris:`
			`{% for uri in turn_uris %}`
			`- {{ uri }}`
			`{% endfor %}`
Add coturn server 2024-10-04 02:09:16 +05:00			`turn_shared_secret: "{{ turn_shared_secret }}"`
			`turn_user_lifetime: 86400000`
			`turn_allow_guests: true`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`{% endif %}`
Configure open id connect for synapse 2024-10-20 19:58:03 +05:00
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`{% if openid_client_id is defined and openid_client_secret is defined and openid_issuer_url is defined %}`
Configure open id connect for synapse 2024-10-20 19:58:03 +05:00			`oidc_providers:`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`- idp_id: "{{ openid_idp_id }}"`
			`idp_name: "{{ openid_idp_name }}"`
			`discover: {{ openid_discover }}`
			`issuer: "{{ openid_issuer_url }}"`
			`client_id: "{{ openid_client_id }}"`
Configure open id connect for synapse 2024-10-20 19:58:03 +05:00			`client_secret: "{{ openid_client_secret }}"`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`scopes:`
			`{% for scope in openid_scopes %}`
			`- {{ scope }}`
			`{% endfor %}`
Configure open id connect for synapse 2024-10-20 19:58:03 +05:00			`user_mapping_provider:`
			`config:`
Add arguments for synapse role, fix federation - Add role arguments - Open port 8448 for s2s connections - Make openid and turn server optional 2024-10-29 15:34:38 +05:00			`localpart_template: "{{ '{{' }} {{ openid_localpart_template }} {{ '}}' }}"`
			`display_name_template: "{{ '{{' }} {{ openid_display_name_template }} {{ '}}' }}"`
			`{% endif %}`