matrix-synapse/README.md

[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network with keycloak auth.

# Database
```
CREATE DATABASE matrix_synapse WITH TEMPLATE 'template0' LC_COLLATE 'C' LC_CTYPE 'C' OWNER 'synapse';
```

# Volumes
- `/var/lib/matrix-synapse/media_store/`
- `/var/lib/matrix-synapse/signing/`
- `/var/lib/matrix-synapse/registrations/`

# Environment Variables
## SERVER_NAME
Name of the synapse server.

## PUBLIC_BASE_URL
Full base url.

## SHARED_SECRET
If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.

## MACAROON_SECRET_KEY
Secret key for macaroon.

## FORM_SECRET_KEY
Secret key to calculate HMACs for form values.

## TURN_URIS
Comma seperated list of TURN servers to use.

## TURN_SHARED_SECRET
The shared secret used to compute passwords for the TURN server

## TURN_USER_LIFETIME
- default: 1h

How long generated TURN credentials last.

## ADMIN_EMAIL
Email at which the administrator can be reached.

## DB_HOST
Database host.

## DB_NAME
Database name.

## DB_USER
Database user.

## DB_PASSWORD
Password for the database user.

## MAX_UPLOAD_SIZE
- default: 10M

The largest allowed upload size.

## MAX_THUMBNAIL_PIXELS
- default: 32M

Maximum number of pixels that will be thumbnailed.

## DYNAMIC_THUMBNAILS
- default: True

Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.

## REGISTRATIONS
- default: []

Semi colon seperated list of registration files to load.

## OIDC_NAME
Name of the oidc provider as shown to users.

## OIDC_ISSUER
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.

For example `https://auth.example.com/auth/realms/master"`.

## OIDC_CLIENT_ID
oauth2 client id.

## OIDC_CLIENT_SECRET
oauth2 client secret.

## OIDC_ALLOW_EXISTING_USER
- default: false

Whether to allow a user logging in via OIDC to match a pre-existing account 
instead of failing.

## SSO_CLIENT_WHITELIST
- default: []

A semi colon separated list of client URLs which are whitelisted so that the user does not have to 
confirm giving access to their account to the URL.

# Ports
- 8008
use new style oidc config 2022-02-09 12:53:15 +00:00			`[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network with keycloak auth.`
Update README.md 2016-10-31 12:05:22 +00:00
add database creation sql to readme 2022-02-11 16:38:28 +00:00			`# Database`
			```
			`CREATE DATABASE matrix_synapse WITH TEMPLATE 'template0' LC_COLLATE 'C' LC_CTYPE 'C' OWNER 'synapse';`
			```

Update README.md 2016-10-31 12:05:22 +00:00			`# Volumes`
update paths and user to reflect the debian package scheme 2018-05-23 16:04:35 +00:00			- `/var/lib/matrix-synapse/media_store/`
			- `/var/lib/matrix-synapse/signing/`
add registration file support 2018-05-23 19:34:55 +00:00			- `/var/lib/matrix-synapse/registrations/`
Update README.md 2016-10-31 12:05:22 +00:00
			`# Environment Variables`
			`## SERVER_NAME`
			`Name of the synapse server.`

			`## PUBLIC_BASE_URL`
			`Full base url.`

			`## SHARED_SECRET`
			`If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.`

			`## MACAROON_SECRET_KEY`
			`Secret key for macaroon.`

push to version 0.99.1.1 2019-02-15 10:16:04 +00:00			`## FORM_SECRET_KEY`
			`Secret key to calculate HMACs for form values.`

Update README.md 2016-10-31 12:05:22 +00:00			`## TURN_URIS`
			`Comma seperated list of TURN servers to use.`

			`## TURN_SHARED_SECRET`
			`The shared secret used to compute passwords for the TURN server`

			`## TURN_USER_LIFETIME`
			`- default: 1h`

			`How long generated TURN credentials last.`

push to version 0.99.1.1 2019-02-15 10:16:04 +00:00			`## ADMIN_EMAIL`
			`Email at which the administrator can be reached.`

Update README.md 2016-10-31 12:05:22 +00:00			`## DB_HOST`
			`Database host.`

			`## DB_NAME`
			`Database name.`

			`## DB_USER`
			`Database user.`

			`## DB_PASSWORD`
			`Password for the database user.`

			`## MAX_UPLOAD_SIZE`
			`- default: 10M`

			`The largest allowed upload size.`

			`## MAX_THUMBNAIL_PIXELS`
			`- default: 32M`

			`Maximum number of pixels that will be thumbnailed.`

			`## DYNAMIC_THUMBNAILS`
			`- default: True`

			`Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.`

add registration file support 2018-05-23 19:34:55 +00:00			`## REGISTRATIONS`
			`- default: []`

try oidc provider 2020-12-11 09:07:43 +00:00			`Semi colon seperated list of registration files to load.`
add registration file support 2018-05-23 19:34:55 +00:00
use new style oidc config 2022-02-09 12:53:15 +00:00			`## OIDC_NAME`
			`Name of the oidc provider as shown to users.`
try oidc provider 2020-12-11 09:07:43 +00:00
			`## OIDC_ISSUER`
			`The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.`

use new style oidc config 2022-02-09 12:53:15 +00:00			For example `https://auth.example.com/auth/realms/master"`.

try oidc provider 2020-12-11 09:07:43 +00:00			`## OIDC_CLIENT_ID`
			`oauth2 client id.`

			`## OIDC_CLIENT_SECRET`
			`oauth2 client secret.`

			`## OIDC_ALLOW_EXISTING_USER`
			`- default: false`

			`Whether to allow a user logging in via OIDC to match a pre-existing account`
			`instead of failing.`

			`## SSO_CLIENT_WHITELIST`
			`- default: []`

			`A semi colon separated list of client URLs which are whitelisted so that the user does not have to`
			`confirm giving access to their account to the URL.`
Update README.md 2016-10-31 12:05:22 +00:00
			`# Ports`
push to version 0.99.1.1 2019-02-15 10:16:04 +00:00			`- 8008`