tls_certificate_path: "/etc/ssl/synapse/fullchain.pem"
tls_private_key_path: "/etc/ssl/synapse/privkey.pem"
tls_dh_params_path: "/var/lib/synapse/signing/dhparams.pem"
no_tls: False

server_name: "{{getenv "SERVER_NAME"}}"

pid_file: /var/lib/synapse/homeserver.pid

web_client: True
public_baseurl: https://{{getenv "SERVER_NAME"}}:8448/

soft_file_limit: 0

listeners:
  -
    port: 8448
    bind_address: ''
    type: http
    tls: true
    x_forwarded: false
    resources:
      -
        names:
          - client
          - webclient
        compress: true

      - names: [federation]
        compress: false

  - port: 8008
    tls: false
    bind_address: ''
    type: http
    x_forwarded: false

    resources:
      - names: [client, webclient]
        compress: true
      - names: [federation]
        compress: false

database:
  name: "psycopg2"
  args:
    user: {{getenv "DB_USER"}}
    password: {{getenv "DB_PASSWORD"}}
    database: {{getenv "DB_NAME"}}
    host: {{getenv "DB_HOST"}}
    cp_min: 5
    cp_max: 10

event_cache_size: "10K"

verbose: 0
log_file: "/var/lib/synapse/homeserver.log"
log_config: "/var/lib/synapse/log.config"

rc_messages_per_second: 0.2
rc_message_burst_count: 10.0
federation_rc_window_size: 1000
federation_rc_sleep_limit: 10
federation_rc_sleep_delay: 500
federation_rc_reject_limit: 50
federation_rc_concurrent: 3

media_store_path: "/var/lib/synapse/media_store"
uploads_path: "/var/lib/synapse/uploads"
max_upload_size: "{{getenv "MAX_UPLOAD_SIZE"}}"
max_image_pixels: "{{getenv "MAX_THUMBNAIL_PIXELS"}}"
dynamic_thumbnails: {{getenv "DYNAMIC_THUMBNAILS"}}

thumbnail_sizes:
- width: 32
  height: 32
  method: crop
- width: 96
  height: 96
  method: crop
- width: 320
  height: 240
  method: scale
- width: 640
  height: 480
  method: scale
- width: 800
  height: 600
  method: scale

url_preview_enabled: False
enable_registration_captcha: False

# The public URIs of the TURN server to give to clients
turn_uris: []

# The shared secret used to compute passwords for the TURN server
turn_shared_secret: "YOUR_SHARED_SECRET"

# How long generated TURN credentials last
turn_user_lifetime: "1h"

enable_registration: False
allow_guest_access: False

trusted_third_party_id_servers:
    - matrix.org
    - vector.im

enable_metrics: {{getenv "ENABLE_METRICS"}}
report_stats: {{getenv "REPORT_STATS"}}

room_invite_state_types:
    - "m.room.join_rules"
    - "m.room.canonical_alias"
    - "m.room.avatar"
    - "m.room.name"

app_service_config_files: []

macaroon_secret_key: "{{getenv "MACAROON_SECRET_KEY"}}"
expire_access_token: False

signing_key_path: "/var/lib/synapse/signing/signing.key"
old_signing_keys: {}

key_refresh_interval: "1d" # 1 Day.

perspectives:
  servers:
    "matrix.org":
      verify_keys:
        "ed25519:auto":
          key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"

ldap_config:
   enabled: true
   uri: "{{getenv "LDAP_URI"}}"
   start_tls: true
   base: "{{getenv "LDAP_BASE_DN"}}"
   attributes:
      uid: "{{getenv "LDAP_UID_ATTRIBUTE"}}"
      mail: "{{getenv "LDAP_MAIL_ATTRIBUTE"}}"
      name: "{{getenv "LDAP_NAME_ATTRIBUTE"}}"
   bind_dn: "{{getenv "LDAP_BIND_DN"}}"
   bind_password: "{{getenv "LDAP_BIND_PASSWORD"}}"
   filter: "{{getenv "LDAP_FILTER"}}"