[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network. # Volumes - `/var/lib/matrix-synapse/media_store/` - `/var/lib/matrix-synapse/signing/` - `/var/lib/matrix-synapse/registrations/` # Environment Variables ## SERVER_NAME Name of the synapse server. ## PUBLIC_BASE_URL Full base url. ## SHARED_SECRET If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled. ## MACAROON_SECRET_KEY Secret key for macaroon. ## FORM_SECRET_KEY Secret key to calculate HMACs for form values. ## TURN_URIS Comma seperated list of TURN servers to use. ## TURN_SHARED_SECRET The shared secret used to compute passwords for the TURN server ## TURN_USER_LIFETIME - default: 1h How long generated TURN credentials last. ## ADMIN_EMAIL Email at which the administrator can be reached. ## DB_HOST Database host. ## DB_NAME Database name. ## DB_USER Database user. ## DB_PASSWORD Password for the database user. ## MAX_UPLOAD_SIZE - default: 10M The largest allowed upload size. ## MAX_THUMBNAIL_PIXELS - default: 32M Maximum number of pixels that will be thumbnailed. ## DYNAMIC_THUMBNAILS - default: True Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client. ## REGISTRATIONS - default: [] Semi colon seperated list of registration files to load. ## OIDC_ENABLED - default: false Whether to enable authorization against an OpenID Connect server. ## OIDC_DISCOVER - default: true Whether to use the OIDC discovery mechanism to discover endpoints. ## OIDC_ISSUER The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints. ## OIDC_CLIENT_ID oauth2 client id. ## OIDC_CLIENT_SECRET oauth2 client secret. ## OIDC_SCOPES - default: "\"openid\"" Comma separated list of scopes to request. ## OIDC_AUTH_ENDPOINT oauth2 authorization endpoint. Required if provider discovery is disabled. ## OIDC_TOKEN_ENDPOINT oauth2 token endpoint. Required if provider discovery is disabled. ## OIDC_USERINFO_ENDPOINT OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope is not requested. ## OIDC_JWKS_URI URI where to fetch the JWKS. Required if discovery is disabled and the "openid" scope is used. ## OIDC_MAPPING_PROVIDER - default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider Python module for mapping attributes returned from a OIDC provider onto a matrix user. ## OIDC_ALLOW_EXISTING_USER - default: false Whether to allow a user logging in via OIDC to match a pre-existing account instead of failing. ## OIDC_LOCALPART_TEMPLATE - default: {{ user.preferred_username }} Jinja2 template for the localpart of the MXID. ## OIDC_DISPLAY_NAME_TEMPLATE - default: {{ user.given_name }} {{ user.last_name }} Jinja2 template for the display name to set on first login. ## SSO_CLIENT_WHITELIST - default: [] A semi colon separated list of client URLs which are whitelisted so that the user does not have to confirm giving access to their account to the URL. # Ports - 8008