Go to file
2020-12-11 10:38:54 +01:00
rootfs update oidc configuration 2020-12-11 10:38:54 +01:00
.editorconfig update base image 2017-01-10 15:57:51 +01:00
.gitignore initial commit 2016-08-03 11:38:20 +02:00
.gitlab-ci.yml Update .gitlab-ci.yml 2019-09-03 08:34:03 +00:00
Dockerfile update oidc configuration 2020-12-11 10:38:54 +01:00
README.md try oidc provider 2020-12-11 10:07:43 +01:00

Synapse homeserver for the matrix network.

Volumes

  • /var/lib/matrix-synapse/media_store/
  • /var/lib/matrix-synapse/signing/
  • /var/lib/matrix-synapse/registrations/

Environment Variables

SERVER_NAME

Name of the synapse server.

PUBLIC_BASE_URL

Full base url.

SHARED_SECRET

If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.

MACAROON_SECRET_KEY

Secret key for macaroon.

FORM_SECRET_KEY

Secret key to calculate HMACs for form values.

TURN_URIS

Comma seperated list of TURN servers to use.

TURN_SHARED_SECRET

The shared secret used to compute passwords for the TURN server

TURN_USER_LIFETIME

  • default: 1h

How long generated TURN credentials last.

ADMIN_EMAIL

Email at which the administrator can be reached.

DB_HOST

Database host.

DB_NAME

Database name.

DB_USER

Database user.

DB_PASSWORD

Password for the database user.

MAX_UPLOAD_SIZE

  • default: 10M

The largest allowed upload size.

MAX_THUMBNAIL_PIXELS

  • default: 32M

Maximum number of pixels that will be thumbnailed.

DYNAMIC_THUMBNAILS

  • default: True

Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.

REGISTRATIONS

  • default: []

Semi colon seperated list of registration files to load.

OIDC_ENABLED

  • default: false

Whether to enable authorization against an OpenID Connect server.

OIDC_DISCOVER

  • default: true

Whether to use the OIDC discovery mechanism to discover endpoints.

OIDC_ISSUER

The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.

OIDC_CLIENT_ID

oauth2 client id.

OIDC_CLIENT_SECRET

oauth2 client secret.

OIDC_SCOPES

  • default: ""openid""

Comma separated list of scopes to request.

OIDC_AUTH_ENDPOINT

oauth2 authorization endpoint. Required if provider discovery is disabled.

OIDC_TOKEN_ENDPOINT

oauth2 token endpoint. Required if provider discovery is disabled.

OIDC_USERINFO_ENDPOINT

OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope is not requested.

OIDC_JWKS_URI

URI where to fetch the JWKS. Required if discovery is disabled and the "openid" scope is used.

OIDC_MAPPING_PROVIDER

  • default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider

Python module for mapping attributes returned from a OIDC provider onto a matrix user.

OIDC_ALLOW_EXISTING_USER

  • default: false

Whether to allow a user logging in via OIDC to match a pre-existing account instead of failing.

SSO_CLIENT_WHITELIST

  • default: []

A semi colon separated list of client URLs which are whitelisted so that the user does not have to confirm giving access to their account to the URL.

Ports

  • 8008