matrix-synapse/README.md

2.8 KiB

Synapse homeserver for the matrix network.

Volumes

  • /var/lib/matrix-synapse/media_store/
  • /var/lib/matrix-synapse/signing/
  • /var/lib/matrix-synapse/registrations/

Environment Variables

SERVER_NAME

Name of the synapse server.

PUBLIC_BASE_URL

Full base url.

SHARED_SECRET

If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.

MACAROON_SECRET_KEY

Secret key for macaroon.

FORM_SECRET_KEY

Secret key to calculate HMACs for form values.

TURN_URIS

Comma seperated list of TURN servers to use.

TURN_SHARED_SECRET

The shared secret used to compute passwords for the TURN server

TURN_USER_LIFETIME

  • default: 1h

How long generated TURN credentials last.

ADMIN_EMAIL

Email at which the administrator can be reached.

DB_HOST

Database host.

DB_NAME

Database name.

DB_USER

Database user.

DB_PASSWORD

Password for the database user.

MAX_UPLOAD_SIZE

  • default: 10M

The largest allowed upload size.

MAX_THUMBNAIL_PIXELS

  • default: 32M

Maximum number of pixels that will be thumbnailed.

DYNAMIC_THUMBNAILS

  • default: True

Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.

REGISTRATIONS

  • default: []

Semi colon seperated list of registration files to load.

OIDC_ENABLED

  • default: false

Whether to enable authorization against an OpenID Connect server.

OIDC_DISCOVER

  • default: true

Whether to use the OIDC discovery mechanism to discover endpoints.

OIDC_ISSUER

The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.

OIDC_CLIENT_ID

oauth2 client id.

OIDC_CLIENT_SECRET

oauth2 client secret.

OIDC_SCOPES

  • default: ""openid""

Comma separated list of scopes to request.

OIDC_AUTH_ENDPOINT

oauth2 authorization endpoint. Required if provider discovery is disabled.

OIDC_TOKEN_ENDPOINT

oauth2 token endpoint. Required if provider discovery is disabled.

OIDC_USERINFO_ENDPOINT

OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope is not requested.

OIDC_JWKS_URI

URI where to fetch the JWKS. Required if discovery is disabled and the "openid" scope is used.

OIDC_MAPPING_PROVIDER

  • default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider

Python module for mapping attributes returned from a OIDC provider onto a matrix user.

OIDC_ALLOW_EXISTING_USER

  • default: false

Whether to allow a user logging in via OIDC to match a pre-existing account instead of failing.

SSO_CLIENT_WHITELIST

  • default: []

A semi colon separated list of client URLs which are whitelisted so that the user does not have to confirm giving access to their account to the URL.

Ports

  • 8008