128 lines
2.8 KiB
Markdown
128 lines
2.8 KiB
Markdown
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network.
|
|
|
|
# Volumes
|
|
- `/var/lib/matrix-synapse/media_store/`
|
|
- `/var/lib/matrix-synapse/signing/`
|
|
- `/var/lib/matrix-synapse/registrations/`
|
|
|
|
# Environment Variables
|
|
## SERVER_NAME
|
|
Name of the synapse server.
|
|
|
|
## PUBLIC_BASE_URL
|
|
Full base url.
|
|
|
|
## SHARED_SECRET
|
|
If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.
|
|
|
|
## MACAROON_SECRET_KEY
|
|
Secret key for macaroon.
|
|
|
|
## FORM_SECRET_KEY
|
|
Secret key to calculate HMACs for form values.
|
|
|
|
## TURN_URIS
|
|
Comma seperated list of TURN servers to use.
|
|
|
|
## TURN_SHARED_SECRET
|
|
The shared secret used to compute passwords for the TURN server
|
|
|
|
## TURN_USER_LIFETIME
|
|
- default: 1h
|
|
|
|
How long generated TURN credentials last.
|
|
|
|
## ADMIN_EMAIL
|
|
Email at which the administrator can be reached.
|
|
|
|
## DB_HOST
|
|
Database host.
|
|
|
|
## DB_NAME
|
|
Database name.
|
|
|
|
## DB_USER
|
|
Database user.
|
|
|
|
## DB_PASSWORD
|
|
Password for the database user.
|
|
|
|
## MAX_UPLOAD_SIZE
|
|
- default: 10M
|
|
|
|
The largest allowed upload size.
|
|
|
|
## MAX_THUMBNAIL_PIXELS
|
|
- default: 32M
|
|
|
|
Maximum number of pixels that will be thumbnailed.
|
|
|
|
## DYNAMIC_THUMBNAILS
|
|
- default: True
|
|
|
|
Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.
|
|
|
|
## REGISTRATIONS
|
|
- default: []
|
|
|
|
Semi colon seperated list of registration files to load.
|
|
|
|
## OIDC_ENABLED
|
|
- default: false
|
|
|
|
Whether to enable authorization against an OpenID Connect server.
|
|
|
|
## OIDC_DISCOVER
|
|
- default: true
|
|
|
|
Whether to use the OIDC discovery mechanism to discover endpoints.
|
|
|
|
## OIDC_ISSUER
|
|
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.
|
|
|
|
## OIDC_CLIENT_ID
|
|
oauth2 client id.
|
|
|
|
## OIDC_CLIENT_SECRET
|
|
oauth2 client secret.
|
|
|
|
## OIDC_SCOPES
|
|
- default: "\"openid\""
|
|
|
|
Comma separated list of scopes to request.
|
|
|
|
## OIDC_AUTH_ENDPOINT
|
|
oauth2 authorization endpoint. Required if provider discovery is disabled.
|
|
|
|
## OIDC_TOKEN_ENDPOINT
|
|
oauth2 token endpoint. Required if provider discovery is disabled.
|
|
|
|
## OIDC_USERINFO_ENDPOINT
|
|
OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope
|
|
is not requested.
|
|
|
|
## OIDC_JWKS_URI
|
|
URI where to fetch the JWKS. Required if discovery is disabled and the "openid"
|
|
scope is used.
|
|
|
|
## OIDC_MAPPING_PROVIDER
|
|
- default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider
|
|
|
|
Python module for mapping attributes returned from a OIDC provider onto a matrix
|
|
user.
|
|
|
|
## OIDC_ALLOW_EXISTING_USER
|
|
- default: false
|
|
|
|
Whether to allow a user logging in via OIDC to match a pre-existing account
|
|
instead of failing.
|
|
|
|
## SSO_CLIENT_WHITELIST
|
|
- default: []
|
|
|
|
A semi colon separated list of client URLs which are whitelisted so that the user does not have to
|
|
confirm giving access to their account to the URL.
|
|
|
|
# Ports
|
|
- 8008
|