Go to file
2022-05-24 12:51:05 +02:00
rootfs use new s6-rc layout [skip ci] 2022-02-16 08:50:40 +01:00
.gitignore initial commit 2016-08-03 11:38:20 +02:00
.gitlab-ci.yml use kaniko 2022-02-16 08:52:29 +01:00
Dockerfile push to version 1.59.1 [skip ci] 2022-05-24 12:51:05 +02:00
README.md add database creation sql to readme 2022-02-11 17:38:28 +01:00

Synapse homeserver for the matrix network with keycloak auth.

Database

CREATE DATABASE matrix_synapse WITH TEMPLATE 'template0' LC_COLLATE 'C' LC_CTYPE 'C' OWNER 'synapse';

Volumes

  • /var/lib/matrix-synapse/media_store/
  • /var/lib/matrix-synapse/signing/
  • /var/lib/matrix-synapse/registrations/

Environment Variables

SERVER_NAME

Name of the synapse server.

PUBLIC_BASE_URL

Full base url.

SHARED_SECRET

If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.

MACAROON_SECRET_KEY

Secret key for macaroon.

FORM_SECRET_KEY

Secret key to calculate HMACs for form values.

TURN_URIS

Comma seperated list of TURN servers to use.

TURN_SHARED_SECRET

The shared secret used to compute passwords for the TURN server

TURN_USER_LIFETIME

  • default: 1h

How long generated TURN credentials last.

ADMIN_EMAIL

Email at which the administrator can be reached.

DB_HOST

Database host.

DB_NAME

Database name.

DB_USER

Database user.

DB_PASSWORD

Password for the database user.

MAX_UPLOAD_SIZE

  • default: 10M

The largest allowed upload size.

MAX_THUMBNAIL_PIXELS

  • default: 32M

Maximum number of pixels that will be thumbnailed.

DYNAMIC_THUMBNAILS

  • default: True

Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.

REGISTRATIONS

  • default: []

Semi colon seperated list of registration files to load.

OIDC_NAME

Name of the oidc provider as shown to users.

OIDC_ISSUER

The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.

For example https://auth.example.com/auth/realms/master".

OIDC_CLIENT_ID

oauth2 client id.

OIDC_CLIENT_SECRET

oauth2 client secret.

OIDC_ALLOW_EXISTING_USER

  • default: false

Whether to allow a user logging in via OIDC to match a pre-existing account instead of failing.

SSO_CLIENT_WHITELIST

  • default: []

A semi colon separated list of client URLs which are whitelisted so that the user does not have to confirm giving access to their account to the URL.

Ports

  • 8008