103 lines
2.2 KiB
Markdown
103 lines
2.2 KiB
Markdown
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network with keycloak auth.
|
|
|
|
# Database
|
|
```
|
|
CREATE DATABASE matrix_synapse WITH TEMPLATE 'template0' LC_COLLATE 'C' LC_CTYPE 'C' OWNER 'synapse';
|
|
```
|
|
|
|
# Volumes
|
|
- `/var/lib/matrix-synapse/media_store/`
|
|
- `/var/lib/matrix-synapse/signing/`
|
|
- `/var/lib/matrix-synapse/registrations/`
|
|
|
|
# Environment Variables
|
|
## SERVER_NAME
|
|
Name of the synapse server.
|
|
|
|
## PUBLIC_BASE_URL
|
|
Full base url.
|
|
|
|
## SHARED_SECRET
|
|
If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled.
|
|
|
|
## MACAROON_SECRET_KEY
|
|
Secret key for macaroon.
|
|
|
|
## FORM_SECRET_KEY
|
|
Secret key to calculate HMACs for form values.
|
|
|
|
## TURN_URIS
|
|
Comma seperated list of TURN servers to use.
|
|
|
|
## TURN_SHARED_SECRET
|
|
The shared secret used to compute passwords for the TURN server
|
|
|
|
## TURN_USER_LIFETIME
|
|
- default: 1h
|
|
|
|
How long generated TURN credentials last.
|
|
|
|
## ADMIN_EMAIL
|
|
Email at which the administrator can be reached.
|
|
|
|
## DB_HOST
|
|
Database host.
|
|
|
|
## DB_NAME
|
|
Database name.
|
|
|
|
## DB_USER
|
|
Database user.
|
|
|
|
## DB_PASSWORD
|
|
Password for the database user.
|
|
|
|
## MAX_UPLOAD_SIZE
|
|
- default: 10M
|
|
|
|
The largest allowed upload size.
|
|
|
|
## MAX_THUMBNAIL_PIXELS
|
|
- default: 32M
|
|
|
|
Maximum number of pixels that will be thumbnailed.
|
|
|
|
## DYNAMIC_THUMBNAILS
|
|
- default: True
|
|
|
|
Whether to generate new thumbnails on the fly to precisely match the resolution requested by the client.
|
|
|
|
## REGISTRATIONS
|
|
- default: []
|
|
|
|
Semi colon seperated list of registration files to load.
|
|
|
|
## OIDC_NAME
|
|
Name of the oidc provider as shown to users.
|
|
|
|
## OIDC_ISSUER
|
|
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.
|
|
|
|
For example `https://auth.example.com/auth/realms/master"`.
|
|
|
|
## OIDC_CLIENT_ID
|
|
oauth2 client id.
|
|
|
|
## OIDC_CLIENT_SECRET
|
|
oauth2 client secret.
|
|
|
|
## OIDC_ALLOW_EXISTING_USER
|
|
- default: false
|
|
|
|
Whether to allow a user logging in via OIDC to match a pre-existing account
|
|
instead of failing.
|
|
|
|
## SSO_CLIENT_WHITELIST
|
|
- default: []
|
|
|
|
A semi colon separated list of client URLs which are whitelisted so that the user does not have to
|
|
confirm giving access to their account to the URL.
|
|
|
|
# Ports
|
|
- 8008
|