|
|
# -*- mode: shell-script -*-
yaml_opt_flatten() { local prefix="$1" key value while read-0 key value; do if [ "$prefix" ]; then new_prefix="${prefix}-${key}" else new_prefix="${key}" fi if [[ "$(echo "$value" | shyaml get-type)" == "struct" ]]; then echo "$value" | yaml_opt_flatten "${new_prefix}" else printf "%s\0%s\0" "${new_prefix}" "$value" fi done < <(shyaml key-values-0) }
CFG_DIR=/etc/synapse DATA_DIR=/var/lib/synapse CONFIG_FILE="$CFG_DIR/config.yml" HOST_CONFIG_FILE="${SERVICE_CONFIGSTORE}$CONFIG_FILE"
setup_dirs() { local dirs dir
dirs=("$SERVICE_DATASTORE/var/lib/synapse") uid_gid=($(docker_get_uid_gid "$SERVICE_NAME" "synapse" "synapse")) || { err "Could not fetch uid/gid on image of service ${DARKYELLOW}$SERVICE_NAME${NORMAL}." return 1 } uid="${uid_gid[0]}" gid="${uid_gid[1]}" for dir in "${dirs[@]}"; do mkdir -p "$dir" find "$dir" \! -uid "$uid" -print0 | while read-0 f; do chown -v "$uid" "$f" || return 1 done find "$dir" \! -gid "$gid" -print0 | while read-0 f; do chgrp -v "$gid" "$f" || return 1 done done
dirs=( "${SERVICE_CONFIGSTORE}/$CFG_DIR" "${SERVICE_DATASTORE}/var/lib/synapse/keys" ) for dir in "${dirs[@]}"; do mkdir -p "$dir" chown "$uid:$gid" "$dir" done }
cfg-merge() { local yaml="$1" merge_yaml_str "$(cat "$HOST_CONFIG_FILE" 2>/dev/null)" \ "$yaml" > "$HOST_CONFIG_FILE.tmp" || return 1 mv "$HOST_CONFIG_FILE.tmp" "$HOST_CONFIG_FILE" }
cfg-base() { cat <<EOF > "$HOST_CONFIG_FILE"
## Server
## Not running as a daemon # pid_file: /var/run/synapse/synapse.pid web_client: False soft_file_limit: 0 log_config: "$CFG_DIR/logging.yml"
## Ports
listeners: - port: 8008 tls: false bind_addresses: ['::'] type: http x_forwarded: false
resources: - names: [client] compress: true - names: [federation] compress: false
## Database ##
database: name: "sqlite3" args: database: "$DATA_DIR/homeserver.db"
## Performance ##
event_cache_size: 10K
## Ratelimiting ##
rc_messages_per_second: 0.2 rc_message_burst_count: 10.0 federation_rc_window_size: 1000 federation_rc_sleep_limit: 10 federation_rc_sleep_delay: 500 federation_rc_reject_limit: 50 federation_rc_concurrent: 3
## Files ##
media_store_path: "$DATA_DIR/media" uploads_path: "$DATA_DIR/uploads" max_upload_size: "10M" max_image_pixels: "32M" dynamic_thumbnails: false
# List of thumbnail to precalculate when an image is uploaded. thumbnail_sizes: - width: 32 height: 32 method: crop - width: 96 height: 96 method: crop - width: 320 height: 240 method: scale - width: 640 height: 480 method: scale - width: 800 height: 600 method: scale
url_preview_enabled: false max_spider_size: "10M"
## Registration ##
enable_registration: false enable_registration_captcha: false
bcrypt_rounds: 12 allow_guest_access: true enable_group_creation: true
## TURN
turn_allow_guests: true turn_shared_secret: YOUR_SHARED_SECRET turn_uris: [] turn_user_lifetime: 1h
# The list of identity servers trusted to verify third party # identifiers by this server. # # Also defines the ID server which will be called when an account is # deactivated (one will be picked arbitrarily). trusted_third_party_id_servers: - matrix.org - vector.im
## Metrics
enable_metrics: false report_stats: false
## API Configuration
room_invite_state_types: - "m.room.join_rules" - "m.room.canonical_alias" - "m.room.avatar" - "m.room.name"
expire_access_token: False
## Signing Keys ##
signing_key_path: "$DATA_DIR/keys/synapse.signing.key" old_signing_keys: {} key_refresh_interval: "1d" # 1 Day.
# The trusted servers to download signing keys from. perspectives: servers: "matrix.org": verify_keys: "ed25519:auto": key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
password_config: enabled: true
recaptcha_siteverify_api: https://www.google.com/recaptcha/api/siteverify
app_service_config_files: []
EOF
cat <<EOF > "$SERVICE_CONFIGSTORE$CFG_DIR"/logging.yml version: 1
formatters: precise: format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters: context: (): synapse.util.logcontext.LoggingContextFilter request: ""
handlers: console: class: logging.StreamHandler formatter: precise filters: [context]
loggers: synapse: level: WARNING
synapse.storage.SQL: # beware: increasing this to DEBUG will make synapse log sensitive # information such as access tokens. level: WARNING
root: level: WARNING handlers: [console]
EOF }
config_hash() { debug "Adding config hash to enable recreating upon config change." config_hash=$({ cat "$HOST_CONFIG_FILE" } | md5_compat) || exit 1 init-config-add " $SERVICE_NAME: labels: - compose.config_hash=$config_hash " }
|