description: Synapse
maintainer: "Valentin Lab <valentin.lab@kalysto.org>"
docker-image: docker.0k.io/synapse:1.0
config-resources:
  - /etc/synapse
data-resources:
  - /var/lib/synapse
host-resources:
  - /etc/localtime:ro

default-options:
  ## ensure that this virtualhost is joinable on https, and with a
  ## valid cert.
  # server_name: XXX

  # report_stats: no

  # enable_registration: no
  # registration_shared_secret: My secret

  # allow_guest_access: no

  # enable_registration_captcha: yes
  # recaptcha_public_key:   XXX
  # recaptcha_private_key:  YYY

# docker-compose:
#   ports:

uses:
  postgres-database:
    constraint: required
    auto: summon
    solves:
      database: "main storage"
  # log-rotate:
  #   constraint: recommended
  #   auto: pair
  #   solves:
  #     disk-leak: "/data/logs"
  web-proxy:
    constraint: recommended
    auto: pair
    solves:
      proxy: "Public access"
    default-options:
      ## ``nocanon`` is mandatory
      ## see: https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.rst
      apache-proxy-pass-options: retry=0 nocanon
      apache-core-rules: !var-expand |
        SSLProxyEngine on
        <Location "/.well-known/matrix" >
            ## ../server implementation added with a patch in docker image
            ProxyPass "http://${MASTER_BASE_SERVICE_NAME}:8008/.well-known/matrix" retry=0 nocanon
            Order deny,allow
            Allow from all
        </Location>
        #<Location "/_matrix" >
        #    ProxyPass "http://${MASTER_BASE_SERVICE_NAME}:8008/_matrix" retry=0 nocanon
        #    #Order deny,allow
        #    #Allow from all
        #</Location>