--- synapse_svc: domain: "{{ all_services | service_get_domain(role_name) }}" docker_host: synapse-admin port: 80 caddy_extra: | handle /_matrix/* { reverse_proxy synapse:8008 } handle /_synapse/* { reverse_proxy synapse:8008 } extra_svcs: - domain: matrix.serguzim.me:8448 docker_host: synapse port: 8008 db: host: "{{ postgres.host }}" user: "{{ opentofu.postgresql_data.synapse.user }}" pass: "{{ opentofu.postgresql_data.synapse.pass }}" database: "{{ opentofu.postgresql_data.synapse.database }}" config_path: config synapse_env: SYNAPSE_CONFIG_PATH: "{{ ('/', svc.config_path) | path_join }}" REACT_APP_SERVER: https://matrix.serguzim.me synapse_yml: server_name: msrg.cc pid_file: "{{ (svc.config_path, 'homeserver.pid') | path_join }}" public_baseurl: https://matrix.serguzim.me/ allow_public_rooms_without_auth: true allow_public_rooms_over_federation: true listeners: - port: 8008 tls: false type: http x_forwarded: true resources: - names: - client - federation - metrics compress: false admin_contact: mailto:{{ admin_email }} acme: enabled: false database: name: psycopg2 args: user: "{{ svc.db.user }}" password: "{{ svc.db.pass }}" database: "{{ svc.db.database }}" host: "{{ svc.db.host }}" cp_min: 5 cp_max: 10 log_config: "{{ (svc.config_path, 'msrg.cc.log.config') | path_join }}" media_store_path: /media_store max_upload_size: 500M enable_registration: false enable_metrics: true report_stats: true macaroon_secret_key: "{{ vault_synapse.macaroon_secret_key }}" form_secret: "{{ vault_synapse.form_secret }}" signing_key_path: "{{ (svc.config_path, 'msrg.cc.signing.key') | path_join }}" trusted_key_servers: - server_name: matrix.org suppress_key_server_warning: true oidc_providers: - idp_id: auth_serguzim_me idp_name: auth.serguzim.me issuer: "{{ opentofu.authentik_data.synapse.base_url }}" client_id: "{{ opentofu.authentik_data.synapse.client_id }}" client_secret: "{{ opentofu.authentik_data.synapse.client_secret }}" scopes: - openid - profile - email user_mapping_provider: config: localpart_template: "{{ '{{ user.preferred_username }}' }}" display_name_template: "{{ '{{ user.name }}' }}" email: smtp_host: mail.serguzim.me smtp_port: 587 smtp_user: matrix@serguzim.me smtp_pass: "{{ vault_synapse.mail.pass }}" require_transport_security: true notif_from: Matrix synapse_compose: watchtower: true image: ghcr.io/element-hq/synapse:latest volumes: - ./config:/config - media_store:/media_store file: services: synapse-admin: image: awesometechnologies/synapse-admin restart: always labels: com.centurylinklabs.watchtower.enable: true env_file: - service.env networks: apps: aliases: - synapse-admin volumes: media_store: