|
@@ -210,6 +210,8 @@ presence:
|
|
|
#
|
|
|
# This option replaces federation_ip_range_blacklist in Synapse v1.25.0.
|
|
|
#
|
|
|
+# Note: The value is ignored when an HTTP proxy is in use
|
|
|
+#
|
|
|
#ip_range_blacklist:
|
|
|
# - '127.0.0.0/8'
|
|
|
# - '10.0.0.0/8'
|
|
@@ -563,6 +565,19 @@ retention:
|
|
|
#
|
|
|
#next_link_domain_whitelist: ["matrix.org"]
|
|
|
|
|
|
+# Templates to use when generating email or HTML page contents.
|
|
|
+#
|
|
|
+templates:
|
|
|
+ # Directory in which Synapse will try to find template files to use to generate
|
|
|
+ # email or HTML page contents.
|
|
|
+ # If not set, or a file is not found within the template directory, a default
|
|
|
+ # template from within the Synapse package will be used.
|
|
|
+ #
|
|
|
+ # See https://matrix-org.github.io/synapse/latest/templates.html for more
|
|
|
+ # information about using custom templates.
|
|
|
+ #
|
|
|
+ #custom_template_directory: /path/to/custom/templates/
|
|
|
+
|
|
|
|
|
|
## TLS ##
|
|
|
|
|
@@ -711,6 +726,15 @@ caches:
|
|
|
#
|
|
|
#expiry_time: 30m
|
|
|
|
|
|
+ # Controls how long the results of a /sync request are cached for after
|
|
|
+ # a successful response is returned. A higher duration can help clients with
|
|
|
+ # intermittent connections, at the cost of higher memory usage.
|
|
|
+ #
|
|
|
+ # By default, this is zero, which means that sync responses are not cached
|
|
|
+ # at all.
|
|
|
+ #
|
|
|
+ #sync_response_cache_duration: 2m
|
|
|
+
|
|
|
|
|
|
## Database ##
|
|
|
|
|
@@ -963,6 +987,8 @@ media_store_path: "DATADIR/media_store"
|
|
|
# This must be specified if url_preview_enabled is set. It is recommended that
|
|
|
# you uncomment the following list as a starting point.
|
|
|
#
|
|
|
+# Note: The value is ignored when an HTTP proxy is in use
|
|
|
+#
|
|
|
#url_preview_ip_range_blacklist:
|
|
|
# - '127.0.0.0/8'
|
|
|
# - '10.0.0.0/8'
|
|
@@ -1882,6 +1908,9 @@ cas_config:
|
|
|
# Additional settings to use with single-sign on systems such as OpenID Connect,
|
|
|
# SAML2 and CAS.
|
|
|
#
|
|
|
+# Server admins can configure custom templates for pages related to SSO. See
|
|
|
+# https://matrix-org.github.io/synapse/latest/templates.html for more information.
|
|
|
+#
|
|
|
sso:
|
|
|
# A list of client URLs which are whitelisted so that the user does not
|
|
|
# have to confirm giving access to their account to the URL. Any client
|
|
@@ -1914,169 +1943,6 @@ sso:
|
|
|
#
|
|
|
#update_profile_information: true
|
|
|
|
|
|
- # Directory in which Synapse will try to find the template files below.
|
|
|
- # If not set, or the files named below are not found within the template
|
|
|
- # directory, default templates from within the Synapse package will be used.
|
|
|
- #
|
|
|
- # Synapse will look for the following templates in this directory:
|
|
|
- #
|
|
|
- # * HTML page to prompt the user to choose an Identity Provider during
|
|
|
- # login: 'sso_login_idp_picker.html'.
|
|
|
- #
|
|
|
- # This is only used if multiple SSO Identity Providers are configured.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- # * redirect_url: the URL that the user will be redirected to after
|
|
|
- # login.
|
|
|
- #
|
|
|
- # * server_name: the homeserver's name.
|
|
|
- #
|
|
|
- # * providers: a list of available Identity Providers. Each element is
|
|
|
- # an object with the following attributes:
|
|
|
- #
|
|
|
- # * idp_id: unique identifier for the IdP
|
|
|
- # * idp_name: user-facing name for the IdP
|
|
|
- # * idp_icon: if specified in the IdP config, an MXC URI for an icon
|
|
|
- # for the IdP
|
|
|
- # * idp_brand: if specified in the IdP config, a textual identifier
|
|
|
- # for the brand of the IdP
|
|
|
- #
|
|
|
- # The rendered HTML page should contain a form which submits its results
|
|
|
- # back as a GET request, with the following query parameters:
|
|
|
- #
|
|
|
- # * redirectUrl: the client redirect URI (ie, the `redirect_url` passed
|
|
|
- # to the template)
|
|
|
- #
|
|
|
- # * idp: the 'idp_id' of the chosen IDP.
|
|
|
- #
|
|
|
- # * HTML page to prompt new users to enter a userid and confirm other
|
|
|
- # details: 'sso_auth_account_details.html'. This is only shown if the
|
|
|
- # SSO implementation (with any user_mapping_provider) does not return
|
|
|
- # a localpart.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- #
|
|
|
- # * server_name: the homeserver's name.
|
|
|
- #
|
|
|
- # * idp: details of the SSO Identity Provider that the user logged in
|
|
|
- # with: an object with the following attributes:
|
|
|
- #
|
|
|
- # * idp_id: unique identifier for the IdP
|
|
|
- # * idp_name: user-facing name for the IdP
|
|
|
- # * idp_icon: if specified in the IdP config, an MXC URI for an icon
|
|
|
- # for the IdP
|
|
|
- # * idp_brand: if specified in the IdP config, a textual identifier
|
|
|
- # for the brand of the IdP
|
|
|
- #
|
|
|
- # * user_attributes: an object containing details about the user that
|
|
|
- # we received from the IdP. May have the following attributes:
|
|
|
- #
|
|
|
- # * display_name: the user's display_name
|
|
|
- # * emails: a list of email addresses
|
|
|
- #
|
|
|
- # The template should render a form which submits the following fields:
|
|
|
- #
|
|
|
- # * username: the localpart of the user's chosen user id
|
|
|
- #
|
|
|
- # * HTML page allowing the user to consent to the server's terms and
|
|
|
- # conditions. This is only shown for new users, and only if
|
|
|
- # `user_consent.require_at_registration` is set.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- #
|
|
|
- # * server_name: the homeserver's name.
|
|
|
- #
|
|
|
- # * user_id: the user's matrix proposed ID.
|
|
|
- #
|
|
|
- # * user_profile.display_name: the user's proposed display name, if any.
|
|
|
- #
|
|
|
- # * consent_version: the version of the terms that the user will be
|
|
|
- # shown
|
|
|
- #
|
|
|
- # * terms_url: a link to the page showing the terms.
|
|
|
- #
|
|
|
- # The template should render a form which submits the following fields:
|
|
|
- #
|
|
|
- # * accepted_version: the version of the terms accepted by the user
|
|
|
- # (ie, 'consent_version' from the input variables).
|
|
|
- #
|
|
|
- # * HTML page for a confirmation step before redirecting back to the client
|
|
|
- # with the login token: 'sso_redirect_confirm.html'.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- #
|
|
|
- # * redirect_url: the URL the user is about to be redirected to.
|
|
|
- #
|
|
|
- # * display_url: the same as `redirect_url`, but with the query
|
|
|
- # parameters stripped. The intention is to have a
|
|
|
- # human-readable URL to show to users, not to use it as
|
|
|
- # the final address to redirect to.
|
|
|
- #
|
|
|
- # * server_name: the homeserver's name.
|
|
|
- #
|
|
|
- # * new_user: a boolean indicating whether this is the user's first time
|
|
|
- # logging in.
|
|
|
- #
|
|
|
- # * user_id: the user's matrix ID.
|
|
|
- #
|
|
|
- # * user_profile.avatar_url: an MXC URI for the user's avatar, if any.
|
|
|
- # None if the user has not set an avatar.
|
|
|
- #
|
|
|
- # * user_profile.display_name: the user's display name. None if the user
|
|
|
- # has not set a display name.
|
|
|
- #
|
|
|
- # * HTML page which notifies the user that they are authenticating to confirm
|
|
|
- # an operation on their account during the user interactive authentication
|
|
|
- # process: 'sso_auth_confirm.html'.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- # * redirect_url: the URL the user is about to be redirected to.
|
|
|
- #
|
|
|
- # * description: the operation which the user is being asked to confirm
|
|
|
- #
|
|
|
- # * idp: details of the Identity Provider that we will use to confirm
|
|
|
- # the user's identity: an object with the following attributes:
|
|
|
- #
|
|
|
- # * idp_id: unique identifier for the IdP
|
|
|
- # * idp_name: user-facing name for the IdP
|
|
|
- # * idp_icon: if specified in the IdP config, an MXC URI for an icon
|
|
|
- # for the IdP
|
|
|
- # * idp_brand: if specified in the IdP config, a textual identifier
|
|
|
- # for the brand of the IdP
|
|
|
- #
|
|
|
- # * HTML page shown after a successful user interactive authentication session:
|
|
|
- # 'sso_auth_success.html'.
|
|
|
- #
|
|
|
- # Note that this page must include the JavaScript which notifies of a successful authentication
|
|
|
- # (see https://matrix.org/docs/spec/client_server/r0.6.0#fallback).
|
|
|
- #
|
|
|
- # This template has no additional variables.
|
|
|
- #
|
|
|
- # * HTML page shown after a user-interactive authentication session which
|
|
|
- # does not map correctly onto the expected user: 'sso_auth_bad_user.html'.
|
|
|
- #
|
|
|
- # When rendering, this template is given the following variables:
|
|
|
- # * server_name: the homeserver's name.
|
|
|
- # * user_id_to_verify: the MXID of the user that we are trying to
|
|
|
- # validate.
|
|
|
- #
|
|
|
- # * HTML page shown during single sign-on if a deactivated user (according to Synapse's database)
|
|
|
- # attempts to login: 'sso_account_deactivated.html'.
|
|
|
- #
|
|
|
- # This template has no additional variables.
|
|
|
- #
|
|
|
- # * HTML page to display to users if something goes wrong during the
|
|
|
- # OpenID Connect authentication process: 'sso_error.html'.
|
|
|
- #
|
|
|
- # When rendering, this template is given two variables:
|
|
|
- # * error: the technical name of the error
|
|
|
- # * error_description: a human-readable message for the error
|
|
|
- #
|
|
|
- # You can see the default templates at:
|
|
|
- # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
|
|
|
- #
|
|
|
- #template_dir: "res/templates"
|
|
|
-
|
|
|
|
|
|
# JSON web token integration. The following settings can be used to make
|
|
|
# Synapse JSON web tokens for authentication, instead of its internal
|
|
@@ -2207,6 +2073,9 @@ ui_auth:
|
|
|
|
|
|
# Configuration for sending emails from Synapse.
|
|
|
#
|
|
|
+# Server admins can configure custom templates for email content. See
|
|
|
+# https://matrix-org.github.io/synapse/latest/templates.html for more information.
|
|
|
+#
|
|
|
email:
|
|
|
# The hostname of the outgoing SMTP server to use. Defaults to 'localhost'.
|
|
|
#
|
|
@@ -2229,6 +2098,14 @@ email:
|
|
|
#
|
|
|
#require_transport_security: true
|
|
|
|
|
|
+ # Uncomment the following to disable TLS for SMTP.
|
|
|
+ #
|
|
|
+ # By default, if the server supports TLS, it will be used, and the server
|
|
|
+ # must present a certificate that is valid for 'smtp_host'. If this option
|
|
|
+ # is set to false, TLS will not be used.
|
|
|
+ #
|
|
|
+ #enable_tls: false
|
|
|
+
|
|
|
# notif_from defines the "From" address to use when sending emails.
|
|
|
# It must be set if email sending is enabled.
|
|
|
#
|
|
@@ -2275,49 +2152,6 @@ email:
|
|
|
#
|
|
|
#invite_client_location: https://app.element.io
|
|
|
|
|
|
- # Directory in which Synapse will try to find the template files below.
|
|
|
- # If not set, or the files named below are not found within the template
|
|
|
- # directory, default templates from within the Synapse package will be used.
|
|
|
- #
|
|
|
- # Synapse will look for the following templates in this directory:
|
|
|
- #
|
|
|
- # * The contents of email notifications of missed events: 'notif_mail.html' and
|
|
|
- # 'notif_mail.txt'.
|
|
|
- #
|
|
|
- # * The contents of account expiry notice emails: 'notice_expiry.html' and
|
|
|
- # 'notice_expiry.txt'.
|
|
|
- #
|
|
|
- # * The contents of password reset emails sent by the homeserver:
|
|
|
- # 'password_reset.html' and 'password_reset.txt'
|
|
|
- #
|
|
|
- # * An HTML page that a user will see when they follow the link in the password
|
|
|
- # reset email. The user will be asked to confirm the action before their
|
|
|
- # password is reset: 'password_reset_confirmation.html'
|
|
|
- #
|
|
|
- # * HTML pages for success and failure that a user will see when they confirm
|
|
|
- # the password reset flow using the page above: 'password_reset_success.html'
|
|
|
- # and 'password_reset_failure.html'
|
|
|
- #
|
|
|
- # * The contents of address verification emails sent during registration:
|
|
|
- # 'registration.html' and 'registration.txt'
|
|
|
- #
|
|
|
- # * HTML pages for success and failure that a user will see when they follow
|
|
|
- # the link in an address verification email sent during registration:
|
|
|
- # 'registration_success.html' and 'registration_failure.html'
|
|
|
- #
|
|
|
- # * The contents of address verification emails sent when an address is added
|
|
|
- # to a Matrix account: 'add_threepid.html' and 'add_threepid.txt'
|
|
|
- #
|
|
|
- # * HTML pages for success and failure that a user will see when they follow
|
|
|
- # the link in an address verification email sent when an address is added
|
|
|
- # to a Matrix account: 'add_threepid_success.html' and
|
|
|
- # 'add_threepid_failure.html'
|
|
|
- #
|
|
|
- # You can see the default templates at:
|
|
|
- # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
|
|
|
- #
|
|
|
- #template_dir: "res/templates"
|
|
|
-
|
|
|
# Subjects to use when sending emails from Synapse.
|
|
|
#
|
|
|
# The placeholder '%(app)s' will be replaced with the value of the 'app_name'
|