# Configuration file for Synapse.
# Config by Mosskoi
# This configuration intends on creating a private experience for matrix
# By default it disallows communication with federated services and other servers
# But by configuring a whitelist you can adds more servers to your network
# Make sure these other servers have the same whitelist server as you
# Matrix does not disallow

# * Server
server_name: "matrix.example.com"
public_baseurl: https://matrix.example.com/

serve_server_wellknown: true
extra_well_known_client_content:
    org.matrix.msc4143.rtc_foci:
        - type: livekit
          livekit_service_url: https://livekit.example.com

# Currently unused
#ip_range_blacklist:
#- 127.0.0.0/8
#ip_range_whitelist:
#- 192.168.1.1

listeners:
    - port: 8008
      resources:
          - compress: false
            names:
                - client
                - federation
      tls: false
      type: http
      x_forwarded: true

# * Homeserver blocking

require_membership_for_aliases: false
max_avatar_size: 5M
allowed_avatar_mimetypes:
    - image/png
    - image/jpeg
    - image/webp
    - image/gif

user_ips_max_age: 90d

# * TLS
# Currently not used
# federation_certificate_verification_whitelist:
#- lon.example.com

# * Federation
# Private federation system
federation_domain_whitelist:
    - matrix.example.com
federation_metrics_domains:
    - matrix.example.com

allow_profile_lookup_over_federation: false
allow_device_name_lookup_over_federation: false

federation:
    client_timeout: 60s
    max_short_retry_delay: 7s
    max_long_retry_delay: 100s
    max_short_retries: 3
    max_long_retries: 7
    destination_min_retry_interval: 10m
    destination_retry_multiplier: 2
    destination_max_retry_interval: 12h

database:
    name: sqlite3
    args:
        database: /data/homeserver.db
log_config: "/data/matrix.example.com.log.config"

# * Logging
# * Rate limiting
rc_registration:
    per_second: 0.1
    burst_count: 2.0

# * Media Store
media_store_path: /data/media_store
max_pending_media_uploads: 10
#url_preview_enabled: true Must explicit blacklist
# * Captcha
# * TURN
matrix_rtc:
    transports:
        - type: livekit
          livekit_service_url: https://livekit.example.com

# * Registration
enable_registration: true # Must be enabled for token registrations to work
enable_registration_without_verification: false
disable_msisdn_registration: true
enable_3pid_lookup: false
registration_requires_token: true
registration_shared_secret: REGISTRATION_SECRET

enable_set_displayname: true
enable_set_avatar_url: true
enable_3pids_changes: true

allow_guest_access: false

autocreate_auto_join_rooms: false
autocreate_auto_join_rooms_federated: false
auto_join_rooms_for_guests: false

# * User session management
login_via_existing_session:
    enabled: true
    require_ui_auth: false
    token_timeout: 5m

# * API Configuration
#
macaroon_secret_key: "MACAROON_SECRET"
form_secret: "FROM_SECRET"
signing_key_path: "/data/matrix.example.com.signing.key"

# * Rooms
user_directory:
    enabled: false
    search_all_users: false
    prefer_local_users: true
    exclude_remote_users: false
    show_locked_users: false

enable_room_list_search: true

# Guest sign-in

pid_file: /data/homeserver.pid

# Signing and secrets
report_stats: false
trusted_key_servers: []
#  - server_name: "matrix.example.com"

experimental_features:
    msc4143_enabled: true
# vim:ft=yaml

app_service_config_files:
    - /data/registration.yaml