diff --git a/.env.sample b/.env.sample index 29f5f72..dca65a4 100644 --- a/.env.sample +++ b/.env.sample @@ -1,35 +1,43 @@ TYPE=matrix-synapse - DOMAIN=matrix.example.com LETS_ENCRYPT_ENV=production +COMPOSE_FILE="compose.yml" -SECRET_DB_PASSWORD_VERSION=v1 +## Admin details SYNAPSE_ADMIN_EMAIL=admin@example.com -SECRET_REGISTRATION_SHARED_SECRET_VERSION=v1 -SECRET_MACAROON_SECRET_KEY_VERSION=v1 -SECRET_FORM_SECRET_VERSION=v1 +## Secrets -COMPOSE_FILE="compose.yml" +SECRET_DB_PASSWORD_VERSION=v1 +SECRET_FORM_SECRET_VERSION=v1 +SECRET_MACAROON_SECRET_KEY_VERSION=v1 +SECRET_REGISTRATION_SHARED_SECRET_VERSION=v1 + +## Federation #DISABLE_FEDERATION=1 # Set "true" to enable federation endpoint on $DOMAIN/.well-known/matrix/server SERVE_SERVER_WELLKNOWN=false +## Registration + ENABLE_REGISTRATION=false PASSWORD_LOGIN_ENABLED=true +## Room auto-join + #AUTO_JOIN_ROOM_ENABLED=1 #AUTO_JOIN_ROOM="#example:example.com" +## Logging + +# for the homserver SQL_LOG_LEVEL=WARN ROOT_LOG_LEVEL=WARN -REDACTION_RETENTION_PERIOD=7d - -RETENTION_MAX_LIFETIME=4w +## Privacy ENABLE_3PID_LOOKUP=true @@ -37,14 +45,21 @@ USER_IPS_MAX_AGE=1d ENCRYPTED_BY_DEFAULT=all -ALLOWED_LIFETIME_MAX=4w - #ENABLE_ALLOWLIST=1 #FEDERATION_ALLOWLIST="[]" +## Retention + +ALLOWED_LIFETIME_MAX=4w + +REDACTION_RETENTION_PERIOD=7d +RETENTION_MAX_LIFETIME=4w + #MEDIA_RETENTION_LOCAL_LIFETIME=30d #MEDIA_RETENTION_REMOTE_LIFETIME=14d +## Keycloak SSO + #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml" #KEYCLOAK_ENABLED=1 #KEYCLOAK_ID=keycloak @@ -55,12 +70,16 @@ ALLOWED_LIFETIME_MAX=4w #KEYCLOAK_ALLOW_EXISTING_USERS=false #SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1 +## TURN + #COMPOSE_FILE="$COMPOSE_FILE:compose.turn.yml" #TURN_ENABLED=1 #TURN_URIS="[\"turns:coturn.foo.zone?transport=udp\", \"turns:coturn.foo.zone?transport=tcp\"]" #TURN_ALLOW_GUESTS=true #SECRET_TURN_SHARED_SECRET_VERSION=v1 +## SMTP + #COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml" #SMTP_ENABLED=1 #SMTP_APP_NAME= @@ -70,9 +89,13 @@ ALLOWED_LIFETIME_MAX=4w #SMTP_USER= #SECRET_SMTP_PASSWORD_VERSION=v1 +## App services + #APP_SERVICES_ENABLED=1 #APP_SERVICE_CONFIGS="[\"...\"]" +## Telegram bridge + #COMPOSE_FILE="$COMPOSE_FILE:compose.telegram.yml" #APP_SERVICE_BOT_USERNAME=telegrambot #APP_SERVICE_DISPLAY_NAME="Telegram bridge bot" @@ -82,26 +105,32 @@ ALLOWED_LIFETIME_MAX=4w #VERIFY_SSL=false #ENABLE_ENCRYPTION=true #TELEGRAM_APP_ID= -TELEGRAM_BRIDGE_PERMISSIONS="{ \"*\": \"relaybot\" }" +#TELEGRAM_BRIDGE_PERMISSIONS="{ \"*\": \"relaybot\" }" #SECRET_TELEGRAM_DB_PASSWORD_VERSION=v1 #SECRET_TELEGRAM_API_HASH_VERSION=v1 #SECRET_TELEGRAM_BOT_TOKEN_VERSION=v1 #SECRET_TELEGRAM_AS_TOKEN_VERSION=v1 #SECRET_TELEGRAM_HS_TOKEN_VERSION=v1 +## Discord bridge + #COMPOSE_FILE="$COMPOSE_FILE:compose.discord.yml" #DISCORD_CLIENT_ID= #DISCORD_BRIDGE_ADMIN= #SECRET_DISCORD_BOT_TOKEN_VERSION=v1 #SECRET_DISCORD_DB_PASSWORD_VERSION=v1 +## Signal bridge + #COMPOSE_FILE="$COMPOSE_FILE:compose.signal.yml" #SIGNAL_ENABLE_ENCRYPTION=true -SIGNAL_BRIDGE_PERMISSIONS="{ \"*\": \"relay\" }" +#SIGNAL_BRIDGE_PERMISSIONS="{ \"*\": \"relay\" }" #SECRET_SIGNAL_AS_TOKEN_VERSION=v1 #SECRET_SIGNAL_DB_PASSWORD_VERSION=v1 #SECRET_SIGNAL_HS_TOKEN_VERSION=v1 +## Shared auth + #COMPOSE_FILE="$COMPOSE_FILE:compose.shared_secret_auth.yml" #SHARED_SECRET_AUTH_ENABLED=1 #SECRET_SHARED_SECRET_AUTH_VERSION=v1 # length=128