mirror of
https://github.com/element-hq/synapse.git
synced 2024-12-22 12:44:30 +03:00
b257c7ab19
Be able to test `/login/sso/redirect` in Complement
Spawning from
https://github.com/element-hq/sbg/pull/421#discussion_r1854926218 where
we have a proxy that intercepts responses to
`/_matrix/client/v3/login/sso/redirect(/{idpId})` in order to upgrade
them to use OAuth 2.0 Pushed Authorization Requests (PAR). We have some
Complement tests in that codebase that go over this flow and these
changes are required [in order for the URL's to line
up](d648c8ce3f/synapse/rest/client/login.py (L652-L673)
).
134 lines
3.1 KiB
Django/Jinja
134 lines
3.1 KiB
Django/Jinja
{#
|
|
This file extends the default 'shared' configuration file (from the 'synapse-workers'
|
|
docker image) with Complement-specific tweak.
|
|
|
|
The base configuration is moved out of the default path to `shared-orig.yaml.j2`
|
|
in the Complement Dockerfile and below we include that original file.
|
|
#}
|
|
|
|
## Server ##
|
|
public_baseurl: http://127.0.0.1:8008/
|
|
report_stats: False
|
|
trusted_key_servers: []
|
|
enable_registration: true
|
|
enable_registration_without_verification: true
|
|
bcrypt_rounds: 4
|
|
url_preview_enabled: true
|
|
url_preview_ip_range_blacklist: []
|
|
|
|
## Registration ##
|
|
|
|
# Needed by Complement to register admin users
|
|
# DO NOT USE in a production configuration! This should be a random secret.
|
|
registration_shared_secret: complement
|
|
|
|
## Federation ##
|
|
|
|
# trust certs signed by Complement's CA
|
|
federation_custom_ca_list:
|
|
- /complement/ca/ca.crt
|
|
|
|
# unblacklist RFC1918 addresses
|
|
federation_ip_range_blacklist: []
|
|
|
|
# Disable server rate-limiting
|
|
rc_federation:
|
|
window_size: 1000
|
|
sleep_limit: 10
|
|
sleep_delay: 500
|
|
reject_limit: 99999
|
|
concurrent: 3
|
|
|
|
rc_message:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_registration:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_login:
|
|
address:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
account:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
failed_attempts:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_admin_redaction:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_joins:
|
|
local:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
remote:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_joins_per_room:
|
|
per_second: 9999
|
|
burst_count: 9999
|
|
|
|
rc_3pid_validation:
|
|
per_second: 1000
|
|
burst_count: 1000
|
|
|
|
rc_invites:
|
|
per_room:
|
|
per_second: 1000
|
|
burst_count: 1000
|
|
per_user:
|
|
per_second: 1000
|
|
burst_count: 1000
|
|
|
|
federation_rr_transactions_per_room_per_second: 9999
|
|
|
|
allow_device_name_lookup_over_federation: true
|
|
|
|
## Experimental Features ##
|
|
|
|
experimental_features:
|
|
# Enable support for polls
|
|
msc3381_polls_enabled: true
|
|
# Enable deleting device-specific notification settings stored in account data
|
|
msc3890_enabled: true
|
|
# Enable removing account data support
|
|
msc3391_enabled: true
|
|
# Filtering /messages by relation type.
|
|
msc3874_enabled: true
|
|
# no UIA for x-signing upload for the first time
|
|
msc3967_enabled: true
|
|
# Expose a room summary for public rooms
|
|
msc3266_enabled: true
|
|
# Send to-device messages to application services
|
|
msc2409_to_device_messages_enabled: true
|
|
# Allow application services to masquerade devices
|
|
msc3202_device_masquerading: true
|
|
# Sending device list changes, one-time key counts and fallback key usage to application services
|
|
msc3202_transaction_extensions: true
|
|
# Proxy OTK claim requests to exclusive ASes
|
|
msc3983_appservice_otk_claims: true
|
|
# Proxy key queries to exclusive ASes
|
|
msc3984_appservice_key_query: true
|
|
|
|
server_notices:
|
|
system_mxid_localpart: _server
|
|
system_mxid_display_name: "Server Alert"
|
|
system_mxid_avatar_url: ""
|
|
room_name: "Server Alert"
|
|
|
|
# Enable delayed events (msc4140)
|
|
max_event_delay_duration: 24h
|
|
|
|
|
|
# Disable sync cache so that initial `/sync` requests are up-to-date.
|
|
caches:
|
|
sync_response_cache_duration: 0
|
|
|
|
|
|
{% include "shared-orig.yaml.j2" %}
|