2019-01-16 18:05:48 +02:00
---
2024-05-25 16:14:26 +03:00
matrix_synapse_client_api_url_endpoint_public : "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_server_fqn_matrix }}/_matrix/client/versions"
matrix_synapse_federation_api_url_endpoint_public : "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version"
2019-05-14 23:47:22 +09:00
2022-07-18 11:22:05 +03:00
matrix_synapse_media_store_directory_name : "{{ matrix_synapse_media_store_path | basename }}"
2021-01-24 22:18:31 +02:00
2023-07-27 11:26:15 +02:00
# Optionally: `false` to fully disable tls on outbound smtp
matrix_synapse_email_smtp_enable_tls : true
2024-01-16 09:17:24 -06:00
# Room workers handle any URL that contains a room id, either through the client-server API or the federation API
# - see https://tcpipuk.github.io/synapse/deployment/nginx.html#locationsconf
matrix_synapse_workers_room_worker_client_server_endpoints :
- ^/_matrix/client/.*?!(?<room>[A-Za-z0-9._=\-\/]+):[A-Za-z0-9.\-]+
matrix_synapse_workers_room_worker_federation_endpoints :
- ^/_matrix/federation/v[12]/(?:state_ids|get_missing_events)/(?:%21|!)(?<room>[A-Za-z0-9._=\-\/]+)(:|%3A)[A-Za-z0-9.\-]+
# Sync workers handle /sync and the (now deprecated) related endpoints
matrix_synapse_workers_sync_worker_client_server_endpoints :
- ^/_matrix/client/(api/v1|r0|v3|unstable)/(sync|events|initialSync|rooms/[^/]+/initialSync)$
# Client reader workers handle generic client-server endpoints that don't contain a roomid or sync
matrix_synapse_workers_client_reader_client_server_endpoints :
- ^/_matrix/client/(api/v1|r0|v3|unstable)/(room_keys/|keys/(query|changes|claim|upload/|room_keys/)|login|register(/available|/m.login.registration_token/validity|)|password_policy|profile|rooms/.*/(joined_members|context/.*|members|state|hierarchy|relations/|event/|aliases|timestamp_to_event|redact|send|state/|(join|invite|leave|ban|unban|kick))|createRoom|publicRooms|account/(3pid|whoami|devices)|versions|voip/turnServer|joined_rooms|search|user/.*/filter(/|$)|directory/room/.*|capabilities)
# Federation reader workers handle generic federation endpoints that don't contain a roomid
matrix_synapse_workers_federation_reader_federation_endpoints :
- ^/_matrix/(federation/(v1|v2)|key/v2)/
2021-01-24 22:18:31 +02:00
# A Synapse generic worker can handle both federation and client-server API endpoints.
# We wish to split these, as we normally serve federation separately and don't want them mixed up.
#
# This is some ugly Ansible/Jinja2 hack (seen here: https://stackoverflow.com/a/47831492),
# which takes a list of various strings and removes the ones NOT containing `/_matrix/client` anywhere in them.
#
# We intentionally don't do a diff between everything possible (`matrix_synapse_workers_generic_worker_endpoints`) and `matrix_synapse_workers_generic_worker_federation_endpoints`,
# because `matrix_synapse_workers_generic_worker_endpoints` also contains things like `/_synapse/client/`, etc.
# While /_synapse/client/ endpoints are somewhat client-server API-related, they're:
# - neither part of the client-server API spec (and are thus, different)
2024-01-04 11:37:17 +02:00
# - nor always OK to forward to a worker (we're supposed to obey `matrix_synapse_companion_container_labels_client_synapse_client_api_enabled`)
2021-01-24 22:18:31 +02:00
#
# It's also not too many of these APIs (only `^/_synapse/client/password_reset/email/submit_token$` at the time of this writing / 2021-01-24),
# so it's not that important whether we forward them or not.
#
# Basically, we aim to cover most things. Skipping `/_synapse/client` or a few other minor things doesn't matter too much.
2022-07-18 15:13:09 +03:00
matrix_synapse_workers_generic_worker_client_server_endpoints : "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', '.*/_matrix/client.*') | list | difference([none]) }}"
2021-01-24 22:18:31 +02:00
# A Synapse generic worker can handle both federation and client-server API endpoints.
# We wish to split these, as we normally serve federation separately and don't want them mixed up.
#
# This is some ugly Ansible/Jinja2 hack (seen here: https://stackoverflow.com/a/47831492),
2021-01-25 09:31:52 +02:00
# which takes a list of various strings and removes the ones NOT containing `/_matrix/federation` or `/_matrix/key` anywhere in them.
2022-07-18 15:33:41 +03:00
matrix_synapse_workers_generic_worker_federation_endpoints : "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}"
# matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints.
2022-09-27 11:38:33 +03:00
# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule.
2022-07-18 15:33:41 +03:00
matrix_synapse_workers_generic_worker_federation_endpoints_regex : '.*(/_matrix/federation|/_matrix/key).*'
2022-09-15 07:05:25 +03:00
# matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer.
# See: https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream
matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints :
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing
# matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints contains the endpoints serviced by the `to_device` stream writer.
# See: https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream
matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints :
- ^/_matrix/client/(r0|v3|unstable)/sendToDevice/
# matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints contains the endpoints serviced by the `account_data` stream writer.
# See: https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream
matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints :
- ^/_matrix/client/(r0|v3|unstable)/.*/tags
- ^/_matrix/client/(r0|v3|unstable)/.*/account_data
# matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints contains the endpoints serviced by the `recepts` stream writer.
# See: https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream
matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints :
- ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt
- ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers
# matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints contains the endpoints serviced by the `presence` stream writer.
# See: https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream
matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints :
- ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/
2022-09-15 10:00:57 +03:00
# matrix_synapse_workers_user_dir_worker_client_server_endpoints contains the endpoints serviced by the `type = user_dir` (`app = generic_worker`) worker.
# See: https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory
matrix_synapse_workers_user_dir_worker_client_server_endpoints :
- ^/_matrix/client/(r0|v3|unstable)/user_directory/search$
2022-09-15 07:05:25 +03:00
# matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes.
# This is used for validation purposes. If adding support for a new type, besides adding it to this list,
# don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc).
matrix_synapse_workers_known_stream_writer_stream_types : [ 'events' , 'typing' , 'to_device' , 'account_data' , 'receipts' , 'presence' ]
# matrix_synapse_workers_webserving_stream_writer_types contains a list of stream writer types that serve web (client) requests.
# Not all stream writers serve web requests. Some just perform background tasks.
matrix_synapse_workers_webserving_stream_writer_types : [ 'typing' , 'to_device' , 'account_data' , 'receipts' , 'presence' ]
# matrix_synapse_workers_systemd_services_list contains a list of systemd services (one for each worker systemd service which serves web requests).
# This list is built during runtime.
# Not all workers serve web requests. Those that don't won't be injected here.
matrix_synapse_webserving_workers_systemd_services_list : [ ]
# matrix_synapse_known_worker_types contains the list of known worker types.
2022-09-15 10:00:57 +03:00
#
2022-09-15 07:05:25 +03:00
# A worker type is different than a worker app (e.g. `generic_worker`).
# For example, the `stream_writer` worker type is served by the `generic_worker` app, but is a separate type that we recognize.
2022-09-15 10:00:57 +03:00
#
# Some other types (`appservice` and `user_dir`) used to be Synapse worker apps, which got subsequently deprecated.
# We still allow these types of workers and map them to the `generic_worker` app,
# which is why we make sure they're part of the list below.
# We use the `unique` filter because they're part of `matrix_synapse_workers_avail_list` too (for now; scheduled for removal).
2022-09-15 07:05:25 +03:00
matrix_synapse_known_worker_types : |
{{
2022-09-15 10:00:57 +03:00
(
matrix_synapse_workers_avail_list
+
[ 'stream_writer' ]
+
[ 'appservice' ]
+
[ 'user_dir' ]
2022-09-15 10:32:51 +03:00
+
[ 'background' ]
2022-09-15 10:00:57 +03:00
) | unique
2022-09-15 07:05:25 +03:00
}}
# matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`.
matrix_synapse_known_instance_map_eligible_worker_types :
- stream_writer
2022-11-04 18:55:57 +02:00
2024-01-17 07:58:01 +02:00
# The following section contains content that had previously been generated by a script (`workers-doc-to-yaml.awk`) processing https://github.com/element-hq/synapse/raw/master/docs/workers.md,
2022-11-05 07:29:47 +02:00
# but is now maintained manually due to:
# - the script being tripped up by the content and generating somewhat inaccurate definitions, which had to be fixed up manually.
# - the script being complicated and unmaintainable
2022-11-04 18:55:57 +02:00
### workers:start
matrix_synapse_workers_generic_worker_endpoints :
# Sync requests
- ^/_matrix/client/(r0|v3)/sync$
- ^/_matrix/client/(api/v1|r0|v3)/events$
- ^/_matrix/client/(api/v1|r0|v3)/initialSync$
- ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$
# Federation requests
- ^/_matrix/federation/v1/event/
- ^/_matrix/federation/v1/state/
- ^/_matrix/federation/v1/state_ids/
- ^/_matrix/federation/v1/backfill/
- ^/_matrix/federation/v1/get_missing_events/
- ^/_matrix/federation/v1/publicRooms
- ^/_matrix/federation/v1/query/
- ^/_matrix/federation/v1/make_join/
- ^/_matrix/federation/v1/make_leave/
- ^/_matrix/federation/(v1|v2)/send_join/
- ^/_matrix/federation/(v1|v2)/send_leave/
- ^/_matrix/federation/(v1|v2)/invite/
- ^/_matrix/federation/v1/event_auth/
2022-12-06 15:52:16 +02:00
- ^/_matrix/federation/v1/timestamp_to_event/
2022-11-04 18:55:57 +02:00
- ^/_matrix/federation/v1/exchange_third_party_invite/
- ^/_matrix/federation/v1/user/devices/
- ^/_matrix/key/v2/query
- ^/_matrix/federation/v1/hierarchy/
# Inbound federation transaction request
- ^/_matrix/federation/v1/send/
# Client API requests
- ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$
- ^/_matrix/client/v1/rooms/.*/hierarchy$
- ^/_matrix/client/(v1|unstable)/rooms/.*/relations/
- ^/_matrix/client/v1/rooms/.*/threads$
- ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$
- ^/_matrix/client/(r0|v3|unstable)/account/3pid$
- ^/_matrix/client/(r0|v3|unstable)/account/whoami$
- ^/_matrix/client/(r0|v3|unstable)/devices$
- ^/_matrix/client/versions$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/
- ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$
2022-12-06 15:52:16 +02:00
- ^/_matrix/client/v1/rooms/.*/timestamp_to_event$
2023-03-14 19:20:46 +02:00
- ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases
2022-11-04 18:55:57 +02:00
- ^/_matrix/client/(api/v1|r0|v3|unstable)/search$
2023-03-14 19:20:46 +02:00
- ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)
2023-04-25 15:15:13 +03:00
- ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$
2023-04-25 15:16:03 +03:00
- ^/_matrix/client/(r0|v3|unstable)/capabilities$
2023-09-12 18:31:38 +03:00
- ^/_matrix/client/(r0|v3|unstable)/notifications$
2022-11-04 18:55:57 +02:00
# Encryption requests
# Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri`
- ^/_matrix/client/(r0|v3|unstable)/keys/query$
- ^/_matrix/client/(r0|v3|unstable)/keys/changes$
- ^/_matrix/client/(r0|v3|unstable)/keys/claim$
- ^/_matrix/client/(r0|v3|unstable)/room_keys/
- ^/_matrix/client/(r0|v3|unstable)/keys/upload/
# Registration/login requests
- ^/_matrix/client/(api/v1|r0|v3|unstable)/login$
- ^/_matrix/client/(r0|v3|unstable)/register$
2023-03-28 16:23:25 +03:00
- ^/_matrix/client/(r0|v3|unstable)/register/available$
2022-11-04 18:55:57 +02:00
- ^/_matrix/client/v1/register/m.login.registration_token/validity$
2023-03-28 16:23:25 +03:00
- ^/_matrix/client/(r0|v3|unstable)/password_policy$
2022-11-04 18:55:57 +02:00
# Event sending requests
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$
- ^/_matrix/client/(api/v1|r0|v3|unstable)/join/
2023-03-14 19:20:46 +02:00
- ^/_matrix/client/(api/v1|r0|v3|unstable)/knock/
2022-11-04 18:55:57 +02:00
- ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/
2022-11-05 07:40:56 +02:00
# Start of intentionally-ignored-endpoints
#
# We ignore these below, because they're better sent to dedicated workers (various stream writers).
# If a stream writer is enabled, the endpoint should be routed to the stream writer, not to a generic worker.
# If a stream writer of a given type is not enabled, then a generic worker may process it.
# Because it's difficult to handle these individually based on which stream writer is enabled and which isn't,
# we just disable them here.
#
# # Account data requests
# - ^/_matrix/client/(r0|v3|unstable)/.*/tags
# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data
#
# # Receipts requests
# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt
# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers
#
# # Presence requests
# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/
#
# # User directory search requests
# - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$
# End of intentionally-ignored-endpoints
2022-11-04 18:55:57 +02:00
matrix_synapse_workers_media_repository_endpoints :
# Handles the media repository. It can handle all endpoints starting with:
- ^/_matrix/media/
# ... and the following regular expressions matching media-specific administration APIs:
- ^/_synapse/admin/v1/purge_media_cache$
- ^/_synapse/admin/v1/room/.*/media.*$
- ^/_synapse/admin/v1/user/.*/media.*$
- ^/_synapse/admin/v1/media/.*$
- ^/_synapse/admin/v1/quarantine_media/.*$
- ^/_synapse/admin/v1/users/.*/media$
matrix_synapse_workers_user_dir_endpoints :
# Handles searches in the user directory. It can handle REST endpoints matching
# the following regular expressions:
- ^/_matrix/client/(r0|v3|unstable)/user_directory/search$
matrix_synapse_workers_avail_list :
- appservice
2024-01-16 10:58:46 -06:00
- client_reader
- federation_reader
2022-11-04 18:55:57 +02:00
- federation_sender
- generic_worker
- media_repository
- pusher
2024-01-16 10:58:46 -06:00
- room_worker
- sync_worker
2022-11-04 18:55:57 +02:00
- user_dir
### workers:end