diff --git a/roles/matrix-server/templates/synapse/homeserver.yaml.j2 b/roles/matrix-server/templates/synapse/homeserver.yaml.j2 index f91c86940..8d3b9be21 100644 --- a/roles/matrix-server/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-server/templates/synapse/homeserver.yaml.j2 @@ -120,7 +120,8 @@ use_presence: {{ matrix_synapse_use_presence|to_json }} # - nyc.example.com # - syd.example.com {% if matrix_synapse_federation_domain_whitelist is not none %} -federation_domain_whitelist: {{ matrix_synapse_federation_domain_whitelist|to_json }} +federation_domain_whitelist: +{{ matrix_synapse_federation_domain_whitelist|to_nice_yaml }} {% endif %} # List of ports that Synapse should listen on, their purpose and their @@ -215,8 +216,8 @@ database: # The database engine name name: "psycopg2" args: - user: "{{ matrix_postgres_connection_username }}" - password: "{{ matrix_postgres_connection_password }}" + user: {{ matrix_postgres_connection_username|to_json }} + password: {{ matrix_postgres_connection_password|to_json }} database: "{{ matrix_postgres_db_name }}" host: "{{ matrix_postgres_connection_hostname }}" cp_min: 5 @@ -411,7 +412,7 @@ recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" turn_uris: ["turn:{{ hostname_matrix }}:3478?transport=udp", "turn:{{ hostname_matrix }}:3478?transport=tcp"] # The shared secret used to compute passwords for the TURN server -turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret }}" +turn_shared_secret: {{ matrix_coturn_turn_static_auth_secret|to_json }} # The Username and password if the TURN server needs them and # does not use a token @@ -432,7 +433,7 @@ turn_allow_guests: False ## Registration ## # Enable registration for new users. -enable_registration: {{ matrix_synapse_enable_registration }} +enable_registration: {{ matrix_synapse_enable_registration|to_json }} # The user must provide all of the below types of 3PID when registering. # @@ -453,7 +454,7 @@ enable_registration: {{ matrix_synapse_enable_registration }} # If set, allows registration by anyone who also has the shared # secret, even if registration is otherwise disabled. -registration_shared_secret: "{{ matrix_synapse_registration_shared_secret }}" +registration_shared_secret: {{ matrix_synapse_registration_shared_secret|to_json }} # Set the number of bcrypt rounds used to generate password hash. # Larger numbers increase the work factor needed to generate the hash. @@ -496,7 +497,7 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms }} # Enable collection and rendering of performance metrics enable_metrics: False -report_stats: {{ matrix_synapse_report_stats }} +report_stats: {{ matrix_synapse_report_stats|to_json }} ## API Configuration ## @@ -513,14 +514,14 @@ room_invite_state_types: app_service_config_files: {{ matrix_synapse_app_service_config_files }} -macaroon_secret_key: "{{ matrix_synapse_macaroon_secret_key }}" +macaroon_secret_key: {{ matrix_synapse_macaroon_secret_key|to_json }} # Used to enable access token expiration. expire_access_token: False # a secret which is used to calculate HMACs for form values, to stop # falsification of values -form_secret: "{{ matrix_synapse_form_secret }}" +form_secret: {{ matrix_synapse_form_secret|to_json }} ## Signing Keys ## @@ -587,7 +588,7 @@ password_config: enabled: true # Uncomment and change to a secret random string for extra security. # DO NOT CHANGE THIS AFTER INITIAL SETUP! - pepper: "{{ matrix_synapse_password_config_pepper }}" + pepper: {{ matrix_synapse_password_config_pepper|to_json }} @@ -633,12 +634,12 @@ password_providers: {% if matrix_synapse_ext_password_provider_shared_secret_auth_enabled %} - module: "shared_secret_authenticator.SharedSecretAuthenticator" config: - sharedSecret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}" + sharedSecret: {{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret|to_json }} {% endif %} {% if matrix_synapse_ext_password_provider_rest_auth_enabled %} - module: "rest_auth_provider.RestAuthProvider" config: - endpoint: "{{ matrix_synapse_ext_password_provider_rest_auth_endpoint }}" + endpoint: {{ matrix_synapse_ext_password_provider_rest_auth_endpoint|to_json }} policy: registration: username: @@ -653,16 +654,16 @@ password_providers: - module: "ldap_auth_provider.LdapAuthProvider" config: enabled: true - uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" - start_tls: "{{ matrix_synapse_ext_password_provider_ldap_start_tls }}" - base: "{{ matrix_synapse_ext_password_provider_ldap_base }}" + uri: {{ matrix_synapse_ext_password_provider_ldap_uri|to_json }} + start_tls: {{ matrix_synapse_ext_password_provider_ldap_start_tls|to_json }} + base: {{ matrix_synapse_ext_password_provider_ldap_base|to_json }} attributes: - uid: "{{ matrix_synapse_ext_password_provider_ldap_attributes_uid }}" - mail: "{{ matrix_synapse_ext_password_provider_ldap_attributes_mail }}" - name: "{{ matrix_synapse_ext_password_provider_ldap_attributes_name }}" - bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" - bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" - filter: "{{ matrix_synapse_ext_password_provider_ldap_filter }}" + uid: {{ matrix_synapse_ext_password_provider_ldap_attributes_uid|to_json }} + mail: {{ matrix_synapse_ext_password_provider_ldap_attributes_mail|to_json }} + name: {{ matrix_synapse_ext_password_provider_ldap_attributes_name|to_json }} + bind_dn: {{ matrix_synapse_ext_password_provider_ldap_bind_dn|to_json }} + bind_password: {{ matrix_synapse_ext_password_provider_ldap_bind_password|to_json }} + filter: {{ matrix_synapse_ext_password_provider_ldap_filter|to_json }} {% endif %} {% endif %}