feat(synapse): add ansible role
This commit is contained in:
99
roles/synapse/defaults/main/homeserver.media_repo.yml
Normal file
99
roles/synapse/defaults/main/homeserver.media_repo.yml
Normal file
@ -0,0 +1,99 @@
|
||||
---
|
||||
# Media repo configuration
|
||||
synapse_config_enable_media_repo: true #TODO: set to false if workers enabled
|
||||
synapse_config_enable_authenticated_media: true
|
||||
synapse_config_media_store_path: "{{ synapse_media_store_path }}"
|
||||
synapse_config_max_pending_media_uploads: 10
|
||||
synapse_config_unused_expiration_time: "1h"
|
||||
# see https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#media_storage_providers
|
||||
synapse_config_media_store_providers: []
|
||||
synapse_config_max_upload_size: "50M"
|
||||
synapse_config_max_image_pixels: "32M"
|
||||
synapse_config_dynamic_thumbnails: true
|
||||
|
||||
# The following values are KiB/Mib per burst/second
|
||||
synapse_config_remote_media_download_burst_count: "500M"
|
||||
synapse_config_remote_media_download_per_second: "87K"
|
||||
|
||||
# Blacklist known spam servers here
|
||||
synapse_config_prevent_media_downloads_from: []
|
||||
|
||||
synapse_config_media_retention_local_media_lifetime: ~
|
||||
synapse_config_media_retention_remote_media_lifetime: ~
|
||||
synapse_config_media_retention: >-
|
||||
{{ {}
|
||||
| combine(({"local_media_lifetime": synapse_config_media_retention_local_media_lifetime})
|
||||
if synapse_config_media_retention_local_media_lifetime | default(false, true) else {})
|
||||
| combine(({"remote_media_lifetime": synapse_config_media_retention_remote_media_lifetime })
|
||||
if synapse_config_media_retention_remote_media_lifetime | default(false, true) else {})
|
||||
}}
|
||||
|
||||
# URL preview handling
|
||||
synapse_config_url_preview_enabled: true
|
||||
# Following recommendations from
|
||||
# https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#url_preview_ip_range_blacklist
|
||||
synapse_config_url_preview_ip_range_blacklist:
|
||||
- '127.0.0.0/8'
|
||||
- '10.0.0.0/8'
|
||||
- '172.16.0.0/12'
|
||||
- '192.168.0.0/16'
|
||||
- '100.64.0.0/10'
|
||||
- '192.0.0.0/24'
|
||||
- '169.254.0.0/16'
|
||||
- '192.88.99.0/24'
|
||||
- '198.18.0.0/15'
|
||||
- '192.0.2.0/24'
|
||||
- '198.51.100.0/24'
|
||||
- '203.0.113.0/24'
|
||||
- '224.0.0.0/4'
|
||||
- '::1/128'
|
||||
- 'fe80::/10'
|
||||
- 'fc00::/7'
|
||||
- '2001:db8::/32'
|
||||
- 'ff00::/8'
|
||||
- 'fec0::/10'
|
||||
synapse_config_url_preview_ip_range_whitelist: ~
|
||||
# see https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#url_preview_url_blacklist
|
||||
synapse_config_url_preview_url_blacklist:
|
||||
- username: "*"
|
||||
- netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
|
||||
# see https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#url_preview_accept_language
|
||||
synapse_config_url_preview_accept_language:
|
||||
- "en"
|
||||
synapse_config_max_spider_size: 8M
|
||||
synapse_config_oembed_disable_default_providers: false
|
||||
synapse_config_oembed_additional_providers: []
|
||||
|
||||
synapse_base_media_config:
|
||||
enable_media_repo: "{{ synapse_config_enable_media_repo }}"
|
||||
enable_authenticated_media: "{{ synapse_config_enable_authenticated_media }}"
|
||||
media_store_path: "{{ synapse_config_media_store_path }}"
|
||||
max_pending_media_uploads: "{{ synapse_config_max_pending_media_uploads }}"
|
||||
unused_expiration_time: "{{ synapse_config_unused_expiration_time }}"
|
||||
media_store_providers: "{{ synapse_config_media_store_providers }}"
|
||||
max_upload_size: "{{ synapse_config_max_upload_size }}"
|
||||
max_image_pixels: "{{ synapse_config_max_image_pixels }}"
|
||||
# Media - remote media handling
|
||||
remote_media_download_burst_count: >-
|
||||
{{ synapse_config_remote_media_download_burst_count }}
|
||||
remote_media_download_per_second: >-
|
||||
{{ synapse_config_remote_media_download_per_second }}
|
||||
prevent_media_downloads_from: "{{ synapse_config_prevent_media_downloads_from }}"
|
||||
media_retention: "{{ synapse_config_media_retention }}"
|
||||
# Media - URL preview options
|
||||
dynamic_thumbnails: "{{ synapse_config_dynamic_thumbnails }}"
|
||||
url_preview_enabled: "{{ synapse_config_url_preview_enabled }}"
|
||||
url_preview_ip_range_blacklist: >-
|
||||
{{ synapse_config_url_preview_ip_range_blacklist }}
|
||||
url_preview_url_blacklist: "{{ synapse_config_url_preview_url_blacklist }}"
|
||||
url_preview_accept_language: "{{ synapse_config_url_preview_accept_language }}"
|
||||
max_spider_size: "{{ synapse_config_max_spider_size }}"
|
||||
oembed:
|
||||
disable_default_providers: "{{ synapse_config_oembed_disable_default_providers }}"
|
||||
additional_providers: "{{ synapse_config_oembed_additional_providers }}"
|
||||
synapse_media_config: >-2
|
||||
{{
|
||||
synapse_base_media_config
|
||||
| combine(({'url_preview_ip_range_whitelist': synapse_config_url_preview_ip_range_whitelist})
|
||||
if synapse_config_url_preview_ip_range_whitelist | default(false, true) else {})
|
||||
}}
|
||||
Reference in New Issue
Block a user