feat(synapse): add ansible role

roles/synapse/docs/database.md

@@ -0,0 +1,27 @@
+# `synapse` database configuration
+
+Per default, the ansible role supplies a `sqlite`-database (file-based),
+which is located in `/opt/synapse/data/homeserver.db` (`synapse_sqlite_database_file`).
+
+## PostgresQL
+
+To configure synapse for use with postgresql, set `synapse_config_database_name` to `psycopg2`.
+
+Set your connection information in `synapse_config_database_args` like this:
+```yaml
+synapse_config_database_args:
+  user: my_synapse_db_user
+  password: my_synapse_db_password
+  host: my_database_host
+  port: my_database_port_to_connect_to | int
+  # connection pooling (cp) settings, min and max connections
+  cp_min: 5 | int
+  cp_max: 20 | int
+```
+
+Also see [the upstream documentation on the `database` config key](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#database-1).
+
+## Transaction limits
+
+The ansible role sets a default transaction limit of 10.000 concurrent transactions.
+This configuration can be overridden in `synapse_config_database_txn_limit`.

roles/synapse/docs/listeners.md

@@ -0,0 +1,24 @@
+# `synapse` listener config
+
+Synapse serves endpoints under so-called listeners, which are
+defined in `synapse_listeners_config`. The role gives some pre-
+configured options to set for use in various scenarios:
+
+## Behind reverse proxy which does SSL offloading
+
+The `synapse_listeners_default_config` is analog to the upstream
+defaults and will serve both federation and client API on a
+single HTTP port, without TLS or compression, while trusting the
+`X-Forwarded-For` headers.
+
+Use it like this:
+```yaml
+synapse_listeners_config: "{{ synapse_listeners_default_config }}"
+# Change the port like this
+synapse_config_listeners_port: "8090"
+# If you use docker or your reverse-proxy is not local,
+# set the listen_addresses like this
+synapse_config_listeners_bind_addresses:
+  - "::"
+  - "0.0.0.0"
+```