diff options
| -rwxr-xr-x | host/Rory-synapse/software.nix | 112 |
1 files changed, 109 insertions, 3 deletions
diff --git a/host/Rory-synapse/software.nix b/host/Rory-synapse/software.nix index d194092..1817660 100755 --- a/host/Rory-synapse/software.nix +++ b/host/Rory-synapse/software.nix @@ -78,17 +78,44 @@ services.matrix-synapse = { enable = true; + withJemalloc = true; + # https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html settings = { server_name = "rory.gay"; enable_registration = true; registration_requires_token = true; + + require_membership_for_aliases = false; + redaction_retention_period = "null"; + user_ips_max_age = null; + allow_device_name_lookup_over_federation = true; + + federation = { + client_timeout = "10s"; + max_short_retries = 3; + max_short_retry_delay = "30s"; + max_long_retries = 5; + max_long_retry_delay = "5m"; + }; + + event_cache_size = "30K"; #defaults to 10K + caches = { + global_factor = 1.0; + sync_response_cache_duration = "30m"; + cache_autotuning = { + max_cache_memory_usage = "2G"; + target_cache_memory_usage = "1G"; + min_cache_ttl = "30m"; + }; + }; + + # Alicia - figure this out later... #registration_shared_secret = builtins.exec ["cat" "/dev/urandom" "|" "tr" "-dc" "a-zA-Z0-9" "|" "fold" "-w" "256" "|" "head" "-n" "1"]; #registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt"; - # Alicia - types: https://github.com/NixOS/nixpkgs/blob/release-22.11/nixos/modules/services/matrix/synapse.nix#L410 listeners = [ { port = 8008; @@ -103,13 +130,11 @@ } ]; dynamic_thumbnails = true; - presence = { enable = true; update_interval = 60; }; url_preview_enabled = true; - database = { name = "psycopg2"; args = { @@ -118,11 +143,92 @@ password = "somepassword"; database = "matrix-synapse-rory-gay"; host = "127.0.0.1"; + application_name = "matrix-synapse (rory.gay)"; + cp_min = 5; + cp_max = 15; + cp_reconnect_interval = "True"; }; }; app_service_config_files = [ #"/etc/matrix-synapse/appservice-registration.yaml" ]; + + rc_message = { + per_second = 1000; + burst_count = 1000; + }; + rc_login = { + address = { + per_second = 1000; + burst_count = 1000; + }; + account = { + per_second = 1000; + burst_count = 1000; + }; + failed_attempts = { + per_second = 0.1; + burst_count = 3; + }; + }; + rc_joins = { + local = { + per_second = 1000; + burst_count = 1000; + }; + remote = { + per_second = 1000; + burst_count = 1000; + }; + }; + rc_joins_per_room = { + per_second = 1000; + burst_count = 1000; + }; + rc_invites = { + per_room = { + per_second = 1000; + burst_count = 1000; + }; + per_user = { + per_second = 1000; + burst_count = 1000; + }; + per_issuer = { + per_second = 1000; + burst_count = 1000; + }; + }; + rc_federation = { + window_size = 10; + sleep_limit = 1000; + sleep_delay = 100; + reject_limit = 1000; + concurrent = 100; + }; + federation_rr_transactions_per_room_per_second = 1; + + max_image_pixels = "100M"; + + ui_auth = { + session_timeout = "1m"; + }; + + login_via_existing_session = { + enabled = true; + require_ui_auth = true; + token_timeout = "1y"; + }; + + sentry = { + dsn = "https://77c8de07855d4e0c90dbcf0945a04f01@sentry.thearcanebrony.net/14"; + }; + report_stats = false; + user_directory = { + enabled = true; + search_all_users = true; + prefer_local_users = true; + }; }; plugins = with pkgs.matrix-synapse-plugins; [ |