From 6d67e2f8c53f5391ea20a39135ee5e2aa2b0ed62 Mon Sep 17 00:00:00 2001 From: babolivier Date: Tue, 19 Jul 2022 14:14:03 +0000 Subject: deploy: 6fccd72f42ac76b185cc20ed258792ff94ee81fb --- .../usage/configuration/config_documentation.html | 117 +++++++++++++++++++-- .../configuration/homeserver_sample_config.html | 4 +- latest/usage/configuration/index.html | 2 +- .../usage/configuration/logging_sample_config.html | 2 +- .../configuration/user_authentication/index.html | 2 +- .../user_authentication/refresh_tokens.html | 2 +- .../user_authentication/single_sign_on/cas.html | 6 +- .../user_authentication/single_sign_on/index.html | 2 +- .../user_authentication/single_sign_on/saml.html | 2 +- 9 files changed, 120 insertions(+), 19 deletions(-) (limited to 'latest/usage/configuration') diff --git a/latest/usage/configuration/config_documentation.html b/latest/usage/configuration/config_documentation.html index e90396f449..5abd69fd39 100644 --- a/latest/usage/configuration/config_documentation.html +++ b/latest/usage/configuration/config_documentation.html @@ -76,7 +76,7 @@ @@ -381,7 +381,7 @@ query the room directory. Defaults to false.

allow_public_rooms_without_auth: true
-

allow_public_rooms_without_auth

+

allow_public_rooms_over_federation

If set to true, allows any other homeserver to fetch the server's public rooms directory via federation. Defaults to false.

Example configuration:

@@ -636,7 +636,7 @@ The default value is 10.

dummy_events_threshold: 5
-

Config option delete_stale_devices_after

+

delete_stale_devices_after

An optional duration. If set, Synapse will run a daily background task to log out and delete any device that hasn't been accessed for more than the specified amount of time.

Defaults to no duration, which means devices are never pruned.

@@ -1173,6 +1173,101 @@ see here.

cp_max: 10
+

databases

+

The databases option allows specifying a mapping between certain database tables and +database host details, spreading the load of a single Synapse instance across multiple +database backends. This is often referred to as "database sharding". This option is only +supported for PostgreSQL database backends.

+

Important note: This is a supported option, but is not currently used in production by the +Matrix.org Foundation. Proceed with caution and always make backups.

+

databases is a dictionary of arbitrarily-named database entries. Each entry is equivalent +to the value of the database homeserver config option (see above), with the addition of +a data_stores key. data_stores is an array of strings that specifies the data store(s) +(a defined label for a set of tables) that should be stored on the associated database +backend entry.

+

The currently defined values for data_stores are:

+ +

All databases will end up with additional tables used for tracking database schema migrations +and any pending background updates. Synapse will create these automatically on startup when checking for +and/or performing database schema migrations.

+

To migrate an existing database configuration (e.g. all tables on a single database) to a different +configuration (e.g. the "main" data store on one database, and "state" on another), do the following:

+
    +
  1. +

    Take a backup of your existing database. Things can and do go wrong and database corruption is no joke!

    +
    2. +
  2. +

    Ensure all pending database migrations have been applied and background updates have run. The simplest +way to do this is to use the update_synapse_database script supplied with your Synapse installation.

    +
    update_synapse_database --database-config homeserver.yaml --run-background-updates
+
    +
    3. +
  3. +

    Copy over the necessary tables and sequences from one database to the other. Tables relating to database +migrations, schemas, schema versions and background updates should not be copied.

    +

    As an example, say that you'd like to split out the "state" data store from an existing database which +currently contains all data stores.

    +

    Simply copy the tables and sequences defined above for the "state" datastore from the existing database +to the secondary database. As noted above, additional tables will be created in the secondary database +when Synapse is started.

    +
    4. +
  4. +

    Modify/create the databases option in your homeserver.yaml to match the desired database configuration.

    +
    5. +
  5. +

    Start Synapse. Check that it starts up successfully and that things generally seem to be working.

    +
    6. +
  6. +

    Drop the old tables that were copied in step 3.

    +
    7. +
+

Only one of the options database or databases may be specified in your config, but not both.

+

Example configuration:

+
databases:
+  basement_box:
+    name: psycopg2
+    txn_limit: 10000
+    data_stores: ["main"]
+    args:
+      user: synapse_user
+      password: secretpassword
+      database: synapse_main
+      host: localhost
+      port: 5432
+      cp_min: 5
+      cp_max: 10
+
+  my_other_database:
+    name: psycopg2
+    txn_limit: 10000
+    data_stores: ["state"]
+    args:
+      user: synapse_user
+      password: secretpassword
+      database: synapse_state
+      host: localhost
+      port: 5432
+      cp_min: 5
+      cp_max: 10
+
+

Logging

Config options related to logging.

@@ -1654,7 +1749,7 @@ Defaults to https://www.recaptcha.net/recaptcha/api/siteverify.

turn_shared_secret: "YOUR_SHARED_SECRET"
-

Config options: turn_username and turn_password

+

turn_username and turn_password

The Username and password if the TURN server needs them and does not use a token.

Example configuration:

turn_username: "TURNSERVER_USERNAME"
@@ -1996,15 +2091,19 @@ performance problems on large homeservers.

report_stats

-

Whether or not to report anonymized homeserver usage statistics. This is originally +

Whether or not to report homeserver usage statistics. This is originally set when generating the config. Set this option to true or false to change the current -behavior.

+behavior. See +Reporting Homeserver Usage Statistics +for information on what data is reported.

+

Statistics will be reported 5 minutes after Synapse starts, and then every 3 hours +after that.

Example configuration:

report_stats: true

report_stats_endpoint

-

The endpoint to report the anonymized homeserver usage statistics to. +

The endpoint to report homeserver usage statistics to. Defaults to https://matrix.org/report-usage-stats/push

Example configuration:

report_stats_endpoint: https://example.com/report-usage-stats/push
@@ -2649,7 +2748,7 @@ to log in and reauthenticate, whilst preventing new users from setting passwords
 
  • localdb_enabled: Set to false to disable authentication against the local password
 database. This is ignored if enabled is false, and is only useful
 if you have other password_providers. Defaults to true. 
    • 
-
  • pepper: Set the value here to a secret random string for extra security. # Uncomment and change to a secret random string for extra security.
+
  • pepper: Set the value here to a secret random string for extra security.
 DO NOT CHANGE THIS AFTER INITIAL SETUP!
    • 
 
  • policy: Define and enforce a password policy, such as minimum lengths for passwords, etc. 
 Each parameter is optional. This is an implementation of MSC2000. Parameters are as follows:
@@ -3022,7 +3121,7 @@ can create aliases.
    
     action: deny
    • -

    Config options: room_list_publication_rules

    +

    room_list_publication_rules

    The room_list_publication_rules option controls who can publish and which rooms can be published in the public room list.

    The format of this option is the same as that for diff --git a/latest/usage/configuration/homeserver_sample_config.html b/latest/usage/configuration/homeserver_sample_config.html index eca0d4627a..7a22b27d32 100644 --- a/latest/usage/configuration/homeserver_sample_config.html +++ b/latest/usage/configuration/homeserver_sample_config.html @@ -76,7 +76,7 @@

    @@ -154,6 +154,8 @@ generally required to apply any changes made to this file.

    a real homeserver.yaml. Instead, if you are starting from scratch, please generate a fresh config using Synapse by following the instructions in Installation.

    +

    Documentation for all configuration options can be found in the +Configuration Manual.

    # This file is maintained as an up-to-date snapshot of the default
 # homeserver.yaml configuration generated by Synapse. You can find a
 # complete accounting of possible configuration options at
diff --git a/latest/usage/configuration/index.html b/latest/usage/configuration/index.html
index 2065f5e9f4..a9739343d6 100644
--- a/latest/usage/configuration/index.html
+++ b/latest/usage/configuration/index.html
@@ -76,7 +76,7 @@
 
         
diff --git a/latest/usage/configuration/logging_sample_config.html b/latest/usage/configuration/logging_sample_config.html
index 1a93c04588..8cb9236ae4 100644
--- a/latest/usage/configuration/logging_sample_config.html
+++ b/latest/usage/configuration/logging_sample_config.html
@@ -76,7 +76,7 @@
 
         
diff --git a/latest/usage/configuration/user_authentication/index.html b/latest/usage/configuration/user_authentication/index.html
index 5542912998..e53774b336 100644
--- a/latest/usage/configuration/user_authentication/index.html
+++ b/latest/usage/configuration/user_authentication/index.html
@@ -76,7 +76,7 @@
 
         
diff --git a/latest/usage/configuration/user_authentication/refresh_tokens.html b/latest/usage/configuration/user_authentication/refresh_tokens.html
index 7e6c076ba6..eb359e858b 100644
--- a/latest/usage/configuration/user_authentication/refresh_tokens.html
+++ b/latest/usage/configuration/user_authentication/refresh_tokens.html
@@ -76,7 +76,7 @@
 
         
diff --git a/latest/usage/configuration/user_authentication/single_sign_on/cas.html b/latest/usage/configuration/user_authentication/single_sign_on/cas.html
index 80fa41b039..40def1f25c 100644
--- a/latest/usage/configuration/user_authentication/single_sign_on/cas.html
+++ b/latest/usage/configuration/user_authentication/single_sign_on/cas.html
@@ -76,7 +76,7 @@
 
         
@@ -150,8 +150,8 @@
 
    Synapse supports authenticating users via the Central Authentication
 Service protocol
 (CAS) natively.
    
-
    Please see the cas_config and sso sections of the Synapse configuration
-file for more details.
    
+
    Please see the cas_config and sso
+sections of the configuration manual for more details.
    
 
                     
 
diff --git a/latest/usage/configuration/user_authentication/single_sign_on/index.html b/latest/usage/configuration/user_authentication/single_sign_on/index.html
index 7070d529fe..41fbcb0400 100644
--- a/latest/usage/configuration/user_authentication/single_sign_on/index.html
+++ b/latest/usage/configuration/user_authentication/single_sign_on/index.html
@@ -76,7 +76,7 @@
 
         
diff --git a/latest/usage/configuration/user_authentication/single_sign_on/saml.html b/latest/usage/configuration/user_authentication/single_sign_on/saml.html
index 3910059180..4f461fda46 100644
--- a/latest/usage/configuration/user_authentication/single_sign_on/saml.html
+++ b/latest/usage/configuration/user_authentication/single_sign_on/saml.html
@@ -76,7 +76,7 @@
 
         
-- 
cgit 1.5.1