1 files changed, 80 insertions, 73 deletions

diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 84e2cc97f9..f9886a900d 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -63,11 +63,11 @@ pid_file: DATADIR/homeserver.pid
 # Zero is used to indicate synapse should set the soft limit to the
 # hard limit.
 #
-soft_file_limit: 0
+#soft_file_limit: 0
 
 # Set to false to disable presence tracking on this homeserver.
 #
-use_presence: true
+#use_presence: false
 
 # The GC threshold parameters to pass to `gc.set_threshold`, if defined
 #
@@ -359,7 +359,8 @@ database:
     database: "DATADIR/homeserver.db"
 
 # Number of events to cache in memory.
-event_cache_size: "10K"
+#
+#event_cache_size: 10K
 
 
 ## Logging ##
@@ -373,11 +374,11 @@ log_config: "CONFDIR/SERVERNAME.log.config"
 
 # Number of messages a client can send per second
 #
-rc_messages_per_second: 0.2
+#rc_messages_per_second: 0.2
 
 # Number of message a client can send before being throttled
 #
-rc_message_burst_count: 10.0
+#rc_message_burst_count: 10.0
 
 # Ratelimiting settings for registration and login.
 #
@@ -415,27 +416,27 @@ rc_message_burst_count: 10.0
 
 # The federation window size in milliseconds
 #
-federation_rc_window_size: 1000
+#federation_rc_window_size: 1000
 
 # The number of federation requests from a single server in a window
 # before the server will delay processing the request.
 #
-federation_rc_sleep_limit: 10
+#federation_rc_sleep_limit: 10
 
 # The duration in milliseconds to delay processing events from
 # remote servers by if they go over the sleep limit.
 #
-federation_rc_sleep_delay: 500
+#federation_rc_sleep_delay: 500
 
 # The maximum number of concurrent federation requests allowed
 # from a single server
 #
-federation_rc_reject_limit: 50
+#federation_rc_reject_limit: 50
 
 # The number of federation requests to concurrently process from a
 # single server
 #
-federation_rc_concurrent: 3
+#federation_rc_concurrent: 3
 
 
 
@@ -464,11 +465,11 @@ uploads_path: "DATADIR/uploads"
 
 # The largest allowed upload size in bytes
 #
-max_upload_size: "10M"
+#max_upload_size: 10M
 
 # Maximum number of pixels that will be thumbnailed
 #
-max_image_pixels: "32M"
+#max_image_pixels: 32M
 
 # Whether to generate new thumbnails on the fly to precisely match
 # the resolution requested by the client. If true then whenever
@@ -476,32 +477,32 @@ max_image_pixels: "32M"
 # generate a new thumbnail. If false the server will pick a thumbnail
 # from a precalculated list.
 #
-dynamic_thumbnails: false
+#dynamic_thumbnails: false
 
 # List of thumbnails to precalculate when an image is uploaded.
 #
-thumbnail_sizes:
-- width: 32
-  height: 32
-  method: crop
-- width: 96
-  height: 96
-  method: crop
-- width: 320
-  height: 240
-  method: scale
-- width: 640
-  height: 480
-  method: scale
-- width: 800
-  height: 600
-  method: scale
+#thumbnail_sizes:
+#  - width: 32
+#    height: 32
+#    method: crop
+#  - width: 96
+#    height: 96
+#    method: crop
+#  - width: 320
+#    height: 240
+#    method: scale
+#  - width: 640
+#    height: 480
+#    method: scale
+#  - width: 800
+#    height: 600
+#    method: scale
 
 # Is the preview URL API enabled?  If enabled, you *must* specify
 # an explicit url_preview_ip_range_blacklist of IPs that the spider is
 # denied from accessing.
 #
-url_preview_enabled: False
+#url_preview_enabled: false
 
 # List of IP address CIDR ranges that the URL preview spider is denied
 # from accessing.  There are no defaults: you must explicitly
@@ -566,8 +567,8 @@ url_preview_enabled: False
 #  - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
 
 # The largest allowed URL preview spidering size in bytes
-max_spider_size: "10M"
-
+#
+#max_spider_size: 10M
 
 
 ## Captcha ##
@@ -575,23 +576,25 @@ max_spider_size: "10M"
 
 # This Home Server's ReCAPTCHA public key.
 #
-recaptcha_public_key: "YOUR_PUBLIC_KEY"
+#recaptcha_public_key: "YOUR_PUBLIC_KEY"
 
 # This Home Server's ReCAPTCHA private key.
 #
-recaptcha_private_key: "YOUR_PRIVATE_KEY"
+#recaptcha_private_key: "YOUR_PRIVATE_KEY"
 
 # Enables ReCaptcha checks when registering, preventing signup
 # unless a captcha is answered. Requires a valid ReCaptcha
 # public/private key.
 #
-enable_registration_captcha: False
+#enable_registration_captcha: false
 
 # A secret key used to bypass the captcha test entirely.
+#
 #captcha_bypass_secret: "YOUR_SECRET_HERE"
 
 # The API endpoint to use for verifying m.login.recaptcha responses.
-recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify"
+#
+#recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify"
 
 
 ## TURN ##
@@ -612,7 +615,7 @@ recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify"
 
 # How long generated TURN credentials last
 #
-turn_user_lifetime: "1h"
+#turn_user_lifetime: 1h
 
 # Whether guests should be allowed to use the TURN server.
 # This defaults to True, otherwise VoIP will be unreliable for guests.
@@ -620,15 +623,17 @@ turn_user_lifetime: "1h"
 # connect to arbitrary endpoints without having first signed up for a
 # valid account (e.g. by passing a CAPTCHA).
 #
-turn_allow_guests: True
+#turn_allow_guests: True
 
 
 ## Registration ##
+#
 # Registration can be rate-limited using the parameters in the "Ratelimiting"
 # section of this file.
 
 # Enable registration for new users.
-enable_registration: False
+#
+#enable_registration: false
 
 # The user must provide all of the below types of 3PID when registering.
 #
@@ -639,7 +644,7 @@ enable_registration: False
 # Explicitly disable asking for MSISDNs from the registration
 # flow (overrides registrations_require_3pid if MSISDNs are set as required)
 #
-#disable_msisdn_registration: True
+#disable_msisdn_registration: true
 
 # Mandate that users are only allowed to associate certain formats of
 # 3PIDs with accounts on this server.
@@ -663,13 +668,13 @@ enable_registration: False
 # N.B. that increasing this will exponentially increase the time required
 # to register or login - e.g. 24 => 2^24 rounds which will take >20 mins.
 #
-bcrypt_rounds: 12
+#bcrypt_rounds: 12
 
 # Allows users to register as guests without a password/email/etc, and
 # participate in rooms hosted on this server which have been made
 # accessible to anonymous users.
 #
-allow_guest_access: False
+#allow_guest_access: false
 
 # The identity server which we suggest that clients should use when users log
 # in on this server.
@@ -685,9 +690,9 @@ allow_guest_access: False
 # Also defines the ID server which will be called when an account is
 # deactivated (one will be picked arbitrarily).
 #
-trusted_third_party_id_servers:
-  - matrix.org
-  - vector.im
+#trusted_third_party_id_servers:
+#  - matrix.org
+#  - vector.im
 
 # Users who register on this homeserver will automatically be joined
 # to these rooms
@@ -701,14 +706,14 @@ trusted_third_party_id_servers:
 # Setting to false means that if the rooms are not manually created,
 # users cannot be auto-joined since they do not exist.
 #
-autocreate_auto_join_rooms: true
+#autocreate_auto_join_rooms: true
 
 
 ## Metrics ###
 
 # Enable collection and rendering of performance metrics
 #
-enable_metrics: False
+#enable_metrics: False
 
 # Enable sentry integration
 # NOTE: While attempts are made to ensure that the logs don't contain
@@ -728,22 +733,24 @@ enable_metrics: False
 
 # A list of event types that will be included in the room_invite_state
 #
-room_invite_state_types:
-    - "m.room.join_rules"
-    - "m.room.canonical_alias"
-    - "m.room.avatar"
-    - "m.room.encryption"
-    - "m.room.name"
+#room_invite_state_types:
+#  - "m.room.join_rules"
+#  - "m.room.canonical_alias"
+#  - "m.room.avatar"
+#  - "m.room.encryption"
+#  - "m.room.name"
 
 
-# A list of application service config file to use
+# A list of application service config files to use
 #
-app_service_config_files: []
+#app_service_config_files:
+#  - app_service_1.yaml
+#  - app_service_2.yaml
 
-# Whether or not to track application service IP addresses. Implicitly
+# Uncomment to enable tracking of application service IP addresses. Implicitly
 # enables MAU tracking for application service users.
 #
-track_appservice_user_ips: False
+#track_appservice_user_ips: True
 
 
 # a secret which is used to sign access tokens. If none is specified,
@@ -754,7 +761,7 @@ track_appservice_user_ips: False
 
 # Used to enable access token expiration.
 #
-expire_access_token: False
+#expire_access_token: False
 
 # a secret which is used to calculate HMACs for form values, to stop
 # falsification of values. Must be specified for the User Consent
@@ -783,17 +790,16 @@ signing_key_path: "CONFDIR/SERVERNAME.signing.key"
 # Determines how quickly servers will query to check which keys
 # are still valid.
 #
-key_refresh_interval: "1d" # 1 Day.
+#key_refresh_interval: 1d
 
 # The trusted servers to download signing keys from.
 #
-perspectives:
-  servers:
-    "matrix.org":
-      verify_keys:
-        "ed25519:auto":
-          key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
-
+#perspectives:
+#  servers:
+#    "matrix.org":
+#      verify_keys:
+#        "ed25519:auto":
+#          key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
 
 
 # Enable SAML2 for registration and login. Uses pysaml2.
@@ -858,14 +864,15 @@ perspectives:
 #   algorithm: "HS256"
 
 
-
-# Enable password for login.
-#
 password_config:
-   enabled: true
+   # Uncomment to disable password login
+   #
+   #enabled: false
+
    # Uncomment and change to a secret random string for extra security.
    # DO NOT CHANGE THIS AFTER INITIAL SETUP!
-   #pepper: ""
+   #
+   #pepper: "EVEN_MORE_SECRET"
 
 
 
@@ -934,9 +941,9 @@ password_config:
 #    example_option: 'things'
 
 
-# Whether to allow non server admins to create groups on this server
+# Uncomment to allow non-server-admin users to create groups on this server
 #
-enable_group_creation: false
+#enable_group_creation: true
 
 # If enabled, non server admins can only create groups with local parts
 # starting with this prefix