# vim: set ft=yaml :

server_name: "{{ matrix_server_name }}"

federation_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '169.254.0.0/16'
- '::1/128'
- 'fe80::/64'
- 'fc00::/7'

listeners:
- port: 8008
  tls: false
  type: http
  x_forwarded: true
  bind_addresses: ['::1', '127.0.0.1']
  resources:
  - names: [client, federation]
    compress: false
- type: metrics
  port: 9000
  bind_addresses:
  - 0.0.0.0

retention:

database:
  name: sqlite3
  args:
    database: /var/lib/synapse/homeserver.db

log_config: /etc/synapse/log_config.yaml

media_store_path: /var/lib/synapse/media_store

registration_shared_secret: '{{ synapse_registration_shared_secret }}'

account_threepid_delegates:

enable_metrics: true
metrics_flags:

report_stats: false

macaroon_secret_key: '{{ synapse_macaroon_secret_key }}'

form_secret: '{{ synapse_form_secret }}'

signing_key_path: /etc/synapse/{{ matrix_server_name }}.signing.key
old_signing_keys:

trusted_key_servers:
- server_name: matrix.org

saml2_config:
  user_mapping_provider:
    config:

password_config:

opentracing:

{% if synapse_ldap_enabled %}
password_providers:
 - module: ldap_auth_provider.LdapAuthProvider
   config:
     enabled: true
     uri: {{ synapse_ldap_uri }}
     start_tls: true
     base: '{{ synapse_ldap_base }}'
     attributes:
{% for key, value in synapse_ldap_attributes|dictsort %}
       {{ key }}: {{ value }}
{% endfor %}
{% if synapse_ldap_bind_dn|d %}
     bind_dn: '{{ synapse_ldap_bind_dn }}'
{% if synapse_ldap_bind_password|d %}
     bind_password: '{{ synapse_ldap_bind_password | decrypt }}'
{% endif %}
{% endif %}
{% endif %}