forked from ungleich-public/cdist-contrib
[__matrix_synapse] wire TLS certs, fix some templating errors
This commit is contained in:
parent
37762dd1ca
commit
33bf0fd416
5 changed files with 27 additions and 2 deletions
|
@ -1,7 +1,8 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Note: template originally generated from synapse's 1.26.0 sample config.
|
||||
|
||||
set -e
|
||||
|
||||
cat << EOF
|
||||
###############################################################
|
||||
# THIS FILE HAS BEEN GENERATED BY CDIST. DO NOT EDIT BY HAND. #
|
||||
|
@ -49,8 +50,13 @@ pid_file: "${PIDFILE:?}"
|
|||
# under the 'listeners' configuration, however this is a security risk:
|
||||
# https://github.com/matrix-org/synapse#security-note
|
||||
#
|
||||
web_client_location: "${WEB_CLIENT_URL:?}"
|
||||
EOF
|
||||
|
||||
if [ -n "$WEB_CLIENT_URL" ]; then
|
||||
echo "web_client_location: \"$WEB_CLIENT_URL\""
|
||||
fi
|
||||
|
||||
cat << EOF
|
||||
# The public-facing base URL that clients use to access this Homeserver (not
|
||||
# including _matrix/...). This is the same URL a user might enter into the
|
||||
# 'Custom Homeserver URL' field on their client. If you use Synapse with a
|
||||
|
@ -690,6 +696,7 @@ if [ -n "$DISABLE_FEDERATION" ]; then
|
|||
fi
|
||||
|
||||
cat << EOF
|
||||
|
||||
# Report prometheus metrics on the age of PDUs being sent to and received from
|
||||
# the following domains. This can be used to give an idea of "delay" on inbound
|
||||
# and outbound federation, though be aware that any delay can be due to problems
|
||||
|
|
|
@ -28,6 +28,12 @@ database-name
|
|||
Path to database file if SQLite3 is used or database name if PostgresSQL is
|
||||
used.
|
||||
|
||||
tls-cert
|
||||
Path to PEM-encoded X509 TLS certificate.
|
||||
|
||||
tls-private-key
|
||||
Path to PEM-encoded TLS private key.
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
database-host
|
||||
|
|
|
@ -118,6 +118,11 @@ if [ -f "$__object/parameter/enable-server-notices" ]; then
|
|||
export ENABLE_SERVER_NOTICES=1
|
||||
fi
|
||||
|
||||
# TLS.
|
||||
TLS_CERTIFICATE_PATH=$(cat "$__object/parameter/tls-cert")
|
||||
TLS_PRIVATE_KEY_PATH=$(cat "$__object/parameter/tls-private-key")
|
||||
export TLS_PRIVATE_KEY_PATH TLS_CERTIFICATE_PATH
|
||||
|
||||
# Performance flags.
|
||||
GLOBAL_CACHE_FACTOR=$(cat "$__object/parameter/global-cache-factor")
|
||||
EVENT_CACHE_SIZE=$(cat "$__object/parameter/event-cache-size")
|
||||
|
@ -205,6 +210,10 @@ ENABLE_MESSAGE_RETENTION_POLICY=$(get_boolean_for 'enable-message-retention-poli
|
|||
MESSAGE_RETENTION_POLICY_MAX_LIFETIME=$(cat "$__object/parameter/message-max-lifetime")
|
||||
export ENABLE_MESSAGE_RETENTION_POLICY MESSAGE_RETENTION_POLICY_MAX_LIFETIME
|
||||
|
||||
# Previews.
|
||||
ENABLE_URL_PREVIEW=$(get_boolean_for 'enable-url-preview')
|
||||
export ENABLE_URL_PREVIEW
|
||||
|
||||
# Rate-limiting
|
||||
RC_MESSAGE_PER_SECOND=$(cat "$__object/parameter/rc-message-per-second")
|
||||
RC_MESSAGE_BURST=$(cat "$__object/parameter/rc-message-burst")
|
||||
|
|
|
@ -16,3 +16,4 @@ ldap-use-starttls
|
|||
user-directory-search-all-users
|
||||
enable-message-retention-policy
|
||||
worker-mode
|
||||
enable-url-preview
|
||||
|
|
|
@ -2,3 +2,5 @@ server-name
|
|||
base-url
|
||||
database-engine
|
||||
database-name
|
||||
tls-cert
|
||||
tls-private-key
|
||||
|
|
Loading…
Reference in a new issue