83 lines
4.0 KiB
TOML
83 lines
4.0 KiB
TOML
# =============================================================================
|
|
# This is the official example config for Conduit.
|
|
# If you use it for your server, you will need to adjust it to your own needs.
|
|
# At the very least, change the server_name field!
|
|
# =============================================================================
|
|
|
|
|
|
[global]
|
|
# The server_name is the pretty name of this server. It is used as a suffix for user
|
|
# and room ids. Examples: matrix.org, conduit.rs
|
|
|
|
# The Conduit server needs all /_matrix/ requests to be reachable at
|
|
# https://your.server.name/ on port 443 (client-server) and 8448 (federation).
|
|
|
|
# If that's not possible for you, you can create /.well-known files to redirect
|
|
# requests. See
|
|
# https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client
|
|
# and
|
|
# https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server
|
|
# for more information
|
|
|
|
# YOU NEED TO EDIT THIS
|
|
#server_name = "your.server.name"
|
|
|
|
# This is the only directory where Conduit will save its data
|
|
database_path = "/var/lib/matrix-conduit/"
|
|
database_backend = "rocksdb"
|
|
|
|
# The port Conduit will be running on. You need to set up a reverse proxy in
|
|
# your web server (e.g. apache or nginx), so all requests to /_matrix on port
|
|
# 443 and 8448 will be forwarded to the Conduit instance running on this port
|
|
# Docker users: Don't change this, you'll need to map an external port to this.
|
|
port = 6167
|
|
|
|
# Max size for uploads
|
|
max_request_size = 20_000_000 # in bytes
|
|
|
|
# Enables registration. If set to false, no users can register on this server.
|
|
allow_registration = true
|
|
|
|
allow_federation = true
|
|
allow_check_for_updates = true
|
|
|
|
# Enable the display name lightning bolt on registration.
|
|
enable_lightning_bolt = true
|
|
|
|
# Servers listed here will be used to gather public keys of other servers.
|
|
# Generally, copying this exactly should be enough. (Currently, Conduit doesn't
|
|
# support batched key requests, so this list should only contain Synapse
|
|
# servers.)
|
|
trusted_servers = ["matrix.org"]
|
|
|
|
#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
|
|
#log = "warn,state_res=warn,rocket=off,_=off,sled=off"
|
|
|
|
address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
|
|
#address = "0.0.0.0" # If Conduit is running in a container, make sure the reverse proxy (ie. Traefik) can reach it.
|
|
|
|
# Set this to true to allow your server's public room directory to be federated.
|
|
# Set this to false to protect against /publicRooms spiders, but will forbid external users from viewing your server's public room directory.
|
|
# If federation is disabled entirely (`allow_federation`), this is inherently false.
|
|
allow_public_room_directory_over_federation = false
|
|
|
|
# Set this to true to allow your server's public room directory to be queried without client authentication (access token) through the Client APIs.
|
|
# Set this to false to protect against /publicRooms spiders.
|
|
allow_public_room_directory_without_auth = false
|
|
|
|
# Set this to true to allow federating device display names / allow external users to see your device display name.
|
|
# If federation is disabled entirely (`allow_federation`), this is inherently false.
|
|
allow_device_name_federation = false
|
|
|
|
# Uncomment unix_socket_path to listen on a UNIX socket at the specified path.
|
|
# If listening on a UNIX socket, you must remove the 'address' key if defined and add your
|
|
# reverse proxy (nginx/Caddy/Apache/etc) to the 'conduit' group, unless world RW
|
|
# permissions are specified with unix_socket_perms (666 minimum).
|
|
#unix_socket_path = "/run/conduit/conduit.sock"
|
|
#unix_socket_perms = 660
|
|
|
|
# Set this to true for Conduit to compress HTTP response bodies using zstd.
|
|
# Please be aware that enabling HTTP compression may introduce compression side-channel attacks and response body tampering to potentially defeat TLS.
|
|
# Most users should not need to enable this.
|
|
# See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH before deciding to enable this.
|
|
zstd_compression = false |