a first stab at a docker compose up matrix 2.0 stack

data-template/synapse/homeserver.yaml

@@ -0,0 +1,98 @@
+${CONFIG_HEADER}
+
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+#
+# For more information on how to configure Synapse, including a complete accounting of
+# each option, go to docs/usage/configuration/config_documentation.md or
+# https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html
+server_name: ${DOMAIN}
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8008
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+  - port: 9093
+    tls: false
+    type: http
+    resources:
+      - names: [replication]
+
+database:
+    name: psycopg2
+    args:
+        user: matrix
+        password: '${SECRETS_POSTGRES_PASSWORD}'
+        host: postgres
+        database: synapse
+
+log_config: "/data/log.config"
+media_store_path: /data/media_store
+registration_shared_secret: '${SECRETS_SYNAPSE_REGISTRATION_SHARED_SECRET}'
+report_stats: false
+macaroon_secret_key: '${SECRETS_SYNAPSE_MACAROON_SECRET_KEY}'
+form_secret: '${SECRETS_SYNAPSE_FORM_SECRET}'
+signing_key_path: "/run/secrets/synapse_signing_key"
+trusted_key_servers:
+  - server_name: "matrix.org"
+
+# please keep config above this point as close as possible to the original generated config
+# so that upstream generated config changes can be detected
+
+send_federation: false
+federation_sender_instances:
+  - synapse-federation-sender-1
+
+instance_map:
+  main:
+    host: 'synapse'
+    port: 9093
+
+redis:
+  enabled: true
+  host: redis
+  port: 6379
+
+email:
+  smtp_host: mailhog
+  smtp_port: 1025
+  enable_tls: false
+  notif_from: "Your %(app)s homeserver <${MAIL_NOTIF_FROM_ADDRESS}>"
+  app_name: Matrix
+  enable_notifs: true
+  notif_for_new_users: false
+  client_base_url: https://${ELEMENT_WEB_FQDN}
+  validation_token_lifetime: 15m
+  invite_client_location: https://${ELEMENT_WEB_FQDN}
+  subjects:
+    message_from_person_in_room: "[%(app)s] You have a message on %(app)s from %(person)s in the %(room)s room..."
+    message_from_person: "[%(app)s] You have a message on %(app)s from %(person)s..."
+    messages_from_person: "[%(app)s] You have messages on %(app)s from %(person)s..."
+    messages_in_room: "[%(app)s] You have messages on %(app)s in the %(room)s room..."
+    messages_in_room_and_others: "[%(app)s] You have messages on %(app)s in the %(room)s room and others..."
+    messages_from_person_and_others: "[%(app)s] You have messages on %(app)s from %(person)s and others..."
+    invite_from_person_to_room: "[%(app)s] %(person)s has invited you to join the %(room)s room on %(app)s..."
+    invite_from_person: "[%(app)s] %(person)s has invited you to chat on %(app)s..."
+    password_reset: "[%(server_name)s] Password reset"
+    email_validation: "[%(server_name)s] Validate your email"
+
+experimental_features:
+  msc3861: # OIDC
+    enabled: true
+    issuer: http://localhost:8080/
+    client_id: ${MAS_CLIENT_ID}
+    client_auth_method: client_secret_basic
+    client_secret: '${SECRETS_MAS_CLIENT_SECRET}'
+    admin_token: '${SECRETS_MAS_MATRIX_SECRET}'
+    account_management_url: "https://${MAS_FQDN}/account"
+
+# vim:ft=yaml

data-template/synapse/log.config

@@ -0,0 +1,75 @@
+# Log configuration for Synapse.
+#
+# This is a YAML file containing a standard Python logging configuration
+# dictionary. See [1] for details on the valid settings.
+#
+# Synapse also supports structured logging for machine readable logs which can
+# be ingested by ELK stacks. See [2] for details.
+#
+# [1]: https://docs.python.org/3/library/logging.config.html#configuration-dictionary-schema
+# [2]: https://element-hq.github.io/synapse/latest/structured_logging.html
+
+version: 1
+
+formatters:
+    precise:
+        format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
+
+handlers:
+    file:
+        class: logging.handlers.TimedRotatingFileHandler
+        formatter: precise
+        filename: /data/homeserver.log
+        when: midnight
+        backupCount: 3  # Does not include the current log file.
+        encoding: utf8
+
+    # Default to buffering writes to log file for efficiency.
+    # WARNING/ERROR logs will still be flushed immediately, but there will be a
+    # delay (of up to `period` seconds, or until the buffer is full with
+    # `capacity` messages) before INFO/DEBUG logs get written.
+    buffer:
+        class: synapse.logging.handlers.PeriodicallyFlushingMemoryHandler
+        target: file
+
+        # The capacity is the maximum number of log lines that are buffered
+        # before being written to disk. Increasing this will lead to better
+        # performance, at the expensive of it taking longer for log lines to
+        # be written to disk.
+        # This parameter is required.
+        capacity: 10
+
+        # Logs with a level at or above the flush level will cause the buffer to
+        # be flushed immediately.
+        # Default value: 40 (ERROR)
+        # Other values: 50 (CRITICAL), 30 (WARNING), 20 (INFO), 10 (DEBUG)
+        flushLevel: 30  # Flush immediately for WARNING logs and higher
+
+        # The period of time, in seconds, between forced flushes.
+        # Messages will not be delayed for longer than this time.
+        # Default value: 5 seconds
+        period: 5
+
+    # A handler that writes logs to stderr. Unused by default, but can be used
+    # instead of "buffer" and "file" in the logger handlers.
+    console:
+        class: logging.StreamHandler
+        formatter: precise
+
+loggers:
+    synapse.storage.SQL:
+        # beware: increasing this to DEBUG will make synapse log sensitive
+        # information such as access tokens.
+        level: INFO
+
+root:
+    level: INFO
+
+    # Write logs to the `buffer` handler, which will buffer them together in memory,
+    # then write them to a file.
+    #
+    # Replace "buffer" with "console" to log to stderr instead.
+    #
+    handlers: [console]
+
+disable_existing_loggers: false

data-template/synapse/workers/synapse-federation-sender-1.yaml

@@ -0,0 +1,4 @@
+worker_app: synapse.app.federation_sender
+worker_name: synapse-federation-sender-1
+
+worker_log_config: /data/log.config

data-template/synapse/workers/synapse-generic-worker-1.yaml

@@ -0,0 +1,11 @@
+worker_app: synapse.app.generic_worker
+worker_name: synapse-generic-worker-1
+
+worker_listeners:
+  - type: http
+    port: 8081
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+
+worker_log_config: /data/log.config