mustard/fedora-server-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Synapse config.

Browse source
This commit is contained in:
mustard 2024-08-27 00:08:01 +02:00
parent 60134f2833
commit 11b3595a85
3 changed files with 225 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

74
config/nginx/docker-compose-synapse.yaml Normal file
View file

@ -0,0 +1,74 @@
services:
reverse-proxy:
image: ghcr.io/nginxinc/nginx-unprivileged:mainline-alpine-slim
container_name: reverse_proxy
restart: always
ports:
- "443:8443"
volumes:
- ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./config/nginx/tls.conf:/etc/nginx/conf.d/tls.conf:ro
- ./data/certs:/etc/nginx/ssl:ro
networks:
- frontend
synapse:
depends_on:
- postgres
restart: always
image: "ghcr.io/polarix-containers/synapse:latest"
user: "${UID:-3000}:${GID:-3000}"
container_name: "synapse"
volumes:
- ./config/synapse/homeserver.yaml:/config/homeserver.yaml:ro,z
- ./data/synapse:/data:z
# - ./data/certs:/certs:ro
networks:
backend:
frontend:
aliases:
- synapse
ports:
- "8448:8448"
secrets:
- database.yml
- experimental-synapse.homelab0ne.xyz.signing.key
environment:
SYNAPSE_SERVER_NAME: "experimental-synapse.homelab0ne.xyz"
SYNAPSE_REPORT_STATS: "yes"
SYNAPSE_HTTP_PORT: "8448"
command:
- run
- "--config-path"
- "/config/homeserver.yaml"
- "--config-path"
- "/var/run/secrets/database.yml"
acme.sh:
command:
- daemon
container_name: acme.sh
environment:
DEDYN_TOKEN: "${DEDYN_TOKEN}"
image: 'ghcr.io/polarix-containers/acme.sh:latest'
restart: always
volumes:
- ./data/acme.sh:/acme.sh:Z
- ./data/certs:/certs:z
postgres:
container_name: postgres
image: cgr.dev/chainguard/postgres:latest
volumes:
- ./data/postgres:/var/lib/postgresql/data:Z
restart: unless-stopped
environment:
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
networks:
- backend
networks:
backend:
frontend:
driver: bridge
secrets:
experimental-synapse.homelab0ne.xyz.signing.key:
file: ./secrets/experimental-synapse.homelab0ne.xyz.signing.key
database.yml:
file: ./secrets/synapse_database.yaml

68
config/nginx/synapse.conf Normal file
View file

@ -0,0 +1,68 @@
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /tmp/nginx.pid;
events
{
worker_connections 1024;
}
http
{
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
server
{
listen 8443 ssl;
listen [::]:8443 ssl;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
server_name experimental-synapse.homelab0ne.xyz;
location /
{
proxy_pass http://synapse:8448;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
proxy_http_version 1.1;
}
location /.well-known/_matrix/server {
return 200 '{ "m.homeserver": "experimental-synapse.homelab0ne.xyz:443" }';
}
}
}