#jinja2: lstrip_blocks: "True" {% set generic_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'generic_worker') | list %} {% set stream_writer_typing_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'typing') | list %} {% set stream_writer_to_device_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'to_device') | list %} {% set stream_writer_account_data_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'account_data') | list %} {% set stream_writer_receipts_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'receipts') | list %} {% set stream_writer_presence_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'presence') | list %} {% set media_repository_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %} {% set user_dir_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %} {% macro render_worker_upstream(name, workers, matrix_nginx_proxy_enabled) %} {% if workers | length > 0 %} upstream {{ name }} { {% for worker in workers %} {% if matrix_nginx_proxy_enabled %} server "{{ worker.name }}:{{ worker.port }}"; {% else %} server "127.0.0.1:{{ worker.port }}"; {% endif %} {% endfor %} } {% endif %} {% endmacro %} {% macro render_locations_to_upstream(locations, upstream_name) %} {% for location in locations %} location ~ {{ location }} { proxy_pass http://{{ upstream_name }}$request_uri; proxy_set_header Host $host; } {% endfor %} {% endmacro %} {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size_mb }}m; {% endif %} # Round Robin "upstream" pools for workers {% if generic_workers |length > 0 %} upstream generic_workers_upstream { # ensures that requests from the same client will always be passed # to the same server (except when this server is unavailable) hash $http_x_forwarded_for; {% for worker in generic_workers %} {% if matrix_nginx_proxy_enabled %} server "{{ worker.name }}:{{ worker.port }}"; {% else %} server "127.0.0.1:{{ worker.port }}"; {% endif %} {% endfor %} } {% endif %} {{ render_worker_upstream('stream_writer_typing_stream_workers_upstream', stream_writer_typing_stream_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('stream_writer_to_device_stream_workers_upstream', stream_writer_to_device_stream_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('stream_writer_account_data_stream_workers_upstream', stream_writer_account_data_stream_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('stream_writer_receipts_stream_workers_upstream', stream_writer_receipts_stream_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('stream_writer_presence_stream_workers_upstream', stream_writer_presence_stream_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('media_repository_workers_upstream', media_repository_workers, matrix_nginx_proxy_enabled) }} {{ render_worker_upstream('user_dir_workers_upstream', user_dir_workers, matrix_nginx_proxy_enabled) }} {% endif %} server { listen 12080; {% if matrix_nginx_proxy_enabled %} server_name {{ matrix_nginx_proxy_proxy_synapse_hostname }}; {% endif %} server_tokens off; root /dev/null; gzip on; gzip_types text/plain application/json; {% if matrix_nginx_proxy_synapse_workers_enabled %} {# Workers redirects BEGIN #} {% if generic_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_client_server_locations, 'generic_workers_upstream') }} {% endif %} {% if stream_writer_typing_stream_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations, 'stream_writer_typing_stream_workers_upstream') }} {% endif %} {% if stream_writer_to_device_stream_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations, 'stream_writer_to_device_stream_workers_upstream') }} {% endif %} {% if stream_writer_account_data_stream_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations, 'stream_writer_account_data_stream_workers_upstream') }} {% endif %} {% if stream_writer_receipts_stream_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations, 'stream_writer_receipts_stream_workers_upstream') }} {% endif %} {% if stream_writer_presence_stream_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations, 'stream_writer_presence_stream_workers_upstream') }} {% endif %} {% if media_repository_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb }}M; proxy_max_temp_file_size 0; {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_buffering on; proxy_cache {{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}; proxy_cache_valid any {{ matrix_nginx_proxy_synapse_cache_proxy_cache_valid_time }}; proxy_force_ranges on; add_header X-Cache-Status $upstream_cache_status; {% endif %} } {% endfor %} {% endif %} {% if user_dir_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory # If matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set, requests may not reach here, # but could be captured early on (see `matrix-domain.conf.j2`) and forwarded elsewhere (to an identity server, etc.). {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_user_dir_locations, 'user_dir_workers_upstream') }} {% endif %} {# Workers redirects END #} {% endif %} {% for configuration_block in matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} {# Everything else just goes to the API server ##} location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} {# Generic configuration for use outside of our container setup #} proxy_pass http://{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container }}; {% endif %} proxy_set_header Host $host; client_body_buffer_size 25M; client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb }}M; proxy_max_temp_file_size 0; } } {% if matrix_nginx_proxy_proxy_synapse_federation_api_enabled %} server { listen 12088; {% if matrix_nginx_proxy_enabled %} server_name {{ matrix_nginx_proxy_proxy_synapse_hostname }}; {% endif %} server_tokens off; root /dev/null; gzip on; gzip_types text/plain application/json; {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if generic_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_federation_locations, 'generic_workers_upstream') }} {% endif %} {% if media_repository_workers | length > 0 %} # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb }}M; proxy_max_temp_file_size 0; {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_buffering on; proxy_cache {{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}; proxy_cache_valid any {{ matrix_nginx_proxy_synapse_cache_proxy_cache_valid_time }}; proxy_force_ranges on; add_header X-Cache-Status $upstream_cache_status; {% endif %} } {% endfor %} {% endif %} {% endif %} location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} {# Generic configuration for use outside of our container setup #} proxy_pass http://{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container }}; {% endif %} proxy_set_header Host $host; client_body_buffer_size 25M; client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb }}M; proxy_max_temp_file_size 0; } } {% endif %}