This broke in 63a49bb2dc
.
Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.
Supersedes #702 (Github Pull Request).
This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2.4 KiB
Configuring Synapse (optional)
By default, this playbook configures the Synapse Matrix server, so that it works for the general case. If that's enough for you, you can skip this document.
The playbook provides lots of customization variables you could use to change Synapse's settings.
Their defaults are defined in roles/matrix-synapse/defaults/main.yml
and they ultimately end up in the generated /matrix/synapse/config/homeserver.yaml
file (on the server). This file is generated from the roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
template.
If there's an existing variable which controls a setting you wish to change, you can simply define that variable in your configuration file (inventory/host_vars/matrix.<your-domain>/vars.yml
) and re-run the playbook to apply the changes.
Alternatively, if there is no pre-defined variable for a Synapse setting you wish to change:
-
you can either request a variable to be created (or you can submit such a contribution yourself). Keep in mind that it's probably not a good idea to create variables for each one of Synapse's various settings that rarely get used.
-
or, you can extend and override the default configuration (
homeserver.yaml.j2
) by making use of thematrix_synapse_configuration_extension_yaml
variable. You can find information about this inroles/matrix-synapse/defaults/main.yml
. -
or, if extending the configuration is still not powerful enough for your needs, you can override the configuration completely using
matrix_synapse_configuration
(ormatrix_synapse_configuration_yaml
). You can find information about this inroles/matrix-synapse/defaults/main.yml
.
Synapse Admin
Certain Synapse administration tasks (managing users and rooms, etc.) can be performed via a web user-interace, if you install Synapse Admin.
Synapse + OpenID Connect for Single-Sign-On
If you'd like to use OpenID Connect authentication with Synapse, you'll need some additional reverse-proxy configuration (see our nginx reverse-proxy doc page).