{ config, ... }: { services.matrix-synapse = { enable = true; withJemalloc = true; extraConfigFiles = [ config.secrets.files.synapse_extra_config.file ]; sliding-sync = { enable = true; settings.SYNCV3_SERVER = "https://graven.dev"; environmentFile = builtins.toString config.secrets.files.synapse_sliding_sync_env.file; }; settings = { server_name = "graven.dev"; enable_registration = false; registration_shared_secret = builtins.toString config.secrets.files.synapse_registration_shared_secret.file; turn_shared_secret = builtins.toString config.secrets.files.turn_shared_secret.file; max_upload_size = "100M"; database.name = "psycopg2"; database.args.user = "synapse"; database.args.database = "synapse"; turn_uris = [ "turn:turn.graven.dev:3478?transport=udp" "turn:turn.graven.dev:3478?transport=tcp" "turn:turn.graven.dev:3479?transport=udp" "turn:turn.graven.dev:3479?transport=tcp" "turns:turn.graven.dev:5349?transport=udp" "turns:turn.graven.dev:5349?transport=tcp" "turns:turn.graven.dev:5350?transport=udp" "turns:turn.graven.dev:5350?transport=tcp" ]; report_stats = true; logConfig = '' version: 1 formatters: precise: format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' handlers: console: class: logging.StreamHandler formatter: precise loggers: synapse.storage.SQL: # beware: increasing this to DEBUG will make synapse log sensitive # information such as access tokens. level: WARN root: level: WARN handlers: [console] disable_existing_loggers: false ''; listeners = [ { port = 8008; bind_addresses = ["127.0.0.1"]; type = "http"; tls = false; x_forwarded = true; resources = [ { names = [ "client" "federation" ]; compress = false; } ]; } ]; }; }; }