deploy/conduit/conduit.toml

# Conduit Homeserver Configuration
# Location: /opt/conduit/conduit.toml
# Reference: docs/matrix-fleet-comms/README.md

[global]
# The server_name is the canonical name of your homeserver.
# It must match the domain in your MXIDs (e.g., @user:timmy.foundation)
server_name = "timmy.foundation"

# Database path - SQLite for simplicity, PostgreSQL available if needed
database_path = "/opt/conduit/data/conduit.db"

# Port to listen on
port = 8448

# Maximum request size (20MB for file uploads)
max_request_size = 20000000

# Allow guests to register (false = closed registration)
allow_registration = false

# Allow guests to join rooms without registering
allow_guest_registration = false

# Require authentication for profile requests
authenticate_profile_requests = true

[registration]
# Closed registration - admin creates accounts manually
enabled = false

[federation]
# Enable federation to communicate with other Matrix homeservers
enabled = true

# Servers to block from federation
# disabled_servers = ["bad.actor.com", "spammer.org"]
disabled_servers = []

# Enable server discovery via .well-known
well_known = true

[media]
# Maximum upload size per file (50MB)
max_file_size = 50000000

# Maximum total media cache size (100MB)
max_media_size = 100000000

# Directory for media storage
media_path = "/opt/conduit/data/media"

[retention]
# Enable message retention policies
enabled = true

# Default retention for rooms without explicit policy
default_room_retention = "30d"

# Minimum allowed retention period
min_retention = "1d"

# Maximum allowed retention period (null = no limit)
max_retention = null

[logging]
# Log level: error, warn, info, debug, trace
level = "info"

# Log to file
log_file = "/opt/conduit/logs/conduit.log"

[security]
# Require transaction IDs for idempotent requests
require_transaction_ids = true

# IP range blacklist for incoming federation
# ip_range_blacklist = ["10.0.0.0/8", "172.16.0.0/12"]

# Allow incoming federation from these IP ranges only (empty = allow all)
# ip_range_whitelist = []
[matrix] Add Conduit deployment scaffold for #166, #183 Architecture: - ADR-1: Conduit selected over Synapse/Dendrite (Rust, low resource) - ADR-2: Deploy on existing Gitea VPS initially - ADR-3: Full federation enabled Artifacts: - docs/matrix-fleet-comms/README.md (architecture + runbooks) - deploy/conduit/conduit.toml (production config) - deploy/conduit/conduit.service (systemd) - deploy/conduit/Caddyfile (reverse proxy) - deploy/conduit/install.sh (one-command installer) - deploy/conduit/scripts/backup.sh (automated backups) - deploy/conduit/scripts/health.sh (health monitoring) Closes #183 (scaffold complete) Progresses #166 (implementation unblocked) 2026-04-05 04:38:15 +00:00			`# Conduit Homeserver Configuration`
			`# Location: /opt/conduit/conduit.toml`
			`# Reference: docs/matrix-fleet-comms/README.md`

			`[global]`
			`# The server_name is the canonical name of your homeserver.`
			`# It must match the domain in your MXIDs (e.g., @user:timmy.foundation)`
			`server_name = "timmy.foundation"`

			`# Database path - SQLite for simplicity, PostgreSQL available if needed`
			`database_path = "/opt/conduit/data/conduit.db"`

			`# Port to listen on`
			`port = 8448`

			`# Maximum request size (20MB for file uploads)`
			`max_request_size = 20000000`

			`# Allow guests to register (false = closed registration)`
			`allow_registration = false`

			`# Allow guests to join rooms without registering`
			`allow_guest_registration = false`

			`# Require authentication for profile requests`
			`authenticate_profile_requests = true`

			`[registration]`
			`# Closed registration - admin creates accounts manually`
			`enabled = false`

			`[federation]`
			`# Enable federation to communicate with other Matrix homeservers`
			`enabled = true`

			`# Servers to block from federation`
			`# disabled_servers = ["bad.actor.com", "spammer.org"]`
			`disabled_servers = []`

			`# Enable server discovery via .well-known`
			`well_known = true`

			`[media]`
			`# Maximum upload size per file (50MB)`
			`max_file_size = 50000000`

			`# Maximum total media cache size (100MB)`
			`max_media_size = 100000000`

			`# Directory for media storage`
			`media_path = "/opt/conduit/data/media"`

			`[retention]`
			`# Enable message retention policies`
			`enabled = true`

			`# Default retention for rooms without explicit policy`
			`default_room_retention = "30d"`

			`# Minimum allowed retention period`
			`min_retention = "1d"`

			`# Maximum allowed retention period (null = no limit)`
			`max_retention = null`

			`[logging]`
			`# Log level: error, warn, info, debug, trace`
			`level = "info"`

			`# Log to file`
			`log_file = "/opt/conduit/logs/conduit.log"`

			`[security]`
			`# Require transaction IDs for idempotent requests`
			`require_transaction_ids = true`

			`# IP range blacklist for incoming federation`
			`# ip_range_blacklist = ["10.0.0.0/8", "172.16.0.0/12"]`

			`# Allow incoming federation from these IP ranges only (empty = allow all)`
			`# ip_range_whitelist = []`