From 5b6ad3f6925f716d8d9fd5bf4a829ec0f8e362d4 Mon Sep 17 00:00:00 2001 From: Ezra Date: Sun, 5 Apr 2026 05:10:54 +0000 Subject: [PATCH] [ezra] Conduit configuration scaffold (#183) --- infra/matrix/conduit/conduit.toml | 91 +++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 infra/matrix/conduit/conduit.toml diff --git a/infra/matrix/conduit/conduit.toml b/infra/matrix/conduit/conduit.toml new file mode 100644 index 00000000..7f4d95ad --- /dev/null +++ b/infra/matrix/conduit/conduit.toml @@ -0,0 +1,91 @@ +# Conduit Configuration +# Server Settings +global_server_name = "matrix.example.com" # CHANGE THIS + +database_backend = "rocksdb" +database_path = "/var/lib/matrix-conduit" + +registration = false # Disabled after initial admin account creation +registration_token = "" # Set via CONDUIT_REGISTRATION_TOKEN env var + +federation = true +allow_federation = true +federation_sender_buffer = 100 + +# Even if federation is disabled, sometimes you still want to allow the server +# to reach other homeservers for e.g. bridge functionality or integration servers +allow_check_for_updates = true + +# Address on which to connect to the server (locally). +address = "0.0.0.0" +port = 6167 + +# Enable if you want TLS termination handled directly by Conduit (not recommended) +tls = false + +# Max request size in bytes (default: 20MB) +max_request_size = 20971520 + +# Enable metrics endpoint for Prometheus +enable_metrics = false + +# Logging level: debug, info, warn, error +log = "info" + +# Maximum database cache size (if using rocksdb) +cache_capacity_mb = 512 + +# Workaround for Synapse's synapsedotorg room +allow_incoming_presence = true + +send_query_auth_requests = true + +# Allow appservices to use /_matrix/client/r0/login +allow_appservice_login = false + +# Disable users who don't use their accounts for longer than this time +freeze_unfreeze_device_lists = false + +# Enable media proxying through the server +allow_media_relaying = false + +# Block certain IP ranges from federation +deny_federation_from = [ + # "example.com", +] + +# Require authentication for media requests +require_auth_for_profile_requests = false + +# Trust X-Forwarded-* headers from reverse proxy +trusted_servers = [] + +# URL Preview settings +url_preview = false +max_preview_url_length = 2048 +max_preview_spider_size = 1048576 # 1MB + +# Consent tracking +users_consent_to_tracking = true + +# Backup +backup_burst_count = 3 +backup_per_second = 0.5 + +# Presence presence = true + +# Push (for push notifications to mobile apps) +push = true + +# Federation - How long to wait before timing out federation requests +federation_timeout_seconds = 30 + +# Event persistence settings +pdu_cache_capacity = 100000 +auth_chain_cache_capacity = 100000 + +# Appservice support +appservice = true + +# Initial sync cache (can be memory intensive) +initial_sync_cache = true