Timmy_Foundation/timmy-config
16
0
Fork 0
Code Issues 57 Pull Requests 1 Actions 1 Packages Projects Releases Wiki Activity
Files
5c84fead299e5cb0d1681a798f12db8b0bdc46c1
timmy-config/deploy/conduit/conduit.toml
Ezra (Archivist) 1b33db499e [matrix] Add Conduit deployment scaffold for #166, #183 
Architecture:
- ADR-1: Conduit selected over Synapse/Dendrite (Rust, low resource)
- ADR-2: Deploy on existing Gitea VPS initially
- ADR-3: Full federation enabled

Artifacts:
- docs/matrix-fleet-comms/README.md (architecture + runbooks)
- deploy/conduit/conduit.toml (production config)
- deploy/conduit/conduit.service (systemd)
- deploy/conduit/Caddyfile (reverse proxy)
- deploy/conduit/install.sh (one-command installer)
- deploy/conduit/scripts/backup.sh (automated backups)
- deploy/conduit/scripts/health.sh (health monitoring)

Closes #183 (scaffold complete)
Progresses #166 (implementation unblocked)
2026-04-05 04:38:15 +00:00

82 lines
2.0 KiB
TOML
Raw Blame History

# Conduit Homeserver Configuration
# Location: /opt/conduit/conduit.toml
# Reference: docs/matrix-fleet-comms/README.md
[global]
# The server_name is the canonical name of your homeserver.
# It must match the domain in your MXIDs (e.g., @user:timmy.foundation)
server_name = "timmy.foundation"
# Database path - SQLite for simplicity, PostgreSQL available if needed
database_path = "/opt/conduit/data/conduit.db"
# Port to listen on
port = 8448
# Maximum request size (20MB for file uploads)
max_request_size = 20000000
# Allow guests to register (false = closed registration)
allow_registration = false
# Allow guests to join rooms without registering
allow_guest_registration = false
# Require authentication for profile requests
authenticate_profile_requests = true
[registration]
# Closed registration - admin creates accounts manually
enabled = false
[federation]
# Enable federation to communicate with other Matrix homeservers
enabled = true
# Servers to block from federation
# disabled_servers = ["bad.actor.com", "spammer.org"]
disabled_servers = []
# Enable server discovery via .well-known
well_known = true
[media]
# Maximum upload size per file (50MB)
max_file_size = 50000000
# Maximum total media cache size (100MB)
max_media_size = 100000000
# Directory for media storage
media_path = "/opt/conduit/data/media"
[retention]
# Enable message retention policies
enabled = true
# Default retention for rooms without explicit policy
default_room_retention = "30d"
# Minimum allowed retention period
min_retention = "1d"
# Maximum allowed retention period (null = no limit)
max_retention = null
[logging]
# Log level: error, warn, info, debug, trace
level = "info"
# Log to file
log_file = "/opt/conduit/logs/conduit.log"
[security]
# Require transaction IDs for idempotent requests
require_transaction_ids = true
# IP range blacklist for incoming federation
# ip_range_blacklist = ["10.0.0.0/8", "172.16.0.0/12"]
# Allow incoming federation from these IP ranges only (empty = allow all)
# ip_range_whitelist = []
Reference in New Issue View Git Blame Copy Permalink