server_name: "localhost"
pid_file: /data/homeserver.pid
public_baseurl: "{{PUBLIC_BASEURL}}"
listeners:
    - port: 8008
      tls: false
      bind_addresses: ["::"]
      type: http
      x_forwarded: true

      resources:
          - names: [client]
            compress: false

database:
    name: "sqlite3"
    args:
        database: ":memory:"

log_config: "/data/log.config"

rc_messages_per_second: 10000
rc_message_burst_count: 10000
rc_registration:
    per_second: 10000
    burst_count: 10000
rc_joins:
    local:
        per_second: 9999
        burst_count: 9999
    remote:
        per_second: 9999
        burst_count: 9999
rc_joins_per_room:
    per_second: 9999
    burst_count: 9999
rc_3pid_validation:
    per_second: 1000
    burst_count: 1000

rc_invites:
    per_room:
        per_second: 1000
        burst_count: 1000
    per_user:
        per_second: 1000
        burst_count: 1000

rc_login:
    address:
        per_second: 10000
        burst_count: 10000
    account:
        per_second: 10000
        burst_count: 10000
    failed_attempts:
        per_second: 10000
        burst_count: 10000

media_store_path: "/data/media_store"
uploads_path: "/data/uploads"
allow_guest_access: true
enable_registration: true
enable_registration_without_verification: true
disable_msisdn_registration: false
registration_shared_secret: "{{REGISTRATION_SECRET}}"
report_stats: false
macaroon_secret_key: "{{MACAROON_SECRET_KEY}}"
form_secret: "{{FORM_SECRET}}"
signing_key_path: "/data/localhost.signing.key"

trusted_key_servers:
    - server_name: "matrix.org"
suppress_key_server_warning: true

ui_auth:
    session_timeout: "300s"

oidc_providers:
    - idp_id: test
      idp_name: "OAuth test"
      issuer: "http://localhost:{{OAUTH_SERVER_PORT}}/oauth"
      authorization_endpoint: "http://localhost:{{OAUTH_SERVER_PORT}}/oauth/auth.html"
      # the token endpoint receives requests from synapse, rather than the webapp, so needs to escape the docker container.
      token_endpoint: "http://host.containers.internal:{{OAUTH_SERVER_PORT}}/oauth/token"
      userinfo_endpoint: "http://host.containers.internal:{{OAUTH_SERVER_PORT}}/oauth/userinfo"
      client_id: "synapse"
      discover: false
      scopes: ["profile"]
      skip_verification: true
      client_auth_method: none
      user_mapping_provider:
          config:
              display_name_template: "{{ user.name }}"

# Inhibit background updates as this Synapse isn't long-lived
background_updates:
    min_batch_size: 100000
    sleep_duration_ms: 100000

experimental_features:
    # Needed for e2e/crypto/crypto.spec.ts > Cryptography > decryption failure
    # messages > non-joined historical messages.
    # Can be removed after Synapse enables it by default
    msc4115_membership_on_events: true