# The bare domain name which represents your Matrix identity. # Matrix user ids for your server will be of the form (`@user:`). # # Note: this playbook does not touch the server referenced here. # Installation happens on another server ("matrix."). # # If you've deployed using the wrong domain, you'll have to run the Uninstalling step, # because you can't change the Domain after deployment. # # Example value: example.com matrix_domain: "{{synapse_domain}}" # The Matrix homeserver software to install. # See: # - `roles/custom/matrix-base/defaults/main.yml` for valid options # - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice matrix_homeserver_implementation: synapse # A secret used as a base, for generating various other secrets. # You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`). matrix_homeserver_generic_secret_key: "{{matrix_generic_secret_key}}" # By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server. # It will retrieve SSL certificates for you on-demand and forward requests to all other components. # For alternatives, see `docs/configuring-playbook-own-webserver.md`. matrix_playbook_reverse_proxy_type: playbook-managed-traefik # Ensure that public urls use https matrix_playbook_ssl_enabled: true # Disable the web-secure (port 443) endpoint, which also disables SSL certificate retrieval devture_traefik_config_entrypoint_web_secure_enabled: false # If your reverse-proxy runs on another machine, consider using `0.0.0.0:81`, just `81` or `SOME_IP_ADDRESS_OF_THIS_MACHINE:81` devture_traefik_container_web_host_bind_port: "127.0.0.1:{{http_port}}" # We bind to `127.0.0.1` by default (see above), so trusting `X-Forwarded-*` headers from # a reverse-proxy running on the local machine is safe enough. devture_traefik_config_entrypoint_web_forwardedHeaders_insecure: true # This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains. # # In case SSL renewal fails at some point, you'll also get an email notification there. # # If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt), # you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`). # # Example value: someone@example.com devture_traefik_config_certificatesResolvers_acme_email: "{{administrator_email}}" # A Postgres password to use for the superuser Postgres user (called `matrix` by default). # # The playbook creates additional Postgres users and databases (one for each enabled service) # using this superuser account. devture_postgres_connection_password: "{{matrix_postgres_password}}" # By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file. # If this value is an external IP address, you can skip this section. # # If `ansible_host` is not the server's external IP address, you have 2 choices: # 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below) # 2. Uncomment and adjust the line below to specify an IP address manually # # By default, auto-detection will be attempted using the `https://ifconfig.co/json` API. # Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the Coturn role # (see `roles/custom/matrix-coturn/defaults/main.yml`). # # If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses. # Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']` # # matrix_coturn_turn_external_ip_address: ''