Added 'Homeserver blocking' and 'Media store' to the documentation.

matrix/synapse/README.md

@@ -51,7 +51,7 @@ There are two different ways to configure Synapse, documented here:
 We'll use Synapse, using the workers architecture to make it scalable, flexible and reusable.
 
 
-## Listeners
+# Listeners
 
 A fresh installation configures one listener, for both client and federation
 traffic. This listens on port 8008 on localhost (IPv4 and IPv6) and does not
@@ -69,7 +69,7 @@ listeners:
         compress: false
 ```
 
-## Database
+# Database
 
 The default installation leaves you with an sqlite3 database. Nice for experimenting, but
 unsuitable for a production environment.
@@ -117,7 +117,7 @@ After changing the database, restart Synapse and check whether it can connect
 and create the tables it needs.
 
 
-## Create admin
+# Create admin
 
 Synapse doesn't create an admin account at install time, so you'll have to do
 that yourself.
@@ -141,13 +141,14 @@ register_new_matrix_user -u admin -a -c /etc/matrix-synapse/conf.d/keys.yaml
 This will ask for a password, choose a safe one.
 
 
-## Logging
+# Logging
 
 Logging is configured in `log.yaml`. Some logging should go to systemd, the
 more specific logging to Synapse's own logfile(s).
 
+This part is yet to be completed.
 
-## Delegation and DNS {#Delegation}
+# Delegation and DNS {#Delegation}
 
 If you run your server under a different FQDN than just the domain name you
 want to use, you need to delegate: point from your domain to the server.
@@ -182,7 +183,7 @@ and/or AAAA records in DNS, not CNAME.
 See [nginx](../nginx) for details about how to publish this data.
 
 
-## Blacklists
+# Blacklists
 
 You don't want Synapse to try to contact certain IP-addresses, especially not
 those that are unroutable or for special uses. Add these addresses to `ip_range_blacklist`,
@@ -243,3 +244,60 @@ This configures an SMTP-connection with SSL (port 465, `force_tls`). See Matrix'
 [email documentation](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html?highlight=require_transport_security#email)
 for more information.
 
+
+# Media store {#mediastore}
+
+Files and avatars need to be stored somewhere, we configure these options in
+`conf.d/mediastore.yaml`:
+
+```
+media_store_path: /var/lib/matrix-synapse/media
+enable_authenticated_media: true
+max_upload_size: 50M
+url_preview_enabled: true
+url_preview_ip_range_blacklist:
+  - '127.0.0.0/8'
+  - '10.0.0.0/8'
+  - '172.16.0.0/12'
+  - '192.168.0.0/16'
+  - '100.64.0.0/10'
+  - '192.0.0.0/24'
+  - '169.254.0.0/16'
+  - '192.88.99.0/24'
+  - '198.18.0.0/15'
+  - '192.0.2.0/24'
+  - '198.51.100.0/24'
+  - '203.0.113.0/24'
+  - '224.0.0.0/4'
+  - '::1/128'
+  - 'fe80::/10'
+  - 'fc00::/7'
+  - '2001:db8::/32'
+  - 'ff00::/8'
+  - 'fec0::/10'
+```
+
+These are a few sane (?) defaults, check [Matrix' documentation](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html?highlight=media_store_path#media-store)
+for many more options.
+
+
+# Homeserver blocking {#blocking}
+
+This is a series of options that can be used to block and/or limit users. The
+whole list of options can be found in [Matrix' documentation](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html?highlight=mau_stats_only%3A#homeserver-blocking),
+we're going to pick out a few useful ones.
+
+Let's configure these options in `conf.d/homeserver_blocking.yaml`.
+
+```
+admin_contact: matrixadmin@example.com
+mau_stats_only: true
+max_avatar_size: 2M
+allowed_avatar_mimetypes:
+  - "image/png"
+  - "image/jpeg"
+  - "image/gif"
+forgotten_room_retention_period: 7d
+```
+
+