diff --git a/docs/faq.md b/docs/faq.md index 6d662cff6..e9bb3cc7f 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -323,11 +323,9 @@ matrix_synapse_presence_enabled: false You can also consider implementing a restriction on room complexity, in order to prevent users from joining very heavy rooms: ```yaml -matrix_synapse_configuration_extension_yaml: | - limit_remote_rooms: - enabled: true - complexity: 1.0 # this limits joining complex (~large) rooms, can be - # increased, but larger values can require more RAM +matrix_synapse_limit_remote_rooms_enabled: true +matrix_synapse_limit_remote_rooms_complexity: 1.0 # this limits joining complex (~large) rooms +# can be increased, but larger values can require more RAM ``` If you've installed [Jitsi](configuring-playbook-jitsi.md) (not installed by default), there are additional optimizations listed on its documentation page that you can perform. diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 9fdfe6f6d..e4df1cb47 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -570,6 +570,21 @@ matrix_synapse_report_stats_endpoint: "https://matrix.org/report-usage-stats/pus # disabling this will decrease server load significantly. matrix_synapse_presence_enabled: true +# Controls whether remote room complexity checks are enabled when joining rooms. +# When enabled, Synapse checks a room's complexity before joining a remote room. +# Complexity is measured as `current_state_events / 500` and can prevent +# users from joining very large/active rooms on constrained servers. +matrix_synapse_limit_remote_rooms_enabled: false + +# Maximum complexity allowed before join is blocked. +matrix_synapse_limit_remote_rooms_complexity: 1.0 + +# Error message returned when a user attempts to join a too-complex room. +matrix_synapse_limit_remote_rooms_complexity_error: "Your homeserver is unable to join rooms this large or complex. Please speak to your server administrator, or upgrade your instance to join this room." + +# Allow server admins to join rooms even when they exceed the complexity limit. +matrix_synapse_limit_remote_rooms_admins_can_join: false + # Controls whether accessing the server's public rooms directory can be done without authentication. # For private servers, you most likely wish to require authentication, # unless you know what list of rooms you're publishing to the world and explicitly want to do it. diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 558dc1729..65c32dac4 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -452,30 +452,11 @@ admin_contact: {{ matrix_synapse_admin_contact | to_json }} #server_context: context # Resource-constrained homeserver settings -# -# When this is enabled, the room "complexity" will be checked before a user -# joins a new remote room. If it is above the complexity limit, the server will -# disallow joining, or will instantly leave. -# -# Room complexity is an arbitrary measure based on factors such as the number of -# users in the room. -# limit_remote_rooms: - # Uncomment to enable room complexity checking. - # - #enabled: true - - # the limit above which rooms cannot be joined. The default is 1.0. - # - #complexity: 0.5 - - # override the error which is returned when the room is too complex. - # - #complexity_error: "This room is too complex." - - # allow server admins to join complex rooms. Default is false. - # - #admins_can_join: true + enabled: {{ matrix_synapse_limit_remote_rooms_enabled | to_json }} + complexity: {{ matrix_synapse_limit_remote_rooms_complexity | to_json }} + complexity_error: {{ matrix_synapse_limit_remote_rooms_complexity_error | to_json }} + admins_can_join: {{ matrix_synapse_limit_remote_rooms_admins_can_join | to_json }} # Whether to require a user to be in the room to add an alias to it. # Defaults to 'true'.