# General repo configuration repo: bindAddress: '127.0.0.1' port: {{ matrix__media_repo__port }} # Where to store the logs, relative to where the repo is started from. Logs will be automatically # rotated every day and held for 14 days. To disable the repo logging to files, set this to # "-" (including quotation marks). # # Note: to change the log directory you'll have to restart the repository. This setting cannot be # live reloaded. logDirectory: '-' # If true, the media repo will accept any X-Forwarded-For header without validation. In most cases # this option should be left as "false". Note that the media repo already expects an X-Forwarded-For # header, but validates it to ensure the IP being given makes sense. trustAnyForwardedAddress: false # If false, the media repo will not use the X-Forwarded-Host header commonly added by reverse proxies. # Typically this should remain as true, though in some circumstances it may need to be disabled. # See https://github.com/turt2live/matrix-media-repo/issues/202 for more information. useForwardedHost: true # Options for dealing with federation federation: # On a per-host basis, the number of consecutive failures in calling the host before the # media repo will back off. This defaults to 20 if not given. Note that 404 errors from # the remote server do not count towards this. backoffAt: 20 # The database configuration for the media repository # Do NOT put your homeserver's existing database credentials here. Create a new database and # user instead. Using the same server is fine, just not the same username and database. database: # Currently only "postgres" is supported. postgres: "{{ matrix__media_repo__postgres }}" # The database pooling options pool: # The maximum number of connects to hold open. More of these allow for more concurrent # processes to happen. maxConnections: 25 # The maximum number of connects to leave idle. More of these reduces the time it takes # to serve requests in low-traffic scenarios. maxIdleConnections: 5 # The configuration for the homeservers this media repository is known to control. Servers # not listed here will not be able to upload media. homeservers: - # This should match the server_name of your homeserver, and the Host header # provided to the media repo. name: "{{ matrix__site_host }}" # The base URL to where the homeserver can actually be reached csApi: "{{ matrix__base_url }}" # The number of consecutive failures in calling this homeserver before the # media repository will start backing off. This defaults to 10 if not given. backoffAt: 10 # The kind of admin API the homeserver supports. If set to "matrix", # the media repo will use the Synapse-defined endpoints under the # unstable client-server API. When this is "synapse", the new /_synapse # endpoints will be used instead. Unknown values are treated as the # default, "matrix". adminApiKind: 'matrix' # Options for controlling how access tokens work with the media repo. It is recommended that if # you are going to use these options that the `/logout` and `/logout/all` client-server endpoints # be proxied through this process. They will also be called on the homeserver, and the response # sent straight through the client - they are simply used to invalidate the cache faster for # a particular user. Without these, the access tokens might still work for a short period of time # after the user has already invalidated them. # # This will also cache errors from the homeserver. # # Note that when this config block is used outside of a per-domain config, all hosts will be # subject to the same cache. This also means that application services on limited homeservers # could be authorized on the wrong domain. # # *************************************************************************** # * IT IS HIGHLY RECOMMENDED TO USE PER-DOMAIN CONFIGS WITH THIS FEATURE. * # *************************************************************************** accessTokens: # The maximum time a cached access token will be considered valid. Set to zero (the default) # to disable the cache and constantly hit the homeserver. This is recommended to be set to # 43200 (12 hours) on servers with the logout endpoints proxied through the media repo, and # zero for servers who do not proxy the endpoints through. maxCacheTimeSeconds: 0 # Whether or not to use the `appservices` config option below. If disabled (the default), # the regular access token cache will be used for each user, potentially leading to high # memory usage. useLocalAppserviceConfig: false # The application services (and their namespaces) registered on the homeserver. Only used # if `useLocalAppserviceConfig` is enabled (recommended). # # Usually the appservice will provide you with these config details - they'll just need # translating from the appservice registration to here. Note that this does not require # all options from the registration, and only requires the bare minimum required to run # the media repo. appservices: - id: Name_of_appservice_for_your_reference asToken: Secret_token_for_appservices_to_use senderUserId: '@_example_bridge:yourdomain.com' userNamespaces: - regex: '@_example_bridge_.+:yourdomain.com' # A note about regexes: it is best to suffix *all* namespaces with the homeserver # domain users are valid for, as otherwise the appservice can use any user with # any domain name it feels like, even if that domain is not configured with the # media repo. This will lead to inaccurate reporting in the case of the media # repo, and potentially leading to media being considered "remote". # These users have full access to the administrative functions of the media repository. # See docs/admin.md for information on what these people can do. They must belong to one of the # configured homeservers above. admins: - "{{ matrix__admin_user }}" # Shared secret auth is useful for applications building on top of the media repository, such # as a management interface. The `token` provided here is treated as a repository administrator # when shared secret auth is enabled: if the `token` is used in place of an access token, the' # request will be authorized. This is not limited to any particular domain, giving applications # the ability to use it on any configured hostname. sharedSecretAuth: # Set this to true to enable shared secret auth. enabled: false # Use a secure value here to prevent unauthorized access to the media repository. token: 'PutSomeRandomSecureValueHere' # Datastores are places where media should be persisted. This isn't dedicated for just uploads: # thumbnails and other misc data is also stored in these places. When the media repo is looking # to store new media (such as user uploads, thumbnails, etc) it will look for a datastore which # is flagged as forUploads. It will try to use the smallest datastore first. datastores: - type: file # Enable this to set up data storage. enabled: false # Datastores can be split into many areas when handling uploads. Media is still de-duplicated # across all datastores (local content which duplicates remote content will re-use the remote # content's location). This option is useful if your datastore is becoming very large, or if # you want faster storage for a particular kind of media. # # The kinds available are: # thumbnails - Used to store thumbnails of media (local and remote). # remote_media - Original copies of remote media (servers not configured by this repo). # local_media - Original uploads for local media. # archives - Archives of content (GDPR and similar requests). forKinds: ['thumbnails'] opts: path: /var/matrix/media - type: s3 # Enable this to set up s3 uploads enabled: true forKinds: ['thumbnails', 'remote_media', 'local_media', 'archives'] opts: # The s3 uploader needs a temporary location to buffer files to reduce memory usage on # small file uploads. If the file size is unknown, the file is written to this location # before being uploaded to s3 (then the file is deleted). If you aren't concerned about # memory usage, set this to an empty string. tempPath: '' endpoint: "{{ matrix__media_repo__s3_endpoint }}" accessKeyId: "{{ matrix__media_repo__s3_access_key }}" accessSecret: "{{ matrix__media_repo__s3_access_secret }}" ssl: true bucketName: "{{ matrix__media_repo__s3_bucket }}" # An optional region for where this S3 endpoint is located. Typically not needed, though # some providers will need this (like Scaleway). Uncomment to use. #region: 'sfo2' # The media repo does support an IPFS datastore, but only if the IPFS feature is enabled. If # the feature is not enabled, this will not work. Note that IPFS support is experimental at # the moment and not recommended for general use. # # NOTE: Everything you upload to IPFS will be publicly accessible, even when the media repo # puts authentication on the download endpoints. Only use this option for cases where you # expect your media to be publicly accessible. - type: ipfs # Enable this to use IPFS support enabled: false forKinds: ['local_media'] # The IPFS datastore currently has no options. It will use the daemon or HTTP API configured # in the IPFS section of your main config. opts: {} # Options for controlling archives. Archives are exports of a particular user's content for # the purpose of GDPR or moving media to a different server. archiving: # Whether archiving is enabled or not. Default enabled. enabled: true # If true, users can request a copy of their own data. By default, only repository administrators # can request a copy. # This includes the ability for homeserver admins to request a copy of their own server's # data, as known to the repo. selfService: false # The number of bytes to target per archive before breaking up the files. This is independent # of any file upload limits and will require a similar amount of memory when performing an export. # The file size is also a target, not a guarantee - it is possible to have files that are smaller # or larger than the target. This is recommended to be approximately double the size of your # file upload limit, provided there is enough memory available for the demand of exporting. targetBytesPerPart: 209715200 # 200mb default # The file upload settings for the media repository uploads: maxBytes: 104857600 # 100MB default, 0 to disable # The minimum number of bytes to let people upload minBytes: 100 # 100 bytes by default # The number of bytes to claim as the maximum size for uploads for the limits API. If this # is not provided then the maxBytes setting will be used instead. This is useful to provide # if the media repo's settings and the reverse proxy do not match for maximum request size. # This is purely for informational reasons and does not actually limit any functionality. # Set this to -1 to indicate that there is no limit. Zero will force the use of maxBytes. #reportedMaxBytes: 104857600 # An optional list of file types that are allowed to be uploaded. If */* or nothing is # supplied here, then all file types are allowed. Asterisks (*) are wildcards and can be # placed anywhere to match everything (eg: "image/*" matches all images). This will also # restrict which file types are downloaded from remote servers. # # Caution: the media repo cannot tell the difference between encrypted media and arbitrary # binary data. For this reason, this option is deprecated and to be removed in a future # version. allowedTypes: - '*/*' # Specific users can have their own set of allowed file types. These are applied instead # of those listed in the allowedTypes list when a user is found. Much like allowedTypes, # asterisks may be used in the content types and may also be used in the user IDs. This # allows for entire servers to have different allowed types by setting a rule similar to # "@*:example.org". Users will be allowed to upload a file if the type matches any of # the policies that match the user ID. # # Caution: the media repo cannot tell the difference between encrypted media and arbitrary # binary data. For this reason, this option is deprecated and to be removed in a future # version. #exclusions: # '@someone:example.org': # - 'application/pdf' # - 'application/vnd.ms-excel' # '@*:example.org': # - '*/*' # Settings related to downloading files from the media repository downloads: # The maximum number of bytes to download from other servers maxBytes: 104857600 # 100MB default, 0 to disable # The number of workers to use when downloading remote media. Raise this number if remote # media is downloading slowly or timing out. # # Maximum memory usage = numWorkers multiplied by the maximum download size # Average memory usage is dependent on how many concurrent downloads your users are doing. numWorkers: 10 # How long, in minutes, to cache errors related to downloading remote media. Once this time # has passed, the media is able to be re-requested. failureCacheMinutes: 5 # The cache control settings for downloads. This can help speed up downloads for users by # keeping popular media in the cache. This cache is also used for thumbnails. cache: enabled: true # The maximum size of cache to have. Higher numbers are better. maxSizeBytes: 1048576000 # 1GB default # The maximum file size to cache. This should normally be the same size as your maximum # upload size. maxFileSizeBytes: 104857600 # 100MB default # The number of minutes to track how many downloads a file gets trackedMinutes: 30 # The number of downloads a file must receive in the window above (trackedMinutes) in # order to be cached. minDownloads: 5 # The minimum amount of time an item should remain in the cache. This prevents the cache # from cycling out the file if it needs more room during this time. Note that the media # repo regularly cleans out media which is past this point from the cache, so this number # may need increasing depending on your use case. If the maxSizeBytes is reached for the # media repo, and some cached items are still under this timer, new items will not be able # to enter the cache. When this happens, consider raising maxSizeBytes or lowering this # timer. minCacheTimeSeconds: 300 # The minimum amount of time an item should remain outside the cache once it is removed. minEvictedTimeSeconds: 60 # How many days after a piece of remote content is downloaded before it expires. It can be # re-downloaded on demand, this just helps free up space in your datastore. Set to zero or # negative to disable. Defaults to disabled. expireAfterDays: 0 # URL Preview settings urlPreviews: enabled: true # If enabled, the preview_url routes will be accessible maxPageSizeBytes: 10485760 # 10MB default, 0 to disable # If true, the media repository will try to provide previews for URLs with invalid or unsafe # certificates. If false (the default), the media repo will fail requests to said URLs. previewUnsafeCertificates: false # Note: URL previews are limited to a given number of words, which are then limited to a number # of characters, taking off the last word if it needs to. This also applies for the title. numWords: 50 # The number of words to include in a preview (maximum) maxLength: 200 # The maximum number of characters for a description numTitleWords: 30 # The maximum number of words to include in a preview's title maxTitleLength: 150 # The maximum number of characters for a title # The mime types to preview when OpenGraph previews cannot be rendered. OpenGraph previews are # calculated on anything matching "text/*". To have a thumbnail in the preview the URL must be # an image and the image's type must be allowed by the thumbnailer. filePreviewTypes: - 'image/*' # The number of workers to use when generating url previews. Raise this number if url # previews are slow or timing out. # # Maximum memory usage = numWorkers multiplied by the maximum page size # Average memory usage is dependent on how many concurrent urls your users are previewing. numWorkers: 10 # Either allowedNetworks or disallowedNetworks must be provided. If both are provided, they # will be merged. URL previews will be disabled if neither is supplied. Each entry must be # a CIDR range. disallowedNetworks: - '127.0.0.1/8' - '10.0.0.0/8' - '172.16.0.0/12' - '192.168.0.0/16' - '100.64.0.0/10' - '169.254.0.0/16' - '::1/128' - 'fe80::/64' - 'fc00::/7' allowedNetworks: # "Everything". The blacklist will help limit this. # This is the default value for this field. - '0.0.0.0/0' # How many days after a preview is generated before it expires and is deleted. The preview # can be regenerated safely - this just helps free up some space in your database. Set to # zero or negative to disable. Defaults to disabled. expireAfterDays: 0 # The default Accept-Language header to supply when generating URL previews when one isn't # supplied by the client. # Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language defaultLanguage: 'en-US,en' # The thumbnail configuration for the media repository. thumbnails: # The maximum number of bytes an image can be before the thumbnailer refuses. maxSourceBytes: 10485760 # 10MB default, 0 to disable # The number of workers to use when generating thumbnails. Raise this number if thumbnails # are slow to generate or timing out. # # Maximum memory usage = numWorkers multiplied by the maximum image source size # Average memory usage is dependent on how many thumbnails are being generated by your users numWorkers: 100 # All thumbnails are generated into one of the sizes listed here. The first size is used as # the default for when no width or height is requested. The media repository will return # either an exact match or the next largest size of thumbnail. sizes: - width: 32 height: 32 - width: 96 height: 96 - width: 320 height: 240 - width: 640 height: 480 - width: 800 height: 600 # The content types to thumbnail when requested. Types that are not supported by the media repo # will not be thumbnailed (adding application/json here won't work). Clients may still not request # thumbnails for these types - this won't make clients automatically thumbnail these file types. types: - 'image/jpeg' - 'image/jpg' - 'image/png' - 'image/gif' - 'image/heif' - 'image/webp' #- 'image/svg+xml' # Be sure to have ImageMagick installed to thumbnail SVG files # Animated thumbnails can be CPU intensive to generate. To disable the generation of animated # thumbnails, set this to false. If disabled, regular thumbnails will be returned. allowAnimated: true # Default to animated thumbnails, if available defaultAnimated: false # The maximum file size to thumbnail when a capable animated thumbnail is requested. If the image # is larger than this, the thumbnail will be generated as a static image. maxAnimateSizeBytes: 10485760 # 10MB default, 0 to disable # On a scale of 0 (start of animation) to 1 (end of animation), where should the thumbnailer try # and thumbnail animated content? Defaults to 0.5 (middle of animation). stillFrame: 0.5 # How many days after a thumbnail is generated before it expires and is deleted. The thumbnail # can be regenerated safely - this just helps free up some space in your datastores. Set to # zero or negative to disable. Defaults to disabled. expireAfterDays: 0 # Controls for the rate limit functionality rateLimit: # Set this to false if rate limiting is handled at a higher level or you don't want it enabled. enabled: true # The number of requests per second before an IP will be rate limited. Must be a whole number. requestsPerSecond: 1 # The number of requests an IP can send at once before the rate limit is actually considered. burst: 10 # Identicons are generated avatars for a given username. Some clients use these to give users a # default avatar after signing up. Identicons are not part of the official matrix spec, therefore # this feature is completely optional. identicons: enabled: true # The quarantine media settings. quarantine: # If true, when a thumbnail of quarantined media is requested an image will be returned. If no # image is given in the thumbnailPath below then a generated image will be provided. This does # not affect regular downloads of files. replaceThumbnails: true # If true, when media which has been quarantined is requested an image will be returned. If # no image is given in the thumbnailPath below then a generated image will be provided. This # will replace media which is not an image (ie: quarantining a PDF will replace the PDF with # an image). replaceDownloads: false # If provided, the given image will be returned as a thumbnail for media that is quarantined. #thumbnailPath: '/path/to/thumbnail.png' # If true, administrators of the configured homeservers may quarantine media for their server # only. Global administrators can quarantine any media (local or remote) regardless of this # flag. allowLocalAdmins: true # The various timeouts that the media repo will use. timeouts: # The maximum amount of time the media repo should spend trying to fetch a resource that is # being previewed. urlPreviewTimeoutSeconds: 10 # The maximum amount of time the media repo will spend making remote requests to other repos # or homeservers. This is primarily used to download media. federationTimeoutSeconds: 120 # The maximum amount of time the media repo will spend talking to your configured homeservers. # This is usually used to verify a user's identity. clientServerTimeoutSeconds: 30 # Prometheus metrics configuration # For an example Grafana dashboard, import the following JSON: # https://github.com/turt2live/matrix-media-repo/blob/master/docs/grafana.json metrics: # If true, the bindAddress and port below will serve GET /metrics for Prometheus to scrape. enabled: false # The address to listen on. Typically "127.0.0.1" or "0.0.0.0" for all interfaces. bindAddress: '127.0.0.1' # The port to listen on. Cannot be the same as the general web server port. port: 9000 # Options for controlling various MSCs/unstable features of the media repo # Sections of this config might disappear or be added over time. By default all # features are disabled in here and must be explicitly enabled to be used. featureSupport: # MSC2248 - Blurhash MSC2448: # Whether or not this MSC is enabled for use in the media repo enabled: false # Maximum dimensions for converting a blurhash to an image. When no width and # height options are supplied, the default will be half these values. maxWidth: 1024 maxHeight: 1024 # Thumbnail size in pixels to use to generate the blurhash string thumbWidth: 64 thumbHeight: 64 # The X and Y components to use. Higher numbers blur less, lower numbers blur more. xComponents: 4 yComponents: 3 # The amount of contrast to apply when converting a blurhash to an image. Lower values # make the effect more subtle, larger values make it stronger. punch: 1 # IPFS Support # This is currently experimental and might not work at all. IPFS: # Whether or not IPFS support is enabled for use in the media repo. enabled: false # Options for the built in IPFS daemon builtInDaemon: # Enable this to spawn an in-process IPFS node to use instead of a localhost # HTTP agent. If this is disabled, the media repo will assume you have an HTTP # IPFS agent running and accessible. Defaults to using a daemon (true). enabled: true # If the Daemon is enabled, set this to the location where the IPFS files should # be stored. If you're using Docker, this should be something like "/data/ipfs" # so it can be mapped to a volume. repoPath: './ipfs'