diff --git a/bundles/matrix-synapse/metadata.py b/bundles/matrix-synapse/metadata.py index bb2f3fe..189483a 100644 --- a/bundles/matrix-synapse/metadata.py +++ b/bundles/matrix-synapse/metadata.py @@ -1,3 +1,5 @@ +from json import dumps + defaults = { 'apt': { 'repos': { @@ -19,9 +21,6 @@ defaults = { 'icinga2_api': { 'matrix-synapse': { 'services': { - 'MATRIX-SYNAPSE HTTP ENDPOINT': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_http_url_for_string http://[::1]:20080/_matrix/static/ "Synapse is running"', - }, 'MATRIX-SYNAPSE PROCESS': { 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a synapse.app.homeserver -c 1:', 'vars.notification.sms': True, @@ -53,5 +52,78 @@ defaults = { }, }, }, - } + }, + 'zfs': { + 'datasets': { + 'tank/matrix-synapse': { + 'mountpoint': '/var/lib/matrix-synapse', + 'needed_by': { + 'pkg_apt:matrix-synapse-py3', + }, + }, + }, + }, } + + +@metadata_reactor.provides( + 'nginx/vhosts/matrix-synapse', +) +def nginx(metadata): + if not node.has_bundle('nginx'): + raise DoNotRunAgain + + locations = { + '/_matrix': { + 'target': 'http://[::1]:20080', + }, + '/_synapse': { + 'target': 'http://[::1]:20080', + }, + '/.well-known/matrix/client': { + 'return': dumps({ + 'm.homeserver': { + 'base_url': 'https://{}'.format(metadata.get('matrix-synapse/baseurl')), + }, + 'm.identity_server': { + 'base_url': metadata.get('matrix-synapse/identity_server', 'https://matrix.org'), + }, + **metadata.get('matrix-synapse/additional_client_config', {}), + }, sort_keys=True), + 'additional_config': { + 'default_type application/json', + 'add_header Access-Control-Allow-Origin *', + }, + }, + '/.well-known/matrix/server': { + 'return': dumps({ + 'm.server': '{}:443'.format(metadata.get('matrix-synapse/baseurl')), + }, sort_keys=True), + 'additional_config': { + 'default_type application/json', + 'add_header Access-Control-Allow-Origin *', + }, + }, + } + + if node.has_bundle('matrix-media-repo'): + locations['/_matrix/media'] = { + 'target': 'http://localhost:20090', + 'max_body_size': '{}M'.format(metadata.get('matrix-media-repo/upload_max_mb')), + # matrix-media-repo needs this to be the + # homeserver address. + 'x_forwarded_host': metadata.get('matrix-synapse/server_name'), + } + + return { + 'nginx': { + 'vhosts': { + 'matrix-synapse': { + 'domain': metadata.get('matrix-synapse/baseurl'), + 'locations': locations, + 'website_check_path': '/_matrix/static/', + 'website_check_string': 'Synapse is running', + }, + }, + }, + } diff --git a/data/nginx/files/extras/htz-cloud.miniserver/matrix.sophies-kitchen.eu b/data/nginx/files/extras/htz-cloud.miniserver/matrix.sophies-kitchen.eu deleted file mode 100644 index 6f8c74c..0000000 --- a/data/nginx/files/extras/htz-cloud.miniserver/matrix.sophies-kitchen.eu +++ /dev/null @@ -1,24 +0,0 @@ - location /.well-known/matrix/ { - types { } default_type "application/json"; - alias /etc/matrix-synapse/wellknown/; - add_header Access-Control-Allow-Origin *; - } - - location /_matrix { - proxy_pass http://[::1]:20080; - proxy_set_header Host "sophies-kitchen.eu"; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location /_matrix/media { - client_max_body_size 500M; - - proxy_read_timeout 600s; - proxy_set_header Host "sophies-kitchen.eu"; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://localhost:20090; - } diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index d1d40f2..7f04735 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -187,8 +187,8 @@ nodes['htz-cloud.miniserver'] = { 'webroot': '/var/www/sophies-kitchen.eu/_site/', 'extras': True, }, - 'matrix.sophies-kitchen.eu': { - 'extras': True, + 'matrix-synapse': { + 'domain': 'matrix.sophies-kitchen.eu', }, 'webdump.sophies-kitchen.eu': { 'webroot_config': { diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index 279bf04..3c01d6f 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -139,6 +139,11 @@ nodes['htz.ex42-1048908'] = { 'finallycoffee.eu', 'nyantec.com', }, + 'additional_client_config': { + 'im.vector.riot.jitsi': { + 'preferredDomain': 'meet.ffmuc.net', + }, + }, }, 'mautrix-telegram': { 'version': 'v0.10.0', @@ -246,49 +251,8 @@ nodes['htz.ex42-1048908'] = { }, }, }, - 'matrix.franzi.business': { + 'matrix-synapse': { 'ssl': '_.franzi.business', - 'locations': { - '/_matrix': { - 'target': 'http://[::1]:20080', - }, - '/_matrix/media': { - 'target': 'http://localhost:20090', - 'max_body_size': '500M', - # matrix-media-repo needs this to be the - # homeserver address. - 'x_forwarded_host': 'franzi.business', - }, - '/_synapse': { - 'target': 'http://[::1]:20080', - }, - '/.well-known/matrix/client': { - 'return': json_dumps({ - 'm.homeserver': { - 'base_url': 'https://matrix.franzi.business', - }, - 'm.identity_server': { - 'base_url': 'https://matrix.org', - }, - 'im.vector.riot.jitsi': { - 'preferredDomain': 'meet.ffmuc.net', - }, - }, sort_keys=True), - 'additional_config': { - 'default_type application/json', - 'add_header Access-Control-Allow-Origin *', - }, - }, - '/.well-known/matrix/server': { - 'return': json_dumps({ - 'm.server': 'matrix.franzi.business:443', - }, sort_keys=True), - 'additional_config': { - 'default_type application/json', - 'add_header Access-Control-Allow-Origin *', - }, - }, - }, }, 'mta-sts': { 'domain': 'mta-sts.mx0.kunbox.net',