From ae14265abc128443e5eae1328b9dbbc6595e44ff Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sun, 17 Mar 2024 18:32:28 +0100 Subject: [PATCH] bundles/matrix-synapse: add sliding-sync proxy --- PORT_MAP.md | 1 + .../files/matrix-sliding-sync.service | 27 +++++++++++++++++ bundles/matrix-synapse/items.py | 29 +++++++++++++++++++ bundles/matrix-synapse/metadata.py | 15 ++++++++++ nodes/carlene.toml | 4 +++ 5 files changed, 76 insertions(+) create mode 100644 bundles/matrix-synapse/files/matrix-sliding-sync.service diff --git a/PORT_MAP.md b/PORT_MAP.md index 90b46f4..908b747 100644 --- a/PORT_MAP.md +++ b/PORT_MAP.md @@ -30,6 +30,7 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports. | 20010 | mautrix-telegram | Bridge | | 20020 | mautrix-whatsapp | Bridge | | 20030 | matrix-dimension | Matrix Integrations Manager| +| 20070 | matrix-synapse | sliding-sync | | 20080 | matrix-synapse | client, federation | | 20081 | matrix-synapse | prometheus metrics | | 20090 | matrix-media-repo | media_repo | diff --git a/bundles/matrix-synapse/files/matrix-sliding-sync.service b/bundles/matrix-synapse/files/matrix-sliding-sync.service new file mode 100644 index 0000000..0eaa5b9 --- /dev/null +++ b/bundles/matrix-synapse/files/matrix-sliding-sync.service @@ -0,0 +1,27 @@ +<% + database = node.metadata.get('matrix-synapse/database') + db_string = 'postgresql://{}:{}@{}/{}?sslmode=disable'.format( + database['user'], + database['password'], + database.get('host', 'localhost'), + database['database'], + ) +%>\ +[Unit] +Description=matrix-org sliding-sync proxy +After=network.target +Requires=postgresql.service + +[Service] +User=matrix-synapse +Group=matrix-synapse +Environment=SYNCV3_SERVER=https://${node.metadata.get('matrix-synapse/baseurl')} +Environment=SYNCV3_DB=${db_string} +Environment=SYNCV3_SECRET=${node.metadata.get('matrix-synapse/sliding_sync/secret')} +Environment=SYNCV3_BINDADDR=127.0.0.1:20070 +ExecStart=/usr/local/bin/matrix-sliding-sync +Restart=always +RestartSec=10s + +[Install] +WantedBy=multi-user.target diff --git a/bundles/matrix-synapse/items.py b/bundles/matrix-synapse/items.py index 527cc5e..fc851c6 100644 --- a/bundles/matrix-synapse/items.py +++ b/bundles/matrix-synapse/items.py @@ -57,3 +57,32 @@ svc_systemd = { }, }, } + +if node.metadata.get('matrix-synapse/sliding_sync/version', None): + files['/usr/local/bin/matrix-sliding-sync'] = { + 'content_type': 'download', + 'source': 'https://github.com/matrix-org/sliding-sync/releases/download/{}/syncv3_linux_amd64'.format( + node.metadata.get('matrix-synapse/sliding_sync/version'), + ), + 'content_hash': node.metadata.get('matrix-synapse/sliding_sync/sha1', None), + 'mode': '0755', + 'triggers': { + 'svc_systemd:matrix-sliding-sync:restart', + }, + } + + files['/usr/local/lib/systemd/system/matrix-sliding-sync.service'] = { + 'content_type': 'mako', + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:matrix-sliding-sync:restart', + }, + } + + svc_systemd['matrix-sliding-sync'] = { + 'needs': { + 'file:/usr/local/bin/matrix-sliding-sync', + 'file:/usr/local/lib/systemd/system/matrix-sliding-sync.service', + 'postgres_db:matrix-sliding-sync', + }, + } diff --git a/bundles/matrix-synapse/metadata.py b/bundles/matrix-synapse/metadata.py index 8a3175a..d0cb15e 100644 --- a/bundles/matrix-synapse/metadata.py +++ b/bundles/matrix-synapse/metadata.py @@ -88,6 +88,14 @@ def nginx(metadata): if not node.has_bundle('nginx'): raise DoNotRunAgain + wellknown_client_sliding_sync = {} + if metadata.get('matrix-synapse/sliding_sync/version', None): + wellknown_client_sliding_sync = { + 'org.matrix.msc3575.proxy': { + 'url': 'https://{}'.format(metadata.get('matrix-synapse/baseurl')), + }, + } + wellknown = { '/.well-known/matrix/client': { 'content': dumps({ @@ -97,6 +105,7 @@ def nginx(metadata): 'm.identity_server': { 'base_url': metadata.get('matrix-synapse/identity_server', 'https://matrix.org'), }, + **wellknown_client_sliding_sync, **metadata.get('matrix-synapse/additional_client_config', {}), }, sort_keys=True), 'return': 200, @@ -118,10 +127,16 @@ def nginx(metadata): } locations = { + '/_client/': { + 'target': 'http://127.0.0.1:20070', + }, '/_matrix': { 'target': 'http://[::1]:20080', 'max_body_size': '50M', }, + '/_matrix/client/unstable/org.matrix.msc3575/sync': { + 'target': 'http://127.0.0.1:20070', + }, '/_synapse': { 'target': 'http://[::1]:20080', }, diff --git a/nodes/carlene.toml b/nodes/carlene.toml index 8b231fd..470d26c 100644 --- a/nodes/carlene.toml +++ b/nodes/carlene.toml @@ -92,6 +92,10 @@ server_name = "franzi.business" trusted_key_servers = ["matrix.org", "finallycoffee.eu"] additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net" wellknown_also_on_vhosts = ["franzi.business"] +[metadata.matrix-synapse.sliding_sync] +version = "v0.99.15" +sha1 = "cecb371ff5f1dd528cfc490484a0967dcc28cd82" +secret = "!decrypt:encrypt$gAAAAABl9yJlbEZafJ2mumtg03rW0-440NIgFcgdWGMo3Axrypugwctacy9Cq7MYtCBGjnDyNvVLI5B2QMJ9ssCD46NCsFRN3-X4u9rDtxPhRZV7rls_LQ_Csc_GsffJfvpmHbn_wsljd3I74h4ouWlYhhEQUIKwb3eErSZ_VTZhu_bC4jTa0FY=" [metadata.mautrix-telegram] version = "v0.15.1"