bundles/matrix-synapse: add sliding-sync proxy

This commit is contained in:
Franzi 2024-03-17 18:32:28 +01:00
parent a4e51c5d54
commit ae14265abc
Signed by: kunsi
GPG key ID: 12E3D2136B818350
5 changed files with 76 additions and 0 deletions

View file

@ -30,6 +30,7 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports.
| 20010 | mautrix-telegram | Bridge | | 20010 | mautrix-telegram | Bridge |
| 20020 | mautrix-whatsapp | Bridge | | 20020 | mautrix-whatsapp | Bridge |
| 20030 | matrix-dimension | Matrix Integrations Manager| | 20030 | matrix-dimension | Matrix Integrations Manager|
| 20070 | matrix-synapse | sliding-sync |
| 20080 | matrix-synapse | client, federation | | 20080 | matrix-synapse | client, federation |
| 20081 | matrix-synapse | prometheus metrics | | 20081 | matrix-synapse | prometheus metrics |
| 20090 | matrix-media-repo | media_repo | | 20090 | matrix-media-repo | media_repo |

View file

@ -0,0 +1,27 @@
<%
database = node.metadata.get('matrix-synapse/database')
db_string = 'postgresql://{}:{}@{}/{}?sslmode=disable'.format(
database['user'],
database['password'],
database.get('host', 'localhost'),
database['database'],
)
%>\
[Unit]
Description=matrix-org sliding-sync proxy
After=network.target
Requires=postgresql.service
[Service]
User=matrix-synapse
Group=matrix-synapse
Environment=SYNCV3_SERVER=https://${node.metadata.get('matrix-synapse/baseurl')}
Environment=SYNCV3_DB=${db_string}
Environment=SYNCV3_SECRET=${node.metadata.get('matrix-synapse/sliding_sync/secret')}
Environment=SYNCV3_BINDADDR=127.0.0.1:20070
ExecStart=/usr/local/bin/matrix-sliding-sync
Restart=always
RestartSec=10s
[Install]
WantedBy=multi-user.target

View file

@ -57,3 +57,32 @@ svc_systemd = {
}, },
}, },
} }
if node.metadata.get('matrix-synapse/sliding_sync/version', None):
files['/usr/local/bin/matrix-sliding-sync'] = {
'content_type': 'download',
'source': 'https://github.com/matrix-org/sliding-sync/releases/download/{}/syncv3_linux_amd64'.format(
node.metadata.get('matrix-synapse/sliding_sync/version'),
),
'content_hash': node.metadata.get('matrix-synapse/sliding_sync/sha1', None),
'mode': '0755',
'triggers': {
'svc_systemd:matrix-sliding-sync:restart',
},
}
files['/usr/local/lib/systemd/system/matrix-sliding-sync.service'] = {
'content_type': 'mako',
'triggers': {
'action:systemd-reload',
'svc_systemd:matrix-sliding-sync:restart',
},
}
svc_systemd['matrix-sliding-sync'] = {
'needs': {
'file:/usr/local/bin/matrix-sliding-sync',
'file:/usr/local/lib/systemd/system/matrix-sliding-sync.service',
'postgres_db:matrix-sliding-sync',
},
}

View file

@ -88,6 +88,14 @@ def nginx(metadata):
if not node.has_bundle('nginx'): if not node.has_bundle('nginx'):
raise DoNotRunAgain raise DoNotRunAgain
wellknown_client_sliding_sync = {}
if metadata.get('matrix-synapse/sliding_sync/version', None):
wellknown_client_sliding_sync = {
'org.matrix.msc3575.proxy': {
'url': 'https://{}'.format(metadata.get('matrix-synapse/baseurl')),
},
}
wellknown = { wellknown = {
'/.well-known/matrix/client': { '/.well-known/matrix/client': {
'content': dumps({ 'content': dumps({
@ -97,6 +105,7 @@ def nginx(metadata):
'm.identity_server': { 'm.identity_server': {
'base_url': metadata.get('matrix-synapse/identity_server', 'https://matrix.org'), 'base_url': metadata.get('matrix-synapse/identity_server', 'https://matrix.org'),
}, },
**wellknown_client_sliding_sync,
**metadata.get('matrix-synapse/additional_client_config', {}), **metadata.get('matrix-synapse/additional_client_config', {}),
}, sort_keys=True), }, sort_keys=True),
'return': 200, 'return': 200,
@ -118,10 +127,16 @@ def nginx(metadata):
} }
locations = { locations = {
'/_client/': {
'target': 'http://127.0.0.1:20070',
},
'/_matrix': { '/_matrix': {
'target': 'http://[::1]:20080', 'target': 'http://[::1]:20080',
'max_body_size': '50M', 'max_body_size': '50M',
}, },
'/_matrix/client/unstable/org.matrix.msc3575/sync': {
'target': 'http://127.0.0.1:20070',
},
'/_synapse': { '/_synapse': {
'target': 'http://[::1]:20080', 'target': 'http://[::1]:20080',
}, },

View file

@ -92,6 +92,10 @@ server_name = "franzi.business"
trusted_key_servers = ["matrix.org", "finallycoffee.eu"] trusted_key_servers = ["matrix.org", "finallycoffee.eu"]
additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net" additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net"
wellknown_also_on_vhosts = ["franzi.business"] wellknown_also_on_vhosts = ["franzi.business"]
[metadata.matrix-synapse.sliding_sync]
version = "v0.99.15"
sha1 = "cecb371ff5f1dd528cfc490484a0967dcc28cd82"
secret = "!decrypt:encrypt$gAAAAABl9yJlbEZafJ2mumtg03rW0-440NIgFcgdWGMo3Axrypugwctacy9Cq7MYtCBGjnDyNvVLI5B2QMJ9ssCD46NCsFRN3-X4u9rDtxPhRZV7rls_LQ_Csc_GsffJfvpmHbn_wsljd3I74h4ouWlYhhEQUIKwb3eErSZ_VTZhu_bC4jTa0FY="
[metadata.mautrix-telegram] [metadata.mautrix-telegram]
version = "v0.15.1" version = "v0.15.1"