From e5574a405e43a51ab152e0e4cf760a3cc021adbe Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 29 Mar 2025 06:42:28 +0200 Subject: [PATCH] Install `libldap-2.5` explicitly when installing `synapse-s3-storage-provider` to satisfy its `psycopg2` dependency --- roles/custom/matrix-synapse/defaults/main.yml | 20 +++++++++++++++++++ .../synapse/customizations/Dockerfile.j2 | 3 +++ 2 files changed, 23 insertions(+) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 335f1d0d2..4edb31d4e 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -52,6 +52,26 @@ matrix_synapse_container_image_customizations_s3_storage_provider_installation_e # https://github.com/aws/aws-cli/issues/9214 matrix_synapse_container_image_customizations_s3_storage_provider_installation_old_boto_workaround_enabled: true +# Controls whether to install libldapXX explicitly when installing s3-storage-provider. +# This is to work around it potentially not being there (after `autoremove` invoked by other scripts cleans it up, etc.) +# +# Some scripts in the custom Dockerfile may install and then autoremove git/ssh/openssh-client. +# This has the side-effect of removing the libldap library that s3-storage-provider depends upon indirectly (via psycopg2). +# +# If this should happen, s3-storage-provider (the `s3_media_upload` script) will fail to start with an error like this: +# > Traceback (most recent call last): +# > File "/usr/local/bin/s3_media_upload", line 10, in +# > import psycopg2 +# > File "/usr/local/lib/python3.12/site-packages/psycopg2/__init__.py", line 51, in +# > from psycopg2._psycopg import ( # noqa +# > ImportError: libldap-2.5.so.0: cannot open shared object file: No such file or directory +# +# The library (e.g. `/usr/lib/x86_64-linux-gnu/libldap-2.5.so.0`) appears to be available by default in the upstream Synapse image for some reason, +# but it doesn't seem to be installed through a Debian package. Autoremoval would remove it, causing s3-storage-provider to fail. +# Given that this is a dependency for s3-storage-provider (psycopg2), we prefer to install it explicitly. +matrix_synapse_container_image_customizations_s3_storage_provider_installation_explicit_libldap_installation_enabled: true +matrix_synapse_container_image_customizations_s3_storage_provider_installation_explicit_libldap_installation_package_name: libldap-2.5 + # Controls whether custom build steps will be added to the Dockerfile for installing auto-accept-invite module. # The version that will be installed is specified in `matrix_synapse_ext_synapse_auto_accept_invite_version`. matrix_synapse_container_image_customizations_auto_accept_invite_installation_enabled: "{{ matrix_synapse_ext_synapse_auto_accept_invite_enabled }}" diff --git a/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 index d01268a4a..d937b8a02 100644 --- a/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 @@ -11,6 +11,9 @@ RUN pip install 'boto3<1.36.0' 'botocore<1.36.0' synapse-s3-storage-provider=={{ {% else %} RUN pip install synapse-s3-storage-provider=={{ matrix_synapse_ext_synapse_s3_storage_provider_version }} {% endif %} +{% if matrix_synapse_container_image_customizations_s3_storage_provider_installation_explicit_libldap_installation_enabled %} +RUN apt-get update && apt-get install --no-install-recommends -y {{ matrix_synapse_container_image_customizations_s3_storage_provider_installation_explicit_libldap_installation_package_name }} +{% endif %} {% endif %} {% if matrix_synapse_container_image_customizations_templates_enabled %}