Commit Graph

101 Commits

Author SHA1 Message Date
Aine
b2dd4bd1a4
Fix matrix_synapse_oidc_providers parsing 2023-10-17 12:09:30 +03:00
Slavi Pantaleev
c0e56ac1c4
Make OIDC providers if check safer 2023-10-02 19:32:09 +03:00
Aine
9167a7734e
add matrix_synapse_oidc_enabled and matrix_synapse_oidc_providers vars 2023-10-02 18:40:15 +03:00
Slavi Pantaleev
217ddad2de Add support for configuring forgotten_room_retention_period
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2918

Related to https://github.com/matrix-org/synapse/pull/15488
2023-09-28 12:54:52 +03:00
Slavi Pantaleev
e033520ce2 Make Synapse worker systemd service files depend on matrix-synapse.service
Many of these do depend on the Synapse master process (`matrix-synapse.service`),
so it makes sense to do it.

Furthermore, we're doing it so that one can stop the `matrix-synapse.service`
service and have systemd cascade this into stopping all the workers as well.

This is useful for easily stopping all of Synapse, so that Postgres
upgrades (`--tags=upgrade-postgres`) can happen cleanly.
Postgres upgrades currently stop `devture_postgres_systemd_services_to_stop_for_maintenance_list` which
includes Synapse, but stopping just the master process and leaving workers running is not safe enough and sometimes leads to errors like:

> ERROR:  insert or update on table "event_forward_extremities" violates foreign key constraint "event_forward_extremities_event_id"

With this dependency in place, stopping `matrix-synapse.service` will stop all Synapse processes.
2023-09-16 11:37:24 +03:00
Slavi Pantaleev
d207edb304 Deprecate matrix_synapse_spam_checker in favor of matrix_synapse_modules 2023-08-26 20:09:37 +03:00
Alexis Yushin
ba1d665bd9 make smtp tls configurable / optional 2023-07-27 11:26:15 +02:00
Slavi Pantaleev
c09c1265e8 Stop using deprecated worker settings (worker_replication_host, worker_replication_http_port)
Related to:
- e4f545c452
- 2481b7dfa4

We've prepared for this by adding the `main` process to the `instance_map` a long time ago,
in 49cb8b7b11.
2023-07-11 17:20:21 +03:00
Zac
f026c7cee1
Apply suggestions from code review
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-06-13 14:48:44 -05:00
cbackas
0e701bbece add var to make the creds optional 2023-06-13 11:08:14 -05:00
Zac
ceda4c41cc
remove the offending lines 2023-06-13 10:22:37 -05:00
Luke D Iremadze
5c0279f0c9
Update roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-06-02 23:39:55 -06:00
Luke D Iremadze
2f4428bf5b
Update roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-06-02 23:39:17 -06:00
Luke D Iremadze
1f0da9f744 Create hooks for user search ability 2023-06-02 12:50:46 -06:00
Slavi Pantaleev
c55371e305 Add changelog entry for the forget_rooms_on_leave default change for Synapse
Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2698
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2700
2023-05-25 09:14:09 +03:00
Aine
9350eeb9fb
update synapse 1.83.0 -> 1.84.0; set forget_rooms_on_leave = true 2023-05-23 17:33:23 +03:00
Slavi Pantaleev
b71375fac7 Disable healthcheck for Synapse workers which serve no web traffic
This was mostly affecting the stream writer (events) worker, which was
being reported as unhealthy. It wasn't causing any issues, but it just
looked odd and was confusing people.

As an alternative to hitting the regular `/health` healthcheck route (on
the "client" API which this stream writer does not expose),
we may have went for hitting some "replication" API endpoint instead.

This is more complicated and likely unnecessary.
2023-05-19 18:29:02 +03:00
Slavi Pantaleev
1e1ab70965 Make use of matrix_synapse_container_network in the matrix-synapse role
It's the same as `matrix_docker_network` for now, so this practically
doesn't change anything.
2023-05-02 13:22:31 +03:00
spatterlight
beb40134b7
Add support for backup LDAP servers (#2650)
* Update homeserver.yaml.j2

* Update configuring-playbook-ldap-auth.md

* Update homeserver.yaml.j2
2023-04-19 08:52:03 +03:00
Kanlas
9c75a1e20d
Fix recaptcha vars ansible-vault compatibility 2023-04-16 18:52:12 +03:00
Aeris One
44aa0dce7b
Add ability to disable password auth (#2612)
* Add ability to disable password auth

* Allow disabling password authentication
2023-03-29 21:11:22 +03:00
Slavi Pantaleev
643acfcb5b Make synapse-s3-storage-provider periodic migration schedule customizable
Larger deployments may wish to run migration more often.
2023-02-22 16:08:53 +02:00
Slavi Pantaleev
5df89a44b3 Add support for customizing Synapse templates 2023-02-17 19:37:34 +02:00
Slavi Pantaleev
9775218850 Add matrix_synapse_email_app_name variable 2023-02-17 18:31:01 +02:00
Slavi Pantaleev
632026513e Add matrix_synapse_uid, matrix_synapse_gid and matrix_synapse_username 2023-02-17 17:16:50 +02:00
Slavi Pantaleev
519b32543c Add matrix_synapse_container_network and matrix_synapse_container_additional_networks 2023-02-17 16:13:38 +02:00
Slavi Pantaleev
2d7d5d4bab Use new security-opt syntax (: -> =)
Related to https://docs.docker.com/engine/deprecated/#separator--of---security-opt-flag-on-docker-run
2023-02-03 20:36:24 +02:00
Slavi Pantaleev
d2416365d2
Merge pull request #2220 from xangelix/synapse-s3-sse-c
Add S3 SSE-C config support for synapse-s3-storage-provider
2023-01-10 09:25:11 +02:00
Slavi Pantaleev
f0d1e23c9d
Move around whitelines 2023-01-10 09:22:55 +02:00
Cody Wyatt Neiman
fc9eaa6ec5
Remove git version for s3 storage provider 2023-01-09 15:52:38 -05:00
Aine
6bd909bbb7
add mode var for synapse ext ldap auth 2023-01-09 22:18:37 +02:00
Cody Wyatt Neiman
7e5e1712f5
Encode s3 sse-c key for utf-8 2023-01-03 17:53:33 -05:00
Cody Wyatt Neiman
f5390562ed
Fix synapse s3 storage provider container indentation 2023-01-03 16:13:09 -05:00
Cody Wyatt Neiman
6d96bcee1d
Allow 'git' as a version for s3 storage provider 2023-01-03 15:18:49 -05:00
Cody Wyatt Neiman
4d44f7b49e
Use base64 encoded string for sse-c key 2023-01-03 15:18:09 -05:00
Cody Wyatt Neiman
4c60b1dabf
Merge branch 'master' into synapse-s3-sse-c 2023-01-03 14:31:02 -05:00
Slavi Pantaleev
40aa42e982 Add reference to push.enabled to homeserver.yaml
Related to:

- https://github.com/matrix-org/synapse/pull/14551/files
- https://github.com/matrix-org/synapse/pull/14619/files
2022-12-21 06:43:43 +02:00
Slavi Pantaleev
9edc7da67d Do not specify now-unnecessary worker_main_http_uri Synapse worker setting
Related to

- c15e9a0edb
- 01a0527892
2022-12-06 15:54:06 +02:00
Slavi Pantaleev
663fe29ddb Do not specify start_pushers in Synapse config
It's unnecessary when `pusher_instances` is populated.

Source: 6acb6d772a
2022-12-06 15:49:56 +02:00
Slavi Pantaleev
135bb5af3e Do not specify send_federation in Synapse config
It's unnecessary when `federation_sender_instances` is populated.

Source: 6acb6d772a
2022-12-06 15:49:28 +02:00
Slavi Pantaleev
7464604ddd Make use of matrix_synapse_ext_s3_storage_provider_data_path in a few more places 2022-12-04 10:17:55 +02:00
Slavi Pantaleev
7c5c3aedc4 Put s3-storage-provider scripts under /matrix/synapse/ext/s3-storage-provider/bin, not /usr/local/bin 2022-11-27 09:38:34 +02:00
Slavi Pantaleev
735e7355a5 Rename variable (matrix_synapse_ext_s3_storage_provider_path -> matrix_synapse_ext_s3_storage_provider_base_path) 2022-11-27 09:28:29 +02:00
Slavi Pantaleev
72744f9db9 /usr/local/bin/matrix-synapse-register-user -> /matrix/synapse/bin/register-user 2022-11-27 09:26:18 +02:00
Cody Wyatt Neiman
b6bb5731cd
Remove leftover sse-c enabled cmd check 2022-11-13 03:20:30 -05:00
Cody Wyatt Neiman
a7320e02ff
Adjust sse-c template formatting 2022-11-13 03:18:53 -05:00
Cody Wyatt Neiman
384da4f34f
Add S3 SSE-C support to synapse-s3-storage-provider 2022-11-09 16:16:33 -05:00
Slavi Pantaleev
7086c0ebe3 matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:40:25 +02:00
Slavi Pantaleev
a9a81460ec matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:39:35 +02:00
Slavi Pantaleev
f03f716989 matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:37:47 +02:00
Slavi Pantaleev
410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00