Deuxfleurs/infrastructure
Archived
24
2
Fork 2
Code Issues 22 Pull requests Projects 1 Releases Wiki Activity

Merge pull request 'Upgrade Synapse & Element-web, réécriture de l'OP guide, et ajout du secret turn.zinz.dev' (#33) from adrien/infrastructure:master into master

Browse source 
Reviewed-on: #33
This commit is contained in:
Quentin 2021-01-29 15:53:37 +01:00
commit cee95ad061
4 changed files with 32 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/docker-compose.yml
View file

@ -14,16 +14,16 @@ services:
context: ./im/build/riotweb context: ./im/build/riotweb
args: args:
# https://github.com/vector-im/riot-web/releases # https://github.com/vector-im/riot-web/releases
VERSION: 1.7.16 VERSION: 1.7.18
image: superboum/amd64_riotweb:v19 image: particallydone/amd64_riotweb:v20
synapse: synapse:
build: build:
context: ./im/build/matrix-synapse context: ./im/build/matrix-synapse
args: args:
# https://github.com/matrix-org/synapse/releases # https://github.com/matrix-org/synapse/releases
VERSION: 1.25.0 VERSION: 1.26.0
image: superboum/amd64_synapse:v40 image: particallydone/amd64_synapse:v41
# Email # Email
sogo: sogo:

4
app/im/deploy/im.hcl
View file

@ -15,7 +15,7 @@ job "im" {
driver = "docker" driver = "docker"
config { config {
image = "superboum/amd64_synapse:v40" image = "particallydone/amd64_synapse:v41"
network_mode = "host" network_mode = "host"
readonly_rootfs = true readonly_rootfs = true
ports = [ "client_port", "federation_port" ] ports = [ "client_port", "federation_port" ]
@ -220,7 +220,7 @@ job "im" {
task "server" { task "server" {
driver = "docker" driver = "docker"
config { config {
image = "superboum/amd64_riotweb:v19" image = "particallydone/amd64_riotweb:v20"
ports = [ "web_port" ] ports = [ "web_port" ]
volumes = [ volumes = [
"secrets/config.json:/srv/http/config.json" "secrets/config.json:/srv/http/config.json"

1
app/im/secrets/chat/coturn/static_auth_secret_zinzdev Normal file
View file

@ -0,0 +1 @@
USER Serveur coturn (TURN/STUN) d'Adrien, c'est un jeton d'identification.

46
op_guide/update_matrix/README.md
View file

@ -3,22 +3,26 @@ How to update Matrix?
## 1. Build the new containers ## 1. Build the new containers
It starts with this file: `app/build/docker-compose.yml`.
Often, I update Riot Web and Synapse at the same time. Often, I update Riot Web and Synapse at the same time.
In the file, find the `riot` and `synapse` entries.
The only thing you need to do is to update the `VERSION` argument.
This argument is then used to template the Dockerfile.
The `VERSION` value should match a github release, the link to the corresponding release page is put as a comment next to the variable in the compose file.
Next, we put tags on our images.
You need to increment it, for example: `superboum/amd64_riotweb:v17` will become `superboum/amd64_riotweb:v18`.
We use the docker hub to store our images, if you are not `superboum` you must change the name with your handle, eg. `john/amd64_riotweb:v18`.
So, from now we expact you have: * Open `app/docker-compose.yml` and locate `riot` (the Element Web service) and `synapse` (the Matrix Synapse server). There are two things you need to do for each service:
- changed the `VERSION` value and `image` name/tag of `riot`
- changed the `VERSION` value and `image` name/tag of `synapse`
You can now simply build and push the new images: * Set the `VERSION` argument to the target service version (e.g. `1.26.0` for Synapse). This argument is then used to template the Dockerfile.
The `VERSION` value should match a github release, the link to the corresponding release page is put as a comment next to the variable in the compose file;
* Tag the image with a new incremented version tag. For example: `superboum/amd64_riotweb:v17` will become `superboum/amd64_riotweb:v18`.
We use the docker hub to store our images. So, if you are not `superboum` you must change the name with your own handle, eg. `john/amd64_riotweb:v18`. This requires that you registered an account (named `john`) on https://hub.docker.com.
So, from now we expect you have:
* changed the `VERSION` value and `image` name/tag of `riot`
* changed the `VERSION` value and `image` name/tag of `synapse`
From the `/app` folder, you can now simply build and push the new images:
```bash ```bash
docker-compose build riot synapse docker-compose build riot synapse
@ -34,9 +38,9 @@ Don't forget to commit and push your changes before doing anything else!
## 2. Deploy the new containers ## 2. Deploy the new containers
Now, we will edit the deployment file `app/deployment/im.hcl`. Now, we will edit the deployment file `app/im/deploy/im.hcl`.
Find where the image is defined in the file, for example in Riot, it will look like that: Find where the image is defined in the file, for example Element-web will look like that:
```hcl ```hcl
@ -52,25 +56,25 @@ Find where the image is defined in the file, for example in Riot, it will look l
} }
``` ```
And replace the `image =` entry with your image name. And replace the `image =` entry with its new version created above.
Do the same thing for `synapse`. Do the same thing for the `synapse` service.
Now, you need a way to access the cluster to deploy this file. Now, you need a way to access the cluster to deploy this file.
To do this, you must bind nomad on your machine through a SSH tunnel. To do this, you must bind nomad on your machine through a SSH tunnel.
Check the end of `README.md` to do it. Check the end of [the parent `README.md`](../README.md) to do it.
If you have access to the Nomad web UI when entering http://127.0.0.1:4646 If you have access to the Nomad web UI when entering http://127.0.0.1:4646
you are ready to go. you are ready to go.
You must have installed the Nomad command line tool on your machine (also explained in `README.md`). You must have installed the Nomad command line tool on your machine (also explained in [the parent `README.md`](../README.md)).
Now, on your machine, you must be able to run (from the `app/deployment` folder) : Now, on your machine and from the `app/im/deploy` folder, you must be able to run:
``` ```
nomad plan im.hcl nomad plan im.hcl
``` ```
Check that the proposed diff corresponds to what you have in mind. Check that the proposed diff corresponds to what you have in mind.
If it seems OK, just copy paste the proposed `nomad job run ... im.hcl` command proposed as part of the output of the `nomad plan` command. If it seems OK, just copy paste the `nomad job run ... im.hcl` command proposed as part of the output of the `nomad plan` command.
From now, it will take around ~2 minutes to deploy the new images. From now, it will take around ~2 minutes to deploy the new images.
You can follow the deployment from the Nomad UI. You can follow the deployment from the Nomad UI.
@ -84,6 +88,6 @@ If something went wrong, you must rollback your deployment.
2. Revert to this deployment with [nomad job revert](https://www.nomadproject.io/docs/commands/job/revert) 2. Revert to this deployment with [nomad job revert](https://www.nomadproject.io/docs/commands/job/revert)
Now, if the deployment failed, you should probably investigate what went wrong offline. Now, if the deployment failed, you should probably investigate what went wrong offline.
In this case, I build a test stack with docker-compose in `app/integration` (for now, I had to do that only for plume and jitsi). I built a test stack with docker-compose in `app/<service>/integration` that should help you out (for now, test suites are only written for plume and jitsi).