diff --git a/cluster/prod/app/backup/README.md b/cluster/prod/app/backup/README.md new file mode 100644 index 0000000..62101d8 --- /dev/null +++ b/cluster/prod/app/backup/README.md @@ -0,0 +1,32 @@ +## Pour remonter locement un backup de PSQL fait par Nomad (backup-weekly.hcl) + +```bash +export AWS_BUCKET=backups-pgbasebackup +export AWS_ENDPOINT=s3.deuxfleurs.shirokumo.net +export AWS_ACCESS_KEY_ID=$(consul kv get "secrets/postgres/backup/aws_access_key_id") +export AWS_SECRET_ACCESS_KEY=$(consul kv get secrets/postgres/backup/aws_secret_access_key) +export CRYPT_PUBLIC_KEY=$(consul kv get secrets/postgres/backup/crypt_public_key) +``` + +Et voilà le travail : + +```bash +$ aws s3 --endpoint https://$AWS_ENDPOINT ls +2022-04-14 17:00:50 backups-pgbasebackup + +$ aws s3 --endpoint https://$AWS_ENDPOINT ls s3://backups-pgbasebackup + PRE 2024-07-28 00:00:36.140539/ + PRE 2024-08-04 00:00:21.291551/ + PRE 2024-08-11 00:00:26.589762/ + PRE 2024-08-18 00:00:40.873939/ + PRE 2024-08-25 01:03:54.672763/ + PRE 2024-09-01 00:00:20.019605/ + PRE 2024-09-08 00:00:16.969740/ + PRE 2024-09-15 00:00:37.951459/ + PRE 2024-09-22 00:00:21.030452/ + +$ aws s3 --endpoint https://$AWS_ENDPOINT ls "s3://backups-pgbasebackup/2024-09-22 00:00:21.030452/" +2024-09-22 03:23:28 623490 backup_manifest +2024-09-22 03:25:32 6037121487 base.tar.gz +2024-09-22 03:25:33 19948939 pg_wal.tar.gz +``` diff --git a/cluster/prod/app/matrix/build/docker-compose.yml b/cluster/prod/app/matrix/build/docker-compose.yml index 3b70b64..b61fb39 100644 --- a/cluster/prod/app/matrix/build/docker-compose.yml +++ b/cluster/prod/app/matrix/build/docker-compose.yml @@ -20,4 +20,4 @@ services: # otherwise synapse may fail to launch due to incompatibility issues # see this issue for an example: https://github.com/matrix-org/synapse-s3-storage-provider/issues/64 S3_VERSION: 2c46a764f700e6439afa11c00db827ddf21a9e89 - image: particallydone/amd64_synapse:v59 + image: particallydone/amd64_synapse:v60 diff --git a/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile b/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile index 5a6f709..aa0c165 100644 --- a/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile +++ b/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile @@ -1,4 +1,4 @@ -FROM amd64/debian:trixie as builder +FROM amd64/debian:trixie AS builder ARG VERSION ARG S3_VERSION @@ -31,13 +31,16 @@ RUN virtualenv /root/matrix-env -p /usr/bin/python3 && \ pip3 install \ git+https://github.com/matrix-org/synapse-s3-storage-provider.git@${S3_VERSION} -FROM amd64/debian:bookworm +# WARNING: trixie n'est pas une LTS +# mais on est obligé d'avoir la même version que le builder +# et le builder veut une version de rustc qui n'est pas dans bookworm (dernière LTS at the time of writing) +FROM amd64/debian:trixie RUN apt-get update && \ apt-get -qq -y full-upgrade && \ apt-get install -y \ python3 \ - python3-distutils \ + python3-setuptools \ libffi8 \ libjpeg62-turbo \ libssl3 \ diff --git a/cluster/prod/app/matrix/deploy/im.hcl b/cluster/prod/app/matrix/deploy/im.hcl index ff3ca03..c348131 100644 --- a/cluster/prod/app/matrix/deploy/im.hcl +++ b/cluster/prod/app/matrix/deploy/im.hcl @@ -15,7 +15,7 @@ job "matrix" { driver = "docker" config { - image = "lxpz/amd64_synapse:v58" + image = "particallydone/amd64_synapse:v60" network_mode = "host" readonly_rootfs = true ports = [ "api_port" ] @@ -101,7 +101,7 @@ job "matrix" { driver = "docker" config { - image = "lxpz/amd64_synapse:v58" + image = "particallydone/amd64_synapse:v60" readonly_rootfs = true command = "/usr/local/bin/matrix-s3-async" work_dir = "/tmp" @@ -137,7 +137,7 @@ EOH task "riotweb" { driver = "docker" config { - image = "lxpz/amd64_elementweb:v35" + image = "particallydone/amd64_elementweb:v36" ports = [ "web_port" ] volumes = [ "secrets/config.json:/srv/http/config.json" @@ -190,7 +190,7 @@ EOH driver = "docker" config { - image = "ghcr.io/matrix-org/sliding-sync:v0.99.12" + image = "ghcr.io/matrix-org/sliding-sync:v0.99.16" ports = [ "syncv3_api", "syncv3_metrics" ] }