forked from Deuxfleurs/nixcfg
Synapse sqlite db with litestream
This commit is contained in:
parent
7c775e6017
commit
424e7ae22c
9 changed files with 2751 additions and 13 deletions
2637
app/im/config/homeserver.yaml
Normal file
2637
app/im/config/homeserver.yaml
Normal file
File diff suppressed because it is too large
Load diff
10
app/im/config/litestream.yml
Normal file
10
app/im/config/litestream.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
dbs:
|
||||
- path: /ephemeral/homeserver.db
|
||||
replicas:
|
||||
- url: s3://synapse-db/homeserver.db
|
||||
region: garage-staging
|
||||
endpoint: https://garage-staging.home.adnab.me
|
||||
access-key-id: {{ key "secrets/synapse/s3_db_access_key" | trimSpace }}
|
||||
secret-access-key: {{ key "secrets/synapse/s3_db_secret_key" | trimSpace }}
|
||||
force-path-style: true
|
||||
sync-interval: 60s
|
|
@ -17,31 +17,116 @@ job "im" {
|
|||
}
|
||||
}
|
||||
|
||||
ephemeral_disk {
|
||||
size = 1000
|
||||
}
|
||||
|
||||
task "restore-db" {
|
||||
lifecycle {
|
||||
hook = "prestart"
|
||||
sidecar = false
|
||||
}
|
||||
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "litestream/litestream"
|
||||
args = [
|
||||
"restore", "-config", "/etc/litestream.yml", "/ephemeral/homeserver.db"
|
||||
]
|
||||
volumes = [
|
||||
"../alloc/data:/ephemeral",
|
||||
"secrets/litestream.yml:/etc/litestream.yml"
|
||||
]
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/litestream.yml")
|
||||
destination = "secrets/litestream.yml"
|
||||
}
|
||||
|
||||
resources {
|
||||
memory = 1000
|
||||
cpu = 1000
|
||||
}
|
||||
}
|
||||
|
||||
task "synapse" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "matrixdotorg/synapse:v1.48.0"
|
||||
ports = [ "http" ]
|
||||
|
||||
entrypoint = [ "/usr/local/bin/python" ]
|
||||
args = [
|
||||
"-m", "synapse.app.homeserver",
|
||||
"-n",
|
||||
"-c", "/etc/matrix-synapse/homeserver.yaml"
|
||||
]
|
||||
|
||||
volumes = [
|
||||
"secrets:/etc/matrix-synapse",
|
||||
"../alloc/data:/ephemeral",
|
||||
"/mnt/ssd/synapse:/data",
|
||||
]
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/homeserver.yaml")
|
||||
destination = "secrets/homeserver.yaml"
|
||||
}
|
||||
|
||||
template {
|
||||
data = "{{ key \"secrets/synapse/signing_key\" }}"
|
||||
destination = "secrets/signing_key"
|
||||
}
|
||||
|
||||
resources {
|
||||
memory = 1500
|
||||
cpu = 1000
|
||||
}
|
||||
|
||||
restart {
|
||||
attempts = 3
|
||||
delay = "30s"
|
||||
}
|
||||
|
||||
service {
|
||||
port = "http"
|
||||
tags = [
|
||||
"tricot matrix.home.adnab.me 100",
|
||||
"tricot matrix.home.adnab.me:443 100",
|
||||
"tricot-add-header Access-Control-Allow-Origin *",
|
||||
]
|
||||
check {
|
||||
type = "http"
|
||||
path = "/"
|
||||
interval = "10s"
|
||||
timeout = "2s"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
task "replicate-db" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "litestream/litestream"
|
||||
args = [
|
||||
"replicate", "-config", "/etc/litestream.yml"
|
||||
]
|
||||
volumes = [
|
||||
"../alloc/data:/ephemeral",
|
||||
"secrets/litestream.yml:/etc/litestream.yml"
|
||||
]
|
||||
}
|
||||
|
||||
service {
|
||||
port = "http"
|
||||
tags = [
|
||||
"tricot matrix.home.adnab.me 100",
|
||||
"tricot matrix.home.adnab.me:443 100",
|
||||
"tricot matrix.home.adnab.me:8448 100",
|
||||
"tricot-add-header Access-Control-Allow-Origin *",
|
||||
]
|
||||
check {
|
||||
type = "http"
|
||||
path = "/"
|
||||
interval = "10s"
|
||||
timeout = "2s"
|
||||
template {
|
||||
data = file("../config/litestream.yml")
|
||||
destination = "secrets/litestream.yml"
|
||||
}
|
||||
|
||||
resources {
|
||||
memory = 500
|
||||
cpu = 100
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
1
app/im/secrets/synapse/form_secret
Normal file
1
app/im/secrets/synapse/form_secret
Normal file
|
@ -0,0 +1 @@
|
|||
USER Synapse's `form_secret` configuration parameter
|
1
app/im/secrets/synapse/macaroon_secret_key
Normal file
1
app/im/secrets/synapse/macaroon_secret_key
Normal file
|
@ -0,0 +1 @@
|
|||
USER Synapse's `macaroon_secret_key` parameter
|
1
app/im/secrets/synapse/registration_shared_secret
Normal file
1
app/im/secrets/synapse/registration_shared_secret
Normal file
|
@ -0,0 +1 @@
|
|||
USER Synapse's `registration_shared_secret` parameter
|
1
app/im/secrets/synapse/s3_db_access_key
Normal file
1
app/im/secrets/synapse/s3_db_access_key
Normal file
|
@ -0,0 +1 @@
|
|||
USER S3 access key ID for database storage
|
1
app/im/secrets/synapse/s3_db_secret_key
Normal file
1
app/im/secrets/synapse/s3_db_secret_key
Normal file
|
@ -0,0 +1 @@
|
|||
USER S3 secret key for database storage
|
1
app/im/secrets/synapse/signing_key
Normal file
1
app/im/secrets/synapse/signing_key
Normal file
|
@ -0,0 +1 @@
|
|||
USER Signing key for messages
|
Loading…
Reference in a new issue