forked from Deuxfleurs/nixcfg
Synapse sqlite db with litestream
This commit is contained in:
parent
7c775e6017
commit
424e7ae22c
9 changed files with 2751 additions and 13 deletions
2637
app/im/config/homeserver.yaml
Normal file
2637
app/im/config/homeserver.yaml
Normal file
File diff suppressed because it is too large
Load diff
10
app/im/config/litestream.yml
Normal file
10
app/im/config/litestream.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
dbs:
|
||||||
|
- path: /ephemeral/homeserver.db
|
||||||
|
replicas:
|
||||||
|
- url: s3://synapse-db/homeserver.db
|
||||||
|
region: garage-staging
|
||||||
|
endpoint: https://garage-staging.home.adnab.me
|
||||||
|
access-key-id: {{ key "secrets/synapse/s3_db_access_key" | trimSpace }}
|
||||||
|
secret-access-key: {{ key "secrets/synapse/s3_db_secret_key" | trimSpace }}
|
||||||
|
force-path-style: true
|
||||||
|
sync-interval: 60s
|
|
@ -17,24 +17,84 @@ job "im" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ephemeral_disk {
|
||||||
|
size = 1000
|
||||||
|
}
|
||||||
|
|
||||||
|
task "restore-db" {
|
||||||
|
lifecycle {
|
||||||
|
hook = "prestart"
|
||||||
|
sidecar = false
|
||||||
|
}
|
||||||
|
|
||||||
|
driver = "docker"
|
||||||
|
config {
|
||||||
|
image = "litestream/litestream"
|
||||||
|
args = [
|
||||||
|
"restore", "-config", "/etc/litestream.yml", "/ephemeral/homeserver.db"
|
||||||
|
]
|
||||||
|
volumes = [
|
||||||
|
"../alloc/data:/ephemeral",
|
||||||
|
"secrets/litestream.yml:/etc/litestream.yml"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = file("../config/litestream.yml")
|
||||||
|
destination = "secrets/litestream.yml"
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
memory = 1000
|
||||||
|
cpu = 1000
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
task "synapse" {
|
task "synapse" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "matrixdotorg/synapse:v1.48.0"
|
image = "matrixdotorg/synapse:v1.48.0"
|
||||||
ports = [ "http" ]
|
ports = [ "http" ]
|
||||||
|
|
||||||
|
entrypoint = [ "/usr/local/bin/python" ]
|
||||||
|
args = [
|
||||||
|
"-m", "synapse.app.homeserver",
|
||||||
|
"-n",
|
||||||
|
"-c", "/etc/matrix-synapse/homeserver.yaml"
|
||||||
|
]
|
||||||
|
|
||||||
volumes = [
|
volumes = [
|
||||||
|
"secrets:/etc/matrix-synapse",
|
||||||
|
"../alloc/data:/ephemeral",
|
||||||
"/mnt/ssd/synapse:/data",
|
"/mnt/ssd/synapse:/data",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = file("../config/homeserver.yaml")
|
||||||
|
destination = "secrets/homeserver.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = "{{ key \"secrets/synapse/signing_key\" }}"
|
||||||
|
destination = "secrets/signing_key"
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
memory = 1500
|
||||||
|
cpu = 1000
|
||||||
|
}
|
||||||
|
|
||||||
|
restart {
|
||||||
|
attempts = 3
|
||||||
|
delay = "30s"
|
||||||
|
}
|
||||||
|
|
||||||
service {
|
service {
|
||||||
port = "http"
|
port = "http"
|
||||||
tags = [
|
tags = [
|
||||||
"tricot matrix.home.adnab.me 100",
|
"tricot matrix.home.adnab.me 100",
|
||||||
"tricot matrix.home.adnab.me:443 100",
|
"tricot matrix.home.adnab.me:443 100",
|
||||||
"tricot matrix.home.adnab.me:8448 100",
|
|
||||||
"tricot-add-header Access-Control-Allow-Origin *",
|
"tricot-add-header Access-Control-Allow-Origin *",
|
||||||
]
|
]
|
||||||
check {
|
check {
|
||||||
|
@ -45,4 +105,29 @@ job "im" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
task "replicate-db" {
|
||||||
|
driver = "docker"
|
||||||
|
config {
|
||||||
|
image = "litestream/litestream"
|
||||||
|
args = [
|
||||||
|
"replicate", "-config", "/etc/litestream.yml"
|
||||||
|
]
|
||||||
|
volumes = [
|
||||||
|
"../alloc/data:/ephemeral",
|
||||||
|
"secrets/litestream.yml:/etc/litestream.yml"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
template {
|
||||||
|
data = file("../config/litestream.yml")
|
||||||
|
destination = "secrets/litestream.yml"
|
||||||
|
}
|
||||||
|
|
||||||
|
resources {
|
||||||
|
memory = 500
|
||||||
|
cpu = 100
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
1
app/im/secrets/synapse/form_secret
Normal file
1
app/im/secrets/synapse/form_secret
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER Synapse's `form_secret` configuration parameter
|
1
app/im/secrets/synapse/macaroon_secret_key
Normal file
1
app/im/secrets/synapse/macaroon_secret_key
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER Synapse's `macaroon_secret_key` parameter
|
1
app/im/secrets/synapse/registration_shared_secret
Normal file
1
app/im/secrets/synapse/registration_shared_secret
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER Synapse's `registration_shared_secret` parameter
|
1
app/im/secrets/synapse/s3_db_access_key
Normal file
1
app/im/secrets/synapse/s3_db_access_key
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER S3 access key ID for database storage
|
1
app/im/secrets/synapse/s3_db_secret_key
Normal file
1
app/im/secrets/synapse/s3_db_secret_key
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER S3 secret key for database storage
|
1
app/im/secrets/synapse/signing_key
Normal file
1
app/im/secrets/synapse/signing_key
Normal file
|
@ -0,0 +1 @@
|
||||||
|
USER Signing key for messages
|
Loading…
Reference in a new issue