Valentin Lab
6 years ago
5 changed files with 209 additions and 0 deletions
-
94synapse/hooks/init
-
26synapse/hooks/postgres_database-relation-joined
-
23synapse/hooks/web_proxy-relation-joined
-
20synapse/lib/common
-
46synapse/metadata.yml
@ -0,0 +1,94 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
## Init is run on host |
||||
|
## For now it is run every time the script is launched, but |
||||
|
## it should be launched only once after build. |
||||
|
|
||||
|
## Accessible variables are: |
||||
|
## - SERVICE_NAME Name of current service |
||||
|
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
||||
|
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
||||
|
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
||||
|
|
||||
|
. lib/common |
||||
|
|
||||
|
# Please note that postgres detect on its own if its datadir needs to be populated |
||||
|
|
||||
|
service_def=$(get_compose_service_def "$SERVICE_NAME") || return 1 |
||||
|
options="$(e "$service_def" | shyaml -y get-value options)" || true |
||||
|
|
||||
|
|
||||
|
SYNAPSE_OPTIONS=( |
||||
|
report-stats:bool ## Enable anon stat reporting back to the Matrix project |
||||
|
enable-registration:bool ## Enable registration on the Synapse instance. |
||||
|
allow-guest:bool ## allow guest joining this server. |
||||
|
event-cache-size:size ## event cache size [default 10K]. |
||||
|
max-upload-size:size ## max upload size [default 10M]. |
||||
|
|
||||
|
## shared secrets |
||||
|
registration-shared-secret:string ## registrering users if registration is disable. |
||||
|
macaroon-secret-key:string ## secret for signing access tokens to the server. |
||||
|
|
||||
|
## recaptcha |
||||
|
recaptcha-public-key:string ## required in order to enable recaptcha upon registration |
||||
|
recaptcha-private-key:string ## required in order to enable recaptcha upon registration |
||||
|
|
||||
|
## turn |
||||
|
turn-uris:string ## coma-separated list of TURN uris to enable TURN for this homeserver. |
||||
|
turn-secret:string ## TURN shared secret if required. |
||||
|
) |
||||
|
|
||||
|
OPTIONS_CONCAT=" ${SYNAPSE_OPTIONS[*]} " |
||||
|
|
||||
|
yaml_opts=() |
||||
|
while read-0 key val; do |
||||
|
key_option="$key" |
||||
|
case "$OPTIONS_CONCAT" in |
||||
|
*" ${key_option}:bool "*) |
||||
|
case "${val,,}" in |
||||
|
true|ok|yes|y|1) |
||||
|
val="\"yes\"" |
||||
|
;; |
||||
|
false|ko|nok|no|n|0) |
||||
|
val="\"no\"" |
||||
|
;; |
||||
|
*) |
||||
|
die "Invalid value for ${WHITE}$key$NORMAL, please use a boolean value." |
||||
|
;; |
||||
|
esac |
||||
|
;; |
||||
|
*" ${key_option}:numeric "*) |
||||
|
if ! is_int "$val"; then |
||||
|
die "Invalid value for ${WHITE}$key$NORMAL, please use numeric value." |
||||
|
fi |
||||
|
;; |
||||
|
*" ${key_option}:string "*) |
||||
|
: |
||||
|
;; |
||||
|
*" ${key_option}:size "*) |
||||
|
[[ "${val}" =~ ^[0-9\.]+[KkMmGgTtPp]$ ]] || { |
||||
|
die "Unknown size specification '${val}'." |
||||
|
} |
||||
|
;; |
||||
|
*) |
||||
|
case "${key//_/-}" in |
||||
|
*) die "Unknown option ${WHITE}$key$NORMAL.";; |
||||
|
esac |
||||
|
continue |
||||
|
;; |
||||
|
esac |
||||
|
yaml_opts+=("$key" "$val") |
||||
|
done < <(e "$options" | yaml_opt_flatten) |
||||
|
|
||||
|
config="\ |
||||
|
$SERVICE_NAME: |
||||
|
environment: |
||||
|
SYNAPSE_NO_TLS: \"yes\" |
||||
|
" |
||||
|
|
||||
|
while read-0 key value; do |
||||
|
key=${key//-/_} |
||||
|
config+="$(printf "\n SYNAPSE_%s: %s" "${key^^}" "$value")" |
||||
|
done < <(array_values_to_stdin yaml_opts) |
||||
|
|
||||
|
init-config-add "$config" |
@ -0,0 +1,26 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
PASSWORD="$(relation-get password)" |
||||
|
USER="$(relation-get user)" |
||||
|
DBNAME="$(relation-get dbname)" |
||||
|
|
||||
|
control=$(echo -en "$USER\0$DBNAME\0$PASSWORD" | md5_compat) |
||||
|
|
||||
|
|
||||
|
init-config-add " |
||||
|
$SERVICE_NAME: |
||||
|
environment: |
||||
|
POSTGRES_HOST: $MASTER_TARGET_SERVICE_NAME |
||||
|
POSTGRES_DB: $DBNAME |
||||
|
POSTGRES_USER: $USER |
||||
|
POSTGRES_PASSWORD: $PASSWORD |
||||
|
" |
||||
|
|
||||
|
[ "$control" == "$(relation-get control 2>/dev/null)" ] && exit 0 |
||||
|
|
||||
|
|
||||
|
relation-set control "$control" |
||||
|
|
||||
|
info "Configured $SERVICE_NAME code for $TARGET_SERVICE_NAME access." |
@ -0,0 +1,23 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
. lib/common |
||||
|
|
||||
|
DOMAIN=$(relation-get domain) || exit 1 |
||||
|
|
||||
|
url=$(relation-get url) |
||||
|
|
||||
|
if [ "${url%://*}" == "https" ]; then |
||||
|
no_tls=" SYNAPSE_NO_TLS: 'yes'" |
||||
|
else |
||||
|
no_tls= |
||||
|
fi |
||||
|
|
||||
|
init-config-add " |
||||
|
$SERVICE_NAME: |
||||
|
environment: |
||||
|
SYNAPSE_SERVER_NAME: $DOMAIN |
||||
|
$no_tls |
||||
|
" || exit 1 |
||||
|
|
@ -0,0 +1,20 @@ |
|||||
|
# -*- mode: shell-script -*- |
||||
|
|
||||
|
|
||||
|
yaml_opt_flatten() { |
||||
|
local prefix="$1" key value |
||||
|
while read-0 key value; do |
||||
|
if [ "$prefix" ]; then |
||||
|
new_prefix="${prefix}-${key}" |
||||
|
else |
||||
|
new_prefix="${key}" |
||||
|
fi |
||||
|
if [[ "$(echo "$value" | shyaml get-type)" == "struct" ]]; then |
||||
|
echo "$value" | yaml_opt_flatten "${new_prefix}" |
||||
|
else |
||||
|
printf "%s\0%s\0" "${new_prefix}" "$value" |
||||
|
fi |
||||
|
done < <(shyaml key-values-0) |
||||
|
} |
||||
|
|
||||
|
|
@ -0,0 +1,46 @@ |
|||||
|
description: Synapse |
||||
|
maintainer: "Valentin Lab <valentin.lab@kalysto.org>" |
||||
|
docker-image: docker.0k.io/synapse:py3.6 |
||||
|
data-resources: |
||||
|
- /data |
||||
|
host-resources: |
||||
|
- /etc/localtime:ro |
||||
|
|
||||
|
default-options: |
||||
|
report-stats: no |
||||
|
enable-registration: no |
||||
|
allow-guest: no |
||||
|
event-cache-size: 10K |
||||
|
max-upload-size: 10M |
||||
|
|
||||
|
# recaptcha: |
||||
|
# ## https://www.google.com/recaptcha/admin/create |
||||
|
# public-key: XXX |
||||
|
# private-key: XXX |
||||
|
# turn: |
||||
|
# uris: |
||||
|
# secret: |
||||
|
|
||||
|
# docker-compose: |
||||
|
# ports: |
||||
|
|
||||
|
uses: |
||||
|
postgres-database: |
||||
|
constraint: required |
||||
|
auto: summon |
||||
|
solves: |
||||
|
database: "main storage" |
||||
|
# log-rotate: |
||||
|
# constraint: recommended |
||||
|
# auto: pair |
||||
|
# solves: |
||||
|
# disk-leak: "/data/logs" |
||||
|
web-proxy: |
||||
|
constraint: recommended |
||||
|
auto: pair |
||||
|
solves: |
||||
|
proxy: "Public access" |
||||
|
default-options: |
||||
|
## ``nocanon`` is mandatory |
||||
|
## see: https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.rst |
||||
|
apache-proxy-pass-options: retry=0 nocanon |
Write
Preview
Loading…
Cancel
Save
Reference in new issue