diff --git a/docker/Dockerfile-workers b/docker/Dockerfile-workers
index 5f1bbb0eae..ad9fa3af28 100644
--- a/docker/Dockerfile-workers
+++ b/docker/Dockerfile-workers
@@ -5,11 +5,13 @@ FROM matrixdotorg/synapse
RUN apt-get update
RUN apt-get install -y supervisor redis nginx
+RUN rm /etc/nginx/sites-enabled/default
+
# Copy the worker process and log configuration files
COPY ./docker/worker.yaml.j2 /conf/worker.yaml.j2
# Expose nginx listener port
-EXPOSE 80/tcp
+EXPOSE 8080/tcp
# Volume for user-editable config files, logs etc.
VOLUME ["/data"]
diff --git a/docker/Dockerfile-workers-complement b/docker/Dockerfile-workers-complement
new file mode 100644
index 0000000000..e52d03bbc1
--- /dev/null
+++ b/docker/Dockerfile-workers-complement
@@ -0,0 +1,31 @@
+# Inherit from the workers Synapse docker image
+FROM matrixdotorg/synapse:workers
+
+RUN apt-get update
+RUN apt-get install -y postgresql
+
+RUN pg_ctlcluster 11 main start && su postgres -c "echo \
+ \"ALTER USER postgres PASSWORD 'somesecret'; \
+ CREATE DATABASE synapse \
+ ENCODING 'UTF8' \
+ LC_COLLATE='C' \
+ LC_CTYPE='C' \
+ template=template0;\" | psql" && pg_ctlcluster 11 main stop
+
+WORKDIR /root
+
+RUN curl -OL "https://github.com/caddyserver/caddy/releases/download/v2.3.0/caddy_2.3.0_linux_amd64.tar.gz" && \
+ tar xzf caddy_2.3.0_linux_amd64.tar.gz && rm caddy_2.3.0_linux_amd64.tar.gz
+
+COPY ./docker/caddy.complement.json /root/caddy.json
+
+EXPOSE 8008 8448
+
+ENTRYPOINT sed -i "s/{{ server_name }}/${SERVER_NAME}/g" /root/caddy.json && \
+ pg_ctlcluster 11 main start > /dev/null && \
+ /root/caddy start --config /root/caddy.json > /dev/null && \
+ SYNAPSE_SERVER_NAME=${SERVER_NAME} \
+ SYNAPSE_REPORT_STATS=no \
+ POSTGRES_PASSWORD=somesecret POSTGRES_USER=postgres POSTGRES_HOST=localhost \
+ SYNAPSE_WORKERS=synchrotron \
+ /configure_workers_and_start.py
\ No newline at end of file
diff --git a/docker/caddy.complement.json b/docker/caddy.complement.json
new file mode 100644
index 0000000000..879c3015a9
--- /dev/null
+++ b/docker/caddy.complement.json
@@ -0,0 +1,76 @@
+{
+ "apps": {
+ "http": {
+ "servers": {
+ "srv0": {
+ "listen": [
+ ":8448"
+ ],
+ "routes": [
+ {
+ "match": [
+ {
+ "host": [
+ "{{ server_name }}"
+ ]
+ }
+ ],
+ "handle": [
+ {
+ "handler": "subroute",
+ "routes": [
+ {
+ "handle": [
+ {
+ "handler": "reverse_proxy",
+ "upstreams": [
+ {
+ "dial": "localhost:80"
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "terminal": true
+ }
+ ]
+ }
+ }
+ },
+ "tls": {
+ "automation": {
+ "policies": [
+ {
+ "subjects": [
+ "{{ server_name }}"
+ ],
+ "issuers": [
+ {
+ "module": "internal"
+ }
+ ],
+ "on_demand": true
+ }
+ ]
+ }
+ },
+ "pki": {
+ "certificate_authorities": {
+ "local": {
+ "name": "Complement CA",
+ "root": {
+ "certificate": "/ca/ca.crt",
+ "private_key": "/ca/ca.key"
+ },
+ "intermediate": {
+ "certificate": "/ca/ca.crt",
+ "private_key": "/ca/ca.key"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/docker/configure_workers_and_start.py b/docker/configure_workers_and_start.py
index 12ab81839f..374089b0dd 100755
--- a/docker/configure_workers_and_start.py
+++ b/docker/configure_workers_and_start.py
@@ -144,8 +144,7 @@ def generate_base_homeserver_config():
"""
# start.py already does this for us, so just call that.
# note that this script is copied in in the official, monolith dockerfile
- output = subprocess.check_output(["/usr/local/bin/python", "/start.py", "generate"], shell=True)
- print("Got output:", output)
+ subprocess.check_output(["/usr/local/bin/python", "/start.py", "migrate_config"])
def generate_worker_files(environ, config_path: str, data_dir: str):
@@ -226,8 +225,8 @@ exitcodes=0
nginx_config_template_header = """
server {
# Listen on Synapse's default HTTP port number
- listen 80;
- listen [::]:80;
+ listen 8080;
+ listen [::]:8080;
server_name localhost;
|
