summary refs log tree commit diff
path: root/docker
diff options
context:
space:
mode:
authorRichard van der Hoff <1389908+richvdh@users.noreply.github.com>2019-06-27 11:17:21 +0100
committerGitHub <noreply@github.com>2019-06-27 11:17:21 +0100
commit53faa6a429fa293210974ee5ff100acf86540d1c (patch)
treea6620a0b8153570ab103f7bdfef047c025c18d49 /docker
parentMerge pull request #5561 from matrix-org/rav/docker/refactor (diff)
parentchangelog (diff)
downloadsynapse-53faa6a429fa293210974ee5ff100acf86540d1c.tar.xz
Merge pull request #5562 from matrix-org/rav/docker/no-generate-keys
Docker: only run --generate-keys when generating config on-the-fly.
Diffstat (limited to 'docker')
-rwxr-xr-xdocker/start.py31
1 files changed, 23 insertions, 8 deletions
diff --git a/docker/start.py b/docker/start.py
index bdb703aebd..59527a5883 100755
--- a/docker/start.py
+++ b/docker/start.py
@@ -67,10 +67,11 @@ def generate_config_from_template(environ, ownership):
             # generate a new secret and write it to a file
 
             if os.path.exists(filename):
+                log("Reading %s from %s" % (secret, filename))
                 with open(filename) as handle:
                     value = handle.read()
             else:
-                log("Generating a random secret for {}".format(name))
+                log("Generating a random secret for {}".format(secret))
                 value = codecs.encode(os.urandom(32), "hex").decode()
                 with open(filename, "w") as handle:
                     handle.write(value)
@@ -100,6 +101,24 @@ def generate_config_from_template(environ, ownership):
     convert("/conf/homeserver.yaml", config_path, environ)
     convert("/conf/log.config", "/compiled/log.config", environ)
     subprocess.check_output(["chown", "-R", ownership, "/data"])
+
+    # Hopefully we already have a signing key, but generate one if not.
+    subprocess.check_output(
+        [
+            "su-exec",
+            ownership,
+            "python",
+            "-m",
+            "synapse.app.homeserver",
+            "--config-path",
+            config_path,
+            # tell synapse to put generated keys in /data rather than /compiled
+            "--keys-directory",
+            "/data",
+            "--generate-keys",
+        ]
+    )
+
     return config_path
 
 
@@ -145,19 +164,15 @@ def main(args, environ):
         config_path = generate_config_from_template(environ, ownership)
 
     args = [
+        "su-exec",
+        ownership,
         "python",
         "-m",
         "synapse.app.homeserver",
         "--config-path",
         config_path,
-        # tell synapse to put any generated keys in /data rather than /compiled
-        "--keys-directory",
-        "/data",
     ]
-
-    # Generate missing keys and start synapse
-    subprocess.check_output(args + ["--generate-keys"])
-    os.execv("/sbin/su-exec", ["su-exec", ownership] + args)
+    os.execv("/sbin/su-exec", args)
 
 
 if __name__ == "__main__":