diff --git a/docker/Dockerfile b/docker/Dockerfile
index c35da67a2a..24921eb098 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -57,6 +57,7 @@ RUN pip install --prefix="/install" --no-warn-script-location \
FROM docker.io/python:${PYTHON_VERSION}-alpine3.8
+# xmlsec is required for saml support
RUN apk add --no-cache --virtual .runtime_deps \
libffi \
libjpeg-turbo \
@@ -64,7 +65,8 @@ RUN apk add --no-cache --virtual .runtime_deps \
libxslt \
libpq \
zlib \
- su-exec
+ su-exec \
+ xmlsec
COPY --from=builder /install /usr/local
COPY ./docker/start.py /start.py
diff --git a/docker/Dockerfile-pgtests b/docker/Dockerfile-pgtests
index 7da8eeb9eb..3bfee845c6 100644
--- a/docker/Dockerfile-pgtests
+++ b/docker/Dockerfile-pgtests
@@ -3,10 +3,10 @@
FROM matrixdotorg/sytest:latest
# The Sytest image doesn't come with python, so install that
-RUN apt-get -qq install -y python python-dev python-pip
+RUN apt-get update && apt-get -qq install -y python3 python3-dev python3-pip
# We need tox to run the tests in run_pg_tests.sh
-RUN pip install tox
+RUN python3 -m pip install tox
ADD run_pg_tests.sh /pg_tests.sh
ENTRYPOINT /pg_tests.sh
diff --git a/docker/run_pg_tests.sh b/docker/run_pg_tests.sh
index e77424c41a..d18d1e4c8e 100755
--- a/docker/run_pg_tests.sh
+++ b/docker/run_pg_tests.sh
@@ -17,4 +17,4 @@ su -c '/usr/lib/postgresql/9.6/bin/pg_ctl -w -D /var/lib/postgresql/data start'
# Run the tests
cd /src
export TRIAL_FLAGS="-j 4"
-tox --workdir=/tmp -e py27-postgres
+tox --workdir=/tmp -e py35-postgres
diff --git a/docker/start.py b/docker/start.py
index 2da555272a..a7a54dacf7 100755
--- a/docker/start.py
+++ b/docker/start.py
@@ -8,7 +8,10 @@ import glob
import codecs
# Utility functions
-convert = lambda src, dst, environ: open(dst, "w").write(jinja2.Template(open(src).read()).render(**environ))
+convert = lambda src, dst, environ: open(dst, "w").write(
+ jinja2.Template(open(src).read()).render(**environ)
+)
+
def check_arguments(environ, args):
for argument in args:
@@ -16,18 +19,22 @@ def check_arguments(environ, args):
print("Environment variable %s is mandatory, exiting." % argument)
sys.exit(2)
+
def generate_secrets(environ, secrets):
for name, secret in secrets.items():
if secret not in environ:
filename = "/data/%s.%s.key" % (environ["SYNAPSE_SERVER_NAME"], name)
if os.path.exists(filename):
- with open(filename) as handle: value = handle.read()
+ with open(filename) as handle:
+ value = handle.read()
else:
print("Generating a random secret for {}".format(name))
value = codecs.encode(os.urandom(32), "hex").decode()
- with open(filename, "w") as handle: handle.write(value)
+ with open(filename, "w") as handle:
+ handle.write(value)
environ[secret] = value
+
# Prepare the configuration
mode = sys.argv[1] if len(sys.argv) > 1 else None
environ = os.environ.copy()
@@ -36,12 +43,17 @@ args = ["python", "-m", "synapse.app.homeserver"]
# In generate mode, generate a configuration, missing keys, then exit
if mode == "generate":
- check_arguments(environ, ("SYNAPSE_SERVER_NAME", "SYNAPSE_REPORT_STATS", "SYNAPSE_CONFIG_PATH"))
+ check_arguments(
+ environ, ("SYNAPSE_SERVER_NAME", "SYNAPSE_REPORT_STATS", "SYNAPSE_CONFIG_PATH")
+ )
args += [
- "--server-name", environ["SYNAPSE_SERVER_NAME"],
- "--report-stats", environ["SYNAPSE_REPORT_STATS"],
- "--config-path", environ["SYNAPSE_CONFIG_PATH"],
- "--generate-config"
+ "--server-name",
+ environ["SYNAPSE_SERVER_NAME"],
+ "--report-stats",
+ environ["SYNAPSE_REPORT_STATS"],
+ "--config-path",
+ environ["SYNAPSE_CONFIG_PATH"],
+ "--generate-config",
]
os.execv("/usr/local/bin/python", args)
@@ -51,15 +63,19 @@ else:
config_path = environ["SYNAPSE_CONFIG_PATH"]
else:
check_arguments(environ, ("SYNAPSE_SERVER_NAME", "SYNAPSE_REPORT_STATS"))
- generate_secrets(environ, {
- "registration": "SYNAPSE_REGISTRATION_SHARED_SECRET",
- "macaroon": "SYNAPSE_MACAROON_SECRET_KEY"
- })
+ generate_secrets(
+ environ,
+ {
+ "registration": "SYNAPSE_REGISTRATION_SHARED_SECRET",
+ "macaroon": "SYNAPSE_MACAROON_SECRET_KEY",
+ },
+ )
environ["SYNAPSE_APPSERVICES"] = glob.glob("/data/appservices/*.yaml")
- if not os.path.exists("/compiled"): os.mkdir("/compiled")
+ if not os.path.exists("/compiled"):
+ os.mkdir("/compiled")
config_path = "/compiled/homeserver.yaml"
-
+
# Convert SYNAPSE_NO_TLS to boolean if exists
if "SYNAPSE_NO_TLS" in environ:
tlsanswerstring = str.lower(environ["SYNAPSE_NO_TLS"])
@@ -69,19 +85,23 @@ else:
if tlsanswerstring in ("false", "off", "0", "no"):
environ["SYNAPSE_NO_TLS"] = False
else:
- print("Environment variable \"SYNAPSE_NO_TLS\" found but value \"" + tlsanswerstring + "\" unrecognized; exiting.")
+ print(
+ 'Environment variable "SYNAPSE_NO_TLS" found but value "'
+ + tlsanswerstring
+ + '" unrecognized; exiting.'
+ )
sys.exit(2)
convert("/conf/homeserver.yaml", config_path, environ)
convert("/conf/log.config", "/compiled/log.config", environ)
subprocess.check_output(["chown", "-R", ownership, "/data"])
-
args += [
- "--config-path", config_path,
-
+ "--config-path",
+ config_path,
# tell synapse to put any generated keys in /data rather than /compiled
- "--keys-directory", "/data",
+ "--keys-directory",
+ "/data",
]
# Generate missing keys and start synapse
|
