| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Fix linter
Dockerfile tweaks
|
|
|
|
|
|
| |
- Nuke python_dependencies and setup.py
- Allow commiting poetry.lock
- Initial lockfile pulling in the latest version of deps at the time of locking
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#12118)
* Two scripts are basically entry_points already
* Move and rename scripts/* to synapse/_scripts/*.py
* Delete sync_room_to_group.pl
* Expose entry points in setup.py
* Update linter script and config
* Fixup scripts & docs mentioning scripts that moved
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The driver for this is to stop Complement complaining about it, but as far as I can tell it was pointless and needed to go away anyway.
I'm a bit unclear about what exactly VOLUME does, but I think what it means is that, if you don't override it with an explicit -v argument, then docker run will create a temporary volume, and copy things into it. The temporary volume is then deleted when the container finishes.
That only sounds useful if your image has something to copy into it (otherwise you may as well just use the default root filesystem), and our image notably doesn't copy anything into /data.
So... this wasn't doing anything, except annoying Complement?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* remove reference in comments to python3.6
* upgrade tox python env in script
* bump python version in example for completeness
* upgrade python version requirement in setup doc
* upgrade necessary python version in __init__.py
* upgrade python version in setup.py
* newsfragment
* drops refs to bionic and replace with focal
* bump refs to postgres 9.6 to 10
* fix hanging ci
* try installing tzdata first
* revert change made in b979f336
* ignore new random mypy error while debugging other error
* fix lint error for temporary workaround
* revert change to install list
* try passing env var
* export debian frontend var?
* move line and add comment
* bump pillow dependency
* bump lxml depenency
* install libjpeg-dev for pillow
* bump automat version to one compatible with py3.8
* add libwebp for pillow
* bump twisted trunk python version
* change suffix of newsfragment
* remove redundant python 3.7 checks
* lint
|
|
|
| |
Having spent much of the last week attempting to run complement tests from somewhere with damp string instead of internet... something had to be done.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* update Trove classifiers to remove py36
* stop building bionic
* update dh-virtualenv
* newsfragment
* fix newsfragment
* update version refs
* another try at correct tag
* Update changelog
|
|
|
|
|
| |
The intent is to iterate through all the worker ports and only
report healthy when all are healthy, starting with the main process.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'trust_identity_servers_for_password_resets' (#11395)
* remove background update code related to deprecated config flag
* changelog entry
* update changelog
* Delete 11394.removal
Duplicate, wrong number
* add no-op background update and change newfragment so it will be consolidated with associated work
* remove unused code
* Remove code associated with deprecated flag from legacy docker dynamic config file
Co-authored-by: reivilibre <oliverw@matrix.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add support for `/_matrix/media/v3` APIs
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Update `workers.md` to use v3 client and media APIs
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Add changelog
Signed-off-by: Aaron Raimist <aaron@raim.ist>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Docker image: avoid changing user during `generate`
The intention was always that the config files get written as the initial user
(normally root) - only the data directory needs to be writable by Synapse. This
got changed in https://github.com/matrix-org/synapse/pull/5970, but that seems
to have been a mistake.
* Avoid changing user if no explicit UID is given
* changelog
|
|
|
|
|
|
|
|
| |
Use $(...) notation instead of legacy backticked `...`.
https://github.com/koalaman/shellcheck/wiki/SC2006
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
|
|
|
|
| |
Double quote to prevent globbing and word splitting.
https://github.com/koalaman/shellcheck/wiki/SC2086
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
|
|
|
|
| |
var is referenced but not assigned.
https://github.com/koalaman/shellcheck/wiki/SC2154
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
| |
relative links don't work when it's on dockerhub.
|
|
|
|
| |
This was due to dh-virtualenv builds being broken due to Shpinx removing
deprecated APIs.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Use sytest:bionic. Sytest:latest is two years old (do we want
CI to push out latest at all?) and comes with Python 3.5, which we
explictly no longer support. The script now runs under PostgreSQL 10
as a result.
- Advertise script in the docs
- Move pg testing script to scripts-dev directory
- Write to host as the script's exector, not root
A few changes to make it speedier to re-run the tests:
- Create blank DB in the container, not the script, so we don't have to
`initdb` each time
- Use a named volume to persist the tox environment, so we don't have to
fetch and install a bunch of packages from PyPI each time
Co-authored-by: reivilibre <olivier@librepush.net>
|
| |
|
| |
|
| |
|
| |
|
|
|
| |
This is part of fixing #6116: we want to put RC debs into a different place than release debs, so reprepro has to be able to tell them apart.
|
|
|
| |
Signed-off-by: Dirk Klimpel dirk@klimpel.org
|
|
|
|
|
| |
Fixes #9778
ACME v1 has been fully decommissioned for existing installs on June 1st 2021(see https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27), so we can now safely remove it from Synapse.
|
|
|
| |
Signed-off-by: Chris Castle chris@crc.io
|
|
|
|
| |
Adds an option to complement.sh to run Synapse in worker
mode (instead of the default monolith mode).
|
|
|
|
|
| |
Fixes #9970
Signed-off-by: Sergio Miguéns Iglesias lonyelon@lony.xyz
|
|
|
|
|
| |
* Add healthcheck startup delay by 5secs and reduced interval check to 15s
to reduce waiting time for docker aware edge routers bringing an
instance online
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR adds a Dockerfile and some supporting files to the `docker/` directory. The Dockerfile's intention is to spin up a container with:
* A Synapse main process.
* Any desired worker processes, defined by a `SYNAPSE_WORKERS` environment variable supplied at runtime.
* A redis for worker communication.
* A nginx for routing traffic.
* A supervisord to start all worker processes and monitor them if any go down.
Note that **this is not currently intended to be used in production**. If you'd like to use Synapse workers with Docker, instead make use of the official image, with one worker per container. The purpose of this dockerfile is currently to allow testing Synapse in worker mode with the [Complement](https://github.com/matrix-org/complement/) test suite.
`configure_workers_and_start.py` is where most of the magic happens in this PR. It reads from environment variables (documented in the file) and creates all necessary config files for the processes. It is the entrypoint of the Dockerfile, and thus is run any time the docker container is spun up, recreating all config files in case you want to use a different set of workers. One can specify which workers they'd like to use by setting the `SYNAPSE_WORKERS` environment variable (as a comma-separated list of arbitrary worker names) or by setting it to `*` for all worker processes. We will be using the latter in CI.
Huge thanks to @MatMaul for helping get this all working :tada: This PR is paired with its equivalent on the Complement side: https://github.com/matrix-org/complement/pull/62.
Note, for the purpose of testing this PR before it's merged: You'll need to (re)build the base Synapse docker image for everything to work (`matrixdotorg/synapse:latest`). Then build the worker-based docker image on top (`matrixdotorg/synapse:workers`).
|
|
|
|
|
|
|
| |
Context is in https://github.com/matrix-org/synapse/issues/9764#issuecomment-818615894.
I struggled to find a more official link for this. The problem occurs when using WSL1 instead of WSL2, which some Windows platforms (at least Server 2019) still don't have. Docker have updated their documentation to paint a much happier picture now given WSL2's support.
The last sentence here can probably be removed once WSL1 is no longer around... though that will likely not be for a very long time.
|
|
|
|
|
|
| |
They don't make any sense on the intermediate builder image. The final
images needs them to be of use for anyone.
Signed-off-by: Johannes Wienke <languitar@semipol.de>
|
|
|
|
|
|
|
| |
`room_invite_state_types` was inconvenient as a configuration setting, because
anyone that ever set it would not receive any new types that were added to the
defaults. Here, we deprecate the old setting, and replace it with a couple of
new settings under `room_prejoin_state`.
|
|
|
|
|
|
|
|
|
| |
Make pip install faster in Docker build for [Complement](https://github.com/matrix-org/complement) testing.
If files have changed in a `COPY` command, Docker will invalidate all of the layers below. So I changed the order of operations to install all dependencies before we `COPY synapse /synapse/synapse/`. This allows Docker to use our cached layer of dependencies even when we change the source of Synapse and speed up builds dramatically! `53.5s` -> `3.7s` builds 🤘
As an alternative, I did try using BuildKit caches but this still took 30 seconds overall on that step. 15 seconds to gather the dependencies from the cache and another 15 seconds to `Installing collected packages`.
Fix https://github.com/matrix-org/synapse/issues/9364
|
|\ |
|
| |
| |
| |
| | |
cryptography (#9697)
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
using /usr/bin/env (#9689)
On NixOS, `bash` isn't under `/bin/bash` but rather in some directory in `$PATH`. Locally, I've been patching those scripts to make them work.
`/usr/bin/env` seems to be the only [portable way](https://unix.stackexchange.com/questions/29608/why-is-it-better-to-use-usr-bin-env-name-instead-of-path-to-name-as-my) to use binaries from the PATH as interpreters.
Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
|
|/
|
|
|
|
| |
Cf. https://github.com/opencontainers/image-spec/blob/master/annotations.md#pre-defined-annotation-keys
Signed-off-by: Johannes Wienke <languitar@semipol.de>
|
|
|
|
| |
Co-authored-by: Will Hunt <willh@matrix.org>
Co-authored-by: Erik Johnston <erik@matrix.org>
|
|
|
|
| |
`uploads_path` was a thing that was never used; most of it was removed in #6628
but a few vestiges remained.
|
|
|
|
|
|
|
|
| |
This is needed to build the cryptography library, since it does not
provide wheels for ARMv7.
Fixes #9403
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
|
|
|
|
| |
Adds note about updating dh-virtualenv once we drop support for Xenial.
We can't update now, because it needs debhelper 12, while Xenial only
backports 10.
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
| |
homeserver.yaml template (#9157)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Debian package builds were failing for two reasons:
1. Python versions prior to 3.7 throw exceptions when attempting to print
Unicode characters under a "C" locale. (#9076)
2. We depended on `dh-systemd` which no longer exists in Debian Bullseye, but
is necessary in Ubuntu Xenial. (#9073)
Setting `LANG="C.UTF-8"` in the build environment fixes the first issue.
See also: https://bugs.python.org/issue19846
The second issue is a bit trickier. The dh-systemd package was merged into
debhelper version 9.20160709 and a transitional package left in its wake.
The transitional dh-systemd package was removed in Debian Bullseye.
However, Ubuntu Xenial ships an older debhelper, and still needs dh-systemd.
Thus, builds were failing on Bullseye since we depended on a package which had
ceased existing, but we couldn't remove it from the debian/control file and our
build scripts because we still needed it for Ubuntu Xenial.
We can fix the debian/control issue by listing dh-systemd as an alternative to
the newer versions of debhelper. Since dh-systemd declares that it depends on
debhelper, Ubuntu Xenial will select its older dh-systemd which will in turn
pull in its older debhelper, resulting in no change from the status quo. All
other supported releases will satisfy the debhelper dependency constraint and
skip the dh-systemd alternative.
Build scripts were fixed by unconditionally attempting to install dh-systemd on
all releases and suppressing failures.
Once we drop support for Ubuntu Xenial, we can revert most of this commit and
rely on the version constraint on debhelper in debian/control.
Fixes #9076
Fixes #9073
Signed-off-by: Dan Callahan <danc@element.io>
|
| |
|
|
|
|
|
|
|
| |
This removes the version pin of the `prometheus_client` dependency, in direct response to #8831. If merged, this will close #8831
As far as I can tell, no other changes are needed, but as I'm no synapse expert, I'm relying heavily on CI and maintainer reviews for this. My very primitive test of synapse with prometheus_client v0.9.0 on my home server didn't bring up any issues, so we'll see what happens.
Signed-off-by: Jordan Bancino
|
|
|
| |
Short-term fix for https://github.com/matrix-org/synapse/issues/8766.
|
|
|
|
|
|
|
| |
This bumps us closer to current Python without going all the way to 3.9.
Fixes #8674
Signed-off-by: Dan Callahan <danc@element.io>
|
| |
|
|
|
| |
Signed-off-by: Mateusz Przybyłowicz <uamfhq@gmail.com>
|
|
|
|
|
|
| |
(#8144)
Signed-off-by: Christopher May-Townsend <chris@maytownsend.co.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do this to prevent foot guns. The default config uses a MemoryFilter,
but users are free to change to logging to files directly. If they do
then they have to ensure to set the `filters: [context]` on the right
handler, otherwise records get written with the wrong context.
Instead we move the logic to happen when we generate a record, which is
when we *log* rather than *handle*.
(It's possible to add filters to loggers in the config, however they
don't apply to descendant loggers and so they have to be manually set on
*every* logger used in the code base)
|
| |
|
|
|
| |
As mentioned in #7397, switching to a debian base should help with multi-arch work to save time on compiling. This is unashamedly based on #6373, but without the extra functionality. Switch python version back to generic 3.7 to always pull the latest. Essentially, keeping this as small as possible. The image is bigger though unfortunately.
|
|
|
|
|
| |
* Add libwebp dependency to Dockerfile
Signed-off-by: Juho Vanhanen <juho@vanhanen.io>
|
|
|
|
|
|
| |
Upstream have merged our changes
(https://github.com/spotify/dh-virtualenv/pull/300), so let's switch back to it
instead of using our fork.
|
|
|
|
|
|
| |
When we tried to build debs for 1.13.0, the build failed because docker used a
base docker image which had a stale apt cache.
Fixes: #7540
|
|\ |
|
| | |
|
|/ |
|
|
|
|
|
| |
Lots of people seem to get confused by this mode, and it's been deprecated
since Synapse 1.1.0. It's time for it to go.
|
| |
|
|
|
|
|
|
| |
* Add working build command for docker image
* Add changelog
|
| |
|
|\ |
|
| | |
|
|/
|
| |
Signed-off-by: Tobia De Koninck <LEDfan@users.noreply.github.com>
|
|
|
|
|
|
|
|
| |
Turns out that loggers that are instantiated before the config is loaded get
turned off.
Also bring the logging config that is generated by --generate-config into line.
Fixes #6194.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow passing SYNAPSE_WORKER envvar
* changelog.d
* Document SYNAPSE_WORKER.
Attempting to imply that you don't need to change this default
unless you're in worker mode.
Also aware that there's a bigger problem of attempting to document
a complete working configuration of workers using docker, as we
currently only document to use `synctl` for worker mode, and synctl
doesn't work that way in docker.
|
|
|
|
|
|
|
|
| |
(#5970)
Adjust su-exec to only be used if needed.
If UID == getuid() and GID == getgid() then we do not need to su-exec, and chmod will not work.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Fix debian packages for sid being called buster.
I don't know why the sid images return buster as its codename in
`lsb_release` but it does, so lets just grab the codename from the
distro we pass into dockerfile
* Newsfile
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is basically a contrived way of adding a `Recommends` on `libpq5`, to fix #5653.
The way this is supposed to happen in debhelper is to run
`dh_shlibdeps`, which in turn runs `dpkg-shlibdeps`, which spits things out
into `debian/<package>.substvars` whence they can later be included by
`control`.
Previously, we had disabled `dh_shlibdeps`, mostly because `dpkg-shlibdeps`
gets confused about PIL's interdependent objects, but that's not really the
right thing to do and there is another way to work around that.
Since we don't always use postgres, we don't necessarily want a hard Depends on
libpq5, so I've actually ended up adding an explicit invocation of
`dpkg-shlibdeps` for `psycopg2`.
I've also updated the build-depends list for the package, which was missing a
couple of entries.
|
|
|
|
|
|
|
| |
image (#5620)
This adds a missing space, without which log lines appear uglier.
Signed-off-by: Slavi Pantaleev <slavi@devture.com>
|
|
|
|
|
|
|
|
|
| |
Alpine Linux 3.8 is still supported, but it seems like
it's quite outdated now.
While Python should be the same on both, all other libraries, etc.,
are much newer in Alpine 3.9 and 3.10.
Signed-off-by: Slavi Pantaleev <slavi@devture.com>
|
| |
|
|
|
|
|
| |
Removes any `SMTP_*` docker container environment variables from having any effect on the default config.
Fixes https://github.com/matrix-org/synapse/issues/5430
|
|
|
|
| |
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
|
|
|
| |
... to help people escape env var hell
|
|
|
| |
There's not much point in binding to localhost when it's in a docker container.
|
|
|
|
|
| |
This is mostly a documentation change, but also adds a default value for
SYNAPSE_CONFIG_PATH, so that running from the generated config is the default,
and will Just Work provided your config is in the right place.
|
|\
| |
| | |
Docker: generate our own log config
|
| |
| |
| |
| |
| |
| | |
When running under docker, we want to use docker's own logging stuff rather
than losing the logs somewhere on the container's filesystem, so let's use log
configs that spit logs out to stdout instead.
|
| | |
|
|\|
| |
| | |
Docker image: add support for SYNAPSE_DATA_DIR parameter
|
| |
| |
| |
| | |
Fixes #4830.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't want to generate any missing configs when running from a precanned
config.
(There's a strong argument that we don't want to do this at all, since
generating a new signing key on each invocation sounds disasterous, but I don't
fancy unpicking that for now.)
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
| |
... and inline generate_secrets
|
|
|
| |
Fixes #3370.
|
|
|
| |
Python 3.7 is apparently faster than 3.6, and should be mature enough.
|
| |
|
|
|
|
| |
Fixes #5467.
|
| |
|
|
|
| |
because this file is reproduced on dockerhub and relative paths don't work
|
|
|
| |
Add missing backslash
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
psycopg 2.8 is now out, which means that the C library gets built from source,
so we now need libpq-dev when building.
Turns out the need for this package is already documented in
docs/postgres.rst.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Using systemd-python allows for logging to the systemd journal,
as is documented in: `synapse/contrib/systemd/log_config.yaml`.
Signed-off-by: Silke Hofstra <silke@slxh.eu>
|
| |
| |
| | |
Correct default POSTGRES_USER in Docker README
|
| |
| |
| | |
Signed-off-by: Jurrie Overgoor <1213142+Jurrie@users.noreply.github.com>
|
|/
|
| |
Signed-off-by: Jurrie Overgoor <1213142+Jurrie@users.noreply.github.com>
|
| |
|
|
|
|
| |
Make sure it refreshes the apt cache before trying to install stuff
|
|
|
|
|
| |
* no_tls is now redundant (#4613)
* we don't need a dummy cert any more (#4618)
|
|
|
|
|
|
|
| |
Also:
* Fix wrapping in docker readme
* Clean up some docs on the docker image
* a workaround for #4554
|
|
|
|
|
|
|
|
|
|
| |
There are two reasons this is a good thing:
* first, it means that you don't end up with stuff kicking around your working
copy ending up in the build image by mistake (which can upset the pip
install process)
* second: it means that the docker image cache is more effective, and we can
reuse docker images when iterating on the docker stuff.
|
|
|
| |
* remove dh_params and set better cipher string
|
|
|
|
| |
Rewrite this in python so that it can be run in parallel.
|
| |
|
|
|
|
|
|
|
|
| |
since #4298, the optional dependencies are no longer installed with a simple
`pip install .`, which meant that they were not being included in the debian
package.
The easy fix to that is dh_virtualenv --extras, but that needs dh_virtualenv
1.1...
|
| |
|
| |
|
|
|
|
| |
These aren't used, because we have a `log_config` setting.
|
|
|
|
| |
configuration (#4207)
|
|
|
|
| |
Signed-off-by: Cédric Laudrel <dek@iono.me>
|
|
|
|
|
|
|
|
|
|
| |
move the example email templates into the synapse package so that they can be
used as package data, which should mean that all of the packaging mechanisms
(pip, docker, debian, arch, etc) should now come with the example templates.
In order to grandfather in people who relied on the templates being in the old
place, check for that situation and fall back to using the defaults if the
templates directory does not exist.
|
|
|
|
| |
Rewrite the dockerfile as a multistage build: this means we can get rid of a whole load of cruft which we don't need.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
| |
Link to contrib/docker
|
| |
|
|
This addresses #3224
|