| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
| |
This is part of fixing #6116: we want to put RC debs into a different place than release debs, so reprepro has to be able to tell them apart.
|
|
|
| |
Signed-off-by: Dirk Klimpel dirk@klimpel.org
|
|
|
|
|
| |
Fixes #9778
ACME v1 has been fully decommissioned for existing installs on June 1st 2021(see https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27), so we can now safely remove it from Synapse.
|
|
|
| |
Signed-off-by: Chris Castle chris@crc.io
|
|
|
|
| |
Adds an option to complement.sh to run Synapse in worker
mode (instead of the default monolith mode).
|
|
|
|
|
| |
Fixes #9970
Signed-off-by: Sergio Miguéns Iglesias lonyelon@lony.xyz
|
|
|
|
|
| |
* Add healthcheck startup delay by 5secs and reduced interval check to 15s
to reduce waiting time for docker aware edge routers bringing an
instance online
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR adds a Dockerfile and some supporting files to the `docker/` directory. The Dockerfile's intention is to spin up a container with:
* A Synapse main process.
* Any desired worker processes, defined by a `SYNAPSE_WORKERS` environment variable supplied at runtime.
* A redis for worker communication.
* A nginx for routing traffic.
* A supervisord to start all worker processes and monitor them if any go down.
Note that **this is not currently intended to be used in production**. If you'd like to use Synapse workers with Docker, instead make use of the official image, with one worker per container. The purpose of this dockerfile is currently to allow testing Synapse in worker mode with the [Complement](https://github.com/matrix-org/complement/) test suite.
`configure_workers_and_start.py` is where most of the magic happens in this PR. It reads from environment variables (documented in the file) and creates all necessary config files for the processes. It is the entrypoint of the Dockerfile, and thus is run any time the docker container is spun up, recreating all config files in case you want to use a different set of workers. One can specify which workers they'd like to use by setting the `SYNAPSE_WORKERS` environment variable (as a comma-separated list of arbitrary worker names) or by setting it to `*` for all worker processes. We will be using the latter in CI.
Huge thanks to @MatMaul for helping get this all working :tada: This PR is paired with its equivalent on the Complement side: https://github.com/matrix-org/complement/pull/62.
Note, for the purpose of testing this PR before it's merged: You'll need to (re)build the base Synapse docker image for everything to work (`matrixdotorg/synapse:latest`). Then build the worker-based docker image on top (`matrixdotorg/synapse:workers`).
|
|
|
|
|
|
|
| |
Context is in https://github.com/matrix-org/synapse/issues/9764#issuecomment-818615894.
I struggled to find a more official link for this. The problem occurs when using WSL1 instead of WSL2, which some Windows platforms (at least Server 2019) still don't have. Docker have updated their documentation to paint a much happier picture now given WSL2's support.
The last sentence here can probably be removed once WSL1 is no longer around... though that will likely not be for a very long time.
|
|
|
|
|
|
| |
They don't make any sense on the intermediate builder image. The final
images needs them to be of use for anyone.
Signed-off-by: Johannes Wienke <languitar@semipol.de>
|
|
|
|
|
|
|
| |
`room_invite_state_types` was inconvenient as a configuration setting, because
anyone that ever set it would not receive any new types that were added to the
defaults. Here, we deprecate the old setting, and replace it with a couple of
new settings under `room_prejoin_state`.
|
|
|
|
|
|
|
|
|
| |
Make pip install faster in Docker build for [Complement](https://github.com/matrix-org/complement) testing.
If files have changed in a `COPY` command, Docker will invalidate all of the layers below. So I changed the order of operations to install all dependencies before we `COPY synapse /synapse/synapse/`. This allows Docker to use our cached layer of dependencies even when we change the source of Synapse and speed up builds dramatically! `53.5s` -> `3.7s` builds 🤘
As an alternative, I did try using BuildKit caches but this still took 30 seconds overall on that step. 15 seconds to gather the dependencies from the cache and another 15 seconds to `Installing collected packages`.
Fix https://github.com/matrix-org/synapse/issues/9364
|
|\ |
|
| |
| |
| |
| | |
cryptography (#9697)
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
using /usr/bin/env (#9689)
On NixOS, `bash` isn't under `/bin/bash` but rather in some directory in `$PATH`. Locally, I've been patching those scripts to make them work.
`/usr/bin/env` seems to be the only [portable way](https://unix.stackexchange.com/questions/29608/why-is-it-better-to-use-usr-bin-env-name-instead-of-path-to-name-as-my) to use binaries from the PATH as interpreters.
Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
|
|/
|
|
|
|
| |
Cf. https://github.com/opencontainers/image-spec/blob/master/annotations.md#pre-defined-annotation-keys
Signed-off-by: Johannes Wienke <languitar@semipol.de>
|
|
|
|
| |
Co-authored-by: Will Hunt <willh@matrix.org>
Co-authored-by: Erik Johnston <erik@matrix.org>
|
|
|
|
| |
`uploads_path` was a thing that was never used; most of it was removed in #6628
but a few vestiges remained.
|
|
|
|
|
|
|
|
| |
This is needed to build the cryptography library, since it does not
provide wheels for ARMv7.
Fixes #9403
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
|
|
|
|
| |
Adds note about updating dh-virtualenv once we drop support for Xenial.
We can't update now, because it needs debhelper 12, while Xenial only
backports 10.
Signed-off-by: Dan Callahan <danc@element.io>
|
|
|
|
| |
homeserver.yaml template (#9157)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Debian package builds were failing for two reasons:
1. Python versions prior to 3.7 throw exceptions when attempting to print
Unicode characters under a "C" locale. (#9076)
2. We depended on `dh-systemd` which no longer exists in Debian Bullseye, but
is necessary in Ubuntu Xenial. (#9073)
Setting `LANG="C.UTF-8"` in the build environment fixes the first issue.
See also: https://bugs.python.org/issue19846
The second issue is a bit trickier. The dh-systemd package was merged into
debhelper version 9.20160709 and a transitional package left in its wake.
The transitional dh-systemd package was removed in Debian Bullseye.
However, Ubuntu Xenial ships an older debhelper, and still needs dh-systemd.
Thus, builds were failing on Bullseye since we depended on a package which had
ceased existing, but we couldn't remove it from the debian/control file and our
build scripts because we still needed it for Ubuntu Xenial.
We can fix the debian/control issue by listing dh-systemd as an alternative to
the newer versions of debhelper. Since dh-systemd declares that it depends on
debhelper, Ubuntu Xenial will select its older dh-systemd which will in turn
pull in its older debhelper, resulting in no change from the status quo. All
other supported releases will satisfy the debhelper dependency constraint and
skip the dh-systemd alternative.
Build scripts were fixed by unconditionally attempting to install dh-systemd on
all releases and suppressing failures.
Once we drop support for Ubuntu Xenial, we can revert most of this commit and
rely on the version constraint on debhelper in debian/control.
Fixes #9076
Fixes #9073
Signed-off-by: Dan Callahan <danc@element.io>
|
| |
|
|
|
|
|
|
|
| |
This removes the version pin of the `prometheus_client` dependency, in direct response to #8831. If merged, this will close #8831
As far as I can tell, no other changes are needed, but as I'm no synapse expert, I'm relying heavily on CI and maintainer reviews for this. My very primitive test of synapse with prometheus_client v0.9.0 on my home server didn't bring up any issues, so we'll see what happens.
Signed-off-by: Jordan Bancino
|
|
|
| |
Short-term fix for https://github.com/matrix-org/synapse/issues/8766.
|
|
|
|
|
|
|
| |
This bumps us closer to current Python without going all the way to 3.9.
Fixes #8674
Signed-off-by: Dan Callahan <danc@element.io>
|
| |
|
|
|
| |
Signed-off-by: Mateusz Przybyłowicz <uamfhq@gmail.com>
|
|
|
|
|
|
| |
(#8144)
Signed-off-by: Christopher May-Townsend <chris@maytownsend.co.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do this to prevent foot guns. The default config uses a MemoryFilter,
but users are free to change to logging to files directly. If they do
then they have to ensure to set the `filters: [context]` on the right
handler, otherwise records get written with the wrong context.
Instead we move the logic to happen when we generate a record, which is
when we *log* rather than *handle*.
(It's possible to add filters to loggers in the config, however they
don't apply to descendant loggers and so they have to be manually set on
*every* logger used in the code base)
|
| |
|
|
|
| |
As mentioned in #7397, switching to a debian base should help with multi-arch work to save time on compiling. This is unashamedly based on #6373, but without the extra functionality. Switch python version back to generic 3.7 to always pull the latest. Essentially, keeping this as small as possible. The image is bigger though unfortunately.
|
|
|
|
|
| |
* Add libwebp dependency to Dockerfile
Signed-off-by: Juho Vanhanen <juho@vanhanen.io>
|
|
|
|
|
|
| |
Upstream have merged our changes
(https://github.com/spotify/dh-virtualenv/pull/300), so let's switch back to it
instead of using our fork.
|
|
|
|
|
|
| |
When we tried to build debs for 1.13.0, the build failed because docker used a
base docker image which had a stale apt cache.
Fixes: #7540
|
|\ |
|
| | |
|
|/ |
|
|
|
|
|
| |
Lots of people seem to get confused by this mode, and it's been deprecated
since Synapse 1.1.0. It's time for it to go.
|
| |
|
|
|
|
|
|
| |
* Add working build command for docker image
* Add changelog
|
| |
|
|\ |
|
| | |
|
|/
|
| |
Signed-off-by: Tobia De Koninck <LEDfan@users.noreply.github.com>
|
|
|
|
|
|
|
|
| |
Turns out that loggers that are instantiated before the config is loaded get
turned off.
Also bring the logging config that is generated by --generate-config into line.
Fixes #6194.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow passing SYNAPSE_WORKER envvar
* changelog.d
* Document SYNAPSE_WORKER.
Attempting to imply that you don't need to change this default
unless you're in worker mode.
Also aware that there's a bigger problem of attempting to document
a complete working configuration of workers using docker, as we
currently only document to use `synctl` for worker mode, and synctl
doesn't work that way in docker.
|
|
|
|
|
|
|
|
| |
(#5970)
Adjust su-exec to only be used if needed.
If UID == getuid() and GID == getgid() then we do not need to su-exec, and chmod will not work.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Fix debian packages for sid being called buster.
I don't know why the sid images return buster as its codename in
`lsb_release` but it does, so lets just grab the codename from the
distro we pass into dockerfile
* Newsfile
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is basically a contrived way of adding a `Recommends` on `libpq5`, to fix #5653.
The way this is supposed to happen in debhelper is to run
`dh_shlibdeps`, which in turn runs `dpkg-shlibdeps`, which spits things out
into `debian/<package>.substvars` whence they can later be included by
`control`.
Previously, we had disabled `dh_shlibdeps`, mostly because `dpkg-shlibdeps`
gets confused about PIL's interdependent objects, but that's not really the
right thing to do and there is another way to work around that.
Since we don't always use postgres, we don't necessarily want a hard Depends on
libpq5, so I've actually ended up adding an explicit invocation of
`dpkg-shlibdeps` for `psycopg2`.
I've also updated the build-depends list for the package, which was missing a
couple of entries.
|
|
|
|
|
|
|
| |
image (#5620)
This adds a missing space, without which log lines appear uglier.
Signed-off-by: Slavi Pantaleev <slavi@devture.com>
|
|
|
|
|
|
|
|
|
| |
Alpine Linux 3.8 is still supported, but it seems like
it's quite outdated now.
While Python should be the same on both, all other libraries, etc.,
are much newer in Alpine 3.9 and 3.10.
Signed-off-by: Slavi Pantaleev <slavi@devture.com>
|
| |
|
|
|
|
|
| |
Removes any `SMTP_*` docker container environment variables from having any effect on the default config.
Fixes https://github.com/matrix-org/synapse/issues/5430
|
|
|
|
| |
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
|
|
|
| |
... to help people escape env var hell
|
|
|
| |
There's not much point in binding to localhost when it's in a docker container.
|
|
|
|
|
| |
This is mostly a documentation change, but also adds a default value for
SYNAPSE_CONFIG_PATH, so that running from the generated config is the default,
and will Just Work provided your config is in the right place.
|
|\
| |
| | |
Docker: generate our own log config
|
| |
| |
| |
| |
| |
| | |
When running under docker, we want to use docker's own logging stuff rather
than losing the logs somewhere on the container's filesystem, so let's use log
configs that spit logs out to stdout instead.
|
| | |
|
|\|
| |
| | |
Docker image: add support for SYNAPSE_DATA_DIR parameter
|
| |
| |
| |
| | |
Fixes #4830.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't want to generate any missing configs when running from a precanned
config.
(There's a strong argument that we don't want to do this at all, since
generating a new signing key on each invocation sounds disasterous, but I don't
fancy unpicking that for now.)
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
| |
... and inline generate_secrets
|
|
|
| |
Fixes #3370.
|
|
|
| |
Python 3.7 is apparently faster than 3.6, and should be mature enough.
|
| |
|
|
|
|
| |
Fixes #5467.
|
| |
|
|
|
| |
because this file is reproduced on dockerhub and relative paths don't work
|
|
|
| |
Add missing backslash
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
psycopg 2.8 is now out, which means that the C library gets built from source,
so we now need libpq-dev when building.
Turns out the need for this package is already documented in
docs/postgres.rst.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Using systemd-python allows for logging to the systemd journal,
as is documented in: `synapse/contrib/systemd/log_config.yaml`.
Signed-off-by: Silke Hofstra <silke@slxh.eu>
|
| |
| |
| | |
Correct default POSTGRES_USER in Docker README
|
| |
| |
| | |
Signed-off-by: Jurrie Overgoor <1213142+Jurrie@users.noreply.github.com>
|
|/
|
| |
Signed-off-by: Jurrie Overgoor <1213142+Jurrie@users.noreply.github.com>
|
| |
|
|
|
|
| |
Make sure it refreshes the apt cache before trying to install stuff
|
|
|
|
|
| |
* no_tls is now redundant (#4613)
* we don't need a dummy cert any more (#4618)
|
|
|
|
|
|
|
| |
Also:
* Fix wrapping in docker readme
* Clean up some docs on the docker image
* a workaround for #4554
|
|
|
|
|
|
|
|
|
|
| |
There are two reasons this is a good thing:
* first, it means that you don't end up with stuff kicking around your working
copy ending up in the build image by mistake (which can upset the pip
install process)
* second: it means that the docker image cache is more effective, and we can
reuse docker images when iterating on the docker stuff.
|
|
|
| |
* remove dh_params and set better cipher string
|
|
|
|
| |
Rewrite this in python so that it can be run in parallel.
|
| |
|
|
|
|
|
|
|
|
| |
since #4298, the optional dependencies are no longer installed with a simple
`pip install .`, which meant that they were not being included in the debian
package.
The easy fix to that is dh_virtualenv --extras, but that needs dh_virtualenv
1.1...
|
| |
|
| |
|
|
|
|
| |
These aren't used, because we have a `log_config` setting.
|
|
|
|
| |
configuration (#4207)
|
|
|
|
| |
Signed-off-by: Cédric Laudrel <dek@iono.me>
|
|
|
|
|
|
|
|
|
|
| |
move the example email templates into the synapse package so that they can be
used as package data, which should mean that all of the packaging mechanisms
(pip, docker, debian, arch, etc) should now come with the example templates.
In order to grandfather in people who relied on the templates being in the old
place, check for that situation and fall back to using the defaults if the
templates directory does not exist.
|
|
|
|
| |
Rewrite the dockerfile as a multistage build: this means we can get rid of a whole load of cruft which we don't need.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
| |
Link to contrib/docker
|
| |
|
|
This addresses #3224
|