optional postgres unix socket with synapse

12 часов назад · 12d8015bc4
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -3981,6 +3981,10 @@ postgres_base_path: "{{ matrix_base_data_path }}/postgres"
 postgres_uid: "{{ matrix_user_uid }}"
 postgres_gid: "{{ matrix_user_gid }}"
 # unix socket connection, disabled by default temporarily until properly tested
 postgres_container_unix_socket_enabled: false
 postgres_cli_use_unix_socket_enabled: false
 postgres_allowed_versions_auto: "{{ backup_borg_supported_postgres_versions | map('int') if backup_borg_enabled | default(false) and backup_borg_postgresql_enabled | default(false) else [] }}"
 postgres_connection_username: matrix
@@ -4793,6 +4797,13 @@ matrix_synapse_workers_container_host_bind_address: "{{ matrix_playbook_service_
 matrix_synapse_database_host: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
 matrix_synapse_database_password: "{{ (matrix_homeserver_generic_secret_key + ':synapse.db') | hash('sha512') | to_uuid }}"
 # unix socket connection, disabled by default temporarily until properly tested
 matrix_synapse_database_socket_enabled: false
 # path to the Postgres socket's parent dir inside the Synapse container
 matrix_synapse_database_socket_path: "{{ '/tmp/postgres' if postgres_enabled else '' }}"
 # path to the Postgres socket on the host, using Postgres
 matrix_synapse_database_socket_path_host: "{{ postgres_run_path if postgres_enabled else '' }}"
 matrix_synapse_macaroon_secret_key: "{{ (matrix_homeserver_generic_secret_key + ':synapse.mac') | hash('sha512') | to_uuid }}"
 # We do not enable TLS in Synapse by default, since it's handled by Traefik.
--- a/requirements.yml
+++ b/requirements.yml
@@ -57,7 +57,7 @@
  version: dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f
  name: playbook_state_preserver
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
  version: v18.3-0
  version: v18.3-1
  name: postgres
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
  version: v18-1
--- a/roles/custom/matrix-synapse/defaults/main.yml
+++ b/roles/custom/matrix-synapse/defaults/main.yml
@@ -1284,6 +1284,13 @@ matrix_synapse_database_cp_max: 10
 matrix_synapse_database_user: "synapse"
 matrix_synapse_database_password: ""
 matrix_synapse_database_database: "synapse"
 # Connection option 2: Unix socket (takes precedence over TCP if enabled)
 # disabled by default
 matrix_synapse_database_socket_enabled: false
 # the path to the postgres socket's parent dir inside the container (not the socket file itself).
 matrix_synapse_database_socket_path: "/tmp/postgres"
 # the path to the postgres socket on the host, e.g., "/matrix/postgres/run" (parent dir, not the socket file itself).
 matrix_synapse_database_socket_path_host: ""
 matrix_synapse_turn_uris: []
 matrix_synapse_turn_shared_secret: ""
--- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2
@@ -864,7 +864,7 @@ database:
    user: {{ matrix_synapse_database_user | string|to_json }}
    password: {{ matrix_synapse_database_password | string|to_json }}
    database: "{{ matrix_synapse_database_database }}"
    host: "{{ matrix_synapse_database_host }}"
    host: "{{ matrix_synapse_database_socket_path if matrix_synapse_database_socket_enabled else matrix_synapse_database_host }}"
    port: {{ matrix_synapse_database_port }}
    cp_min: {{ matrix_synapse_database_cp_min | to_json }}
    cp_max: {{ matrix_synapse_database_cp_max | to_json }}
--- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
@@ -70,6 +70,9 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% if matrix_synapse_redis_path_enabled %}
 			--mount type=bind,src={{ matrix_synapse_redis_path_host }},dst={{ matrix_synapse_redis_path }} \
 			{% endif %}
 			{% if matrix_synapse_database_socket_enabled %}
 			--mount type=bind,src={{ matrix_synapse_database_socket_path_host }},dst={{ matrix_synapse_database_socket_path }} \
 			{% endif %}
 			--label-file={{ matrix_synapse_base_path }}/{{ matrix_synapse_worker_labels_file_name }} \
 			{% for arg in matrix_synapse_container_arguments %}
 			{{ arg }} \
--- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
@@ -54,6 +54,9 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% if matrix_synapse_redis_path_enabled %}
 			--mount type=bind,src={{ matrix_synapse_redis_path_host }},dst={{ matrix_synapse_redis_path }} \
 			{% endif %}
 			{% if matrix_synapse_database_socket_enabled %}
 			--mount type=bind,src={{ matrix_synapse_database_socket_path_host }},dst={{ matrix_synapse_database_socket_path }} \
 			{% endif %}
 			--label-file={{ matrix_synapse_base_path }}/labels \
 			{% for volume in matrix_synapse_container_additional_volumes %}
 			--mount type={{ volume.type | default('bind' if '/' in volume.src else 'volume') }},src={{ volume.src }},dst={{ volume.dst }}{{ (',' + volume.options) if volume.options else '' }} \