Make it safer to override matrix_synapse_media_store_path

This is described in Github issue #58. Until now, we had the variable, but if you redefined it, you'd run into multiple problems: - we actually always mounted some "storage" directory to the Synapse container. So if your media store is not there, you're out of luck - homeserver.yaml always hardcoded the path to the media store, as a directory called "media-store" inside the storage directory. Relocating to outside the storage directory was out of the question. Moreover, even if you had simply renamed the media store directory (e.g. "media-store" -> "media_store"), it would have also caused trouble. With this patch, we mount the media store's parent to the Synapse container. This way, we don't care where the media store is (inside storage or not). We also don't assume (anymore) that the final part of the path is called "media-store" -- anything can be used. The "storage" directory and variable (`matrix_synapse_storage_path`) still remain for compatibility purposes. People who were previously overriding `matrix_synapse_storage_path` can continue doing so and their media store will be at the same place. The playbook no longer explicitly creates the `matrix_synapse_storage_path` directory though. It's not necessary. If the media store is specified to be within it, it will get created when the media store directory is created by the playbook.
7 년 전 · bfcceb1e82
--- a/roles/matrix-server/tasks/setup/setup_synapse_pre.yml
+++ b/roles/matrix-server/tasks/setup/setup_synapse_pre.yml
@@ -5,6 +5,10 @@
    msg: "You need to set a secret in the matrix_synapse_macaroon_secret_key variable"
  when: "matrix_synapse_macaroon_secret_key == ''"

 - set_fact:
    matrix_synapse_media_store_parent_path: "{{ matrix_synapse_media_store_path|dirname }}"
    matrix_synapse_media_store_directory_name: "{{ matrix_synapse_media_store_path|basename }}"

 - name: Ensure Matrix Synapse paths exist
  file:
    path: "{{ item }}"
@@ -15,8 +19,7 @@
  with_items:
    - "{{ matrix_synapse_config_dir_path }}"
    - "{{ matrix_synapse_run_path }}"
    - "{{ matrix_synapse_storage_path }}"
    - "{{ matrix_synapse_ext_path }}"
    # We handle matrix_synapse_media_store_path elsewhere (in setup_synapse.yml),
    # because if it's using S3fs and it's already mounted (from before),
    # trying to chown/chmod it here will cause trouble.
    # We handle matrix_synapse_media_store_path elsewhere (in setup_synapse_main.yml),
    # because if it's using Goofys and it's already mounted (from before),
    # trying to chown/chmod it here will cause trouble.
--- a/roles/matrix-server/templates/synapse/homeserver.yaml.j2
+++ b/roles/matrix-server/templates/synapse/homeserver.yaml.j2
@@ -261,7 +261,7 @@ federation_rc_concurrent: 3


 # Directory where uploaded images and attachments are stored.
 media_store_path: "/matrix-storage/media-store"
 media_store_path: "/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }}"

 # Media storage providers allow media to be stored in different
 # locations.
--- a/roles/matrix-server/templates/systemd/matrix-synapse.service.j2
+++ b/roles/matrix-server/templates/systemd/matrix-synapse.service.j2
@@ -37,7 +37,7 @@ ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
 			{% endif %}
 			-v {{ matrix_synapse_config_dir_path }}:/data \
 			-v {{ matrix_synapse_run_path }}:/matrix-run \
 			-v {{ matrix_synapse_storage_path }}:/matrix-storage:slave \
 			-v {{ matrix_synapse_base_path }}/storage:/matrix-media-store-parent:slave \
 			{% for volume in matrix_synapse_container_additional_volumes %}
 			-v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \
 			{% endfor %}