From f0a5393d486e5a6edb5691115ca9263c0c95888f Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <slavi@devture.com>
Date: Wed, 18 Mar 2026 15:21:06 +0200
Subject: [PATCH] fix(s3): use postgres unix socket for migrate and shell
 commands

---
 .../templates/synapse/ext/s3-storage-provider/bin/migrate.j2 | 5 ++++-
 .../templates/synapse/ext/s3-storage-provider/bin/shell.j2   | 5 ++++-
 .../synapse/ext/s3-storage-provider/database.yaml.j2         | 2 +-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2
index d2d0c1f32..cc81a9048 100644
--- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2
@@ -8,6 +8,9 @@ container_id=$(\
 	--env-file={{ matrix_synapse_ext_s3_storage_provider_base_path }}/env \
 	--mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \
 	--mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_data_path }},dst=/data \
+{% if matrix_synapse_database_socket_enabled %}
+	--mount type=bind,src={{ matrix_synapse_database_socket_path_host }},dst={{ matrix_synapse_database_socket_path }} \
+{% endif %}
 	--workdir=/data \
 	--network={{ matrix_synapse_container_network }} \
 	--entrypoint=/bin/bash \
@@ -18,7 +21,7 @@ container_id=$(\
 	-c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT {% if matrix_synapse_ext_synapse_s3_storage_provider_config_prefix %}--prefix $PREFIX {% endif %}{% if matrix_synapse_ext_synapse_s3_storage_provider_config_sse_customer_enabled %}--sse-customer-algo $SSE_CUSTOMER_ALGO --sse-customer-key $SSE_CUSTOMER_KEY{% endif %}' \
 )
 
-{# We need to connect to the Postgres network, which should be in this list. #}
+{# Additional container networks (for example, Postgres) should be connected here when needed. #}
 {% for network in matrix_synapse_container_additional_networks %}
 {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} $container_id
 {% endfor %}
diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/shell.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/shell.j2
index 960ccac88..f1fc1f743 100644
--- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/shell.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/shell.j2
@@ -10,13 +10,16 @@ container_id=$(\
 	--env-file={{ matrix_synapse_ext_s3_storage_provider_base_path }}/env \
 	--mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \
 	--mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_data_path }},dst=/data \
+{% if matrix_synapse_database_socket_enabled %}
+	--mount type=bind,src={{ matrix_synapse_database_socket_path_host }},dst={{ matrix_synapse_database_socket_path }} \
+{% endif %}
 	--workdir=/data \
 	--network={{ matrix_synapse_container_network }} \
 	--entrypoint=/bin/bash \
 	{{ matrix_synapse_container_image_final }} \
 )
 
-{# We need to connect to the Postgres network, which should be in this list. #}
+{# Additional container networks (for example, Postgres) should be connected here when needed. #}
 {% for network in matrix_synapse_container_additional_networks %}
 {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} $container_id
 {% endfor %}
diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2
index 6b9cf159b..9092f3309 100644
--- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2
@@ -7,5 +7,5 @@ SPDX-License-Identifier: AGPL-3.0-or-later
 user: {{ matrix_synapse_database_user | to_json }}
 password: {{ matrix_synapse_database_password | to_json }}
 database: {{ matrix_synapse_database_database | to_json }}
-host: {{ matrix_synapse_database_host | to_json }}
+host: {{ (matrix_synapse_database_socket_path if matrix_synapse_database_socket_enabled else matrix_synapse_database_host) | to_json }}
 port: {{ matrix_synapse_database_port | to_json }}