From f9811a0e0a28ec16d1e5d172c2ed900d64377680 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 16 Mar 2026 22:43:02 +0200 Subject: [PATCH] matrix-authentication-service: mount Synapse Postgres socket for syn2mas syn2mas reads Synapse's homeserver.yaml and reuses the database connection details from there. When Synapse is configured to reach the integrated Postgres over a UNIX socket, the temporary syn2mas container was given the config file but not the socket mount, so migrations could fail even though Synapse itself was configured correctly. Wire the Synapse socket settings into MAS via playbook vars and mount the same socket path into the syn2mas container, so migrations work in socket-based deployments without coupling the MAS role directly to Synapse role variables. --- group_vars/matrix_servers | 3 +++ roles/custom/matrix-authentication-service/defaults/main.yml | 4 ++++ .../matrix-authentication-service/tasks/mas_cli_syn2mas.yml | 3 +++ 3 files changed, 10 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d342d786c..7f0dd6e2a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1153,6 +1153,9 @@ matrix_authentication_service_systemd_wanted_services_list_auto: | matrix_authentication_service_syn2mas_container_network: "{{ postgres_container_network if postgres_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname else matrix_authentication_service_container_network }}" matrix_authentication_service_syn2mas_synapse_homeserver_config_path: "{{ matrix_synapse_config_dir_path + '/homeserver.yaml' if matrix_synapse_enabled else '' }}" +matrix_authentication_service_syn2mas_synapse_database_socket_enabled: "{{ matrix_synapse_database_socket_enabled if matrix_synapse_enabled else false }}" +matrix_authentication_service_syn2mas_synapse_database_socket_path: "{{ matrix_synapse_database_socket_path if matrix_synapse_enabled else '' }}" +matrix_authentication_service_syn2mas_synapse_database_socket_path_host: "{{ matrix_synapse_database_socket_path_host if matrix_synapse_enabled else '' }}" ###################################################################### # diff --git a/roles/custom/matrix-authentication-service/defaults/main.yml b/roles/custom/matrix-authentication-service/defaults/main.yml index 505850f25..2e346e081 100644 --- a/roles/custom/matrix-authentication-service/defaults/main.yml +++ b/roles/custom/matrix-authentication-service/defaults/main.yml @@ -613,6 +613,10 @@ matrix_authentication_service_syn2mas_synapse_homeserver_config_path: "" matrix_authentication_service_syn2mas_container_network: "{{ matrix_authentication_service_container_network }}" +matrix_authentication_service_syn2mas_synapse_database_socket_enabled: false +matrix_authentication_service_syn2mas_synapse_database_socket_path: "" +matrix_authentication_service_syn2mas_synapse_database_socket_path_host: "" + # Additional options passed to the syn2mas sub-command (e.g. `mas-cli syn2mas [OPTIONS] migrate|check`). # Also see: `matrix_authentication_service_syn2mas_subcommand_extra_options` # diff --git a/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml b/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml index 93ffc4dcc..365842475 100644 --- a/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml +++ b/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml @@ -71,6 +71,9 @@ --mount type=bind,src={{ matrix_authentication_service_config_path }}/config.yaml,dst=/config.yaml,ro --mount type=bind,src={{ matrix_authentication_service_data_keys_path }},dst=/keys,ro --mount type=bind,src={{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }},dst=/homeserver.yaml,ro + {% if matrix_authentication_service_syn2mas_synapse_database_socket_enabled %} + --mount type=bind,src={{ matrix_authentication_service_syn2mas_synapse_database_socket_path_host }},dst={{ matrix_authentication_service_syn2mas_synapse_database_socket_path }} + {% endif %} {{ matrix_authentication_service_container_image }} syn2mas --synapse-config=/homeserver.yaml