Matrix-Mirrors/anonymousland-synapse-docker-deployment
1
0
Fork 0
mirror of https://git.anonymousland.org/deathrow/synapse-docker-deployment.git synced 2025-05-15 05:12:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add Sync

Browse source
This commit is contained in:
deathrow 2022-11-04 16:28:02 -04:00
parent fec2f932c4
commit 4e6be6304d
No known key found for this signature in database
GPG key ID: FF39D67A22069F73
11 changed files with 424 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -12,14 +12,13 @@ A Synapse Docker deployment with:
- Manage server via `synadm` - Manage server via `synadm`
- Images built locally - Images built locally
- Matrix Maubot - Matrix Maubot
- Postgres web UI
- Matrix integration manager - Matrix integration manager
### Getting Started ### Getting Started
Dependencies: `cargo docker docker-compose git python ` Dependencies: `cargo` `docker` `docker-compose` `git` `python `
Subdomains: `matrix` `dimension` `adminer` `maubot` Subdomains: `matrix` `dimension` `maubot`
Clone the repository: Clone the repository:
``` ```

71
docker-compose.yml
View file

@ -70,7 +70,6 @@ services:
networks: networks:
- matrix - matrix
- registration - registration
- adminer
pantalaimon: pantalaimon:
build: ./images/pantalaimon build: ./images/pantalaimon
@ -112,14 +111,6 @@ services:
networks: networks:
- matrix - matrix
adminer:
image: adminer
container_name: adminer
restart: unless-stopped
networks:
- matrix
- adminer
matrix-registration: matrix-registration:
build: ./images/synapse-captcha build: ./images/synapse-captcha
container_name: matrix-registration container_name: matrix-registration
@ -187,6 +178,45 @@ services:
# WORKERS # WORKERS
sync5:
build: ./images/synapse-worker-docker
container_name: sync5
user: "991:991"
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/sync5.yaml"]
volumes:
- ./files:/data:Z
- ./bridges:/bridges:Z
depends_on:
- synapse
ports:
- 127.0.0.1:8094:8081
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
sync4:
build: ./images/synapse-worker-docker
container_name: sync4
user: "991:991"
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/sync4.yaml"]
volumes:
- ./files:/data:Z
- ./bridges:/bridges:Z
depends_on:
- synapse
ports:
- 127.0.0.1:8093:8081
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
sync3: sync3:
build: ./images/synapse-worker-docker build: ./images/synapse-worker-docker
container_name: sync3 container_name: sync3
@ -333,6 +363,28 @@ services:
cap_drop: cap_drop:
- ALL - ALL
synapse-generic-worker-4:
build: ./images/workers/synapse
container_name: synapse-generic-worker-4
user: "991:991"
restart: unless-stopped
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/worker4.yaml"]
volumes:
- ./files:/data:Z
- ./bridges:/bridges:Z
depends_on:
- synapse
networks:
- matrix
ports:
- 127.0.0.1:8083:8081
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
synapse-generic-worker-3: synapse-generic-worker-3:
build: ./images/workers/synapse build: ./images/workers/synapse
container_name: synapse-generic-worker-3 container_name: synapse-generic-worker-3
@ -460,6 +512,5 @@ services:
networks: networks:
matrix: matrix:
registration: registration:
adminer:
dimension: dimension:

84
files/log/sync4.yaml Normal file
View file

@ -0,0 +1,84 @@
# Log configuration for Synapse.
#
# This is a YAML file containing a standard Python logging configuration
# dictionary. See [1] for details on the valid settings.
#
# Synapse also supports structured logging for machine readable logs which can
# be ingested by ELK stacks. See [2] for details.
#
# [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
# [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html
version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers:
file:
class: logging.handlers.TimedRotatingFileHandler
formatter: precise
filename: /data/workers/log/worker_generic_sync4.log
when: midnight
backupCount: 2 # Does not include the current log file.
encoding: utf8
# Default to buffering writes to log file for efficiency.
# WARNING/ERROR logs will still be flushed immediately, but there will be a
# delay (of up to `period` seconds, or until the buffer is full with
# `capacity` messages) before INFO/DEBUG logs get written.
buffer:
class: synapse.logging.handlers.PeriodicallyFlushingMemoryHandler
target: file
# The capacity is the maximum number of log lines that are buffered
# before being written to disk. Increasing this will lead to better
# performance, at the expensive of it taking longer for log lines to
# be written to disk.
# This parameter is required.
capacity: 10
# Logs with a level at or above the flush level will cause the buffer to
# be flushed immediately.
# Default value: 40 (ERROR)
# Other values: 50 (CRITICAL), 30 (WARNING), 20 (INFO), 10 (DEBUG)
flushLevel: 30 # Flush immediately for WARNING logs and higher
# The period of time, in seconds, between forced flushes.
# Messages will not be delayed for longer than this time.
# Default value: 5 seconds
period: 5
# A handler that writes logs to stderr. Unused by default, but can be used
# instead of "buffer" and "file" in the logger handlers.
console:
class: logging.StreamHandler
formatter: precise
loggers:
synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens.
level: WARN
twisted:
# We send the twisted logging directly to the file handler,
# to work around https://github.com/matrix-org/synapse/issues/3471
# when using "buffer" logger. Use "console" to log to stderr instead.
handlers: [file]
propagate: false
root:
level: WARN
# Write logs to the `buffer` handler, which will buffer them together in memory,
# then write them to a file.
#
# Replace "buffer" with "console" to log to stderr instead. (Note that you'll
# also need to update the configuration for the `twisted` logger above, in
# this case.)
#
handlers: [buffer]
disable_existing_loggers: false

84
files/log/sync5.yaml Normal file
View file

@ -0,0 +1,84 @@
# Log configuration for Synapse.
#
# This is a YAML file containing a standard Python logging configuration
# dictionary. See [1] for details on the valid settings.
#
# Synapse also supports structured logging for machine readable logs which can
# be ingested by ELK stacks. See [2] for details.
#
# [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
# [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html
version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers:
file:
class: logging.handlers.TimedRotatingFileHandler
formatter: precise
filename: /data/workers/log/worker_generic_sync5.log
when: midnight
backupCount: 2 # Does not include the current log file.
encoding: utf8
# Default to buffering writes to log file for efficiency.
# WARNING/ERROR logs will still be flushed immediately, but there will be a
# delay (of up to `period` seconds, or until the buffer is full with
# `capacity` messages) before INFO/DEBUG logs get written.
buffer:
class: synapse.logging.handlers.PeriodicallyFlushingMemoryHandler
target: file
# The capacity is the maximum number of log lines that are buffered
# before being written to disk. Increasing this will lead to better
# performance, at the expensive of it taking longer for log lines to
# be written to disk.
# This parameter is required.
capacity: 10
# Logs with a level at or above the flush level will cause the buffer to
# be flushed immediately.
# Default value: 40 (ERROR)
# Other values: 50 (CRITICAL), 30 (WARNING), 20 (INFO), 10 (DEBUG)
flushLevel: 30 # Flush immediately for WARNING logs and higher
# The period of time, in seconds, between forced flushes.
# Messages will not be delayed for longer than this time.
# Default value: 5 seconds
period: 5
# A handler that writes logs to stderr. Unused by default, but can be used
# instead of "buffer" and "file" in the logger handlers.
console:
class: logging.StreamHandler
formatter: precise
loggers:
synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens.
level: WARN
twisted:
# We send the twisted logging directly to the file handler,
# to work around https://github.com/matrix-org/synapse/issues/3471
# when using "buffer" logger. Use "console" to log to stderr instead.
handlers: [file]
propagate: false
root:
level: WARN
# Write logs to the `buffer` handler, which will buffer them together in memory,
# then write them to a file.
#
# Replace "buffer" with "console" to log to stderr instead. (Note that you'll
# also need to update the configuration for the `twisted` logger above, in
# this case.)
#
handlers: [buffer]
disable_existing_loggers: false

84
files/log/worker4.yaml Normal file
View file

@ -0,0 +1,84 @@
# Log configuration for Synapse.
#
# This is a YAML file containing a standard Python logging configuration
# dictionary. See [1] for details on the valid settings.
#
# Synapse also supports structured logging for machine readable logs which can
# be ingested by ELK stacks. See [2] for details.
#
# [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
# [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html
version: 1
formatters:
precise:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
handlers:
file:
class: logging.handlers.TimedRotatingFileHandler
formatter: precise
filename: /data/workers/log/worker4.log
when: midnight
backupCount: 2 # Does not include the current log file.
encoding: utf8
# Default to buffering writes to log file for efficiency.
# WARNING/ERROR logs will still be flushed immediately, but there will be a
# delay (of up to `period` seconds, or until the buffer is full with
# `capacity` messages) before INFO/DEBUG logs get written.
buffer:
class: synapse.logging.handlers.PeriodicallyFlushingMemoryHandler
target: file
# The capacity is the maximum number of log lines that are buffered
# before being written to disk. Increasing this will lead to better
# performance, at the expensive of it taking longer for log lines to
# be written to disk.
# This parameter is required.
capacity: 10
# Logs with a level at or above the flush level will cause the buffer to
# be flushed immediately.
# Default value: 40 (ERROR)
# Other values: 50 (CRITICAL), 30 (WARNING), 20 (INFO), 10 (DEBUG)
flushLevel: 30 # Flush immediately for WARNING logs and higher
# The period of time, in seconds, between forced flushes.
# Messages will not be delayed for longer than this time.
# Default value: 5 seconds
period: 5
# A handler that writes logs to stderr. Unused by default, but can be used
# instead of "buffer" and "file" in the logger handlers.
console:
class: logging.StreamHandler
formatter: precise
loggers:
synapse.storage.SQL:
# beware: increasing this to DEBUG will make synapse log sensitive
# information such as access tokens.
level: WARN
twisted:
# We send the twisted logging directly to the file handler,
# to work around https://github.com/matrix-org/synapse/issues/3471
# when using "buffer" logger. Use "console" to log to stderr instead.
handlers: [file]
propagate: false
root:
level: WARN
# Write logs to the `buffer` handler, which will buffer them together in memory,
# then write them to a file.
#
# Replace "buffer" with "console" to log to stderr instead. (Note that you'll
# also need to update the configuration for the `twisted` logger above, in
# this case.)
#
handlers: [buffer]
disable_existing_loggers: false

17
files/workers/sync4.yaml Normal file
View file

@ -0,0 +1,17 @@
worker_app: synapse.app.generic_worker
worker_name: sync4
# The replication listener on the synapse to talk to.
worker_replication_host: synapse
worker_replication_http_port: 9093
worker_main_http_uri: http://synapse:8008/
worker_log_config: /data/log/sync4.yaml
worker_listeners:
- type: http
port: 8081
x_forwarded: true
resources:
- names: [client, federation]

17
files/workers/sync5.yaml Normal file
View file

@ -0,0 +1,17 @@
worker_app: synapse.app.generic_worker
worker_name: sync5
# The replication listener on the synapse to talk to.
worker_replication_host: synapse
worker_replication_http_port: 9093
worker_main_http_uri: http://synapse:8008/
worker_log_config: /data/log/sync5.yaml
worker_listeners:
- type: http
port: 8081
x_forwarded: true
resources:
- names: [client, federation]

17
files/workers/worker4.yaml Normal file
View file

@ -0,0 +1,17 @@
worker_app: synapse.app.generic_worker
worker_name: worker4
# The replication listener on the synapse to talk to.
worker_replication_host: synapse
worker_replication_http_port: 9093
worker_main_http_uri: http://synapse:8008/
worker_log_config: /data/log/worker4.yaml
worker_listeners:
- type: http
port: 8081
x_forwarded: true
resources:
- names: [client, federation]

30
swag/nginx/include.d/sync_worker.conf Normal file
View file

@ -0,0 +1,30 @@
# Choose sync worker based on the existence of "since" query parameter
map $arg_since $sync {
default sync_worker;
'' sync_init;
}
# Sync initial/normal
location ~ ^/_matrix/client/(r0|v3)/sync$ {
include snippets/matrix-proxy-headers.conf;
proxy_pass http://$sync;
proxy_read_timeout 1h;
}
# Normal sync
location ~ ^/_matrix/client/(api/v1|r0|v3)/events$ {
include snippets/matrix-proxy-headers.conf;
proxy_pass http://sync_worker;
}
# Initial_sync
location ~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$ {
include snippets/matrix-proxy-headers.conf;
proxy_pass http://sync_init;
proxy_read_timeout 1h;
}
location ~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ {
include snippets/matrix-proxy-headers.conf;
proxy_pass http://sync_init;
proxy_read_timeout 1h;
}

36
swag/nginx/include.d/upstream_workers.conf
View file

@ -2,23 +2,43 @@ upstream generic_worker_ih {
ip_hash; ip_hash;
server synapse-generic-worker-1:8080; server synapse-generic-worker-1:8080;
server synapse-generic-worker-2:8081; server synapse-generic-worker-2:8081;
server sync1:8090; server synapse-generic-worker-3:8082;
server sync2:8091; server synapse-generic-worker-4:8083;
server sync3:8092;
} }
upstream generic_worker_lc { upstream generic_worker_lc {
least_conn; least_conn;
server synapse-generic-worker-1:8080; server synapse-generic-worker-1:8080;
server synapse-generic-worker-2:8081; server synapse-generic-worker-2:8081;
server synapse-generic-worker-3:8082;
server synapse-generic-worker-4:8083;
}
# extract username from token get parameter
map $arg_access_token $token_from_arg {
default $arg_access_token;
"~syt_(?<username>.*?)_.*" $username;
}
# extract username part from bearer token, fallback to access_token
map $http_authorization $proxy_username_label {
default $http_authorization;
"~Bearer syt_(?<username>.*?)_.*" $username;
"" $token_from_arg;
}
upstream sync_worker {
# pin with username extracted from bearer token or access_token
hash $proxy_username_label consistent;
server sync1:8090; server sync1:8090;
server sync2:8091; server sync2:8091;
server sync3:8092; server sync3:8092;
} }
upstream sync_worker { upstream sync_init {
ip_hash; # Use the username mapper result for hash key
server sync1:8090; hash $mxid_localpart consistent;
server sync2:8091; server sync4:8093;
server sync3:8092; server sync5:8094;
} }

17
swag/nginx/site-confs/adminer.conf
View file

@ -1,17 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name adminer.*;
include /config/nginx/ssl.conf;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app adminer;
set $upstream_port 8080;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}