mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-18 00:57:09 +00:00
Upgrade Synapse (1.46.0 -> 1.47.0)
We had to remove UID/GID environment variables that we used to pass to the Synapse container, because it was causing a problem after https://github.com/matrix-org/synapse/pull/11209 We were using both `--user` and UID/GID environment variables until now.
This commit is contained in:
parent
75cb4ce3b0
commit
e1a6d1e4b2
@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
|||||||
# amd64 gets released first.
|
# amd64 gets released first.
|
||||||
# arm32 relies on self-building, so the same version can be built immediately.
|
# arm32 relies on self-building, so the same version can be built immediately.
|
||||||
# arm64 users need to wait for a prebuilt image to become available.
|
# arm64 users need to wait for a prebuilt image to become available.
|
||||||
matrix_synapse_version: v1.46.0
|
matrix_synapse_version: v1.47.0
|
||||||
matrix_synapse_version_arm64: v1.46.0
|
matrix_synapse_version_arm64: v1.47.0
|
||||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -67,8 +67,6 @@
|
|||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||||
--cap-drop=ALL
|
--cap-drop=ALL
|
||||||
--mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/data
|
--mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/data
|
||||||
-e UID={{ matrix_user_uid }}
|
|
||||||
-e GID={{ matrix_user_gid }}
|
|
||||||
-e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
|
-e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
|
||||||
-e SYNAPSE_SERVER_NAME={{ matrix_server_fqn_matrix }}
|
-e SYNAPSE_SERVER_NAME={{ matrix_server_fqn_matrix }}
|
||||||
-e SYNAPSE_REPORT_STATS=no
|
-e SYNAPSE_REPORT_STATS=no
|
||||||
|
@ -66,8 +66,28 @@ pid_file: /homeserver.pid
|
|||||||
# Otherwise, it should be the URL to reach Synapse's client HTTP listener (see
|
# Otherwise, it should be the URL to reach Synapse's client HTTP listener (see
|
||||||
# 'listeners' below).
|
# 'listeners' below).
|
||||||
#
|
#
|
||||||
|
# Defaults to 'https://<server_name>/'.
|
||||||
|
#
|
||||||
public_baseurl: https://{{ matrix_server_fqn_matrix }}/
|
public_baseurl: https://{{ matrix_server_fqn_matrix }}/
|
||||||
|
|
||||||
|
# Uncomment the following to tell other servers to send federation traffic on
|
||||||
|
# port 443.
|
||||||
|
#
|
||||||
|
# By default, other servers will try to reach our server on port 8448, which can
|
||||||
|
# be inconvenient in some environments.
|
||||||
|
#
|
||||||
|
# Provided 'https://<server_name>/' on port 443 is routed to Synapse, this
|
||||||
|
# option configures Synapse to serve a file at
|
||||||
|
# 'https://<server_name>/.well-known/matrix/server'. This will tell other
|
||||||
|
# servers to send traffic to port 443 instead.
|
||||||
|
#
|
||||||
|
# See https://matrix-org.github.io/synapse/latest/delegate.html for more
|
||||||
|
# information.
|
||||||
|
#
|
||||||
|
# Defaults to 'false'.
|
||||||
|
#
|
||||||
|
#serve_server_wellknown: true
|
||||||
|
|
||||||
# Set the soft limit on the number of file descriptors synapse can use
|
# Set the soft limit on the number of file descriptors synapse can use
|
||||||
# Zero is used to indicate synapse should set the soft limit to the
|
# Zero is used to indicate synapse should set the soft limit to the
|
||||||
# hard limit.
|
# hard limit.
|
||||||
@ -1271,7 +1291,7 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }}
|
|||||||
# in on this server.
|
# in on this server.
|
||||||
#
|
#
|
||||||
# (By default, no suggestion is made, so it is left up to the client.
|
# (By default, no suggestion is made, so it is left up to the client.
|
||||||
# This setting is ignored unless public_baseurl is also set.)
|
# This setting is ignored unless public_baseurl is also explicitly set.)
|
||||||
#
|
#
|
||||||
#default_identity_server: https://matrix.org
|
#default_identity_server: https://matrix.org
|
||||||
|
|
||||||
@ -1296,8 +1316,6 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }}
|
|||||||
# by the Matrix Identity Service API specification:
|
# by the Matrix Identity Service API specification:
|
||||||
# https://matrix.org/docs/spec/identity_service/latest
|
# https://matrix.org/docs/spec/identity_service/latest
|
||||||
#
|
#
|
||||||
# If a delegate is specified, the config option public_baseurl must also be filled out.
|
|
||||||
#
|
|
||||||
account_threepid_delegates:
|
account_threepid_delegates:
|
||||||
email: {{ matrix_synapse_account_threepid_delegates_email|to_json }}
|
email: {{ matrix_synapse_account_threepid_delegates_email|to_json }}
|
||||||
msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }}
|
msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }}
|
||||||
@ -1990,11 +2008,10 @@ sso:
|
|||||||
# phishing attacks from evil.site. To avoid this, include a slash after the
|
# phishing attacks from evil.site. To avoid this, include a slash after the
|
||||||
# hostname: "https://my.client/".
|
# hostname: "https://my.client/".
|
||||||
#
|
#
|
||||||
# If public_baseurl is set, then the login fallback page (used by clients
|
# The login fallback page (used by clients that don't natively support the
|
||||||
# that don't natively support the required login flows) is whitelisted in
|
# required login flows) is whitelisted in addition to any URLs in this list.
|
||||||
# addition to any URLs in this list.
|
|
||||||
#
|
#
|
||||||
# By default, this list is empty.
|
# By default, this list contains only the login fallback page.
|
||||||
#
|
#
|
||||||
#client_whitelist:
|
#client_whitelist:
|
||||||
# - https://riot.im/develop
|
# - https://riot.im/develop
|
||||||
|
@ -17,8 +17,6 @@ ExecStartPre={{ matrix_host_command_sleep }} 5
|
|||||||
ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \
|
ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
-e UID={{ matrix_user_uid }} \
|
|
||||||
-e GID={{ matrix_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
--read-only \
|
--read-only \
|
||||||
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
|
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
|
||||||
|
@ -33,8 +33,6 @@ ExecStartPre={{ matrix_host_command_sleep }} 3
|
|||||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
|
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
--env=UID={{ matrix_user_uid }} \
|
|
||||||
--env=GID={{ matrix_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
--read-only \
|
--read-only \
|
||||||
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
|
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
|
||||||
|
@ -271,19 +271,19 @@ matrix_synapse_workers_media_repository_endpoints:
|
|||||||
# expose the `media` resource. For example:
|
# expose the `media` resource. For example:
|
||||||
|
|
||||||
# ```yaml
|
# ```yaml
|
||||||
# worker_listeners:
|
# worker_listeners:
|
||||||
# - type: http
|
# - type: http
|
||||||
# port: 8085
|
# port: 8085
|
||||||
# resources:
|
# resources:
|
||||||
# - names:
|
# - names:
|
||||||
# - media
|
# - media
|
||||||
# ```
|
# ```
|
||||||
|
|
||||||
# Note that if running multiple media repositories they must be on the same server
|
# Note that if running multiple media repositories they must be on the same server
|
||||||
# and you must configure a single instance to run the background tasks, e.g.:
|
# and you must configure a single instance to run the background tasks, e.g.:
|
||||||
|
|
||||||
# ```yaml
|
# ```yaml
|
||||||
# media_instance_running_background_jobs: "media-repository-1"
|
# media_instance_running_background_jobs: "media-repository-1"
|
||||||
# ```
|
# ```
|
||||||
|
|
||||||
# Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately).
|
# Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately).
|
||||||
@ -319,7 +319,9 @@ matrix_synapse_workers_frontend_proxy_endpoints:
|
|||||||
# the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration
|
# the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration
|
||||||
# file. For example:
|
# file. For example:
|
||||||
|
|
||||||
# worker_main_http_uri: http://127.0.0.1:{{ matrix_synapse_container_client_api_port }}
|
# ```yaml
|
||||||
|
# worker_main_http_uri: http://127.0.0.1:8008
|
||||||
|
# ```
|
||||||
|
|
||||||
matrix_synapse_workers_avail_list:
|
matrix_synapse_workers_avail_list:
|
||||||
- appservice
|
- appservice
|
||||||
|
Loading…
Reference in New Issue
Block a user