From f1dbbd31068af63c5c335a368d1a7afd8a03aec4 Mon Sep 17 00:00:00 2001 From: Michael Hollister Date: Tue, 23 Jul 2024 11:29:19 -0500 Subject: [PATCH] Added new fields to MMR config template --- .../configuring-playbook-matrix-media-repo.md | 6 ++-- group_vars/matrix_servers | 5 +++ .../matrix-media-repo/defaults/main.yml | 30 +++++++++++++++++ .../templates/media-repo/media-repo.yaml.j2 | 33 +++++++++++++++++++ 4 files changed, 72 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-matrix-media-repo.md b/docs/configuring-playbook-matrix-media-repo.md index 713384c45..20a0aae0e 100644 --- a/docs/configuring-playbook-matrix-media-repo.md +++ b/docs/configuring-playbook-matrix-media-repo.md @@ -23,9 +23,11 @@ matrix_media_repo_enabled: true # matrix_media_repo_metrics_enabled: true ``` -The repo is pre-configured for integrating with the Postgres database, NGINX proxy and [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) (if metrics enabled) from this playbook for all the available homeserver roles. When the media repo is enabled, other media store roles should be disabled (if using Synapse with other media store roles). +The repo is pre-configured for integrating with the Postgres database, Traefik proxy and [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) (if metrics enabled) from this playbook for all the available homeserver roles. When the media repo is enabled, other media store roles should be disabled (if using Synapse with other media store roles). -By default, the media-repo will use the local filesystem for data storage. Additional options include `s3` and `IPFS` (experimental). Access token caching is also enabled by default since the logout endpoints are proxied through the media repo. +By default, the media-repo will use the local filesystem for data storage. You can alternatively use a `s3` cloud backend as well. Access token caching is also enabled by default since the logout endpoints are proxied through the media repo. + +**Note:** If you want to use authenticated media endpoints ([MSC3916](https://github.com/matrix-org/matrix-spec-proposals/pull/3916)), you must configure a signing key for your MMR instance to authorize outbound federation requests. See https://docs.t2bot.io/matrix-media-repo/v1.3.5/installation/signing-key/ for more details on how to configure your server with a signing key. ## Configuring the media-repo diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 5dbe7bc83..a22e32de6 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -3650,6 +3650,11 @@ matrix_media_repo_homeservers_auto: # to "matrix", most functionality requiring the admin API will not work. adminApiKind: "{{ 'synapse' if matrix_homeserver_implementation == 'synapse' else ('dendrite' if matrix_homeserver_implementation == 'dendrite' else 'matrix') }}" + # The signing key to use for authorizing outbound federation requests. If not specified, + # requests will not be authorized. See https://docs.t2bot.io/matrix-media-repo/v1.3.5/installation/signing-key/ + # for details. + signingKeyPath: "" + matrix_media_repo_homeserver_federation_enabled: "{{ matrix_homeserver_federation_enabled }}" ###################################################################### diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index 1c5bfd665..8d903d11d 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -467,6 +467,11 @@ matrix_media_repo_datastore_s3_opts_bucket_name: "your-media-bucket" # before redirection if present). matrix_media_repo_datastore_s3_opts_redirect_when_cached: true +# The size of the prefix (path component) to use when storing media in S3. This can +# help improve download speeds in some S3 providers. Should not be set to higher than +# 16 to avoid future incompatibilities with MMR. Defaults to zero (no prefix). +matrix_media_repo_datastore_s3_opts_prefix_length: 0 + # Options for controlling archives. Archives are exports of a particular user's content for # the purpose of GDPR or moving media to a different server. @@ -742,6 +747,31 @@ matrix_media_repo_rate_limit_requests_per_second: 1 # The number of requests an IP can send at once before the rate limit is actually considered. matrix_media_repo_rate_limit_burst: 10 +# The 'leaky bucket' configurations for MMR. Leaky buckets are limited in size and have a slow +# drain rate, minimizing the ability for a user to consume large amounts of resources. +# +# Buckets are checked and applied after the requests per second configuration above. Buckets are +# disabled when rate limiting is disabled. +# +# Note: buckets are *not* shared across processes. If download requests could end up at two different +# processes, two different buckets may be filled. This behaviour may change in the future. + +# The download bucket applies to both download requests and thumbnail requests. Each anonymous +# user is assigned a single bucket from their IP address. Authenticated requests (when supported) +# will use the authenticated entity as the subject - either a user or remote server. + +# The maximum size of each bucket. +matrix_media_repo_rate_limit_buckets_download_capacity_bytes: 524288000 # 500mb default + +# The number of bytes to "drain" from the bucket every minute. +matrix_media_repo_rate_limit_buckets_download_drain_bytes_per_minute: 5242880 # 5mb default + +# The number of bytes a requester can go over the capacity, once. This is used to give some +# buffer to allow a single file to be downloaded when the caller is near the limit. This +# should be set to either your max remote download size or 30% of the capacityBytes, whichever +# is smaller. +matrix_media_repo_rate_limit_buckets_download_overflow_limit_bytes: 104857600 # 100mb default (the same as the default remote download maxBytes) + # Identicons are generated avatars for a given username. Some clients use these to give users a # default avatar after signing up. Identicons are not part of the official matrix spec, therefore # this feature is completely optional. diff --git a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 index ee7d151b6..f8597f265 100644 --- a/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 +++ b/roles/custom/matrix-media-repo/templates/media-repo/media-repo.yaml.j2 @@ -97,6 +97,11 @@ database: # # admin status. This should be set to one of "synapse", "dendrite", or "matrix". When set # # to "matrix", most functionality requiring the admin API will not work. # adminApiKind: "synapse" +# +# # The signing key to use for authorizing outbound federation requests. If not specified, +# # requests will not be authorized. See https://docs.t2bot.io/matrix-media-repo/v1.3.5/installation/signing-key/ +# # for details. +# #signingKeyPath: "/data/example.org.key" homeservers: {{ matrix_media_repo_homeservers | to_json | from_json | to_nice_yaml(indent=2, width=999999, sort_keys=false) | indent(width=2, first=true) }} @@ -253,6 +258,10 @@ datastores: # when `publicBaseUrl` is unset. Defaults to false (cached media will be served by MMR # before redirection if present). redirectWhenCached: {{ matrix_media_repo_datastore_s3_opts_redirect_when_cached | to_json }} + # The size of the prefix (path component) to use when storing media in S3. This can + # help improve download speeds in some S3 providers. Should not be set to higher than + # 16 to avoid future incompatibilities with MMR. Defaults to zero (no prefix). + prefixLength: {{ matrix_media_repo_datastore_s3_opts_prefix_length | to_json }} {% endif %} # Options for controlling archives. Archives are exports of a particular user's content for @@ -483,6 +492,30 @@ rateLimit: # The number of requests an IP can send at once before the rate limit is actually considered. burst: {{ matrix_media_repo_rate_limit_burst | to_json }} + # The 'leaky bucket' configurations for MMR. Leaky buckets are limited in size and have a slow + # drain rate, minimizing the ability for a user to consume large amounts of resources. + # + # Buckets are checked and applied after the requests per second configuration above. Buckets are + # disabled when rate limiting is disabled. + # + # Note: buckets are *not* shared across processes. If download requests could end up at two different + # processes, two different buckets may be filled. This behaviour may change in the future. + buckets: + # The download bucket applies to both download requests and thumbnail requests. Each anonymous + # user is assigned a single bucket from their IP address. Authenticated requests (when supported) + # will use the authenticated entity as the subject - either a user or remote server. + downloads: + # The maximum size of each bucket. + capacityBytes: {{ matrix_media_repo_rate_limit_buckets_download_capacity_bytes | to_json }} # 500mb default + # The number of bytes to "drain" from the bucket every minute. + drainBytesPerMinute: {{ matrix_media_repo_rate_limit_buckets_download_drain_bytes_per_minute | to_json }} # 5mb default + # The number of bytes a requester can go over the capacity, once. This is used to give some + # buffer to allow a single file to be downloaded when the caller is near the limit. This + # should be set to either your max remote download size or 30% of the capacityBytes, whichever + # is smaller. + overflowLimitBytes: {{ matrix_media_repo_rate_limit_buckets_download_overflow_limit_bytes | to_json }} # 100mb default (the same as the default remote download maxBytes) + + # Identicons are generated avatars for a given username. Some clients use these to give users a # default avatar after signing up. Identicons are not part of the official matrix spec, therefore # this feature is completely optional.