commit 13e988812b37d7778087016eb8086bc998b08006
parent 67661f27c8f235dc0ff33b1ea09b14712ed42bf9
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 2 Feb 2021 12:18:43 +0100
parent 67661f27c8f235dc0ff33b1ea09b14712ed42bf9
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 2 Feb 2021 12:18:43 +0100
synapse: move config to ansible-wars
5 files changed, 110 insertions(+), 134 deletions(-)
D
|
88
-------------------------------------------------------------------------------
M
|
93
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
diff --git a/config-files/synapse/homeserver.yaml b/config-files/synapse/homeserver.yaml @@ -1,88 +0,0 @@ -no_tls: false - -server_name: "ctu.cx" -pid_file: "/run/matrix-synapse.pid" - -public_baseurl: "https://matrix.ctu.cx/" - -listeners: - - port: 8008 - bind_address: "0.0.0.0" - type: http - tls: false - x_forwarded: true - resources: - - names: - - client - compress: true - - names: - - federation - compress: false - -database: - name: "psycopg2" - args: - database: "synapse" - - -event_cache_size: "10K" -verbose: 0 -log_config: "/etc/synapse/log.yaml" - -rc_messages_per_second: 0.2 -rc_message_burst_count: 10.0 - -federation_rc_window_size: 1000 -federation_rc_sleep_limit: 10 -federation_rc_sleep_delay: 500 -federation_rc_reject_limit: 50 -federation_rc_concurrent: 3 - -media_store_path: "/var/lib/synapse/media" -uploads_path: "/var/lib/synapse/uploads" -max_upload_size: "100M" -max_image_pixels: "32M" -dynamic_thumbnails: false - -url_preview_enabled: true -url_preview_ip_range_blacklist: ["127.0.0.0/8","10.0.0.0/8","172.16.0.0/12","192.168.0.0/16","100.64.0.0/10","169.254.0.0/16","::1/128","fe80::/64","fc00::/7"] -url_preview_ip_range_whitelist: [] -url_preview_url_blacklist: [] - -recaptcha_private_key: "" -recaptcha_public_key: "" -enable_registration_captcha: false - -turn_uris: [] -turn_shared_secret: "" -enable_registration: false -enable_metrics: false -registration_shared_secret: "secret" - -recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" -turn_user_lifetime: "1h" -user_creation_max_duration: 1209600000 -bcrypt_rounds: 12 -allow_guest_access: false - -account_threepid_delegates: - -room_invite_state_types: - - "m.room.join_rules" - - "m.room.canonical_alias" - - "m.room.avatar" - - "m.room.name" - -expire_access_token: false -report_stats: false -signing_key_path: "/var/lib/synapse/homeserver.signing.key" -key_refresh_interval: "1d" - -redaction_retention_period: 7 - -perspectives: - servers: - "matrix.org": - verify_keys: - "ed25519:auto": - key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"
diff --git a/config-files/synapse/log.yaml b/config-files/synapse/log.yaml @@ -1,39 +0,0 @@ -# Log configuration for Synapse. -version: 1 - -formatters: - precise: - format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' - -handlers: - file: - class: logging.handlers.TimedRotatingFileHandler - formatter: precise - filename: /var/log/synapse/homeserver.log - when: midnight - backupCount: 3 # Does not include the current log file. - encoding: utf8 - - buffer: - class: logging.handlers.MemoryHandler - target: file - capacity: 10 - flushLevel: 30 # Flush for WARNING logs as well - - console: - class: logging.StreamHandler - formatter: precise - -loggers: - synapse.storage.SQL: - level: INFO - - twisted: - handlers: [file] - propagate: false - -root: - level: INFO - handlers: [buffer] - -disable_existing_loggers: false
diff --git a/configuration/wanderduene.yml b/configuration/wanderduene.yml @@ -306,7 +306,98 @@ services: synapse: enable: true - configPath: config-files/synapse + homeserverConfig: + no_tls: false + server_name: "ctu.cx" + pid_file: "/run/matrix-synapse.pid" + public_baseurl: "https://matrix.ctu.cx/" + listeners: + - port: 8008 + bind_address: "127.0.0.1" + type: http + tls: false + x_forwarded: true + resources: + - names: ["client"] + compress: true + - names: ["federation"] + compress: false + database: + name: "psycopg2" + args: + database: "synapse" + event_cache_size: "10K" + verbose: 0 + rc_messages_per_second: 0.2 + rc_message_burst_count: 10.0 + federation_rc_window_size: 1000 + federation_rc_sleep_limit: 10 + federation_rc_sleep_delay: 500 + federation_rc_reject_limit: 50 + federation_rc_concurrent: 3 + media_store_path: "/var/lib/synapse/media" + uploads_path: "/var/lib/synapse/uploads" + max_upload_size: "100M" + max_image_pixels: "32M" + dynamic_thumbnails: false + url_preview_enabled: true + url_preview_ip_range_blacklist: ["127.0.0.0/8","10.0.0.0/8","172.16.0.0/12","192.168.0.0/16","100.64.0.0/10","169.254.0.0/16","::1/128","fe80::/64","fc00::/7"] + url_preview_ip_range_whitelist: [] + url_preview_url_blacklist: [] + enable_registration_captcha: false + turn_uris: [] + turn_shared_secret: "" + enable_registration: false + enable_metrics: false + registration_shared_secret: "secret" + recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" + turn_user_lifetime: "1h" + user_creation_max_duration: 1209600000 + bcrypt_rounds: 12 + allow_guest_access: false + room_invite_state_types: ["m.room.join_rules", "m.room.canonical_alias", "m.room.avatar", "m.room.name"] + expire_access_token: false + report_stats: false + signing_key_path: "/var/lib/synapse/homeserver.signing.key" + key_refresh_interval: "1d" + redaction_retention_period: 7 + perspectives: + servers: + "matrix.org": + verify_keys: + "ed25519:auto": + key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" + logConfig: + version: 1 + formatters: + precise: + format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' + handlers: + file: + class: logging.handlers.TimedRotatingFileHandler + formatter: precise + filename: /var/log/synapse/homeserver.log + when: midnight + backupCount: 3 # Does not include the current log file. + encoding: utf8 + buffer: + class: logging.handlers.MemoryHandler + target: file + capacity: 10 + flushLevel: 30 # Flush for WARNING logs as well + console: + class: logging.StreamHandler + formatter: precise + loggers: + synapse.storage.SQL: + level: INFO + twisted: + handlers: [file] + propagate: false + root: + level: INFO + handlers: [buffer] + disable_existing_loggers: false webClient: enable: true configFile: config-files/schildichat-web/config.json
diff --git a/roles/synapse/tasks/checks.yml b/roles/synapse/tasks/checks.yml @@ -4,9 +4,13 @@ when: - services.postgresql.enable is not defined or services.postgresql.enable is not true -- fail: msg="Option 'services.synapse.configPath' has to be set!" +- fail: msg="Option 'services.synapse.homeserverConfig' has to be set!" when: - - services.synapse.configPath is not defined + - services.synapse.homeserverConfig is not defined + +- fail: msg="Option 'services.synapse.logConfig' has to be set!" + when: + - services.synapse.logConfig is not defined - fail: msg="Option 'services.synapse.webClient.configFile' has to be set when 'services.synapse.webClient.enable' is true!" when:
diff --git a/roles/synapse/tasks/configure.yml b/roles/synapse/tasks/configure.yml @@ -1,10 +1,18 @@ --- -- name: "Copy configs to: /etc/synapse" +- name: "Copy homeserver-config to: /etc/synapse/homeserver.yaml" copy: - src: "{{ services.synapse.configPath }}" - dest: "/etc/synapse" - mode: 0755 + content: "#\n# !!! This file is managed by Ansible !!!\n#\n\n{{ services.synapse.homeserverConfig | to_nice_yaml }}\nlog_config: '/etc/synapse/log.yaml'\n" + dest: "/etc/synapse/homeserver.yaml" + mode: 0655 + owner: synapse + group: synapse + +- name: "Copy log-config to: /etc/synapse/log.yaml" + copy: + content: "#\n# !!! This file is managed by Ansible !!!\n#\n\n{{ services.synapse.logConfig | to_nice_yaml }}" + dest: "/etc/synapse/log.yaml" + mode: 0655 owner: synapse group: synapse