From 27b5b87bad5d9889ba9ae051ccf1d8d5b0421d37 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Thu, 29 Feb 2024 10:58:17 +0900 Subject: [PATCH] synapse: add /certs import support --- .../synapse/files/basedir/docker-compose.yaml | 16 ++++++++++++++++ ansible/roles/synapse/files/basedir/start.sh | 4 ++++ ansible/roles/synapse/tasks/main.yml | 7 +++++++ 3 files changed, 27 insertions(+) mode change 100644 => 100755 ansible/roles/synapse/files/basedir/start.sh diff --git a/ansible/roles/synapse/files/basedir/docker-compose.yaml b/ansible/roles/synapse/files/basedir/docker-compose.yaml index 77f398c..3ccd8eb 100644 --- a/ansible/roles/synapse/files/basedir/docker-compose.yaml +++ b/ansible/roles/synapse/files/basedir/docker-compose.yaml @@ -6,6 +6,10 @@ services: - /mnt/synapse_data:/data - ./config:/config - /mnt/logs/synapse:/logs + - /etc/pki/ca-trust/source/anchors/:/certs + - ./start.sh:/start.sh + entrypoint: + - /start.sh command: - run - --config-path=/config/homeserver.yaml @@ -14,6 +18,8 @@ services: synapse-worker-generic: image: matrixdotorg/synapse:${SYNAPSE_VERSION} + entrypoint: + - /start.sh command: - run - "--config-path=/config/homeserver.yaml" @@ -22,6 +28,8 @@ services: - /mnt/synapse_data:/data - ./config:/config - /mnt/logs/synapse:/logs + - /etc/pki/ca-trust/source/anchors/:/certs + - ./start.sh:/start.sh environment: SYNAPSE_WORKER: synapse.app.generic_worker depends_on: @@ -31,6 +39,8 @@ services: synapse-worker-sync: image: matrixdotorg/synapse:${SYNAPSE_VERSION} + entrypoint: + - /start.sh command: - run - "--config-path=/config/homeserver.yaml" @@ -39,6 +49,8 @@ services: - /mnt/synapse_data:/data - ./config:/config - /mnt/logs/synapse:/logs + - /etc/pki/ca-trust/source/anchors/:/certs + - ./start.sh:/start.sh environment: SYNAPSE_WORKER: synapse.app.generic_worker depends_on: @@ -48,6 +60,8 @@ services: synapse-worker-federation: image: matrixdotorg/synapse:${SYNAPSE_VERSION} + entrypoint: + - /start.sh command: - run - "--config-path=/config/homeserver.yaml" @@ -56,6 +70,8 @@ services: - /mnt/synapse_data:/data - ./config:/config - /mnt/logs/synapse:/logs + - /etc/pki/ca-trust/source/anchors/:/certs + - ./start.sh:/start.sh environment: SYNAPSE_WORKER: synapse.app.generic_worker depends_on: diff --git a/ansible/roles/synapse/files/basedir/start.sh b/ansible/roles/synapse/files/basedir/start.sh old mode 100644 new mode 100755 index e73aca0..735b1bd --- a/ansible/roles/synapse/files/basedir/start.sh +++ b/ansible/roles/synapse/files/basedir/start.sh @@ -4,3 +4,7 @@ cnt=$(ls -1 /certs 2>/dev/null|wc -l) if [ $cnt -gt 0 ]; then cp /certs/* /usr/local/share/ca-certificates + update-ca-certificates +fi + +/start.py "$@" diff --git a/ansible/roles/synapse/tasks/main.yml b/ansible/roles/synapse/tasks/main.yml index 25bec05..0ea8038 100644 --- a/ansible/roles/synapse/tasks/main.yml +++ b/ansible/roles/synapse/tasks/main.yml @@ -6,6 +6,13 @@ mode: '0644' tags: - files +- name: Make start.sh executable + ansible.builtin.file: + path: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}/start.sh + owner: "{{ ansible_user }}" + mode: '0755' + tags: + - files - name: Create nginx dir ansible.builtin.file: path: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}/nginx