[tws-matrix] create new docker-compose sigle redis and new worker Task#12159
This commit is contained in:
parent
37a83a9171
commit
89e2916dfc
16 changed files with 3625 additions and 0 deletions
44
matrix_extDB/matrix_noDB_redis/README.md
Normal file
44
matrix_extDB/matrix_noDB_redis/README.md
Normal file
|
@ -0,0 +1,44 @@
|
|||
## Usage and Components
|
||||
|
||||
Note: as of 2023-09-01 this docker-compose is available internally.
|
||||
|
||||
### Versions
|
||||
|
||||
* Element: https://hub.docker.com/r/vectorim/element-web/tags
|
||||
* Synapse: https://hub.docker.com/r/matrixdotorg/synapse/tags
|
||||
|
||||
### Domains / homeserver.yaml and element-config.json
|
||||
|
||||
* synapseFQDN: on which domain the home server is reachable
|
||||
* elementWebFQDN: on which domain element web will be deployed
|
||||
* homeServerFQDN: the "matrix domain" that identifies the users
|
||||
|
||||
### Sample usage
|
||||
|
||||
Setting up matrix for ...
|
||||
|
||||
- the matrix domain "fn.nf"
|
||||
- the homeserver "homeserver.fn.nf"
|
||||
- element web on m.fn.nf
|
||||
|
||||
- set domains and config via .env
|
||||
|
||||
```
|
||||
homeServerFQDN=homeServerFQDN.sample.matrix.ungleich.cloud
|
||||
synapseFQDN=synapse.sample.matrix.ungleich.cloud
|
||||
elementWebFQDN=elementWebFQDN.sample.matrix.ungleich.cloud
|
||||
dbuser=synapse
|
||||
dbhost=postgres.tws-matrix.ungleich.cloud
|
||||
dbpassword=NEEDTOSETPASSWORD
|
||||
dbname=synapse
|
||||
DOMAIN=synapse.tws-matrix.ungleich.cloud
|
||||
EMAIL=technik@ungleich.ch
|
||||
STAGING=no
|
||||
redishost=redis-node1.ungleich.cloud
|
||||
redisport=7300
|
||||
```
|
||||
|
||||
|
||||
```
|
||||
docker-compose up -d
|
||||
```
|
11
matrix_extDB/matrix_noDB_redis/conf/default
Normal file
11
matrix_extDB/matrix_noDB_redis/conf/default
Normal file
|
@ -0,0 +1,11 @@
|
|||
server {
|
||||
listen *:80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name _;
|
||||
|
||||
# Everything else -> ssl
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
28
matrix_extDB/matrix_noDB_redis/conf/elementhttp.conf
Normal file
28
matrix_extDB/matrix_noDB_redis/conf/elementhttp.conf
Normal file
|
@ -0,0 +1,28 @@
|
|||
server {
|
||||
listen 127.0.0.1:8080;
|
||||
listen [::1]:8080;
|
||||
server_name localhost;
|
||||
|
||||
root /usr/share/nginx/html;
|
||||
index index.html;
|
||||
|
||||
client_max_body_size 512M;
|
||||
proxy_buffering off;
|
||||
|
||||
# Set no-cache for the index.html only so that browsers always check for a new copy of Element Web.
|
||||
location = /index.html {
|
||||
add_header Cache-Control "no-cache";
|
||||
}
|
||||
location = /version {
|
||||
add_header Cache-Control "no-cache";
|
||||
}
|
||||
# covers config.json and config.hostname.json requests as it is prefix.
|
||||
location /config {
|
||||
add_header Cache-Control "no-cache";
|
||||
}
|
||||
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
}
|
94
matrix_extDB/matrix_noDB_redis/dconf/nginx.conf
Normal file
94
matrix_extDB/matrix_noDB_redis/dconf/nginx.conf
Normal file
|
@ -0,0 +1,94 @@
|
|||
# /etc/nginx/nginx.conf
|
||||
|
||||
user nginx;
|
||||
|
||||
# Set number of worker processes automatically based on number of CPU cores.
|
||||
worker_processes auto;
|
||||
|
||||
# Enables the use of JIT for regular expressions to speed-up their processing.
|
||||
pcre_jit on;
|
||||
|
||||
# Configures default error logger.
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
|
||||
# Includes files with directives to load dynamic modules.
|
||||
include /etc/nginx/modules/*.conf;
|
||||
|
||||
|
||||
events {
|
||||
# The maximum number of simultaneous connections that can be opened by
|
||||
# a worker process.
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
server_names_hash_bucket_size 64;
|
||||
map_hash_bucket_size 128;
|
||||
|
||||
# Includes mapping of file name extensions to MIME types of responses
|
||||
# and defines the default type.
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Name servers used to resolve names of upstream servers into addresses.
|
||||
# It's also needed when using tcpsocket and udpsocket in Lua modules.
|
||||
#resolver 208.67.222.222 208.67.220.220;
|
||||
|
||||
# Don't tell nginx version to clients.
|
||||
server_tokens off;
|
||||
|
||||
# Specifies the maximum accepted body size of a client request, as
|
||||
# indicated by the request header Content-Length. If the stated content
|
||||
# length is greater than this size, then the client receives the HTTP
|
||||
# error code 413. Set to 0 to disable.
|
||||
client_max_body_size 1m;
|
||||
|
||||
# Timeout for keep-alive connections. Server will close connections after
|
||||
# this time.
|
||||
keepalive_timeout 65;
|
||||
|
||||
# Sendfile copies data between one FD and other from within the kernel,
|
||||
# which is more efficient than read() + write().
|
||||
sendfile on;
|
||||
|
||||
# Don't buffer data-sends (disable Nagle algorithm).
|
||||
# Good for sending frequent small bursts of data in real time.
|
||||
tcp_nodelay on;
|
||||
|
||||
# Causes nginx to attempt to send its HTTP response head in one packet,
|
||||
# instead of using partial frames.
|
||||
#tcp_nopush on;
|
||||
|
||||
|
||||
# Path of the file with Diffie-Hellman parameters for EDH ciphers.
|
||||
#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
|
||||
|
||||
# Specifies that our cipher suits should be preferred over client ciphers.
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
# Enables a shared SSL cache with size that can hold around 8000 sessions.
|
||||
ssl_session_cache shared:SSL:2m;
|
||||
|
||||
|
||||
# Enable gzipping of responses.
|
||||
#gzip on;
|
||||
|
||||
# Set the Vary HTTP header as defined in the RFC 2616.
|
||||
gzip_vary on;
|
||||
|
||||
# Enable checking the existence of precompressed files.
|
||||
#gzip_static on;
|
||||
|
||||
|
||||
# Specifies the main log format.
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
# Sets the path, format, and configuration for a buffered log write.
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
|
||||
# Includes virtual hosts configs.
|
||||
include /etc/nginx/conf.d/*;
|
||||
}
|
97
matrix_extDB/matrix_noDB_redis/docker-compose.yaml
Normal file
97
matrix_extDB/matrix_noDB_redis/docker-compose.yaml
Normal file
|
@ -0,0 +1,97 @@
|
|||
version: '3'
|
||||
services:
|
||||
synapse:
|
||||
image: matrixdotorg/synapse:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
|
||||
- SERVERNAME=${homeServerFQDN}
|
||||
- PUBLICBASEURL=${synapseFQDN}
|
||||
- ELEMENTWEB=${elementWebFQDN}
|
||||
- DBNAME=${dbname}
|
||||
- DBHOST=${dbhost}
|
||||
- DBUSER=${dbuser}
|
||||
- DBPASSWORD=${dbpassword}
|
||||
- REDISHOST=${redishost}
|
||||
- REDISPORT=${redisport}
|
||||
- TURNPORT=${turnport}
|
||||
- TURNHOST=${turnhost}
|
||||
- TURNSECRET=${turnsecret}
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./synapse:/data
|
||||
entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py"
|
||||
|
||||
element:
|
||||
image: vectorim/element-web:latest
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- SERVERNAME=${homeServerFQDN}
|
||||
- PUBLICBASEURL=${synapseFQDN}
|
||||
- ELEMENTWEB=${elementWebFQDN}
|
||||
volumes:
|
||||
- ./element/config.json.sh:/app/config.json.sh
|
||||
- ./element/element.conf.sh:/app/element.conf.sh
|
||||
- ./element/redirector.conf.sh:/app/redirector.conf.sh
|
||||
- ./element/synapse.conf.sh:/app/synapse.conf.sh
|
||||
- ./conf:/etc/nginx/conf.d
|
||||
- ./etcletsencrypt:/etc/letsencrypt
|
||||
- ./dconf/nginx.conf:/etc/nginx/nginx.conf
|
||||
command: sh -c "/app/config.json.sh && /app/element.conf.sh && /app/redirector.conf.sh && /app/synapse.conf.sh && nginx -g 'daemon off;'"
|
||||
network_mode: "host"
|
||||
|
||||
synapse-generic-worker-all:
|
||||
image: matrixdotorg/synapse:latest
|
||||
container_name: synapse-generic-worker-all
|
||||
restart: unless-stopped
|
||||
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-generic-worker-all.yaml"]
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "curl -fSs http://localhost:8081/health || exit 1"]
|
||||
start_period: "5s"
|
||||
interval: "15s"
|
||||
timeout: "5s"
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./synapse:/data
|
||||
environment:
|
||||
SYNAPSE_WORKER: synapse.app.generic_worker
|
||||
depends_on:
|
||||
- synapse
|
||||
|
||||
synapse-generic-worker-sync:
|
||||
image: matrixdotorg/synapse:latest
|
||||
container_name: synapse-generic-worker-sync
|
||||
restart: unless-stopped
|
||||
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-generic-worker-sync.yaml"]
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "curl -fSs http://localhost:8083/health || exit 1"]
|
||||
start_period: "5s"
|
||||
interval: "15s"
|
||||
timeout: "5s"
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./synapse:/data
|
||||
environment:
|
||||
SYNAPSE_WORKER: synapse.app.generic_worker
|
||||
depends_on:
|
||||
- synapse
|
||||
|
||||
synapse-federation-sender-1:
|
||||
image: matrixdotorg/synapse:latest
|
||||
container_name: synapse-federation-sender-1
|
||||
restart: unless-stopped
|
||||
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
|
||||
healthcheck:
|
||||
disable: true
|
||||
network_mode: "host"
|
||||
volumes:
|
||||
- ./synapse:/data
|
||||
environment:
|
||||
SYNAPSE_WORKER: synapse.app.generic_worker
|
||||
depends_on:
|
||||
- synapse
|
||||
|
||||
redis:
|
||||
image: "redis:latest"
|
||||
restart: "unless-stopped"
|
||||
network_mode: "host"
|
55
matrix_extDB/matrix_noDB_redis/element/config.json.sh
Executable file
55
matrix_extDB/matrix_noDB_redis/element/config.json.sh
Executable file
|
@ -0,0 +1,55 @@
|
|||
#!/bin/sh
|
||||
|
||||
/docker-entrypoint.sh
|
||||
|
||||
cat << EOF > /app/config.json
|
||||
{
|
||||
"default_server_config": {
|
||||
"m.homeserver": {
|
||||
"base_url": "https://$PUBLICBASEURL",
|
||||
"server_name": "$SERVERNAME"
|
||||
},
|
||||
"m.identity_server": {
|
||||
"base_url": "https://vector.im"
|
||||
}
|
||||
},
|
||||
"disable_custom_urls": false,
|
||||
"disable_guests": false,
|
||||
"disable_login_language_selector": false,
|
||||
"disable_3pid_login": false,
|
||||
"brand": "Element",
|
||||
"integrations_ui_url": "https://scalar.vector.im/",
|
||||
"integrations_rest_url": "https://scalar.vector.im/api",
|
||||
"integrations_widgets_urls": [
|
||||
"https://scalar.vector.im/_matrix/integrations/v1",
|
||||
"https://scalar.vector.im/api",
|
||||
"https://scalar-staging.vector.im/_matrix/integrations/v1",
|
||||
"https://scalar-staging.vector.im/api",
|
||||
"https://scalar-staging.riot.im/scalar/api"
|
||||
],
|
||||
"default_country_code": "GB",
|
||||
"show_labs_settings": false,
|
||||
"features": {},
|
||||
"default_federate": true,
|
||||
"default_theme": "light",
|
||||
"room_directory": {
|
||||
"servers": ["matrix.org"]
|
||||
},
|
||||
"enable_presence_by_hs_url": {
|
||||
"https://matrix.org": false,
|
||||
"https://matrix-client.matrix.org": false
|
||||
},
|
||||
"setting_defaults": {
|
||||
"breadcrumbs": true
|
||||
},
|
||||
"jitsi": {
|
||||
"preferred_domain": "meet.element.io"
|
||||
},
|
||||
"element_call": {
|
||||
"url": "https://call.element.io",
|
||||
"participant_limit": 8,
|
||||
"brand": "Element Call"
|
||||
},
|
||||
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
|
||||
}
|
||||
EOF
|
30
matrix_extDB/matrix_noDB_redis/element/element.conf.sh
Executable file
30
matrix_extDB/matrix_noDB_redis/element/element.conf.sh
Executable file
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh
|
||||
|
||||
cat << EOF > /etc/nginx/conf.d/element.conf
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
server_name $ELEMENTWEB;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/$ELEMENTWEB/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/$ELEMENTWEB/privkey.pem;
|
||||
|
||||
client_max_body_size 512m;
|
||||
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||
proxy_set_header Host \$http_host;
|
||||
proxy_set_header X-Real-IP \$remote_addr;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
|
||||
proxy_pass http://localhost:8080;
|
||||
}
|
||||
}
|
||||
EOF
|
31
matrix_extDB/matrix_noDB_redis/element/redirector.conf.sh
Executable file
31
matrix_extDB/matrix_noDB_redis/element/redirector.conf.sh
Executable file
|
@ -0,0 +1,31 @@
|
|||
#!/bin/sh
|
||||
|
||||
|
||||
cat << EOF > /etc/nginx/conf.d/redirector.conf
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/$SERVERNAME/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/$SERVERNAME/privkey.pem;
|
||||
|
||||
server_name $SERVERNAME;
|
||||
proxy_buffering off;
|
||||
|
||||
|
||||
location /.well-known/matrix/server {
|
||||
default_type application/json;
|
||||
return 200 '{"m.server": "$PUBLICBASEURL:443" }';
|
||||
}
|
||||
location /.well-known/matrix/client {
|
||||
default_type application/json;
|
||||
return 200 '{ "m.homeserver": { "base_url": "https://$PUBLICBASEURL" } }';
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_buffering off;
|
||||
client_max_body_size 512M;
|
||||
return 301 https://$ELEMENTWEB;
|
||||
}
|
||||
}
|
||||
EOF
|
145
matrix_extDB/matrix_noDB_redis/element/synapse.conf.sh
Executable file
145
matrix_extDB/matrix_noDB_redis/element/synapse.conf.sh
Executable file
|
@ -0,0 +1,145 @@
|
|||
#!/bin/sh
|
||||
|
||||
|
||||
cat << EOF > /etc/nginx/conf.d/synapse.conf
|
||||
upstream synapse_master {
|
||||
server localhost:8008;
|
||||
}
|
||||
|
||||
upstream synapse_federation {
|
||||
server localhost:8082;
|
||||
}
|
||||
|
||||
upstream synapse_generic {
|
||||
server localhost:8081;
|
||||
}
|
||||
|
||||
upstream synapse_generic_sync {
|
||||
server localhost:8083;
|
||||
}
|
||||
|
||||
map \$request_uri \$synapse_backend {
|
||||
default synapse_master;
|
||||
|
||||
# Sync requests
|
||||
~*^/_matrix/client/(r0|v3)/sync\$ synapse_sync;
|
||||
~*^/_matrix/client/(api/v1|r0|v3)/events\$ synapse_sync;
|
||||
~*^/_matrix/client/(api/v1|r0|v3)/initialSync\$ synapse_sync;
|
||||
~*^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync\$ synapse_sync;
|
||||
|
||||
# Federation requests
|
||||
~*^/_matrix/federation/v1/event/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/state/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/state_ids/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/backfill/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/get_missing_events/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/publicRooms synapse_federation;
|
||||
~*^/_matrix/federation/v1/query/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/make_join/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/make_leave/ synapse_federation;
|
||||
~*^/_matrix/federation/(v1|v2)/send_join/ synapse_federation;
|
||||
~*^/_matrix/federation/(v1|v2)/send_leave/ synapse_federation;
|
||||
~*^/_matrix/federation/(v1|v2)/invite/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/event_auth/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/exchange_third_party_invite/ synapse_federation;
|
||||
~*^/_matrix/federation/v1/user/devices/ synapse_federation;
|
||||
~*^/_matrix/key/v2/query synapse_federation;
|
||||
~*^/_matrix/federation/v1/hierarchy/ synapse_federation;
|
||||
|
||||
# Inbound federation transaction request
|
||||
~*^/_matrix/federation/v1/send/ synapse_federation;
|
||||
|
||||
# Client API requests
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state\$ synapse_generic;
|
||||
~*^/_matrix/client/v1/rooms/.*/hierarchy\$ synaspe_generic;
|
||||
~*^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send\$ synapse_generic;
|
||||
~*^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/account/3pid\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/account/whoami\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/devices\$ synapse_generic;
|
||||
~*^/_matrix/client/versions\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/search\$ synapse_generic;
|
||||
|
||||
# Encryption requests
|
||||
~*^/_matrix/client/(r0|v3|unstable)/keys/query\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/keys/changes\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/keys/claim\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/room_keys/ synapse_generic;
|
||||
|
||||
# Registration/login requests
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login\$ synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/register\$ synapse_generic;
|
||||
~*^/_matrix/client/v1/register/m.login.registration_token/validity\$ synapse_generic;
|
||||
|
||||
# Event sending requests
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)\$ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/join/ synapse_generic;
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ synapse_generic;
|
||||
|
||||
# Account data requests
|
||||
~*^/_matrix/client/(r0|v3|unstable)/.*/tags synapse_generic;
|
||||
~*^/_matrix/client/(r0|v3|unstable)/.*/account_data synapse_generic;
|
||||
|
||||
# Receipts requests
|
||||
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt synapse_generic;
|
||||
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers synapse_generic;
|
||||
|
||||
# Presence requests
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ synapse_generic;
|
||||
|
||||
# User directory search requests
|
||||
~*^/_matrix/client/(r0|v3|unstable)/user_directory/search\$ synapse_generic;
|
||||
|
||||
# for all SSO providers
|
||||
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect synapse_generic;
|
||||
~*^/_synapse/client/pick_idp$ synapse_generic;
|
||||
~*^/_synapse/client/pick_username synapse_generic;
|
||||
~*^/_synapse/client/new_user_consent$ synapse_generic;
|
||||
~*^/_synapse/client/sso_register$ synapse_generic;
|
||||
|
||||
# OpenID Connect requests.
|
||||
~*^/_synapse/client/oidc/callback$ synapse_generic;
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/$PUBLICBASEURL/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/$PUBLICBASEURL/privkey.pem;
|
||||
|
||||
server_name $PUBLICBASEURL;
|
||||
|
||||
client_max_body_size 512m;
|
||||
|
||||
error_page 403 404 /403_404.html;
|
||||
location = /403_404.html {
|
||||
default_type application/json;
|
||||
return 200 'You are not authorized to access this page.';
|
||||
}
|
||||
|
||||
location ~ /_matrix|/_synapse {
|
||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||
proxy_set_header Host \$http_host;
|
||||
proxy_set_header X-Real-IP \$remote_addr;
|
||||
proxy_connect_timeout 3600;
|
||||
proxy_send_timeout 3600;
|
||||
proxy_read_timeout 3600;
|
||||
send_timeout 3600;
|
||||
proxy_pass http://\$synapse_backend;
|
||||
}
|
||||
}
|
||||
EOF
|
33
matrix_extDB/matrix_noDB_redis/synapse/federation_sender.log.yaml
Executable file
33
matrix_extDB/matrix_noDB_redis/synapse/federation_sender.log.yaml
Executable file
|
@ -0,0 +1,33 @@
|
|||
version: 1
|
||||
|
||||
formatters:
|
||||
fmt:
|
||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
|
||||
|
||||
filters:
|
||||
context:
|
||||
(): synapse.logging.context.LoggingContextFilter
|
||||
request: ""
|
||||
|
||||
handlers:
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: fmt
|
||||
filters: [context]
|
||||
|
||||
root:
|
||||
level: INFO
|
||||
handlers: [console] # to use file handler instead, switch to [file]
|
||||
|
||||
loggers:
|
||||
synapse:
|
||||
level: INFO
|
||||
|
||||
synapse.storage.SQL:
|
||||
level: INFO
|
||||
|
||||
ldap3:
|
||||
level: INFO
|
||||
|
||||
ldap_auth_provider:
|
||||
level: INFO
|
33
matrix_extDB/matrix_noDB_redis/synapse/generic-worker-log.yaml
Executable file
33
matrix_extDB/matrix_noDB_redis/synapse/generic-worker-log.yaml
Executable file
|
@ -0,0 +1,33 @@
|
|||
version: 1
|
||||
|
||||
formatters:
|
||||
fmt:
|
||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
|
||||
|
||||
filters:
|
||||
context:
|
||||
(): synapse.logging.context.LoggingContextFilter
|
||||
request: ""
|
||||
|
||||
handlers:
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: fmt
|
||||
filters: [context]
|
||||
|
||||
root:
|
||||
level: INFO
|
||||
handlers: [console] # to use file handler instead, switch to [file]
|
||||
|
||||
loggers:
|
||||
synapse:
|
||||
level: INFO
|
||||
|
||||
synapse.storage.SQL:
|
||||
level: INFO
|
||||
|
||||
ldap3:
|
||||
level: INFO
|
||||
|
||||
ldap_auth_provider:
|
||||
level: INFO
|
2948
matrix_extDB/matrix_noDB_redis/synapse/homeserver.yaml.sh
Executable file
2948
matrix_extDB/matrix_noDB_redis/synapse/homeserver.yaml.sh
Executable file
File diff suppressed because it is too large
Load diff
33
matrix_extDB/matrix_noDB_redis/synapse/log.yaml
Executable file
33
matrix_extDB/matrix_noDB_redis/synapse/log.yaml
Executable file
|
@ -0,0 +1,33 @@
|
|||
version: 1
|
||||
|
||||
formatters:
|
||||
fmt:
|
||||
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
|
||||
|
||||
filters:
|
||||
context:
|
||||
(): synapse.logging.context.LoggingContextFilter
|
||||
request: ""
|
||||
|
||||
handlers:
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: fmt
|
||||
filters: [context]
|
||||
|
||||
root:
|
||||
level: INFO
|
||||
handlers: [console] # to use file handler instead, switch to [file]
|
||||
|
||||
loggers:
|
||||
synapse:
|
||||
level: INFO
|
||||
|
||||
synapse.storage.SQL:
|
||||
level: INFO
|
||||
|
||||
ldap3:
|
||||
level: INFO
|
||||
|
||||
ldap_auth_provider:
|
||||
level: INFO
|
|
@ -0,0 +1,15 @@
|
|||
worker_app: synapse.app.generic_worker
|
||||
worker_name: synapse-federation-sender-1
|
||||
|
||||
worker_listeners:
|
||||
- type: http
|
||||
port: 8082
|
||||
resources:
|
||||
- names: [federation]
|
||||
- type: http
|
||||
port: 9082
|
||||
resources:
|
||||
- names: [replication]
|
||||
|
||||
|
||||
worker_log_config: /data/federation_sender.log.yaml
|
|
@ -0,0 +1,14 @@
|
|||
worker_app: synapse.app.generic_worker
|
||||
worker_name: synapse-generic-worker-all
|
||||
|
||||
worker_listeners:
|
||||
- type: http
|
||||
port: 8081
|
||||
resources:
|
||||
- names: [client]
|
||||
- type: http
|
||||
port: 9081
|
||||
resources:
|
||||
- names: [replication]
|
||||
|
||||
worker_log_config: /data/generic-worker-log.yaml
|
|
@ -0,0 +1,14 @@
|
|||
worker_app: synapse.app.generic_worker
|
||||
worker_name: synapse-generic-worker-sync
|
||||
|
||||
worker_listeners:
|
||||
- type: http
|
||||
port: 8083
|
||||
resources:
|
||||
- names: [client]
|
||||
- type: http
|
||||
port: 9083
|
||||
resources:
|
||||
- names: [replication]
|
||||
|
||||
worker_log_config: /data/generic-worker-log.yaml
|
Loading…
Reference in a new issue