ungleich-intern/matrix-docker-compose
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Move dev/ things to development

Browse source
This commit is contained in:
Nico Schottelius 2024-01-05 11:20:18 +01:00
commit e3923b28b8
72 changed files with 0 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
development/coturn/README.md Normal file
View file

@ -0,0 +1,26 @@
## Usage and Components
Note: as of 2023-09-01 this docker-compose is available internally.
### Versions
* coturn: https://hub.docker.com/r/coturn/coturn/tags
### HOSTNAME for turnserver
* realm: on which domain for turn server
### Sample usage
Setting up turnserver.conf for coturn ...
- set realm "fn.nf"
- set listenport 3487
- set tlslistenport 5349
- set min port 49152
- set max port 65535
- set static-auth-secret weqrdvfdsawerawefsdaf123#@#dsfaf132
```
docker-compose up -d
```

16
development/coturn/coturn/turnserver.conf Normal file
View file

@ -0,0 +1,16 @@
realm=turn.tws-matrix.ungleich.cloud
no-tcp-relay
listening-ip=0.0.0.0
listening-port=3478
tls-listening-port=5349
min-port=49152
max-port=65535
log-file=stdout
verbose
pidfile=/var/tmp/turnserver.pid
#lt-cred-mech
use-auth-secret
static-auth-secret=iasdfsadfasdfasdfasdffsdfasdfsdfsdf
#user=$AUTHUSERNAME:$AUTHPW
pkey=/etc/ssl/private/privkey.pem
cert=/etc/ssl/certs/cert.pem

41
development/coturn/docker-compose.yaml Normal file
View file

@ -0,0 +1,41 @@
version: '3.8'
services:
coturn:
image: coturn/coturn:latest
restart: unless-stopped
# environment:
# - HOSTNAME=${hostname}
# - LISTENPORT=${listenport}
# - TLSPORT=${tlsport}
# - MINPORT=${minport}
# - MAXPORT=${maxport}
# - AUTHSECRET=${authsecret}
# ports:
## STUN/TURN
# - "3478:3478"
# - "3478:3478/udp"
# - "3479:3479"
# - "3479:3479/udp"
# - "80:80"
# - "80:80/udp"
## STUN/TURN SSL
# - "5349:5349"
# - "5349:5349/udp"
# - "5350:5350"
# - "5350:5350/udp"
# - "443:443"
# - "443:443/udp"
# - "49152-49252:49152-49252"
# - "49152-49252:49152-49252/udp"
# Relay Ports
# - "49152-65535:49152-65535"
# - "49152-65535:49152-65535/udp"
volumes:
- ./coturn/turnserver.conf:/etc/turnserver.conf
- ./coturn/privkey.pem:/etc/ssl/private/privkey.pem:ro
- ./coturn/cert.pem:/etc/ssl/certs/cert.pem:ro
network_mode: "host"
# command: sh -c "/etc/turnserver.conf.sh"
# entrypoint: sh -c "docker-entrypoint.sh && /etc/turnserver.conf.sh && chmod -R 777 /etc/turnsever.conf"
# depends_on:
# - nginx

33
development/jitsi/.env Normal file
View file

@ -0,0 +1,33 @@
CONFIG=./config
HTTP_PORT=80
HTTPS_PORT=443
TZ=UTC
PUBLIC_URL=https://"jitsi domain"
# Enable Let's Encrypt certificate generation
ENABLE_LETSENCRYPT=1
LETSENCRYPT_DOMAIN="jitsi webdomain"
LETSENCRYPT_EMAIL=technik@ungleich.ch
# Use the staging server
#LETSENCRYPT_USE_STAGING=1
#etherpad-lite
#ETHERPAD_URL_BASE=http://etherpad.meet.jitsi:9001
#ETHERPAD_PUBLIC_URL=https://etherpad.my.domain/p/
ETHERPAD_TITLE="Video Chat"
ETHERPAD_DEFAULT_PAD_TEXT="Welcome to Web Chat!\n\n"
ETHERPAD_SKIN_NAME=colibris
ETHERPAD_SKIN_VARIANTS="super-light-toolbar super-light-editor light-background full-width-editor"
#ENABLE_AUTH=1
#ENABLE_GUESTS=1
#AUTH_TYPE=matrix
JICOFO_AUTH_PASSWORD=869aca0bddd9d543013a2d147148f55d
JVB_AUTH_PASSWORD=33e4dab16cfc2b3c57bbf35a47e49abf
JIGASI_XMPP_PASSWORD=57a16affa6676595220b166c9a6204cd
JIBRI_RECORDER_PASSWORD=46c27ec3786ade70ccf33f43759a134a
JIBRI_XMPP_PASSWORD=59c742bac98a7f86a95900ce77957b18
RESTART_POLICY=unless-stopped

60
development/jitsi/README.md Normal file
View file

@ -0,0 +1,60 @@
## Usage and Components
Note: as of 2023-11-22 this docker-compose is available internally.
### Versions
* jitsi/web: https://hub.docker.com/r/jitsi/web/tags
* jitsi/prodody: https://hub.docker.com/r/jitsi/prosody/tags
* jitsi/jicofo: https://hub.docker.com/r/jitsi/jicofo/tags
* jitsi/jvb: https://hub.docker.com/r/jitsi/jvb/tags
### Domains / jitsi web
* PUBLIC_URL: on which domain the jistis server is reachable
* LETSENCRYPT_DOMAIN: on which domain web will be deployed
### Sample usage
Setting up jitsi for ...
- the jitsi domain "fn.nf"
- jitsi web "fn.nf"
- set domains and config via .env
```
PUBLIC_URL=https://fn.nf
ENABLE_LETSENCRYPT=1
LETSENCRYPT_DOMAIN=fn.nf
LETSENCRYPT_EMAIL=technik@ungleich.ch
LETSENCRYPT_USE_STAGING=1
JITSI_IMAGE_VERSION=latest
JICOFO_AUTH_PASSWORD="create password ex. pwgen 32"
JVB_AUTH_PASSWORD="create password ex. pwgen 32"
JIGASI_XMPP_PASSWORD="create password ex. pwgen 32"
JIBRI_RECORDER_PASSWORD="create password ex. pwgen 32"
JIBRI_XMPP_PASSWORD="create password ex. pwgen 32"
```
- run docker-compose
```
docker-compose up -d
```
### Using existing TLS certificate and key
- update docker-compose.yml
```
services:
web:
...
volumes:
...
- /path/to/your/cert.fullchain:/config/keys/cert.crt
- /path/to/your/cert.key:/config/keys/cert.key
```

0
development/jitsi/config/jibri/.gitignore vendored Normal file
View file

0
development/jitsi/config/jicofo/.gitignore vendored Normal file
View file

0
development/jitsi/config/jigasi/.gitignore vendored Normal file
View file

0
development/jitsi/config/jvb/.gitignore vendored Normal file
View file

0
development/jitsi/config/prosody/.gitignore vendored Normal file
View file

0
development/jitsi/config/transcripts/.gitignore vendored Normal file
View file

0
development/jitsi/config/web/.gitignore vendored Normal file
View file

436
development/jitsi/docker-compose.yml Normal file
View file

@ -0,0 +1,436 @@
version: '3.5'
services:
# Frontend
web:
image: jitsi/web:${JITSI_IMAGE_VERSION:-unstable}
restart: ${RESTART_POLICY:-unless-stopped}
ports:
- '${HTTP_PORT}:80'
- '${HTTPS_PORT}:443'
volumes:
- ${CONFIG}/web:/config:Z
- ${CONFIG}/web/crontabs:/var/spool/cron/crontabs:Z
- ${CONFIG}/transcripts:/usr/share/jitsi-meet/transcripts:Z
environment:
- AMPLITUDE_ID
- ANALYTICS_SCRIPT_URLS
- ANALYTICS_WHITELISTED_EVENTS
- AUDIO_QUALITY_OPUS_BITRATE
- AUTO_CAPTION_ON_RECORD
- BRANDING_DATA_URL
- CALLSTATS_CUSTOM_SCRIPT_URL
- CALLSTATS_ID
- CALLSTATS_SECRET
- CHROME_EXTENSION_BANNER_JSON
- COLIBRI_WEBSOCKET_PORT
- COLIBRI_WEBSOCKET_JVB_LOOKUP_NAME
- COLIBRI_WEBSOCKET_REGEX
- CONFCODE_URL
- CONFIG_EXTERNAL_CONNECT
- DEFAULT_LANGUAGE
- DEPLOYMENTINFO_ENVIRONMENT
- DEPLOYMENTINFO_ENVIRONMENT_TYPE
- DEPLOYMENTINFO_REGION
- DEPLOYMENTINFO_SHARD
- DEPLOYMENTINFO_USERREGION
- DESKTOP_SHARING_FRAMERATE_MIN
- DESKTOP_SHARING_FRAMERATE_MAX
- DIALIN_NUMBERS_URL
- DIALOUT_AUTH_URL
- DIALOUT_CODES_URL
- DISABLE_AUDIO_LEVELS
- DISABLE_COLIBRI_WEBSOCKET_JVB_LOOKUP
- DISABLE_DEEP_LINKING
- DISABLE_GRANT_MODERATOR
- DISABLE_HTTPS
- DISABLE_KICKOUT
- DISABLE_LOCAL_RECORDING
- DISABLE_POLLS
- DISABLE_PRIVATE_CHAT
- DISABLE_PROFILE
- DISABLE_REACTIONS
- DISABLE_REMOTE_VIDEO_MENU
- DISABLE_START_FOR_ALL
- DROPBOX_APPKEY
- DROPBOX_REDIRECT_URI
- DYNAMIC_BRANDING_URL
- ENABLE_AUDIO_PROCESSING
- ENABLE_AUTH
- ENABLE_AUTH_DOMAIN
- ENABLE_BREAKOUT_ROOMS
- ENABLE_CALENDAR
- ENABLE_COLIBRI_WEBSOCKET
- ENABLE_COLIBRI_WEBSOCKET_UNSAFE_REGEX
- ENABLE_E2EPING
- ENABLE_FILE_RECORDING_SHARING
- ENABLE_GUESTS
- ENABLE_HSTS
- ENABLE_HTTP_REDIRECT
- ENABLE_IPV6
- ENABLE_LETSENCRYPT
- ENABLE_LIPSYNC
- ENABLE_NO_AUDIO_DETECTION
- ENABLE_NOISY_MIC_DETECTION
- ENABLE_OCTO
- ENABLE_OPUS_RED
- ENABLE_PREJOIN_PAGE
- ENABLE_P2P
- ENABLE_WELCOME_PAGE
- ENABLE_CLOSE_PAGE
- ENABLE_LIVESTREAMING
- ENABLE_LIVESTREAMING_DATA_PRIVACY_LINK
- ENABLE_LIVESTREAMING_HELP_LINK
- ENABLE_LIVESTREAMING_TERMS_LINK
- ENABLE_LIVESTREAMING_VALIDATOR_REGEXP_STRING
- ENABLE_LOCAL_RECORDING_NOTIFY_ALL_PARTICIPANT
- ENABLE_LOCAL_RECORDING_SELF_START
- ENABLE_RECORDING
- ENABLE_REMB
- ENABLE_REQUIRE_DISPLAY_NAME
- ENABLE_SERVICE_RECORDING
- ENABLE_SIMULCAST
- ENABLE_STATS_ID
- ENABLE_STEREO
- ENABLE_SUBDOMAINS
- ENABLE_TALK_WHILE_MUTED
- ENABLE_TCC
- ENABLE_TRANSCRIPTIONS
- ENABLE_XMPP_WEBSOCKET
- ENABLE_JAAS_COMPONENTS
- ETHERPAD_PUBLIC_URL
- ETHERPAD_URL_BASE
- E2EPING_NUM_REQUESTS
- E2EPING_MAX_CONFERENCE_SIZE
- E2EPING_MAX_MESSAGE_PER_SECOND
- GOOGLE_ANALYTICS_ID
- GOOGLE_API_APP_CLIENT_ID
- HIDE_PREMEETING_BUTTONS
- HIDE_PREJOIN_DISPLAY_NAME
- HIDE_PREJOIN_EXTRA_BUTTONS
- INVITE_SERVICE_URL
- JVB_PREFER_SCTP
- LETSENCRYPT_DOMAIN
- LETSENCRYPT_EMAIL
- LETSENCRYPT_USE_STAGING
- MATOMO_ENDPOINT
- MATOMO_SITE_ID
- MICROSOFT_API_APP_CLIENT_ID
- NGINX_RESOLVER
- NGINX_WORKER_PROCESSES
- NGINX_WORKER_CONNECTIONS
- PEOPLE_SEARCH_URL
- PREFERRED_LANGUAGE
- PUBLIC_URL
- P2P_PREFERRED_CODEC
- RESOLUTION
- RESOLUTION_MIN
- RESOLUTION_WIDTH
- RESOLUTION_WIDTH_MIN
- START_AUDIO_MUTED
- START_AUDIO_ONLY
- START_BITRATE
- START_SILENT
- START_WITH_AUDIO_MUTED
- START_VIDEO_MUTED
- START_WITH_VIDEO_MUTED
- TESTING_CAP_SCREENSHARE_BITRATE
- TESTING_OCTO_PROBABILITY
- TOKEN_AUTH_URL
- TOOLBAR_BUTTONS
- TRANSLATION_LANGUAGES
- TRANSLATION_LANGUAGES_HEAD
- TZ
- USE_APP_LANGUAGE
- VIDEOQUALITY_BITRATE_H264_LOW
- VIDEOQUALITY_BITRATE_H264_STANDARD
- VIDEOQUALITY_BITRATE_H264_HIGH
- VIDEOQUALITY_BITRATE_VP8_LOW
- VIDEOQUALITY_BITRATE_VP8_STANDARD
- VIDEOQUALITY_BITRATE_VP8_HIGH
- VIDEOQUALITY_BITRATE_VP9_LOW
- VIDEOQUALITY_BITRATE_VP9_STANDARD
- VIDEOQUALITY_BITRATE_VP9_HIGH
- VIDEOQUALITY_BITRATE_AV1_LOW
- VIDEOQUALITY_BITRATE_AV1_STANDARD
- VIDEOQUALITY_BITRATE_AV1_HIGH
- VIDEOQUALITY_ENFORCE_PREFERRED_CODEC
- VIDEOQUALITY_PREFERRED_CODEC
- XMPP_AUTH_DOMAIN
- XMPP_BOSH_URL_BASE
- XMPP_DOMAIN
- XMPP_GUEST_DOMAIN
- XMPP_MUC_DOMAIN
- XMPP_RECORDER_DOMAIN
- XMPP_PORT
- WHITEBOARD_ENABLED
- WHITEBOARD_COLLAB_SERVER_PUBLIC_URL
networks:
meet.jitsi:
# XMPP server
prosody:
image: jitsi/prosody:${JITSI_IMAGE_VERSION:-unstable}
restart: ${RESTART_POLICY:-unless-stopped}
expose:
- '${XMPP_PORT:-5222}'
- '${PROSODY_S2S_PORT:-5269}'
- '5347'
- '${PROSODY_HTTP_PORT:-5280}'
volumes:
- ${CONFIG}/prosody/config:/config:Z
- ${CONFIG}/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z
environment:
- AUTH_TYPE
- DISABLE_POLLS
- ENABLE_AUTH
- ENABLE_AV_MODERATION
- ENABLE_BREAKOUT_ROOMS
- ENABLE_END_CONFERENCE
- ENABLE_GUESTS
- ENABLE_IPV6
- ENABLE_LOBBY
- ENABLE_RECORDING
- ENABLE_S2S
- ENABLE_VISITORS
- ENABLE_XMPP_WEBSOCKET
- ENABLE_JAAS_COMPONENTS
- GC_TYPE
- GC_INC_TH
- GC_INC_SPEED
- GC_INC_STEP_SIZE
- GC_GEN_MIN_TH
- GC_GEN_MAX_TH
- GLOBAL_CONFIG
- GLOBAL_MODULES
- JIBRI_RECORDER_USER
- JIBRI_RECORDER_PASSWORD
- JIBRI_XMPP_USER
- JIBRI_XMPP_PASSWORD
- JICOFO_AUTH_PASSWORD
- JICOFO_COMPONENT_SECRET
- JIGASI_XMPP_USER
- JIGASI_XMPP_PASSWORD
- JVB_AUTH_USER
- JVB_AUTH_PASSWORD
- JWT_APP_ID
- JWT_APP_SECRET
- JWT_ACCEPTED_ISSUERS
- JWT_ACCEPTED_AUDIENCES
- JWT_ASAP_KEYSERVER
- JWT_ALLOW_EMPTY
- JWT_AUTH_TYPE
- JWT_ENABLE_DOMAIN_VERIFICATION
- JWT_TOKEN_AUTH_MODULE
- MATRIX_UVS_URL
- MATRIX_UVS_ISSUER
- MATRIX_UVS_AUTH_TOKEN
- MATRIX_UVS_SYNC_POWER_LEVELS
- LOG_LEVEL
- LDAP_AUTH_METHOD
- LDAP_BASE
- LDAP_BINDDN
- LDAP_BINDPW
- LDAP_FILTER
- LDAP_VERSION
- LDAP_TLS_CIPHERS
- LDAP_TLS_CHECK_PEER
- LDAP_TLS_CACERT_FILE
- LDAP_TLS_CACERT_DIR
- LDAP_START_TLS
- LDAP_URL
- LDAP_USE_TLS
- MAX_PARTICIPANTS
- PROSODY_ADMINS
- PROSODY_AUTH_TYPE
- PROSODY_C2S_LIMIT
- PROSODY_C2S_REQUIRE_ENCRYPTION
- PROSODY_RESERVATION_ENABLED
- PROSODY_RESERVATION_REST_BASE_URL
- PROSODY_ENABLE_RATE_LIMITS
- PROSODY_ENABLE_S2S
- PROSODY_GUEST_AUTH_TYPE
- PROSODY_HTTP_PORT
- PROSODY_LOG_CONFIG
- PROSODY_MODE
- PROSODY_RATE_LIMIT_LOGIN_RATE
- PROSODY_RATE_LIMIT_SESSION_RATE
- PROSODY_RATE_LIMIT_TIMEOUT
- PROSODY_RATE_LIMIT_ALLOW_RANGES
- PROSODY_RATE_LIMIT_CACHE_SIZE
- PROSODY_S2S_LIMIT
- PROSODY_S2S_PORT
- PROSODY_TRUSTED_PROXIES
- PROSODY_VISITOR_INDEX
- PROSODY_VISITORS_MUC_PREFIX
- PUBLIC_URL
- STUN_HOST
- STUN_PORT
- TURN_CREDENTIALS
- TURN_HOST
- TURNS_HOST
- TURN_PORT
- TURNS_PORT
- TURN_TRANSPORT
- TZ
- VISITORS_MAX_VISITORS_PER_NODE
- VISITORS_XMPP_DOMAIN
- VISITORS_XMPP_SERVER
- VISITORS_XMPP_PORT
- XMPP_BREAKOUT_MUC_MODULES
- XMPP_CONFIGURATION
- XMPP_DOMAIN
- XMPP_AUTH_DOMAIN
- XMPP_GUEST_DOMAIN
- XMPP_MUC_DOMAIN
- XMPP_INTERNAL_MUC_DOMAIN
- XMPP_LOBBY_MUC_MODULES
- XMPP_MODULES
- XMPP_MUC_MODULES
- XMPP_MUC_CONFIGURATION
- XMPP_INTERNAL_MUC_MODULES
- XMPP_RECORDER_DOMAIN
- XMPP_PORT
- XMPP_SERVER_S2S_PORT
networks:
meet.jitsi:
aliases:
- ${XMPP_SERVER:-xmpp.meet.jitsi}
# Focus component
jicofo:
image: jitsi/jicofo:${JITSI_IMAGE_VERSION:-unstable}
restart: ${RESTART_POLICY:-unless-stopped}
ports:
- '127.0.0.1:${JICOFO_REST_PORT:-8888}:8888'
volumes:
- ${CONFIG}/jicofo:/config:Z
environment:
- AUTH_TYPE
- BRIDGE_AVG_PARTICIPANT_STRESS
- BRIDGE_STRESS_THRESHOLD
- ENABLE_AUTH
- ENABLE_AUTO_OWNER
- ENABLE_CODEC_VP8
- ENABLE_CODEC_VP9
- ENABLE_CODEC_AV1
- ENABLE_CODEC_H264
- ENABLE_CODEC_OPUS_RED
- ENABLE_JVB_XMPP_SERVER
- ENABLE_OCTO
- ENABLE_RECORDING
- ENABLE_SCTP
- ENABLE_VISITORS
- ENABLE_AUTO_LOGIN
- JICOFO_AUTH_LIFETIME
- JICOFO_AUTH_PASSWORD
- JICOFO_AUTH_TYPE
- JICOFO_BRIDGE_REGION_GROUPS
- JICOFO_ENABLE_AUTH
- JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
- JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT
- JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT
- JICOFO_CONF_SOURCE_SIGNALING_DELAYS
- JICOFO_CONF_MAX_AUDIO_SENDERS
- JICOFO_CONF_MAX_VIDEO_SENDERS
- JICOFO_CONF_STRIP_SIMULCAST
- JICOFO_CONF_SSRC_REWRITING
- JICOFO_ENABLE_HEALTH_CHECKS
- JICOFO_ENABLE_REST
- JICOFO_HEALTH_CHECKS_USE_PRESENCE
- JICOFO_MULTI_STREAM_BACKWARD_COMPAT
- JICOFO_OCTO_REGION
- JIBRI_BREWERY_MUC
- JIBRI_REQUEST_RETRIES
- JIBRI_PENDING_TIMEOUT
- JIGASI_BREWERY_MUC
- JIGASI_SIP_URI
- JVB_BREWERY_MUC
- JVB_XMPP_AUTH_DOMAIN
- JVB_XMPP_INTERNAL_MUC_DOMAIN
- JVB_XMPP_PORT
- JVB_XMPP_SERVER
- MAX_BRIDGE_PARTICIPANTS
- OCTO_BRIDGE_SELECTION_STRATEGY
- PROSODY_VISITORS_MUC_PREFIX
- SENTRY_DSN="${JICOFO_SENTRY_DSN:-0}"
- SENTRY_ENVIRONMENT
- SENTRY_RELEASE
- TZ
- VISITORS_MAX_PARTICIPANTS
- VISITORS_MAX_VISITORS_PER_NODE
- VISITORS_XMPP_SERVER
- VISITORS_XMPP_DOMAIN
- XMPP_DOMAIN
- XMPP_AUTH_DOMAIN
- XMPP_INTERNAL_MUC_DOMAIN
- XMPP_MUC_DOMAIN
- XMPP_RECORDER_DOMAIN
- XMPP_SERVER
- XMPP_PORT
depends_on:
- prosody
networks:
meet.jitsi:
# Video bridge
jvb:
image: jitsi/jvb:${JITSI_IMAGE_VERSION:-unstable}
restart: ${RESTART_POLICY:-unless-stopped}
ports:
- '${JVB_PORT:-10000}:${JVB_PORT:-10000}/udp'
- '127.0.0.1:${JVB_COLIBRI_PORT:-8080}:8080'
volumes:
- ${CONFIG}/jvb:/config:Z
environment:
- AUTOSCALER_SIDECAR_KEY_FILE
- AUTOSCALER_SIDECAR_KEY_ID
- AUTOSCALER_SIDECAR_GROUP_NAME
- AUTOSCALER_SIDECAR_HOST_ID
- AUTOSCALER_SIDECAR_INSTANCE_ID
- AUTOSCALER_SIDECAR_PORT
- AUTOSCALER_SIDECAR_REGION
- AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL
- AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL
- DOCKER_HOST_ADDRESS
- ENABLE_COLIBRI_WEBSOCKET
- ENABLE_JVB_XMPP_SERVER
- ENABLE_OCTO
- JVB_ADVERTISE_IPS
- JVB_ADVERTISE_PRIVATE_CANDIDATES
- JVB_AUTH_USER
- JVB_AUTH_PASSWORD
- JVB_BREWERY_MUC
- JVB_DISABLE_STUN
- JVB_INSTANCE_ID
- JVB_PORT
- JVB_MUC_NICKNAME
- JVB_STUN_SERVERS
- JVB_OCTO_BIND_ADDRESS
- JVB_OCTO_REGION
- JVB_OCTO_RELAY_ID
- JVB_WS_DOMAIN
- JVB_WS_SERVER_ID
- JVB_XMPP_AUTH_DOMAIN
- JVB_XMPP_INTERNAL_MUC_DOMAIN
- JVB_XMPP_PORT
- JVB_XMPP_SERVER
- PUBLIC_URL
- SENTRY_DSN="${JVB_SENTRY_DSN:-0}"
- SENTRY_ENVIRONMENT
- SENTRY_RELEASE
- COLIBRI_REST_ENABLED
- SHUTDOWN_REST_ENABLED
- TZ
- XMPP_AUTH_DOMAIN
- XMPP_INTERNAL_MUC_DOMAIN
- XMPP_SERVER
- XMPP_PORT
depends_on:
- prosody
networks:
meet.jitsi:
# Custom network so all services can communicate using a FQDN
networks:
meet.jitsi:

15
development/matrix_extDB/matrix_noDB/.env Normal file
View file

@ -0,0 +1,15 @@
homeServerFQDN=tws-matrix.ungleich.cloud
synapseFQDN=synapse.tws-matrix.ungleich.cloud
elementWebFQDN=chat.tws-matrix.ungleich.cloud
dbuser=synapse
dbhost=postgres.tws-matrix.ungleich.cloud
dbpassword=NEEDTOSETPASSWORD
dbname=synapse
DOMAIN=synapse.tws-matrix.ungleich.cloud
EMAIL=technik@ungleich.ch
STAGING=no
redishost=redis-node1.ungleich.cloud
redisport=7300
turnhost=turn.tws-matrix.ungleich.cloud
turnport=3478
turnsecret=iasdfsadfasdfasdfasdffsdfasdfsdfsdf

44
development/matrix_extDB/matrix_noDB/README.md Normal file
View file

@ -0,0 +1,44 @@
## Usage and Components
Note: as of 2023-09-01 this docker-compose is available internally.
### Versions
* Element: https://hub.docker.com/r/vectorim/element-web/tags
* Synapse: https://hub.docker.com/r/matrixdotorg/synapse/tags
### Domains / homeserver.yaml and element-config.json
* synapseFQDN: on which domain the home server is reachable
* elementWebFQDN: on which domain element web will be deployed
* homeServerFQDN: the "matrix domain" that identifies the users
### Sample usage
Setting up matrix for ...
- the matrix domain "fn.nf"
- the homeserver "homeserver.fn.nf"
- element web on m.fn.nf
- set domains and config via .env
```
homeServerFQDN=homeServerFQDN.sample.matrix.ungleich.cloud
synapseFQDN=synapse.sample.matrix.ungleich.cloud
elementWebFQDN=elementWebFQDN.sample.matrix.ungleich.cloud
dbuser=synapse
dbhost=postgres.tws-matrix.ungleich.cloud
dbpassword=NEEDTOSETPASSWORD
dbname=synapse
DOMAIN=synapse.tws-matrix.ungleich.cloud
EMAIL=technik@ungleich.ch
STAGING=no
redishost=redis-node1.ungleich.cloud
redisport=7300
```
```
docker-compose up -d
```

11
development/matrix_extDB/matrix_noDB/conf/default Normal file
View file

@ -0,0 +1,11 @@
server {
listen *:80;
listen [::]:80;
server_name _;
# Everything else -> ssl
location / {
return 301 https://$host$request_uri;
}
}

28
development/matrix_extDB/matrix_noDB/conf/elementhttp.conf Normal file
View file

@ -0,0 +1,28 @@
server {
listen 127.0.0.1:8080;
listen [::1]:8080;
server_name localhost;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 512M;
proxy_buffering off;
# Set no-cache for the index.html only so that browsers always check for a new copy of Element Web.
location = /index.html {
add_header Cache-Control "no-cache";
}
location = /version {
add_header Cache-Control "no-cache";
}
# covers config.json and config.hostname.json requests as it is prefix.
location /config {
add_header Cache-Control "no-cache";
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
}

94
development/matrix_extDB/matrix_noDB/dconf/nginx.conf Normal file
View file

@ -0,0 +1,94 @@
# /etc/nginx/nginx.conf
user nginx;
# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
# Configures default error logger.
error_log /var/log/nginx/error.log warn;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
events {
# The maximum number of simultaneous connections that can be opened by
# a worker process.
worker_connections 1024;
}
http {
server_names_hash_bucket_size 64;
map_hash_bucket_size 128;
# Includes mapping of file name extensions to MIME types of responses
# and defines the default type.
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Name servers used to resolve names of upstream servers into addresses.
# It's also needed when using tcpsocket and udpsocket in Lua modules.
#resolver 208.67.222.222 208.67.220.220;
# Don't tell nginx version to clients.
server_tokens off;
# Specifies the maximum accepted body size of a client request, as
# indicated by the request header Content-Length. If the stated content
# length is greater than this size, then the client receives the HTTP
# error code 413. Set to 0 to disable.
client_max_body_size 1m;
# Timeout for keep-alive connections. Server will close connections after
# this time.
keepalive_timeout 65;
# Sendfile copies data between one FD and other from within the kernel,
# which is more efficient than read() + write().
sendfile on;
# Don't buffer data-sends (disable Nagle algorithm).
# Good for sending frequent small bursts of data in real time.
tcp_nodelay on;
# Causes nginx to attempt to send its HTTP response head in one packet,
# instead of using partial frames.
#tcp_nopush on;
# Path of the file with Diffie-Hellman parameters for EDH ciphers.
#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
# Specifies that our cipher suits should be preferred over client ciphers.
ssl_prefer_server_ciphers on;
# Enables a shared SSL cache with size that can hold around 8000 sessions.
ssl_session_cache shared:SSL:2m;
# Enable gzipping of responses.
#gzip on;
# Set the Vary HTTP header as defined in the RFC 2616.
gzip_vary on;
# Enable checking the existence of precompressed files.
#gzip_static on;
# Specifies the main log format.
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Sets the path, format, and configuration for a buffered log write.
access_log /var/log/nginx/access.log main;
# Includes virtual hosts configs.
include /etc/nginx/conf.d/*;
}

74
development/matrix_extDB/matrix_noDB/docker-compose.yaml Normal file
View file

@ -0,0 +1,74 @@
version: '3'
services:
synapse:
image: matrixdotorg/synapse:latest
restart: unless-stopped
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
- DBNAME=${dbname}
- DBHOST=${dbhost}
- DBUSER=${dbuser}
- DBPASSWORD=${dbpassword}
- REDISHOST=${redishost}
- REDISPORT=${redisport}
- TURNPORT=${turnport}
- TURNHOST=${turnhost}
- TURNSECRET=${turnsecret}
network_mode: "host"
volumes:
- ./synapse:/data
entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py"
element:
image: vectorim/element-web:latest
restart: unless-stopped
environment:
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
volumes:
- ./element/config.json.sh:/app/config.json.sh
- ./element/element.conf.sh:/app/element.conf.sh
- ./element/redirector.conf.sh:/app/redirector.conf.sh
- ./element/synapse.conf.sh:/app/synapse.conf.sh
- ./conf:/etc/nginx/conf.d
- ./etcletsencrypt:/etc/letsencrypt
- ./dconf/nginx.conf:/etc/nginx/nginx.conf
command: sh -c "/app/config.json.sh && /app/element.conf.sh && /app/redirector.conf.sh && /app/synapse.conf.sh && nginx -g 'daemon off;'"
network_mode: "host"
synapse-generic-worker-1:
image: matrixdotorg/synapse:latest
container_name: synapse-generic-worker-1
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-generic-worker-1.yaml"]
healthcheck:
test: ["CMD-SHELL", "curl -fSs http://localhost:8081/health || exit 1"]
start_period: "5s"
interval: "15s"
timeout: "5s"
network_mode: "host"
volumes:
- ./synapse:/data
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
depends_on:
- synapse
synapse-federation-sender-1:
image: matrixdotorg/synapse:latest
container_name: synapse-federation-sender-1
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
healthcheck:
disable: true
network_mode: "host"
volumes:
- ./synapse:/data
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
depends_on:
- synapse

55
development/matrix_extDB/matrix_noDB/element/config.json.sh Executable file
View file

@ -0,0 +1,55 @@
#!/bin/sh
/docker-entrypoint.sh
cat << EOF > /app/config.json
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://$PUBLICBASEURL",
"server_name": "$SERVERNAME"
},
"m.identity_server": {
"base_url": "https://vector.im"
}
},
"disable_custom_urls": false,
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": false,
"brand": "Element",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_widgets_urls": [
"https://scalar.vector.im/_matrix/integrations/v1",
"https://scalar.vector.im/api",
"https://scalar-staging.vector.im/_matrix/integrations/v1",
"https://scalar-staging.vector.im/api",
"https://scalar-staging.riot.im/scalar/api"
],
"default_country_code": "GB",
"show_labs_settings": false,
"features": {},
"default_federate": true,
"default_theme": "light",
"room_directory": {
"servers": ["matrix.org"]
},
"enable_presence_by_hs_url": {
"https://matrix.org": false,
"https://matrix-client.matrix.org": false
},
"setting_defaults": {
"breadcrumbs": true
},
"jitsi": {
"preferred_domain": "meet.element.io"
},
"element_call": {
"url": "https://call.element.io",
"participant_limit": 8,
"brand": "Element Call"
},
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
}
EOF

30
development/matrix_extDB/matrix_noDB/element/element.conf.sh Executable file
View file

@ -0,0 +1,30 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/element.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name $ELEMENTWEB;
ssl_certificate /etc/letsencrypt/live/$ELEMENTWEB/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$ELEMENTWEB/privkey.pem;
client_max_body_size 512m;
location / {
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'none'";
proxy_pass http://localhost:8080;
}
}
EOF

31
development/matrix_extDB/matrix_noDB/element/redirector.conf.sh Executable file
View file

@ -0,0 +1,31 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/redirector.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/$SERVERNAME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$SERVERNAME/privkey.pem;
server_name $SERVERNAME;
proxy_buffering off;
location /.well-known/matrix/server {
default_type application/json;
return 200 '{"m.server": "$PUBLICBASEURL:443" }';
}
location /.well-known/matrix/client {
default_type application/json;
return 200 '{ "m.homeserver": { "base_url": "https://$PUBLICBASEURL" } }';
}
location / {
proxy_buffering off;
client_max_body_size 512M;
return 301 https://$ELEMENTWEB;
}
}
EOF

131
development/matrix_extDB/matrix_noDB/element/synapse.conf.sh Executable file
View file

@ -0,0 +1,131 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/synapse.conf
upstream synapse_master {
server localhost:8008;
}
upstream synapse_federation {
server localhost:8082;
}
upstream synapse_generic {
server localhost:8081;
}
map \$request_uri \$synapse_backend {
default synapse_master;
# Sync requests
~*^/_matrix/client/(r0|v3)/sync\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3)/events\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3)/initialSync\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync\$ synapse_generic;
# Federation requests
~*^/_matrix/federation/v1/event/ synapse_federation;
~*^/_matrix/federation/v1/state/ synapse_federation;
~*^/_matrix/federation/v1/state_ids/ synapse_federation;
~*^/_matrix/federation/v1/backfill/ synapse_federation;
~*^/_matrix/federation/v1/get_missing_events/ synapse_federation;
~*^/_matrix/federation/v1/publicRooms synapse_federation;
~*^/_matrix/federation/v1/query/ synapse_federation;
~*^/_matrix/federation/v1/make_join/ synapse_federation;
~*^/_matrix/federation/v1/make_leave/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/send_join/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/send_leave/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/invite/ synapse_federation;
~*^/_matrix/federation/v1/event_auth/ synapse_federation;
~*^/_matrix/federation/v1/exchange_third_party_invite/ synapse_federation;
~*^/_matrix/federation/v1/user/devices/ synapse_federation;
~*^/_matrix/key/v2/query synapse_federation;
~*^/_matrix/federation/v1/hierarchy/ synapse_federation;
# Inbound federation transaction request
~*^/_matrix/federation/v1/send/ synapse_federation;
# Client API requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state\$ synapse_generic;
~*^/_matrix/client/v1/rooms/.*/hierarchy\$ synaspe_generic;
~*^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send\$ synapse_generic;
~*^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/account/3pid\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/account/whoami\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/devices\$ synapse_generic;
~*^/_matrix/client/versions\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/search\$ synapse_generic;
# Encryption requests
~*^/_matrix/client/(r0|v3|unstable)/keys/query\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/keys/changes\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/keys/claim\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/room_keys/ synapse_generic;
# Registration/login requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/register\$ synapse_generic;
~*^/_matrix/client/v1/register/m.login.registration_token/validity\$ synapse_generic;
# Event sending requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/join/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ synapse_generic;
# Account data requests
~*^/_matrix/client/(r0|v3|unstable)/.*/tags synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/.*/account_data synapse_generic;
# Receipts requests
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt synapse_generic;
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers synapse_generic;
# Presence requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ synapse_generic;
# User directory search requests
~*^/_matrix/client/(r0|v3|unstable)/user_directory/search\$ synapse_generic;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/$PUBLICBASEURL/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$PUBLICBASEURL/privkey.pem;
server_name $PUBLICBASEURL;
client_max_body_size 512m;
error_page 403 404 /403_404.html;
location = /403_404.html {
default_type application/json;
return 200 'You are not authorized to access this page.';
}
location ~ /_matrix|/_synapse {
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
proxy_pass http://\$synapse_backend;
}
}
EOF

33
development/matrix_extDB/matrix_noDB/synapse/federation_sender.log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

33
development/matrix_extDB/matrix_noDB/synapse/generic-worker-log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

2944
development/matrix_extDB/matrix_noDB/synapse/homeserver.yaml.sh Executable file
View file

File diff suppressed because it is too large Load diff

33
development/matrix_extDB/matrix_noDB/synapse/log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

15
development/matrix_extDB/matrix_noDB/synapse/workers/synapse-federation-sender-1.yaml Executable file
View file

@ -0,0 +1,15 @@
worker_app: synapse.app.generic_worker
worker_name: synapse-federation-sender-1
worker_listeners:
- type: http
port: 8082
resources:
- names: [federation]
- type: http
port: 9082
resources:
- names: [replication]
worker_log_config: /data/federation_sender.log.yaml

14
development/matrix_extDB/matrix_noDB/synapse/workers/synapse-generic-worker-1.yaml Executable file
View file

@ -0,0 +1,14 @@
worker_app: synapse.app.generic_worker
worker_name: synapse-generic-worker-1
worker_listeners:
- type: http
port: 8081
resources:
- names: [client]
- type: http
port: 9081
resources:
- names: [replication]
worker_log_config: /data/generic-worker-log.yaml

44
development/matrix_extDB/matrix_noDB_redis/README.md Normal file
View file

@ -0,0 +1,44 @@
## Usage and Components
Note: as of 2023-09-01 this docker-compose is available internally.
### Versions
* Element: https://hub.docker.com/r/vectorim/element-web/tags
* Synapse: https://hub.docker.com/r/matrixdotorg/synapse/tags
### Domains / homeserver.yaml and element-config.json
* synapseFQDN: on which domain the home server is reachable
* elementWebFQDN: on which domain element web will be deployed
* homeServerFQDN: the "matrix domain" that identifies the users
### Sample usage
Setting up matrix for ...
- the matrix domain "fn.nf"
- the homeserver "homeserver.fn.nf"
- element web on m.fn.nf
- set domains and config via .env
```
homeServerFQDN=homeServerFQDN.sample.matrix.ungleich.cloud
synapseFQDN=synapse.sample.matrix.ungleich.cloud
elementWebFQDN=elementWebFQDN.sample.matrix.ungleich.cloud
dbuser=synapse
dbhost=postgres.tws-matrix.ungleich.cloud
dbpassword=NEEDTOSETPASSWORD
dbname=synapse
DOMAIN=synapse.tws-matrix.ungleich.cloud
EMAIL=technik@ungleich.ch
STAGING=no
redishost=redis-node1.ungleich.cloud
redisport=7300
```
```
docker-compose up -d
```

11
development/matrix_extDB/matrix_noDB_redis/conf/default Normal file
View file

@ -0,0 +1,11 @@
server {
listen *:80;
listen [::]:80;
server_name _;
# Everything else -> ssl
location / {
return 301 https://$host$request_uri;
}
}

28
development/matrix_extDB/matrix_noDB_redis/conf/elementhttp.conf Normal file
View file

@ -0,0 +1,28 @@
server {
listen 127.0.0.1:8080;
listen [::1]:8080;
server_name localhost;
root /usr/share/nginx/html;
index index.html;
client_max_body_size 512M;
proxy_buffering off;
# Set no-cache for the index.html only so that browsers always check for a new copy of Element Web.
location = /index.html {
add_header Cache-Control "no-cache";
}
location = /version {
add_header Cache-Control "no-cache";
}
# covers config.json and config.hostname.json requests as it is prefix.
location /config {
add_header Cache-Control "no-cache";
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
}

94
development/matrix_extDB/matrix_noDB_redis/dconf/nginx.conf Normal file
View file

@ -0,0 +1,94 @@
# /etc/nginx/nginx.conf
user nginx;
# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
# Configures default error logger.
error_log /var/log/nginx/error.log warn;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
events {
# The maximum number of simultaneous connections that can be opened by
# a worker process.
worker_connections 1024;
}
http {
server_names_hash_bucket_size 64;
map_hash_bucket_size 128;
# Includes mapping of file name extensions to MIME types of responses
# and defines the default type.
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Name servers used to resolve names of upstream servers into addresses.
# It's also needed when using tcpsocket and udpsocket in Lua modules.
#resolver 208.67.222.222 208.67.220.220;
# Don't tell nginx version to clients.
server_tokens off;
# Specifies the maximum accepted body size of a client request, as
# indicated by the request header Content-Length. If the stated content
# length is greater than this size, then the client receives the HTTP
# error code 413. Set to 0 to disable.
client_max_body_size 1m;
# Timeout for keep-alive connections. Server will close connections after
# this time.
keepalive_timeout 65;
# Sendfile copies data between one FD and other from within the kernel,
# which is more efficient than read() + write().
sendfile on;
# Don't buffer data-sends (disable Nagle algorithm).
# Good for sending frequent small bursts of data in real time.
tcp_nodelay on;
# Causes nginx to attempt to send its HTTP response head in one packet,
# instead of using partial frames.
#tcp_nopush on;
# Path of the file with Diffie-Hellman parameters for EDH ciphers.
#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
# Specifies that our cipher suits should be preferred over client ciphers.
ssl_prefer_server_ciphers on;
# Enables a shared SSL cache with size that can hold around 8000 sessions.
ssl_session_cache shared:SSL:2m;
# Enable gzipping of responses.
#gzip on;
# Set the Vary HTTP header as defined in the RFC 2616.
gzip_vary on;
# Enable checking the existence of precompressed files.
#gzip_static on;
# Specifies the main log format.
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Sets the path, format, and configuration for a buffered log write.
access_log /var/log/nginx/access.log main;
# Includes virtual hosts configs.
include /etc/nginx/conf.d/*;
}

97
development/matrix_extDB/matrix_noDB_redis/docker-compose.yaml Normal file
View file

@ -0,0 +1,97 @@
version: '3'
services:
synapse:
image: matrixdotorg/synapse:latest
restart: unless-stopped
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
- DBNAME=${dbname}
- DBHOST=${dbhost}
- DBUSER=${dbuser}
- DBPASSWORD=${dbpassword}
- REDISHOST=${redishost}
- REDISPORT=${redisport}
- TURNPORT=${turnport}
- TURNHOST=${turnhost}
- TURNSECRET=${turnsecret}
network_mode: "host"
volumes:
- ./synapse:/data
entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py"
element:
image: vectorim/element-web:latest
restart: unless-stopped
environment:
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
volumes:
- ./element/config.json.sh:/app/config.json.sh
- ./element/element.conf.sh:/app/element.conf.sh
- ./element/redirector.conf.sh:/app/redirector.conf.sh
- ./element/synapse.conf.sh:/app/synapse.conf.sh
- ./conf:/etc/nginx/conf.d
- ./etcletsencrypt:/etc/letsencrypt
- ./dconf/nginx.conf:/etc/nginx/nginx.conf
command: sh -c "/app/config.json.sh && /app/element.conf.sh && /app/redirector.conf.sh && /app/synapse.conf.sh && nginx -g 'daemon off;'"
network_mode: "host"
synapse-generic-worker-all:
image: matrixdotorg/synapse:latest
container_name: synapse-generic-worker-all
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-generic-worker-all.yaml"]
healthcheck:
test: ["CMD-SHELL", "curl -fSs http://localhost:8081/health || exit 1"]
start_period: "5s"
interval: "15s"
timeout: "5s"
network_mode: "host"
volumes:
- ./synapse:/data
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
depends_on:
- synapse
synapse-generic-worker-sync:
image: matrixdotorg/synapse:latest
container_name: synapse-generic-worker-sync
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-generic-worker-sync.yaml"]
healthcheck:
test: ["CMD-SHELL", "curl -fSs http://localhost:8083/health || exit 1"]
start_period: "5s"
interval: "15s"
timeout: "5s"
network_mode: "host"
volumes:
- ./synapse:/data
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
depends_on:
- synapse
synapse-federation-sender-1:
image: matrixdotorg/synapse:latest
container_name: synapse-federation-sender-1
restart: unless-stopped
entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
healthcheck:
disable: true
network_mode: "host"
volumes:
- ./synapse:/data
environment:
SYNAPSE_WORKER: synapse.app.generic_worker
depends_on:
- synapse
redis:
image: "redis:latest"
restart: "unless-stopped"
network_mode: "host"

55
development/matrix_extDB/matrix_noDB_redis/element/config.json.sh Executable file
View file

@ -0,0 +1,55 @@
#!/bin/sh
/docker-entrypoint.sh
cat << EOF > /app/config.json
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://$PUBLICBASEURL",
"server_name": "$SERVERNAME"
},
"m.identity_server": {
"base_url": "https://vector.im"
}
},
"disable_custom_urls": false,
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": false,
"brand": "Element",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_widgets_urls": [
"https://scalar.vector.im/_matrix/integrations/v1",
"https://scalar.vector.im/api",
"https://scalar-staging.vector.im/_matrix/integrations/v1",
"https://scalar-staging.vector.im/api",
"https://scalar-staging.riot.im/scalar/api"
],
"default_country_code": "GB",
"show_labs_settings": false,
"features": {},
"default_federate": true,
"default_theme": "light",
"room_directory": {
"servers": ["matrix.org"]
},
"enable_presence_by_hs_url": {
"https://matrix.org": false,
"https://matrix-client.matrix.org": false
},
"setting_defaults": {
"breadcrumbs": true
},
"jitsi": {
"preferred_domain": "meet.element.io"
},
"element_call": {
"url": "https://call.element.io",
"participant_limit": 8,
"brand": "Element Call"
},
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
}
EOF

30
development/matrix_extDB/matrix_noDB_redis/element/element.conf.sh Executable file
View file

@ -0,0 +1,30 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/element.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name $ELEMENTWEB;
ssl_certificate /etc/letsencrypt/live/$ELEMENTWEB/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$ELEMENTWEB/privkey.pem;
client_max_body_size 512m;
location / {
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'none'";
proxy_pass http://localhost:8080;
}
}
EOF

31
development/matrix_extDB/matrix_noDB_redis/element/redirector.conf.sh Executable file
View file

@ -0,0 +1,31 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/redirector.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/$SERVERNAME/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$SERVERNAME/privkey.pem;
server_name $SERVERNAME;
proxy_buffering off;
location /.well-known/matrix/server {
default_type application/json;
return 200 '{"m.server": "$PUBLICBASEURL:443" }';
}
location /.well-known/matrix/client {
default_type application/json;
return 200 '{ "m.homeserver": { "base_url": "https://$PUBLICBASEURL" } }';
}
location / {
proxy_buffering off;
client_max_body_size 512M;
return 301 https://$ELEMENTWEB;
}
}
EOF

145
development/matrix_extDB/matrix_noDB_redis/element/synapse.conf.sh Executable file
View file

@ -0,0 +1,145 @@
#!/bin/sh
cat << EOF > /etc/nginx/conf.d/synapse.conf
upstream synapse_master {
server localhost:8008;
}
upstream synapse_federation {
server localhost:8082;
}
upstream synapse_generic {
server localhost:8081;
}
upstream synapse_generic_sync {
server localhost:8083;
}
map \$request_uri \$synapse_backend {
default synapse_master;
# Sync requests
~*^/_matrix/client/(r0|v3)/sync\$ synapse_sync;
~*^/_matrix/client/(api/v1|r0|v3)/events\$ synapse_sync;
~*^/_matrix/client/(api/v1|r0|v3)/initialSync\$ synapse_sync;
~*^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync\$ synapse_sync;
# Federation requests
~*^/_matrix/federation/v1/event/ synapse_federation;
~*^/_matrix/federation/v1/state/ synapse_federation;
~*^/_matrix/federation/v1/state_ids/ synapse_federation;
~*^/_matrix/federation/v1/backfill/ synapse_federation;
~*^/_matrix/federation/v1/get_missing_events/ synapse_federation;
~*^/_matrix/federation/v1/publicRooms synapse_federation;
~*^/_matrix/federation/v1/query/ synapse_federation;
~*^/_matrix/federation/v1/make_join/ synapse_federation;
~*^/_matrix/federation/v1/make_leave/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/send_join/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/send_leave/ synapse_federation;
~*^/_matrix/federation/(v1|v2)/invite/ synapse_federation;
~*^/_matrix/federation/v1/event_auth/ synapse_federation;
~*^/_matrix/federation/v1/exchange_third_party_invite/ synapse_federation;
~*^/_matrix/federation/v1/user/devices/ synapse_federation;
~*^/_matrix/key/v2/query synapse_federation;
~*^/_matrix/federation/v1/hierarchy/ synapse_federation;
# Inbound federation transaction request
~*^/_matrix/federation/v1/send/ synapse_federation;
# Client API requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state\$ synapse_generic;
~*^/_matrix/client/v1/rooms/.*/hierarchy\$ synaspe_generic;
~*^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send\$ synapse_generic;
~*^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/account/3pid\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/account/whoami\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/devices\$ synapse_generic;
~*^/_matrix/client/versions\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/search\$ synapse_generic;
# Encryption requests
~*^/_matrix/client/(r0|v3|unstable)/keys/query\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/keys/changes\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/keys/claim\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/room_keys/ synapse_generic;
# Registration/login requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login\$ synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/register\$ synapse_generic;
~*^/_matrix/client/v1/register/m.login.registration_token/validity\$ synapse_generic;
# Event sending requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)\$ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/join/ synapse_generic;
~*^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ synapse_generic;
# Account data requests
~*^/_matrix/client/(r0|v3|unstable)/.*/tags synapse_generic;
~*^/_matrix/client/(r0|v3|unstable)/.*/account_data synapse_generic;
# Receipts requests
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt synapse_generic;
#~*^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers synapse_generic;
# Presence requests
~*^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ synapse_generic;
# User directory search requests
~*^/_matrix/client/(r0|v3|unstable)/user_directory/search\$ synapse_generic;
# for all SSO providers
~*^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect synapse_generic;
~*^/_synapse/client/pick_idp$ synapse_generic;
~*^/_synapse/client/pick_username synapse_generic;
~*^/_synapse/client/new_user_consent$ synapse_generic;
~*^/_synapse/client/sso_register$ synapse_generic;
# OpenID Connect requests.
~*^/_synapse/client/oidc/callback$ synapse_generic;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/$PUBLICBASEURL/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$PUBLICBASEURL/privkey.pem;
server_name $PUBLICBASEURL;
client_max_body_size 512m;
error_page 403 404 /403_404.html;
location = /403_404.html {
default_type application/json;
return 200 'You are not authorized to access this page.';
}
location ~ /_matrix|/_synapse {
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
proxy_pass http://\$synapse_backend;
}
}
EOF

33
development/matrix_extDB/matrix_noDB_redis/synapse/federation_sender.log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

33
development/matrix_extDB/matrix_noDB_redis/synapse/generic-worker-log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

2948
development/matrix_extDB/matrix_noDB_redis/synapse/homeserver.yaml.sh Executable file
View file

File diff suppressed because it is too large Load diff

33
development/matrix_extDB/matrix_noDB_redis/synapse/log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

15
development/matrix_extDB/matrix_noDB_redis/synapse/workers/synapse-federation-sender-1.yaml Executable file
View file

@ -0,0 +1,15 @@
worker_app: synapse.app.generic_worker
worker_name: synapse-federation-sender-1
worker_listeners:
- type: http
port: 8082
resources:
- names: [federation]
- type: http
port: 9082
resources:
- names: [replication]
worker_log_config: /data/federation_sender.log.yaml

14
development/matrix_extDB/matrix_noDB_redis/synapse/workers/synapse-generic-worker-all.yaml Executable file
View file

@ -0,0 +1,14 @@
worker_app: synapse.app.generic_worker
worker_name: synapse-generic-worker-all
worker_listeners:
- type: http
port: 8081
resources:
- names: [client]
- type: http
port: 9081
resources:
- names: [replication]
worker_log_config: /data/generic-worker-log.yaml

14
development/matrix_extDB/matrix_noDB_redis/synapse/workers/synapse-generic-worker-sync.yaml Executable file
View file

@ -0,0 +1,14 @@
worker_app: synapse.app.generic_worker
worker_name: synapse-generic-worker-sync
worker_listeners:
- type: http
port: 8083
resources:
- names: [client]
- type: http
port: 9083
resources:
- names: [replication]
worker_log_config: /data/generic-worker-log.yaml

3
development/matrix_extDB/postgresql/.env Normal file
View file

@ -0,0 +1,3 @@
dbuser=synapse
dbpassword=NEEDTOSETPASSWORD
dbname=synapse

15
development/matrix_extDB/postgresql/README.md Normal file
View file

@ -0,0 +1,15 @@
## Usage and Components
Note: as of 2023-09-12 this docker-compose is available internally.
### Versions
* Postresql: registry.ipv6.docker.com/library/postgres
### Sample usage
Setting up matrix for ...
```
docker-compose up -d
```

14
development/matrix_extDB/postgresql/docker-compose.yaml Normal file
View file

@ -0,0 +1,14 @@
version: '3'
services:
postgres:
image: postgres:14
restart: unless-stopped
ports:
- "5432:5432/tcp"
volumes:
- ./postgresdata:/var/lib/postgresql/data
environment:
- POSTGRES_DB=${dbname}
- POSTGRES_USER=${dbuser}
- POSTGRES_PASSWORD=${dbpassword}
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C

3
development/matrix_includeDB/.env Normal file
View file

@ -0,0 +1,3 @@
homeServerFQDN=homeServerFQDN.sample.matrix.ungleich.cloud
synapseFQDN=synapse.sample.matrix.ungleich.cloud
elementWebFQDN=elementWebFQDN.sample.matrix.ungleich.cloud

35
development/matrix_includeDB/README.md Normal file
View file

@ -0,0 +1,35 @@
## Usage and Components
Note: as of 2023-09-01 this docker-compose is available internally.
### Versions
* Element: https://hub.docker.com/r/vectorim/element-web/tags
* Synapse: https://hub.docker.com/r/matrixdotorg/synapse/tags
### Domains / homeserver.yaml and element-config.json
* synapseFQDN: on which domain the home server is reachable
* elementWebFQDN: on which domain element web will be deployed
* homeServerFQDN: the "matrix domain" that identifies the users
### Sample usage
Setting up matrix for ...
- the matrix domain "fn.nf"
- the homeserver "homeserver.fn.nf"
- element web on m.fn.nf
- set domains via .env
```
homeServerFQDN=homeServerFQDN.sample.matrix.ungleich.cloud
synapseFQDN=synapse.sample.matrix.ungleich.cloud
elementWebFQDN=elementWebFQDN.sample.matrix.ungleich.cloud
```
```
docker-compose up -d
```

44
development/matrix_includeDB/docker-compose.yaml Normal file
View file

@ -0,0 +1,44 @@
version: '3'
services:
synapse:
image: matrixdotorg/synapse:latest
restart: unless-stopped
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
ports:
- "8008:8008/tcp"
volumes:
- ./synapse:/data
entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py"
depends_on:
- postgres
element:
image: vectorim/element-web:latest
restart: unless-stopped
environment:
- SERVERNAME=${homeServerFQDN}
- PUBLICBASEURL=${synapseFQDN}
- ELEMENTWEB=${elementWebFQDN}
volumes:
- ./element/config.json.sh:/app/config.json.sh
command: sh -c "/app/config.json.sh && nginx -g 'daemon off;'"
#entrypoint: /app/config.json.sh
ports:
- "80:80/tcp"
postgres:
image: postgres:14
restart: unless-stopped
ports:
- "5432:5432/tcp"
volumes:
- ./postgresdata:/var/lib/postgresql/data
environment:
- POSTGRES_DB=synapse
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=NEEDTOSETPASSWORD
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C

55
development/matrix_includeDB/element/config.json.sh Executable file
View file

@ -0,0 +1,55 @@
#!/bin/sh
/docker-entrypoint.sh
cat << EOF > /app/config.json
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://$PUBLICBASEURL",
"server_name": "$SERVERNAME"
},
"m.identity_server": {
"base_url": "https://vector.im"
}
},
"disable_custom_urls": false,
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": false,
"brand": "Element",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_widgets_urls": [
"https://scalar.vector.im/_matrix/integrations/v1",
"https://scalar.vector.im/api",
"https://scalar-staging.vector.im/_matrix/integrations/v1",
"https://scalar-staging.vector.im/api",
"https://scalar-staging.riot.im/scalar/api"
],
"default_country_code": "GB",
"show_labs_settings": false,
"features": {},
"default_federate": true,
"default_theme": "light",
"room_directory": {
"servers": ["matrix.org"]
},
"enable_presence_by_hs_url": {
"https://matrix.org": false,
"https://matrix-client.matrix.org": false
},
"setting_defaults": {
"breadcrumbs": true
},
"jitsi": {
"preferred_domain": "meet.element.io"
},
"element_call": {
"url": "https://call.element.io",
"participant_limit": 8,
"brand": "Element Call"
},
"map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
}
EOF

2925
development/matrix_includeDB/synapse/homeserver.yaml.sh Executable file
View file

File diff suppressed because it is too large Load diff

33
development/matrix_includeDB/synapse/log.yaml Executable file
View file

@ -0,0 +1,33 @@
version: 1
formatters:
fmt:
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
filters:
context:
(): synapse.logging.context.LoggingContextFilter
request: ""
handlers:
console:
class: logging.StreamHandler
formatter: fmt
filters: [context]
root:
level: INFO
handlers: [console] # to use file handler instead, switch to [file]
loggers:
synapse:
level: INFO
synapse.storage.SQL:
level: INFO
ldap3:
level: INFO
ldap_auth_provider:
level: INFO

22
development/redis-tls/cert/CA-cert.pem Normal file
View file

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDmTCCAoGgAwIBAgIJAMHmbq/tHCigMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV
BAYTAktSMQ4wDAYDVQQIDAVTZW91bDEOMAwGA1UEBwwFU2VvdWwxCjAIBgNVBAoM
AUIxCjAIBgNVBAsMAUIxCjAIBgNVBAMMAUIxEDAOBgkqhkiG9w0BCQEWAUIwHhcN
MjMxMDAyMTYyODE5WhcNMjYwNjI4MTYyODE5WjBjMQswCQYDVQQGEwJLUjEOMAwG
A1UECAwFU2VvdWwxDjAMBgNVBAcMBVNlb3VsMQowCAYDVQQKDAFCMQowCAYDVQQL
DAFCMQowCAYDVQQDDAFCMRAwDgYJKoZIhvcNAQkBFgFCMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA3yjjv250E1t7+1W43T9gb6dQ0EZP+9Sd5nxXLUzU
bEzJfTFOdBaN/i1x+R1bLeLN6/aJE+9zCl4N3qSLFNn/O0+w/U42WZyNxvo/5VHT
G1MNYT19InJ8SBR8V0r1FLdQsFfuK0f9HxLuYS6uNVCAgTUkDCXf4hDr4EKSY6hW
BV96X8psBOjeeXQmUh3gt/OvpmaQpALDxif+b7RPOotmfMDyfmDjBjjTLmNwgxXU
p7LdYcX/6VXHNy3HF2PAQbJ1MmaGiTK3hIAQKsJDtTYBmR2q5Ql2JEV+EUuwHBBh
K+w3Wa6tQf22ceKjITGDFfixXHhlSs9lM6iHhunFktDmhQIDAQABo1AwTjAdBgNV
HQ4EFgQU+TRnwFhV1Zl1ks+KWV7jD0t1p00wHwYDVR0jBBgwFoAU+TRnwFhV1Zl1
ks+KWV7jD0t1p00wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAmOPw
MHN9670pgp+Z2P/nvNPy1pyXHoBb8IF5P/CHo5liXzPzxL92qutdQ2sGXKvUuEv+
JsYU3bpT4BxIGtoNpr3m/NzoAYJ8uzPJv3o8Hv2JH7oFmseaFFWe+Uj50DtOyII2
OaP89YCwDapElygTJpsQ1FMIJvZytvrA3OWPTYgNhb0j3mLAzYVU+v+eMGBuphhg
t9Bh70oGujxQFftE00KoV3HLG5hRqHxdstUvJjz/F1H1cgY7stk39Szt4QKr0v1g
68XaM2lswYXOjoM1eCl+xJkmbTHvWPqEVF0VJsn7WKKIh2Fjk9zDsy5QNZb3wuQQ
/uLnUAOch/iPcM+nHw==
-----END CERTIFICATE-----

20
development/redis-tls/cert/certificate.crt Normal file
View file

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDPjCCAiYCCQC/ZryjNyHjPDANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJL
UjEOMAwGA1UECAwFU2VvdWwxDjAMBgNVBAcMBVNlb3VsMQowCAYDVQQKDAFCMQow
CAYDVQQLDAFCMQowCAYDVQQDDAFCMRAwDgYJKoZIhvcNAQkBFgFCMB4XDTIzMTAw
MjE2MjgyM1oXDTI0MTAwMTE2MjgyM1owXzELMAkGA1UEBhMCS1IxDjAMBgNVBAgM
BVNlb3VsMQ4wDAYDVQQHDAVTZW91bDEKMAgGA1UECgwBQjEKMAgGA1UECwwBQjEY
MBYGA1UEAwwPMTg1LjIwMy4xMTQuMTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAv6HHkzEkZdER+fI3Lv3uKJsMLxOeAaKgC8frr7PaVXPRm3U8KErf
dhrvnfECspflA4JA+EGGENCrmrgUbB9XdOytoIqSGBWAHBTQiJa/bUcmitdVs/9V
VpfNDtn1cn3LjodF8SqmfG2aTiiySbhJnmbTf9a5mKZV20r+cVDXenhkMQohNyfx
G3KM2wD5G5RNZS+4jjaxKxXkL3BYk1pL8b+K5vV8vZDIll8wbZr+X3AzkjXw5RFm
XLsUfP5XVQnNUHOV81R5vKyRfM1LSk0c/ANa574mnsp1O8TraqFxyed7NuM9tNH1
lUQry2pjJKlVk3JUeUqagsClY5F36yyxlwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
AQB4yKEO+L3nyDTBlwCElvug1qnEHf8bLZglxAFtArqw6wtNlueSQiRJz2AvlAGl
l6KTVVNdgqBDlQ2Sxz+SyEmOKOyHXgbZCYmuinejXhooINIVhVYlB3LVEFaAmraM
44j770NmT2AwG7NWXuH4erhbHDnhR1/et6w7O5WRF8AeLzQLZyBCiVv3SHSKVoOM
BcDGuGhIRcUWs3F59MhxMMR04T32OZsbV9yTL32AG8GPQ+OvkgJGXLB/R00meV+g
RIZP1ITT9ka5fZjUtQoiQ2KZWhJIJ5HIcG3ksGTgEUNwBbIbdbkKtdOkDKK6QsAu
2DPQKBNx/NOS91Gijxj1FqVD
-----END CERTIFICATE-----

28
development/redis-tls/cert/certificate.key Normal file
View file

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/oceTMSRl0RH5
8jcu/e4omwwvE54BoqALx+uvs9pVc9GbdTwoSt92Gu+d8QKyl+UDgkD4QYYQ0Kua
uBRsH1d07K2gipIYFYAcFNCIlr9tRyaK11Wz/1VWl80O2fVyfcuOh0XxKqZ8bZpO
KLJJuEmeZtN/1rmYplXbSv5xUNd6eGQxCiE3J/EbcozbAPkblE1lL7iONrErFeQv
cFiTWkvxv4rm9Xy9kMiWXzBtmv5fcDOSNfDlEWZcuxR8/ldVCc1Qc5XzVHm8rJF8
zUtKTRz8A1rnviaeynU7xOtqoXHJ53s24z200fWVRCvLamMkqVWTclR5SpqCwKVj
kXfrLLGXAgMBAAECggEAKqEfl4PgF/JJcHPMiNyeRVQwgqx3gt+dgOFpcb2tvUK1
h0KuLjxxt4FIercppXca0AwCzfctjsIM2q9Gg8L5Hp6kBUmuNENcK2MJ/MikLvgb
/9jlTNRpNIkyabJc4qpPRRacnYiiXp23LNnqx3GClwVC2XZ39RhTkyP8tFKKjMim
2dqQN274dgISPk6WXKuoWAuqh5nlzHu+mwt59hpPuOdTD6cTxenXysfOjOiDyjhL
0oWrQ8L5Ss9qI3wJCWqrzMPkCD3H/3KZyxEuOAMXhcyTuB76k5/8AeUU0OssdzC4
cGac9RXs29BOoBeAZlHZ1+YFRdfDbp54Ibeadwc+SQKBgQDhdHM8c4wjRU5EIOC3
rM5sChkJIIoSgCST0/bbo85ByKAZhWZTOcmFg2xkmLhYQfJAdNNbfX6SM8R3aYDH
QMhaCdMgrR2+tK5ZzWR0qXGWiVvDFvWHycTkG3HXi7PK0gkWjjqIJKgow+GJIpGZ
W72auv3qcJIawaM6a+NeUbkb7QKBgQDZmDvmJr8MPkuc6xE7AFvEmTtE6GPhnY2B
DbO7mG32nPZItrPsnlpGfLdi+KKmWR9fmcAb+Ro/J2NcSIjhKTWThmiI3kzH9/Nh
Cy0LE0CSG/qs7Wk1GIK4TbtZ3O092cS6S11NbEqRLEC4ZCbd4EVDTgka5VHyW8ff
UEE+1QA7EwKBgQCPYI1AboM6kwK5FOeUJ5OG5c0SHt1v8opQcMZW3A95ims2j72J
RADCpdezCeSCTD4Re7pGPsLVm5JgFnpNPQetKv5Xk4CNHT6b4aD3CCMyhtwSb3Fq
D4jlQAbf+vo2C+i3rW/P0PAYLKormg5aJxunYS/Ffh2MYoS5zI7mFrbP6QKBgHS2
AurfvXmDsGrqasOK3a4FwpSjUW+iYlPmVZE5oUG1zyQRW1B/X0yPeI3NbvBqvTk5
7qESa9GT/udwwHqE8AfBADDpi6V2iUR0CiT2npvABiTa8qNYEkVo7CS3K0kRlUOX
SOROQXC8m7pLfc1kjcIcCSYz+lBUilBta5GYDhehAoGBAJuG4+yael49mSm8duFV
bNsJ+zOnbNzsm1ikc5Inmkzrw1DA1/BeQzogWyB4f5HpqPBkFdbczzH6n8gmoGa2
xcnwK3iQpf02XeoE9rHvBHdYiJvcaFH4xBvtaxh6p4+1fI0c3ibwXMUFBIlOQMZQ
4NjfiUn0a03X7iICTqmPOHOw
-----END PRIVATE KEY-----

34
development/redis-tls/docker-compose.yaml Normal file
View file

@ -0,0 +1,34 @@
version: '3'
services:
predixy:
image: haandol/predixy:latest
container_name: predixy
network_mode: "host"
volumes:
- ./predixy/conf:/etc/predixy/conf
redis-master:
container_name: "redis-master"
image: redis:7.2-alpine
network_mode: "host"
command: redis-server /etc/redis.conf
volumes:
- ./redis-master.conf:/etc/redis.conf
- ./masterdata:/data
- ./cert/certificate.crt:/etc/certificate.crt
- ./cert/certificate.key:/etc/certificate.key
- ./cert/CA-cert.pem:/etc/CA-cert.pem
restart: always
redis-slave:
container_name: "redis-slave"
image: redis:7.2-alpine
network_mode: "host"
command: redis-server /etc/redis.conf
volumes:
- ./redis-slave.conf:/etc/redis.conf
- ./slavedata:/data
- ./cert/certificate.crt:/etc/certificate.crt
- ./cert/certificate.key:/etc/certificate.key
- ./cert/CA-cert.pem:/etc/CA-cert.pem
restart: always
depends_on:
- redis-master

8
development/redis-tls/predixy/conf/auth.conf Normal file
View file

@ -0,0 +1,8 @@
Authority {
Auth {
Mode write
}
Auth "#bccomplexpassword#" {
Mode admin
}
}

20
development/redis-tls/predixy/conf/cluster.conf Normal file
View file

@ -0,0 +1,20 @@
## redis cluster server pool define
ClusterServerPool {
MasterReadPriority 60
StaticSlaveReadPriority 50
DynamicSlaveReadPriority 50
RefreshInterval 1
ServerTimeout 1
ServerFailureLimit 10
ServerRetryTimeout 1
KeepAlive 120
Servers {
+ redis-node1.ungleich.cloud:6379
+ redis-node2.ungleich.cloud:6379
+ redis-node3.ungleich.cloud:6379
+ redis-node1.ungleich.cloud:6479
+ redis-node2.ungleich.cloud:6479
+ redis-node3.ungleich.cloud:6479
}
}

104
development/redis-tls/predixy/conf/latency.conf Normal file
View file

@ -0,0 +1,104 @@
LatencyMonitor all {
Commands {
+ all
- blpop
- brpop
- brpoplpush
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
+ 1200
+ 1400
+ 1600
+ 1700
+ 1800
+ 2000
+ 2500
+ 3000
+ 3500
+ 4000
+ 4500
+ 5000
+ 6000
+ 7000
+ 8000
+ 9000
+ 10000
}
}
LatencyMonitor get {
Commands {
+ get
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
}
}
LatencyMonitor set {
Commands {
+ set
+ setnx
+ setex
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
}
}
LatencyMonitor blist {
Commands {
+ blpop
+ brpop
+ brpoplpush
}
TimeSpan {
+ 1000
+ 2000
+ 3000
+ 4000
+ 5000
+ 6000
+ 7000
+ 8000
+ 9000
+ 10000
+ 20000
+ 30000
+ 40000
+ 50000
+ 60000
+ 70000
+ 80000
+ 90000
+ 100000
}
}

38
development/redis-tls/predixy/conf/predixy.conf Normal file
View file

@ -0,0 +1,38 @@
################################### GENERAL ####################################
## Predixy configuration file example
## Specify a name for this predixy service
## redis command INFO can get this
Name PredixyExample
## Default is 0.0.0.0:7617
Bind 0.0.0.0:7300
## Worker threads
WorkerThreads 4
MaxMemory 0
ClientTimeout 300
Log /etc/predixy/conf/predixy.log
LogVerbSample 0
LogDebugSample 0
LogInfoSample 10000
LogNoticeSample 1
LogWarnSample 1
LogErrorSample 1
################################### AUTHORITY ##################################
Include auth.conf
################################### SERVERS ####################################
Include cluster.conf
# Include sentinel.conf
# Include try.conf
################################### LATENCY ####################################
## Latency monitor define, see latency.conf
Include latency.conf

13
development/redis-tls/redis-master.conf Normal file
View file

@ -0,0 +1,13 @@
cluster-enabled yes
cluster-node-timeout 5000
cluster-require-full-coverage yes
appendonly yes
#port 7001
tls-cluster yes
tls-auth-clients no
#tls-replication yes
port 0
tls-port 6379
tls-cert-file /etc/certificate.crt
tls-key-file /etc/certificate.key
tls-ca-cert-file /etc/CA-cert.pem

13
development/redis-tls/redis-slave.conf Normal file
View file

@ -0,0 +1,13 @@
cluster-enabled yes
cluster-node-timeout 5000
cluster-require-full-coverage yes
appendonly yes
#port 7101
tls-cluster yes
tls-auth-clients no
tls-replication yes
port 0
tls-port 6479
tls-cert-file /etc/certificate.crt
tls-key-file /etc/certificate.key
tls-ca-cert-file /etc/CA-cert.pem

28
development/redis/docker-compose.yaml Normal file
View file

@ -0,0 +1,28 @@
version: '3'
services:
predixy:
image: haandol/predixy:latest
container_name: predixy
network_mode: "host"
volumes:
- ./predixy/conf:/etc/predixy/conf
redis-master:
container_name: "redis-master"
image: redis:7.2-alpine
network_mode: "host"
command: redis-server /etc/redis.conf
volumes:
- ./redis-master.conf:/etc/redis.conf
- ./masterdata:/data
restart: always
redis-slave:
container_name: "redis-slave"
image: redis:7.2-alpine
network_mode: "host"
command: redis-server /etc/redis.conf
volumes:
- ./redis-slave.conf:/etc/redis.conf
- ./slavedata:/data
restart: always
depends_on:
- redis-master

8
development/redis/predixy/conf/auth.conf Normal file
View file

@ -0,0 +1,8 @@
Authority {
Auth {
Mode write
}
Auth "#bccomplexpassword#" {
Mode admin
}
}

20
development/redis/predixy/conf/cluster.conf Normal file
View file

@ -0,0 +1,20 @@
## redis cluster server pool define
ClusterServerPool {
MasterReadPriority 60
StaticSlaveReadPriority 50
DynamicSlaveReadPriority 50
RefreshInterval 1
ServerTimeout 1
ServerFailureLimit 10
ServerRetryTimeout 1
KeepAlive 120
Servers {
+ redis-node1.ungleich.cloud:7001
+ redis-node2.ungleich.cloud:7001
+ redis-node3.ungleich.cloud:7001
+ redis-node1.ungleich.cloud:7101
+ redis-node2.ungleich.cloud:7101
+ redis-node3.ungleich.cloud:7101
}
}

104
development/redis/predixy/conf/latency.conf Normal file
View file

@ -0,0 +1,104 @@
LatencyMonitor all {
Commands {
+ all
- blpop
- brpop
- brpoplpush
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
+ 1200
+ 1400
+ 1600
+ 1700
+ 1800
+ 2000
+ 2500
+ 3000
+ 3500
+ 4000
+ 4500
+ 5000
+ 6000
+ 7000
+ 8000
+ 9000
+ 10000
}
}
LatencyMonitor get {
Commands {
+ get
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
}
}
LatencyMonitor set {
Commands {
+ set
+ setnx
+ setex
}
TimeSpan {
+ 100
+ 200
+ 300
+ 400
+ 500
+ 600
+ 700
+ 800
+ 900
+ 1000
}
}
LatencyMonitor blist {
Commands {
+ blpop
+ brpop
+ brpoplpush
}
TimeSpan {
+ 1000
+ 2000
+ 3000
+ 4000
+ 5000
+ 6000
+ 7000
+ 8000
+ 9000
+ 10000
+ 20000
+ 30000
+ 40000
+ 50000
+ 60000
+ 70000
+ 80000
+ 90000
+ 100000
}
}

38
development/redis/predixy/conf/predixy.conf Normal file
View file

@ -0,0 +1,38 @@
################################### GENERAL ####################################
## Predixy configuration file example
## Specify a name for this predixy service
## redis command INFO can get this
Name PredixyExample
## Default is 0.0.0.0:7617
Bind 0.0.0.0:7300
## Worker threads
WorkerThreads 4
MaxMemory 0
ClientTimeout 300
Log /etc/predixy/conf/predixy.log
LogVerbSample 0
LogDebugSample 0
LogInfoSample 10000
LogNoticeSample 1
LogWarnSample 1
LogErrorSample 1
################################### AUTHORITY ##################################
Include auth.conf
################################### SERVERS ####################################
Include cluster.conf
# Include sentinel.conf
# Include try.conf
################################### LATENCY ####################################
## Latency monitor define, see latency.conf
Include latency.conf

75
development/redis/predixy/conf/predixy.log Normal file
View file

@ -0,0 +1,75 @@
2023-09-26 16:10:28.587875 N Proxy.cpp:112 predixy listen in 0.0.0.0:7300
2023-09-26 16:10:28.588171 N Proxy.cpp:143 predixy running with Name:PredixyExample Workers:4
2023-09-26 16:10:28.589548 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.211:7101
2023-09-26 16:10:28.589639 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.211:7101 9
2023-09-26 16:10:28.596954 N ClusterServerPool.cpp:174 redis cluster create new group 9a89cb0bf9e4a403bd8875fc9f783e54935b3f6b :7101@17101 myself,master -
2023-09-26 16:10:29.595047 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.220:7101
2023-09-26 16:10:29.595190 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.220:7101 10
2023-09-26 16:10:29.596290 N ClusterServerPool.cpp:174 redis cluster create new group 728512c4abb3e6cd7df6ec46efeace2cd24be5cc :7101@17101 myself,master -
2023-09-26 16:10:30.597794 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.219:7101
2023-09-26 16:10:30.597900 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.219:7101 11
2023-09-26 16:10:30.600884 N ClusterServerPool.cpp:174 redis cluster create new group a92b657d21d80ddd0b144276b6106ce6cc7b847c :7101@17101 myself,master -
2023-09-26 16:10:31.600400 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.211:7101
2023-09-26 16:10:31.600506 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.211:7101 12
2023-09-26 16:10:32.608599 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.220:7001
2023-09-26 16:10:32.608770 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.220:7001 13
2023-09-26 16:10:32.610100 N ClusterServerPool.cpp:174 redis cluster create new group 3212a757444eabeecf409fc46134e36b44f9bdf2 :7001@17001 myself,master -
2023-09-26 16:10:33.611837 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.219:7101
2023-09-26 16:10:33.611948 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.219:7101 14
2023-09-26 16:10:34.684681 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.219:7101
2023-09-26 16:10:34.684783 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.219:7101 15
2023-09-26 16:10:35.687556 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.219:7001
2023-09-26 16:10:35.687668 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.219:7001 16
2023-09-26 16:10:35.689825 N ClusterServerPool.cpp:174 redis cluster create new group 6a7ecdb9d5db221b39e6e168e2fa52e4f83b3252 :7001@17001 myself,master -
2023-09-26 16:10:36.690234 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.211:7001
2023-09-26 16:10:36.690327 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.211:7001 17
2023-09-26 16:10:36.692940 N ClusterServerPool.cpp:174 redis cluster create new group 1bed7719b0588caafc65182a5071cf3722abf131 :7001@17001 myself,master -
2023-09-26 16:10:38.695346 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.220:7101
2023-09-26 16:10:38.695459 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.220:7101 18
2023-09-26 16:10:40.700876 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.219:7001
2023-09-26 16:10:40.700969 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.219:7001 19
2023-09-26 16:10:41.703501 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.211:7101
2023-09-26 16:10:41.703600 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.211:7101 20
2023-09-26 16:10:44.712329 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.219:7001
2023-09-26 16:10:44.712451 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.219:7001 21
2023-09-26 16:10:46.717456 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.211:7101
2023-09-26 16:10:46.717554 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.211:7101 22
2023-09-26 16:10:49.725349 N Handler.cpp:453 h 3 create connection pool for server 185.203.114.219:7101
2023-09-26 16:10:49.725462 N ConnectConnectionPool.cpp:42 h 3 create server connection 185.203.114.219:7101 23
2023-09-26 16:10:50.727881 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.211:7001
2023-09-26 16:10:50.727986 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.211:7001 24
2023-09-26 16:10:51.730870 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.211:7001
2023-09-26 16:10:51.730949 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.211:7001 25
2023-09-26 16:10:52.734852 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.220:7101
2023-09-26 16:10:52.734995 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.220:7101 26
2023-09-26 16:10:53.737706 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.220:7001
2023-09-26 16:10:53.737804 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.220:7001 27
2023-09-26 16:10:54.740238 N Handler.cpp:453 h 1 create connection pool for server 185.203.114.220:7001
2023-09-26 16:10:54.740350 N ConnectConnectionPool.cpp:42 h 1 create server connection 185.203.114.220:7001 28
2023-09-26 16:11:09.785618 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.211:7001
2023-09-26 16:11:09.785859 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.211:7001 29
2023-09-26 16:11:14.798944 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.220:7101
2023-09-26 16:11:14.799245 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.220:7101 30
2023-09-26 16:11:20.814272 N Handler.cpp:453 h 0 create connection pool for server 185.203.114.219:7001
2023-09-26 16:11:20.814395 N ConnectConnectionPool.cpp:42 h 0 create server connection 185.203.114.219:7001 31
2023-09-26 16:11:31.946414 W ClusterServerPool.cpp:227 redis cluster update server 153ecac0cbbd9f5fc732fe667542ff4d60437168 185.203.114.219:7101 role unknown
2023-09-26 16:11:37.862876 N Handler.cpp:453 h 2 create connection pool for server 185.203.114.220:7001
2023-09-26 16:11:37.862978 N ConnectConnectionPool.cpp:42 h 2 create server connection 185.203.114.220:7001 32
2023-09-26 16:16:20.809370 N Handler.cpp:318 h 2 accept c 185.203.114.199:57448 33
2023-09-26 16:16:20.809712 N Handler.cpp:318 h 3 accept c 185.203.114.199:57450 34
2023-09-26 16:16:20.839201 N ConnectConnectionPool.cpp:82 h 0 create private server connection 185.203.114.211:7001 35
2023-09-26 16:16:22.062163 N Handler.cpp:318 h 1 accept c 185.203.114.199:57460 36
2023-09-26 16:16:22.062258 N Handler.cpp:318 h 1 accept c 185.203.114.199:57462 37
2023-09-26 16:16:22.063781 N ConnectConnectionPool.cpp:82 h 2 create private server connection 185.203.114.220:7001 38
2023-09-26 16:16:22.439657 N Handler.cpp:318 h 3 accept c 185.203.114.199:57470 39
2023-09-26 16:16:22.439705 N Handler.cpp:318 h 3 accept c 185.203.114.199:57472 40
2023-09-26 16:16:22.444573 N ConnectConnectionPool.cpp:82 h 1 create private server connection 185.203.114.220:7001 41
2023-09-26 16:18:50.853693 N Handler.cpp:212 h 2 remove c 185.203.114.199:57462 37 with status 2 End
2023-09-26 16:18:50.853980 N Handler.cpp:276 h 2 close s 185.203.114.220:7001 38 and c None -1 with status 101 Custom
2023-09-26 16:18:50.855311 N Handler.cpp:212 h 1 remove c 185.203.114.199:57460 36 with status 2 End
2023-09-26 16:18:50.902178 N Handler.cpp:212 h 1 remove c 185.203.114.199:57472 40 with status 2 End
2023-09-26 16:18:50.902308 N Handler.cpp:276 h 1 close s 185.203.114.220:7001 41 and c None -1 with status 101 Custom
2023-09-26 16:18:50.909188 N Handler.cpp:212 h 3 remove c 185.203.114.199:57470 39 with status 2 End
2023-09-26 16:19:01.283074 N Handler.cpp:212 h 0 remove c 185.203.114.199:57448 33 with status 2 End
2023-09-26 16:19:01.283278 N Handler.cpp:212 h 0 remove c 185.203.114.199:57450 34 with status 2 End
2023-09-26 16:19:01.283331 N Handler.cpp:276 h 0 close s 185.203.114.211:7001 35 and c None -1 with status 101 Custom

5
development/redis/redis-master.conf Normal file
View file

@ -0,0 +1,5 @@
cluster-enabled yes
cluster-node-timeout 5000
cluster-require-full-coverage yes
appendonly yes
port 7001

5
development/redis/redis-slave.conf Normal file
View file

@ -0,0 +1,5 @@
cluster-enabled yes
cluster-node-timeout 5000
cluster-require-full-coverage yes
appendonly yes
port 7101