dispatch main requests to main server

ansible/roles/docker-compose/files/synapse-no-worker/.env

@@ -0,0 +1,5 @@
+SYNAPSE_VERSION=v1.92.3
+NGINX_VERSION=1.25.2-alpine
+
+SYNAPSE_SERVER_NAME=corp-serv.net
+NGINX_SYNAPSE_FQDN=synapse.corp-apps.com

ansible/roles/docker-compose/files/synapse-no-worker/config/log.yaml

@@ -0,0 +1,33 @@
+version: 1
+
+formatters:
+  fmt:
+    format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
+
+filters:
+  context:
+    (): synapse.logging.context.LoggingContextFilter
+    request: ""
+
+handlers:
+  console:
+    class: logging.StreamHandler
+    formatter: fmt
+    filters: [context]
+
+root:
+  level: INFO
+  handlers: [console] # to use file handler instead, switch to [file]
+
+loggers:
+  synapse:
+    level: INFO
+
+  synapse.storage.SQL:
+    level: INFO
+
+  ldap3:
+    level: INFO
+
+  ldap_auth_provider:
+    level: INFO

ansible/roles/docker-compose/files/synapse-no-worker/docker-compose.yaml

@@ -0,0 +1,24 @@
+version: '3'
+services:
+  synapse:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    ports:
+      - "8008:8008/tcp"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    ports:
+      - "8008:8008/tcp"
+    command:
+      - run
+      - --config-path=/config/homeserver.yaml
+#      - --config-path=/config/generic_worker.yaml
+    restart: always
+  nginx:
+    image: nginx:${NGINX_VERSION}
+    ports:
+      - "80:80/tcp"
+      - "443:443/tcp"
+    volumes:
+      - ./nginx:/etc/nginx/conf.d
+      - /ssl:/ssl

ansible/roles/docker-compose/files/synapse-no-worker/nginx/synapse.conf

@@ -0,0 +1,33 @@
+server {
+
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    ssl_certificate      /ssl/chain.crt;
+    ssl_certificate_key  /ssl/certificate.keyplain;
+
+    client_max_body_size 25m;
+
+    error_page 403 404 /403_404.html;
+    location = /403_404.html {
+	    default_type application/json;
+	    return 200 'You are not authorized to access this page.';
+    }
+
+    location / {
+        root /www;
+    }
+
+    location ~ /_matrix|/_synapse {
+      proxy_set_header X-Forwarded-For $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header Host $http_host;
+
+      proxy_connect_timeout 600s;
+      proxy_send_timeout 600s;
+      proxy_read_timeout 600s;
+      send_timeout 600s;
+
+      proxy_pass http://synapse:8008;
+    }
+}

ansible/roles/docker-compose/files/synapse-no-worker/www/index.html

@@ -0,0 +1 @@
+Test for Synapse

ansible/roles/docker-compose/files/synapse/.env

@@ -1,4 +1,4 @@
-SYNAPSE_VERSION=v1.92.3
+SYNAPSE_VERSION=v1.95.1
 NGINX_VERSION=1.25.2-alpine
 
 SYNAPSE_SERVER_NAME=corp-serv.net

ansible/roles/docker-compose/files/synapse/config/homeserver.yaml

@@ -289,6 +289,13 @@ listeners:
       - names: [client, federation]
         compress: false
 
+  - port: 9093
+    bind_addresses: ['::', '0.0.0.0']
+    type: http
+    resources:
+     - names: [replication]
+
+
     # example additional_resources:
     #
     #additional_resources:
@@ -2900,6 +2907,12 @@ opentracing:
 #    host: localhost
 #    port: 8034
 
+instance_map:
+  main:
+    host: 'synapse-main'
+    port: 9093
+
+
 # Experimental: When using workers you can define which workers should
 # handle event persistence and typing notifications. Any worker
 # specified here must also be in the instance_map.
@@ -2927,13 +2940,13 @@ opentracing:
 redis:
   # Uncomment the below to enable Redis support.
   #
-  #enabled: true
+  enabled: true
 
   # Optional host and port to use to connect to redis. Defaults to
   # localhost and 6379
   #
-  #host: localhost
-  #port: 6379
+  host: redis
+  port: 6379
 
   # Optional password if configured on the Redis instance
   #

ansible/roles/docker-compose/files/synapse/config/synapse-worker-federation.yaml

@@ -0,0 +1,10 @@
+worker_app: synapse.app.generic_worker
+worker_name: synapse-worker-federation
+
+worker_listeners:
+  - type: http
+    port: 8008
+    resources:
+      - names:
+          - client
+          - federation

ansible/roles/docker-compose/files/synapse/config/synapse-worker-generic.yaml

@@ -0,0 +1,11 @@
+worker_app: synapse.app.generic_worker
+worker_name: synapse-worker-generic
+
+worker_listeners:
+  - port: 8008
+    type: http
+    tls: false
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false

ansible/roles/docker-compose/files/synapse/config/synapse-worker-sync.yaml

@@ -0,0 +1,10 @@
+worker_app: synapse.app.generic_worker
+worker_name: synapse-worker-sync
+
+worker_listeners:
+  - type: http
+    port: 8008
+    resources:
+      - names:
+          - client
+          - federation

ansible/roles/docker-compose/files/synapse/docker-compose.yaml

@@ -1,19 +1,61 @@
 version: '3'
 services:
-  synapse:
+  synapse-main:
     image: matrixdotorg/synapse:${SYNAPSE_VERSION}
-    ports:
-      - "8008:8008/tcp"
     volumes:
       - /mnt/synapse_data:/data
       - ./config:/config
-    ports:
-      - "8008:8008/tcp"
     command:
       - run
       - --config-path=/config/homeserver.yaml
-#      - --config-path=/config/generic_worker.yaml
     restart: always
+
+  synapse-worker-generic:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    command:
+      - run
+      - "--config-path=/config/homeserver.yaml"
+      - "--config-path=/config/synapse-worker-generic.yaml"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    environment:
+      SYNAPSE_WORKER: synapse.app.generic_worker
+    depends_on:
+      - synapse-main
+    restart: unless-stopped
+
+  synapse-worker-sync:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    command:
+      - run
+      - "--config-path=/config/homeserver.yaml"
+      - "--config-path=/config/synapse-worker-sync.yaml"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    environment:
+      SYNAPSE_WORKER: synapse.app.generic_worker
+    depends_on:
+      - synapse-main
+    restart: unless-stopped
+
+  synapse-worker-federation:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    command:
+      - run
+      - "--config-path=/config/homeserver.yaml"
+      - "--config-path=/config/synapse-worker-federation.yaml"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    environment:
+      SYNAPSE_WORKER: synapse.app.generic_worker
+    depends_on:
+      - synapse-main
+    restart: unless-stopped
+
+
   nginx:
     image: nginx:${NGINX_VERSION}
     ports:
@@ -22,3 +64,25 @@ services:
     volumes:
       - ./nginx:/etc/nginx/conf.d
       - /ssl:/ssl
+    restart: unless-stopped
+
+  redis:
+    image: "redis:latest"
+    ports:
+      - "6379:6379/tcp"
+    restart: "unless-stopped"
+
+  # synapse-federation-sender-1:
+  #   image: matrixdotorg/synapse:latest
+  #   container_name: synapse-federation-sender-1
+  #   restart: unless-stopped
+  #   entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
+  #   healthcheck:
+  #     disable: true
+  #   network_mode: "host"
+  #   volumes:
+  #     - ./synapse:/data
+  #   environment:
+  #     SYNAPSE_WORKER: synapse.app.generic_worker
+  #   depends_on:
+  #     - synapse

ansible/roles/docker-compose/files/synapse/docker-compose.yaml-with-comments

@@ -0,0 +1,69 @@
+version: '3'
+services:
+  synapse-main:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    ports:
+      - "8008:8008/tcp"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    # ports:
+    #   - "8008:8008/tcp"
+    command:
+      - run
+      - --config-path=/config/homeserver.yaml
+    restart: always
+
+  synapse-worker-generic:
+    image: matrixdotorg/synapse:latest
+    command:
+      - run
+      - "--config-path=/config/homeserver.yaml"
+      - "--config-path=/config/synapse-worker-generic.yaml"
+    # ports:
+    #   - "8008:8008/tcp"
+    volumes:
+      - /mnt/synapse_data:/data
+      - ./config:/config
+    environment:
+      SYNAPSE_WORKER: synapse.app.generic_worker
+    depends_on:
+      - synapse-main
+    restart: unless-stopped
+    # healthcheck:
+    #   test: ["CMD-SHELL", "curl -fSs http://localhost:8081/health || exit 1"]
+    #   start_period: "5s"
+    #   interval: "15s"
+    #   timeout: "5s"
+
+
+  nginx:
+    image: nginx:${NGINX_VERSION}
+    ports:
+      - "80:80/tcp"
+      - "443:443/tcp"
+    volumes:
+      - ./nginx:/etc/nginx/conf.d
+      - /ssl:/ssl
+    restart: unless-stopped
+
+  redis:
+    image: "redis:latest"
+    ports:
+      - "6379:6379/tcp"
+    restart: "unless-stopped"
+
+  # synapse-federation-sender-1:
+  #   image: matrixdotorg/synapse:latest
+  #   container_name: synapse-federation-sender-1
+  #   restart: unless-stopped
+  #   entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
+  #   healthcheck:
+  #     disable: true
+  #   network_mode: "host"
+  #   volumes:
+  #     - ./synapse:/data
+  #   environment:
+  #     SYNAPSE_WORKER: synapse.app.generic_worker
+  #   depends_on:
+  #     - synapse

ansible/roles/docker-compose/files/synapse/nginx/synapse.conf

@@ -18,16 +18,38 @@ server {
         root /www;
     }
 
+    # Sync requests
+    location ~ ^/_matrix/client/(r0|v3)/sync$|^/_matrix/client/(api/v1|r0|v3)/events$|^/_matrix/client/(api/v1|r0|v3)/initialSync$|^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ {
+      proxy_set_header X-Forwarded-For $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header Host $http_host;
+      proxy_pass http://synapse-worker-sync:8008;
+    }
+
+    # Federation requests
+    location ~ ^/_matrix/federation/v1/event/|^/_matrix/federation/v1/state/|^/_matrix/federation/v1/state_ids/|^/_matrix/federation/v1/backfill/|^/_matrix/federation/v1/get_missing_events/|^/_matrix/federation/v1/publicRooms|^/_matrix/federation/v1/query/|^/_matrix/federation/v1/make_join/|^/_matrix/federation/v1/make_leave/|^/_matrix/federation/(v1|v2)/send_join/|^/_matrix/federation/(v1|v2)/send_leave/|^/_matrix/federation/(v1|v2)/invite/|^/_matrix/federation/v1/event_auth/|^/_matrix/federation/v1/timestamp_to_event/|^/_matrix/federation/v1/exchange_third_party_invite/|^/_matrix/federation/v1/user/devices/|^/_matrix/key/v2/query|^/_matrix/federation/v1/hierarchy/|^/_matrix/federation/v1/send/ {
+
+      proxy_set_header X-Forwarded-For $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header Host $http_host;
+      proxy_pass http://synapse-worker-federation:8008;
+
+    }
+
+    # Client requests
+    location ~ ^/_matrix/client/(api/v1|r0|unstable)/publicRooms$|^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/joined_members$|^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/context/.*$|^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/members$|^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/state$|^/_matrix/client/(api/v1|r0|unstable)/account/3pid$|^/_matrix/client/(api/v1|r0|unstable)/devices$|^/_matrix/client/(api/v1|r0|unstable)/keys/query$|^/_matrix/client/(api/v1|r0|unstable)/keys/changes$|^/_matrix/client/versions$|^/_matrix/client/(api/v1|r0|unstable)/voip/turnServer$|^/_matrix/client/(api/v1|r0|unstable)/joined_groups$|^/_matrix/client/(api/v1|r0|unstable)/publicised_groups$|^/_matrix/client/(api/v1|r0|unstable)/publicised_groups/|^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/event/|^/_matrix/client/(api/v1|r0|unstable)/joined_rooms$|^/_matrix/client/(api/v1|r0|unstable)/search$ {
+      proxy_set_header X-Forwarded-For $remote_addr;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header Host $http_host;
+      proxy_pass http://synapse-worker-generic:8008;
+   }
+
+    # All other matrix/synapse requests go to main
     location ~ /_matrix|/_synapse {
       proxy_set_header X-Forwarded-For $remote_addr;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header Host $http_host;
 
-      proxy_connect_timeout 600s;
-      proxy_send_timeout 600s;
-      proxy_read_timeout 600s;
-      send_timeout 600s;
-
-      proxy_pass http://synapse:8008;
+      proxy_pass http://synapse-main:8008;
     }
 }