mirror of
https://git.sr.ht/~magic_rb/cluster
synced 2024-11-28 11:06:15 +01:00
28a55269d3
Signed-off-by: main <magic_rb@redalder.org>
176 lines
6.3 KiB
Nix
176 lines
6.3 KiB
Nix
{ nglib, nixpkgs }:
|
|
{
|
|
postgresql = nglib.makeSystem {
|
|
system = "x86_64-linux";
|
|
name = "nixng-synapse-postgresql";
|
|
inherit nixpkgs;
|
|
config = { pkgs, config, ... }:
|
|
{
|
|
config = {
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = {};
|
|
};
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_12;
|
|
|
|
initialScript = "/secrets/init.sql";
|
|
enableTCPIP = true;
|
|
|
|
authentication = "host all all all md5";
|
|
|
|
ensureDatabases = { "synapse" = { ENCODING = "UTF8"; TEMPLATE = "template0"; }; };
|
|
ensureExtensions = {};
|
|
ensureUsers = [
|
|
{ name = "synapse"; ensurePermissions = {
|
|
"DATABASE \"synapse\"" = "ALL PRIVILEGES";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
synapse = nglib.makeSystem {
|
|
system = "x86_64-linux";
|
|
name = "synapse";
|
|
inherit nixpkgs;
|
|
config = ({ pkgs, ... }:
|
|
{
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = { };
|
|
};
|
|
|
|
init.services.synapse = {
|
|
enabled = true;
|
|
shutdownOnExit = true;
|
|
script =
|
|
let
|
|
logConfig = (pkgs.formats.yaml {}).generate "log.yaml"
|
|
{
|
|
# Log configuration for Synapse.
|
|
#
|
|
# This is a YAML file containing a standard Python logging configuration
|
|
# dictionary. See [1] for details on the valid settings.
|
|
#
|
|
# Synapse also supports structured logging for machine readable logs which can
|
|
# be ingested by ELK stacks. See [2] for details.
|
|
#
|
|
# [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
|
|
# [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html
|
|
|
|
version = 1;
|
|
|
|
formatters.precise.format = "%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s";
|
|
handlers.console =
|
|
{
|
|
class = "logging.StreamHandler";
|
|
formatter = "precise";
|
|
};
|
|
loggers."synapse.storage.SQL" =
|
|
{
|
|
level = "INFO";
|
|
};
|
|
root =
|
|
{
|
|
level = "INFO";
|
|
handlers = [ "console" ];
|
|
};
|
|
|
|
disable_existing_loggers = false;
|
|
};
|
|
synapseConfig = (pkgs.formats.yaml {}).generate "synapse.yaml"
|
|
{
|
|
server_name = "matrix.redalder.org";
|
|
report_stats = "yes";
|
|
pid_file = "/homeserver.pid";
|
|
|
|
enable_registration = false;
|
|
enable_registration_without_verification = false;
|
|
|
|
listeners =
|
|
[
|
|
{
|
|
port = 6167;
|
|
tls = false;
|
|
type = "http";
|
|
x_forwarded = true;
|
|
bind_adrresses = [ "127.0.0.1" ];
|
|
resources =
|
|
[
|
|
{
|
|
names = [ "client" "federation" ];
|
|
compress = false;
|
|
}
|
|
];
|
|
}
|
|
];
|
|
log_config = logConfig;
|
|
trusted_key_servers =
|
|
[
|
|
{
|
|
server_name = "matrix.org";
|
|
}
|
|
];
|
|
media_store_path = "/var/lib/synapse/media_store";
|
|
signing_key_path = "/var/lib/synapse/signing.key";
|
|
};
|
|
in
|
|
pkgs.writeShellScript "synapse"
|
|
''
|
|
if [ -f "/var/lib/synapse/sqlite.db" ] && ! [ -f "/var/lib/synapse/migration_done" ]
|
|
then
|
|
echo "Beginning migration from SQLite to PostgeSQL!"
|
|
|
|
cat > /tmp/synapse_postgres.yaml <<EOF
|
|
database:
|
|
name: psycopg2
|
|
args:
|
|
user: synapse
|
|
password: ''${PSQL_PASSWORD}
|
|
database: synapse
|
|
host: 127.0.0.1
|
|
cp_min: 5
|
|
cp_max: 10
|
|
$(cat ${synapseConfig})
|
|
EOF
|
|
|
|
for ((i=0; i<5; i++))
|
|
do
|
|
${pkgs.matrix-synapse.python.withPackages (_: [ (pkgs.python3.pkgs.toPythonModule pkgs.matrix-synapse) ] ++ pkgs.matrix-synapse.propagatedBuildInputs)}/bin/python ${pkgs.matrix-synapse}/lib/python*/site-packages/synapse/_scripts/synapse_port_db.py \
|
|
--sqlite-database "/var/lib/synapse/sqlite.db" \
|
|
--postgres-config "/tmp/synapse_postgres.yaml"
|
|
[ $? -eq 0 ] && touch /var/lib/synapse/migration_done && break
|
|
|
|
echo "Migration attempt ''${i}/5 failed! Retrying in 30 seconds..."
|
|
sleep 30
|
|
|
|
if ((5 == i))
|
|
then
|
|
echo "Migration failed!"
|
|
exit 1
|
|
fi
|
|
done
|
|
fi
|
|
|
|
[ -e /var/lib/synapse/signing.key ] || \
|
|
${pkgs.matrix-synapse}/bin/synapse_homeserver \
|
|
--config-path ${synapseConfig} \
|
|
--config-path /secrets/extra.yaml \
|
|
--config-path /var/lib/registrations/extra.yaml \
|
|
--keys-directory /var/lib/synapse/keys \
|
|
--generate-keys
|
|
${pkgs.matrix-synapse}/bin/synapse_homeserver \
|
|
--config-path ${synapseConfig} \
|
|
--config-path /secrets/extra.yaml \
|
|
--config-path /var/lib/registrations/extra.yaml \
|
|
--keys-directory /var/lib/synapse/keys
|
|
'';
|
|
};
|
|
});
|
|
};
|
|
}
|