WIP: matrix

2023-02-25 15:06:17 +01:00 · 2023-02-25 15:06:17 +01:00 · b638cd7310
commit b638cd7310
parent cb861223ea
21 changed files with 249 additions and 14 deletions
--- a/roles/matrix/templates/docker-compose.yml.j2
+++ b/roles/matrix/templates/docker-compose.yml.j2
@ -0,0 +1,41 @@
+version: '3'
+
+services:
+  synapse:
+    image: docker.io/matrixdotorg/synapse:v1.77.0
+    restart: unless-stopped
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
+    volumes:
+      - /data/matrix/uploads:/data/uploads
+      - /data/matrix/media:/data/media
+      - /srv/matrix/homeserver.yaml:/data/homeserver.yaml
+      - /srv/matrix/matrix.log.config:/data/matrix.log.config
+      - /srv/matrix/matrix.signing.key:/data/matrix.signing.key
+    depends_on:
+      - db
+    networks:
+      - traefik
+    ports:
+      - "{{ internal_matrix_port }}:8008"
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.matrix.entryPoints=websecure
+      - traefik.http.routers.matrix.rule=Host(`{{ matrix_domain }}`)
+      - traefik.http.routers.matrix.tls=true
+      - traefik.http.routers.matrix.tls.certResolver=letsencrypt
+      - traefik.http.routers.matrix.service=matrix
+      - traefik.http.services.matrix.loadbalancer.server.port=8008
+
+  db:
+    image: docker.io/postgres:12-alpine
+    environment:
+      - POSTGRES_USER=synapse
+      - POSTGRES_PASSWORD={{ database_password }}
+      - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
+    volumes:
+      - /data/matrix/schemas:/var/lib/postgresql/data
+
+networks:
+  traefik:
+    external: true
--- a/roles/matrix/templates/homeserver.yaml.j2
+++ b/roles/matrix/templates/homeserver.yaml.j2
@ -0,0 +1,35 @@
+# Configuration file for Synapse.
+#
+# For more information on how to configure Synapse, including a complete accounting of
+# each option, go to docs/usage/configuration/config_documentation.md or
+# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
+server_name: "{{ matrix_domain }}"
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8008
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+database:
+  name: psycopg2
+  args:
+    user: synapse
+    password: "{{ database_password }}"
+    host: db
+    cp_min: 5
+    cp_max: 10
+log_config: "/data/matrix.log.config"
+media_store_path: "/data/media"
+registration_shared_secret: "{{ registration_shared_secret }}"
+report_stats: false
+macaroon_secret_key: "{{ macaroon_secret_key }}"
+form_secret: "{{ form_secret }}"
+signing_key_path: "/data/matrix.signing.key"
+trusted_key_servers:
+  - server_name: "matrix.org"
+
+
+# vim:ft=yaml