VEGAS/matrix: use Patroni database, move dataDir

This commit is contained in:
Max Headroom 2022-08-10 00:31:17 +02:00
parent 35189ed6de
commit e038d8180d
2 changed files with 43 additions and 21 deletions

View file

@ -1,6 +1,9 @@
{ config, lib, pkgs, tools, ... }:
{ cluster, config, lib, pkgs, tools, ... }:
let
inherit (tools.meta) domain;
patroni = cluster.config.links.patroni-pg-access;
listener = {
port = 8008;
bind_addresses = lib.singleton "127.0.0.1";
@ -34,8 +37,22 @@ let
handlers = [ "journal" ];
};
};
dbConfig.database = {
name = "psycopg2";
args = {
user = "matrix";
database = "matrix";
host = patroni.ipv4;
inherit (patroni) port;
cp_min = 1;
cp_max = 10;
};
};
clientConfigJSON = pkgs.writeText "matrix-client-config.json" (builtins.toJSON clientConfig);
logConfigJSON = pkgs.writeText "matrix-log-config.json" (builtins.toJSON logConfig);
dbConfigJSON = pkgs.writeText "matrix-log-config.json" (builtins.toJSON dbConfig);
dbPasswordFile = config.age.secrets.synapse-db.path;
dbConfigOut = "${cfg.dataDir}/synapse-db-config-generated.yml";
cfg = config.services.matrix-synapse;
in {
imports = [
@ -74,6 +91,7 @@ in {
services.matrix-synapse = {
enable = true;
plugins = [ pkgs.matrix-synapse-plugins.matrix-synapse-ldap3 ];
dataDir = "/srv/storage/private/matrix";
settings = {
server_name = domain;
@ -100,12 +118,11 @@ in {
in map makeTurnServer combinations;
};
extraConfigFiles = map (x: config.age.secrets.${x}.path) [
extraConfigFiles = (map (x: config.age.secrets.${x}.path) [
"synapse-ldap"
"synapse-db"
"synapse-turn"
"synapse-keys"
];
]) ++ [ dbConfigOut ];
};
services.nginx.virtualHosts = tools.nginx.mappers.mapSubdomains {
@ -126,9 +143,16 @@ in {
};
};
};
systemd.services = lib.genAttrs [ "coturn" "matrix-appservice-discord" "matrix-synapse" ] (_: {
systemd.services = lib.mkMerge [
(lib.genAttrs [ "coturn" "matrix-appservice-discord" "matrix-synapse" ] (_: {
serviceConfig = {
Slice = "communications.slice";
};
});
}))
{
matrix-synapse.preStart = ''
${pkgs.jq}/bin/jq -c --slurp '.[0] * .[1]' ${dbConfigJSON} '${dbPasswordFile}' | install -Dm400 -o matrix-synapse -g matrix-synapse /dev/stdin '${dbConfigOut}'
'';
}
];
}

View file

@ -1,13 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 NO562A z3CK5DY5HpHg3ACVxLrz0YF/Yn114CZeaOWbBUiDbXA
WvWSEpovH2fVJuOCk2OpzgyONyHEaQb+Koafmfz0FRM
-> ssh-ed25519 5/zT0w /FNqwfZgpihWRHg7tGH42Ak31FAC2sGtyPD20BrFuVI
GTMAwKTosLe/3xjPIrKhkQT0yKI7YaFNRNMxUOh8Rh4
-> ssh-ed25519 d3WGuA UA4tVfhoqb0nHOXw2Z94KsnsxXtyHd3Zoowcbh7/pk0
nIfnGT2AtUxZX/GFptH8RgN8kMoEf5/TYM8TH38CI7Y
-> ~0K&gN-grease u
J1bL/6N3ZA
--- LhSYtzwk6JfYCX5Ae7ldAsCwDg1Bg2W8BMM1oQvl9m8
Ŕ1Ą$ě]ĺľΞZPeÇúS śNám
[çd:ˇý2Y)YŤ^i=Řř<C598>ÎĆă7sĘľ´`°M ‘¶]ŚX@®Ű+¦©—Cz˘ <0B>•ŽŔS!đNi<>ăwö;s”ČĆéŰőR9drí
LĆWśqYűđd éŁ0kxe!c\˸¶ŤĺÉ$o1 kGľáibÜŰ4ĺMa××{˝°hOǶŐu»µ:P#ŇtÜ7e_3
-> ssh-ed25519 NO562A rUwm3B9bXVr9yQEVb+0T8TESFX3TtQ/36jzACQ/wPjs
Z9uNi+t0/0uxQcRrmESjw5y442+YXYTineRJCyeP+Cc
-> ssh-ed25519 5/zT0w EqEi9yGubbrohSMbXho2g+Bfs1wlLQ5r3jNmeDHEhzQ
pUMrCW/pktQ2e2hrGlaMRMCCzLEQ0StArhZNjoqiJUs
-> ssh-ed25519 d3WGuA P5gHDU9MHDe88QmIEX1xLqw07QB0rMtHMThxqCd2IHw
TePeD3eny5ptgor08ORKVslB4LOX5ITz1ebssB1F2bw
-> X-grease d c4UL V1
y+2gDQ
--- oEZLM3hETNqGb7gl5COcl8NzEL4029rFRVZWtZ1IjWI
0z [©D9BYb×WaÇ[ HÍCE:<sHÑ*Ó7ë‡Ñ†ï÷Eñ½‡ƒºp°õó_ ˜²ÁýPBÄÅ6Ô<36>)<29>¤OkîGšW<C5A1>Å=Ûˆe;^;ÆÕÐÿ<C390>C&¬w <0B>"T¸ppýJSëpA<70>oõ”Lq*ýò,ÕúU2<[Íœ<C38D>áßÝ<C39F> ܹÖÇLïò7Ï<37>ø¨fºÔ¬ðDZê·X!xž.€++a…{?–¿õrÀÂîð,`ì`£3F$²2oðˆ?l·Kö¼Sâ,ÁñM‰21£¾åärÓ(+΃DxŒ7 ŒV„.Út7aQ÷bîè»7N=¶PÑä07À…c|Q& ¸j¬²,Q‡¿ Ï£<C38F>*½‰_,’®¿ÿ‚ÿÍ ýžÃ.᫧w÷I|