feat(synapse): add quadlet-managed synapse matrix server role #94

Merged
saibotk merged 1 commit from add-synapse into main 2025-03-23 22:01:29 +01:00
Owner

This is a quadlet-managed setup for synapse, the main matrix server implementation.

Note: The config file is currently not managed via ansible and needs to be setup manually.
This is atm not easy to set up out of the box and needs some manual work.

This is a quadlet-managed setup for synapse, the main matrix server implementation. Note: The config file is currently not managed via ansible and needs to be setup manually. This is atm not easy to set up out of the box and needs some manual work.
feat(synapse): add quadlet-managed synapse matrix server role
All checks were successful
ci/woodpecker/pr/ansible-lint Pipeline was successful
3df45cef7f
This is a quadlet-managed setup for synapse, the main matrix server implementation.

Note: The config file is currently not managed via ansible and needs to be setup manually.
This is atm not easy to set up out of the box and needs some manual work.
requested review from histalek 2025-03-16 19:21:53 +01:00
saibotk self-assigned this 2025-03-17 00:32:49 +01:00
@ -0,0 +13,4 @@
Image = {{ synapse_containerimage }}:{{ synapse_image_tag }}
ContainerName = synapse
# AutoUpdate = registry
Author
Owner

@histalek FYI: I disabled these on most of my roles, especially the larger projects like synapse and mastodon because they should only restart when explicitly told to (rather critical parts of the infra) and also are partly not capable of correctly restarting atm. See mastodon and would cause it to fail.

Is this fine? What are your thoughts on the AutoUpdate config?

Let's roughly decide on a general baseline consensus on this setting.

In general i think this is fine for smaller less relevant containers. For more critical services, i think this should in theory work fine too, but could still lead to some issues where systems do not correctly restart or break due to some weird interaction with the restart / race conditions. I'd like to have that off there by default.

@histalek FYI: I disabled these on most of my roles, especially the larger projects like synapse and mastodon because they should only restart when explicitly told to (rather critical parts of the infra) and also are partly not capable of correctly restarting atm. See mastodon and would cause it to fail. Is this fine? What are your thoughts on the AutoUpdate config? Let's roughly decide on a general baseline consensus on this setting. In general i think this is fine for smaller less relevant containers. For more critical services, i think this should in theory work fine too, but could still lead to some issues where systems do not correctly restart or break due to some weird interaction with the restart / race conditions. I'd like to have that off there by default.
Owner

Jup that's fine.

and also are partly not capable of correctly restarting atm. See mastodon and would cause it to fail.

i'd consider such cases to be a bug - which should be fixed. But disabling auto-updates for known bad services is totally fine until they can restart properly.

where systems do not correctly restart or break due to some weird interaction with the restart / race conditions

same goes for this

Jup that's fine. > and also are partly not capable of correctly restarting atm. See mastodon and would cause it to fail. i'd consider such cases to be a bug - which should be fixed. But disabling auto-updates for known bad services is totally fine until they can restart properly. > where systems do not correctly restart or break due to some weird interaction with the restart / race conditions same goes for this
histalek approved these changes 2025-03-18 20:54:09 +01:00
@ -0,0 +18,4 @@
# Server name removing
-Server
}
Owner

we have this exact caddy block, dozens of times in our roles

we probably should create some default Caddy snippets in the caddy role to reduce clutter and/or highlight places where our default isn't used.

we have this exact caddy block, dozens of times in our roles we probably should create some default [Caddy snippets]([url](https://caddyserver.com/docs/caddyfile/concepts#snippets)) in the caddy role to reduce clutter and/or highlight places where our default isn't used.
@ -0,0 +27,4 @@
{% endif %}
Network = caddy.network
DNS = 1.1.1.1
Owner

This is a workaround right? Do you remember what it was for?

This is a workaround right? Do you remember what it was for?
Author
Owner

good catch, will document it in a comment.

This is because somehow synapse with SSO on the same host sometimes has issues resolving the DNS for that host.
God knows why, but explicitly using an external DNS here seemed to have fixed the issue.

good catch, will document it in a comment. This is because somehow synapse with SSO on the same host sometimes has issues resolving the DNS for that host. God knows why, but explicitly using an external DNS here seemed to have fixed the issue.
histalek marked this conversation as resolved
saibotk deleted branch add-synapse 2025-03-23 22:01:29 +01:00
Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: SipsOfCode/infrastructure#94
No description provided.