Upgrade Synapse (v1.12.4 -> v1.13.0)

development
Slavi Pantaleev 5 years ago
parent 9b4b5198d3
commit 8fb3ce6f6d

@ -79,7 +79,6 @@
--network={{ matrix_docker_network }} --network={{ matrix_docker_network }}
--entrypoint=python --entrypoint=python
-v {{ matrix_synapse_config_dir_path }}:/data -v {{ matrix_synapse_config_dir_path }}:/data
-v {{ matrix_synapse_run_path }}:/matrix-run
-v {{ server_path_homeserver_db }}:/{{ server_path_homeserver_db|basename }}:ro -v {{ server_path_homeserver_db }}:/{{ server_path_homeserver_db|basename }}:ro
{{ matrix_synapse_docker_image }} {{ matrix_synapse_docker_image }}
/usr/local/bin/synapse_port_db --sqlite-database /{{ server_path_homeserver_db|basename }} --postgres-config /data/homeserver.yaml /usr/local/bin/synapse_port_db --sqlite-database /{{ server_path_homeserver_db|basename }} --postgres-config /data/homeserver.yaml

@ -5,13 +5,12 @@ matrix_synapse_enabled: true
matrix_synapse_container_image_self_build: false matrix_synapse_container_image_self_build: false
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.12.4" matrix_synapse_docker_image: "matrixdotorg/synapse:v1.13.0"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src" matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src"
matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config"
matrix_synapse_run_path: "{{ matrix_synapse_base_path }}/run"
matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage"
matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store"
matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext" matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext"

@ -9,7 +9,6 @@
group: "{{ matrix_user_groupname }}" group: "{{ matrix_user_groupname }}"
with_items: with_items:
- { path: "{{ matrix_synapse_config_dir_path }}", when: true } - { path: "{{ matrix_synapse_config_dir_path }}", when: true }
- { path: "{{ matrix_synapse_run_path }}", when: true }
- { path: "{{ matrix_synapse_ext_path }}", when: true } - { path: "{{ matrix_synapse_ext_path }}", when: true }
- { path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}" } - { path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}" }
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),

@ -20,10 +20,15 @@ server_name: "{{ matrix_domain }}"
# #
pid_file: /homeserver.pid pid_file: /homeserver.pid
# The path to the web client which will be served at /_matrix/client/ # The absolute URL to the web client which /_matrix/client will redirect
# if 'webclient' is configured under the 'listeners' configuration. # to if 'webclient' is configured under the 'listeners' configuration.
# #
#web_client_location: "/path/to/web/root" # This option can be also set to the filesystem path to the web client
# which will be served at /_matrix/client/ if 'webclient' is configured
# under the 'listeners' configuration, however this is a security risk:
# https://github.com/matrix-org/synapse#security-note
#
#web_client_location: https://riot.example.com/
# The public-facing base URL that clients use to access this HS # The public-facing base URL that clients use to access this HS
# (not including _matrix/...). This is the same URL a user would # (not including _matrix/...). This is the same URL a user would
@ -252,6 +257,19 @@ listeners:
{% endif %} {% endif %}
# Forward extremities can build up in a room due to networking delays between
# homeservers. Once this happens in a large room, calculation of the state of
# that room can become quite expensive. To mitigate this, once the number of
# forward extremities reaches a given threshold, Synapse will send an
# org.matrix.dummy_event event, which will reduce the forward extremities
# in the room.
#
# This setting defines the threshold (i.e. number of forward extremities in the
# room) at which dummy events are sent. The default value is 10.
#
#dummy_events_threshold: 5
## Homeserver blocking ## ## Homeserver blocking ##
# How to reach the server admin, used in ResourceLimitError # How to reach the server admin, used in ResourceLimitError
@ -410,6 +428,16 @@ retention:
# longest_max_lifetime: 1y # longest_max_lifetime: 1y
# interval: 1d # interval: 1d
# Inhibits the /requestToken endpoints from returning an error that might leak
# information about whether an e-mail address is in use or not on this
# homeserver.
# Note that for some endpoints the error situation is the e-mail already being
# used, and for others the error is entering the e-mail being unused.
# If this option is enabled, instead of returning an error, these endpoints will
# act as if no error happened and return a fake session ID ('sid') to clients.
#
#request_token_inhibit_3pid_errors: true
## TLS ## ## TLS ##
@ -706,20 +734,15 @@ media_store_path: "/matrix-media-store-parent/{{ matrix_synapse_media_store_dire
# #
#media_storage_providers: #media_storage_providers:
# - module: file_system # - module: file_system
# # Whether to write new local files. # # Whether to store newly uploaded local files
# store_local: false # store_local: false
# # Whether to write new remote media # # Whether to store newly downloaded remote files
# store_remote: false # store_remote: false
# # Whether to block upload requests waiting for write to this # # Whether to wait for successful storage for local uploads
# # provider to complete
# store_synchronous: false # store_synchronous: false
# config: # config:
# directory: /mnt/some/other/directory # directory: /mnt/some/other/directory
# Directory where in-progress uploads are stored.
#
uploads_path: "/matrix-run/uploads"
# The largest allowed upload size in bytes # The largest allowed upload size in bytes
# #
max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M" max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M"
@ -834,6 +857,31 @@ url_preview_ip_range_blacklist:
# #
max_spider_size: 10M max_spider_size: 10M
# A list of values for the Accept-Language HTTP header used when
# downloading webpages during URL preview generation. This allows
# Synapse to specify the preferred languages that URL previews should
# be in when communicating with remote servers.
#
# Each value is a IETF language tag; a 2-3 letter identifier for a
# language, optionally followed by subtags separated by '-', specifying
# a country or region variant.
#
# Multiple values can be provided, and a weight can be added to each by
# using quality value syntax (;q=). '*' translates to any language.
#
# Defaults to "en".
#
# Example:
#
# url_preview_accept_language:
# - en-UK
# - en-US;q=0.9
# - fr;q=0.8
# - *;q=0.7
#
url_preview_accept_language:
# - en
## Captcha ## ## Captcha ##
# See docs/CAPTCHA_SETUP for full details of configuring this. # See docs/CAPTCHA_SETUP for full details of configuring this.
@ -852,10 +900,6 @@ max_spider_size: 10M
# #
#enable_registration_captcha: false #enable_registration_captcha: false
# A secret key used to bypass the captcha test entirely.
#
#captcha_bypass_secret: "YOUR_SECRET_HERE"
# The API endpoint to use for verifying m.login.recaptcha responses. # The API endpoint to use for verifying m.login.recaptcha responses.
# #
#recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify" #recaptcha_siteverify_api: "https://www.recaptcha.net/recaptcha/api/siteverify"
@ -1066,6 +1110,29 @@ account_threepid_delegates:
email: {{ matrix_synapse_account_threepid_delegates_email|to_json }} email: {{ matrix_synapse_account_threepid_delegates_email|to_json }}
msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }} msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }}
# Whether users are allowed to change their displayname after it has
# been initially set. Useful when provisioning users based on the
# contents of a third-party directory.
#
# Does not apply to server administrators. Defaults to 'true'
#
#enable_set_displayname: false
# Whether users are allowed to change their avatar after it has been
# initially set. Useful when provisioning users based on the contents
# of a third-party directory.
#
# Does not apply to server administrators. Defaults to 'true'
#
#enable_set_avatar_url: false
# Whether users can change the 3PIDs associated with their accounts
# (email address and msisdn).
#
# Defaults to 'true'
#
#enable_3pid_changes: false
# Users who register on this homeserver will automatically be joined # Users who register on this homeserver will automatically be joined
# to these rooms # to these rooms
# #
@ -1108,7 +1175,7 @@ sentry:
# enabled by default, either for performance reasons or limited use. # enabled by default, either for performance reasons or limited use.
# #
metrics_flags: metrics_flags:
# Publish synapse_federation_known_servers, a g auge of the number of # Publish synapse_federation_known_servers, a gauge of the number of
# servers this homeserver knows about, including itself. May cause # servers this homeserver knows about, including itself. May cause
# performance problems on large homeservers. # performance problems on large homeservers.
# #
@ -1272,32 +1339,32 @@ saml2_config:
# remote: # remote:
# - url: https://our_idp/metadata.xml # - url: https://our_idp/metadata.xml
# #
# # By default, the user has to go to our login page first. If you'd like # # By default, the user has to go to our login page first. If you'd like
# # to allow IdP-initiated login, set 'allow_unsolicited: true' in a # # to allow IdP-initiated login, set 'allow_unsolicited: true' in a
# # 'service.sp' section: # # 'service.sp' section:
# # # #
# #service: # #service:
# # sp: # # sp:
# # allow_unsolicited: true # # allow_unsolicited: true
# #
# # The examples below are just used to generate our metadata xml, and you # # The examples below are just used to generate our metadata xml, and you
# # may well not need them, depending on your setup. Alternatively you # # may well not need them, depending on your setup. Alternatively you
# # may need a whole lot more detail - see the pysaml2 docs! # # may need a whole lot more detail - see the pysaml2 docs!
# #
# description: ["My awesome SP", "en"] # description: ["My awesome SP", "en"]
# name: ["Test SP", "en"] # name: ["Test SP", "en"]
# #
# organization: # organization:
# name: Example com # name: Example com
# display_name: # display_name:
# - ["Example co", "en"] # - ["Example co", "en"]
# url: "http://example.com" # url: "http://example.com"
# #
# contact_person: # contact_person:
# - given_name: Bob # - given_name: Bob
# sur_name: "the Sysadmin" # sur_name: "the Sysadmin"
# email_address": ["admin@example.com"] # email_address": ["admin@example.com"]
# contact_type": technical # contact_type": technical
# Instead of putting the config inline as above, you can specify a # Instead of putting the config inline as above, you can specify a
# separate pysaml2 configuration file: # separate pysaml2 configuration file:
@ -1532,8 +1599,19 @@ email:
#template_dir: "res/templates" #template_dir: "res/templates"
{% endif %} {% endif %}
# Password providers allow homeserver administrators to integrate
#password_providers: # their Synapse installation with existing authentication methods
# ex. LDAP, external tokens, etc.
#
# For more information and known implementations, please see
# https://github.com/matrix-org/synapse/blob/master/docs/password_auth_providers.md
#
# Note: instances wishing to use SAML or CAS authentication should
# instead use the `saml2_config` or `cas_config` options,
# respectively.
#
# password_providers:
# # Example config for an LDAP auth provider
# - module: "ldap_auth_provider.LdapAuthProvider" # - module: "ldap_auth_provider.LdapAuthProvider"
# config: # config:
# enabled: true # enabled: true

@ -45,7 +45,6 @@ ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
-p {{ matrix_synapse_container_manhole_api_host_bind_port }}:9000 \ -p {{ matrix_synapse_container_manhole_api_host_bind_port }}:9000 \
{% endif %} {% endif %}
-v {{ matrix_synapse_config_dir_path }}:/data:ro \ -v {{ matrix_synapse_config_dir_path }}:/data:ro \
-v {{ matrix_synapse_run_path }}:/matrix-run:rw \
-v {{ matrix_synapse_storage_path }}:/matrix-media-store-parent:slave \ -v {{ matrix_synapse_storage_path }}:/matrix-media-store-parent:slave \
{% for volume in matrix_synapse_container_additional_volumes %} {% for volume in matrix_synapse_container_additional_volumes %}
-v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \

Loading…
Cancel
Save