parent
9b97ab6a90
commit
9c68b057b0
@ -0,0 +1,49 @@
|
|||||||
|
#
|
||||||
|
# Tasks related to setting up s3fs
|
||||||
|
#
|
||||||
|
|
||||||
|
- name: Ensure S3fs Docker image is pulled
|
||||||
|
docker_image:
|
||||||
|
name: "{{ docker_s3fs_image }}"
|
||||||
|
when: matrix_s3_media_store_enabled
|
||||||
|
|
||||||
|
- name: Ensure s3fs-credentials file created
|
||||||
|
template:
|
||||||
|
src: "{{ role_path }}/templates/s3fs-credentials.j2"
|
||||||
|
dest: "{{ matrix_base_data_path }}/s3fs-credentials"
|
||||||
|
owner: root
|
||||||
|
mode: 0600
|
||||||
|
when: matrix_s3_media_store_enabled
|
||||||
|
|
||||||
|
- name: Ensure matrix-s3fs.service installed
|
||||||
|
template:
|
||||||
|
src: "{{ role_path }}/templates/systemd/matrix-s3fs.service.j2"
|
||||||
|
dest: "/etc/systemd/system/matrix-s3fs.service"
|
||||||
|
mode: 0644
|
||||||
|
when: matrix_s3_media_store_enabled
|
||||||
|
|
||||||
|
#
|
||||||
|
# Tasks related to getting rid of s3fs (if it was previously enabled)
|
||||||
|
#
|
||||||
|
- name: Ensure matrix-s3fs is stopped
|
||||||
|
service: name=matrix-s3fs state=stopped daemon_reload=yes
|
||||||
|
register: stopping_result
|
||||||
|
when: "not matrix_s3_media_store_enabled"
|
||||||
|
|
||||||
|
- name: Ensure matrix-s3fs.service doesn't exist
|
||||||
|
file:
|
||||||
|
path: "{{ matrix_base_data_path }}/s3fs-credentials"
|
||||||
|
state: absent
|
||||||
|
when: "not matrix_s3_media_store_enabled"
|
||||||
|
|
||||||
|
- name: Ensure s3fs-credentials doesn't exist
|
||||||
|
file:
|
||||||
|
path: "{{ matrix_base_data_path }}/s3fs-credentials"
|
||||||
|
state: absent
|
||||||
|
when: "not matrix_s3_media_store_enabled"
|
||||||
|
|
||||||
|
- name: Ensure S3fs Docker image doesn't exist
|
||||||
|
docker_image:
|
||||||
|
name: "{{ docker_s3fs_image }}"
|
||||||
|
state: absent
|
||||||
|
when: "not matrix_s3_media_store_enabled"
|
@ -0,0 +1 @@
|
|||||||
|
{{ matrix_s3_media_store_aws_access_key }}:{{ matrix_s3_media_store_aws_secret_key }}
|
@ -0,0 +1,35 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Matrix S3fs media store
|
||||||
|
After=docker.service
|
||||||
|
Requires=docker.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
ExecStartPre=-/usr/bin/docker kill %n
|
||||||
|
ExecStartPre=-/usr/bin/docker rm %n
|
||||||
|
ExecStartPre=-/usr/bin/mkdir /tmp/matrix-s3fs-cache
|
||||||
|
ExecStart=/usr/bin/docker run --rm --name %n \
|
||||||
|
-v {{ matrix_base_data_path }}/s3fs-credentials:/s3fs-credentials \
|
||||||
|
--security-opt apparmor:unconfined \
|
||||||
|
--cap-add mknod \
|
||||||
|
--cap-add sys_admin \
|
||||||
|
--device=/dev/fuse \
|
||||||
|
-v {{ matrix_synapse_media_store_path }}:/media-store:shared \
|
||||||
|
-v /tmp/matrix-s3fs-cache:/s3fs-cache \
|
||||||
|
{{ docker_s3fs_image }} \
|
||||||
|
/usr/bin/s3fs -f \
|
||||||
|
-o allow_other \
|
||||||
|
-o use_cache=/s3fs-cache \
|
||||||
|
-o storage_class=standard_ia \
|
||||||
|
-o passwd_file=/s3fs-credentials \
|
||||||
|
{{ matrix_s3_media_store_bucket_name }} /media-store
|
||||||
|
TimeoutStartSec=5min
|
||||||
|
ExecStop=-/usr/bin/docker stop %n
|
||||||
|
ExecStop=-/usr/bin/docker kill %n
|
||||||
|
ExecStop=-/usr/bin/docker rm %n
|
||||||
|
ExecStop=-/usr/bin/rm -rf /tmp/matrix-s3fs-cache
|
||||||
|
Restart=always
|
||||||
|
RestartSec=5
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in new issue