From 332521414788deef7833e47179d0b33245ad7da0 Mon Sep 17 00:00:00 2001 From: Piotr Dobrowolski Date: Fri, 29 Dec 2023 23:10:43 +0100 Subject: [PATCH] matrix: bump synapse, element-web, telegram, mmr Change-Id: Ia66cd31590f9936c04735e1b2889f588e02d8534 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1859 Reviewed-by: implr --- app/matrix/lib/matrix-ng.libsonnet | 10 ++++++---- app/matrix/lib/media-repo.libsonnet | 3 ++- app/matrix/lib/synapse.libsonnet | 23 ++++++++++++++++++----- app/matrix/matrix.hackerspace.pl.jsonnet | 3 +++ 4 files changed, 29 insertions(+), 10 deletions(-) diff --git a/app/matrix/lib/matrix-ng.libsonnet b/app/matrix/lib/matrix-ng.libsonnet index 153e4f7d..bbf63821 100644 --- a/app/matrix/lib/matrix-ng.libsonnet +++ b/app/matrix/lib/matrix-ng.libsonnet @@ -109,13 +109,13 @@ local coturn = import "./coturn.libsonnet"; storageClassName: "waw-hdd-redundant-3", images: { - synapse: "matrixdotorg/synapse:v1.79.0", - riot: "vectorim/element-web:v1.11.26", + synapse: "matrixdotorg/synapse:v1.98.0", + riot: "vectorim/element-web:v1.11.54", casProxy: "registry.k0.hswaw.net/q3k/oauth2-cas-proxy:0.1.4", appserviceIRC: "matrixdotorg/matrix-appservice-irc:release-0.35.1", - appserviceTelegram: "dock.mau.dev/mautrix/telegram@sha256:5709a05cd10c3f3e8d7cbb8378db685406f05ba6f133a63807929605b560c1f8", + appserviceTelegram: "dock.mau.dev/mautrix/telegram:v0.15.1@sha256:e328dcf5893a3ec782212d9bb008e4f81ac3cf4e3c7abc3a49cf6b277749b32d", wellKnown: "registry.k0.hswaw.net/q3k/wellknown:1611960794-adbf560851a46ad0e58b42f0daad7ef19535687c", - mediaRepo: "turt2live/matrix-media-repo:v1.2.12", + mediaRepo: "turt2live/matrix-media-repo:v1.3.3", coturn: "coturn/coturn:4.5.2-r11-alpine", }, @@ -185,6 +185,7 @@ local coturn = import "./coturn.libsonnet"; region: error "mediaRepo.s3.region needs to be set", }, + datastoreId: error "mediaRepo.datastoreId needs to be set (see https://docs.t2bot.io/matrix-media-repo/v1.3.3/upgrading/130.html)", db: { username: "mediarepo", password: error "mediaRepo.db.password needs to be set", @@ -317,6 +318,7 @@ local coturn = import "./coturn.libsonnet"; ], admins: cfg.admins, + datastoreId: cfg.mediaRepo.datastoreId, s3: cfg.mediaRepo.s3, db: cfg.mediaRepo.db, }, diff --git a/app/matrix/lib/media-repo.libsonnet b/app/matrix/lib/media-repo.libsonnet index 0c610949..908c6d00 100644 --- a/app/matrix/lib/media-repo.libsonnet +++ b/app/matrix/lib/media-repo.libsonnet @@ -9,6 +9,7 @@ local kube = import "../../../kube/kube.libsonnet"; homeservers: [], admins: [], + datastoreId: error "cfg.datastoreId needs to be set (see https://docs.t2bot.io/matrix-media-repo/v1.3.3/upgrading/130.html)", s3: { endpoint: error "cfg.s3.endpoint needs to be set", accessKey: error "cfg.s3.accessKey needs to be set", @@ -46,8 +47,8 @@ local kube = import "../../../kube/kube.libsonnet"; datastores: [ { type: "s3", - enabled: true, forKinds: ["all"], + id: cfg.datastoreId, opts: { tempPath: "/tmp/mediarepo_s3_upload", endpoint: cfg.s3.endpoint, diff --git a/app/matrix/lib/synapse.libsonnet b/app/matrix/lib/synapse.libsonnet index 6c301950..7ac90a48 100644 --- a/app/matrix/lib/synapse.libsonnet +++ b/app/matrix/lib/synapse.libsonnet @@ -50,6 +50,18 @@ local kube = import "../../../kube/kube.libsonnet"; notify_appservices: cfg.appserviceWorker == false, + # TODO(informatic): remove after upgrading appservices to support + # Authorization header + use_appservice_legacy_authorization: true, + + instance_map: { + main: { + host: "synapse-replication-master", + port: 9093, + tls: false, + } + }, + # FIXME(informatic) Rolling out with federationWorkers = true breaks # *some* federation, needs investigation... #send_federation: cfg.federationWorker == false, @@ -101,10 +113,6 @@ local kube = import "../../../kube/kube.libsonnet"; localConfig: { worker_app: workerType, worker_name: "$(POD_NAME)", - - # The replication listener on the main synapse process. - worker_replication_host: "synapse-replication-master", - worker_replication_http_port: 9093, }, # Mount app.dataVolume in /data @@ -308,7 +316,6 @@ local kube = import "../../../kube/kube.libsonnet"; ^/_matrix/client/v1/rooms/.*/hierarchy$ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ ^/_matrix/client/v1/rooms/.*/threads$ - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ ^/_matrix/client/(r0|v3|unstable)/account/3pid$ ^/_matrix/client/(r0|v3|unstable)/account/whoami$ @@ -318,8 +325,12 @@ local kube = import "../../../kube/kube.libsonnet"; ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$ + ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$) + ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$ + ^/_matrix/client/(r0|v3|unstable)/capabilities$ + ^/_matrix/client/(r0|v3|unstable)/notifications$ # Encryption requests ^/_matrix/client/(r0|v3|unstable)/keys/query$ @@ -331,7 +342,9 @@ local kube = import "../../../kube/kube.libsonnet"; # Registration/login requests ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ ^/_matrix/client/(r0|v3|unstable)/register$ + ^/_matrix/client/(r0|v3|unstable)/register/available$ ^/_matrix/client/v1/register/m.login.registration_token/validity$ + ^/_matrix/client/(r0|v3|unstable)/password_policy$ # Event sending requests ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact diff --git a/app/matrix/matrix.hackerspace.pl.jsonnet b/app/matrix/matrix.hackerspace.pl.jsonnet index e3d401ad..14000e86 100644 --- a/app/matrix/matrix.hackerspace.pl.jsonnet +++ b/app/matrix/matrix.hackerspace.pl.jsonnet @@ -27,6 +27,9 @@ matrix { mediaRepo+: { enable: true, route: true, + + datastoreId: "1c67d8fea76c78f0b67fe1c7908f511dd1a9acdd", + s3+: { endpoint: std.strReplace((import "secrets/plain/media-repo-matrix-ceph.json").Endpoint, "http://", ""), accessKey: (import "secrets/plain/media-repo-matrix-ceph.json").AccessKey,