iartamonov/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-02-07 14:33:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove sliding sync proxy

Browse Source 
Reuse 2b7a0453eb

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
This commit is contained in:
Suguru Hirahara
2025-11-08 17:54:08 +09:00
committed by Slavi Pantaleev
parent c8920885f9
commit 90129f75aa
17 changed files with 34 additions and 612 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@@ -84,6 +84,12 @@ Thanks to [Suguru Hirahara](https://github.com/luixxiul), the playbook now suppo
To learn more, see our [Setting up Zulip bridging](docs/configuring-playbook-bridge-zulip.md) documentation page.
## The Sliding Sync proxy has been removed from the playbook
The [Sliding Sync proxy](./docs/configuring-playbook-sliding-sync-proxy.md) has been removed from the playbook, as it's been replaced with a different method (called Simplified Sliding Sync) integrated to newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`).
The playbook will let you know if you're using any `matrix_sliding_sync_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the proxy manually](./docs/configuring-playbook-sliding-sync-proxy.md#uninstalling-the-proxy-manually).
# 2025-11-07
## The matrix-chatgpt-bot has been removed from the playbook

1
README.md
View File

@@ -175,7 +175,6 @@ Various services that don't fit any other categories.
| Name | Default? | Description | Documentation |
| ---- | -------- | ----------- | ------------- |
| [sliding-sync](https://github.com/matrix-org/sliding-sync)| ❌ | (Superseded by Simplified Sliding Sync integrated into Synapse > `1.114` and Conduit > `0.6.0`) Sliding Sync support for clients which require it (e.g. old Element X versions before Simplified Sliding Sync was developed) | [Link](docs/configuring-playbook-sliding-sync-proxy.md) |
| [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | ❌ | Synapse module to automatically accept invites | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) |
| [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | ❌ | Cli tool that automatically compresses `state_groups` database table in background | [Link](docs/configuring-playbook-synapse-auto-compressor.md) |
| [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | ❌ | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) |

92
docs/configuring-playbook-sliding-sync-proxy.md
View File

@@ -1,5 +1,10 @@
<!--
SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Eduardo Beltrame
SPDX-FileCopyrightText: 2020 Tulir Asokan
SPDX-FileCopyrightText: 2021 MDAD project contributors
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 Vladimir Panteleev
SPDX-FileCopyrightText: 2023 Justin Croonenberghs
SPDX-FileCopyrightText: 2023 Kuba Orlik
SPDX-FileCopyrightText: 2023 Pierre 'McFly' Marty
@@ -11,85 +16,18 @@ SPDX-FileCopyrightText: 2024 MDAD project contributors
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up the Sliding Sync proxy (optional)
# Setting up the Sliding Sync proxy (optional, removed)
**Note**: The sliding-sync proxy is **not required** anymore as it's been replaced with a different method (called Simplified Sliding Sync) which is integrated into newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`). This component and documentation remain here for historical purposes, but **installing this old sliding-sync proxy is generally not recommended anymore**.
🪦 The playbook used to be able to install and configure the [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy, but no longer includes this component, as it's been replaced with a different method (called Simplified Sliding Sync) integrated to newer homeservers by default (**Conduit** homeserver from version `0.6.0` or **Synapse** from version `1.114`).
The playbook can install and configure [sliding-sync](https://github.com/matrix-org/sliding-sync) proxy for you.
## Uninstalling the proxy manually
Sliding Sync is an implementation of [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/sync-v3/proposals/3575-sync.md) and a prerequisite for running Element X clients ([Element X iOS](https://github.com/element-hq/element-x-ios) and [Element X Android](https://github.com/element-hq/element-x-android)). See the project's [documentation](https://github.com/matrix-org/sliding-sync) to learn more.
If you still have the Sliding Sync proxy installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
## Adjusting DNS records (optional)
By default, this playbook installs the Sliding Sync proxy on the `matrix.` subdomain, at the `/sliding-sync` path (https://matrix.example.com/sliding-sync). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section.
If you wish to adjust it, see the section [below](#adjusting-the-sliding-sync-proxy-url-optional) for details about DNS configuration.
## Adjusting the playbook configuration
To enable Sliding Sync proxy, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_sliding_sync_enabled: true
```
### Adjusting the Sliding Sync proxy URL (optional)
By tweaking the `matrix_sliding_sync_hostname` and `matrix_sliding_sync_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one.
Example additional configuration for your `vars.yml` file:
```yaml
# Change the default hostname and path prefix
matrix_sliding_sync_hostname: ss.example.com
matrix_sliding_sync_path_prefix: /
```
If you've changed the default hostname, you may need to create a CNAME record for the Sliding Sync proxy domain (`ss.example.com`), which targets `matrix.example.com`.
When setting, replace `example.com` with your own.
### Extending the configuration
There are some additional things you may wish to configure about the component.
Take a look at:
- `roles/custom/matrix-sliding-sync/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
systemctl disable --now matrix-sliding-sync.service
rm -rf /matrix/sliding-sync
/matrix/postgres/bin/cli-non-interactive 'DROP DATABASE matrix_sliding_sync;'
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
### External databases
Please note that, if your setup utilizes an external database, you must also establish configuration for the sliding sync proxy. Alter the defaults below to suit your configuration:
```yaml
matrix_sliding_sync_database_username: 'matrix_sliding_sync'
matrix_sliding_sync_database_password: ''
matrix_sliding_sync_database_hostname: ''
matrix_sliding_sync_database_port: 5432
matrix_sliding_sync_database_name: 'matrix_sliding_sync'
```
## Usage
You **don't need to do anything special** to make use of the Sliding Sync proxy. Simply open your client which supports Sliding Sync (like Element X) and log in.
When the Sliding Sync proxy is [installed](#installing), your `/.well-known/matrix/client` file is also updated. A new `org.matrix.msc3575.proxy` section and `url` property are added there and made to point to your Sliding Sync proxy's base URL (e.g. `https://matrix.example.com/sliding-sync`).
This allows clients which support Sliding Sync to detect the Sliding Sync proxy's URL and make use of it.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-sliding-sync`.

2
docs/container-images.md
View File

@@ -153,7 +153,6 @@ Various services that don't fit any other categories.
| Service | Container image | Default? | Description |
| ------- | --------------- | -------- | ----------- |
| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | ❌ | Sliding Sync support for clients which require it (like old Element X versions, before it got switched to Simplified Sliding Sync) |
| [synapse_auto_accept_invite](configuring-playbook-synapse-auto-accept-invite.md) | (N/A) | ❌ | Synapse module to automatically accept invites |
| [synapse_auto_compressor](configuring-playbook-synapse-auto-compressor.md) | [mb-saces/rust-synapse-tools](https://gitlab.com/mb-saces/rust-synapse-tools/container_registry) | ❌ | Cli tool that automatically compresses Synapse's `state_groups` database table in background |
| [Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced) | [devture/matrix-corporal](https://hub.docker.com/r/devture/matrix-corporal/) | ❌ | Reconciliator and gateway for a managed Matrix server |
@@ -186,3 +185,4 @@ The list of the deprecated or unmaintained services is available [here](configur
| [mx-puppet-instagram](configuring-playbook-bridge-mx-puppet-instagram.md) | [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) | ❌ | Bridge for Instagram-DMs ([Instagram](https://www.instagram.com/)) |
| [mx-puppet-slack](configuring-playbook-bridge-mx-puppet-slack.md) | [mx-puppet/slack/mx-puppet-slack](https://gitlab.com/mx-puppet/slack/mx-puppet-slack/container_registry) | ❌ | Bridge to [Slack](https://slack.com) |
| [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) | [sorunome/mx-puppet-twitter](https://hub.docker.com/r/sorunome/mx-puppet-twitter) | ❌ | Bridge for Twitter-DMs ([Twitter](https://twitter.com/)) |
| [sliding-sync](configuring-playbook-sliding-sync-proxy.md) | [matrix-org/sliding-sync](https://ghcr.io/matrix-org/sliding-sync) | ❌ | Sliding Sync support for clients which require it (like old Element X versions, before it got switched to Simplified Sliding Sync) |

75
group_vars/matrix_servers
View File

@@ -421,8 +421,6 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-registration.service', 'priority': 4000, 'groups': ['matrix', 'registration', 'matrix-registration']}] if matrix_registration_enabled else [])
+
([{'name': 'matrix-sliding-sync.service', 'priority': 1500, 'groups': ['matrix', 'sliding-sync']}] if matrix_sliding_sync_enabled else [])
+
([{'name': 'matrix-sygnal.service', 'priority': 800, 'groups': ['matrix', 'sygnal']}] if matrix_sygnal_enabled else [])
+
([{'name': 'matrix-goofys.service', 'priority': 800, 'groups': ['matrix', 'goofys']}] if matrix_s3_media_store_enabled else [])
@@ -3828,12 +3826,6 @@ postgres_managed_databases_auto: |
'password': matrix_authentication_service_config_database_password,
}] if (matrix_authentication_service_enabled and matrix_authentication_service_config_database_host == postgres_connection_hostname) else [])
+
([{
'name': matrix_sliding_sync_database_name,
'username': matrix_sliding_sync_database_username,
'password': matrix_sliding_sync_database_password,
}] if (matrix_sliding_sync_enabled) else [])
+
([{
'name': matrix_ma1sd_database_name,
'username': matrix_ma1sd_database_username,
@@ -5331,73 +5323,6 @@ matrix_registration_database_password: "{{ '%s' | format(matrix_homeserver_gener
#
######################################################################
######################################################################
#
# matrix-sliding-sync
#
######################################################################
# We don't enable the sliding sync proxy by default.
matrix_sliding_sync_enabled: false
matrix_sliding_sync_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
matrix_sliding_sync_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_sliding_sync_path_prefix: /sliding-sync
matrix_sliding_sync_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_sliding_sync_container_image_registry_prefix_upstream_default }}"
matrix_sliding_sync_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_sliding_sync_container_network: "{{ matrix_homeserver_container_network }}"
matrix_sliding_sync_container_additional_networks: |
{{
(
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_sliding_sync_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network else [])
+
([] if matrix_homeserver_container_network in ['', matrix_sliding_sync_container_network] else [matrix_homeserver_container_network])
+
([postgres_container_network] if postgres_enabled and postgres_container_network != matrix_sliding_sync_container_network else [])
) | unique
}}
matrix_sliding_sync_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_sliding_sync_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_sliding_sync_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_sliding_sync_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
matrix_sliding_sync_systemd_required_services_list_auto: |
{{
matrix_homeserver_systemd_services_list
+
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_sliding_sync_database_hostname == postgres_connection_hostname) else [])
}}
matrix_sliding_sync_environment_variable_syncv3_server: "{{ matrix_homeserver_container_url }}"
matrix_sliding_sync_environment_variable_syncv3_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ss.secret', rounds=655555) | to_uuid }}"
matrix_sliding_sync_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
matrix_sliding_sync_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ss.db', rounds=655555) | to_uuid }}"
matrix_sliding_sync_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
matrix_sliding_sync_metrics_proxying_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_metrics_exposure_enabled }}"
matrix_sliding_sync_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
matrix_sliding_sync_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/sliding-sync"
#####################################################################
#
# /matrix-sliding-sync
#
######################################################################
######################################################################
#
# matrix-dendrite

137
roles/custom/matrix-sliding-sync/defaults/main.yml
View File

@@ -1,137 +0,0 @@
# SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2023 David Mehren
# SPDX-FileCopyrightText: 2023 Kabir Kwatra
# SPDX-FileCopyrightText: 2023 Nikita Chernyi
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
# SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
# SPDX-FileCopyrightText: 2024 HarHarLinks
# SPDX-FileCopyrightText: 2024 MDAD project contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# Sliding Sync proxy is an implementation of MSC3575 for the new sliding sync
# Project source code URL: https://github.com/matrix-org/sliding-sync
matrix_sliding_sync_enabled: true
# renovate: datasource=docker depName=ghcr.io/matrix-org/sliding-sync
matrix_sliding_sync_version: v0.99.19
matrix_sliding_sync_scheme: https
# The hostname at which sliding-sync is served.
matrix_sliding_sync_hostname: ''
# The path at which sliding-sync is served.
# This value must either be `/` or not end with a slash (e.g. `/sliding-sync`).
matrix_sliding_sync_path_prefix: /
matrix_sliding_sync_base_path: "{{ matrix_base_data_path }}/sliding-sync"
matrix_sliding_sync_container_image_self_build: false
matrix_sliding_sync_container_image_self_build_repo: https://github.com/matrix-org/sliding-sync
matrix_sliding_sync_container_image_self_build_repo_version: "{{ 'main' if matrix_sliding_sync_version == 'main' else matrix_sliding_sync_version }}"
matrix_sliding_sync_container_src_path: "{{ matrix_sliding_sync_base_path }}/container-src"
matrix_sliding_sync_container_image: "{{ matrix_sliding_sync_container_image_registry_prefix }}matrix-org/sliding-sync:{{ matrix_sliding_sync_container_image_tag }}"
matrix_sliding_sync_container_image_registry_prefix: "{{ 'localhost/' if matrix_sliding_sync_container_image_self_build else matrix_sliding_sync_container_image_registry_prefix_upstream }}"
matrix_sliding_sync_container_image_registry_prefix_upstream: "{{ matrix_sliding_sync_container_image_registry_prefix_upstream_default }}"
matrix_sliding_sync_container_image_registry_prefix_upstream_default: "ghcr.io/"
matrix_sliding_sync_container_image_tag: "{{ matrix_sliding_sync_version }}"
matrix_sliding_sync_container_image_force_pull: "{{ matrix_sliding_sync_container_image.endswith(':main') }}"
# The base container network. It will be auto-created by this role if it doesn't exist already.
matrix_sliding_sync_container_network: ''
# A list of additional container networks that the container would be connected to.
# The role does not create these networks, so make sure they already exist.
# Use this to expose this container to another reverse proxy, which runs in a different container network.
matrix_sliding_sync_container_additional_networks: []
# Enable the exposure of metrics to Prometheus
# See https://github.com/matrix-org/sliding-sync/tree/main/grafana
matrix_sliding_sync_metrics_enabled: false
matrix_sliding_sync_metrics_port: 2112
# Controls whether Sliding Sync metrics should be proxied (exposed) on `matrix.example.com/metrics/sliding-sync`
matrix_sliding_sync_metrics_proxying_enabled: false
matrix_sliding_sync_metrics_proxying_hostname: ''
matrix_sliding_sync_metrics_proxying_path: /metrics/sliding-sync
# matrix_sliding_sync_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_sliding_sync_container_labels_additional_labels`.
matrix_sliding_sync_container_labels_traefik_enabled: true
matrix_sliding_sync_container_labels_traefik_docker_network: "{{ matrix_sliding_sync_container_network }}"
matrix_sliding_sync_container_labels_traefik_hostname: "{{ matrix_sliding_sync_hostname }}"
# The path prefix must either be `/` or not end with a slash (e.g. `/sliding-sync`).
matrix_sliding_sync_container_labels_traefik_path_prefix: "{{ matrix_sliding_sync_path_prefix }}"
matrix_sliding_sync_container_labels_traefik_rule: "Host(`{{ matrix_sliding_sync_container_labels_traefik_hostname }}`){% if matrix_sliding_sync_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ matrix_sliding_sync_container_labels_traefik_path_prefix }}`){% endif %}"
matrix_sliding_sync_container_labels_traefik_priority: 0
matrix_sliding_sync_container_labels_traefik_entrypoints: web-secure
matrix_sliding_sync_container_labels_traefik_tls: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints != 'web' }}"
matrix_sliding_sync_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose metrics (see `matrix_sliding_sync_metrics_proxying_enabled`) for Sliding Sync
matrix_sliding_sync_container_labels_public_metrics_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_sliding_sync_metrics_proxying_enabled }}"
matrix_sliding_sync_container_labels_public_metrics_traefik_path: "{{ matrix_sliding_sync_metrics_proxying_path }}"
matrix_sliding_sync_container_labels_public_metrics_traefik_rule: "Host(`{{ matrix_sliding_sync_metrics_proxying_hostname }}`) && Path(`{{ matrix_sliding_sync_container_labels_public_metrics_traefik_path }}`)"
matrix_sliding_sync_container_labels_public_metrics_traefik_priority: 0
matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints }}"
matrix_sliding_sync_container_labels_public_metrics_traefik_tls: "{{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints != 'web' }}"
matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver: "{{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: ''
# Controls which additional headers to attach to all HTTP responses.
# To add your own headers, use `matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom`
matrix_sliding_sync_container_labels_traefik_additional_response_headers: "{{ matrix_sliding_sync_container_labels_traefik_additional_response_headers_auto | combine(matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom) }}"
matrix_sliding_sync_container_labels_traefik_additional_response_headers_auto: {}
matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom: {}
# matrix_sliding_sync_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_sliding_sync_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_sliding_sync_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_sliding_sync_container_extra_arguments: []
# List of systemd services that matrix-sliding-sync.service depends on
matrix_sliding_sync_systemd_required_services_list: "{{ matrix_sliding_sync_systemd_required_services_list_default + matrix_sliding_sync_systemd_required_services_list_auto + matrix_sliding_sync_systemd_required_services_list_custom }}"
matrix_sliding_sync_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_sliding_sync_systemd_required_services_list_auto: []
matrix_sliding_sync_systemd_required_services_list_custom: []
# List of systemd services that matrix-sliding-sync.service wants
matrix_sliding_sync_systemd_wanted_services_list: []
# Controls the SYNCV3_SERVER environment variable
matrix_sliding_sync_environment_variable_syncv3_server: ""
# Controls the SYNCV3_SECRET environment variable
matrix_sliding_sync_environment_variable_syncv3_secret: ''
# Controls the SYNCV3_DB environment variable
matrix_sliding_sync_environment_variable_syncv3_db: 'user={{ matrix_sliding_sync_database_username }} password={{ matrix_sliding_sync_database_password }} host={{ matrix_sliding_sync_database_hostname }} port={{ matrix_sliding_sync_database_port }} dbname={{ matrix_sliding_sync_database_name }} sslmode={{ matrix_sliding_sync_database_sslmode }}'
# Controls the SYNCV3_PROM environment variable
matrix_sliding_sync_environment_variable_syncv3_prom: ':{{ matrix_sliding_sync_metrics_port }}'
# Additional environment variables.
matrix_sliding_sync_environment_variables_additional_variables: ''
matrix_sliding_sync_database_username: 'matrix_sliding_sync'
matrix_sliding_sync_database_password: ''
matrix_sliding_sync_database_hostname: ''
matrix_sliding_sync_database_port: 5432
matrix_sliding_sync_database_name: 'matrix_sliding_sync'
matrix_sliding_sync_database_sslmode: disable

77
roles/custom/matrix-sliding-sync/tasks/install.yml
View File

@@ -1,77 +0,0 @@
# SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure matrix-sliding-sync paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- path: "{{ matrix_sliding_sync_base_path }}"
when: true
- path: "{{ matrix_sliding_sync_container_src_path }}"
when: "{{ matrix_sliding_sync_container_image_self_build }}"
when: item.when | bool
- name: Ensure matrix-sliding-sync support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_sliding_sync_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- env
- labels
- name: Ensure matrix-sliding-sync container image is pulled
community.docker.docker_image:
name: "{{ matrix_sliding_sync_container_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_sliding_sync_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_sliding_sync_container_image_force_pull }}"
when: "not matrix_sliding_sync_container_image_self_build | bool"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- when: matrix_sliding_sync_container_image_self_build | bool
block:
- name: Ensure matrix-sliding-sync repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_sliding_sync_container_image_self_build_repo }}"
version: "{{ matrix_sliding_sync_container_image_self_build_repo_version }}"
dest: "{{ matrix_sliding_sync_container_src_path }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_sliding_sync_git_pull_results
- name: Ensure matrix-sliding-sync container image is built
ansible.builtin.command:
cmd: |-
{{ devture_systemd_docker_base_host_command_docker }} buildx build
--tag={{ matrix_sliding_sync_container_image }}
--file={{ matrix_sliding_sync_container_src_path }}/Dockerfile
{{ matrix_sliding_sync_container_src_path }}
changed_when: true
- name: Ensure matrix-sliding-sync container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_sliding_sync_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-sliding-sync.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-sliding-sync.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sliding-sync.service"
mode: 0644

24
roles/custom/matrix-sliding-sync/tasks/main.yml
View File

@@ -1,24 +0,0 @@
# SPDX-FileCopyrightText: 2023 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-sliding-sync
- install-all
- install-sliding-sync
block:
- when: matrix_sliding_sync_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_sliding_sync_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
- tags:
- setup-all
- setup-sliding-sync
block:
- when: not matrix_sliding_sync_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"

29
roles/custom/matrix-sliding-sync/tasks/uninstall.yml
View File

@@ -1,29 +0,0 @@
# SPDX-FileCopyrightText: 2023 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-sliding-sync service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sliding-sync.service"
register: matrix_sliding_sync_service_stat
- when: matrix_sliding_sync_service_stat.stat.exists | bool
block:
- name: Ensure matrix-sliding-sync is stopped
ansible.builtin.service:
name: matrix-sliding-sync
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-sliding-sync.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sliding-sync.service"
state: absent
- name: Ensure matrix-sliding-sync paths don't exist
ansible.builtin.file:
path: "{{ matrix_sliding_sync_base_path }}"
state: absent

28
roles/custom/matrix-sliding-sync/tasks/validate_config.yml
View File

@@ -1,28 +0,0 @@
# SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2024 MDAD project contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required matrix-sliding-sync settings not defined
ansible.builtin.fail:
msg: >
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_sliding_sync_hostname', when: true}
- {'name': 'matrix_sliding_sync_path_prefix', when: true}
- {'name': 'matrix_sliding_sync_database_hostname', when: true}
- {'name': 'matrix_sliding_sync_environment_variable_syncv3_server', when: true}
- {'name': 'matrix_sliding_sync_environment_variable_syncv3_secret', when: true}
- {'name': 'matrix_sliding_sync_container_network', when: true}
- {'name': 'matrix_sliding_sync_metrics_proxying_hostname', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"}
- {'name': 'matrix_sliding_sync_metrics_proxying_path_prefix', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"}
- name: (Deprecation) Catch and report renamed matrix-sliding-sync variables
ansible.builtin.fail:
msg: >-
The variable `{{ item.old }}` is deprecated. Please use `{{ item.new }}` instead.
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_sliding_sync_container_image_name_prefix', 'new': 'matrix_sliding_sync_container_image_registry_prefix'}

17
roles/custom/matrix-sliding-sync/templates/env.j2
View File

@@ -1,17 +0,0 @@
{#
SPDX-FileCopyrightText: 2023 Slavi Pantaleev
SPDX-FileCopyrightText: 2024 MDAD project contributors
SPDX-License-Identifier: AGPL-3.0-or-later
#}
SYNCV3_SERVER={{ matrix_sliding_sync_environment_variable_syncv3_server }}
SYNCV3_SECRET={{ matrix_sliding_sync_environment_variable_syncv3_secret }}
SYNCV3_BINDADDR=:8008
SYNCV3_DB={{ matrix_sliding_sync_environment_variable_syncv3_db }}
{% if matrix_sliding_sync_metrics_enabled %}
SYNCV3_PROM={{ matrix_sliding_sync_environment_variable_syncv3_prom }}
{% endif %}
{{ matrix_sliding_sync_environment_variables_additional_variables }}

84
roles/custom/matrix-sliding-sync/templates/labels.j2
View File

@@ -1,84 +0,0 @@
{#
SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2024 MDAD project contributors
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_sliding_sync_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_sliding_sync_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_sliding_sync_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-sliding-sync.loadbalancer.server.port=8008
traefik.http.services.matrix-sliding-sync-metrics.loadbalancer.server.port={{ matrix_sliding_sync_metrics_port }}
{% set middlewares = [] %}
{% if matrix_sliding_sync_container_labels_traefik_path_prefix != '/' %}
traefik.http.middlewares.matrix-sliding-sync-slashless-redirect.redirectregex.regex=({{ matrix_sliding_sync_container_labels_traefik_path_prefix | quote }})$
traefik.http.middlewares.matrix-sliding-sync-slashless-redirect.redirectregex.replacement=${1}/
{% set middlewares = middlewares + ['matrix-sliding-sync-slashless-redirect'] %}
{% endif %}
{% if matrix_sliding_sync_container_labels_traefik_path_prefix != '/' %}
traefik.http.middlewares.matrix-sliding-sync-strip-prefix.stripprefix.prefixes={{ matrix_sliding_sync_container_labels_traefik_path_prefix }}
{% set middlewares = middlewares + ['matrix-sliding-sync-strip-prefix'] %}
{% endif %}
{% if matrix_sliding_sync_container_labels_traefik_additional_response_headers.keys() | length > 0 %}
{% for name, value in matrix_sliding_sync_container_labels_traefik_additional_response_headers.items() %}
traefik.http.middlewares.matrix-sliding-sync-add-headers.headers.customresponseheaders.{{ name }}={{ value }}
{% endfor %}
{% set middlewares = middlewares + ['matrix-sliding-sync-add-headers'] %}
{% endif %}
traefik.http.routers.matrix-sliding-sync.rule={{ matrix_sliding_sync_container_labels_traefik_rule }}
{% if matrix_sliding_sync_container_labels_traefik_priority | int > 0 %}
traefik.http.routers.matrix-sliding-sync.priority={{ matrix_sliding_sync_container_labels_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-sliding-sync.service=matrix-sliding-sync
{% if middlewares | length > 0 %}
traefik.http.routers.matrix-sliding-sync.middlewares={{ middlewares | join(',') }}
{% endif %}
traefik.http.routers.matrix-sliding-sync.entrypoints={{ matrix_sliding_sync_container_labels_traefik_entrypoints }}
traefik.http.routers.matrix-sliding-sync.tls={{ matrix_sliding_sync_container_labels_traefik_tls | to_json }}
{% if matrix_sliding_sync_container_labels_traefik_tls %}
traefik.http.routers.matrix-sliding-sync.tls.certResolver={{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }}
{% endif %}
{% if matrix_sliding_sync_container_labels_public_metrics_enabled %}
{% set metrics_middlewares = [] %}
{% if matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled %}
{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-basic-auth'] %}
traefik.http.middlewares.matrix-sliding-sync-metrics-basic-auth.basicauth.users={{ matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users }}
{% endif %}
{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-replacepath'] %}
traefik.http.middlewares.matrix-sliding-sync-metrics-replacepath.replacepath.path=/metrics
traefik.http.routers.matrix-sliding-sync-metrics.rule={{ matrix_sliding_sync_container_labels_public_metrics_traefik_rule }}
{% if metrics_middlewares | length > 0 %}
traefik.http.routers.matrix-sliding-sync-metrics.middlewares={{ metrics_middlewares | join(',') }}
{% endif %}
{% if matrix_sliding_sync_container_labels_public_metrics_traefik_priority | int > 0 %}
traefik.http.routers.matrix-sliding-sync-metrics.priority={{ matrix_sliding_sync_container_labels_public_metrics_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-sliding-sync-metrics.service=matrix-sliding-sync-metrics
traefik.http.routers.matrix-sliding-sync-metrics.entrypoints={{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints }}
traefik.http.routers.matrix-sliding-sync-metrics.tls={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls | to_json }}
{% if matrix_sliding_sync_container_labels_public_metrics_traefik_tls %}
traefik.http.routers.matrix-sliding-sync-metrics.tls.certResolver={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver }}
{% endif %}
{% endif %}
{% endif %}
{{ matrix_sliding_sync_container_labels_additional_labels }}

49
roles/custom/matrix-sliding-sync/templates/systemd/matrix-sliding-sync.service.j2
View File

@@ -1,49 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=matrix-sliding-sync
{% for service in matrix_sliding_sync_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_sliding_sync_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-sliding-sync 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sliding-sync 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-sliding-sync \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--read-only \
--tmpfs /tmp \
--network={{ matrix_sliding_sync_container_network }} \
--env-file={{ matrix_sliding_sync_base_path }}/env \
--label-file={{ matrix_sliding_sync_base_path }}/labels \
{% for arg in matrix_sliding_sync_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_sliding_sync_container_image }}
{% for network in matrix_sliding_sync_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-sliding-sync
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-sliding-sync
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-sliding-sync 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sliding-sync 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-sliding-sync
[Install]
WantedBy=multi-user.target

3
roles/custom/matrix-sliding-sync/templates/systemd/matrix-sliding-sync.service.j2.license
View File

@@ -1,3 +0,0 @@
SPDX-FileCopyrightText: 2023 - 2025 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

9
roles/custom/matrix-sliding-sync/vars/main.yml
View File

@@ -1,9 +0,0 @@
# SPDX-FileCopyrightText: 2023 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# Public facing base URL of the Sliding Sync service.
# It should not end with a slash.
matrix_sliding_sync_base_url: "{{ matrix_sliding_sync_scheme }}://{{ matrix_sliding_sync_hostname }}{{ '' if matrix_sliding_sync_path_prefix == '/' else matrix_sliding_sync_path_prefix }}"

12
roles/custom/matrix_playbook_migration/tasks/validate_config.yml
View File

@@ -666,3 +666,15 @@
The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | join(', ') }}
when: "lookup('ansible.builtin.varnames', '^matrix_go_skype_bridge_.+', wantlist=True) | length > 0"
- name: (Deprecation) Catch and report the Sliding Sync proxy variables
ansible.builtin.fail:
msg: |-
The Sliding Sync proxy was completely removed from the playbook in November 2025.
Please remove all `matrix_sliding_sync_*` variables from your configuration file (vars.yml).
You may also wish to uninstall the proxy manually. See `docs/configuring-playbook-sliding-sync-proxy.md` for more information.
The following variables in your configuration need to be removed: {{ lookup('ansible.builtin.varnames', '^matrix_sliding_sync_.+', wantlist=True) | join(', ') }}
when: "lookup('ansible.builtin.varnames', '^matrix_sliding_sync_.+', wantlist=True) | length > 0"

1
setup.yml
View File

@@ -120,7 +120,6 @@
- custom/matrix-ma1sd
- custom/matrix-dimension
- galaxy/etherpad
- custom/matrix-sliding-sync
- custom/matrix-sygnal
- galaxy/ntfy
- custom/matrix-static-files