mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-04-10 16:15:04 +03:00
Compare commits
9 Commits
dfe8628fbf
...
5df7e678f7
| Author | SHA1 | Date | |
|---|---|---|---|
|
5df7e678f7 | ||
|
|
9af79ce4d2 | ||
|
|
0f687a69c5 | ||
|
|
ec36904671 | ||
|
|
69df322f40 | ||
|
|
c0044a9b0a | ||
|
|
63a0e8216b | ||
|
|
975f14d2d8 | ||
|
|
d80ef72fbe |
@@ -936,6 +936,9 @@ matrix_synapse_workers_presets:
|
||||
stream_writer_presence_stream_workers_count: 0
|
||||
stream_writer_push_rules_stream_workers_count: 0
|
||||
stream_writer_device_lists_stream_workers_count: 0
|
||||
# Keep disabled by default: MSC4306/4308 thread subscriptions are unstable
|
||||
# and disabled in upstream Synapse unless explicitly opted in.
|
||||
stream_writer_thread_subscriptions_stream_workers_count: 0
|
||||
one-of-each:
|
||||
room_workers_count: 0
|
||||
sync_workers_count: 0
|
||||
@@ -956,6 +959,9 @@ matrix_synapse_workers_presets:
|
||||
stream_writer_presence_stream_workers_count: 1
|
||||
stream_writer_push_rules_stream_workers_count: 1
|
||||
stream_writer_device_lists_stream_workers_count: 1
|
||||
# Keep disabled by default: MSC4306/4308 thread subscriptions are unstable
|
||||
# and disabled in upstream Synapse unless explicitly opted in.
|
||||
stream_writer_thread_subscriptions_stream_workers_count: 0
|
||||
specialized-workers:
|
||||
room_workers_count: 1
|
||||
sync_workers_count: 1
|
||||
@@ -976,6 +982,9 @@ matrix_synapse_workers_presets:
|
||||
stream_writer_presence_stream_workers_count: 1
|
||||
stream_writer_push_rules_stream_workers_count: 1
|
||||
stream_writer_device_lists_stream_workers_count: 1
|
||||
# Keep disabled by default: MSC4306/4308 thread subscriptions are unstable
|
||||
# and disabled in upstream Synapse unless explicitly opted in.
|
||||
stream_writer_thread_subscriptions_stream_workers_count: 0
|
||||
|
||||
# Controls whether the matrix-synapse container exposes the various worker ports
|
||||
# (see `port` and `metrics_port` in `matrix_synapse_workers_enabled_list`) outside of the container.
|
||||
@@ -1078,6 +1087,10 @@ matrix_synapse_workers_stream_writer_push_rules_stream_workers_count: "{{ matrix
|
||||
# More than 1 worker is also supported of this type.
|
||||
matrix_synapse_workers_stream_writer_device_lists_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_device_lists_stream_workers_count'] }}"
|
||||
|
||||
# matrix_synapse_workers_stream_writer_thread_subscriptions_stream_workers_count controls how many stream writers that handle the `thread_subscriptions` stream to spawn.
|
||||
# More than 1 worker is also supported of this type.
|
||||
matrix_synapse_workers_stream_writer_thread_subscriptions_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_thread_subscriptions_stream_workers_count'] }}"
|
||||
|
||||
# A list of stream writer workers to enable. This list is built automatically based on other variables.
|
||||
# You're encouraged to enable/disable stream writer workers by setting `matrix_synapse_workers_stream_writer_*_stream_workers_count` variables, instead of adjusting this list manually.
|
||||
matrix_synapse_workers_stream_writers: |
|
||||
@@ -1099,6 +1112,8 @@ matrix_synapse_workers_stream_writers: |
|
||||
([{'stream': 'push_rules'}] * matrix_synapse_workers_stream_writer_push_rules_stream_workers_count | int)
|
||||
+
|
||||
([{'stream': 'device_lists'}] * matrix_synapse_workers_stream_writer_device_lists_stream_workers_count | int)
|
||||
+
|
||||
([{'stream': 'thread_subscriptions'}] * matrix_synapse_workers_stream_writer_thread_subscriptions_stream_workers_count | int)
|
||||
}}
|
||||
|
||||
matrix_synapse_workers_stream_writers_container_arguments: []
|
||||
@@ -1408,6 +1423,16 @@ matrix_synapse_max_event_delay_duration: 24h
|
||||
# See https://github.com/matrix-org/matrix-spec-proposals/pull/4222
|
||||
matrix_synapse_experimental_features_msc4222_enabled: false
|
||||
|
||||
# Controls whether to enable the MSC4306 experimental feature ("thread subscriptions").
|
||||
#
|
||||
# In current Synapse, this also enables the MSC4308 thread-subscriptions extension
|
||||
# to Sliding Sync under the same upstream feature flag.
|
||||
#
|
||||
# See:
|
||||
# - https://github.com/matrix-org/matrix-spec-proposals/pull/4306
|
||||
# - https://github.com/matrix-org/matrix-spec-proposals/pull/4308
|
||||
matrix_synapse_experimental_features_msc4306_enabled: false
|
||||
|
||||
# Controls whether to enable the MSC4354 experimental feature (sticky events).
|
||||
#
|
||||
# This is implemented since Synapse v1.148.0 and can be used by element-call v0.17.0+
|
||||
@@ -2038,10 +2063,11 @@ matrix_synapse_reverse_proxy_companion_synapse_stream_writer_receipts_stream_wor
|
||||
matrix_synapse_reverse_proxy_companion_synapse_stream_writer_presence_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints }}"
|
||||
matrix_synapse_reverse_proxy_companion_synapse_stream_writer_push_rules_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_push_rules_stream_worker_client_server_endpoints }}"
|
||||
matrix_synapse_reverse_proxy_companion_synapse_stream_writer_device_lists_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_device_lists_stream_worker_client_server_endpoints }}"
|
||||
matrix_synapse_reverse_proxy_companion_synapse_stream_writer_thread_subscriptions_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_thread_subscriptions_stream_worker_client_server_endpoints }}"
|
||||
matrix_synapse_reverse_proxy_companion_synapse_media_repository_locations: "{{ matrix_synapse_workers_media_repository_endpoints | default([]) }}"
|
||||
matrix_synapse_reverse_proxy_companion_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_worker_client_server_endpoints | default([]) }}"
|
||||
matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex: ^/_matrix/client/(api/v1|r0|v3|unstable)/(account/3pid/|directory/list/room/|rooms/[^/]+/(forget|upgrade|report)|login/sso/redirect/|register)
|
||||
matrix_synapse_reverse_proxy_companion_client_server_sso_override_locations_regex: ^(/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect|/_synapse/client/(pick_username|(new_user_consent|oidc/callback|pick_idp|sso_register)$))
|
||||
matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex: ^/_matrix/client/(api/v1|r0|v3|unstable)/(account/3pid/|directory/list/room/|rooms/[^/]+/(forget|upgrade|report)|register)
|
||||
matrix_synapse_reverse_proxy_companion_client_server_sso_override_locations_regex: ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect(/|$)
|
||||
# Related to MSC4108 (https://github.com/matrix-org/matrix-spec-proposals/pull/4108)
|
||||
matrix_synapse_reverse_proxy_companion_client_server_qr_code_login_locations_regex: ^(/_matrix/client/(unstable|v1)/org.matrix.msc4108/rendezvous|/_synapse/client/rendezvous)$
|
||||
|
||||
|
||||
@@ -12,6 +12,7 @@
|
||||
{% set stream_writer_presence_stream_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'presence') | list %}
|
||||
{% set stream_writer_push_rules_stream_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'push_rules') | list %}
|
||||
{% set stream_writer_device_lists_stream_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'device_lists') | list %}
|
||||
{% set stream_writer_thread_subscriptions_stream_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'thread_subscriptions') | list %}
|
||||
{% set media_repository_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %}
|
||||
{% set user_dir_workers = matrix_synapse_reverse_proxy_companion_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %}
|
||||
{% set stream_writer_client_server_routes = [
|
||||
@@ -57,6 +58,12 @@
|
||||
'locations': matrix_synapse_reverse_proxy_companion_synapse_stream_writer_device_lists_stream_worker_client_server_locations,
|
||||
'upstream': 'stream_writer_device_lists_stream_workers_upstream',
|
||||
},
|
||||
{
|
||||
'doc_url': 'https://github.com/element-hq/synapse/blob/b99a58719b274fcbb327fd8d7649185792bfd12c/synapse/rest/client/thread_subscriptions.py#L38-L247',
|
||||
'workers': stream_writer_thread_subscriptions_stream_workers,
|
||||
'locations': matrix_synapse_reverse_proxy_companion_synapse_stream_writer_thread_subscriptions_stream_worker_client_server_locations,
|
||||
'upstream': 'stream_writer_thread_subscriptions_stream_workers_upstream',
|
||||
},
|
||||
] %}
|
||||
|
||||
{% macro render_worker_upstream(name, workers, load_balance) %}
|
||||
|
||||
@@ -3006,6 +3006,9 @@ experimental_features:
|
||||
{% if matrix_synapse_experimental_features_msc4222_enabled %}
|
||||
msc4222_enabled: true
|
||||
{% endif %}
|
||||
{% if matrix_synapse_experimental_features_msc4306_enabled %}
|
||||
msc4306_enabled: true
|
||||
{% endif %}
|
||||
{% if matrix_synapse_experimental_features_msc4354_enabled %}
|
||||
msc4354_enabled: true
|
||||
{% endif %}
|
||||
|
||||
@@ -31,7 +31,36 @@ matrix_synapse_workers_sync_worker_client_server_endpoints:
|
||||
|
||||
# Client reader workers handle generic client-server endpoints that don't contain a roomid or sync
|
||||
matrix_synapse_workers_client_reader_client_server_endpoints:
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/(room_keys/|keys/(query|changes|claim|room_keys/)|login|register(/available|/m.login.registration_token/validity|)|password_policy|profile|rooms/.*/(joined_members|context/.*|members|state|hierarchy|relations/|event/|aliases|timestamp_to_event|redact|send|state/|(join|invite|leave|ban|unban|kick))|createRoom|publicRooms|account/(3pid|whoami|devices)|versions|voip/turnServer|joined_rooms|search|user/.*/filter(/|$)|directory/room/.*|capabilities)
|
||||
# Keep these as grouped regex entries instead of a single huge alternation.
|
||||
# This preserves the existing specialized-routing policy while making future audits
|
||||
# and endpoint-specific edits reviewable.
|
||||
|
||||
# Encryption and room-key APIs
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/room_keys/
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/(query|changes|claim|room_keys/)
|
||||
|
||||
# MSC3814 dehydrated-device APIs:
|
||||
# Ref: https://github.com/element-hq/synapse/blob/b99a58719b274fcbb327fd8d7649185792bfd12c/synapse/rest/client/devices.py#L256-L459
|
||||
- ^/_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device$
|
||||
- ^/_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/[^/]*/events$
|
||||
|
||||
# Login, registration, account, and profile APIs
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/login
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/register(/available|/m.login.registration_token/validity|)?
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/password_policy
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/profile
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/account/(3pid|whoami|deactivate)
|
||||
|
||||
# Room-scoped client APIs handled by client readers in the specialized-worker model
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(joined_members|context/.*|members|state|hierarchy|relations/|event/|aliases|timestamp_to_event|redact|send|state/|(join|invite|leave|ban|unban|kick))
|
||||
|
||||
# Generic client discovery and lookup APIs
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/(createRoom|publicRooms|versions|voip/turnServer|joined_rooms|search|directory/room/.*|capabilities)
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/user/.*/filter(/|$)
|
||||
|
||||
# MatrixRTC transport discovery:
|
||||
# Ref: https://github.com/element-hq/synapse/blob/b99a58719b274fcbb327fd8d7649185792bfd12c/synapse/rest/client/matrixrtc.py#L30-L52
|
||||
- ^/_matrix/client/unstable/org.matrix.msc4143/rtc/transports$
|
||||
|
||||
# Federation reader workers handle generic federation endpoints that don't contain a roomid
|
||||
matrix_synapse_workers_federation_reader_federation_endpoints:
|
||||
@@ -47,12 +76,10 @@ matrix_synapse_workers_federation_reader_federation_endpoints:
|
||||
# because `matrix_synapse_workers_generic_worker_endpoints` also contains things like `/_synapse/client/`, etc.
|
||||
# While /_synapse/client/ endpoints are somewhat client-server API-related, they're:
|
||||
# - neither part of the client-server API spec (and are thus, different)
|
||||
# - nor always OK to forward to a worker (we're supposed to obey `matrix_synapse_companion_container_labels_client_synapse_client_api_enabled`)
|
||||
# - and they now include a meaningful Synapse-specific tree (`pick_idp`, `pick_username`, OIDC/SAML callbacks, rendezvous, etc.)
|
||||
# - some of these paths are auth-sensitive or deployment-sensitive, so we intentionally keep them out of the broad worker route model unless explicitly handled elsewhere
|
||||
#
|
||||
# It's also not too many of these APIs (only `^/_synapse/client/password_reset/email/submit_token$` at the time of this writing / 2021-01-24),
|
||||
# so it's not that important whether we forward them or not.
|
||||
#
|
||||
# Basically, we aim to cover most things. Skipping `/_synapse/client` or a few other minor things doesn't matter too much.
|
||||
# Basically, we aim to cover most spec client APIs here. Skipping `/_synapse/client` is intentional and conservative.
|
||||
matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', '.*/_matrix/client.*') | list | difference([none]) }}"
|
||||
|
||||
# A Synapse generic worker can handle both federation and client-server API endpoints.
|
||||
@@ -107,6 +134,12 @@ matrix_synapse_workers_stream_writer_device_lists_stream_worker_client_server_en
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/device_signing/upload$
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/signatures/upload$
|
||||
|
||||
# matrix_synapse_workers_stream_writer_thread_subscriptions_stream_worker_client_server_endpoints contains the endpoints serviced by the `thread_subscriptions` stream writer.
|
||||
# Ref: https://github.com/element-hq/synapse/blob/b99a58719b274fcbb327fd8d7649185792bfd12c/synapse/rest/client/thread_subscriptions.py#L38-L247
|
||||
matrix_synapse_workers_stream_writer_thread_subscriptions_stream_worker_client_server_endpoints:
|
||||
- ^/_matrix/client/unstable/io.element.msc4306/rooms/.*/thread/.*/subscription$
|
||||
- ^/_matrix/client/unstable/io.element.msc4308/thread_subscriptions$
|
||||
|
||||
# matrix_synapse_workers_user_dir_worker_client_server_endpoints contains the endpoints serviced by the `type = user_dir` (`app = generic_worker`) worker.
|
||||
# See: https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory
|
||||
matrix_synapse_workers_user_dir_worker_client_server_endpoints:
|
||||
@@ -115,11 +148,11 @@ matrix_synapse_workers_user_dir_worker_client_server_endpoints:
|
||||
# matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes.
|
||||
# This is used for validation purposes. If adding support for a new type, besides adding it to this list,
|
||||
# don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc).
|
||||
matrix_synapse_workers_known_stream_writer_stream_types: ['events', 'typing', 'to_device', 'account_data', 'receipts', 'presence', 'push_rules', 'device_lists']
|
||||
matrix_synapse_workers_known_stream_writer_stream_types: ['events', 'typing', 'to_device', 'account_data', 'receipts', 'presence', 'push_rules', 'device_lists', 'thread_subscriptions']
|
||||
|
||||
# matrix_synapse_workers_webserving_stream_writer_types contains a list of stream writer types that serve web (client) requests.
|
||||
# Not all stream writers serve web requests. Some just perform background tasks.
|
||||
matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', 'account_data', 'receipts', 'presence', 'push_rules', 'device_lists']
|
||||
matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', 'account_data', 'receipts', 'presence', 'push_rules', 'device_lists', 'thread_subscriptions']
|
||||
|
||||
# matrix_synapse_workers_systemd_services_list contains a list of systemd services (one for each worker systemd service which serves web requests).
|
||||
# This list is built during runtime.
|
||||
@@ -202,8 +235,11 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||
- ^/_matrix/client/(v1|unstable)/rooms/.*/relations/
|
||||
- ^/_matrix/client/v1/rooms/.*/threads$
|
||||
- ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$
|
||||
- ^/_matrix/client/unstable/im.nheko.summary/summary/.*$
|
||||
- ^/_matrix/client/unstable/org.matrix.msc4143/rtc/transports$
|
||||
- ^/_matrix/client/(r0|v3|unstable)/account/3pid$
|
||||
- ^/_matrix/client/(r0|v3|unstable)/account/whoami$
|
||||
- ^/_matrix/client/(r0|v3|unstable)/account/deactivate$
|
||||
- ^/_matrix/client/versions$
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/
|
||||
@@ -221,6 +257,10 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||
- ^/_matrix/client/(r0|v3|unstable)/keys/changes$
|
||||
- ^/_matrix/client/(r0|v3|unstable)/keys/claim$
|
||||
- ^/_matrix/client/(r0|v3|unstable)/room_keys/
|
||||
# MSC3814 dehydrated-device support:
|
||||
# Ref: https://github.com/element-hq/synapse/blob/b99a58719b274fcbb327fd8d7649185792bfd12c/synapse/rest/client/devices.py#L256-L459
|
||||
- ^/_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device$
|
||||
- ^/_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/[^/]*/events$
|
||||
|
||||
# Registration/login requests
|
||||
- ^/_matrix/client/(api/v1|r0|v3|unstable)/login$
|
||||
@@ -276,6 +316,10 @@ matrix_synapse_workers_generic_worker_endpoints:
|
||||
# - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/device_signing/upload$
|
||||
# - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/signatures/upload$
|
||||
#
|
||||
# # Thread subscriptions requests
|
||||
# - ^/_matrix/client/unstable/io.element.msc4306/rooms/.*/thread/.*/subscription$
|
||||
# - ^/_matrix/client/unstable/io.element.msc4308/thread_subscriptions$
|
||||
#
|
||||
# # User directory search requests
|
||||
# - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$
|
||||
# End of intentionally-ignored-endpoints
|
||||
|
||||
Reference in New Issue
Block a user