matrix/matrix.nomad.hcl

job "[[ .instance ]]" {
[[- $c := merge .matrix . -]]

[[ template "common/job_start" $c ]]

  group "matrix" {
[[- $c := merge $c.synapse $c ]]

[[ template "common/group_start" $c ]]

    network {
      mode = "bridge"
[[- if conv.ToBool $c.prometheus.enabled ]]
      port "metrics" {}
[[- end ]]
    }

[[ template "common/volumes" $c ]]

    service {
      name = "[[ .instance ]][[ .consul.suffix ]]"
      port = 8008

[[ template "common/service_meta" $c ]]

      check {
        type     = "http"
        path     = "/health"
        expose   = true
        interval = "10s"
        timeout  = "5s"
        task     = "synapse"

        check_restart {
          limit = 12
          grace = "10m"
        }
      }

      tags = [
[[- $w := merge .matrix.nginx .matrix . ]]
[[- $a := merge .matrix.nginx.admin $w ]]
[[- $sa := merge .matrix.nginx.synapse_admin $w ]]
        "[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && PathPrefix(`/_synapse/admin`)",
[[ template "common/traefik_tags" $a ]]
        "[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && PathPrefix(`/_admin`)",
[[ template "common/traefik_tags" $sa ]]
        "[[ $w.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) || (Host(`[[ .matrix.server_name ]]`) && PathRegexp(`^/(_(synapse|matrix)|\\.well-known/matrix)/.*`))",
[[ template "common/traefik_tags" $w ]]
      ]

[[ template "common/connect" $c ]]
    }

[[ template "common/task.wait_for" $c ]]
[[ template "common/task.metrics_proxy" $c ]]
[[ template "common/task.pgpooler" $c ]]

    task "synapse" {
      driver = "[[ $c.nomad.driver ]]"
      leader = true

      config {
        image           = "[[ $c.image ]]"
        pids_limit      = 200
        readonly_rootfs = true
      }

[[ template "common/vault.policies" $c ]]

      env {
        SYNAPSE_CONFIG = "/secrets/homeserver.yml"
        TMPDIR         = "/data/tmp"
      }

[[ template "common/file_env" $c ]]

      template {
        data =<<_EOT
[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" $c) | yaml)) | toYAML ]]
_EOT
        destination = "secrets/homeserver.yml"
        uid = 100000
        gid = 108008
        perms = 0640
      }

      template {
        data =<<_EOT
[[ template "matrix/logging.conf.tpl" . ]]
_EOT
        destination = "secrets/logging.conf"
      }

      volume_mount {
        volume      = "data"
        destination = "/data"
      }

[[ template "common/resources" $c ]]
    }

[[ $c = merge .matrix.nginx . ]]
    task "nginx" {
      driver = "[[ $c.nomad.driver ]]"

      config {
        image           = "[[ $c.image ]]"
        readonly_rootfs = true
        pids_limit      = 100
        volumes         = [
          "local/nginx.conf:/etc/nginx/conf.d/default.conf:ro",
        ]
[[ template "common/tmpfs" dict "size" "5000000" "target" "/tmp" ]]
      }

      template {
        data =<<_EOT
[[ template "matrix/nginx.conf.tpl" $c ]]
_EOT
        destination = "local/nginx.conf"
      }

      template {
        data =<<_EOT
[[ template "matrix/element.json.tpl" $c ]]
_EOT
        destination = "local/element.json"
      }

[[ template "common/resources" $c ]]
    }
  }
}
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`job "[[ .instance ]]" {`
Update Element to 1.11.64 + cleanup 2024-04-09 13:05:14 +02:00			`[[- $c := merge .matrix . -]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`[[ template "common/job_start" $c ]]`

			`group "matrix" {`
Update Element to 1.11.64 + cleanup 2024-04-09 13:05:14 +02:00			`[[- $c := merge $c.synapse $c ]]`

			`[[ template "common/group_start" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`network {`
			`mode = "bridge"`
Update Element to 1.11.62 and cleanup metrics handling 2024-03-27 12:01:55 +01:00			`[[- if conv.ToBool $c.prometheus.enabled ]]`
Update Synapse to 1.103.0 and add support for prometheus metrics 2024-03-19 14:57:22 +01:00			`port "metrics" {}`
			`[[- end ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`

Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "common/volumes" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`service {`
			`name = "[[ .instance ]][[ .consul.suffix ]]"`
			`port = 8008`

Update Synapse to 1.103.0 and add support for prometheus metrics 2024-03-19 14:57:22 +01:00			`[[ template "common/service_meta" $c ]]`

Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`check {`
			`type = "http"`
			`path = "/health"`
			`expose = true`
			`interval = "10s"`
			`timeout = "5s"`
			`task = "synapse"`

			`check_restart {`
			`limit = 12`
			`grace = "10m"`
			`}`
			`}`

More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			`tags = [`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[- $w := merge .matrix.nginx .matrix . ]]`
			`[[- $a := merge .matrix.nginx.admin $w ]]`
Add synapse-admin back 2024-04-24 21:25:31 +02:00			`[[- $sa := merge .matrix.nginx.synapse_admin $w ]]`
Remove Synapse Admin for now 2024-04-24 11:35:04 +02:00			"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && PathPrefix(`/_synapse/admin`)",
Adapt to new middlewares model 2024-01-29 00:10:03 +01:00			`[[ template "common/traefik_tags" $a ]]`
Add synapse-admin back 2024-04-24 21:25:31 +02:00			"[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && PathPrefix(`/_admin`)",
			`[[ template "common/traefik_tags" $sa ]]`
More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			"[[ $w.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) \|\| (Host(`[[ .matrix.server_name ]]`) && PathRegexp(`^/(_(synapse\|matrix)\|\\.well-known/matrix)/.*`))",
Adapt to new middlewares model 2024-01-29 00:10:03 +01:00			`[[ template "common/traefik_tags" $w ]]`
More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			`]`

Cleanup 2024-01-31 14:50:08 +01:00			`[[ template "common/connect" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`

			`[[ template "common/task.wait_for" $c ]]`
Update Synapse to 1.103.0 and add support for prometheus metrics 2024-03-19 14:57:22 +01:00			`[[ template "common/task.metrics_proxy" $c ]]`
Update pgpooler template 2024-01-15 21:33:05 +01:00			`[[ template "common/task.pgpooler" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`task "synapse" {`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`driver = "[[ $c.nomad.driver ]]"`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`leader = true`

			`config {`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`image = "[[ $c.image ]]"`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`pids_limit = 200`
			`readonly_rootfs = true`
			`}`

Support postgres pooler 2024-01-11 23:21:01 +01:00			`[[ template "common/vault.policies" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`env {`
			`SYNAPSE_CONFIG = "/secrets/homeserver.yml"`
Cleanup 2024-01-31 14:50:08 +01:00			`TMPDIR = "/data/tmp"`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`

Cleanup 2024-01-31 14:50:08 +01:00			`[[ template "common/file_env" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`template {`
			`data =<<_EOT`
Support postgres pooler 2024-01-11 23:21:01 +01:00			`[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" $c) \| yaml)) \| toYAML ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`_EOT`
			`destination = "secrets/homeserver.yml"`
			`uid = 100000`
			`gid = 108008`
			`perms = 0640`
			`}`

More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			`template {`
			`data =<<_EOT`
			`[[ template "matrix/logging.conf.tpl" . ]]`
			`_EOT`
			`destination = "secrets/logging.conf"`
			`}`

Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`volume_mount {`
			`volume = "data"`
			`destination = "/data"`
			`}`

Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "common/resources" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`

			`[[ $c = merge .matrix.nginx . ]]`
			`task "nginx" {`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`driver = "[[ $c.nomad.driver ]]"`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00
			`config {`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`image = "[[ $c.image ]]"`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`readonly_rootfs = true`
			`pids_limit = 100`
			`volumes = [`
More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			`"local/nginx.conf:/etc/nginx/conf.d/default.conf:ro",`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`]`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "common/tmpfs" dict "size" "5000000" "target" "/tmp" ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`

			`template {`
			`data =<<_EOT`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "matrix/nginx.conf.tpl" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`_EOT`
			`destination = "local/nginx.conf"`
			`}`
More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00
			`template {`
			`data =<<_EOT`
Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "matrix/element.json.tpl" $c ]]`
More work on Synapse + Element + Synapse admin 2023-12-21 11:48:16 +01:00			`_EOT`
			`destination = "local/element.json"`
			`}`

Fix CSP and cleanup 2024-01-19 15:51:08 +01:00			`[[ template "common/resources" $c ]]`
Start working on Synapse + Element 2023-12-16 00:32:03 +01:00			`}`
			`}`
			`}`