Support postgres pooler

2024-01-11 23:21:01 +01:00 · 2024-01-11 23:21:01 +01:00 · af17e5c4d5
parent f58675a8c7
commit af17e5c4d5
4 changed files with 26 additions and 13 deletions
--- a/example/matrix.nomad.hcl
+++ b/example/matrix.nomad.hcl
@ -100,6 +100,8 @@ job "matrix" {



+
+
    task "synapse" {
      driver = "docker"
      leader = true
@ -110,12 +112,14 @@ job "matrix" {
        readonly_rootfs = true
      }

+
      vault {
        policies     = ["matrix-synapse"]
        env          = false
        disable_file = true
      }

+
      env {
        SYNAPSE_CONFIG = "/secrets/homeserver.yml"

--- a/matrix.nomad.hcl
+++ b/matrix.nomad.hcl
@ -48,6 +48,7 @@ job [[ .instance | toJSON ]] {
    }

 [[ template "common/task.wait_for" $c ]]
+[[ template "common/postgres_pooler" $c ]]

    task "synapse" {
      driver = [[ $c.nomad.driver | toJSON ]]
@ -59,11 +60,7 @@ job [[ .instance | toJSON ]] {
        readonly_rootfs = true
      }

-      vault {
-        policies     = ["[[ .instance ]]-synapse[[ .consul.suffix ]]"]
-        env          = false
-        disable_file = true
-      }
+[[ template "common/vault.policies" $c ]]

      env {
        SYNAPSE_CONFIG = "/secrets/homeserver.yml"
@ -74,7 +71,7 @@ job [[ .instance | toJSON ]] {

      template {
        data =<<_EOT
-[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" .) | yaml)) | toYAML ]]
+[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" $c) | yaml)) | toYAML ]]
 _EOT
        destination = "secrets/homeserver.yml"
        uid = 100000
--- a/templates/homeserver.yml.tpl
+++ b/templates/homeserver.yml.tpl
@ -18,11 +18,18 @@ listeners:
 database:
  name: psycopg2
  args:
-    database: '[[ .matrix.synapse.db.name ]]'
-    host: '[[ .matrix.synapse.db.host ]]'
-    port: '[[ .matrix.synapse.db.port ]]'
-    user: '[[ .matrix.synapse.db.user ]]'
-    password: '[[ .matrix.synapse.db.password ]]'
+    database: '[[ .postgres.database ]]'
+[[- if ne .postgres.pooler.engine "none" ]]
+    host: '127.0.0.1'
+    port: '6432'
+    user: '[[ .instance ]]'
+    password: '{{ env "NOMAD_ALLOC_ID" }}'
+[[- else ]]
+    host: '[[ .postgres.host ]]'
+    port: '[[ .postgres.port ]]'
+    user: '[[ .postgres.user ]]'
+    password: '[[ .postgres.password ]]'
+[[- end ]]

 trusted_key_servers:
  - server_name: "matrix.org"
--- a/variables.yml
+++ b/variables.yml
@ -75,11 +75,16 @@ matrix:
        - username: '*'
        - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
  
+    # Vault policies
+    vault:
+      policies:
+        - '[[ .instance ]]-synapse[[ .consul.suffix ]]'
+
    # Postgres database to use
-    db:
+    postgres:
      host: 127.0.0.1
      port: 5432
-      name: '[[ .instance ]]-synapse'
+      database: '[[ .instance ]]-synapse'
      user: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]-synapse" }}{{ .Data.username }}{{ end }}'
      password: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]-synapse" }}{{ .Data.password }}{{ end }}'