Support postgres pooler
This commit is contained in:
parent
f58675a8c7
commit
af17e5c4d5
|
@ -100,6 +100,8 @@ job "matrix" {
|
|||
|
||||
|
||||
|
||||
|
||||
|
||||
task "synapse" {
|
||||
driver = "docker"
|
||||
leader = true
|
||||
|
@ -110,12 +112,14 @@ job "matrix" {
|
|||
readonly_rootfs = true
|
||||
}
|
||||
|
||||
|
||||
vault {
|
||||
policies = ["matrix-synapse"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
|
||||
|
||||
env {
|
||||
SYNAPSE_CONFIG = "/secrets/homeserver.yml"
|
||||
|
||||
|
|
|
@ -48,6 +48,7 @@ job [[ .instance | toJSON ]] {
|
|||
}
|
||||
|
||||
[[ template "common/task.wait_for" $c ]]
|
||||
[[ template "common/postgres_pooler" $c ]]
|
||||
|
||||
task "synapse" {
|
||||
driver = [[ $c.nomad.driver | toJSON ]]
|
||||
|
@ -59,11 +60,7 @@ job [[ .instance | toJSON ]] {
|
|||
readonly_rootfs = true
|
||||
}
|
||||
|
||||
vault {
|
||||
policies = ["[[ .instance ]]-synapse[[ .consul.suffix ]]"]
|
||||
env = false
|
||||
disable_file = true
|
||||
}
|
||||
[[ template "common/vault.policies" $c ]]
|
||||
|
||||
env {
|
||||
SYNAPSE_CONFIG = "/secrets/homeserver.yml"
|
||||
|
@ -74,7 +71,7 @@ job [[ .instance | toJSON ]] {
|
|||
|
||||
template {
|
||||
data =<<_EOT
|
||||
[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" .) | yaml)) | toYAML ]]
|
||||
[[ (merge $c.config ((tmpl.Exec "matrix/homeserver.yml.tpl" $c) | yaml)) | toYAML ]]
|
||||
_EOT
|
||||
destination = "secrets/homeserver.yml"
|
||||
uid = 100000
|
||||
|
|
|
@ -18,11 +18,18 @@ listeners:
|
|||
database:
|
||||
name: psycopg2
|
||||
args:
|
||||
database: '[[ .matrix.synapse.db.name ]]'
|
||||
host: '[[ .matrix.synapse.db.host ]]'
|
||||
port: '[[ .matrix.synapse.db.port ]]'
|
||||
user: '[[ .matrix.synapse.db.user ]]'
|
||||
password: '[[ .matrix.synapse.db.password ]]'
|
||||
database: '[[ .postgres.database ]]'
|
||||
[[- if ne .postgres.pooler.engine "none" ]]
|
||||
host: '127.0.0.1'
|
||||
port: '6432'
|
||||
user: '[[ .instance ]]'
|
||||
password: '{{ env "NOMAD_ALLOC_ID" }}'
|
||||
[[- else ]]
|
||||
host: '[[ .postgres.host ]]'
|
||||
port: '[[ .postgres.port ]]'
|
||||
user: '[[ .postgres.user ]]'
|
||||
password: '[[ .postgres.password ]]'
|
||||
[[- end ]]
|
||||
|
||||
trusted_key_servers:
|
||||
- server_name: "matrix.org"
|
||||
|
|
|
@ -75,11 +75,16 @@ matrix:
|
|||
- username: '*'
|
||||
- netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'
|
||||
|
||||
# Vault policies
|
||||
vault:
|
||||
policies:
|
||||
- '[[ .instance ]]-synapse[[ .consul.suffix ]]'
|
||||
|
||||
# Postgres database to use
|
||||
db:
|
||||
postgres:
|
||||
host: 127.0.0.1
|
||||
port: 5432
|
||||
name: '[[ .instance ]]-synapse'
|
||||
database: '[[ .instance ]]-synapse'
|
||||
user: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]-synapse" }}{{ .Data.username }}{{ end }}'
|
||||
password: '{{ with secret "[[ .vault.prefix ]]database/creds/[[ .instance ]]-synapse" }}{{ .Data.password }}{{ end }}'
|
||||
|
||||
|
|
Loading…
Reference in New Issue