Update to 2020-05-06 11:00

roles/matrix_synapse/meta/main.yml

@@ -1,4 +1 @@
 ---
-dependencies:
-  - role: repo_scl
-...

roles/matrix_synapse/tasks/directories.yml

@@ -18,6 +18,7 @@
     - dir: etc
       mode: 750
     - dir: res/templates
-    - dir: db_dumps
+    - dir: backup
       mode: 700
+    - dir: venv
   tags: matrix

roles/matrix_synapse/tasks/facts.yml

@@ -1,10 +1,5 @@
 ---
 
-- name: Check if a python 2.7 venv aready exists
-  stat: path={{ synapse_root_dir }}/lib/python2.7
-  register: synapse_venv_27
-  tags: matrix
-
 - import_tasks: ../includes/get_rand_pass.yml
   vars:
     - pass_file: "{{ synapse_root_dir }}/meta/ansible_dbpass"
@@ -28,4 +23,7 @@
 - set_fact: synapse_form_secret={{ rand_pass }}
   tags: matrix
 
-
+- name: Check if the old venv is present
+  stat: path={{ synapse_root_dir }}/lib
+  register: synapse_old_venv
+  tags: matrix

roles/matrix_synapse/tasks/install.yml

@@ -23,30 +23,22 @@
       - postgresql-devel
       - libpqxx-devel
       - jemalloc
-      - rh-python36-python-virtualenv
+      - python3-virtualenv
-      - rh-python36-python-pip
+      - python3-pip
+      - python-psycopg2
   tags: matrix
 
-- name: Stop synapse
+- name: Wipe pip cache
-  service: name=matrix-synapse state=stopped
+  file: path=/root/.cache/pip state=absent
-  when: synapse_venv_27.stat.exists
+  when: synapse_old_venv.stat.exists
-  tags: matrix
-
-- name: Remove the venv
-  file: path={{ synapse_root_dir }}/{{ item }} state=absent
-  loop:
-    - lib
-    - lib64
-    - include
-    - bin
-  when: synapse_venv_27.stat.exists
   tags: matrix
 
 - name: Install or update dependencies in the virtual env
   pip:
     state: latest
-    virtualenv: "{{ synapse_root_dir }}"
+    virtualenv: "{{ synapse_root_dir }}/venv"
-    virtualenv_command: /opt/rh/rh-python36/root/usr/bin/virtualenv
+    virtualenv_command: /usr/bin/virtualenv-3
+    virtualenv_python: /usr/bin/python3
     name:
       - bleach
       - matrix-synapse-ldap3
@@ -62,8 +54,9 @@
 
 - name: Install or update synapse in a virtualenv
   pip:
-    virtualenv: "{{ synapse_root_dir }}"
+    virtualenv: "{{ synapse_root_dir }}/venv"
-    virtualenv_command: /opt/rh/rh-python36/root/usr/bin/virtualenv
+    virtualenv_command: /usr/bin/virtualenv-3
+    virtualenv_python: /usr/bin/python3
     name:
       - matrix-synapse
     version: "{{ synapse_version }}"
@@ -73,6 +66,7 @@
 - name: Install the service unit file
   template: src=matrix-synapse.service.j2 dest=/etc/systemd/system/matrix-synapse.service
   register: synapse_service_unit
+  notify: restart synapse
   tags: matrix
 
 - name: Reload systemd
@@ -83,7 +77,7 @@
 - name: Install REST auth module
   get_url:
     url: https://raw.githubusercontent.com/ma1uta/matrix-synapse-rest-password-provider/master/rest_auth_provider.py
-    dest: "{{ synapse_root_dir }}/lib/python3.6/site-packages/"
+    dest: "{{ synapse_root_dir }}/venv/lib/python3.6/site-packages/"
   tags: matrix
 
 - name: Create the PostgreSQL role
@@ -110,12 +104,10 @@
   tags: matrix
 
 - name: Deploy backup scripts
-  template: src={{ item.src }} dest=/etc/backup/{{ item.dest }}/matrix_synapse.sh mode=750
+  template: src={{ item }}-backup.sh.j2 dest=/etc/backup/{{ item }}.d/matrix_synapse.sh mode=750
-  with_items:
+  loop:
-    - src: pre-backup.sh.j2
+    - pre
-      dest: pre.d
+    - post
-    - src: post-backup.sh.j2
-      dest: post.d
   tags: matrix
 
 - name: Install synapse_janitor.sql script
@@ -125,7 +117,7 @@
   tags: matrix
 
 - name: Deploy janitor script
-  template: src=synapse_janitor.sh.j2 dest={{ synapse_root_dir }}/bin/synapse_janitor.sh mode=700
+  template: src=synapse_janitor.sh.j2 dest={{ synapse_root_dir }}/venv/bin/synapse_janitor.sh mode=700
   tags: matrix
 
 - name: Setup cron job to clean synapse database
@@ -133,7 +125,7 @@
     name: matrix_synapse_janitor
     special_time: weekly
     user: root
-    job: '{{ synapse_root_dir }}/bin/synapse_janitor.sh | /bin/systemd-cat'
+    job: '{{ synapse_root_dir }}/venv/bin/synapse_janitor.sh | /bin/systemd-cat'
     cron_file: matrix_synapse
   tags: matrix
 

roles/matrix_synapse/tasks/main.yml

@@ -8,4 +8,5 @@
 - include: iptables.yml
   when: iptables_manage | default(True)
 - include: service.yml
+- include: cleanup.yml
 

roles/matrix_synapse/templates/matrix-synapse.service.j2

@@ -6,8 +6,13 @@ Type=simple
 User={{ synapse_user }}
 Group={{ synapse_user }}
 Environment=LD_PRELOAD=/usr/lib64/libjemalloc.so.1
+{% if system_proxy is defined and system_proxy != '' %}
+{% for env in ['http_proxy', 'https_proxy', 'HTTP_PROXY', 'HTTPS_PROXY'] %}
+Environment={{ env }}={{ system_proxy | urlsplit('hostname') }}:{{ system_proxy | urlsplit('port') }}
+{% endfor %}
+{% endif %}
 PermissionsStartOnly=yes
-ExecStart={{ synapse_root_dir }}/bin/python3 -m synapse.app.homeserver -c {{ synapse_root_dir }}/etc/homeserver.yaml -n
+ExecStart={{ synapse_root_dir }}/venv/bin/python3 -m synapse.app.homeserver -c {{ synapse_root_dir }}/etc/homeserver.yaml -n
 ExecReload=/bin/kill -HUP $MAINPID
 PrivateTmp=yes
 PrivateDevices=yes

roles/matrix_synapse/templates/post-backup.sh.j2

@@ -1,3 +1,3 @@
-#!/bin/sh
+#!/bin/bash -e
 
-rm -f {{ synapse_root_dir }}/db_dumps/*
+rm -f {{ synapse_root_dir }}/backup/*

roles/matrix_synapse/templates/pre-backup.sh.j2

@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/bash -e
 
 PGPASSWORD='{{ synapse_pg_db_pass }}' /usr/pgsql-11/bin/pg_dump \
   --clean \
   --create \
   --username={{ synapse_pg_db_user }} \
   --host={{ synapse_pg_db_server }} \
-  {{ synapse_pg_db_name }} | lz4 -c > {{ synapse_root_dir }}/db_dumps/{{ synapse_pg_db_name }}.sql.lz4
+  {{ synapse_pg_db_name }} | zstd -T0 -c > {{ synapse_root_dir }}/backup/{{ synapse_pg_db_name }}.sql.zst