From b21ec4f5048dcfca80e9cf1268010148ca3b71ce Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Fri, 2 Aug 2019 15:51:15 +0200 Subject: [PATCH 1/4] [gitea] Add link for SSH setup --- alpine/gitea/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/alpine/gitea/README.md b/alpine/gitea/README.md index 38498ed..438cf48 100644 --- a/alpine/gitea/README.md +++ b/alpine/gitea/README.md @@ -38,5 +38,5 @@ through the web UI, but here goes. ## TODO * Instructions for setting up SSH with Gitea's built-in SSH server and the SSH - server running on the host. + server running on the host. https://docs.gitea.io/en-us/install-with-docker/ * Real world configuration. From d56dbacde6de97a330a0ade835ff0af4b575f53a Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Mon, 1 Feb 2021 22:08:22 +0100 Subject: [PATCH 2/4] [matrix] redoit --- alpine/matrix/build.sh | 35 ++++-- alpine/matrix/conf/homeserver.jenga.yaml | 143 ----------------------- alpine/matrix/conf/os-release | 4 + alpine/matrix/scripts/install-pip.sh | 37 ++++++ alpine/matrix/scripts/install.sh | 40 +------ alpine/matrix/systemd/matrix.service | 5 +- 6 files changed, 75 insertions(+), 189 deletions(-) delete mode 100644 alpine/matrix/conf/homeserver.jenga.yaml create mode 100644 alpine/matrix/conf/os-release create mode 100644 alpine/matrix/scripts/install-pip.sh diff --git a/alpine/matrix/build.sh b/alpine/matrix/build.sh index 0682477..fb8db74 100644 --- a/alpine/matrix/build.sh +++ b/alpine/matrix/build.sh @@ -1,24 +1,43 @@ #!/bin/sh -ROOTFS=/tmp/matrix -ALPINE_TARBALL=alpine-minirootfs-3.9.2-x86_64.tar.gz +set -e -wget http://dl-cdn.alpinelinux.org/alpine/v3.9/releases/x86_64/$ALPINE_TARBALL +[ -z $NAME ] && NAME=matrix +IMAGE=/tmp/$NAME.raw + +[ -z $ROOTFS ] && ROOTFS=$(mktemp -d $NAME.XXX -t) +[ -z $ALPINE_VERSION ] && ALPINE_VERSION=3.12 +[ -z $ALPINE_RELEASE ] && ALPINE_RELEASE=0 + +ALPINE_TARBALL=alpine-minirootfs-$ALPINE_VERSION.$ALPINE_RELEASE-x86_64.tar.gz + +[ -f $IMAGE.raw ] && rm $IMAGE.raw +[ -f $ALPINE_TARBALL ] || wget http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_VERSION/releases/x86_64/$ALPINE_TARBALL mkdir -p $ROOTFS tar xf $ALPINE_TARBALL -C $ROOTFS/ \ - ./etc/apk ./etc/os-release ./usr ./lib ./bin ./sbin ./var + ./etc/apk ./usr ./lib ./bin ./sbin ./var + +chmod 755 $ROOTFS mkdir -p \ $ROOTFS/etc/systemd/system \ $ROOTFS/var/{lib,run,tmp} \ $ROOTFS/{dev,tmp,proc,root,run,sys} \ $ROOTFS/etc/matrix \ - $ROOTFS/var/lib/matrix-{synapse,appservice-irc} + $ROOTFS/var/lib/matrix-synapse \ + $ROOTFS/run/systemd/unit-root/var/tmp touch $ROOTFS/etc/machine-id $ROOTFS/etc/resolv.conf +cp systemd/matrix.service $ROOTFS/etc/systemd/system/$NAME.service +cp conf/os-release $ROOTFS/etc/os-release -cp systemd/* $ROOTFS/etc/systemd/system/ +sudo systemd-nspawn --directory $ROOTFS/ \ + --bind $HOME/dev/python/pyopenssl:/tmp/pyopenssl \ + --bind=$PWD/scripts/install.sh:/root/install.sh \ + /bin/sh /root/install.sh -sudo systemd-nspawn --bind=$PWD/scripts/install.sh:/root/install.sh -D $ROOTFS/ /bin/sh /root/install.sh -mksquashfs $ROOTFS/ /tmp/matrix.raw +mksquashfs $ROOTFS/ $IMAGE -all-root -noappend +sudo portablectl detach $IMAGE || true +sudo portablectl attach $IMAGE +sudo systemctl restart $NAME.service diff --git a/alpine/matrix/conf/homeserver.jenga.yaml b/alpine/matrix/conf/homeserver.jenga.yaml deleted file mode 100644 index 009d965..0000000 --- a/alpine/matrix/conf/homeserver.jenga.yaml +++ /dev/null @@ -1,143 +0,0 @@ -no_tls: False -tls_certificate_path: "/etc/synapse/jenga.local.tls.crt" -tls_private_key_path: "/etc/synapse/jenga.local.tls.key" -tls_dh_params_path: "/etc/synapse/jenga.local.tls.dh" -tls_fingerprints: [] -# tls_fingerprints: [{"sha256": ""}] - - -## Server ## -server_name: "jenga.local" -pid_file: /var/lib/synapse/homeserver.pid - - -soft_file_limit: 0 -use_presence: true - - -listeners: - - - port: 8448 - bind_addresses: - - '::' - - '0.0.0.0' - type: http - tls: true - x_forwarded: false - resources: - - - names: - - client # The client-server APIs, both v1 and v2 - # - webclient # A web client. Requires web_client_location to be set. - compress: true - - - names: [federation] # Federation APIs - compress: false - - -# Database configuration -database: - name: "sqlite3" - args: - database: "/var/lib/synapse/homeserver.db" - -event_cache_size: "10K" - -log_config: "/etc/synapse/log.config" - - -## Ratelimiting ## -rc_messages_per_second: 0.2 -rc_message_burst_count: 10.0 -federation_rc_window_size: 1000 -federation_rc_sleep_limit: 10 -federation_rc_sleep_delay: 500 -federation_rc_reject_limit: 50 -federation_rc_concurrent: 3 - -# Directory where uploaded images and attachments are stored. -media_store_path: "/var/lib/synapse/media_store" -uploads_path: "/var/lib/synapse/uploads" -max_upload_size: "10M" -max_image_pixels: "32M" - -dynamic_thumbnails: false -thumbnail_sizes: -- width: 32 - height: 32 - method: crop -- width: 96 - height: 96 - method: crop -- width: 320 - height: 240 - method: scale -- width: 640 - height: 480 - method: scale -- width: 800 - height: 600 - method: scale - -url_preview_enabled: False -max_spider_size: "10M" - - -## Captcha ## -recaptcha_public_key: "YOUR_PUBLIC_KEY" -recaptcha_private_key: "YOUR_PRIVATE_KEY" -enable_registration_captcha: False -recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" - -turn_user_lifetime: "1h" -turn_allow_guests: True - - -## Registration ## -enable_registration: False -registration_shared_secret: ",@MxAOPr0kkpC-Gzzk1=Ea-HKH@S-utf:Uf0fiz;xAo~I2Y9Fk" -bcrypt_rounds: 12 -allow_guest_access: False -trusted_third_party_id_servers: - - matrix.org - - vector.im - -autocreate_auto_join_rooms: true - - -## Metrics ### -enable_metrics: False -report_stats: false - - -## API Configuration ## -room_invite_state_types: - - "m.room.join_rules" - - "m.room.canonical_alias" - - "m.room.avatar" - - "m.room.name" -app_service_config_files: [] -track_appservice_user_ips: False -macaroon_secret_key: "mL9+dY892cIh&=L6kdZV.SU;i_N=-*DBkA,p^Jp8eQ_v7-DXz4" -expire_access_token: False -form_secret: "&+O&4t2BKp=E++pPrc:Y=Uxi50yM,Z5XxX^VFQ7Fad^0y,#bOc" - -## Signing Keys ## - -signing_key_path: "/etc/synapse/jenga.local.signing.key" -old_signing_keys: {} -key_refresh_interval: "1d" # 1 Day. - - -# Enable password for login. -password_config: - enabled: true - # Uncomment and change to a secret random string for extra security. - # DO NOT CHANGE THIS AFTER INITIAL SETUP! - #pepper: "" - -enable_group_creation: false -alias_creation_rules: - - user_id: "*" - alias: "*" - action: allow diff --git a/alpine/matrix/conf/os-release b/alpine/matrix/conf/os-release new file mode 100644 index 0000000..a6a2844 --- /dev/null +++ b/alpine/matrix/conf/os-release @@ -0,0 +1,4 @@ +PORTABLE_PRETTY_NAME="Synapse: A matrix homeserver" +PORTABLE_ID=synapse +PRETTY_NAME=Alpine +ID=alpine diff --git a/alpine/matrix/scripts/install-pip.sh b/alpine/matrix/scripts/install-pip.sh new file mode 100644 index 0000000..9f1819a --- /dev/null +++ b/alpine/matrix/scripts/install-pip.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +apk --no-cache add --virtual .synapse-build \ + build-base \ + git \ + libevent-dev \ + libffi-dev \ + libjpeg-turbo-dev \ + libressl-dev \ + libxslt-dev \ + linux-headers \ + python3-dev \ + py3-pip \ + zlib-dev + +pip3 install --upgrade pip setuptools +pip3 install https://github.com/matrix-org/synapse/tarball/master + +apk del .synapse-build + +# Runtime packages. +apk --no-cache add \ + libjpeg-turbo \ + libmagic \ + libressl2.7-libssl \ + python3 + +find /usr -name "__pycache__" -exec rm -rf {} + +find /usr -name "*.pyc" -exec rm {} + +find /usr -name "*yarn*" -exec rm -rf {} + + +apk del alpine-keys + +rm -rf /etc/apk \ + /root/.cache \ + /root/.config \ + /var/cache/* diff --git a/alpine/matrix/scripts/install.sh b/alpine/matrix/scripts/install.sh index fd6407a..185fd5f 100644 --- a/alpine/matrix/scripts/install.sh +++ b/alpine/matrix/scripts/install.sh @@ -1,46 +1,16 @@ #!/bin/sh -apk --no-cache add --virtual .synapse-build \ - build-base \ - git \ - libevent-dev \ - libffi-dev \ - libjpeg-turbo-dev \ - libressl-dev \ - libxslt-dev \ - linux-headers \ - python3-dev \ - yarn \ - zlib-dev - -pip3 install --upgrade pip setuptools -pip3 install https://github.com/matrix-org/synapse/tarball/master - -IRC_DIR=/usr/lib/matrix-appservice-irc/ -mkdir ${IRC_DIR} -cd ${IRC_DIR} -yarn add matrix-appservice-irc -ln -s ${IRC_DIR}/node_modules/matrix-appservice-irc/bin/matrix-appservice-irc /usr/local/bin/matrix-appservice-irc - -apk del .synapse-build - -# Runtime packages. -apk --no-cache add \ - libjpeg-turbo \ - libmagic \ - libressl2.7-libssl \ - nodejs \ - python3 +apk --no-cache add --no-scripts --no-commit-hooks --initramfs-diskless-boot synapse find /usr -name "__pycache__" -exec rm -rf {} + find /usr -name "*.pyc" -exec rm {} + -find /usr -name "*yarn*" -exec rm -rf {} + -find / -name "*node-gyp*" -exec rm -rf {} + -apk del alpine-keys +apk del alpine-keys alpine-baselayout rm -rf /etc/apk \ + /etc/ssl \ + /etc/terminfo \ + /etc/synapse \ /root/.cache \ /root/.config \ - /root/.npm \ /var/cache/* diff --git a/alpine/matrix/systemd/matrix.service b/alpine/matrix/systemd/matrix.service index ac6d51f..8f2e9d7 100644 --- a/alpine/matrix/systemd/matrix.service +++ b/alpine/matrix/systemd/matrix.service @@ -4,14 +4,13 @@ After=network-online.target Requires=network-online.target [Service] -MemoryDenyWriteExecute=no - Environment=LANG=en_US.UTF-8 Environment=SYNAPSE_LOG_LEVEL=DEBUG Environment=PYTHONDONTWRITEBYTECODE=1 -ExecStart=/usr/bin/python3 -m synapse.app.homeserver -c /etc/matrix/homeserver.yaml +ExecStart=/usr/bin/synctl start /etc/matrix/homeserver.yaml --no-daemonize ExecStop=/usr/bin/synctl stop /etc/matrix/homeserver.yaml StateDirectory=matrix-synapse ConfigurationDirectory=matrix +RuntimeDirectory=matrix From d9214e47b57f09649e296f9880133aa9db1a0474 Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Sat, 6 Feb 2021 00:42:54 +0100 Subject: [PATCH 3/4] Rework the build and include coturn and riot web --- alpine/matrix/build.sh | 18 +++++++++--------- alpine/matrix/scripts/install-matrix.sh | 13 +++++++++++++ alpine/matrix/scripts/install-pip.sh | 7 +++---- alpine/matrix/scripts/install-riot.sh | 10 ++++++++++ alpine/matrix/scripts/install-turn.sh | 15 +++++++++++++++ alpine/matrix/scripts/install.sh | 16 ---------------- alpine/matrix/systemd/30-synapse-override.conf | 2 ++ .../systemd/matrix-appservice-irc.service | 10 ---------- alpine/matrix/systemd/matrix.service | 6 +++--- alpine/matrix/systemd/riot.service | 16 ++++++++++++++++ alpine/matrix/systemd/turn.service | 13 +++++++++++++ 11 files changed, 84 insertions(+), 42 deletions(-) create mode 100644 alpine/matrix/scripts/install-matrix.sh create mode 100644 alpine/matrix/scripts/install-riot.sh create mode 100644 alpine/matrix/scripts/install-turn.sh delete mode 100644 alpine/matrix/scripts/install.sh create mode 100644 alpine/matrix/systemd/30-synapse-override.conf delete mode 100644 alpine/matrix/systemd/matrix-appservice-irc.service create mode 100644 alpine/matrix/systemd/riot.service create mode 100644 alpine/matrix/systemd/turn.service diff --git a/alpine/matrix/build.sh b/alpine/matrix/build.sh index fb8db74..1b39dff 100644 --- a/alpine/matrix/build.sh +++ b/alpine/matrix/build.sh @@ -6,8 +6,8 @@ set -e IMAGE=/tmp/$NAME.raw [ -z $ROOTFS ] && ROOTFS=$(mktemp -d $NAME.XXX -t) -[ -z $ALPINE_VERSION ] && ALPINE_VERSION=3.12 -[ -z $ALPINE_RELEASE ] && ALPINE_RELEASE=0 +[ -z $ALPINE_VERSION ] && ALPINE_VERSION=3.13 +[ -z $ALPINE_RELEASE ] && ALPINE_RELEASE=1 ALPINE_TARBALL=alpine-minirootfs-$ALPINE_VERSION.$ALPINE_RELEASE-x86_64.tar.gz @@ -16,7 +16,7 @@ ALPINE_TARBALL=alpine-minirootfs-$ALPINE_VERSION.$ALPINE_RELEASE-x86_64.tar.gz mkdir -p $ROOTFS tar xf $ALPINE_TARBALL -C $ROOTFS/ \ - ./etc/apk ./usr ./lib ./bin ./sbin ./var + ./etc ./usr ./lib ./bin ./sbin ./var chmod 755 $ROOTFS @@ -24,20 +24,20 @@ mkdir -p \ $ROOTFS/etc/systemd/system \ $ROOTFS/var/{lib,run,tmp} \ $ROOTFS/{dev,tmp,proc,root,run,sys} \ - $ROOTFS/etc/matrix \ - $ROOTFS/var/lib/matrix-synapse \ + $ROOTFS/etc/$NAME \ + $ROOTFS/var/lib/$NAME \ $ROOTFS/run/systemd/unit-root/var/tmp touch $ROOTFS/etc/machine-id $ROOTFS/etc/resolv.conf -cp systemd/matrix.service $ROOTFS/etc/systemd/system/$NAME.service +cp -a systemd/${NAME}* $ROOTFS/etc/systemd/system/ cp conf/os-release $ROOTFS/etc/os-release sudo systemd-nspawn --directory $ROOTFS/ \ - --bind $HOME/dev/python/pyopenssl:/tmp/pyopenssl \ - --bind=$PWD/scripts/install.sh:/root/install.sh \ + --bind=$PWD/scripts/install-$NAME.sh:/root/install.sh \ /bin/sh /root/install.sh -mksquashfs $ROOTFS/ $IMAGE -all-root -noappend +sudo mksquashfs $ROOTFS/ $IMAGE -all-root -noappend +sudo systemctl stop $IMAGE || true sudo portablectl detach $IMAGE || true sudo portablectl attach $IMAGE sudo systemctl restart $NAME.service diff --git a/alpine/matrix/scripts/install-matrix.sh b/alpine/matrix/scripts/install-matrix.sh new file mode 100644 index 0000000..8ecc993 --- /dev/null +++ b/alpine/matrix/scripts/install-matrix.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +apk --no-cache add --no-scripts --no-commit-hooks synapse + +find /usr -name "__pycache__" -exec rm -rf {} + +find /usr -name "*.pyc" -exec rm {} + + +apk del alpine-keys + +rm -rf /etc/apk \ + /root/.cache \ + /root/.config \ + /var/cache/* diff --git a/alpine/matrix/scripts/install-pip.sh b/alpine/matrix/scripts/install-pip.sh index 9f1819a..0c1fc4b 100644 --- a/alpine/matrix/scripts/install-pip.sh +++ b/alpine/matrix/scripts/install-pip.sh @@ -13,21 +13,20 @@ apk --no-cache add --virtual .synapse-build \ py3-pip \ zlib-dev -pip3 install --upgrade pip setuptools +pip3 install --upgrade --force pip setuptools pip3 install https://github.com/matrix-org/synapse/tarball/master apk del .synapse-build -# Runtime packages. +# Runtime packages apk --no-cache add \ libjpeg-turbo \ libmagic \ - libressl2.7-libssl \ + libressl \ python3 find /usr -name "__pycache__" -exec rm -rf {} + find /usr -name "*.pyc" -exec rm {} + -find /usr -name "*yarn*" -exec rm -rf {} + apk del alpine-keys diff --git a/alpine/matrix/scripts/install-riot.sh b/alpine/matrix/scripts/install-riot.sh new file mode 100644 index 0000000..46047b7 --- /dev/null +++ b/alpine/matrix/scripts/install-riot.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +apk --no-cache add --no-scripts --no-commit-hooks riot-web nginx + +apk del alpine-keys + +rm -rf /etc/apk \ + /root/.cache \ + /root/.config \ + /var/cache/* diff --git a/alpine/matrix/scripts/install-turn.sh b/alpine/matrix/scripts/install-turn.sh new file mode 100644 index 0000000..c121ad9 --- /dev/null +++ b/alpine/matrix/scripts/install-turn.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +apk add --no-cache --purge -uU \ + --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \ + coturn sqlite-libs + +find /usr -name "__pycache__" -exec rm -rf {} + +find /usr -name "*.pyc" -exec rm {} + + +apk del alpine-keys + +rm -rf /etc/apk \ + /root/.cache \ + /root/.config \ + /var/cache/* diff --git a/alpine/matrix/scripts/install.sh b/alpine/matrix/scripts/install.sh deleted file mode 100644 index 185fd5f..0000000 --- a/alpine/matrix/scripts/install.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh - -apk --no-cache add --no-scripts --no-commit-hooks --initramfs-diskless-boot synapse - -find /usr -name "__pycache__" -exec rm -rf {} + -find /usr -name "*.pyc" -exec rm {} + - -apk del alpine-keys alpine-baselayout - -rm -rf /etc/apk \ - /etc/ssl \ - /etc/terminfo \ - /etc/synapse \ - /root/.cache \ - /root/.config \ - /var/cache/* diff --git a/alpine/matrix/systemd/30-synapse-override.conf b/alpine/matrix/systemd/30-synapse-override.conf new file mode 100644 index 0000000..f1446ce --- /dev/null +++ b/alpine/matrix/systemd/30-synapse-override.conf @@ -0,0 +1,2 @@ +[Service] +MemoryDenyWriteExecute=no diff --git a/alpine/matrix/systemd/matrix-appservice-irc.service b/alpine/matrix/systemd/matrix-appservice-irc.service deleted file mode 100644 index 940e77d..0000000 --- a/alpine/matrix/systemd/matrix-appservice-irc.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Matrix IRC gateway -After=matrix.service -Requires=matrix.service - -[Service] -Type=exec -ExecStart=/usr/local/bin/matrix-appservice-irc -c /etc/matrix/irc-config.yaml -f /etc/matrix/irc-registration.yaml -p 7881 -StateDirectory=matrix-appservice-irc -ConfigurationDirectory=matrix diff --git a/alpine/matrix/systemd/matrix.service b/alpine/matrix/systemd/matrix.service index 8f2e9d7..b9158c9 100644 --- a/alpine/matrix/systemd/matrix.service +++ b/alpine/matrix/systemd/matrix.service @@ -1,6 +1,5 @@ [Unit] Description=Synapse - Matrix homeserver -After=network-online.target Requires=network-online.target [Service] @@ -10,7 +9,8 @@ Environment=PYTHONDONTWRITEBYTECODE=1 ExecStart=/usr/bin/synctl start /etc/matrix/homeserver.yaml --no-daemonize ExecStop=/usr/bin/synctl stop /etc/matrix/homeserver.yaml +ExecReload=/opt/synapse/bin/synctl restart /etc/matrix/homeserver.yaml -StateDirectory=matrix-synapse -ConfigurationDirectory=matrix +StateDirectory=matrix RuntimeDirectory=matrix +ConfigurationDirectory=matrix diff --git a/alpine/matrix/systemd/riot.service b/alpine/matrix/systemd/riot.service new file mode 100644 index 0000000..b9158c9 --- /dev/null +++ b/alpine/matrix/systemd/riot.service @@ -0,0 +1,16 @@ +[Unit] +Description=Synapse - Matrix homeserver +Requires=network-online.target + +[Service] +Environment=LANG=en_US.UTF-8 +Environment=SYNAPSE_LOG_LEVEL=DEBUG +Environment=PYTHONDONTWRITEBYTECODE=1 + +ExecStart=/usr/bin/synctl start /etc/matrix/homeserver.yaml --no-daemonize +ExecStop=/usr/bin/synctl stop /etc/matrix/homeserver.yaml +ExecReload=/opt/synapse/bin/synctl restart /etc/matrix/homeserver.yaml + +StateDirectory=matrix +RuntimeDirectory=matrix +ConfigurationDirectory=matrix diff --git a/alpine/matrix/systemd/turn.service b/alpine/matrix/systemd/turn.service new file mode 100644 index 0000000..a23b882 --- /dev/null +++ b/alpine/matrix/systemd/turn.service @@ -0,0 +1,13 @@ +[Unit] +Description=Coturn - TURN/STUN server +Requires=network-online.target + +[Service] +Environment=LANG=en_US.UTF-8 + +ExecStart=/usr/bin/turnserver -c /etc/coturn/turnserver.conf +Restart=on-failure + +StateDirectory=turn +RuntimeDirectory=turn +ConfigurationDirectory=turn From 2dc0c15f5d0caca9b6f1538885a8b4a475348ae3 Mon Sep 17 00:00:00 2001 From: Vladan Popovic Date: Sat, 6 Feb 2021 00:48:49 +0100 Subject: [PATCH 4/4] Update the readme to the current state ... will be updated soon again --- alpine/matrix/README.md | 66 ++++++++--------------------------------- 1 file changed, 13 insertions(+), 53 deletions(-) diff --git a/alpine/matrix/README.md b/alpine/matrix/README.md index 3f55001..b7023d6 100644 --- a/alpine/matrix/README.md +++ b/alpine/matrix/README.md @@ -1,11 +1,9 @@ -Matrix synapse service with IRC and Telegram gateways -===================================================== +# Matrix synapse service with a TURN server and riot-web frontend -A collection of systemd services that run synapse and the IRC gateway -(matrix-appservice-irc) in an isolated read-only alpine squashfs image. +A collection of systemd services that run synapse, riot-web and a TURN server +as systemd portable services. -Building the squashfs image ---------------------------- +## Building the squashfs image Run: @@ -14,62 +12,24 @@ $ sh build.sh ``` It will create a rootfs/ folder with an alpine filesystem, install synapse, -matrix-appservice-irc and compress it into a squashfs image that will be used -as a root filesystem for the container. +compress it into a squashfs image that will be used as a root filesystem for +the container. -If the script finished successfully, you should get an \~45M matrix.raw +If the script finished successfully, you should get an \~25M matrix.raw image. -Running the portable services ------------------------------ +## Running the portable services Attach the container with `sudo portablectl attach ./matrix.raw`. - -The output should look something like this: - -``` {.sourceCode .shell} -$ sudo portablectl attach ./matrix.raw - -Created directory /etc/systemd/system.attached. -Created directory /etc/systemd/system.attached/matrix.service.d. -Written /etc/systemd/system.attached/matrix.service.d/20-portable.conf. -Created symlink /etc/systemd/system.attached/matrix.service.d/10-profile.conf → /usr/lib/systemd/portable/profile/default/service.conf. -Copied /etc/systemd/system.attached/matrix.service. -Created directory /etc/systemd/system.attached/matrix-appservice-irc.service.d. -Written /etc/systemd/system.attached/matrix-appservice-irc.service.d/20-portable.conf. -Created symlink /etc/systemd/system.attached/matrix-appservice-irc.service.d/10-profile.conf → /usr/lib/systemd/portable/profile/default/service.conf. -Copied /etc/systemd/system.attached/matrix-appservice-irc.service. -Created symlink /etc/portables/matrix.raw → /tmp/matrix.raw. - - Start/Stop as any other systemd service, e.g: ``` {.sourceCode .shell} -sudo systemctl start matrix-appservice-irc.service sudo systemctl stop matrix.service ``` -Existing matrix installations ------------------------------ +## Install another existing service -1. Stop your current services. -2. Copy all configuration files to `/etc/matrix`. -3. Run all portable services, so that they create all directories in - `/var/lib`. -4. Copy all data files, e.g. homeserver.db if you\'re using sqlite, - media and upload folders for synapse, rooms.db for the irc gateway, - etc. to `/var/lib/matrix-{synapse,appservice-irc}`. - -Warning -------- - -You should set up all logging to stdout. - -Any configuration that has something to do with the filesystem should be -configured to write files to `/var/lib/matrix-{synapse,appservice-irc}`. - -TODO ----- - -- Use a Makefile to build the image. Add attach, detach and clean - targets. +``` {.sourceCode .shell} +NAME=riot sh build.sh +sudo systemctl start riot.service +```