This commit is contained in:
p5t2vspoqqw 2019-08-05 09:34:30 +02:00
commit 51d5741bb3
15 changed files with 97 additions and 17 deletions

View file

@ -1,3 +1,18 @@
# 2019-08-03
## Synapse logging level has been reduced to WARNING
After [some discussion in our support room](https://matrix.to/#/!PukFFdIcHgtaaHZflT:devture.com/$156476852524179TBeKy:matrix.org?via=devture.com&via=matrix.org&via=librem.one), we've decided to change the default logging level for Synapse from `INFO` to `WARNING`.
This greatly reduces the number of log messages that are being logged, leading to:
- much less disk space dedicated to Synapse and thus, logs kept for longer
- easier to find some important `WARNING`, `ERROR` and `CRITICAL` messages, as they're not longer buried in thousands of non-important `INFO` messages
If you'd like to track down an issue, you [can always increase the logging level as described here](./docs/maintenance-and-troubleshooting.md#increasing-synapse-logging).
# 2019-07-08
## Synapse Maintenance docs and synapse-janitor support are available

View file

@ -29,7 +29,7 @@ You are required to specify an access token for Dimension to work.
To get an access token, follow these steps:
1. In a private browsing session (incognito window), open Riot.
2. It's better to you use dedicated user for getting access token, so log in with this user's username and password.
2. It's preferable to use a dedicated user for the access token, so create and log in with that user's username and password.
3. Set the display name and avatar, if required.
4. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
5. Copy the highlighted text to your configuration.

View file

@ -16,6 +16,24 @@ You can see the logs by using journalctl. Example:
sudo journalctl -fu matrix-synapse
```
## Increasing Synapse logging
Because the [Synapse](https://github.com/matrix-org/synapse) Matrix server is originally very chatty when it comes to logging, we intentionally reduce its [logging level](https://docs.python.org/3/library/logging.html#logging-levels) from `INFO` to `WARNING`.
If you'd like to debug an issue or [report a Synapse bug](https://github.com/matrix-org/synapse/issues/new/choose) to the developers, it'd be better if you temporarily increasing the logging level to `INFO` or even `DEBUG`.
Example configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`):
```yaml
matrix_synapse_log_level: "DEBUG"
matrix_synapse_storage_sql_log_level: "DEBUG"
matrix_synapse_root_log_level: "DEBUG"
```
Re-run the playbook after making these configuration changes.
## Postgres
See the dedicated [PostgreSQL Maintenance](maintenance-postgres.md) documentation page.

View file

@ -49,7 +49,7 @@
- name: Ensure Docker repository is enabled (Debian)
apt_repository:
repo: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present
update_cache: yes
when: ansible_os_family == 'Debian'

View file

@ -86,6 +86,8 @@ matrix_appservice_discord_configuration_yaml: |
# enable:
# - "DiscordBot"
database:
userStorePath: "/data/user-store.db"
roomStorePath: "/data/room-store.db"
# You may either use SQLite or Postgresql for the bridge database, which contains
# important mappings for events and user puppeting configurations.
# Use the filename option for SQLite, or connString for Postgresql.

View file

@ -32,10 +32,12 @@
failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists"
# In addition to this, there used to be some `user-store-db` and `room-store.db` files.
# They're no longer in use, so we're not relocating them in an effort to point them out as neither `./data`, nor `./config`.
- name: (Data relocation) Move AppService Discord discord.db file to ./data directory
command: "mv {{ matrix_appservice_discord_base_path }}/discord.db {{ matrix_appservice_discord_data_path }}/discord.db"
command: "mv {{ matrix_appservice_discord_base_path }}/{{ item }} {{ matrix_appservice_discord_data_path }}/{{ item }}"
with_items:
- discord.db
- user-store.db
- room-store.db
when: "matrix_appservice_discord_stat_db.stat.exists"
- name: Ensure AppService Discord config.yaml installed

View file

@ -3,7 +3,8 @@
matrix_mautrix_facebook_enabled: true
matrix_mautrix_facebook_docker_image: "tulir/mautrix-facebook:latest"
# See: https://mau.dev/tulir/mautrix-facebook/container_registry
matrix_mautrix_facebook_docker_image: "dock.mau.dev/tulir/mautrix-facebook:latest"
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook"
@ -12,7 +13,7 @@ matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data
matrix_mautrix_facebook_homeserver_address: 'http://matrix-synapse:8008'
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:8080'
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319'
# A list of extra arguments to pass to the container
matrix_mautrix_facebook_container_extra_arguments: []
@ -51,7 +52,7 @@ matrix_mautrix_facebook_configuration_yaml: |
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 8080
port: 29319
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1

View file

@ -3,7 +3,8 @@
matrix_mautrix_telegram_enabled: true
matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.6.0"
# See: https://mau.dev/tulir/mautrix-telegram/container_registry
matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:v0.6.0"
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram"

View file

@ -3,7 +3,8 @@
matrix_mautrix_whatsapp_enabled: true
matrix_mautrix_whatsapp_docker_image: "tulir/mautrix-whatsapp:latest"
# See: https://mau.dev/tulir/mautrix-whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/tulir/mautrix-whatsapp"
matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}"
matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp"

View file

@ -2,7 +2,7 @@ matrix_mailer_enabled: true
matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
matrix_mailer_docker_image: "devture/exim-relay:4.92-r0-0"
matrix_mailer_docker_image: "devture/exim-relay:4.92.1-r0-1"
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
# The user/group that the container runs with.

View file

@ -3,7 +3,7 @@ matrix_nginx_proxy_enabled: true
# We use an official nginx image, which we fix-up to run unprivileged.
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
# that is frequently out of date.
matrix_nginx_proxy_docker_image: "nginx:1.17.1-alpine"
matrix_nginx_proxy_docker_image: "nginx:1.17.2-alpine"
matrix_nginx_proxy_docker_image_force_pull: "{{ matrix_nginx_proxy_docker_image.endswith(':latest') }}"
matrix_nginx_proxy_base_path: "{{ matrix_base_data_path }}/nginx-proxy"

View file

@ -10,3 +10,8 @@
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_with_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container'}
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_sans_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container'}
- name: Fail on unknown matrix_ssl_retrieval_method
fail:
msg: >-
`matrix_ssl_retrieval_method` needs to be set to a known value.
when: "matrix_ssl_retrieval_method not in ['lets-encrypt', 'self-signed', 'manually-managed', 'none']"

View file

@ -1,6 +1,6 @@
matrix_riot_web_enabled: true
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.2.4"
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.3.0"
matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}"
matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web"

View file

@ -3,7 +3,7 @@
matrix_synapse_enabled: true
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.1.0"
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.2.1"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
@ -77,9 +77,9 @@ matrix_synapse_tmp_directory_size_mb: "{{ matrix_synapse_max_upload_size_mb * 50
# Possible options are defined here https://docs.python.org/3/library/logging.html#logging-levels
# warning: setting log level to DEBUG will make synapse log sensitive information such
# as access tokens
matrix_synapse_log_level: "INFO"
matrix_synapse_storage_sql_log_level: "INFO"
matrix_synapse_root_log_level: "INFO"
matrix_synapse_log_level: "WARNING"
matrix_synapse_storage_sql_log_level: "WARNING"
matrix_synapse_root_log_level: "WARNING"
# Rate limits
matrix_synapse_rc_message:

View file

@ -797,6 +797,17 @@ enable_registration: {{ matrix_synapse_enable_registration|to_json }}
# renew_at: 1w
# renew_email_subject: "Renew your %(app)s account"
# Time that a user's session remains valid for, after they log in.
#
# Note that this is not currently compatible with guest logins.
#
# Note also that this is calculated at login time: changes are not applied
# retrospectively to users who have already logged in.
#
# By default, this is infinite.
#
#session_lifetime: 24h
# The user must provide all of the below types of 3PID when registering.
#
#registrations_require_3pid:
@ -1474,3 +1485,27 @@ room_list_publication_rules: {{ matrix_synapse_room_list_publication_rules|to_js
# module: "my_custom_project.SuperRulesSet"
# config:
# example_option: 'things'
## Opentracing ##
# These settings enable opentracing, which implements distributed tracing.
# This allows you to observe the causal chains of events across servers
# including requests, key lookups etc., across any server running
# synapse or any other other services which supports opentracing
# (specifically those implemented with Jaeger).
#
opentracing:
# tracing is disabled by default. Uncomment the following line to enable it.
#
#enabled: true
# The list of homeservers we wish to send and receive span contexts and span baggage.
# See docs/opentracing.rst
# This is a list of regexes which are matched against the server_name of the
# homeserver.
#
# By defult, it is empty, so no servers are matched.
#
#homeserver_whitelist:
# - ".*"