From f99dcd611fadce7d20a3a804b4aac49d2d3781e2 Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <slavi@devture.com>
Date: Fri, 19 Mar 2021 16:44:10 +0200
Subject: [PATCH] Pass proper UID/GID to Synapse

Fixes a regression caused by a5ee39266c29c6.

If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.

This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a93d410).
---
 .../templates/synapse/systemd/matrix-synapse-worker.service.j2  | 2 ++
 .../templates/synapse/systemd/matrix-synapse.service.j2         | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
index 43dc42d1..6c90c9a3 100644
--- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
+++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2
@@ -17,6 +17,8 @@ ExecStartPre={{ matrix_host_command_sleep }} 5
 ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			-e UID={{ matrix_user_uid }} \
+			-e GID={{ matrix_user_gid }} \
 			--cap-drop=ALL \
 			--read-only \
 			--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
index cd3a2f3d..2fbaac7b 100644
--- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
+++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2
@@ -33,6 +33,8 @@ ExecStartPre={{ matrix_host_command_sleep }} 3
 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			--env=UID={{ matrix_user_uid }} \
+			--env=GID={{ matrix_user_gid }} \
 			--cap-drop=ALL \
 			--read-only \
 			--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \