From b33e289d996e8c69fef82d02e665f3fb87d894fa Mon Sep 17 00:00:00 2001
From: Quentin <quentin@deuxfleurs.fr>
Date: Mon, 9 Dec 2019 16:18:48 +0100
Subject: [synapse] Docker update from 1.4.0rc1 to 1.7.0rc1

---
 consul/configuration/chat/fb2mx/config.yaml |  4 +-
 doc/create_database/README.md               | 15 -------
 doc/init_stolon/README.md                   | 31 --------------
 docker/matrix-synapse/Dockerfile            |  2 +-
 docker/matrix-synapse/README.md             |  2 +-
 man/create_database/README.md               | 15 +++++++
 man/init_stolon/README.md                   | 31 ++++++++++++++
 nomad/chat.hcl                              | 64 +++++++++++++++++++++++++++++
 8 files changed, 114 insertions(+), 50 deletions(-)
 delete mode 100644 doc/create_database/README.md
 delete mode 100644 doc/init_stolon/README.md
 create mode 100644 man/create_database/README.md
 create mode 100644 man/init_stolon/README.md

diff --git a/consul/configuration/chat/fb2mx/config.yaml b/consul/configuration/chat/fb2mx/config.yaml
index 51684e3..964c681 100644
--- a/consul/configuration/chat/fb2mx/config.yaml
+++ b/consul/configuration/chat/fb2mx/config.yaml
@@ -42,8 +42,8 @@ appservice:
     community_id: "+fbusers:deuxfleurs.fr"
 
     # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
-    as_token: "This value is generated when generating the registration"
-    hs_token: "This value is generated when generating the registration"
+    as_token: '{{ key "secrets/chat/fb2mx/as_token" | trimSpace }}'
+    hs_token: '{{ key "secrets/chat/fb2mx/hs_token" | trimSpace }}'
 
 # Bridge config
 bridge:
diff --git a/doc/create_database/README.md b/doc/create_database/README.md
deleted file mode 100644
index 7084a10..0000000
--- a/doc/create_database/README.md
+++ /dev/null
@@ -1,15 +0,0 @@
-```bash
-ssh root@<one node of the cluster>
-docker run -t -i superboum/amd64_postgres:v1
-psql -h psql-proxy.service.2.cluster.deuxfleurs.fr -p 25432 -U postgres -W postgres
-```
-
-```sql
-CREATE USER seafile;
-CREATE DATABASE seafile ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER seafile;
--- GRANT ALL PRIVILEGES ON DATABASE seafile TO seafile;
-```
-
-```
-consul kv import @ldapkv_seafile.json
-```
diff --git a/doc/init_stolon/README.md b/doc/init_stolon/README.md
deleted file mode 100644
index fe3a912..0000000
--- a/doc/init_stolon/README.md
+++ /dev/null
@@ -1,31 +0,0 @@
-Spawn container:
-
-```bash
-docker run -t -i superboum/arm32v7_postgres:v6 
-# OR
-docker run -t -i superboum/amd64_postgres:v1 
-```
-
-
-Init with:
-
-```
-stolonctl \
-  --cluster-name pissenlit \
-  --store-backend=consul \
-  --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 \
-  init \
-  '{ "initMode": "new", "pgHBA": [ "host all postgres all md5", "host replication replicator all md5", "host all all all ldap ldapserver=bottin.service.2.cluster.deuxfleurs.fr ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\"" ] }'
-
-```
-
-Then set appropriate permission on host:
-
-```
-chown -R 102:102 /mnt/storage/postgres/
-```
-
-(102 is the id of the postgres user used in Docker)
-It might be improved by staying with root, then chmoding in an entrypoint and finally switching to user 102 before executing user's command.
-Moreover it would enable the usage of the user namespace that shift the UIDs.
-
diff --git a/docker/matrix-synapse/Dockerfile b/docker/matrix-synapse/Dockerfile
index ee12e0d..140304d 100644
--- a/docker/matrix-synapse/Dockerfile
+++ b/docker/matrix-synapse/Dockerfile
@@ -1,6 +1,6 @@
 FROM amd64/debian:stretch as builder
 
-ENV VERSION 1.4.0rc1
+ENV VERSION 1.7.0rc1
 
 RUN apt-get update && \
     apt-get -qq -y full-upgrade && \
diff --git a/docker/matrix-synapse/README.md b/docker/matrix-synapse/README.md
index 922530f..2aed6cf 100644
--- a/docker/matrix-synapse/README.md
+++ b/docker/matrix-synapse/README.md
@@ -1,3 +1,3 @@
 ```
-docker build -t superboum/amd64_synapse:v22 .
+docker build -t superboum/amd64_synapse:v23 .
 ```
diff --git a/man/create_database/README.md b/man/create_database/README.md
new file mode 100644
index 0000000..7084a10
--- /dev/null
+++ b/man/create_database/README.md
@@ -0,0 +1,15 @@
+```bash
+ssh root@<one node of the cluster>
+docker run -t -i superboum/amd64_postgres:v1
+psql -h psql-proxy.service.2.cluster.deuxfleurs.fr -p 25432 -U postgres -W postgres
+```
+
+```sql
+CREATE USER seafile;
+CREATE DATABASE seafile ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER seafile;
+-- GRANT ALL PRIVILEGES ON DATABASE seafile TO seafile;
+```
+
+```
+consul kv import @ldapkv_seafile.json
+```
diff --git a/man/init_stolon/README.md b/man/init_stolon/README.md
new file mode 100644
index 0000000..fe3a912
--- /dev/null
+++ b/man/init_stolon/README.md
@@ -0,0 +1,31 @@
+Spawn container:
+
+```bash
+docker run -t -i superboum/arm32v7_postgres:v6 
+# OR
+docker run -t -i superboum/amd64_postgres:v1 
+```
+
+
+Init with:
+
+```
+stolonctl \
+  --cluster-name pissenlit \
+  --store-backend=consul \
+  --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 \
+  init \
+  '{ "initMode": "new", "pgHBA": [ "host all postgres all md5", "host replication replicator all md5", "host all all all ldap ldapserver=bottin.service.2.cluster.deuxfleurs.fr ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\"" ] }'
+
+```
+
+Then set appropriate permission on host:
+
+```
+chown -R 102:102 /mnt/storage/postgres/
+```
+
+(102 is the id of the postgres user used in Docker)
+It might be improved by staying with root, then chmoding in an entrypoint and finally switching to user 102 before executing user's command.
+Moreover it would enable the usage of the user namespace that shift the UIDs.
+
diff --git a/nomad/chat.hcl b/nomad/chat.hcl
index a0c5397..3df61ae 100644
--- a/nomad/chat.hcl
+++ b/nomad/chat.hcl
@@ -113,7 +113,71 @@ job "chat" {
       }
     }
   }
+/*
+  group "facebook_bridge" {
+    count = 1
+    task "fb2mx" {
+      driver = "docker"
+      config {
+        # https://mau.dev/tulir/mautrix-facebook/container_registry
+        image = "dock.mau.dev/tulir/mautrix-facebook:latest"
+        port_map {
+          api_port = 29319
+        }
+        volumes = [
+	  "secrets/conf:/data"
+        ]
+      }
+
+      resources {
+        memory = 50
+        network {
+          port "api_port" {
+            static = "29319"
+          }
+        }
+      }
+
+      service {
+        tags = ["mxbridge"]
+        port = "api_port"
+        address_mode = "host"
+        name = "fb2mx"
+        check {
+          type = "tcp"
+          port = "api_port"
+          interval = "60s"
+          timeout = "5s"
+          check_restart {
+            limit = 3
+            grace = "90s"
+            ignore_warnings = false
+          }
+        }
+      }
+
+      artifact {
+        source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw"
+        destination = "secrets/tpl/registration.yaml.tpl"
+        mode = "file"
+      }
+      template {
+        source = "secrets/tpl/registration.yaml.tpl"
+        destination = "secrets/conf/registration.yaml"
+      }
 
+      artifact {
+        source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/config.yaml?raw"
+        destination = "secrets/tpl/config.yaml.tpl"
+        mode = "file"
+      }
+      template {
+        source = "secrets/tpl/config.yaml.tpl"
+        destination = "secrets/conf/config.yaml"
+      }
+    }
+ }
+*/
   group "riotweb" {
     count = 1
 
-- 
cgit v1.2.3