aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod
diff options
context:
space:
mode:
Diffstat (limited to 'cluster/prod')
-rw-r--r--cluster/prod/app/backup/README.md32
-rw-r--r--cluster/prod/app/matrix/build/docker-compose.yml2
-rw-r--r--cluster/prod/app/matrix/build/matrix-synapse/Dockerfile9
-rw-r--r--cluster/prod/app/matrix/deploy/im.hcl8
4 files changed, 43 insertions, 8 deletions
diff --git a/cluster/prod/app/backup/README.md b/cluster/prod/app/backup/README.md
new file mode 100644
index 0000000..62101d8
--- /dev/null
+++ b/cluster/prod/app/backup/README.md
@@ -0,0 +1,32 @@
+## Pour remonter locement un backup de PSQL fait par Nomad (backup-weekly.hcl)
+
+```bash
+export AWS_BUCKET=backups-pgbasebackup
+export AWS_ENDPOINT=s3.deuxfleurs.shirokumo.net
+export AWS_ACCESS_KEY_ID=$(consul kv get "secrets/postgres/backup/aws_access_key_id")
+export AWS_SECRET_ACCESS_KEY=$(consul kv get secrets/postgres/backup/aws_secret_access_key)
+export CRYPT_PUBLIC_KEY=$(consul kv get secrets/postgres/backup/crypt_public_key)
+```
+
+Et voilà le travail :
+
+```bash
+$ aws s3 --endpoint https://$AWS_ENDPOINT ls
+2022-04-14 17:00:50 backups-pgbasebackup
+
+$ aws s3 --endpoint https://$AWS_ENDPOINT ls s3://backups-pgbasebackup
+ PRE 2024-07-28 00:00:36.140539/
+ PRE 2024-08-04 00:00:21.291551/
+ PRE 2024-08-11 00:00:26.589762/
+ PRE 2024-08-18 00:00:40.873939/
+ PRE 2024-08-25 01:03:54.672763/
+ PRE 2024-09-01 00:00:20.019605/
+ PRE 2024-09-08 00:00:16.969740/
+ PRE 2024-09-15 00:00:37.951459/
+ PRE 2024-09-22 00:00:21.030452/
+
+$ aws s3 --endpoint https://$AWS_ENDPOINT ls "s3://backups-pgbasebackup/2024-09-22 00:00:21.030452/"
+2024-09-22 03:23:28 623490 backup_manifest
+2024-09-22 03:25:32 6037121487 base.tar.gz
+2024-09-22 03:25:33 19948939 pg_wal.tar.gz
+```
diff --git a/cluster/prod/app/matrix/build/docker-compose.yml b/cluster/prod/app/matrix/build/docker-compose.yml
index 3b70b64..b61fb39 100644
--- a/cluster/prod/app/matrix/build/docker-compose.yml
+++ b/cluster/prod/app/matrix/build/docker-compose.yml
@@ -20,4 +20,4 @@ services:
# otherwise synapse may fail to launch due to incompatibility issues
# see this issue for an example: https://github.com/matrix-org/synapse-s3-storage-provider/issues/64
S3_VERSION: 2c46a764f700e6439afa11c00db827ddf21a9e89
- image: particallydone/amd64_synapse:v59
+ image: particallydone/amd64_synapse:v60
diff --git a/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile b/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile
index 5a6f709..aa0c165 100644
--- a/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile
+++ b/cluster/prod/app/matrix/build/matrix-synapse/Dockerfile
@@ -1,4 +1,4 @@
-FROM amd64/debian:trixie as builder
+FROM amd64/debian:trixie AS builder
ARG VERSION
ARG S3_VERSION
@@ -31,13 +31,16 @@ RUN virtualenv /root/matrix-env -p /usr/bin/python3 && \
pip3 install \
git+https://github.com/matrix-org/synapse-s3-storage-provider.git@${S3_VERSION}
-FROM amd64/debian:bookworm
+# WARNING: trixie n'est pas une LTS
+# mais on est obligé d'avoir la même version que le builder
+# et le builder veut une version de rustc qui n'est pas dans bookworm (dernière LTS at the time of writing)
+FROM amd64/debian:trixie
RUN apt-get update && \
apt-get -qq -y full-upgrade && \
apt-get install -y \
python3 \
- python3-distutils \
+ python3-setuptools \
libffi8 \
libjpeg62-turbo \
libssl3 \
diff --git a/cluster/prod/app/matrix/deploy/im.hcl b/cluster/prod/app/matrix/deploy/im.hcl
index ff3ca03..c348131 100644
--- a/cluster/prod/app/matrix/deploy/im.hcl
+++ b/cluster/prod/app/matrix/deploy/im.hcl
@@ -15,7 +15,7 @@ job "matrix" {
driver = "docker"
config {
- image = "lxpz/amd64_synapse:v58"
+ image = "particallydone/amd64_synapse:v60"
network_mode = "host"
readonly_rootfs = true
ports = [ "api_port" ]
@@ -101,7 +101,7 @@ job "matrix" {
driver = "docker"
config {
- image = "lxpz/amd64_synapse:v58"
+ image = "particallydone/amd64_synapse:v60"
readonly_rootfs = true
command = "/usr/local/bin/matrix-s3-async"
work_dir = "/tmp"
@@ -137,7 +137,7 @@ EOH
task "riotweb" {
driver = "docker"
config {
- image = "lxpz/amd64_elementweb:v35"
+ image = "particallydone/amd64_elementweb:v36"
ports = [ "web_port" ]
volumes = [
"secrets/config.json:/srv/http/config.json"
@@ -190,7 +190,7 @@ EOH
driver = "docker"
config {
- image = "ghcr.io/matrix-org/sliding-sync:v0.99.12"
+ image = "ghcr.io/matrix-org/sliding-sync:v0.99.16"
ports = [ "syncv3_api", "syncv3_metrics" ]
}