From 62f540f521d55ffce577cc42ea19ba45ca957936 Mon Sep 17 00:00:00 2001 From: Hans van Zijst Date: Sun, 22 Dec 2024 22:08:00 +0100 Subject: [PATCH] Moved a few parts to different locations. --- matrix/synapse/workers.md | 75 ++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 41 deletions(-) diff --git a/matrix/synapse/workers.md b/matrix/synapse/workers.md index e3b72a6..870c2d7 100644 --- a/matrix/synapse/workers.md +++ b/matrix/synapse/workers.md @@ -80,13 +80,33 @@ Restart Redis for these changes to take effect. Check for error messages in the logs, if port 6379 is no longer active, and if the socketfile `/run/redis/redis-server.sock` exists. +Now point Synapse at Redis in `conf.d/redis.yaml`: + +``` +redis: + enabled: true + path: /run/redis/redis-server.sock +``` + +Restart Synapse and check if it can connect to Redis via the socket, you should find log +entries like this: + +``` +synapse.replication.tcp.redis - 292 - INFO - sentinel - Connecting to redis server UNIXAddress('/run/redis/redis-server.sock') +synapse.util.httpresourcetree - 56 - INFO - sentinel - Attaching to path b'/_synapse/replication' +synapse.replication.tcp.redis - 126 - INFO - sentinel - Connected to redis +synapse.replication.tcp.redis - 138 - INFO - subscribe-replication-0 - Sending redis SUBSCRIBE for ['matrix.example.com/USER_IP', 'matrix.example.com'] +synapse.replication.tcp.redis - 141 - INFO - subscribe-replication-0 - Successfully subscribed to redis stream, sending REPLICATE command +synapse.replication.tcp.redis - 146 - INFO - subscribe-replication-0 - REPLICATE successfully sent +``` + # Synapse Workers communicate with each other over sockets, that are all placed in one -directory. To make sure only the users that need access will have it, we -create a new group and add the users to it. Remember that nginx needs to be -able to write to many of these sockets. +directory. These sockets are owned by `matrix-synapse:matrix-synapse`, so make +sure nginx can write to them: add user `www-data` to group `matrix-synapse` +and restart nginx. Then, make sure systemd creates the directory for the sockets as soon as Synapse starts, and let it have the correct group. @@ -109,9 +129,9 @@ would create problems with workers who suddenly lose their sockets. Then we change Synapse from listening on `localhost:8008` to listening on a socket. We'll do most of our workers work in `conf.d/listeners.yaml`, so let's -put the new configuration for the main proccess there. +put the new listener configuration for the main proccess there. -Remove the `localhost:8008` bit, and configure these two sockets: +Remove the `localhost:8008` stanza, and configure these two sockets: ``` listeners: @@ -150,35 +170,11 @@ to proxy_forward http://unix:/run/matrix-synapse/inbound_main.sock; ``` -Because the sockets under `/run/matrix-synapse` are writable only by user and -group `matrix-synapse`, we have to add nginx to that group: - -``` -addgroup www-data matrix-synapse -``` - -This may not be the best way, but for now it will suffice. - If you've done this, restart Synapse and nginx, and check if the sockets are created -and have the correct permissions. Now point Synapse at Redis in `conf.d/redis.yaml`: +and have the correct permissions. -``` -redis: - enabled: true - path: /run/redis/redis-server.sock -``` - -Restart Synapse and check if it can connect to Redis via the socket, you should find log -entries like this: - -``` -synapse.replication.tcp.redis - 292 - INFO - sentinel - Connecting to redis server UNIXAddress('/run/redis/redis-server.sock') -synapse.util.httpresourcetree - 56 - INFO - sentinel - Attaching to path b'/_synapse/replication' -synapse.replication.tcp.redis - 126 - INFO - sentinel - Connected to redis -synapse.replication.tcp.redis - 138 - INFO - subscribe-replication-0 - Sending redis SUBSCRIBE for ['matrix.example.com/USER_IP', 'matrix.example.com'] -synapse.replication.tcp.redis - 141 - INFO - subscribe-replication-0 - Successfully subscribed to redis stream, sending REPLICATE command -synapse.replication.tcp.redis - 146 - INFO - subscribe-replication-0 - REPLICATE successfully sent -``` +Synapse should work normally again, we've switched from network sockets to +UNIX sockets, and added Redis. Now we'll create the actual workers. # Worker overview @@ -190,18 +186,13 @@ configuration files, and then a bit of configuration for the specific worker itself. Workers need to communicate with each other and the main process, they do that -via the `replication` sockets under `/run/matrix-synapse`. +via the `replication` sockets under `/run/matrix-synapse` and Redis. -Most worker also need a way to be fed traffic by nginx, they have an `inbound` +Most worker also need a way to be fed traffic by nginx: they have an `inbound` socket for that, in the same directory. Finally, all those replicating workers need to be registered in the main -process: all workers and their replication sockets are listed inin the `instance_map`. - - -Every worker has its own configuration file, we'll put those under -`/etc/matrix-synapse/workers`. Create it, and then one systemd service file for -all workers: +process: all workers and their replication sockets are listed in the `instance_map`. ## Types of workers @@ -223,7 +214,7 @@ We'll create the following workers: * accountdata * presence * receipts -* initial_sync: 1 and 2 +* initial_sync: 1, 2, 3 and 4 * normal_sync: 1, 2 and 3 Some of them are `stream_writers`, and the [documentation about @@ -297,6 +288,8 @@ chown matrix-synapse:matrix-synapse /etc/matrix-synapse/workers chmod 750 /etc/matrix-synapse-workers ``` +We'll fill this directory with `yaml` files; one for each worker. + ### Generic worker