forked from fediversity/fediversity
Changed stuff about groups.
This commit is contained in:
Hans van Zijst
parent
dde3bfaad4
commit
3608f37fd5
1 changed files with 19 additions and 13 deletions
|
|
@ -95,26 +95,23 @@ Synapse starts, and let it have the correct group.
|
|||
systemctl edit matrix-synapse
|
||||
```
|
||||
|
||||
Now override parts of the `Service` stanza to look like this:
|
||||
Now override parts of the `Service` stanza to add these two lines:
|
||||
|
||||
```
|
||||
[Service]
|
||||
User=matrix-synapse
|
||||
Group=clubmatrix
|
||||
RuntimeDirectory=matrix-synapse
|
||||
RuntimeDirectoryPreserve=yes
|
||||
```
|
||||
|
||||
Synapse will, from now on, run as group `clubmatrix` instead of
|
||||
`matrix-synapse`. The directory `/run/matrix-synapse` will be created as soon
|
||||
The directory `/run/matrix-synapse` will be created as soon
|
||||
as Synapse starts, and will not be removed on restart or stop, because that
|
||||
would create problems with workers who suddenly lose their sockets.
|
||||
|
||||
First we change Synapse from listening on `localhost:8008` to listening on a
|
||||
Then we change Synapse from listening on `localhost:8008` to listening on a
|
||||
socket. We'll do most of our workers work in `conf.d/listeners.yaml`, so let's
|
||||
put the new configuration for the main proccess there:
|
||||
put the new configuration for the main proccess there.
|
||||
|
||||
Add a replication listener:
|
||||
Remove the `localhost:8008` bit, and configure these two sockets:
|
||||
|
||||
```
|
||||
listeners:
|
||||
|
|
@ -135,13 +132,13 @@ listeners:
|
|||
- replication
|
||||
```
|
||||
|
||||
This means Synapse will create two sockets under `/run/matrix/synapse`: one
|
||||
This means Synapse will create two sockets under `/run/matrix-synapse`: one
|
||||
for incoming traffic that is forwarded by nginx (`inbound_main.sock`), and one for
|
||||
communicating with all the other workers (`replication.sock`).
|
||||
|
||||
If you restart Synapse now, it won't do anything anymore, because nginx is
|
||||
still forwarding its traffic to `localhost:8008`. We'll get to nginx later,
|
||||
but you'd have to change
|
||||
but for now you should change:
|
||||
|
||||
```
|
||||
proxy_forward http://localhost:8008;
|
||||
|
|
@ -153,8 +150,17 @@ to
|
|||
proxy_forward http://unix:/run/matrix-synapse/inbound_main.sock;
|
||||
```
|
||||
|
||||
If you've done this, restart Synapse, check if the socket is created and has
|
||||
the correct permissions. Now point Synapse at Redis in `conf.d/redis.yaml`:
|
||||
Because the sockets under `/run/matrix-synapse` are writable only by user and
|
||||
group `matrix-synapse`, we have to add nginx to that group:
|
||||
|
||||
```
|
||||
addgroup www-data matrix-synapse
|
||||
```
|
||||
|
||||
This may not be the best way, but for now it will suffice.
|
||||
|
||||
If you've done this, restart Synapse and nginx, and check if the sockets are created
|
||||
and have the correct permissions. Now point Synapse at Redis in `conf.d/redis.yaml`:
|
||||
|
||||
```
|
||||
redis:
|
||||
|
|
@ -162,7 +168,7 @@ redis:
|
|||
path: /run/redis/redis-server.sock
|
||||
```
|
||||
|
||||
Check if Synapse can connect to Redis via the socket, you should find log
|
||||
Restart Synapse and check if it can connect to Redis via the socket, you should find log
|
||||
entries like this:
|
||||
|
||||
```
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue