From 1514031f1e13d0c24b71796962df6d1ec7a58bdc Mon Sep 17 00:00:00 2001
From: Viyurz <viyurz@viyurz.fr>
Date: Mon, 1 Apr 2024 11:02:09 +0200
Subject: [PATCH] Migrate Synapse database to postgres container.

---
 env.yml                                     |  2 --
 roles/synapse/tasks/backup.yml              | 29 ++++++++-------------
 roles/synapse/tasks/update.yml              |  9 -------
 roles/synapse/templates/docker-compose.yaml | 13 ---------
 roles/synapse/templates/homeserver.yaml     |  6 ++---
 secrets.yml.example                         |  1 +
 6 files changed, 15 insertions(+), 45 deletions(-)

diff --git a/env.yml b/env.yml
index 65b5c7f..eca0ae7 100644
--- a/env.yml
+++ b/env.yml
@@ -122,7 +122,6 @@ users:
   searxng: 977
   searxng_redis: 999
   synapse: 991
-  synapse_postgres: 70
   syncthing: 1001
   syncthing_discosrv: 1002
   syncthing_relaysrv: 1003
@@ -142,7 +141,6 @@ volumes:
   mailserver_tls_certificate_key_file: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
   postgres_datadir: /mnt/postgresdata
   synapse_datadir: /mnt/synapsedata
-  synapse_postgres_datadir: /mnt/synapsepgdata
   syncthing_datadir: "{{ cifs_mounts['syncthing']['path'] }}"
   uptime_kuma_datadir: /mnt/uptimekumadata
   vaultwarden_datadir: /mnt/vwdata
diff --git a/roles/synapse/tasks/backup.yml b/roles/synapse/tasks/backup.yml
index dc38e8e..2818459 100644
--- a/roles/synapse/tasks/backup.yml
+++ b/roles/synapse/tasks/backup.yml
@@ -1,22 +1,15 @@
-- name: Backup PostgreSQL database
-  community.docker.docker_container_exec:
-    container: synapse-postgres
-    docker_host: "{{ docker_host }}"
-    command: |
-      pg_dump -c
-      -d synapse
-      -U synapse
-      -f /var/lib/postgresql/data/synapse-dump.sql
-
-- name: Create borg backup
-  command:
-    cmd: |
-      borg create
-      --compression=lzma
-      "{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
-      {{ volumes['synapse_datadir'] }}/media_store
-      {{ volumes['synapse_postgres_datadir'] }}/synapse-dump.sql
+- name: "Backup PostgreSQL synapse database & {{ volumes['synapse_datadir'] }} directory"
+  shell: >
+    docker exec postgres
+    pg_dump -c {{ role_name }} |
+    borg create
+    --compression lzma
+    "{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
+    "{{ volumes['synapse_datadir'] }}"
+    -
+    --stdin-name dump_{{ role_name }}.sql
   environment:
+    DOCKER_HOST: "{{ docker_host }}"
     BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
   become: true
 
diff --git a/roles/synapse/tasks/update.yml b/roles/synapse/tasks/update.yml
index 0878d4b..f0f1715 100644
--- a/roles/synapse/tasks/update.yml
+++ b/roles/synapse/tasks/update.yml
@@ -36,15 +36,6 @@
     mode: '770'
   become: true
 
-- name: "Create directory {{ volumes['synapse_postgres_datadir'] }} with correct permissions"
-  file:
-    path: "{{ volumes['synapse_postgres_datadir'] }}"
-    state: directory
-    owner: "{{ users['synapse_postgres'] + uid_shift }}"
-    group: "{{ users['synapse_postgres'] + uid_shift }}"
-    mode: '700'
-  become: true
-
 - name: Pull project services
   community.docker.docker_compose:
     project_src: "{{ project_dir }}"
diff --git a/roles/synapse/templates/docker-compose.yaml b/roles/synapse/templates/docker-compose.yaml
index 5672f64..eb37bd7 100644
--- a/roles/synapse/templates/docker-compose.yaml
+++ b/roles/synapse/templates/docker-compose.yaml
@@ -1,17 +1,4 @@
 services:
-  postgres:
-    container_name: synapse-postgres
-    image: docker.io/library/postgres:alpine
-    restart: always
-    user: {{ users['synapse_postgres'] }}:{{ users['synapse_postgres'] }}
-    environment:
-      LANG: C
-      POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF8"
-      POSTGRES_USER: synapse
-      POSTGRES_PASSWORD: {{ synapse_secrets['postgres_password'] }}
-    volumes:
-      - {{ volumes['synapse_postgres_datadir'] }}:/var/lib/postgresql/data
-
   synapse:
     container_name: synapse
     image: docker.io/matrixdotorg/synapse:latest
diff --git a/roles/synapse/templates/homeserver.yaml b/roles/synapse/templates/homeserver.yaml
index ff33d4c..f8b402b 100644
--- a/roles/synapse/templates/homeserver.yaml
+++ b/roles/synapse/templates/homeserver.yaml
@@ -33,10 +33,10 @@ max_avatar_size: 2M
 database:
   name: psycopg2
   args:
-    user: synapse
-    password: {{ synapse_secrets['postgres_password'] }}
+    user: '{{ synapse_secrets["postgres_user"] }}'
+    password: '{{ synapse_secrets["postgres_password"] }}'
     dbname: synapse
-    host: synapse-postgres
+    host: 'postgres.{{ domain }}'
     cp_min: 5
     cp_max: 10
 
diff --git a/secrets.yml.example b/secrets.yml.example
index c98f7c7..a55376e 100644
--- a/secrets.yml.example
+++ b/secrets.yml.example
@@ -39,6 +39,7 @@ searxng_secrets:
 synapse_secrets:
   smtp_user:
   smtp_pass:
+  postgres_user:
   postgres_password:
   turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
   macaroon_secret_key: