Add support for Synapse container image customization

This allows people to augment the Synapse image with custom tools and addons without having to rebuild it from scratch. If customizations are enabled, the playbook will build a new `localhost/matrixdotorg/synapse:VERSION-customized` image on top of the default one (`FROM matrixdotorg/synapse:VERSION`) and with custom Dockerfile build steps. For servers that self-build the Synapse image, the Synapse image will be built first, before proceding to extend it the same way. In the future, we'll also have easy to enable Dockerfile build steps for modules that the playbook supports.
2022-10-14 16:33:19 +03:00
parent 0da068c7e6
commit 881fdd28f0
8 changed files with 63 additions and 4 deletions
--- a/roles/matrix-synapse/tasks/setup_synapse.yml
+++ b/roles/matrix-synapse/tasks/setup_synapse.yml
@ -11,6 +11,7 @@
    - {path: "{{ matrix_synapse_config_dir_path }}", when: true}
    - {path: "{{ matrix_synapse_ext_path }}", when: true}
    - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"}
+    - {path: "{{ matrix_synapse_customized_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_customizations_enabled }}"}
    # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
    # because if it's using Goofys and it's already mounted (from before),
    # trying to chown/chmod it here will cause trouble.
--- a/roles/matrix-synapse/tasks/synapse/setup_install.yml
+++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml
@ -62,6 +62,25 @@
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed

+- when: "matrix_synapse_container_image_customizations_enabled | bool"
+  block:
+    - name: Ensure customizations Dockerfile is created
+      ansible.builtin.template:
+        src: "{{ role_path }}/templates/synapse/customizations/Dockerfile.j2"
+        dest: "{{ matrix_synapse_customized_docker_src_files_path }}/Dockerfile"
+        owner: "{{ matrix_user_username }}"
+        group: "{{ matrix_user_groupname }}"
+        mode: 0640
+
+    - name: Ensure customized Docker image for Synapse is built
+      docker_image:
+        name: "{{ matrix_synapse_docker_image_customized }}"
+        source: build
+        build:
+          dockerfile: Dockerfile
+          path: "{{ matrix_synapse_customized_docker_src_files_path }}"
+          pull: true
+
 - name: Check if a Synapse signing key exists
  ansible.builtin.stat:
    path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key"
--- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml
+++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml
@ -27,8 +27,11 @@

 - name: Ensure Synapse Docker image doesn't exist
  docker_image:
-    name: "{{ matrix_synapse_docker_image }}"
+    name: "{{ item }}"
    state: absent
+  with_items:
+    - "{{ matrix_synapse_docker_image_final }}"
+    - "{{ matrix_synapse_docker_image }}"

 - name: Ensure sample prometheus.yml for external scraping is deleted
  ansible.builtin.file: