Switch from s3fs to Goofys

Improves performance of media store operations.

roles/matrix-server/templates/env/env-goofys.j2

@@ -0,0 +1,2 @@
+AWS_ACCESS_KEY={{ matrix_s3_media_store_aws_access_key }}
+AWS_SECRET_KEY={{ matrix_s3_media_store_aws_secret_key }}

roles/matrix-server/templates/systemd/matrix-goofys.service.j2

@@ -0,0 +1,32 @@
+[Unit]
+Description=Matrix Goofys media store
+After=docker.service
+Requires=docker.service
+
+[Service]
+Type=simple
+ExecStartPre=-/usr/bin/docker kill %n
+ExecStartPre=-/usr/bin/docker rm %n
+ExecStart=/usr/bin/docker run --rm --name %n \
+				--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+				-v /etc/passwd:/etc/passwd:ro \
+				-v /etc/group:/etc/group:ro \
+				--security-opt apparmor:unconfined \
+				--cap-add mknod \
+				--cap-add sys_admin \
+				--device=/dev/fuse \
+				-v {{ matrix_synapse_media_store_path }}:/s3:shared \
+				--env-file={{ matrix_environment_variables_data_path }}/goofys \
+				--entrypoint /bin/sh \
+				{{ docker_goofys_image }} \
+				-c 'goofys -f --storage-class=STANDARD_IA --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3'
+TimeoutStartSec=5min
+ExecStop=-/usr/bin/docker stop %n
+ExecStop=-/usr/bin/docker kill %n
+ExecStop=-/usr/bin/docker rm %n
+ExecStop=-/bin/fusermount -u {{ matrix_synapse_media_store_path }}
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target

roles/matrix-server/templates/systemd/matrix-s3fs.service.j2

@@ -1,35 +0,0 @@
-[Unit]
-Description=Matrix S3fs media store
-After=docker.service
-Requires=docker.service
-
-[Service]
-Type=simple
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStartPre=-/usr/bin/mkdir /tmp/matrix-s3fs-cache
-ExecStart=/usr/bin/docker run --rm --name %n \
-				-v {{ matrix_base_data_path }}/s3fs-credentials:/s3fs-credentials \
-				--security-opt apparmor:unconfined \
-				--cap-add mknod \
-				--cap-add sys_admin \
-				--device=/dev/fuse \
-				-v {{ matrix_synapse_media_store_path }}:/media-store:shared \
-				-v /tmp/matrix-s3fs-cache:/s3fs-cache \
-				{{ docker_s3fs_image }} \
-				/usr/bin/s3fs -f \
-					-o allow_other \
-					-o use_cache=/s3fs-cache \
-					-o storage_class=standard_ia \
-					-o passwd_file=/s3fs-credentials \
-					{{ matrix_s3_media_store_bucket_name }} /media-store
-TimeoutStartSec=5min
-ExecStop=-/usr/bin/docker stop %n
-ExecStop=-/usr/bin/docker kill %n
-ExecStop=-/usr/bin/docker rm %n
-ExecStop=-/usr/bin/rm -rf /tmp/matrix-s3fs-cache
-Restart=always
-RestartSec=5
-
-[Install]
-WantedBy=multi-user.target

roles/matrix-server/templates/systemd/matrix-synapse.service.j2

@@ -7,14 +7,20 @@ Requires=matrix-postgres.service
 After=matrix-postgres.service
 {% endif %}
 {% if matrix_s3_media_store_enabled %}
-After=matrix-s3fs.service
-Requires=matrix-s3fs.service
+After=matrix-goofys.service
+Requires=matrix-goofys.service
 {% endif %}
 
 [Service]
 Type=simple
 ExecStartPre=-/usr/bin/docker kill matrix-synapse
 ExecStartPre=-/usr/bin/docker rm matrix-synapse
+{% if matrix_s3_media_store_enabled %}
+# Allow for some time before starting, so that media store can mount.
+# Mounting can happen later too, but if we start writing,
+# we'd write files to the local filesystem and fusermount will complain.
+ExecStartPre=/bin/sleep 5
+{% endif %}
 ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
 			{% if not matrix_postgres_use_external %}
 			--link matrix-postgres:{{ matrix_postgres_connection_hostname }} \
@@ -28,7 +34,7 @@ ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
 			-p {{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}:{{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}/udp \
 			-v {{ matrix_synapse_config_dir_path }}:/data \
 			-v {{ matrix_synapse_run_path }}:/matrix-run \
-			-v {{ matrix_synapse_media_store_path }}:/matrix-media-store \
+			-v {{ matrix_synapse_storage_path }}:/matrix-storage:slave \
 			{{ docker_matrix_image }}
 ExecStop=-/usr/bin/docker kill matrix-synapse
 ExecStop=-/usr/bin/docker rm matrix-synapse