Debian packaging via dh_virtualenv (#4285)

This commit is contained in:
Richard van der Hoff 2018-12-20 11:33:29 +00:00
parent fd4070a85d
commit 1a6d5bfa08
36 changed files with 311 additions and 510 deletions

View file

@ -5,3 +5,5 @@ demo/etc
tox.ini
.git/*
.tox/*
debian/matrix-synapse/
debian/matrix-synapse-*/

8
.gitignore vendored
View file

@ -18,7 +18,7 @@ homeserver*.db
homeserver*.log
homeserver*.log.*
homeserver*.pid
homeserver*.yaml
/homeserver*.yaml
*.signing.key
*.tls.crt
@ -26,6 +26,8 @@ homeserver*.yaml
*.tls.key
.coverage
.coverage.*
!.coverage.rc
htmlcov
demo/*/*.db
@ -57,3 +59,7 @@ env/
.vscode/
.ropeproject/
*.deb
/debs

View file

@ -36,6 +36,7 @@ prune demo/etc
prune docker
prune .circleci
prune .coveragerc
prune debian
exclude jenkins*
recursive-exclude jenkins *.sh

1
changelog.d/4212.misc Normal file
View file

@ -0,0 +1 @@
Debian packages utilising a virtualenv with bundled dependencies can now be built.

7
debian/.gitignore vendored Normal file
View file

@ -0,0 +1,7 @@
/matrix-synapse-py3.*.debhelper
/matrix-synapse-py3.debhelper.log
/matrix-synapse-py3.substvars
/matrix-synapse-*/
/files
/debhelper-build-stamp
/.debhelper

22
debian/NEWS vendored Normal file
View file

@ -0,0 +1,22 @@
matrix-synapse-py3 (0.34.0) stable; urgency=medium
matrix-synapse-py3 is intended as a drop-in replacement for the existing
matrix-synapse package. The replacement should be relatively seamless,
however, please note the following important differences to matrix-synapse:
* Most importantly, the matrix-synapse service now runs under Python 3 rather
than Python 2.7.
* Synapse is installed into its own virtualenv (in /opt/venvs/matrix-synapse)
instead of using the system python libraries. (This may mean that you can
remove a number of old dependencies with `apt-get autoremove`).
matrix-synapse-py3 will take over responsibility for the existing
configuration files, including the matrix-synapse systemd service.
Beware, however, that `apt-get purge matrix-synapse` will *disable* the
matrix-synapse service (so that it will not be started on reboot), even
though that service is no longer being provided by the matrix-synapse
package. It can be re-enabled with `systemctl enable matrix-synapse`.
-- Richard van der Hoff <richard@matrix.org> Wed, 19 Dec 2018 14:00:00 +0000

48
debian/build_virtualenv vendored Executable file
View file

@ -0,0 +1,48 @@
#!/bin/bash
#
# runs dh_virtualenv to build the virtualenv in the build directory,
# and then runs the trial tests against the installed synapse.
set -e
export DH_VIRTUALENV_INSTALL_ROOT=/opt/venvs
SNAKE=/usr/bin/python3
# try to set the CFLAGS so any compiled C extensions are compiled with the most
# generic as possible x64 instructions, so that compiling it on a new Intel chip
# doesn't enable features not available on older ones or AMD.
#
# TODO: add similar things for non-amd64, or figure out a more generic way to
# do this.
case `dpkg-architecture -q DEB_HOST_ARCH` in
amd64)
export CFLAGS=-march=x86-64
;;
esac
# Use --builtin-venv to use the better `venv` module from CPython 3.4+ rather
# than the 2/3 compatible `virtualenv`.
dh_virtualenv \
--install-suffix "matrix-synapse" \
--builtin-venv \
--setuptools \
--python "$SNAKE" \
--upgrade-pip \
--preinstall="lxml" \
--preinstall="mock" \
--extra-pip-arg="--no-cache-dir" \
--extra-pip-arg="--compile"
# we copy the tests to a temporary directory so that we can put them on the
# PYTHONPATH without putting the uninstalled synapse on the pythonpath.
tmpdir=`mktemp -d`
trap "rm -r $tmpdir" EXIT
cp -r tests "$tmpdir"
cd debian/matrix-synapse-py3
PYTHONPATH="$tmpdir" \
./opt/venvs/matrix-synapse/bin/python \
-B -m twisted.trial --reporter=text -j2 tests

11
debian/changelog vendored
View file

@ -1,3 +1,14 @@
matrix-synapse-py3 (0.34.0) stable; urgency=medium
* New synapse release 0.34.0.
* Synapse is now installed into a Python 3 virtual environment with
up-to-date dependencies.
* The matrix-synapse service will now be restarted when the package is
upgraded.
(Fixes https://github.com/matrix-org/package-synapse-debian/issues/18)
-- Synapse packaging team <packages@matrix.org> Wed, 19 Dec 2018 14:00:00 +0000
matrix-synapse (0.33.9-1matrix1) stretch; urgency=medium
[ Erik Johnston ]

92
debian/control vendored
View file

@ -1,77 +1,37 @@
Source: matrix-synapse
Maintainer: Erik Johnston <erikj@matrix.org>
Section: python
Priority: optional
Source: matrix-synapse-py3
Section: contrib/python
Priority: extra
Maintainer: Synapse Packaging team <packages@matrix.org>
Build-Depends:
debhelper (>= 9),
dh-python,
dh-systemd (>= 1.5),
po-debconf,
python (>= 2.6.6-3),
python-bcrypt,
python-blist,
python-canonicaljson (>=1.1.3),
python-daemonize,
python-frozendict (>= 0.4),
python-lxml,
python-mock,
python-msgpack (>=0.3.0),
python-nacl (>= 0.3.0),
python-netaddr,
python-openssl (>= 0.14),
python-pil,
python-psutil,
python-pyasn1,
python-pydenticon,
python-pymacaroons-pynacl,
python-pysaml2,
python-service-identity (>= 1.0.0),
python-setuptools (>= 0.6b3),
python-signedjson (>= 1.0.0),
python-sortedcontainers,
python-syutil (>= 0.0.7),
python-treq (>= 15.1.0),
python-twisted (>= 17.1.0),
python-unpaddedbase64 (>= 1.0.1),
python-yaml,
python-phonenumbers (>= 8.2.0),
python-jsonschema (>=2.5.1),
python-prometheus-client,
python-attr
Standards-Version: 3.9.8
X-Python-Version: >= 2.7
dh-systemd,
dh-virtualenv (>= 1.0),
lsb-release,
python3-dev,
python3,
python3-setuptools,
python3-pip,
python3-venv,
tar,
Standards-Version: 3.9.5
Homepage: https://github.com/matrix-org/synapse
Package: matrix-synapse
Architecture: all
Package: matrix-synapse-py3
Architecture: amd64
Conflicts: matrix-synapse
Pre-Depends: dpkg (>= 1.16.1)
Depends:
${misc:Depends},
${python:Depends},
adduser,
debconf,
lsb-base (>= 3.0-6),
python-attr (>= 16.0.0),
python-twisted (>= 17.1.0),
python-canonicaljson (>=1.1.3),
python-prometheus-client (>=0.0.14),
python3-distutils|libpython3-stdlib (<< 3.6),
python3,
${misc:Depends},
# some of our scripts use perl, but none of them are important,
# so we put perl:Depends in Suggests rather than Depends.
Suggests:
python-bleach (>= 1.4.2),
python-jinja2 (>= 2.8),
Recommends:
python-psycopg2,
python-lxml,
sqlite3,
${perl:Depends},
Description: Open federated Instant Messaging and VoIP server
Matrix is an ambitious new ecosystem for open federated Instant
Messaging and VoIP. Synapse is a reference Matrix server
implementation.
.
Everything in Matrix happens in a room. Rooms are distributed and do
not exist on any single server. Rooms can be located using
convenience aliases like #matrix:matrix.org or #test:localhost:8448.
.
Matrix user IDs look like @matthew:matrix.org (although in the future
you will normally refer to yourself and others using a 3PID: email
address, phone number, etc rather than manipulating Matrix user IDs)
.
The overall architecture is:
client <------> homeserver <=============> homeserver <------> client
https://a.org/_matrix https://b.net/_matrix

2
debian/copyright vendored
View file

@ -3,7 +3,7 @@ Upstream-Name: synapse
Source: https://github.com/matrix-org/synapse
Files: *
Copyright: 2014-2017, OpenMarket Ltd
Copyright: 2014-2017, OpenMarket Ltd, 2017-2018 New Vector Ltd
License: Apache-2.0
Files: synapse/config/saml2.py

5
debian/gbp.conf vendored
View file

@ -1,5 +0,0 @@
[DEFAULT]
debian-branch = debian
[dch]
distribution = stable

View file

@ -70,13 +70,9 @@ pid_file: "/var/run/matrix-synapse.pid"
#
# cpu_affinity: 0xFFFFFFFF
# Whether to serve a web client from the HTTP/HTTPS root resource.
web_client: False
# The root directory to server for the above web client.
# If left undefined, synapse will serve the matrix-angular-sdk web client.
# Make sure matrix-angular-sdk is installed with pip if web_client is True
# and web_client_location is undefined
# The path to the web client which will be served at /_matrix/client/
# if 'webclient' is configured under the 'listeners' configuration.
#
# web_client_location: "/path/to/web/root"
# The public-facing base URL for the client API (not including _matrix/...)

4
debian/matrix-synapse-py3.links vendored Normal file
View file

@ -0,0 +1,4 @@
opt/venvs/matrix-synapse/bin/hash_password usr/bin/hash_password
opt/venvs/matrix-synapse/bin/register_new_matrix_user usr/bin/register_new_matrix_user
opt/venvs/matrix-synapse/bin/synapse_port_db usr/bin/synapse_port_db
opt/venvs/matrix-synapse/bin/synctl usr/bin/synctl

0
debian/postinst → debian/matrix-synapse-py3.postinst vendored Executable file → Normal file
View file

31
debian/matrix-synapse-py3.preinst vendored Normal file
View file

@ -0,0 +1,31 @@
#!/bin/sh -e
# Attempt to undo some of the braindamage caused by
# https://github.com/matrix-org/package-synapse-debian/issues/18.
#
# Due to reasons [1], the old python2 matrix-synapse package will not stop the
# service when the package is uninstalled. Our maintainer scripts will do the
# right thing in terms of ensuring the service is enabled and unmasked, but
# then do a `systemctl start matrix-synapse`, which of course does nothing -
# leaving the old (py2) service running.
#
# There should normally be no reason for the service to be running during our
# preinst, so we assume that if it *is* running, it's due to that situation,
# and stop it.
#
# [1] dh_systemd_start doesn't do anything because it sees that there is an
# init.d script with the same name, so leaves it to dh_installinit.
#
# dh_installinit doesn't do anything because somebody gave it a --no-start
# for unknown reasons.
if [ -x /bin/systemctl ]; then
if /bin/systemctl --quiet is-active -- matrix-synapse; then
echo >&2 "stopping existing matrix-synapse service"
/bin/systemctl stop matrix-synapse || true
fi
fi
#DEBHELPER#
exit 0

9
debian/matrix-synapse-py3.triggers vendored Normal file
View file

@ -0,0 +1,9 @@
# Register interest in Python interpreter changes and
# don't make the Python package dependent on the virtualenv package
# processing (noawait)
interest-noawait /usr/bin/python3.5
interest-noawait /usr/bin/python3.6
interest-noawait /usr/bin/python3.7
# Also provide a symbolic trigger for all dh-virtualenv packages
interest dh-virtualenv-interpreter-update

View file

@ -1,184 +0,0 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: matrix-synapse
# Required-Start: $local_fs $network $remote_fs $syslog
# Required-Stop: $local_fs $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: <Enter a short description of the software>
# Description: <Enter a long description of the software>
# <...>
# <...>
### END INIT INFO
# Author: Paul "LeoNerd" Evans <paul@matrix.org>
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="matrix-synapse"
NAME=matrix-synapse
SCRIPTNAME=/etc/init.d/$NAME
PYTHON="/usr/bin/python"
CONFIGS="--config-path /etc/matrix-synapse/homeserver.yaml --config-path /etc/matrix-synapse/conf.d/"
USER="matrix-synapse"
SHAREDIR=/var/lib/$NAME
# Exit if the package is not installed
[ -f "/etc/matrix-synapse/homeserver.yaml" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions
get_config_key()
{
python -m synapse.config read "$1" $CONFIGS || return 2
}
#
# Function that starts the daemon/service
#
do_start()
{
# Running --generate-config to create keys if any are absent.
# Doesn't matter if not
$PYTHON -m "synapse.app.homeserver" $CONFIGS --generate-keys || return 2
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
PIDFILE=`get_config_key "pid_file"`
RETVAL=$?
if [ "$RETVAL" != 0 ]; then
return $RETVAL
fi
if [ -r "$PIDFILE" ]; then
kill -0 `cat $PIDFILE` && return 1
fi
export PYTHONPATH
# Create the PID file so that synapse can write to it as nonroot
touch $PIDFILE
chown $USER:nogroup $PIDFILE
chown $USER:nogroup $SHAREDIR/media/
chown $USER:nogroup $SHAREDIR/uploads/
start-stop-daemon --start --pidfile $PIDFILE --chuid $USER \
--exec $PYTHON -- -m "synapse.app.homeserver" $CONFIGS --daemonize || return 2
return 0
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
PIDFILE=`get_config_key "pid_file"`
RETVAL=$?
if [ "$RETVAL" != 0 ]; then
return $RETVAL
fi
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --user $USER --exec $PYTHON
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
return 1
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
PIDFILE=`get_config_key "pid_file"`
RETVAL=$?
if [ "$RETVAL" != 0 ]; then
return $RETVAL
fi
status_of_proc -p "$PIDFILE" "$PYTHON" "$NAME" && exit 0 || exit $?
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:

View file

@ -6,8 +6,8 @@ Type=simple
User=matrix-synapse
WorkingDirectory=/var/lib/matrix-synapse
EnvironmentFile=/etc/default/matrix-synapse
ExecStartPre=/usr/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
ExecStart=/usr/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
ExecStart=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
Restart=always
RestartSec=3

View file

@ -1,19 +0,0 @@
From: Erik Johnston <erikj@matrix.org>
Date: Fri, 10 Jun 2016 10:57:07 +0100
Subject: tox
---
tox.ini | 1 +
1 file changed, 1 insertion(+)
Index: package-synapse-debian/tox.ini
===================================================================
--- package-synapse-debian.orig/tox.ini
+++ package-synapse-debian/tox.ini
@@ -1,5 +1,6 @@
[tox]
envlist = packaging, py27, py36, pep8, check_isort
+sitepackages = True
[base]
deps =

View file

@ -1,34 +0,0 @@
From: Erik Johnston <erikj@matrix.org>
Date: Fri, 10 Jun 2016 10:57:07 +0100
Subject: change_instructions
---
synapse/config/_base.py | 10 ++++++++++
1 file changed, 10 insertions(+)
--- a/synapse/config/_base.py
+++ b/synapse/config/_base.py
@@ -31,6 +31,11 @@
MISSING_REPORT_STATS_CONFIG_INSTRUCTIONS = """\
Please opt in or out of reporting anonymized homeserver usage statistics, by
setting the `report_stats` key in your config file to either True or False.
+
+To set it run:
+
+ dpkg-reconfigure matrix-synapse
+
"""
MISSING_REPORT_STATS_SPIEL = """\
@@ -45,6 +50,11 @@
MISSING_SERVER_NAME = """\
Missing mandatory `server_name` config option.
+
+To set it run:
+
+ dpkg-reconfigure matrix-synapse
+
"""

View file

@ -1,27 +0,0 @@
From: Erik Johnston <erikj@matrix.org>
Date: Fri, 10 Jun 2016 10:57:07 +0100
Subject: webclient-instructions
---
synapse/app/homeserver.py | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
Index: package-synapse-debian/synapse/app/homeserver.py
===================================================================
--- package-synapse-debian.orig/synapse/app/homeserver.py
+++ package-synapse-debian/synapse/app/homeserver.py
@@ -86,12 +86,11 @@ def build_resource_for_web_client(hs):
"Please either install the matrix-angular-sdk or configure\n"
"the location of the source to serve via the configuration\n"
"option `web_client_location`\n\n"
- "To install the `matrix-angular-sdk` via pip, run:\n\n"
- " pip install '%(dep)s'\n"
+ "To install the `matrix-angular-sdk` via apt-get, run:\n\n"
+ " apt-get install matrix-synapse-angular-client\n"
"\n"
"You can also disable hosting of the webclient via the\n"
"configuration option `web_client`\n"
- % {"dep": CONDITIONAL_REQUIREMENTS["web_client"].keys()[0]}
)
syweb_path = os.path.dirname(syweb.__file__)
webclient_path = os.path.join(syweb_path, "webclient")

View file

@ -1,21 +0,0 @@
From: Erik Johnston <erikj@matrix.org>
Date: Mon, 20 Jun 2016 13:20:37 +0100
Subject: Don't require strict nacl==0.3.0 requirement
---
synapse/python_dependencies.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: package-synapse-debian/synapse/python_dependencies.py
===================================================================
--- package-synapse-debian.orig/synapse/python_dependencies.py
+++ package-synapse-debian/synapse/python_dependencies.py
@@ -37,7 +37,7 @@ REQUIREMENTS = {
"unpaddedbase64>=1.1.0": ["unpaddedbase64>=1.1.0"],
"canonicaljson>=1.1.3": ["canonicaljson>=1.1.3"],
"signedjson>=1.0.0": ["signedjson>=1.0.0"],
- "pynacl>=1.2.1": ["nacl>=1.2.1", "nacl.bindings"],
+ "pynacl>=0.3.0": ["nacl>=0.3.0", "nacl.bindings"],
"service_identity>=16.0.0": ["service_identity>=16.0.0"],
"Twisted>=17.1.0": ["twisted>=17.1.0"],
"treq>=15.1": ["treq>=15.1"],

View file

@ -1,30 +0,0 @@
Index: package-synapse-debian/synapse/handlers/auth.py
===================================================================
--- package-synapse-debian.orig/synapse/handlers/auth.py
+++ package-synapse-debian/synapse/handlers/auth.py
@@ -921,10 +921,10 @@ class AuthHandler(BaseHandler):
# Normalise the Unicode in the password
pw = unicodedata.normalize("NFKC", password)
- return bcrypt.checkpw(
+ return bcrypt.hashpw(
pw.encode('utf8') + self.hs.config.password_pepper.encode("utf8"),
stored_hash
- )
+ ) == stored_hash
if stored_hash:
if not isinstance(stored_hash, bytes):
Index: package-synapse-debian/synapse/python_dependencies.py
===================================================================
--- package-synapse-debian.orig/synapse/python_dependencies.py
+++ package-synapse-debian/synapse/python_dependencies.py
@@ -49,7 +49,7 @@ REQUIREMENTS = {
"pyasn1>=0.1.9": ["pyasn1"],
"pyasn1-modules>=0.0.7": ["pyasn1_modules"],
"daemonize>=2.3.1": ["daemonize"],
- "bcrypt>=3.1.0": ["bcrypt>=3.1.0"],
+ "bcrypt": ["bcrypt"],
"pillow>=3.1.2": ["PIL"],
"sortedcontainers>=1.4.4": ["sortedcontainers"],
"psutil>=2.0.0": ["psutil>=2.0.0"],

View file

@ -1,43 +0,0 @@
Index: package-synapse-debian/synapse/app/__init__.py
===================================================================
--- package-synapse-debian.orig/synapse/app/__init__.py
+++ package-synapse-debian/synapse/app/__init__.py
@@ -25,8 +25,8 @@ try:
except python_dependencies.MissingRequirementError as e:
message = "\n".join([
"Missing Requirement: %s" % (str(e),),
- "To install run:",
- " pip install --upgrade --force \"%s\"" % (e.dependency,),
+ "To install, try:",
+ " sudo apt-get install python-%s" % (e.dependency,),
"",
])
sys.stderr.writelines(message)
Index: package-synapse-debian/synapse/config/jwt_config.py
===================================================================
--- package-synapse-debian.orig/synapse/config/jwt_config.py
+++ package-synapse-debian/synapse/config/jwt_config.py
@@ -19,7 +19,7 @@ MISSING_JWT = (
"""Missing jwt library. This is required for jwt login.
Install by running:
- pip install pyjwt
+ sudo apt-get install python-jwt
"""
)
Index: package-synapse-debian/synapse/config/repository.py
===================================================================
--- package-synapse-debian.orig/synapse/config/repository.py
+++ package-synapse-debian/synapse/config/repository.py
@@ -27,9 +27,7 @@ MISSING_LXML = (
"""Missing lxml library. This is required for URL preview API.
Install by running:
- pip install lxml
-
- Requires libxslt1-dev system package.
+ sudo apt-get install python-lxml
"""
)

View file

@ -1,31 +0,0 @@
Index: package-synapse-debian/synapse/app/homeserver.py
===================================================================
--- package-synapse-debian.orig/synapse/app/homeserver.py
+++ package-synapse-debian/synapse/app/homeserver.py
@@ -124,7 +124,7 @@ class SynapseHomeServer(HomeServer):
for res in listener_config["resources"]:
for name in res["names"]:
resources.update(self._configure_named_resource(
- name, res.get("compress", False),
+ config, name, res.get("compress", False),
))
additional_resources = listener_config.get("additional_resources", {})
@@ -171,7 +171,7 @@ class SynapseHomeServer(HomeServer):
)
logger.info("Synapse now listening on port %d", port)
- def _configure_named_resource(self, name, compress=False):
+ def _configure_named_resource(self, config, name, compress=False):
"""Build a resource map for a named resource
Args:
@@ -235,7 +235,7 @@ class SynapseHomeServer(HomeServer):
if name in ["keys", "federation"]:
resources[SERVER_KEY_V2_PREFIX] = KeyApiV2Resource(self)
- if name == "webclient":
+ if name == "webclient" and config.web_client:
resources[WEB_CLIENT_PREFIX] = build_resource_for_web_client(self)
if name == "metrics" and self.get_config().enable_metrics:

View file

@ -1,7 +0,0 @@
0001-tox.patch
0002-change_instructions.patch
0004-webclient-instructions.patch
0006-Don-t-require-strict-nacl-0.3.0-requirement.patch
remove-webclient.patch
bcrypt.patch
no_install_with_pip

View file

@ -1,5 +0,0 @@
matrix-angular-sdk
jinja2
bleach
ldap3
matrix-synapse-ldap3

30
debian/rules vendored
View file

@ -1,18 +1,22 @@
#!/usr/bin/make -f
#
# Build Debian package using https://github.com/spotify/dh-virtualenv
#
# This file was automatically generated by stdeb 0.8.2 at
# Fri, 12 Jun 2015 14:32:03 +0100
export PYBUILD_NAME=matrix-synapse
%:
dh $@ --with python2 --with systemd --buildsystem=pybuild --no-guessing-deps
override_dh_auto_install:
python setup.py install --root=debian/matrix-synapse --install-layout=deb
override_dh_auto_build:
override_dh_systemd_enable:
dh_systemd_enable --name=matrix-synapse
override_dh_installinit:
dh_installinit --no-start
dh_installinit --name=matrix-synapse
override_dh_auto_test:
PYTHONPATH=. trial tests
override_dh_strip:
override_dh_shlibdeps:
override_dh_virtualenv:
./debian/build_virtualenv
# We are restricted to compat level 9 (because xenial), so have to
# enable the systemd bits manually.
%:
dh $@ --with python-virtualenv --with systemd

View file

@ -1 +1 @@
3.0 (quilt)
3.0 (native)

11
debian/watch vendored
View file

@ -1,11 +0,0 @@
# Example watch control file for uscan
# Rename this file to "watch" and then you can run the "uscan" command
# to check for upstream updates and more.
# See uscan(1) for format
# Compulsory line, this is a version 3 file
version=3
opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/matrix-synapse-$1\.tar\.gz/,uversionmangle=s/-?rc/~rc/ \
https://github.com/matrix-org/synapse/tags .*/v?(\d[^\s\-]*)\.tar\.gz debian uupdate

View file

@ -0,0 +1,35 @@
# A dockerfile which builds a docker image for building a debian package for
# synapse. The distro to build for is passed as a docker build var.
#
# The default entrypoint expects the synapse source to be mounted as a
# (read-only) volume at /synapse/source, and an output directory at /debs.
#
# A pair of environment variables (TARGET_USERID and TARGET_GROUPID) can be
# passed to the docker container; if these are set, the build script will chown
# the build products accordingly, to avoid ending up with things owned by root
# in the host filesystem.
# Get the distro we want to pull from as a dynamic build variable
ARG distro=""
FROM ${distro}
# Install the build dependencies
RUN apt-get update -qq -o Acquire::Languages=none \
&& env DEBIAN_FRONTEND=noninteractive apt-get install \
-yqq --no-install-recommends -o Dpkg::Options::=--force-unsafe-io \
build-essential \
debhelper \
devscripts \
dh-systemd \
dh-virtualenv \
equivs \
lsb-release \
python3-dev \
python3-pip \
python3-setuptools \
python3-venv \
sqlite3 \
wget
WORKDIR /synapse/source
ENTRYPOINT ["bash","/synapse/source/docker/build_debian.sh"]

41
docker/build_debian.sh Normal file
View file

@ -0,0 +1,41 @@
#!/bin/bash
# The script to build the Debian package, as ran inside the Docker image.
set -ex
DIST=`lsb_release -c -s`
# We need to build a newer dh_virtualenv on older OSes like Xenial.
if [ "$DIST" = 'xenial' ]; then
mkdir -p /tmp/dhvenv
cd /tmp/dhvenv
wget https://github.com/spotify/dh-virtualenv/archive/1.1.tar.gz
tar xvf 1.1.tar.gz
cd dh-virtualenv-1.1/
env DEBIAN_FRONTEND=noninteractive mk-build-deps -ri -t "apt-get -yqq --no-install-recommends -o Dpkg::Options::=--force-unsafe-io"
dpkg-buildpackage -us -uc -b
cd /tmp/dhvenv
apt-get install -yqq ./dh-virtualenv_1.1-1_all.deb
fi
# we get a read-only copy of the source: make a writeable copy
cp -aT /synapse/source /synapse/build
cd /synapse/build
# add an entry to the changelog for this distribution
dch -M -l "+$DIST" "build for $DIST"
dch -M -r "" --force-distribution --distribution "$DIST"
dpkg-buildpackage -us -uc
ls -l ..
# copy the build results out, setting perms if necessary
shopt -s nullglob
for i in ../*.deb ../*.dsc ../*.tar.xz ../*.changes ../*.buildinfo; do
[ -z "$TARGET_USERID" ] || chown "$TARGET_USERID" "$i"
[ -z "$TARGET_GROUPID" ] || chgrp "$TARGET_GROUPID" "$i"
mv "$i" /debs
done

39
docker/build_debian_packages.sh Executable file
View file

@ -0,0 +1,39 @@
#!/bin/bash
# Build the Debian packages using Docker images.
#
# This script builds the Docker images and then executes them sequentially, each
# one building a Debian package for the targeted operating system. It is
# designed to be a "single command" to produce all the images.
#
# By default, builds for all known distributions, but a list of distributions
# can be passed on the commandline for debugging.
set -ex
cd `dirname $0`
if [ $# -lt 1 ]; then
DISTS=(debian:stretch debian:sid ubuntu:xenial ubuntu:bionic ubuntu:cosmic)
else
DISTS=("$@")
fi
# Make the dir where the debs will live.
#
# Note that we deliberately put this outside the source tree, otherwise we tend
# to get source packages which are full of debs. (We could hack around that
# with more magic in the build_debian.sh script, but that doesn't solve the
# problem for natively-run dpkg-buildpakage).
mkdir -p ../../debs
# Build each OS image;
for i in "${DISTS[@]}"; do
TAG=$(echo ${i} | cut -d ":" -f 2)
docker build --tag dh-venv-builder:${TAG} --build-arg distro=${i} -f Dockerfile-dhvirtualenv .
docker run -it --rm --volume=$(pwd)/../\:/synapse/source:ro --volume=$(pwd)/../../debs:/debs \
-e TARGET_USERID=$(id -u) \
-e TARGET_GROUPID=$(id -g) \
dh-venv-builder:${TAG}
done

View file

@ -78,7 +78,7 @@ CONDITIONAL_REQUIREMENTS = {
},
"postgres": {
"psycopg2>=2.6": ["psycopg2"]
}
},
}

View file

@ -182,7 +182,7 @@ class EndToEndRoomKeyStore(SQLBaseStore):
keyvalues = {
"user_id": user_id,
"version": version,
"version": int(version),
}
if room_id:
keyvalues['room_id'] = room_id

View file

@ -119,6 +119,7 @@ setenv =
[testenv:packaging]
skip_install=True
deps =
check-manifest
commands =