mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-03-25 22:17:25 +00:00
matrix-synapse: prefer local sockets for db connections
This commit is contained in:
Slavi Pantaleev
17
CHANGELOG.md
17
CHANGELOG.md
@@ -1,3 +1,20 @@
|
||||
# 2026-03-17
|
||||
|
||||
## Synapse now prefers UNIX sockets for playbook-managed Postgres and Valkey
|
||||
|
||||
When Synapse uses the playbook-managed Postgres and Valkey services, it now connects to them via [UNIX sockets](https://en.wikipedia.org/wiki/Unix_domain_socket) by default instead of TCP.
|
||||
|
||||
This reduces unnecessary container-network wiring and keeps local IPC off the network stack, which is a bit simpler and slightly more secure.
|
||||
|
||||
If you use an external Postgres server or external Redis/Valkey for Synapse, this does not change your setup.
|
||||
|
||||
If you'd like to keep the previous TCP-based behavior, add the following configuration to your `vars.yml`:
|
||||
|
||||
```yaml
|
||||
matrix_synapse_database_socket_enabled: false
|
||||
matrix_synapse_redis_path_enabled: false
|
||||
```
|
||||
|
||||
# 2026-03-01
|
||||
|
||||
## (Potential BC Break) Synapse S3 media prefix is now applied consistently
|
||||
|
||||
@@ -4805,8 +4805,8 @@ matrix_synapse_workers_container_host_bind_address: "{{ matrix_playbook_service_
|
||||
matrix_synapse_database_host: "{{ postgres_connection_hostname if matrix_playbook_synapse_uses_managed_postgres else '' }}"
|
||||
matrix_synapse_database_password: "{{ (matrix_homeserver_generic_secret_key + ':synapse.db') | hash('sha512') | to_uuid }}"
|
||||
|
||||
# unix socket connection, disabled by default temporarily until properly tested
|
||||
matrix_synapse_database_socket_enabled: false
|
||||
# unix socket connection
|
||||
matrix_synapse_database_socket_enabled: "{{ matrix_playbook_synapse_uses_managed_postgres }}"
|
||||
# path to the Postgres socket's parent dir inside the Synapse container
|
||||
matrix_synapse_database_socket_path: "{{ '/tmp/postgres' if matrix_playbook_synapse_uses_managed_postgres else '' }}"
|
||||
# path to the Postgres socket on the host, using Postgres
|
||||
@@ -4863,8 +4863,8 @@ matrix_synapse_redis_enabled: "{{ valkey_enabled }}"
|
||||
matrix_synapse_redis_host: "{{ valkey_identifier if matrix_playbook_synapse_uses_managed_valkey else '' }}"
|
||||
matrix_synapse_redis_password: "{{ valkey_connection_password if matrix_playbook_synapse_uses_managed_valkey else '' }}"
|
||||
|
||||
# unix socket connection, disabled by default temporarily until properly tested
|
||||
matrix_synapse_redis_path_enabled: false
|
||||
# unix socket connection
|
||||
matrix_synapse_redis_path_enabled: "{{ matrix_playbook_synapse_uses_managed_valkey }}"
|
||||
# path to the Redis socket's parent dir inside the Synapse container
|
||||
matrix_synapse_redis_path: "{{ '/tmp/valkey' if matrix_playbook_synapse_uses_managed_valkey else '' }}"
|
||||
# redis socket filename
|
||||
|
||||
Reference in New Issue
Block a user