Last active
June 27, 2017 16:20
-
-
Save ara4n/396583792208716a6a5b84ef2feb9323 to your computer and use it in GitHub Desktop.
Build guide/script for Dendrite experimentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dendrite guide | |
| # start with Debian Stretch | |
| apt-get install golang-1.8 postgresql | |
| apt-get install openjdk-8-jre-headless # needed for kafka (which in future will be an optional dependency) | |
| # Set up DBs | |
| su postgres -c 'createuser dendrite' | |
| # N.B. these are the current default DB names, which are daft - surely they should be prefixed to dendrite | |
| # We deliberately create separate DBs for each one though to highlight that the services are completely separate | |
| # Although in practice you could combine them into a single DB (assuming the tables prefix nicely) if you wanted. | |
| for i in account device mediaapi syncapi roomserver serverkey federationsender; do su postgres -c "createdb -O dendrite dendrite_$i"; done | |
| # Create the dendrite user | |
| adduser dendrite | |
| su dendrite | |
| # get Go set up and on the path | |
| cat <<EOT >> ~/.bash_profile | |
| export GOROOT=/usr/lib/go-1.8 | |
| export GOPATH=\$HOME/go | |
| export PATH=\$PATH:\$GOROOT/bin:\$GOPATH/bin | |
| export PGHOST=/var/run/postgresql | |
| EOT | |
| # Get the code | |
| git clone https://github.com/matrix-org/dendrite | |
| cd dendrite | |
| # Get the right branch if needed | |
| #git checkout markjh/federation_egress | |
| # Build it | |
| go get github.com/constabulary/gb/... | |
| gb build | |
| # Install and start Kafka | |
| ./travis-install-kafka.sh | |
| # generate self-signed SSL cert (unlike synapse, dendrite doesn't autogen yet) | |
| # N.B. to specify the right CN if needed | |
| test -f server.key || openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 3650 -nodes -subj /CN=$(hostname) | |
| # generate ed25519 signing key | |
| test -f matrix.key || python3 > matrix.key <<EOF | |
| import base64; | |
| r = lambda n: base64.b64encode(open("/dev/urandom", "rb").read(n)).decode("utf8"); | |
| print("-----BEGIN MATRIX PRIVATE KEY-----") | |
| print("Key-ID:", "ed25519:" + r(3).rstrip("=")) | |
| print(r(32)) | |
| print("-----END MATRIX PRIVATE KEY-----") | |
| EOF | |
| # Get a config: | |
| # (This taken from https://github.com/matrix-org/dendrite/pull/146/files which hadn't merged at the time of writing) | |
| curl https://raw.githubusercontent.com/matrix-org/dendrite/markjh/example_config/dendrite-config.yaml > dendrite-config.yaml | |
| # fixup the server_name and various paths in the config (especially the cert & key genreated above) | |
| mkdir -p ~/media | |
| mkdir -p ~/var | |
| # Run it! | |
| # XXX: how should these be run from a process runner perspective? for now just use screen sessions... | |
| cd ~/dendrite/bin | |
| # Set client-api-proxy running: this is a helper intended purely for development/experimentation | |
| # which exposes all the client-facing dendrite services behind a single HTTP API facade. | |
| # In the future this will be replaced by a proper loadbalancer config or a standalone dendrite process | |
| # which simply runs all the different services in a single executable. | |
| # these URLs need to match the main config. The *-api-proxy helpers don't yet read the main config. | |
| screen -dmS client-api-proxy -L ~/var/client-api-proxy.log ./client-api-proxy \ | |
| --sync-api-server-url http://localhost:7773 \ | |
| --client-api-server-url http://localhost:7771 \ | |
| --media-api-server-url http://localhost:7774 \ | |
| --bind-address :8443 \ | |
| --tls-cert ~/dendrite/server.crt \ | |
| --tls-key ~/dendrite/server.key | |
| # ...and now the equivalent federation-api-proxy helper: | |
| screen -dmS federation-api-proxy -L ~/var/federation-api-proxy.log ./federation-api-proxy \ | |
| --federation-api-url http://localhost:7772 \ | |
| --media-api-url http://localhost:7774 \ | |
| --bind-address :8449 \ | |
| --tls-cert ~/dendrite/server.crt \ | |
| --tls-key ~/dendrite/server.key | |
| # ...and now the actual services: | |
| for i in room client-api federation-api media-api sync-api federation-sender | |
| do | |
| screen -dmS dendrite-$i-server -L ~/var/dendrite-$i-server.log ./dendrite-$i-server --config ~/dendrite/dendrite-config.yaml | |
| done | |
| # point your browser at https://wherever:8443 and trust the self-signed certificate... | |
| # ...and then point Riot/Web at the homeserver at https://wherever:8443 and see what happens! | |
| # after registering, you'll get a room creation error; hit refresh and it should work. | |
| # to kill them: | |
| screen -ls | egrep 'dendrite-|-api-proxy' | cut -f1 -d'.' | xargs kill | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment