Architecture: - ADR-1: Conduit selected over Synapse/Dendrite (Rust, low resource) - ADR-2: Deploy on existing Gitea VPS initially - ADR-3: Full federation enabled Artifacts: - docs/matrix-fleet-comms/README.md (architecture + runbooks) - deploy/conduit/conduit.toml (production config) - deploy/conduit/conduit.service (systemd) - deploy/conduit/Caddyfile (reverse proxy) - deploy/conduit/install.sh (one-command installer) - deploy/conduit/scripts/backup.sh (automated backups) - deploy/conduit/scripts/health.sh (health monitoring) Closes #183 (scaffold complete) Progresses #166 (implementation unblocked)
This commit is contained in:
Ezra (Archivist)
82
deploy/conduit/scripts/backup.sh
Normal file
82
deploy/conduit/scripts/backup.sh
Normal file
@@ -0,0 +1,82 @@
|
||||
#!/bin/bash
|
||||
# Conduit Matrix Homeserver Backup Script
|
||||
# Location: /opt/conduit/scripts/backup.sh
|
||||
# Reference: docs/matrix-fleet-comms/README.md
|
||||
# Run via cron: 0 3 * * * /opt/conduit/scripts/backup.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Configuration
|
||||
BACKUP_BASE_DIR="/backups/conduit"
|
||||
DATA_DIR="/opt/conduit/data"
|
||||
CONFIG_FILE="/opt/conduit/conduit.toml"
|
||||
RETENTION_DAYS=7
|
||||
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
|
||||
BACKUP_DIR="$BACKUP_BASE_DIR/$TIMESTAMP"
|
||||
|
||||
# Ensure backup directory exists
|
||||
mkdir -p "$BACKUP_DIR"
|
||||
|
||||
log() {
|
||||
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*"
|
||||
}
|
||||
|
||||
log "Starting Conduit backup..."
|
||||
|
||||
# Check if Conduit is running
|
||||
if systemctl is-active --quiet conduit; then
|
||||
log "Stopping Conduit for consistent backup..."
|
||||
systemctl stop conduit
|
||||
RESTART_NEEDED=true
|
||||
else
|
||||
log "Conduit already stopped"
|
||||
RESTART_NEEDED=false
|
||||
fi
|
||||
|
||||
# Backup database
|
||||
if [ -f "$DATA_DIR/conduit.db" ]; then
|
||||
log "Backing up database..."
|
||||
cp "$DATA_DIR/conduit.db" "$BACKUP_DIR/"
|
||||
sqlite3 "$BACKUP_DIR/conduit.db" "VACUUM;"
|
||||
else
|
||||
log "WARNING: Database not found at $DATA_DIR/conduit.db"
|
||||
fi
|
||||
|
||||
# Backup configuration
|
||||
if [ -f "$CONFIG_FILE" ]; then
|
||||
log "Backing up configuration..."
|
||||
cp "$CONFIG_FILE" "$BACKUP_DIR/"
|
||||
fi
|
||||
|
||||
# Backup media (if exists)
|
||||
if [ -d "$DATA_DIR/media" ]; then
|
||||
log "Backing up media files..."
|
||||
cp -r "$DATA_DIR/media" "$BACKUP_DIR/"
|
||||
fi
|
||||
|
||||
# Restart Conduit if it was running
|
||||
if [ "$RESTART_NEEDED" = true ]; then
|
||||
log "Restarting Conduit..."
|
||||
systemctl start conduit
|
||||
fi
|
||||
|
||||
# Create compressed archive
|
||||
log "Creating compressed archive..."
|
||||
cd "$BACKUP_BASE_DIR"
|
||||
tar czf "$TIMESTAMP.tar.gz" -C "$BACKUP_DIR" .
|
||||
rm -rf "$BACKUP_DIR"
|
||||
|
||||
ARCHIVE_SIZE=$(du -h "$BACKUP_BASE_DIR/$TIMESTAMP.tar.gz" | cut -f1)
|
||||
log "Backup complete: $TIMESTAMP.tar.gz ($ARCHIVE_SIZE)"
|
||||
|
||||
# Upload to S3 (uncomment and configure when ready)
|
||||
# if command -v aws &> /dev/null; then
|
||||
# log "Uploading to S3..."
|
||||
# aws s3 cp "$BACKUP_BASE_DIR/$TIMESTAMP.tar.gz" s3://timmy-backups/conduit/
|
||||
# fi
|
||||
|
||||
# Cleanup old backups
|
||||
log "Cleaning up backups older than $RETENTION_DAYS days..."
|
||||
find "$BACKUP_BASE_DIR" -name "*.tar.gz" -mtime +$RETENTION_DAYS -delete
|
||||
|
||||
log "Backup process complete"
|
||||
142
deploy/conduit/scripts/health.sh
Normal file
142
deploy/conduit/scripts/health.sh
Normal file
@@ -0,0 +1,142 @@
|
||||
#!/bin/bash
|
||||
# Conduit Matrix Homeserver Health Check
|
||||
# Location: /opt/conduit/scripts/health.sh
|
||||
# Reference: docs/matrix-fleet-comms/README.md
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
HOMESERVER_URL="https://matrix.timmy.foundation"
|
||||
ADMIN_EMAIL="admin@timmy.foundation"
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
log_info() {
|
||||
echo -e "${GREEN}[INFO]${NC} $*"
|
||||
}
|
||||
|
||||
log_warn() {
|
||||
echo -e "${YELLOW}[WARN]${NC} $*"
|
||||
}
|
||||
|
||||
log_error() {
|
||||
echo -e "${RED}[ERROR]${NC} $*"
|
||||
}
|
||||
|
||||
# Check if Conduit process is running
|
||||
check_process() {
|
||||
if systemctl is-active --quiet conduit; then
|
||||
log_info "Conduit service is running"
|
||||
return 0
|
||||
else
|
||||
log_error "Conduit service is not running"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check Matrix client-server API
|
||||
check_client_api() {
|
||||
local response
|
||||
response=$(curl -s -o /dev/null -w "%{http_code}" "$HOMESERVER_URL/_matrix/client/versions" 2>/dev/null || echo "000")
|
||||
|
||||
if [ "$response" = "200" ]; then
|
||||
log_info "Client-server API is responding (HTTP 200)"
|
||||
return 0
|
||||
else
|
||||
log_error "Client-server API returned HTTP $response"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check Matrix versions endpoint
|
||||
check_versions() {
|
||||
local versions
|
||||
versions=$(curl -s "$HOMESERVER_URL/_matrix/client/versions" 2>/dev/null | jq -r '.versions | join(", ")' 2>/dev/null || echo "unknown")
|
||||
|
||||
if [ "$versions" != "unknown" ]; then
|
||||
log_info "Supported Matrix versions: $versions"
|
||||
return 0
|
||||
else
|
||||
log_warn "Could not determine Matrix versions"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check federation (self-test)
|
||||
check_federation() {
|
||||
local response
|
||||
response=$(curl -s -o /dev/null -w "%{http_code}" "https://federationtester.matrix.org/api/report?server_name=timmy.foundation" 2>/dev/null || echo "000")
|
||||
|
||||
if [ "$response" = "200" ]; then
|
||||
log_info "Federation tester can reach server"
|
||||
return 0
|
||||
else
|
||||
log_warn "Federation tester returned HTTP $response (may be DNS propagation)"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check disk space
|
||||
check_disk_space() {
|
||||
local usage
|
||||
usage=$(df /opt/conduit/data | tail -1 | awk '{print $5}' | sed 's/%//')
|
||||
|
||||
if [ "$usage" -lt 80 ]; then
|
||||
log_info "Disk usage: ${usage}% (healthy)"
|
||||
return 0
|
||||
elif [ "$usage" -lt 90 ]; then
|
||||
log_warn "Disk usage: ${usage}% (consider cleanup)"
|
||||
return 1
|
||||
else
|
||||
log_error "Disk usage: ${usage}% (critical!)"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check database size
|
||||
check_database() {
|
||||
local db_path="/opt/conduit/data/conduit.db"
|
||||
|
||||
if [ -f "$db_path" ]; then
|
||||
local size
|
||||
size=$(du -h "$db_path" | cut -f1)
|
||||
log_info "Database size: $size"
|
||||
return 0
|
||||
else
|
||||
log_warn "Database file not found at $db_path"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Main health check
|
||||
main() {
|
||||
echo "========================================"
|
||||
echo "Conduit Matrix Homeserver Health Check"
|
||||
echo "Server: $HOMESERVER_URL"
|
||||
echo "Time: $(date)"
|
||||
echo "========================================"
|
||||
echo
|
||||
|
||||
local exit_code=0
|
||||
|
||||
check_process || exit_code=1
|
||||
check_client_api || exit_code=1
|
||||
check_versions || true # Non-critical
|
||||
check_federation || true # Non-critical during initial setup
|
||||
check_disk_space || exit_code=1
|
||||
check_database || true # Non-critical
|
||||
|
||||
echo
|
||||
if [ $exit_code -eq 0 ]; then
|
||||
log_info "All critical checks passed ✓"
|
||||
else
|
||||
log_error "Some critical checks failed ✗"
|
||||
fi
|
||||
|
||||
return $exit_code
|
||||
}
|
||||
|
||||
main "$@"
|
||||
Reference in New Issue
Block a user