microdao-daarion/docker-compose.synapse-node1.yml

# Synapse Matrix Homeserver — NODA1 setup
#
# BEFORE FIRST RUN:
#   1. Set DNS: A record  matrix.daarion.space → 144.76.224.179
#   2. Generate Synapse config (one-time):
#      docker run --rm -v $(pwd)/synapse-data:/data \
#        -e SYNAPSE_SERVER_NAME=daarion.space \
#        -e SYNAPSE_REPORT_STATS=no \
#        matrixdotorg/synapse:latest generate
#   3. Set SYNAPSE_POSTGRES_PASSWORD in .env
#   4. Run: docker compose -f docker-compose.synapse-node1.yml up -d
#   5. Create admin user (see ops/runbook-matrix-setup.md)

version: "3.9"

services:
  synapse:
    image: matrixdotorg/synapse:latest
    container_name: dagi-synapse-node1
    restart: unless-stopped
    environment:
      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
    volumes:
      - synapse-data:/data
    depends_on:
      synapse-db:
        condition: service_healthy
    healthcheck:
      test:
        - "CMD"
        - "python3"
        - "-c"
        - "import urllib.request; urllib.request.urlopen('http://localhost:8008/_matrix/client/versions', timeout=5)"
      interval: 30s
      timeout: 10s
      retries: 5
      start_period: 30s
    networks:
      - dagi-network
    # Port 8008 internal only — exposed via Nginx on dagi-network
    # Do NOT expose publicly; Nginx handles TLS termination

  synapse-db:
    image: postgres:15-alpine
    container_name: dagi-synapse-db-node1
    restart: unless-stopped
    environment:
      - POSTGRES_USER=synapse
      - POSTGRES_PASSWORD=${SYNAPSE_POSTGRES_PASSWORD:-changeme_synapse}
      - POSTGRES_DB=synapse
      - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
    volumes:
      - synapse-db-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U synapse"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - dagi-network

volumes:
  synapse-data:
  synapse-db-data:

networks:
  dagi-network:
    external: true