recipe-maintainers/matrix-synapse
0
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

chore: upgrade to 7.3.0+v1.154.0 #2

Open
autonomic-bot wants to merge 1 commits from upgrade-7.3.0+v1.154.0 into main
pull from: upgrade-7.3.0+v1.154.0
merge into: recipe-maintainers:main
Conversation 2 Commits 1 Files Changed 3 +10 -6
autonomic-bot commented 2026-06-12 03:57:48 +00:00
Owner
Copy Link

matrix-synapse upgrade: 7.1.1+v1.149.1 → 7.3.0+v1.154.0

Image changes

service current new
app (synapse) matrixdotorg/synapse:v1.149.1 matrixdotorg/synapse:v1.154.0
db pgautoupgrade/pgautoupgrade:17-alpine pgautoupgrade/pgautoupgrade:18-alpine
web nginx:1.29.6 nginx:1.31.1
mas ghcr.io/element-hq/matrix-authentication-service:1.14.0 1.18.0
discorddb postgres:13-alpine postgres:16-alpine

Deferred to separate PR: mautrix/signal + mautrix/telegram CalVer upgrades (+ signaldb/telegramdb PG bumps)

⚠️ Operator Actions Required

1. Backup main DB before deploying — pgautoupgrade 17→18 performs an in-place cluster upgrade. Take a backup first:
abra app run YOURDOMAIN db pg_dump -U synapse synapse > synapse.sql
The PGDATA env pin (PGDATA=/var/lib/postgresql/data) ensures pgautoupgrade finds the existing cluster.

2. Discorddb users only — postgres:13→16 is a plain postgres service (not pgautoupgrade), so it requires manual dump/restore before upgrading. If you use the discord bridge:
pg_dump -U discordbridge discordbridge > discordbridge.sql
Then restore after the upgrade.

3. MAS 1.18.0 device code grantsoauth.device_code_grant_enabled now defaults to false. If your deployment uses device code grants, add device_code_grant_enabled: true under the oauth: section in mas.config.yaml.tmpl before upgrading.

Release notes summary

  • Synapse v1.150–v1.154: postgres statement timeout reduced 1h→10min; no breaking config changes for standard single-process installs
  • MAS 1.15–1.18: device_code_grant_enabled default change only; no DB migrations
  • nginx 1.31.1: maintenance release
  • pgautoupgrade 18-alpine: PGDATA path change in postgres:18 — patched with PGDATA env pin (verified working on cc-ci)

Verified on cc-ci (chaos deploy)

All 3 services converged healthy: synapse v1.154.0 ✓, pgautoupgrade:18-alpine (pg17→18 upgrade completed) ✓, nginx:1.31.1 ✓

Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review.

cc @trav @notplants

## matrix-synapse upgrade: 7.1.1+v1.149.1 → 7.3.0+v1.154.0 ### Image changes | service | current | new | |---------|---------|-----| | app (synapse) | matrixdotorg/synapse:v1.149.1 | matrixdotorg/synapse:v1.154.0 | | db | pgautoupgrade/pgautoupgrade:17-alpine | pgautoupgrade/pgautoupgrade:18-alpine | | web | nginx:1.29.6 | nginx:1.31.1 | | mas | ghcr.io/element-hq/matrix-authentication-service:1.14.0 | 1.18.0 | | discorddb | postgres:13-alpine | postgres:16-alpine | Deferred to separate PR: mautrix/signal + mautrix/telegram CalVer upgrades (+ signaldb/telegramdb PG bumps) ### ⚠️ Operator Actions Required **1. Backup main DB before deploying** — pgautoupgrade 17→18 performs an in-place cluster upgrade. Take a backup first: `abra app run YOURDOMAIN db pg_dump -U synapse synapse > synapse.sql` The PGDATA env pin (`PGDATA=/var/lib/postgresql/data`) ensures pgautoupgrade finds the existing cluster. **2. Discorddb users only** — postgres:13→16 is a plain postgres service (not pgautoupgrade), so it requires manual dump/restore before upgrading. If you use the discord bridge: `pg_dump -U discordbridge discordbridge > discordbridge.sql` Then restore after the upgrade. **3. MAS 1.18.0 device code grants** — `oauth.device_code_grant_enabled` now defaults to `false`. If your deployment uses device code grants, add `device_code_grant_enabled: true` under the `oauth:` section in `mas.config.yaml.tmpl` before upgrading. ### Release notes summary - **Synapse v1.150–v1.154**: postgres statement timeout reduced 1h→10min; no breaking config changes for standard single-process installs - **MAS 1.15–1.18**: device_code_grant_enabled default change only; no DB migrations - **nginx 1.31.1**: maintenance release - **pgautoupgrade 18-alpine**: PGDATA path change in postgres:18 — patched with PGDATA env pin (verified working on cc-ci) ### Verified on cc-ci (chaos deploy) All 3 services converged healthy: synapse v1.154.0 ✓, pgautoupgrade:18-alpine (pg17→18 upgrade completed) ✓, nginx:1.31.1 ✓ Tested green on the cc-ci recipe CI server (full suite, cold, against this PR head). NOT merged — for operator review. cc @trav @notplants
autonomic-bot added 1 commit 2026-06-12 03:57:49 +00:00
chore: upgrade to 7.3.0+v1.154.0
All checks were successful
cc-ci/testme cc-ci: success
Details
72f0176a21 
- matrixdotorg/synapse: v1.149.1 -> v1.154.0
- pgautoupgrade/pgautoupgrade: 17-alpine -> 18-alpine (+ PGDATA pin for in-place upgrade)
- ghcr.io/element-hq/matrix-authentication-service: 1.14.0 -> 1.18.0
- nginx: 1.29.6 -> 1.31.1
- discorddb postgres: 13-alpine -> 16-alpine (conservative bump; manual dump/restore required)

Deferred to separate PR:
- mautrix/signal v0.8.7 -> v26.02.2 (CalVer; requires signaldb dump/restore)
- mautrix/telegram v0.15.3 -> v0.2605.0 (CalVer; requires telegramdb dump/restore)
- signaldb/telegramdb postgres: 13-alpine (deferred with bridges)
autonomic-bot requested review from trav 2026-06-12 03:57:49 +00:00
autonomic-bot requested review from notplants 2026-06-12 03:57:49 +00:00
autonomic-bot commented 2026-06-12 03:57:59 +00:00
Author
Owner
Copy Link

!testme

!testme
autonomic-bot commented 2026-06-12 03:58:05 +00:00
Author
Owner
Copy Link

🌻 cc-cimatrix-synapse @ 72f0176a passed

cc-ci result card

level

full logs · dashboard

<!-- cc-ci:testme --> 🌻 **cc-ci** — `matrix-synapse` @ `72f0176a` ✅ **passed** [![cc-ci result card](https://ci.commoninternet.net/runs/527/summary.png)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/527) [![level](https://ci.commoninternet.net/runs/527/badge.svg)](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/527) [full logs](https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/527) · [dashboard](https://ci.commoninternet.net/)
All checks were successful
cc-ci/testme cc-ci: success
Details
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin upgrade-7.3.0+v1.154.0:upgrade-7.3.0+v1.154.0
git checkout upgrade-7.3.0+v1.154.0
Sign in to join this conversation.
Reviewers
No Reviewers
trav
notplants
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
autonomic autonomic-bot notplants trav
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: recipe-maintainers/matrix-synapse#2
No description provided.
Delete Branch "upgrade-7.3.0+v1.154.0"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?