From 44cb16d0b886c91f12ef88ab2b5ff406b65fc758 Mon Sep 17 00:00:00 2001
From: fkwp <github-fkwp@w4ve.de>
Date: Tue, 5 Nov 2024 00:25:41 +0100
Subject: [PATCH] prefix docker-compose with dev to make clear its only for
 development purposes. In addition added minimum synapse config to it in order
 to have a fully selfcontained dev setup

---
 backend-docker-compose.yml     | 52 ----------------------
 dev-backend-docker-compose.yml | 80 ++++++++++++++++++++++++++++++++++
 2 files changed, 80 insertions(+), 52 deletions(-)
 delete mode 100644 backend-docker-compose.yml
 create mode 100644 dev-backend-docker-compose.yml

diff --git a/backend-docker-compose.yml b/backend-docker-compose.yml
deleted file mode 100644
index b0dbe822..00000000
--- a/backend-docker-compose.yml
+++ /dev/null
@@ -1,52 +0,0 @@
-version: "3.9"
-
-networks:
-  lkbackend:
-
-services:
-  auth-service:
-    image: ghcr.io/element-hq/lk-jwt-service:latest-ci
-    hostname: auth-server
-    # Use host network in case the configured homeserver runs on localhost
-    network_mode: host
-    environment:
-      - LK_JWT_PORT=8881
-      - LIVEKIT_URL=ws://localhost:7880
-      - LIVEKIT_KEY=devkey
-      - LIVEKIT_SECRET=secret
-      # If the configured homeserver runs on localhost, it'll probably be using
-      # a self-signed certificate
-      - LIVEKIT_INSECURE_SKIP_VERIFY_TLS=YES_I_KNOW_WHAT_I_AM_DOING
-    deploy:
-      restart_policy:
-        condition: on-failure
-    networks:
-      - lkbackend
-
-  livekit:
-    image: livekit/livekit-server:latest
-    command: --dev --config /etc/livekit.yaml
-    restart: unless-stopped
-    # The SFU seems to work far more reliably when we let it share the host
-    # network rather than opening specific ports (but why?? we're not missing
-    # any…)
-    network_mode: host
-    # ports:
-    #   - "7880:7880/tcp"
-    #   - "7881:7881/tcp"
-    #   - "7882:7882/tcp"
-    #   - "50100-50200:50100-50200/udp"
-    volumes:
-      - ./backend/livekit.yaml:/etc/livekit.yaml
-    networks:
-      - lkbackend
-
-  redis:
-    image: redis:6-alpine
-    command: redis-server /etc/redis.conf
-    ports:
-      - 6379:6379
-    volumes:
-      - ./backend/redis.conf:/etc/redis.conf
-    networks:
-      - lkbackend
diff --git a/dev-backend-docker-compose.yml b/dev-backend-docker-compose.yml
new file mode 100644
index 00000000..fcdadffe
--- /dev/null
+++ b/dev-backend-docker-compose.yml
@@ -0,0 +1,80 @@
+networks:
+  ecbackend:
+
+services:
+  auth-service:
+    image: ghcr.io/element-hq/lk-jwt-service:latest-ci
+    hostname: auth-server
+    environment:
+      - LK_JWT_PORT=8080
+      - LIVEKIT_URL=ws://localhost:7880
+      - LIVEKIT_KEY=devkey
+      - LIVEKIT_SECRET=secret
+      # If the configured homeserver runs on localhost, it'll probably be using
+      # a self-signed certificate
+      - LIVEKIT_INSECURE_SKIP_VERIFY_TLS=YES_I_KNOW_WHAT_I_AM_DOING
+    deploy:
+      restart_policy:
+        condition: on-failure
+    ports:
+      # HOST_PORT:CONTAINER_PORT
+      - 8080:8080
+    networks:
+      - ecbackend
+
+  livekit:
+    image: livekit/livekit-server:latest
+    command: --dev --config /etc/livekit.yaml
+    restart: unless-stopped
+    # The SFU seems to work far more reliably when we let it share the host
+    # network rather than opening specific ports (but why?? we're not missing
+    # any…)
+    ports:
+      # HOST_PORT:CONTAINER_PORT
+      - 7880:7880/tcp
+      - 7881:7881/tcp
+      - 7882:7882/tcp
+      - 50100-50200:50100-50200/udp
+    volumes:
+      - ./backend/dev_livekit.yaml:/etc/livekit.yaml
+    networks:
+      - ecbackend
+
+  redis:
+    image: redis:6-alpine
+    command: redis-server /etc/redis.conf
+    ports:
+      # HOST_PORT:CONTAINER_PORT
+      - 6379:6379
+    volumes:
+      - ./backend/redis.conf:/etc/redis.conf
+    networks:
+      - ecbackend
+
+  synapse:
+    hostname: homeserver
+    image: docker.io/matrixdotorg/synapse:latest
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/cfg/homeserver.yaml
+    volumes:
+      - ./backend/synapse_tmp:/data
+      - ./backend/dev_homeserver.yaml:/data/cfg/homeserver.yaml
+    networks:
+      - ecbackend
+
+  nginx:
+    #  openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout tls_localhost_key.pem -out tls_localhost_cert.pem -subj "/C=GB/ST=London/L=London/O=Alros/OU=IT Department/CN=localhost"
+    hostname: synapse.localhost
+    image: nginx:latest
+    volumes:
+      - ./backend/tls_localhost_nginx.conf:/etc/nginx/conf.d/default.conf
+      - ./backend/tls_localhost_key.pem:/root/ssl/key.pem
+      - ./backend/tls_localhost_cert.pem:/root/ssl/cert.pem
+    ports:
+      # HOST_PORT:CONTAINER_PORT
+      - "8008:80"
+      - "4443:443"
+    depends_on:
+      - synapse
+    networks:
+      - ecbackend