Run chown on startup, not when generating config

[UpcraftLP]

Synapse needs its data folder owned by the correct user to function. Currently, this is achieved by running chown when generating the homeserver.yaml file only.

The issue with this is, it does not work for deployments where the container generating that config file is not the actual container running synapse later on. For example in my case I generated the config file on my local machine, then uploaded everything to a server and deployed synapse on there. And because chown never happened on that server, synapse was unable to write to the data directory.

Therefore I think it would be best to run chown on startup of the actual synapse service, NOT when generating the config file; Either only on first startup (if that can already be detected), or with a flag to disable it; since running chown on very large directories can add quite some time to the service startup.

[devonh]

While it may not be ideal in your scenario, to workaround this inconvenience couldn't you run generate on the server where Synapse is deployed, then copy over your config to the new location? Running chown during Synapse startup feels like the wrong place to be making permissions changes to the underlying server. The way it is now separates server configuration, from runtime operation which maintains some level of separation of concerns.

[UpcraftLP]

It is probably doable, but not in a very nice way;

I push all my configuration to a git repository, and have a pipeline set up to automatically deploy from there. so to do this I would have to first push a configuration that runs generate, let that run, then update it afterwards to switch back to the default command and deploy again (so it keeps the same container and volumes).

Ideally I wouldnt need to make major changes to the deployment configuration