YunoHost-Apps/dendrite_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dendrite_ynh.git synced 2024-09-03 18:25:58 +02:00
Code Issues Activity Actions

Merge branch 'testing' into fix-go-arch

Browse source
This commit is contained in:
tituspijean 2022-08-16 16:05:31 +02:00 committed by GitHub
commit 7239032905
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 343 additions and 300 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/updater.sh vendored
View file

@ -39,9 +39,9 @@ if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
#elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
# echo "::warning ::A branch already exists for this update"
# exit 0
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================

22
README.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# Dendrite for YunoHost
[![Integration level](https://dash.yunohost.org/integration/dendrite.svg)](https://dash.yunohost.org/appci/app/dendrite) ![](https://ci-apps.yunohost.org/ci/badges/dendrite.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/dendrite.maintain.svg)
[![Integration level](https://dash.yunohost.org/integration/dendrite.svg)](https://dash.yunohost.org/appci/app/dendrite) ![Working status](https://ci-apps.yunohost.org/ci/badges/dendrite.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/dendrite.maintain.svg)
[![Install Dendrite with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=dendrite)
*[Lire ce readme en français.](./README_fr.md)*
@ -24,10 +24,7 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p
- Scalable: can run on multiple machines and eventually scale to massive homeserver deployments.
**Shipped version:** 0.5.1~ynh1
**Shipped version:** 0.8.5~ynh1
## Disclaimers / important information
:warning: The upstream app is still in beta. Tread carefully.
@ -38,21 +35,22 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p
## Documentation and resources
* Official app website: https://matrix.org/
* Official admin documentation: https://github.com/matrix-org/dendrite/tree/master/docs
* Upstream app code repository: https://github.com/matrix-org/dendrite
* YunoHost documentation for this app: https://yunohost.org/app_dendrite
* Report a bug: https://github.com/YunoHost-Apps/dendrite_ynh/issues
* Official app website: <https://matrix.org/>
* Official admin documentation: <https://github.com/matrix-org/dendrite/tree/master/docs>
* Upstream app code repository: <https://github.com/matrix-org/dendrite>
* YunoHost documentation for this app: <https://yunohost.org/app_dendrite>
* Report a bug: <https://github.com/YunoHost-Apps/dendrite_ynh/issues>
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing --debug
or
sudo yunohost app upgrade dendrite -u https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>

28
README_fr.md
View file

@ -1,10 +1,14 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# Dendrite pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/dendrite.svg)](https://dash.yunohost.org/appci/app/dendrite) ![](https://ci-apps.yunohost.org/ci/badges/dendrite.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/dendrite.maintain.svg)
[![Niveau d'intégration](https://dash.yunohost.org/integration/dendrite.svg)](https://dash.yunohost.org/appci/app/dendrite) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/dendrite.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/dendrite.maintain.svg)
[![Installer Dendrite avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=dendrite)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Dendrite rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
@ -20,10 +24,7 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p
- Scalable: can run on multiple machines and eventually scale to massive homeserver deployments.
**Version incluse :** 0.5.1~ynh1
**Version incluse :** 0.8.5~ynh1
## Avertissements / informations importantes
:warning: The upstream app is still in beta. Tread carefully.
@ -34,21 +35,22 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p
## Documentations et ressources
* Site officiel de l'app : https://matrix.org/
* Documentation officielle de l'admin : https://github.com/matrix-org/dendrite/tree/master/docs
* Dépôt de code officiel de l'app : https://github.com/matrix-org/dendrite
* Documentation YunoHost pour cette app : https://yunohost.org/app_dendrite
* Signaler un bug : https://github.com/YunoHost-Apps/dendrite_ynh/issues
* Site officiel de l'app : <https://matrix.org/>
* Documentation officielle de l'admin : <https://github.com/matrix-org/dendrite/tree/master/docs>
* Dépôt de code officiel de l'app : <https://github.com/matrix-org/dendrite>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_dendrite>
* Signaler un bug : <https://github.com/YunoHost-Apps/dendrite_ynh/issues>
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing --debug
ou
sudo yunohost app upgrade dendrite -u https://github.com/YunoHost-Apps/dendrite_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>

6
check_process
View file

@ -1,7 +1,6 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
is_public=1
port="666"
; Checks
@ -20,8 +19,3 @@
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=CommitHash
name=Name and date of the commit.
manifest_arg=domain=DOMAIN&path=PATH&is_public=1&port=666&

8
conf/app.src
View file

@ -1,6 +1,6 @@
SOURCE_URL=https://github.com/matrix-org/dendrite/archive/v0.5.1.zip
SOURCE_SUM=8df61627d3209f4ff529cbac8318a3a9da274de527f858fdb72578988a5aeefe
SOURCE_URL=https://api.github.com/repos/matrix-org/dendrite/tarball/v0.8.5
SOURCE_SUM=53ff43f77f4dfcab70d25684beadc486d65c8dd514e19426380e404e1aef2501
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true
SOURCE_FILENAME=

237
conf/dendrite.yaml
View file

@ -28,7 +28,7 @@
# connection can be idle in seconds - a negative value is unlimited.
# The version of the configuration file.
version: 1
version: 2
# Global Matrix configuration. This configuration applies to all components.
global:
@ -54,6 +54,10 @@ global:
# considered valid by other homeservers.
key_validity_period: 168h0m0s
# The server name to delegate server-server communications to, with optional port
# e.g. localhost:443
well_known_server_name: ""
# Lists of domains that the server will trust as identity servers to verify third
# party identifiers such as phone numbers and email addresses.
trusted_third_party_id_servers:
@ -64,35 +68,40 @@ global:
# to other servers and the federation API will not be exposed.
disable_federation: false
# Configuration for Kafka/Naffka.
kafka:
# List of Kafka broker addresses to connect to. This is not needed if using
# Naffka in monolith mode.
# Server notices allows server admins to send messages to all users.
server_notices:
enabled: false
# The server localpart to be used when sending notices, ensure this is not yet taken
local_part: "_server"
# The displayname to be used when sending notices
display_name: "Server alerts"
# The mxid of the avatar to use
avatar_url: ""
# The roomname to be used when creating messages
room_name: "Server Alerts"
# Configuration for NATS JetStream
jetstream:
# A list of NATS Server addresses to connect to. If none are specified, an
# internal NATS server will be started automatically when running Dendrite
# in monolith mode. It is required to specify the address of at least one
# NATS Server node if running in polylith mode.
addresses:
- localhost:2181
# - localhost:4222
# The prefix to use for Kafka topic names for this homeserver. Change this only if
# you are running more than one Dendrite homeserver on the same Kafka deployment.
# Keep all NATS streams in memory, rather than persisting it to the storage
# path below. This option is present primarily for integration testing and
# should not be used on a real world Dendrite deployment.
in_memory: false
# Persistent directory to store JetStream streams in. This directory
# should be preserved across Dendrite restarts.
storage_path: ./
# The prefix to use for stream names for this homeserver - really only
# useful if running more than one Dendrite on the same NATS deployment.
topic_prefix: Dendrite
# Whether to use Naffka instead of Kafka. This is only available in monolith
# mode, but means that you can run a single-process server without requiring
# Kafka.
use_naffka: true
# The max size a Kafka message is allowed to use.
# You only need to change this value, if you encounter issues with too large messages.
# Must be less than/equal to "max.message.bytes" configured in Kafka.
# Defaults to 8388608 bytes.
# max_message_bytes: 8388608
# Naffka database options. Not required when using Kafka.
naffka_database:
connection_string: postgres://__APP__:__DB_PWD__@localhost/__APP__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# Configuration for Prometheus metric collection.
metrics:
# Whether or not Prometheus metrics are enabled.
@ -103,25 +112,41 @@ global:
username: metrics
password: metrics
# DNS cache options. The DNS cache may reduce the load on DNS servers
# if there is no local caching resolver available for use.
dns_cache:
# Whether or not the DNS cache is enabled.
enabled: false
# Maximum number of entries to hold in the DNS cache, and
# for how long those items should be considered valid in seconds.
cache_size: 256
cache_lifetime: "5m" # 5minutes; see https://pkg.go.dev/time@master#ParseDuration for more
# Configuration for the Appservice API.
app_service_api:
internal_api:
listen: http://localhost:7777
connect: http://localhost:7777
listen: http://localhost:7777 # Only used in polylith deployments
connect: http://localhost:7777 # Only used in polylith deployments
database:
connection_string: file:appservice.db
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# Disable the validation of TLS certificates of appservices. This is
# not recommended in production since it may allow appservice traffic
# to be sent to an unverified endpoint.
disable_tls_validation: false
# Appservice configuration files to load into this homeserver.
config_files: []
# Configuration for the Client API.
client_api:
internal_api:
listen: http://localhost:7771
connect: http://localhost:7771
listen: http://localhost:7771 # Only used in polylith deployments
connect: http://localhost:7771 # Only used in polylith deployments
external_api:
listen: http://[::]:8071
@ -129,6 +154,10 @@ client_api:
# using the registration shared secret below.
registration_disabled: __REGISTRATION__
# Prevents new guest accounts from being created. Guest registration is also
# disabled implicitly by setting 'registration_disabled' above.
guests_disabled: true
# If set, allows registration by anyone who knows the shared secret, regardless of
# whether registration is otherwise disabled.
registration_shared_secret: ""
@ -161,16 +190,21 @@ client_api:
# Configuration for the EDU server.
edu_server:
internal_api:
listen: http://localhost:7778
connect: http://localhost:7778
listen: http://localhost:7778 # Only used in polylith deployments
connect: http://localhost:7778 # Only used in polylith deployments
# Configuration for the Federation API.
federation_api:
internal_api:
listen: http://localhost:7772
connect: http://localhost:7772
listen: http://localhost:7772 # Only used in polylith deployments
connect: http://localhost:7772 # Only used in polylith deployments
external_api:
listen: http://[::]:8072
database:
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# List of paths to X.509 certificates to be used by the external federation listeners.
# These certificates will be used to calculate the TLS fingerprints and other servers
@ -178,17 +212,6 @@ federation_api:
# format.
federation_certificates: []
# Configuration for the Federation Sender.
federation_sender:
internal_api:
listen: http://localhost:7775
connect: http://localhost:7775
database:
connection_string: file:federationsender.db
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# How many times we will try to resend a failed transaction to a specific server. The
# backoff is 2**x seconds, so 1 = 2 seconds, 2 = 4 seconds, 3 = 8 seconds etc.
send_max_retries: 16
@ -197,20 +220,29 @@ federation_sender:
# enable this option in production as it presents a security risk!
disable_tls_validation: false
# Use the following proxy server for outbound federation traffic.
proxy_outbound:
enabled: false
protocol: http
host: localhost
port: 8080
# Perspective keyservers to use as a backup when direct key fetches fail. This may
# be required to satisfy key requests for servers that are no longer online when
# joining some rooms.
key_perspectives:
- server_name: matrix.org
keys:
- key_id: ed25519:auto
public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
- key_id: ed25519:a_RXGa
public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
# This option will control whether Dendrite will prefer to look up keys directly
# or whether it should try perspective servers first, using direct fetches as a
# last resort.
prefer_direct_fetch: false
# Configuration for the Key Server (for end-to-end encryption).
key_server:
internal_api:
listen: http://localhost:7779
connect: http://localhost:7779
listen: http://localhost:7779 # Only used in polylith deployments
connect: http://localhost:7779 # Only used in polylith deployments
database:
connection_string: file:keyserver.db
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
@ -218,13 +250,13 @@ key_server:
# Configuration for the Media API.
media_api:
internal_api:
listen: http://localhost:7774
connect: http://localhost:7774
listen: http://localhost:7774 # Only used in polylith deployments
connect: http://localhost:7774 # Only used in polylith deployments
external_api:
listen: http://[::]:8074
database:
connection_string: file:mediaapi.db
max_open_conns: 10
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 5
max_idle_conns: 2
conn_max_lifetime: -1
@ -232,7 +264,8 @@ media_api:
base_path: ./media_store
# The maximum allowed file size (in bytes) for media uploads to this homeserver
# (0 = unlimited).
# (0 = unlimited). If using a reverse proxy, ensure it allows requests at
# least this large (e.g. client_max_body_size in nginx.)
max_file_size_bytes: 10485760
# Whether to dynamically generate thumbnails if needed.
@ -253,53 +286,39 @@ media_api:
height: 480
method: scale
# Configuration for experimental MSC's
mscs:
# A list of enabled MSC's
# Currently valid values are:
# - msc2836 (Threading, see https://github.com/matrix-org/matrix-doc/pull/2836)
# - msc2946 (Spaces Summary, see https://github.com/matrix-org/matrix-doc/pull/2946)
mscs: []
database:
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 5
max_idle_conns: 2
conn_max_lifetime: -1
# Configuration for the Room Server.
room_server:
internal_api:
listen: http://localhost:7770
connect: http://localhost:7770
listen: http://localhost:7770 # Only used in polylith deployments
connect: http://localhost:7770 # Only used in polylith deployments
database:
connection_string: file:roomserver.db
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# Configuration for the Signing Key Server (for server signing keys).
signing_key_server:
internal_api:
listen: http://localhost:7780
connect: http://localhost:7780
database:
connection_string: file:signingkeyserver.db
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# Perspective keyservers to use as a backup when direct key fetches fail. This may
# be required to satisfy key requests for servers that are no longer online when
# joining some rooms.
key_perspectives:
- server_name: matrix.org
keys:
- key_id: ed25519:auto
public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
- key_id: ed25519:a_RXGa
public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
# This option will control whether Dendrite will prefer to look up keys directly
# or whether it should try perspective servers first, using direct fetches as a
# last resort.
prefer_direct_fetch: false
# Configuration for the Sync API.
sync_api:
internal_api:
listen: http://localhost:7773
connect: http://localhost:7773
listen: http://localhost:7773 # Only used in polylith deployments
connect: http://localhost:7773 # Only used in polylith deployments
external_api:
listen: http://[::]:8073
database:
connection_string: file:syncapi.db
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
@ -311,19 +330,26 @@ sync_api:
# Configuration for the User API.
user_api:
# The cost when hashing passwords on registration/login. Default: 10. Min: 4, Max: 31
# See https://pkg.go.dev/golang.org/x/crypto/bcrypt for more information.
# Setting this lower makes registration/login consume less CPU resources at the cost of security
# should the database be compromised. Setting this higher makes registration/login consume more
# CPU resources but makes it harder to brute force password hashes.
# This value can be low if performing tests or on embedded Dendrite instances (e.g WASM builds)
# bcrypt_cost: 10
internal_api:
listen: http://localhost:7781
connect: http://localhost:7781
listen: http://localhost:7781 # Only used in polylith deployments
connect: http://localhost:7781 # Only used in polylith deployments
account_database:
connection_string: file:userapi_accounts.db
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
device_database:
connection_string: file:userapi_devices.db
connection_string: postgres://__DB_USER__:__DB_PWD__@localhost/__DB_NAME__
max_open_conns: 10
max_idle_conns: 2
conn_max_lifetime: -1
# The length of time that a token issued for a relying party from
# /_matrix/client/r0/user/{userId}/openid/request_token endpoint
# is considered to be valid in milliseconds.
# The default lifetime is 3600000ms (60 minutes).
# openid_token_lifetime_ms: 3600000
# Configuration for Opentracing.
# See https://github.com/matrix-org/dendrite/tree/master/docs/tracing for information on
@ -341,11 +367,12 @@ tracing:
baggage_restrictions: null
throttler: null
# Logging configuration, in addition to the standard logging that is sent to
# stdout by Dendrite.
# Logging configuration
logging:
- type: file
- type: std
level: info
- type: file
# The logging level, must be one of debug, info, warn, error, fatal, panic.
level: info
params:
path: /var/log/__APP__

7
conf/go.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://golang.org/dl/go1.15.8.linux-amd64.tar.gz
SOURCE_SUM=d3379c32a90fdf9382166f8f48034c459a8cc433730bc9476d39d9082c94583b
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=
SOURCE_EXTRACT=true

17
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Matrix homeserver of second generation",
"fr": "Serveur Matrix de seconde génération"
},
"version": "0.5.1~ynh1",
"version": "0.8.5~ynh1",
"url": "https://matrix.org/",
"upstream": {
"license": "Apache-2.0",
@ -24,11 +24,10 @@
},
"multi_instance": true,
"services": [
"nginx",
"psql"
"nginx"
],
"arguments": {
"install" : [
"install": [
{
"name": "warning",
"type": "display_text",
@ -39,19 +38,11 @@
},
{
"name": "domain",
"type": "domain",
"help": {
"en": "Dendrite requires its own domain, so make sure to create a new one.",
"fr": "Dendrite a besoin de son propre domaine, créez-en un au préalable."
}
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"help": {
"en": "A public server means that anybody will be able to register.",
"fr": "Un serveur public permet à quiconque de s'y enregistrer."
},
"default": false
}
]

2
scripts/_common.sh
View file

@ -7,7 +7,7 @@
# dependencies used by the app
pkg_dependencies="postgresql postgresql-contrib"
go_version="1.16"
GO_VERSION="1.16"
#=================================================
# PERSONAL HELPERS

1
scripts/backup
View file

@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script

18
scripts/change_url
View file

@ -22,11 +22,6 @@ new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
# For systemd update
domain=$YNH_APP_NEW_DOMAIN
port=$(ynh_app_setting_get --app=$app --key=port)
tls_port=$(ynh_app_setting_get --app=$app --key=tls_port)
#=================================================
# LOAD SETTINGS
#=================================================
@ -35,14 +30,20 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
domain=$YNH_APP_NEW_DOMAIN
port=$(ynh_app_setting_get --app=$app --key=port)
tls_port=$(ynh_app_setting_get --app=$app --key=tls_port)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
@ -75,7 +76,7 @@ fi
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop"
ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped Dendrite Matrix homeserver" --log_path="systemd"
#=================================================
# MODIFY URL IN NGINX CONF
@ -126,7 +127,8 @@ ynh_add_systemd_config
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="systemd"
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log"
#=================================================
# RELOAD NGINX

78
scripts/install
View file

@ -15,8 +15,7 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
@ -59,15 +58,13 @@ ynh_script_progression --message="Configuring firewall..." --weight=1
# Find available ports
port=$(ynh_find_port --port=8008)
ynh_app_setting_set --app=$app --key=port --value=$port
tls_port=$(ynh_find_port --port=8448)
ynh_app_setting_set --app=$app --key=tls_port --value=$tls_port
# Open TLS port
ynh_exec_warn_less yunohost firewall allow TCP $tls_port
# Store opened ports
ynh_app_setting_set --app=$app --key=port --value=$port
ynh_app_setting_set --app=$app --key=tls_port --value=$tls_port
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -84,8 +81,13 @@ ynh_script_progression --message="Installing dependencies..." --weight=3
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
# Install Go
ynh_exec_warn_less ynh_install_go --go_version=$go_version
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path" --groups="ssl-cert"
#=================================================
# CREATE A POSTGRESQL DATABASE
@ -93,11 +95,10 @@ ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=2
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_name --db_name=$db_name
ynh_psql_execute_as_root --sql="DROP DATABASE $db_name"
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
ynh_psql_execute_as_root --sql="CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
#=================================================
@ -107,7 +108,11 @@ ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$final_path/build"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:root "$final_path"
#=================================================
# NGINX CONFIGURATION
@ -122,23 +127,41 @@ ynh_add_nginx_config
#=================================================
# BUILDING SOURCES AND SETTING UP THE SERVER
#=================================================
ynh_script_progression --message="Building the sources (it will take some time)..." --weight=6
ynh_use_go
ynh_exec_warn_less ynh_install_go --go_version=$GO_VERSION
mkdir -p "$final_path/bin"
chown -R $app:root $final_path
pushd "$final_path/build"
# Build the sources
ynh_use_go
export GOPATH="$final_path/build/go"
export GOCACHE="$final_path/build/.cache"
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/dendrite-monolith-server > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/goose > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/create-account > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/generate-keys > /dev/null 2>&1
popd
ynh_secure_remove --file="$final_path/build"
ynh_remove_go
ynh_script_progression --message="Generating the keys..." --weight=1
pushd "$final_path"
ynh_script_progression --message="Building the sources (it will take some time)..." --weight=6
# Build the sources
ynh_exec_warn_less ynh_exec_as $app $ynh_go_load_path HOME=$final_path ./build.sh
ynh_script_progression --message="Generating the keys..." --weight=1
# Generate a Matrix signing key for federation
./bin/generate-keys --private-key matrix_key.pem
# Generate a self-signed certificate
./bin/generate-keys --tls-cert server.crt --tls-key server.key
popd
# Set permissions to app files
chown -R $app:root "$final_path"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..."
# Allow or deny registration based of is_public
registration=false
if [ $is_public -eq 1 ]
@ -149,6 +172,9 @@ fi
# Copy and modify the config file
ynh_add_config --template="../conf/dendrite.yaml" --destination="$final_path/dendrite.yaml"
chmod 400 "$final_path/dendrite.yaml"
chown $app:$app "$final_path/dendrite.yaml"
#=================================================
# SETUP SYSTEMD
#=================================================
@ -159,20 +185,14 @@ ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R $app:root $final_path
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
# HACKY: Match the weirdly renamed rotated logs.
@ -192,7 +212,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var
ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="systemd"
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log"
#=================================================
# RELOAD NGINX

28
scripts/remove
View file

@ -20,6 +20,8 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
tls_port=$(ynh_app_setting_get --app=$app --key=tls_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
@ -43,21 +45,21 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config
ynh_remove_systemd_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database" --weight=2
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$app --db_name=$app
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=3
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
# Remove Go
ynh_remove_go
@ -79,12 +81,12 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
ynh_remove_nginx_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
ynh_script_progression --message="Removing dependencies..." --weight=3
# Remove the app-specific logrotate config
ynh_remove_logrotate
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# CLOSE A PORT

62
scripts/restore
View file

@ -16,8 +16,7 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
#### Remove this function if there's nothing to clean before calling the remove script.
true
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
@ -36,7 +35,6 @@ port=$(ynh_app_setting_get --app=$app --key=port)
tls_port=$(ynh_app_setting_get --app=$app --key=tls_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
@ -51,9 +49,18 @@ test ! -d $final_path \
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" --groups="ssl-cert"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
@ -61,22 +68,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --use_shell --groups="ssl-cert"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R $app:root $final_path
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:root "$final_path"
#=================================================
# SPECIFIC RESTORATION
@ -88,14 +82,12 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=3
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
# Install Go
ynh_install_go --go_version=$go_version
#=================================================
# RESTORE THE PSQL DATABASE
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PSQL database..." --weight=3
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=3
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
@ -108,6 +100,16 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..."
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
@ -121,17 +123,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="systemd"
#=================================================
# RESTORE VARIOUS FILES
#=================================================
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log"
#=================================================
# GENERIC FINALIZATION

107
scripts/upgrade
View file

@ -23,22 +23,16 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
tls_port=$(ynh_app_setting_get --app=$app --key=tls_port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
if ! groups $app | grep -q 'ssl-cert'; then
adduser $app ssl-cert
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -47,6 +41,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
@ -62,6 +57,23 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped Dendrite Matrix homeserver" --log_path="systemd"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
if ! groups $app | grep -q 'ssl-cert'; then
adduser $app ssl-cert
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -71,9 +83,13 @@ then
ynh_script_progression --message="Upgrading source files..." --weight=3
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" --keep="$final_path/dendrite.yaml"
ynh_setup_source --dest_dir="$final_path/build" --keep="$final_path/dendrite.yaml"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:root "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -85,38 +101,55 @@ ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing)
# It needs to be created before using the ynh_install_go helper
ynh_system_user_create --username=$app --use_shell --groups="ssl-cert"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
# Install Go
ynh_exec_warn_less ynh_install_go --go_version=$go_version
#=================================================
# SPECIFIC UPGRADE
#=================================================
# BUILDING SOURCES AND SETTING UP THE SERVER
#=================================================
ynh_use_go
mkdir -p "$final_path/bin"
chown -R $app:root $final_path
pushd "$final_path"
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Building the sources (it will take some time)..." --weight=6
ynh_exec_warn_less ynh_install_go --go_version=$GO_VERSION
pushd "$final_path/build"
# Build the sources
ynh_exec_warn_less ynh_exec_as $app $ynh_go_load_path HOME=$final_path ./build.sh
popd
ynh_use_go
export GOPATH="$final_path/build/go"
export GOCACHE="$final_path/build/.cache"
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/dendrite-monolith-server > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/goose > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/create-account > /dev/null 2>&1
CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/generate-keys > /dev/null 2>&1
popd
ynh_secure_remove --file="$final_path/build"
ynh_remove_go
fi
chown -R $app:root "$final_path"
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..."
if ynh_permission_has_user --permission=main --user=visitors
then
registration="true"
else
registration="false"
fi
ynh_add_config --template="../conf/dendrite.yaml" --destination="$final_path/dendrite.yaml"
chmod 400 "$final_path/dendrite.yaml"
chown $app:$app "$final_path/dendrite.yaml"
#=================================================
# SETUP SYSTEMD
@ -128,20 +161,14 @@ ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R $app:root $final_path
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
@ -157,7 +184,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="systemd"
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log"
#=================================================
# RELOAD NGINX

4
scripts/ynh_install_go
View file

@ -36,9 +36,9 @@ export GOENV_ROOT="$goenv_install_dir"
# Finally, to start a Go service with the correct version, 2 solutions
# Either the app is dependent of Go or gem, but does not called it directly.
# In such situation, you need to load PATH
# `Environment="__YNH_GO_LOAD_ENV_PATH__"`
# `Environment="__YNH_GO_LOAD_PATH__"`
# `ExecStart=__FINALPATH__/my_app`
# You will replace __YNH_GO_LOAD_ENV_PATH__ with $ynh_go_load_path
# You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path
#
# Or Go start the app directly, then you don't need to load the PATH variable
# `ExecStart=__YNH_GO__ my_app run`

2
sources/extra_files/app/.gitignore vendored
View file

@ -1,2 +0,0 @@
*~
*.sw[op]

2
sources/patches/.gitignore vendored
View file

@ -1,2 +0,0 @@
*~
*.sw[op]