diff --git a/README.md b/README.md index e6ba6d8..c059069 100644 --- a/README.md +++ b/README.md @@ -24,14 +24,19 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p - Scalable: can run on multiple machines and eventually scale to massive homeserver deployments. -**Shipped version:** 0.8.5~ynh1 +**Shipped version:** 0.9.5~ynh1 + ## Disclaimers / important information :warning: The upstream app is still in beta. Tread carefully. +## Features + +* Registration can be opened in the app config panel. + ## Limitations -* Upstream app still in beta. +* Dendrite does not implement secondary user registration schemes yet, so YunoHost users cannot be integrated at the moment. ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 70af96f..976311a 100644 --- a/README_fr.md +++ b/README_fr.md @@ -24,14 +24,19 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p - Scalable: can run on multiple machines and eventually scale to massive homeserver deployments. -**Version incluse :** 0.8.5~ynh1 +**Version incluse :** 0.9.5~ynh1 + ## Avertissements / informations importantes :warning: The upstream app is still in beta. Tread carefully. +## Features + +* Registration can be opened in the app config panel. + ## Limitations -* Upstream app still in beta. +* Dendrite does not implement secondary user registration schemes yet, so YunoHost users cannot be integrated at the moment. ## Documentations et ressources diff --git a/check_process b/check_process index 0292645..53be51c 100644 --- a/check_process +++ b/check_process @@ -1,6 +1,7 @@ ;; Test complet ; Manifest domain="domain.tld" + server_name="domain.tld" is_public=1 port="666" ; Checks @@ -13,7 +14,7 @@ upgrade=1 # upgrade=1 from_commit=CommitHash backup_restore=1 - multi_instance=1 + multi_instance=0 port_already_use=0 change_url=1 ;;; Options diff --git a/conf/app.src b/conf/app.src index 9827ab6..b5c448b 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://api.github.com/repos/matrix-org/dendrite/tarball/v0.8.5 -SOURCE_SUM=53ff43f77f4dfcab70d25684beadc486d65c8dd514e19426380e404e1aef2501 +SOURCE_URL=https://api.github.com/repos/matrix-org/dendrite/tarball/v0.9.5 +SOURCE_SUM=222c1dec7ea18f7f0d86651112933abb25738ef0c9493757569d5dc4301b0813 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/dendrite.yaml b/conf/dendrite.yaml index 06de6b0..df29574 100644 --- a/conf/dendrite.yaml +++ b/conf/dendrite.yaml @@ -152,7 +152,7 @@ client_api: # Prevents new users from being able to register on this homeserver, except when # using the registration shared secret below. - registration_disabled: __REGISTRATION__ + registration_disabled: __REGISTRATION_DISABLED__ # Prevents new guest accounts from being created. Guest registration is also # disabled implicitly by setting 'registration_disabled' above. diff --git a/conf/nginx.conf b/conf/nginx.conf index d192170..fb22fe4 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,18 +4,11 @@ location ~ ^/$ { return 200 "This is where Dendrite is installed."; } -location /.well-known/matrix/server { - return 200 '{ "m.server": "__DOMAIN__:443" }'; -} - -location /.well-known/matrix/client { - return 200 '{ "m.homeserver": { "base_url": "https://__DOMAIN__" } }'; -} - location /_matrix { proxy_pass http://localhost:__PORT__; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_read_timeout 600; client_max_body_size 100M; + more_set_headers "Access-Control-Allow-Origin: *"; } diff --git a/conf/server_name.conf b/conf/server_name.conf new file mode 100644 index 0000000..5f827c2 --- /dev/null +++ b/conf/server_name.conf @@ -0,0 +1,16 @@ +location /.well-known/matrix/server { + return 200 '{"m.server": "__DOMAIN__:__TLS_PORT__"}'; + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin '*'; +} + +location /.well-known/matrix/client { + return 200 '{ + "m.homeserver": { "base_url": "https://__DOMAIN__" }, +# "im.vector.riot.jitsi": {"preferredDomain": "##JITSI_SERVER__"}, +# "im.vector.riot.e2ee": {"default": ##E2E_ENABLED_BY_DEFAULT__ } + }'; + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin '*'; +} + diff --git a/conf/systemd.service b/conf/systemd.service index 40396ee..e961638 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -7,7 +7,7 @@ Type=simple User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/./bin/dendrite-monolith-server --tls-cert=/etc/yunohost/certs/__DOMAIN__/crt.pem --tls-key=/etc/yunohost/certs/__DOMAIN__/key.pem --config=dendrite.yaml --http-bind-address=:__PORT__ --https-bind-address=:__TLS_PORT__ +ExecStart=__FINALPATH__/bin/dendrite-monolith-server --tls-cert=/etc/yunohost/certs/__DOMAIN__/crt.pem --tls-key=/etc/yunohost/certs/__DOMAIN__/key.pem --config=dendrite.yaml --http-bind-address=:__PORT__ --https-bind-address=:__TLS_PORT__ __REALLY_ENABLE_OPEN_REGISTRATION__ StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..5f28876 --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,12 @@ +version = "1.0" + +[main] +name = "Dendrite configuration" + + [main.registration] + name = "User registration" + + [main.registration.registration] + ask = "Should registration be enabled?" + type = "boolean" + default = false diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 765a28c..0a6bfe8 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,5 +1,9 @@ :warning: The upstream app is still in beta. Tread carefully. +## Features + +* Registration can be opened in the app config panel. + ## Limitations -* Upstream app still in beta. +* Dendrite does not implement secondary user registration schemes yet, so YunoHost users cannot be integrated at the moment. diff --git a/manifest.json b/manifest.json index 503d77e..50dc6cc 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Matrix homeserver of second generation", "fr": "Serveur Matrix de seconde génération" }, - "version": "0.8.5~ynh1", + "version": "0.9.5~ynh1", "url": "https://matrix.org/", "upstream": { "license": "Apache-2.0", @@ -22,7 +22,7 @@ "requirements": { "yunohost": ">= 4.3.0" }, - "multi_instance": true, + "multi_instance": false, "services": [ "nginx" ], @@ -38,12 +38,32 @@ }, { "name": "domain", - "type": "domain" + "type": "domain", + "help": { + "en": "Select the domain onto which Dendrite will be exclusively installed, e.g. dendrite.domain.tld", + "fr": "Sélectionnez le domaine exclusivement dédié à Dendrite, par exemple dendrite.domain.tld" + } }, { - "name": "is_public", + "name": "server_name", + "type": "domain", + "ask": { + "en": "Select the display name for your Dendrite server", + "fr": "Sélectionnez le nom d'affichage pour votre serveur Dendrite" + }, + "help": { + "en": "If you choose domain.tld, your Matrix user-ids will be looking like @user:domain.tld instead of @user:dendrite.domain.tld", + "fr": "Si vous choisissez domain.tld, vos identifiants Matrix ressembleront à @utilisateur:domain.tld plutôt que @utilisateur:dendrite.domain.tld" + } + }, + { + "name": "registration", "type": "boolean", - "default": false + "default": false, + "ask": { + "en": "Should the server allow any visitor to register as a user?", + "fr": "Le serveur doit-il permettre à quiconque de s'enregistrer comme utilisateur?" + } } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index cd22c33..439b020 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,7 +7,7 @@ # dependencies used by the app pkg_dependencies="postgresql postgresql-contrib" -GO_VERSION="1.16" +GO_VERSION="1.18" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 7db41e5..da7f321 100644 --- a/scripts/backup +++ b/scripts/backup @@ -29,6 +29,7 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= @@ -62,6 +63,11 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" +if yunohost --output-as plain domain list | grep -q "^$server_name$" +then + ynh_backup --src_path="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" +fi + #================================================= # BACKUP VARIOUS FILES #================================================= diff --git a/scripts/change_url b/scripts/change_url index 2b97884..8e07094 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_install_go source /usr/share/yunohost/helpers #================================================= @@ -31,8 +32,20 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # Add settings here as needed by your application domain=$YNH_APP_NEW_DOMAIN +server_name=$(ynh_app_setting_get --app=$app --key=server_name) port=$(ynh_app_setting_get --app=$app --key=port) tls_port=$(ynh_app_setting_get --app=$app --key=tls_port) +registration=$(ynh_app_setting_get --app=$app --key=registration) + +# Load up registration variables +if [[ $registration -eq 1 ]] +then + registration_disabled="false" + really_enable_open_registration="--really-enable-open-registration" +else + registration_disabled="true" + really_enable_open_registration="" +fi #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP @@ -66,6 +79,7 @@ change_path=0 if [ "$old_path" != "$new_path" ] then change_path=1 + ynh_die --message "The new URL needs to be at the root of a domain." fi #================================================= @@ -124,7 +138,7 @@ ynh_add_systemd_config ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/Monolith.log" #================================================= # RELOAD NGINX diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..2ea3ea5 --- /dev/null +++ b/scripts/config @@ -0,0 +1,55 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +domain=$(ynh_app_setting_get --app=$app --key=domain) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) +tls_port=$(ynh_app_setting_get --app=$app --key=tls_port) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +#registration is not loaded since it's set up by the config panel + +#================================================= +# GENERIC FINALIZATION +#================================================= + +ynh_app_config_apply() { + _ynh_app_config_apply + + if [ "${changed[registration]}" == "true" ] + then + if [ $registration -eq 1 ] + then + registration_disabled="false" + really_enable_open_registration="--really-enable-open-registration" + else + registration_disabled="true" + really_enable_open_registration="" + fi + + ynh_add_config --template="../conf/dendrite.yaml" --destination="$final_path/dendrite.yaml" + ynh_add_systemd_config + ynh_systemd_action --service_name=$app --action="restart" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log" + ynh_app_setting_set --app=$app --key=registration --value=$registration + + fi +} + +ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index 2394a3d..289e6e5 100644 --- a/scripts/install +++ b/scripts/install @@ -26,10 +26,21 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC +server_name=$YNH_APP_ARG_SERVER_NAME +registration=$YNH_APP_ARG_REGISTRATION app=$YNH_APP_INSTANCE_NAME +# Allow or deny registration based on is_public +if [ $registration -eq 1 ] +then + registration_disabled="false" + really_enable_open_registration="--really-enable-open-registration" +else + registration_disabled="true" + really_enable_open_registration="" +fi + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= @@ -48,6 +59,8 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=server_name --value=$server_name +ynh_app_setting_set --app=$app --key=registration --value=$registration #================================================= # STANDARD MODIFICATIONS @@ -65,6 +78,15 @@ ynh_app_setting_set --app=$app --key=tls_port --value=$tls_port # Open TLS port ynh_exec_warn_less yunohost firewall allow TCP $tls_port +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +# It needs to be created before using the ynh_install_go helper +ynh_system_user_create --username=$app --use_shell --groups="ssl-cert" + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -78,8 +100,7 @@ ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" -adduser $app ssl-cert +ynh_system_user_create --username=$app --home_dir="$final_path" --groups="ssl-cert" #================================================= # CREATE A POSTGRESQL DATABASE @@ -114,6 +135,12 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config +# Create .well-known redirection for access by federation +if yunohost --output-as plain domain list | grep -q "^$server_name$" +then + ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" +fi + #================================================= # SPECIFIC SETUP #================================================= @@ -129,7 +156,6 @@ pushd "$final_path/build" export GOPATH="$final_path/build/go" export GOCACHE="$final_path/build/.cache" CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/dendrite-monolith-server > /dev/null 2>&1 - CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/goose > /dev/null 2>&1 CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/create-account > /dev/null 2>&1 CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/generate-keys > /dev/null 2>&1 popd @@ -154,13 +180,6 @@ chown -R $app:root "$final_path" #================================================= ynh_script_progression --message="Adding a configuration file..." -# Allow or deny registration based of is_public -registration=false -if [ $is_public -eq 1 ] -then - registration=true -fi - # Copy and modify the config file ynh_add_config --template="../conf/dendrite.yaml" --destination="$final_path/dendrite.yaml" @@ -177,6 +196,22 @@ ynh_add_systemd_config #================================================= # GENERIC FINALIZATION +#================================================= +# SETUP PERMISSIONS +#================================================= +ynh_script_progression --message="Configuring permissions..." --weight=1 + +ynh_permission_update --permission=main --show_tile=false + +ynh_permission_create --permission=server_api --url=$domain/_matrix \ + --label="Server access for client apps." --show_tile=false --allowed=visitors \ + --auth_header=false --protected=true +if yunohost --output-as plain domain list | grep -q "^$server_name$"; then + ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \ + --label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \ + --auth_header=false --protected=true +fi + #================================================= # SETUP LOGROTATE #================================================= @@ -204,7 +239,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/Monolith.log" #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index fddb741..6bf8a10 100644 --- a/scripts/restore +++ b/scripts/restore @@ -28,6 +28,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) @@ -45,27 +46,28 @@ test ! -d $final_path \ #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +ynh_system_user_create --username=$app --home_dir="$final_path" --groups="ssl-cert" + +#================================================= +# RESTORE ALL CONFIG AND DATA +#================================================= +ynh_script_progression --message="Restoring directory and configuration..." --weight=10 + +mkdir -p /var/log/$app +chown -R $app:root /var/log/$app + +ynh_restore #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 - -ynh_restore_file --origin_path="$final_path" +ynh_script_progression --message="Restoring the app main directory permissions..." --weight=1 chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -94,21 +96,10 @@ ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name #================================================= # RESTORE SYSTEMD #================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 +ynh_script_progression --message="Enabling the systemd service..." --weight=1 -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." - -mkdir -p /var/log/$app -chown -R $app:root /var/log/$app - -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= @@ -121,7 +112,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/Monolith.log" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 7eb6e9b..8019612 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,6 +18,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) @@ -25,6 +26,7 @@ tls_port=$(ynh_app_setting_get --app=$app --key=tls_port) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +registration=$(ynh_app_setting_get --app=$app --key=registration) #================================================= # CHECK VERSION @@ -55,7 +57,7 @@ ynh_abort_if_errors #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped Dendrite Matrix homeserver" --log_path="systemd" +ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped external Monolith listener" --log_path="systemd" #================================================= # ENSURE DOWNWARD COMPATIBILITY @@ -66,6 +68,23 @@ if ! groups $app | grep -q 'ssl-cert'; then adduser $app ssl-cert fi +# Define $server_name if not already defined +if [ -z $server_name ]; then + server_name=$domain + ynh_app_setting_set --app=$app --key=server_name --value=$domain +fi + +# Load up registration variables +if [[ $registration -eq 1 ]] +then + registration_disabled="false" + really_enable_open_registration="--really-enable-open-registration" +else + registration_disabled="true" + really_enable_open_registration="" + ynh_app_setting_set --app=$app --key=registration --value=0 +fi + #================================================= # CREATE DEDICATED USER #================================================= @@ -83,7 +102,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=3 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path/build" --keep="$final_path/dendrite.yaml" + ynh_setup_source --dest_dir="$final_path/build" --keep="dendrite.yaml" fi chmod 750 "$final_path" @@ -98,8 +117,14 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config +# Create .well-known redirection for access by federation +if yunohost --output-as plain domain list | grep -q "^$server_name$" +then + ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" +fi + #================================================= -# UPGRADE DEPENDENCIES +# CREATE DEDICATED USER #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=1 @@ -123,7 +148,6 @@ then export GOPATH="$final_path/build/go" export GOCACHE="$final_path/build/.cache" CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/dendrite-monolith-server > /dev/null 2>&1 - CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/goose > /dev/null 2>&1 CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/create-account > /dev/null 2>&1 CGO_ENABLED=1 go build -trimpath -v -o "$final_path/bin/" ./cmd/generate-keys > /dev/null 2>&1 popd @@ -139,13 +163,6 @@ chown -R $app:root "$final_path" #================================================= ynh_script_progression --message="Updating a configuration file..." -if ynh_permission_has_user --permission=main --user=visitors -then - registration="true" -else - registration="false" -fi - ynh_add_config --template="../conf/dendrite.yaml" --destination="$final_path/dendrite.yaml" chmod 400 "$final_path/dendrite.yaml" @@ -161,6 +178,33 @@ ynh_add_systemd_config #================================================= # GENERIC FINALIZATION +#================================================= +# SETUP PERMISSIONS +#================================================= +ynh_script_progression --message="Configuring permissions..." --weight=1 + +if ! ynh_permission_exists --permission=server_api; then + ynh_permission_create --permission=server_api --url=$domain/_matrix \ + --label="Server access for client apps." --show_tile=false --allowed=visitors \ + --auth_header=false --protected=true +else + ynh_permission_url --permission=server_api --url=$domain/_matrix --remove_url=$server_name/.well-known/matrix \ + --auth_header=false + ynh_permission_update --permission=server_api --label="Server access for client apps." --show_tile=false \ + --protected=true +fi + +if yunohost --output-as plain domain list | grep -q "^$server_name"'$' && ! ynh_permission_exists --permission=server_client_infos; then + ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \ + --label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \ + --auth_header=false --protected=true +elif yunohost --output-as plain domain list | grep -q "^$server_name"'$'; then + ynh_permission_url --permission=server_client_infos --url=$server_name/.well-known/matrix \ + --auth_header=false + ynh_permission_update --permission=server_client_infos --label="Server info for clients. (well-known)" --show_tile=false \ + --protected=true +fi + #================================================= # SETUP LOGROTATE #================================================= @@ -184,7 +228,7 @@ yunohost service add $app --description="Dendrite Matrix homeserver" --log="/var #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/Monolith.log" #================================================= # RELOAD NGINX diff --git a/scripts/ynh_install_go b/scripts/ynh_install_go index 4fbf4e9..e3ad06a 100644 --- a/scripts/ynh_install_go +++ b/scripts/ynh_install_go @@ -214,7 +214,7 @@ ynh_remove_go () { ynh_cleanup_go () { # List required Go versions - local installed_apps=$(yunohost app list | grep -oP 'id: \K.*$') + local installed_apps=$(yunohost app list --output-as json --quiet | jq -r .apps[].id) local required_go_versions="" for installed_app in $installed_apps do