From 42941e7ba5ba0ef4325ebabedb033101d22e540f Mon Sep 17 00:00:00 2001
From: Florent <florent.git@zeteo.me>
Date: Sun, 12 Sep 2021 20:03:12 +0200
Subject: [PATCH] Attempt of a version including user config overrides

---
 conf/base.config.yaml          | 46 +++------------------------------
 conf/systemd.service           |  2 +-
 conf/user.config.yaml          | 47 ++++++++++++++++++++++++++++++++++
 scripts/_common.sh             | 12 +++++++++
 scripts/backup                 |  2 ++
 scripts/install                | 27 ++++++++++++++++---
 scripts/restore                |  5 ++++
 sources/extra_files/app/run.sh | 10 ++++++++
 sources/patches/.gitignore     |  2 --
 9 files changed, 104 insertions(+), 49 deletions(-)
 create mode 100644 conf/user.config.yaml
 create mode 100644 sources/extra_files/app/run.sh
 delete mode 100644 sources/patches/.gitignore

diff --git a/conf/base.config.yaml b/conf/base.config.yaml
index dfd921d..6d92260 100644
--- a/conf/base.config.yaml
+++ b/conf/base.config.yaml
@@ -1,3 +1,7 @@
+# /!\ WARNING: DO NOT EDIT THIS FILE /!\
+# this file will be overridden anytime an upgrade or a restoration is performed
+# Please, edit the __USER_CONFIG_PATH__ file instead
+
 bridge:
   # Port to host the bridge on
   # Used for communication between the homeserver and the bridge
@@ -51,48 +55,6 @@ presence:
   # How often to send status to the homeserver in milliseconds
   interval: 500
 
-provisioning:
-  # Regex of Matrix IDs allowed to use the puppet bridge
-  whitelist:
-    # Allow a specific user
-    #- "@user:server\\.com"
-
-    # Allow users on a specific homeserver
-    - "__ANY_ACCOUNT_OF_DOMAIN__"
-
-    # Allow anyone
-    #- ".*"
-
-  # Regex of Matrix IDs forbidden from using the puppet bridge
-  #blacklist:
-    # Disallow a specific user
-    #- "@user:server\\.com"
-
-    # Disallow users on a specific homeserver
-    #- "@.*:server\\.com"
-
-relay:
-  # Regex of Matrix IDs who are allowed to use the bridge in relay mode.
-  # Relay mode is when a single Discord bot account relays messages of
-  # multiple Matrix users
-  #
-  # Same format as in provisioning
-  whitelist:
-    - "__ANY_ACCOUNT_OF_DOMAIN__"
-
-  #blacklist:
-    #- "@user:yourserver\\.com"
-
-selfService:
-  # Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
-  #
-  # Same format as in provisioning
-  whitelist:
-    - "__ANY_ACCOUNT_OF_DOMAIN__"
-
-  #blacklist:
-    #- "@user:server\\.com"
-
 # Map of homeserver URLs to their C-S API endpoint
 #
 # Useful for double-puppeting if .well-known is unavailable for some reason
diff --git a/conf/systemd.service b/conf/systemd.service
index 8d72350..bb44a39 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -9,7 +9,7 @@ Environment="__YNH_NODE_LOAD_PATH__"
 User=__APP__
 Group=__APP__
 WorkingDirectory=__FINALPATH__/
-ExecStart=__YNH_NPM__ start -- -f __FINALPATH__/__APP__.yaml
+ExecStart=__FINALPATH__/run.sh
 StandardOutput=syslog
 StandardError=syslog
 
diff --git a/conf/user.config.yaml b/conf/user.config.yaml
new file mode 100644
index 0000000..0e103a0
--- /dev/null
+++ b/conf/user.config.yaml
@@ -0,0 +1,47 @@
+# You can edit this file.
+# This will override the configuration contained in the __FINALPATH__/base.config.yaml file.
+# Don't hesitate to take a look at __FINALPATH__/sample.config.yaml to see all the available options.
+# Then, in order to take into account the changes, run: systemctl restart __APP__
+
+provisioning:
+  # Regex of Matrix IDs allowed to use the puppet bridge
+  whitelist:
+    # Allow a specific user
+    #- "@user:server\\.com"
+
+    # Allow users on a specific homeserver
+    - "__ANY_ACCOUNT_OF_DOMAIN__"
+
+    # Allow anyone
+    #- ".*"
+
+  # Regex of Matrix IDs forbidden from using the puppet bridge
+  #blacklist:
+    # Disallow a specific user
+    #- "@user:server\\.com"
+
+    # Disallow users on a specific homeserver
+    #- "@.*:server\\.com"
+
+relay:
+  # Regex of Matrix IDs who are allowed to use the bridge in relay mode.
+  # Relay mode is when a single Discord bot account relays messages of
+  # multiple Matrix users
+  #
+  # Same format as in provisioning
+  whitelist:
+    - "__ANY_ACCOUNT_OF_DOMAIN__"
+
+  #blacklist:
+    #- "@user:yourserver\\.com"
+
+selfService:
+  # Regex of Matrix IDs who are allowed to use bridge self-servicing (plumbed rooms)
+  #
+  # Same format as in provisioning
+  whitelist:
+    - "__ANY_ACCOUNT_OF_DOMAIN__"
+
+  #blacklist:
+    #- "@user:server\\.com"
+
diff --git a/scripts/_common.sh b/scripts/_common.sh
index f5b9f9e..013fb73 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -31,3 +31,15 @@ setup_final_path_rights() {
     chmod -R o-rwx "$final_path"
     chown -R $app:$app "$final_path"
 }
+
+setup_run_script_rights() {
+    chmod 750 "$final_path/run.sh"
+    chown "$app:$app" "$final_path/run.sh"
+}
+
+create_etc() {
+  local etc_path=$1
+  mkdir -p -m 750 "$etc_path"
+  chown "$app:$app" "$etc_path"
+}
+
diff --git a/scripts/backup b/scripts/backup
index 34ae010..fe494ad 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -27,6 +27,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 log_path=$(ynh_app_setting_get --app=$app --key=log_path)
+etc_path=$(ynh_app_setting_get --app=$app --key=etc_path)
 
 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
@@ -55,6 +56,7 @@ ynh_backup --src_path="/etc/systemd/system/$app.service"
 #=================================================
 
 ynh_backup --src_path="$log_path"
+ynh_backup --src="$etc_path"
 
 #=================================================
 # BACKUP THE POSTGRESQL DATABASE
diff --git a/scripts/install b/scripts/install
index 1d41c10..2ac9f03 100755
--- a/scripts/install
+++ b/scripts/install
@@ -43,6 +43,8 @@ domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
 app_service_registration_path="/etc/matrix-$synapse_instance/app-service"
 log_path="/var/log/$app"
 config_path="$final_path/config.yaml"
+base_config_path="$final_path/base.config.yaml"
+user_config_path="/etc/$app/user.config.yaml"
 
 ynh_print_OFF
 db_password=$(ynh_string_random --length=30)
@@ -128,13 +130,27 @@ ynh_script_progression --message="Building Node dependencies..." --weight=30
 install_node_deps
 
 #=================================================
-# ADD A CONFIGURATION
+# SETUP PIP (FOR YQ)
 #=================================================
-ynh_script_progression --message="Adding a configuration file..." --weight=1
+
+pip_path=$final_path/.pip
+python3 -m venv $pip_path
+$pip_path/bin/pip3 install yq
+
+#=================================================
+# ADD CONFIGURATION FILES
+#=================================================
+ynh_script_progression --message="Adding configuration files..." --weight=1
+
+etc_path=$(dirname $user_config_path)
+ynh_app_setting_set --app=$app --key=etc_path --value=$etc_path
+create_etc "$etc_path"
 
 any_account_of_domain="@.*:${domain//\./\\\\\.}"
+
 # TODO Add a way to override the config.yaml file
-ynh_add_config --template="base.config.yaml" --destination="$config_path"
+ynh_add_config --template="base.config.yaml" --destination="$base_config_path"
+ynh_add_config --template="user.config.yaml" --destination="$user_config_path"
 
 chmod 400 "$config_path"
 chown $app:$app "$config_path"
@@ -152,6 +168,10 @@ ynh_store_file_checksum --file="$config_path"
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..." --weight=1
 
+# Create startup script
+ynh_add_config --template="../sources/extra_files/app/run.sh" --destination="$final_path/run.sh"
+setup_run_script_rights
+
 # Create a dedicated systemd config
 ynh_add_systemd_config
 
@@ -179,7 +199,6 @@ cp "$final_path/$app.yaml" $app_service_registration_path/$app.yaml
 /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \
     || ynh_die "Synapse can't restart with the appservice configuration"
 
-
 #=================================================
 # STORE THE CONFIG FILE CHECKSUM
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index 96a7520..9054141 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -94,6 +94,9 @@ log_path=$(ynh_app_setting_get --app=$app --key=log_path)
 ynh_restore_file --origin_path="$log_path"
 chown $app:$app "$log_path"
 
+etc_path=$(ynh_app_setting_get --app=$app --key=etc_path)
+ynh_restore_file --origin_path="$etc_path"
+
 #=================================================
 # REGISTER SYNAPSE APP-SERVICE
 #=================================================
@@ -108,6 +111,8 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig
 
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
 systemctl enable $app.service --quiet
+setup_run_script_rights
+
 
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
diff --git a/sources/extra_files/app/run.sh b/sources/extra_files/app/run.sh
new file mode 100644
index 0000000..e5a5ffb
--- /dev/null
+++ b/sources/extra_files/app/run.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+echo <<EOF > __CONFIG_PATH__
+# /!\ FILE GENERATED AUTOMATICALLY BEFORE EACH SERVICE RESTART
+# CONSIDER EDITING /etc/__APP__/user.config.yaml
+EOF
+
+__PIP_PATH__/bin/yq -y -s '.[0] * .[1]' __FINALPATH__/base.config.yaml /etc/__APP__/user.config.yaml > __CONFIG_PATH__
+
+__YNH_NPM__ start -- -c __CONFIG_PATH__ -f __APP__.yaml
diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore
deleted file mode 100644
index 783a4ae..0000000
--- a/sources/patches/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-*~
-*.sw[op]