YunoHost-Apps/mautrix_discord_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mautrix_discord_ynh.git synced 2024-09-03 19:36:35 +02:00
Code Issues Activity Actions

Scripts are working (still WIP, needs testing)

Browse source
This commit is contained in:
Florent 2024-01-14 22:09:01 +01:00 committed by Florent F
parent a3f98eb10a
commit 789967931e
13 changed files with 622 additions and 425 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

361
conf/config.yaml Normal file
View file

@ -0,0 +1,361 @@
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: https://__DOMAIN__
# Publicly accessible base URL for media, used for avatars in relay mode.
# If not set, the connection address above will be used.
public_address: null
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: __SERVER_NAME__
# What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: __ASYNC_MEDIA__
# Should the bridge use a websocket for connecting to the homeserver?
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
# mautrix-asmux (deprecated), and hungryserv (proprietary).
websocket: false
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://127.0.0.1:__PORT__
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: __PORT__
# Database config.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: postgres
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: __APPSERVICEID__
# Appservice bot details.
bot:
# Username of the appservice bot.
username: __BOTNAME__
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: Discord bridge bot
avatar: mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
ephemeral_events: true
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "This value is generated when generating the registration"
hs_token: "This value is generated when generating the registration"
# Bridge config
bridge:
# Localpart template of MXIDs for Discord users.
# {{.}} is replaced with the internal ID of the Discord user.
username_template: discord_{{.}}
# Displayname template for Discord users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
# Available variables:
# .ID - Internal user ID
# .Username - Legacy display/username on Discord
# .GlobalName - New displayname on Discord
# .Discriminator - The 4 numbers after the name on Discord
# .Bot - Whether the user is a bot
# .System - Whether the user is an official system user
# .Webhook - Whether the user is a webhook and is not an application
# .Application - Whether the user is an application
displayname_template: '{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}'
# Displayname template for Discord channels (bridged as rooms, or spaces when type=4).
# Available variables:
# .Name - Channel name, or user displayname (pre-formatted with displayname_template) in DMs.
# .ParentName - Parent channel name (used for categories).
# .GuildName - Guild name.
# .NSFW - Whether the channel is marked as NSFW.
# .Type - Channel type (see values at https://github.com/bwmarrin/discordgo/blob/v0.25.0/structs.go#L251-L267)
channel_name_template: '{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}'
# Displayname template for Discord guilds (bridged as spaces).
# Available variables:
# .Name - Guild name
guild_name_template: '{{.Name}}'
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
portal_message_buffer: 128
# Number of private channel portals to create on bridge startup.
# Other portals will be created when receiving messages.
startup_private_channel_create_limit: 5
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Discord?
delivery_receipts: false
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge use space-restricted join rules instead of invite-only for guild rooms?
# This can avoid unnecessary invite events in guild rooms when members are synced in.
restricted_rooms: true
# Should the bridge automatically join the user to threads on Discord when the thread is opened on Matrix?
# This only works with clients that support thread read receipts (MSC3771 added in Matrix v1.4).
autojoin_thread_on_open: true
# Should inline fields in Discord embeds be bridged as HTML tables to Matrix?
# Tables aren't supported in all clients, but are the only way to emulate the Discord inline field UI.
embed_fields_as_tables: true
# Should guild channels be muted when the portal is created? This only meant for single-user instances,
# it won't mute it for all users if there are multiple Matrix users in the same Discord guild.
mute_channels_on_create: false
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# Should incoming custom emoji reactions be bridged as mxc:// URIs?
# If set to false, custom emoji reactions will be bridged as the shortcode instead, and the image won't be available.
custom_emoji_reactions: true
# Should the bridge attempt to completely delete portal rooms when a channel is deleted on Discord?
# If true, the bridge will try to kick Matrix users from the room. Otherwise, the bridge only makes ghosts leave.
delete_portal_on_channel_delete: false
# Should the bridge delete all portal rooms when you leave a guild on Discord?
# This only applies if the guild has no other Matrix users on this bridge instance.
delete_guild_on_leave: true
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
# Prefix messages from webhooks with the profile info? This can be used along with a custom displayname_template
# to better handle webhooks that change their name all the time (like ones used by bridges).
prefix_webhook_messages: false
# Bridge webhook avatars?
enable_webhook_avatars: true
# Should the bridge upload media to the Discord CDN directly before sending the message when using a user token,
# like the official client does? The other option is sending the media in the message send request as a form part
# (which is always used by bots and webhooks).
use_discord_cdn_upload: true
# Should mxc uris copied from Discord be cached?
# This can be `never` to never cache, `unencrypted` to only cache unencrypted mxc uris, or `always` to cache everything.
# If you have a media repo that generates non-unique mxc uris, you should set this to never.
cache_media: unencrypted
# Patterns for converting Discord media to custom mxc:// URIs instead of reuploading.
# Each of the patterns can be set to null to disable custom URIs for that type of media.
# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
media_patterns:
# Should custom mxc:// URIs be used instead of reuploading media?
enabled: false
# Pattern for normal message attachments.
attachments: mxc://discord-media.mau.dev/attachments|{{.ChannelID}}|{{.AttachmentID}}|{{.FileName}}
# Pattern for custom emojis.
emojis: mxc://discord-media.mau.dev/emojis|{{.ID}}.{{.Ext}}
# Pattern for stickers. Note that animated lottie stickers will not be converted if this is enabled.
stickers: mxc://discord-media.mau.dev/stickers|{{.ID}}.{{.Ext}}
# Pattern for static user avatars.
avatars: mxc://discord-media.mau.dev/avatars|{{.UserID}}|{{.AvatarID}}.{{.Ext}}
# Settings for converting animated stickers.
animated_sticker:
# Format to which animated stickers should be converted.
# disable - No conversion, send as-is (lottie JSON)
# png - converts to non-animated png (fastest)
# gif - converts to animated gif
# webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support
# webp - converts to animated webp, requires ffmpeg executable with webp codec/container support
target: webp
# Arguments for converter. All converters take width and height.
args:
width: 320
height: 320
fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended)
# Servers to always allow double puppeting from
double_puppet_server_map: {}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map: {}
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!discord'
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Discord bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Settings for backfilling messages.
backfill:
# Limits for forward backfilling.
forward_limits:
# Initial backfill (when creating portal). 0 means backfill is disabled.
# A special unlimited value is not supported, you must set a limit. Initial backfill will
# fetch all messages first before backfilling anything, so high limits can take a lot of time.
initial:
dm: 0
channel: 0
thread: 0
# Missed message backfill (on startup).
# 0 means backfill is disabled, -1 means fetch all messages since last bridged message.
# When using unlimited backfill (-1), messages are backfilled as they are fetched.
# With limits, all messages up to the limit are fetched first and backfilled afterwards.
missed:
dm: 0
channel: 0
thread: 0
# Maximum members in a guild to enable backfilling. Set to -1 to disable limit.
# This can be used as a rough heuristic to disable backfilling in channels that are too active.
# Currently only applies to missed message backfill.
max_guild_members: -1
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: false
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: false
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: false
# Should users mentions be in the event wire content to enable the server to send push notifications?
plaintext_mentions: false
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: generate
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a Discord account.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
"__LISTRELAY__": "relay"
"__LISTUSER__": "user"
"__LISTADMIN__": "admin"
# Logging config. See https://github.com/tulir/zeroconfig for details.
logging:
min_level: info
writers:
- type: stdout
format: pretty-colored
- type: file
format: json
filename: /var/log/__APP__/__APP__.log
max_size: 100
max_backups: 10
compress: true

7
doc/POST_INSTALL.md
View file

@ -1,7 +0,0 @@
This is a dummy disclaimer to display after the install
The app url is `__DOMAIN____PATH__`
The app install dir is `__INSTALL_DIR__`
The app id is `__ID__`

1
doc/POST_UPGRADE.md
View file

@ -1 +0,0 @@
This is a dummy disclaimer to display after upgrades

1
doc/PRE_INSTALL.md
View file

@ -1 +0,0 @@
This is a dummy disclaimer to display prior to the install

1
doc/PRE_INSTALL_fr.md
View file

@ -1 +0,0 @@
Ceci est un faux disclaimer à présenter avant l'installation

1
doc/PRE_UPGRADE.md
View file

@ -1 +0,0 @@
This is a dummy disclaimer to display prior to any upgrade

165
manifest.toml
View file

@ -2,89 +2,81 @@
packaging_format = 2
id = "example"
name = "Example app"
description.en = "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)"
description.fr = "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)"
id = "mautrix_discord"
name = "Matrix-Discord bridge"
description.en = "Matrix / Synapse puppeting bridge for Discord"
description.fr = "Passerelle Matrix / Synapse pour Discord"
version = "1.0~ynh1"
version = "0.6.4~ynh1"
maintainers = ["johndoe"]
maintainers = ["fflorent"]
[upstream]
# NB: Only the "license" key is mandatory. Remove entries for which there's no relevant data
license = "free"
website = "https://example.com"
demo = "https://demo.example.com"
admindoc = "https://yunohost.org/packaging_apps"
userdoc = "https://yunohost.org/apps"
code = "https://some.forge.com/example/example"
# FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is
# sort of a standard id for applications defined by the NIST. In particular, YunoHost may use this is in the future
# to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here:
# https://nvd.nist.gov/products/cpe/search.
# For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)
cpe = "???"
license = "AGPL-3.0-or-later"
admindoc = "https://docs.mau.fi/bridges/go/discord/index.html"
code = "https://github.com/mautrix/discord"
# FIXME: optional but recommended (or remove if irrelevant / not applicable).
# This is meant to be an URL where people can financially support this app, especially when its development is based
# on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin.
fund = "???"
fund = "https://github.com/sponsors/tulir"
[integration]
yunohost = ">= 11.1.21"
# FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
architectures = "all"
architectures = ["amd64", "arm64", "armhf"]
multi_instance = true
# FIXME: replace with true, false, or "not_relevant".
# Not to confuse with the "sso" key: the "ldap" key corresponds to wether or not a user *can* login on the app using
# its YunoHost credentials.
ldap = "?"
# FIXME: replace with true, false, or "not_relevant".
# Not to confuse with the "ldap" key: the "sso" key corresponds to wether or not a user is *automatically logged-in*
# on the app when logged-in on the YunoHost portal.
sso = "?"
# FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G...
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
ldap = false
sso = false
disk = "100M"
ram.build = "256M"
ram.runtime = "1024M"
[install]
[install.domain]
# this is a generic question - ask strings are automatically handled by YunoHost's core
type = "domain"
[install.synapse_instance]
ask.en = "Choose the local Synapse instance to communicate with mautrix_discord."
ask.fr = "Choisissez l'instance Synapse qui doit communiquer avec mautrix_discord."
type = "app"
pattern.regexp = "synapse(__)*[0-9]*"
pattern.error = "Invalid app selected. Please select a Synapse instance."
help.en = "Usually the Synapse instances contain a number after it is installed more than one time. E.g. synapse__1 will be the second instance."
help.fr = "En général, les instances de Synapse contiennent un numéro après avoir été installées plus d'une fois. Par exemple, synapse__1 sera la deuxième instance."
default = "synapse"
[install.path]
# this is a generic question - ask strings are automatically handled by YunoHost's core
type = "path"
default = "/example"
[install.botname]
ask.en = "Choose a local Synapse user name for the Discord bot"
ask.fr = "Choisissez un nom d'utilisateur Synapse local pour le robot Discord"
type = "string"
example = "discordbot"
help.en = "A system user will be created. Invite @discordbot:localsynapse.servername from an authorized Matrix account to start bridging.Give the Matrix server_name, not the full domain/URL."
help.fr = "Un utilisateur système sera créé. Inviter @discordbot:localsynapse.servername depuis un compte Matrix autorisé pour démarrer une passerelle.Donner le nom du serveur Matrix, pas le domaine/URL complet."
default = "discordbot"
[install.init_main_permission]
# this is a generic question - ask strings are automatically handled by YunoHost's core
# This won't be saved as setting and will instead be used to initialize the SSOwat permission
type = "group"
default = "visitors"
[install.botadmin]
ask.en = "Choose the Matrix account administrator of the Discord bot"
ask.fr = "Choisissez le compte Matrix administrateur du robot Discord"
type = "string"
example = "@johndoe:localsynapse.servername or @johndoe:matrix.org"
help.en = "The administrator does not need to be a local Synapse account. Valid formats are @johndoe:localsynapse.servername or @johndoe:matrix.org"
help.fr = "L'administrateur peut ne pas être un compte local Synapse. Les formats valables sont @johndoe:localsynapse.servername or @johndoe:matrix.org"
[install.language]
ask.en = "Choose the application language"
ask.fr = "Choisissez la langue de l'application"
type = "select"
choices = ["fr", "en"]
default = "fr"
[install.botusers]
ask.en = "Choose Matrix user(s) authorized to bridge with the Discord bot."
ask.fr = "Choisissez le/les compte(s) Matrix autorisés à utiliser la passerelle Discord."
type = "string"
example = "@johndoe:server.name or server.name or *"
# FIXME this help make the installation crash when installing through the CLI.
# help.en = """A remote or local user (@johndoe:server.name),the local server (server.name), a remote server (matrix.org), or all remote/local servers (*) can be authorized.
# Give the Matrix server_name, not the full domain/URL.
# It is also possible to specify multiple values by separating them with comma. Example: @johndoe:server.name,domain.tld,matrix.org"""
# help.fr = """Un compte local ou distant (@johndoe:server.name), le serveur local (server.name), un serveur distant (matrix.org), ou tous les serveurs remote/local (*).
# Donner le nom du serveur Matrix, pas le domaine/URL complet.
# Il est également possible de spécifier plusieurs valeurs en les séparant par une virgule. Exemple : @johndoe:server.name,domain.tld,matrix.org"""
[install.admin]
# this is a generic question - ask strings are automatically handled by YunoHost's core
type = "user"
[install.password]
# this is a generic question - ask strings are automatically handled by YunoHost's core
# Note that user-provided passwords questions are not automatically saved as setting
help.en = "Use the help field to add an information for the admin about this question."
help.fr = "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
type = "password"
[install.bot_synapse_adm]
ask.en = "Give the Discord bot administrator rights to the Synapse instance?"
ask.fr = "Donner au robot Discord des droits administrateur à l'instance Synapse ?"
type = "boolean"
help.en = "If true, the bot can group Discord chats in a Matrix space.Not required if you set up Synapse so that non-admins are authorized to create communities."
help.fr = "Si true, le robot groupera les conversations Discord dans une communauté Matrix.Pas nécessaire si vous avez réglé Synapse pour qu'il autorise les non-admin à créer des communautés."
default = true
[resources]
# See the packaging documentation for the full set
@ -93,43 +85,36 @@ ram.runtime = "50M"
[resources.sources]
[resources.sources.main]
# This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with :
# ynh_setup_source --dest_dir="$install_dir"
# You can also define other assets than "main" and add --source_id="foobar" in the previous command
url = "https://github.com/foo/bar/archive/refs/tags/v1.2.3.tar.gz"
sha256 = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
in_subdir = false
extract = false
rename = "mautrix-discord"
# These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py
# to auto-update the previous asset urls and sha256sum + manifest version
# assuming the upstream's code repo is on github and relies on tags or releases
# See the 'sources' resource documentation for more details
amd64.url = "https://github.com/mautrix/discord/releases/download/v0.6.4/mautrix-discord-amd64"
amd64.sha256 = "1510838d4128d401fceb3d92ba7571b980f06d5030bde3fdba73dd1b335a5868"
arm64.url = "https://github.com/mautrix/discord/releases/download/v0.6.4/mautrix-discord-arm64"
arm64.sha256 = "a9c33bed28763f182382110748f72bd866e90ab1bf62c90abcabe0d634f901aa"
armhf.url = "https://github.com/mautrix/discord/releases/download/v0.6.4/mautrix-discord-arm"
armhf.sha256 = "31ddf6c5ed5fc5b2ca4224e7bd1bfdc856a6da85d7422538a1e8f6f06523e7f7"
# autoupdate.strategy = "latest_github_tag"
[resources.system_user]
# This will provision/deprovision a unix system user
home = "/opt/yunohost/__APP__"
[resources.install_dir]
# This will create/remove the install dir as /var/www/$app
# and store the corresponding setting $install_dir
[resources.data_dir]
# This will create/remove the data dir as /home/yunohost.app/$app
# and store the corresponding setting $data_dir
dir = "/opt/yunohost/__APP__"
[resources.permissions]
# This will configure SSOwat permission for $domain/$path/
# The initial allowed group of user is configured via the init_main_permission question (public=visitors, private=all_users)
main.url = "/"
main.allowed = "all_users"
main.auth_header = false
[resources.ports]
# This will pick a random port for reverse-proxying and store it as the $port setting
main.default = 29334
[resources.apt]
# This will automatically install/uninstall the following apt packages
# and implicitly define the $phpversion setting as 8.0 (if phpX.Y-foobar dependencies are listed)
packages = "deb1, deb2, php8.0-foo, php8.0-bar"
packages = "postgresql"
[resources.database]
# This will automatically provision/deprovison a MySQL DB and store the corresponding credentials in settings $db_user, $db_name, $db_pwd
type = "mysql"
type = "postgresql"

62
scripts/_common.sh
View file

@ -1,17 +1,55 @@
#!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
APP_BIN=mautrix-discord
#=================================================
# PERSONAL HELPERS
#=================================================
apply_permissions() {
set -o noglob # Disable globbing to avoid expansions when passing * as value.
declare values="list$role"
newValues="${!values}" # Here we expand the dynamic variable we created in the previous line. ! Does the trick
newValues="${newValues//\"}"
usersArray=(${newValues//,/ }) # Split the values using comma (,) as separator.
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
if [ -n "$newValues" ]
then
#ynh_systemd_action --service_name="$app" --action=stop
# Get all entries between "permissions:" and "relay:" keys, remove the role part, remove commented parts, format it with newlines and clean whitespaces and double quotes.
allDefinedEntries=$(awk '/permissions:/{flag=1; next} /relay:/{flag=0} flag' "$install_dir/config.yaml" | sed "/: $role/d" | sed -r 's/: (admin|user|relay)//' | tr -d '[:blank:]' | sed '/^#/d' | tr -d '\"' | tr ',' '\n' )
# Delete everything from the corresponding role to insert the new defined values. This way we also handle deletion of users.
sed -i "/permissions:/,/relay:/{/: $role/d;}" "$install_dir/config.yaml"
# Ensure that entries with value surrounded with quotes are deleted too. E.g. "users".
sed -i "/permissions:/,/relay:/{/: \"$role\"/d;}" "$install_dir/config.yaml"
for user in "${usersArray[@]}"
do
if grep -q -x "${user}" <<< "$allDefinedEntries"
then
ynh_print_info "User $user already defined in another role."
else
sed -i "/permissions:/a \ \\\"$user\": $role" "$install_dir/config.yaml" # Whitespaces are needed so that the file can be correctly parsed
fi
done
fi
set +o noglob
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================
ynh_print_info "Users with role $role added in $install_dir/config.yaml"
}
set__listuser() {
role="user"
ynh_app_setting_set --app=$app --key=listuser --value="$listuser"
apply_permissions
ynh_store_file_checksum --file="$install_dir/config.yaml"
}
set__listrelay() {
role="relay"
ynh_app_setting_set --app=$app --key=listrelay --value="$listrelay"
apply_permissions
ynh_store_file_checksum --file="$install_dir/config.yaml"
}
set__listadmin() {
role="admin"
ynh_app_setting_set --app=$app --key=listadmin --value="$listadmin"
apply_permissions
ynh_store_file_checksum --file="$install_dir/config.yaml"
}

48
scripts/backup
View file

@ -15,43 +15,12 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
### to be backuped and not an actual copy of any file. The actual backup that
### creates and fills the archive with the files happens in the core after this
### script is called. Hence ynh_backups calls take basically 0 seconds to run.
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIR
#=================================================
# Only relevant if there is a "data_dir" resource for this app
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
@ -67,22 +36,11 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup --src_path="/etc/$app/"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
### (However, things like MySQL dumps *do* take some time to run, though the
### copy of the generated dump to the archive still happens later)
ynh_mysql_dump_db --database="$db_name" > db.sql
ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT

193
scripts/install
View file

@ -9,26 +9,39 @@
source _common.sh
source /usr/share/yunohost/helpers
# Install parameters are automatically saved as settings
#
# Settings are automatically loaded as bash variables
# in every app script context, therefore typically these will exist:
# - $domain
# - $path
# - $language
# ... etc
#
# Resources defined in the manifest are provisioned prior to this script
# and corresponding settings are also available, such as:
# - $install_dir
# - $port
# - $db_name
# ...
# Retrieve some values from selected Synapse instance and store them
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=domain --value=$domain
synapse_db_name="matrix_$synapse_instance"
#
# $app is the app id (i.e. 'example' for first install,
# or 'example__2', '__3', ... for multi-instance installs)
#
synapse_version=$(yunohost app info $synapse_instance | grep -oP "version:\s*\K.*")
#=================================================
# SET STANDARD SETTINGS FROM DEFAULT CONFIG
#=================================================
# Die if Synapse is too outdated (1.22.0 is required for ephemeral_events)
if dpkg --compare-versions $synapse_version lt 1.22.0; then
ynh_die --message="Unsupported Synapse version. Please upgrade."
fi
appserviceid=$app
if dpkg --compare-versions $synapse_version ge 1.97.0; then
async_media="true"
else
async_media="false"
fi
listrelay="*"
listadmin="$botadmin"
listuser="$botusers"
ynh_app_setting_set --app=$app --key=async_media --value=$async_media
ynh_app_setting_set --app=$app --key=listrelay --value=$listrelay
ynh_app_setting_set --app=$app --key=listadmin --value=$listadmin
ynh_app_setting_set --app=$app --key=listuser --value=$listuser
#=================================================
# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
@ -37,16 +50,11 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
### downloaded from an upstream source, like a git repository.
### `ynh_setup_source` use the file manifest.toml
ynh_app_setting_set --app=$app --key=listuser --value=$listuser
# Download, check integrity, uncompress and patch the source from manifest.toml
ynh_setup_source --dest_dir="$install_dir"
# $install_dir will automatically be initialized with some decent
# permission by default ... however, you may need to recursively reapply
# ownership to all files such as after the ynh_setup_source step
chmod 750 "$install_dir/$APP_BIN"
chown -R $app:www-data "$install_dir"
#=================================================
@ -54,78 +62,12 @@ chown -R $app:www-data "$install_dir"
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
### `ynh_add_fpm_config` is used to set up a PHP config.
### You can remove it if your app doesn't use PHP.
### `ynh_add_fpm_config` will use the files conf/php-fpm.conf
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
### with the reload at the end of the script.
### - And the section "PHP-FPM CONFIGURATION" in the upgrade script
# Create a dedicated PHP-FPM config using the conf/php-fpm.conf or conf/extra_php-fpm.conf
ynh_add_fpm_config
# Create a dedicated NGINX config using the conf/nginx.conf template
ynh_add_nginx_config
### `ynh_systemd_config` is used to configure a systemd script for an app.
### It can be used for apps that use sysvinit (with adaptation) or systemd.
### Have a look at the app to be sure this app needs a systemd script.
### `ynh_systemd_config` will use the file conf/systemd.service
### If you're not using these lines:
### - You can remove those files in conf/.
### - Remove the section "BACKUP SYSTEMD" in the backup script
### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
### - As well as the section "RESTORE SYSTEMD" in the restore script
### - And the section "SETUP SYSTEMD" in the upgrade script
# Create a dedicated systemd config
ynh_add_systemd_config
### `yunohost service add` integrates a service in YunoHost. It then gets
### displayed in the admin interface and through the others `yunohost service` commands.
### (N.B.: this line only makes sense if the app adds a service to the system!)
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
yunohost service add $app --description="Matrix Discord pupetting bridge for YunoHost" --log="/var/log/$app/$app.log"
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
### Additional options starting with 3.8:
###
### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
### which will then be checked by YunoHost's diagnosis system
### (N.B. DO NOT USE THIS if the port is only internal!!!)
###
### --test_status "some command" a custom command to check the status of the service
### (only relevant if 'systemctl status' doesn't do a good job)
###
### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service
###
### Re-calling 'yunohost service add' during the upgrade script is the right way
### to proceed if you later realize that you need to enable some flags that
### weren't enabled on old installs (be careful it'll override the existing
### service though so you should re-provide all relevant flags when doing so)
### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
### Use this helper only if there is effectively a log file for this app.
### If you're not using this helper:
### - Remove the section "BACKUP LOGROTATE" in the backup script
### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
### - And the section "SETUP LOGROTATE" in the upgrade script
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#=================================================
# APP INITIAL CONFIGURATION
#=================================================
@ -133,45 +75,24 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
### You can add specific configuration files.
###
### Typically, put your template conf file in ../conf/your_config_file
### The template may contain strings such as __FOO__ or __FOO_BAR__,
### which will automatically be replaced by the values of $foo and $foo_bar
###
### ynh_add_config will also keep track of the config file's checksum,
### which later during upgrade may allow to automatically backup the config file
### if it's found that the file was manually modified
###
### Check the documentation of `ynh_add_config` for more info.
ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file"
ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$install_dir/some_config_file"
chown $app:$app "$install_dir/some_config_file"
chmod 400 "$install_dir/config.yaml"
chown $app:$app "$install_dir/config.yaml"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file"
### ynh_store_file_checksum --file="$install_dir/some_config_file"
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
# This calls allows to set multiple users during install question "botusers" specifying them separated by a comma
set__listuser
set__listrelay
set__listadmin
### Use these lines only if the app installation needs to be finalized through
### web forms. We generally don't want to ask the final user,
### so we're going to use curl to automatically fill the fields and submit the
### forms.
$install_dir/$APP_BIN -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
# Installation with curl
ynh_script_progression --message="Finalizing installation..." --weight=1
ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
chown -R $app:$app "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
#=================================================
# GENERIC FINALIZATION
@ -180,17 +101,19 @@ ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
### `ynh_systemd_action` is used to start a systemd service for an app.
### Only needed if you have configure a systemd service
### If you're not using these lines:
### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
### - As well as the section "START SYSTEMD SERVICE" in the restore script
### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
# Wait until the synapse user is created
sleep 30
# (Note that, by default, non-admins might not have your homeserver's permission to create Spaces.)
if [ "$bot_synapse_adm" = true ]
then
ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
fi
ynh_systemd_action --service_name=$app --action="restart"
#=================================================
# END OF SCRIPT
#=================================================

30
scripts/remove
View file

@ -9,28 +9,13 @@
source _common.sh
source /usr/share/yunohost/helpers
# Settings are automatically loaded as bash variables
# in every app script context, therefore typically these will exist:
# - $domain
# - $path
# - $language
# - $install_dir
# - $port
# ...
# For remove operations :
# - the core will deprovision every resource defined in the manifest **after** this script is ran
# this includes removing the install directory, and data directory (if --purge was used)
#=================================================
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
# REMOVE SYSTEMD SERVICE
# REMOVE SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# This should be a symetric version of what happens in the install script
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
@ -40,19 +25,10 @@ fi
ynh_remove_systemd_config
ynh_remove_nginx_config
ynh_remove_fpm_config
ynh_remove_logrotate
ynh_remove_fail2ban_config
# Remove other various files specific to the app... such as :
ynh_secure_remove --file="/etc/cron.d/$app"
ynh_secure_remove --file="/etc/$app"
ynh_secure_remove --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
ynh_secure_remove --file="/var/log/$app"

64
scripts/restore
View file

@ -10,6 +10,13 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
synapse_db_name="matrix_$synapse_instance"
bot_synapse_db_user="@$botname:$server_name"
async_media=$(ynh_app_setting_get --app=$app --key=async_media)
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
@ -17,69 +24,56 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$install_dir"
# $install_dir will automatically be initialized with some decent
# permissions by default ... however, you may need to recursively reapply
# ownership to all files such as after the ynh_setup_source step
chown -R $app:www-data "$install_dir"
chmod 750 "$install_dir/$APP_BIN"
#=================================================
# RESTORE THE DATA DIRECTORY
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=8
ynh_restore_file --origin_path="$data_dir" --not_mandatory
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
# (Same as for install dir)
chown -R $app:www-data "$data_dir"
#=================================================
# RESTORE THE MYSQL DATABASE
# REGISTER SYNAPSE APP-SERVICE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=1
ynh_script_progression --message="Registering Synapse app-service" --weight=1
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
$install_dir/$APP_BIN -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die "Synapse can't restart with the appservice configuration"
chmod 400 "$install_dir/config.yaml"
chown $app:$app "$install_dir/config.yaml"
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
# This should be a symetric version of what happens in the install script
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=3
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
yunohost service add $app --description="Matrix Discord pupetting bridge for YunoHost" --log="/var/log/$app/$app.log"
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
# Other various files...
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore_file --origin_path="/etc/$app/"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_script_progression --message="Reloading $app's service..." --weight=1
# Typically you only have either $app or php-fpm but not both at the same time...
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
# Wait until the synapse user is created
sleep 30
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ]
then
ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
fi
ynh_systemd_action --service_name=$app --action="restart"
#=================================================
# END OF SCRIPT

113
scripts/upgrade
View file

@ -9,52 +9,20 @@
source _common.sh
source /usr/share/yunohost/helpers
# Settings are automatically loaded as bash variables
# in every app script context, therefore typically these will exist:
# - $domain
# - $path
# - $language
# - $install_dir
# - $port
# ...
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
# In the context of upgrade,
# - resources are automatically provisioned / updated / deleted (depending on existing resources)
# - a safety backup is automatically created by the core and will be restored if the upgrade fails
synapse_db_name="matrix_$synapse_instance"
bot_synapse_db_user="@$botname:$server_name"
appserviceid=$app
async_media=$(ynh_app_setting_get --app=$app --key=async_media)
listrelay=$(ynh_app_setting_get --app=$app --key=listrelay)
listuser=$(ynh_app_setting_get --app=$app --key=listuser)
listadmin=$(ynh_app_setting_get --app=$app --key=listadmin)
### This helper will compare the version of the currently installed app and the version of the upstream package.
### $upgrade_type can have 2 different values
### - UPGRADE_APP if the upstream app version has changed
### - UPGRADE_PACKAGE if only the YunoHost package has changed
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
#ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
#
# N.B. : the following setting migration snippets are provided as *EXAMPLES*
# of what you may want to do in some cases (e.g. a setting was not defined on
# some legacy installs and you therefore want to initiaze stuff during upgrade)
#
# If db_name doesn't exist, create it
#if [ -z "$db_name" ]; then
# db_name=$(ynh_sanitize_dbid --db_name=$app)
# ynh_app_setting_set --app=$app --key=db_name --value=$db_name
#fi
# If install_dir doesn't exist, create it
#if [ -z "$install_dir" ]; then
# install_dir=/var/www/$app
# ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
#fi
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
@ -76,9 +44,7 @@ then
ynh_setup_source --dest_dir="$install_dir"
fi
# $install_dir will automatically be initialized with some decent
# permissions by default ... however, you may need to recursively reapply
# ownership to all files such as after the ynh_setup_source step
chmod 750 "$install_dir/$APP_BIN"
chown -R $app:www-data "$install_dir"
#=================================================
@ -86,20 +52,12 @@ chown -R $app:www-data "$install_dir"
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
# This should be a literal copypaste of what happened in the install's "System configuration" section
ynh_add_fpm_config
ynh_add_nginx_config
ynh_add_systemd_config
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
yunohost service add $app --description="Matrix Discord pupetting bridge for YunoHost" --log="/var/log/$app/$app.log"
ynh_use_logrotate --non-append
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#=================================================
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
@ -107,25 +65,40 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=1
### Same as during install
###
### The file will automatically be backed-up if it's found to be manually modified (because
### ynh_add_config keeps track of the file's checksum)
# reset permissions to be able to apply_permissions with app_setting values after upgrade
listrelay_=$listrelay
listuser_=$listuser
listadmin_=$listadmin
listrelay="*"
listuser="@user:domain.tld"
listadmin="@admin:domain.tld"
ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file"
ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$install_dir/some_config_file"
chown $app:$app "$install_dir/some_config_file"
chmod 400 "$install_dir/config.yaml"
chown $app:$app "$install_dir/config.yaml"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file"
### ynh_store_file_checksum --file="$install_dir/some_config_file"
listrelay=$listrelay_
listuser=$listuser_
listadmin=$listadmin_
# apply_permissions to have correct syntax in config file
set__listuser
set__listrelay
set__listadmin
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1
$install_dir/$APP_BIN -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die "Synapse can't restart with the appservice configuration"
# Set permissions on app files
chown -R $app:$app "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
#=================================================
# START SYSTEMD SERVICE