upgrade to 0.2.0 and solve permissions issue

* Update checksum and upstream URL (#11)

Upstream URL changed, this is mentioned in this week's edition of TWIM:
https://matrix.org/blog/2021/08/06/this-week-in-matrix-2021-08-06#mautrix-

* Fix upgrade script (#14)

The destination directory for upgrade source was wrong, so upgrading would reinstall the previous version.

* add default-jre-headless

* upgrade pip

* Update config.yaml

* Add mautrix_signal to the signald group, set permissions

Unfortunately signald creates folders with the wrong permissions, so
there is still an issue with sticker subfolders.

Co-authored-by: Mayeul Cantan <mayeul.cantan@gmail.com>

conf/app.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/tulir/mautrix-signal/archive/v0.1.1.tar.gz
-SOURCE_SUM=92b85eab45d9d2d165298b114a5ee47bb89f93a2c6bfa7a30a3d6a1bac4870b3
+SOURCE_URL=https://github.com/mautrix/signal/archive/v0.2.0.tar.gz
+SOURCE_SUM=54d1bc214051769d5ecb165affba99037be5aa39dcdda863efb34b70ab6ea1ed
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true

conf/config.yaml

@@ -8,6 +8,12 @@ homeserver:
     # Only applies if address starts with https://
     verify_ssl: __VERIFY_SERVER_SSL_CERTIFICATES__
     asmux: __MATRIX_SERVER_SUPPORTS_ASMUX__
+    # Number of retries for all HTTP requests if the homeserver isn't reachable.
+    http_retry_count: 4
+    # The URL to push real-time bridge status to.
+    # If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
+    # The bridge will use the appservice as_token to authorize requests.
+    status_endpoint: null
 
 # Application service host/registration related details
 # Changing these values requires regeneration of the registration.
@@ -159,6 +165,8 @@ bridge:
     # This field will automatically be changed back to false after it,
     # except if the config file is not writable.
     resend_bridge_info: false
+    # Interval at which to resync contacts.
+    periodic_sync: 0
 
     # Provisioning API part of the web server for automated portal creation and fetching information.
     # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
@@ -176,6 +184,7 @@ bridge:
 
     # Permissions for using the bridge.
     # Permitted values:
+    #      relay - Allowed to be relayed through the bridge, no access to commands.
     #       user - Use the bridge with puppeting.
     #      admin - Use and administrate the bridge.
     # Permitted keys:
@@ -183,9 +192,30 @@ bridge:
     #   domain - All users on that homeserver
     #     mxid - Specific user
     permissions:
+        "*": "relay"
         "__BOTUSERS__": "user"
         "__BOTADMIN__": "admin"
 
+    relay:
+        # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
+        # authenticated user into a relaybot for that chat.
+        enabled: false
+        # The formats to use when sending messages to Signal via a relay user.
+        #
+        # Available variables:
+        #   $sender_displayname - The display name of the sender (e.g. Example User)
+        #   $sender_username    - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
+        #   $sender_mxid        - The Matrix ID of the sender (e.g. @exampleuser:example.com)
+        #   $message            - The message content
+        message_formats:
+            m.text: '$sender_displayname: $message'
+            m.notice: '$sender_displayname: $message'
+            m.emote: '* $sender_displayname $message'
+            m.file: '$sender_displayname sent a file'
+            m.image: '$sender_displayname  sent an image'
+            m.audio: '$sender_displayname  sent an audio file'
+            m.video: '$sender_displayname  sent a video'
+            m.location: '$sender_displayname  sent a location'
 
 # Python logging configuration.
 #
@@ -211,9 +241,9 @@ logging:
             formatter: colored
     loggers:
         mau:
-            level: DEBUG
+            level: __LOG_LEVEL__
         aiohttp:
             level: INFO
     root:
-        level: DEBUG
+        level: __LOG_LEVEL__
         handlers: [file, console]

conf/signald.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=A daemon for interacting with the Signal Private Messenger
+Wants=network.target
+After=network.target
+
+[Service]
+Type=simple
+RuntimeDirectory=signald
+RuntimeDirectoryMode=0770
+User=__SIGNALD_USER__
+Group=__SIGNALD_USER__
+#ExecStart=/usr/bin/signald -d /var/lib/signald
+ExecStart=__SIGNALD_PATH__/build/install/signald/bin/signald -d /var/lib/signald
+EnvironmentFile=-/etc/default/signald
+Restart=on-failure
+UMask=0007
+# JVM always exits with 143 in reaction to SIGTERM signal
+SuccessExitStatus=143
+
+[Install]
+WantedBy=default.target

conf/signald.src

@@ -0,0 +1,7 @@
+SOURCE_URL=https://gitlab.com/signald/signald/-/archive/0.14.1/signald-0.14.1.tar.gz
+SOURCE_SUM=50343a3e4ac56da35f393d54e2a222fead5ae8448ff5a62e449805ee6b0348f8
+SOURCE_SUM_PRG=sha256sum
+SOURCE_FORMAT=tar.gz
+SOURCE_IN_SUBDIR=true
+SOURCE_FILENAME=signald.tar.gz
+SOURCE_EXTRACT=true

manifest.json

@@ -6,8 +6,8 @@
 		"en": "A Signal puppeting bridge for Matrix/Synapse.",
 		"fr": "Passerelle Signal pour Matrix/Synapse."
 	},
-	"version": "0.1.1~ynh1",
-	"url": "https://github.com/tulir/mautrix-signal",
+	"version": "0.2.0~ynh1",
+	"url": "https://github.com/mautrix/mautrix-signal",
 	"license": "AGPL-3.0-or-later",
 	"maintainer": {
 		"name": "Gredin67",

scripts/_common.sh

@@ -6,7 +6,7 @@
 
 # dependencies used by the app
 pkg_dependencies="postgresql python3"
-
+extra_dependencies="libunixsocket-java signald signaldctl"
 #=================================================
 # PERSONAL HELPERS
 #=================================================

scripts/install

@@ -27,6 +27,8 @@ ynh_abort_if_errors
 synapsenumber=$YNH_APP_ARG_SYNAPSENUMBER
 app=$YNH_APP_INSTANCE_NAME
 final_path=/opt/yunohost/$app
+#signald_name="signald"
+#signald_path=/opt/yunohost/signald_name
 
 # ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge
 if [ $synapsenumber -eq "1" ]
@@ -65,6 +67,7 @@ mautrix_bridge_user=$app
 mautrix_bridge_db_name=$app
 mautrix_bridge_db_user=$app
 upstream_version=$(ynh_app_upstream_version)
+signald_user=signald # This is actually chosen by the signald dependency
 
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
@@ -116,7 +119,7 @@ ynh_script_progression --message="Installing dependencies..." --weight=97
 
 ynh_install_app_dependencies $pkg_dependencies
 
-ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="signald" --key="https://updates.signald.org/apt-signing-key.asc"
+ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
 
 #=================================================
 # CREATE A POSTGRESQL DATABASE
@@ -150,6 +153,7 @@ ynh_script_progression --message="Setting up source files..." --weight=3
 
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path/src"
+#ynh_setup_source --dest_dir=$signald_path --source_id=$signald_name
 
 #=================================================
 # CREATE DEDICATED USER
@@ -157,7 +161,16 @@ ynh_setup_source --dest_dir="$final_path/src"
 ynh_script_progression --message="Configuring system user..." --weight=1
 
 # Create a system user
-ynh_system_user_create --username=$mautrix_bridge_user
+# Add the user to the signald group. The signald group was created when the signald
+# package was installed from the extra repository
+ynh_system_user_create --username=$mautrix_bridge_user --groups="$signald_user"
+#ynh_system_user_create --username=$signald_user
+
+# Create folders and set permissions, otherwise signald creates them without rw for group
+# Unfortunately subfolders are dynamically created for stickers, so those won't work for now.
+mkdir -p /var/lib/signald/{avatars,attachments,stickers}
+chown $signald_user:$mautrix_bridge_user /var/lib/signald/{avatars,attachments,stickers}
+chmod g+rwX /var/lib/signald/{avatars,attachments,stickers}
 
 #=================================================
 # SETUP SYSTEMD
@@ -167,6 +180,7 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=20
 # Create systemd config for Mautrix-Bridge
 #cp ../conf/default_mautrix-facebook /etc/default/$app
 ynh_add_systemd_config --service=$app
+#ynh_add_systemd_config --service="$signald_name" --template="signald.service"
 
 #=================================================
 
@@ -183,11 +197,18 @@ mautrix_config_path="$final_path/config.yaml"
 verify_server_ssl_certificates="true"
 matrix_server_supports_asmux="false"
 log_filename="/var/log/$app/$app.log"
-    # Options: debug, info, warn, error, fatal
-log_level="error"
+# https://docs.python.org/3.6/library/logging.html#logging-levels
+log_level="DEBUG"
 
 ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_path"
 
+#=================================================
+# INSTALL SIGNALD
+#=================================================
+#cd $signald_path
+#make installDist
+#make setup
+
 #=================================================
 # INSTALL MAUTRIX-BRIDGE PYTHON MODULE
 #=================================================
@@ -195,8 +216,8 @@ ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_p
 mkdir -p /var/log/$app
 # Configure Mautrix-Bridge
 python3 -m venv $final_path
-#$final_path/bin/pip3 install --upgrade setuptools wheel
-$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink]
+$final_path/bin/pip3 install --upgrade pip setuptools wheel
+$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers]
 # -r optional-requirements.txt
 $final_path/bin/python3 -m mautrix_signal -g -c $mautrix_config_path -r $app_service_registration_path/$app.yaml
 
@@ -224,10 +245,12 @@ ynh_store_file_checksum --file="$mautrix_config_path"
 
 # Set permissions to app files
 chown -R root: $final_path
+#chown -R root: $signald_path
 
 # WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
 # For any update do it in all files
 chown $mautrix_bridge_user:root -R $final_path
+#chown $signald_user:root -R $signald_path
 
 #=================================================
 # SETUP LOGROTATE
@@ -244,6 +267,7 @@ chown $mautrix_bridge_user:root -R /var/log/$app
 #yunohost service add $app --log "/var/log/$app/log.log"
 # if using yunohost version 3.2 or more in the 'manifest.json', a description can be added
 yunohost service add $app --description "$app daemon for bridging Signal and Matrix messages" --log "$log_filename"
+#yunohost service add $signald_name --description "$signald_name daemon for Signal messages" --log "$log_filename"
 
 #=================================================
 # START SYSTEMD SERVICE
@@ -251,6 +275,8 @@ yunohost service add $app --description "$app daemon for bridging Signal and Mat
 ynh_script_progression --message="Starting a systemd service..." --weight=1
 
 # Start a systemd service
+#ynh_systemd_action --service_name=$signald_name --action="start"
+#sleep 5
 ynh_systemd_action --service_name=$app --action="start"
 # Wait until the synapse user is created
 sleep 30

scripts/remove

@@ -48,6 +48,7 @@ mautrix_bridge_db_user=$app
 upstream_version=$(ynh_app_upstream_version)
 signald_data="/var/lib/signald"
 signald_exe="/usr/bin/signald"
+signald_user="signald"
 
 #=================================================
 # STANDARD REMOVE
@@ -81,6 +82,8 @@ ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$mau
 ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$mautrix_bridge_user"";"
 ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$botname"";"
 ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$botname"";"
+ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$signald_user"";"
+ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$signald_user"";"
 #yunohost app action run $synapse_instance drop_user -a username=$botname
 
 #=================================================
@@ -132,6 +135,7 @@ ynh_script_progression --message="Removing the dedicated system user..." --weigh
 
 # Delete a system user
 ynh_system_user_delete --username=$mautrix_bridge_user
+ynh_system_user_delete --username=$signald_user
 
 #=================================================
 # END OF SCRIPT

scripts/upgrade

@@ -115,7 +115,7 @@ then
 	ynh_script_progression --message="Upgrading source files..." --time --weight=1
 
 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$final_path"
+	ynh_setup_source --dest_dir="$final_path/src"
 fi
 
 #=================================================
@@ -125,7 +125,7 @@ ynh_script_progression --message="Upgrading dependencies..." --time --weight=1
 
 ynh_install_app_dependencies $pkg_dependencies
 
-ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="signald" --key="https://updates.signald.org/apt-signing-key.asc"
+ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
 
 #=================================================
 # CREATE DEDICATED USER
@@ -180,7 +180,7 @@ mkdir -p /var/log/$app
 # Configure Mautrix-Bridge
 python3 -m venv $final_path
 #$final_path/bin/pip3 install --upgrade setuptools wheel
-$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink]
+$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers]
 # -r optional-requirements.txt
 
 #=================================================