From 401c40db4fac1fb1279f2ad6964f92e15485dbd6 Mon Sep 17 00:00:00 2001 From: Gredin67 Date: Thu, 19 Aug 2021 17:41:14 +0200 Subject: [PATCH] upgrade to 0.2.0 and solve permissions issue * Update checksum and upstream URL (#11) Upstream URL changed, this is mentioned in this week's edition of TWIM: https://matrix.org/blog/2021/08/06/this-week-in-matrix-2021-08-06#mautrix- * Fix upgrade script (#14) The destination directory for upgrade source was wrong, so upgrading would reinstall the previous version. * add default-jre-headless * upgrade pip * Update config.yaml * Add mautrix_signal to the signald group, set permissions Unfortunately signald creates folders with the wrong permissions, so there is still an issue with sticker subfolders. Co-authored-by: Mayeul Cantan --- conf/app.src | 4 ++-- conf/config.yaml | 34 ++++++++++++++++++++++++++++++++-- conf/signald.service | 21 +++++++++++++++++++++ conf/signald.src | 7 +++++++ manifest.json | 4 ++-- scripts/_common.sh | 2 +- scripts/install | 38 ++++++++++++++++++++++++++++++++------ scripts/remove | 4 ++++ scripts/upgrade | 6 +++--- 9 files changed, 104 insertions(+), 16 deletions(-) create mode 100644 conf/signald.service create mode 100644 conf/signald.src diff --git a/conf/app.src b/conf/app.src index 370b44e..659a2b7 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/tulir/mautrix-signal/archive/v0.1.1.tar.gz -SOURCE_SUM=92b85eab45d9d2d165298b114a5ee47bb89f93a2c6bfa7a30a3d6a1bac4870b3 +SOURCE_URL=https://github.com/mautrix/signal/archive/v0.2.0.tar.gz +SOURCE_SUM=54d1bc214051769d5ecb165affba99037be5aa39dcdda863efb34b70ab6ea1ed SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/config.yaml b/conf/config.yaml index 45834b6..e85e2da 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -8,6 +8,12 @@ homeserver: # Only applies if address starts with https:// verify_ssl: __VERIFY_SERVER_SSL_CERTIFICATES__ asmux: __MATRIX_SERVER_SUPPORTS_ASMUX__ + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null # Application service host/registration related details # Changing these values requires regeneration of the registration. @@ -159,6 +165,8 @@ bridge: # This field will automatically be changed back to false after it, # except if the config file is not writable. resend_bridge_info: false + # Interval at which to resync contacts. + periodic_sync: 0 # Provisioning API part of the web server for automated portal creation and fetching information. # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). @@ -176,6 +184,7 @@ bridge: # Permissions for using the bridge. # Permitted values: + # relay - Allowed to be relayed through the bridge, no access to commands. # user - Use the bridge with puppeting. # admin - Use and administrate the bridge. # Permitted keys: @@ -183,9 +192,30 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: + "*": "relay" "__BOTUSERS__": "user" "__BOTADMIN__": "admin" + relay: + # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: false + # The formats to use when sending messages to Signal via a relay user. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content + message_formats: + m.text: '$sender_displayname: $message' + m.notice: '$sender_displayname: $message' + m.emote: '* $sender_displayname $message' + m.file: '$sender_displayname sent a file' + m.image: '$sender_displayname sent an image' + m.audio: '$sender_displayname sent an audio file' + m.video: '$sender_displayname sent a video' + m.location: '$sender_displayname sent a location' # Python logging configuration. # @@ -211,9 +241,9 @@ logging: formatter: colored loggers: mau: - level: DEBUG + level: __LOG_LEVEL__ aiohttp: level: INFO root: - level: DEBUG + level: __LOG_LEVEL__ handlers: [file, console] diff --git a/conf/signald.service b/conf/signald.service new file mode 100644 index 0000000..f53053b --- /dev/null +++ b/conf/signald.service @@ -0,0 +1,21 @@ +[Unit] +Description=A daemon for interacting with the Signal Private Messenger +Wants=network.target +After=network.target + +[Service] +Type=simple +RuntimeDirectory=signald +RuntimeDirectoryMode=0770 +User=__SIGNALD_USER__ +Group=__SIGNALD_USER__ +#ExecStart=/usr/bin/signald -d /var/lib/signald +ExecStart=__SIGNALD_PATH__/build/install/signald/bin/signald -d /var/lib/signald +EnvironmentFile=-/etc/default/signald +Restart=on-failure +UMask=0007 +# JVM always exits with 143 in reaction to SIGTERM signal +SuccessExitStatus=143 + +[Install] +WantedBy=default.target diff --git a/conf/signald.src b/conf/signald.src new file mode 100644 index 0000000..86432ed --- /dev/null +++ b/conf/signald.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://gitlab.com/signald/signald/-/archive/0.14.1/signald-0.14.1.tar.gz +SOURCE_SUM=50343a3e4ac56da35f393d54e2a222fead5ae8448ff5a62e449805ee6b0348f8 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME=signald.tar.gz +SOURCE_EXTRACT=true diff --git a/manifest.json b/manifest.json index 657bd00..12683d5 100644 --- a/manifest.json +++ b/manifest.json @@ -6,8 +6,8 @@ "en": "A Signal puppeting bridge for Matrix/Synapse.", "fr": "Passerelle Signal pour Matrix/Synapse." }, - "version": "0.1.1~ynh1", - "url": "https://github.com/tulir/mautrix-signal", + "version": "0.2.0~ynh1", + "url": "https://github.com/mautrix/mautrix-signal", "license": "AGPL-3.0-or-later", "maintainer": { "name": "Gredin67", diff --git a/scripts/_common.sh b/scripts/_common.sh index 8cdfdaa..3cb107f 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,7 +6,7 @@ # dependencies used by the app pkg_dependencies="postgresql python3" - +extra_dependencies="libunixsocket-java signald signaldctl" #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index 9617f5d..3507562 100755 --- a/scripts/install +++ b/scripts/install @@ -27,6 +27,8 @@ ynh_abort_if_errors synapsenumber=$YNH_APP_ARG_SYNAPSENUMBER app=$YNH_APP_INSTANCE_NAME final_path=/opt/yunohost/$app +#signald_name="signald" +#signald_path=/opt/yunohost/signald_name # ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge if [ $synapsenumber -eq "1" ] @@ -65,6 +67,7 @@ mautrix_bridge_user=$app mautrix_bridge_db_name=$app mautrix_bridge_db_user=$app upstream_version=$(ynh_app_upstream_version) +signald_user=signald # This is actually chosen by the signald dependency #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS @@ -116,7 +119,7 @@ ynh_script_progression --message="Installing dependencies..." --weight=97 ynh_install_app_dependencies $pkg_dependencies -ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="signald" --key="https://updates.signald.org/apt-signing-key.asc" +ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc" #================================================= # CREATE A POSTGRESQL DATABASE @@ -150,6 +153,7 @@ ynh_script_progression --message="Setting up source files..." --weight=3 # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/src" +#ynh_setup_source --dest_dir=$signald_path --source_id=$signald_name #================================================= # CREATE DEDICATED USER @@ -157,7 +161,16 @@ ynh_setup_source --dest_dir="$final_path/src" ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$mautrix_bridge_user +# Add the user to the signald group. The signald group was created when the signald +# package was installed from the extra repository +ynh_system_user_create --username=$mautrix_bridge_user --groups="$signald_user" +#ynh_system_user_create --username=$signald_user + +# Create folders and set permissions, otherwise signald creates them without rw for group +# Unfortunately subfolders are dynamically created for stickers, so those won't work for now. +mkdir -p /var/lib/signald/{avatars,attachments,stickers} +chown $signald_user:$mautrix_bridge_user /var/lib/signald/{avatars,attachments,stickers} +chmod g+rwX /var/lib/signald/{avatars,attachments,stickers} #================================================= # SETUP SYSTEMD @@ -167,6 +180,7 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=20 # Create systemd config for Mautrix-Bridge #cp ../conf/default_mautrix-facebook /etc/default/$app ynh_add_systemd_config --service=$app +#ynh_add_systemd_config --service="$signald_name" --template="signald.service" #================================================= @@ -183,11 +197,18 @@ mautrix_config_path="$final_path/config.yaml" verify_server_ssl_certificates="true" matrix_server_supports_asmux="false" log_filename="/var/log/$app/$app.log" - # Options: debug, info, warn, error, fatal -log_level="error" +# https://docs.python.org/3.6/library/logging.html#logging-levels +log_level="DEBUG" ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_path" +#================================================= +# INSTALL SIGNALD +#================================================= +#cd $signald_path +#make installDist +#make setup + #================================================= # INSTALL MAUTRIX-BRIDGE PYTHON MODULE #================================================= @@ -195,8 +216,8 @@ ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_p mkdir -p /var/log/$app # Configure Mautrix-Bridge python3 -m venv $final_path -#$final_path/bin/pip3 install --upgrade setuptools wheel -$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink] +$final_path/bin/pip3 install --upgrade pip setuptools wheel +$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers] # -r optional-requirements.txt $final_path/bin/python3 -m mautrix_signal -g -c $mautrix_config_path -r $app_service_registration_path/$app.yaml @@ -224,10 +245,12 @@ ynh_store_file_checksum --file="$mautrix_config_path" # Set permissions to app files chown -R root: $final_path +#chown -R root: $signald_path # WARNING : theses command are used in INSTALL, UPGRADE, RESTORE # For any update do it in all files chown $mautrix_bridge_user:root -R $final_path +#chown $signald_user:root -R $signald_path #================================================= # SETUP LOGROTATE @@ -244,6 +267,7 @@ chown $mautrix_bridge_user:root -R /var/log/$app #yunohost service add $app --log "/var/log/$app/log.log" # if using yunohost version 3.2 or more in the 'manifest.json', a description can be added yunohost service add $app --description "$app daemon for bridging Signal and Matrix messages" --log "$log_filename" +#yunohost service add $signald_name --description "$signald_name daemon for Signal messages" --log "$log_filename" #================================================= # START SYSTEMD SERVICE @@ -251,6 +275,8 @@ yunohost service add $app --description "$app daemon for bridging Signal and Mat ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service +#ynh_systemd_action --service_name=$signald_name --action="start" +#sleep 5 ynh_systemd_action --service_name=$app --action="start" # Wait until the synapse user is created sleep 30 diff --git a/scripts/remove b/scripts/remove index c5524d7..72ccd53 100755 --- a/scripts/remove +++ b/scripts/remove @@ -48,6 +48,7 @@ mautrix_bridge_db_user=$app upstream_version=$(ynh_app_upstream_version) signald_data="/var/lib/signald" signald_exe="/usr/bin/signald" +signald_user="signald" #================================================= # STANDARD REMOVE @@ -81,6 +82,8 @@ ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$mau ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$mautrix_bridge_user"";" ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$botname"";" ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$botname"";" +ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$signald_user"";" +ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$signald_user"";" #yunohost app action run $synapse_instance drop_user -a username=$botname #================================================= @@ -132,6 +135,7 @@ ynh_script_progression --message="Removing the dedicated system user..." --weigh # Delete a system user ynh_system_user_delete --username=$mautrix_bridge_user +ynh_system_user_delete --username=$signald_user #================================================= # END OF SCRIPT diff --git a/scripts/upgrade b/scripts/upgrade index 0d96cd6..edfc575 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -115,7 +115,7 @@ then ynh_script_progression --message="Upgrading source files..." --time --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$final_path/src" fi #================================================= @@ -125,7 +125,7 @@ ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 ynh_install_app_dependencies $pkg_dependencies -ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="signald" --key="https://updates.signald.org/apt-signing-key.asc" +ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc" #================================================= # CREATE DEDICATED USER @@ -180,7 +180,7 @@ mkdir -p /var/log/$app # Configure Mautrix-Bridge python3 -m venv $final_path #$final_path/bin/pip3 install --upgrade setuptools wheel -$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink] +$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers] # -r optional-requirements.txt #=================================================