YunoHost-Apps/mautrix_signal_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mautrix_signal_ynh.git synced 2024-09-03 19:46:07 +02:00
Code Issues Activity Actions

Upgrade to v0.2.2 & signald properly & linter (#36)

Browse source 
* Upgrade to v0.2.2

* do not specify signald version

* Add support for end-to-bridge encryption (#37) (deactivated by default)

* Linter and sync whatsapp_ynh (#27)

* prepare for add to app list

* restore signald user data folder

Co-authored-by: ericgaspar <junk.eg@free.fr>

* python3-dev

* no python-olm

* check upgrade from 0.2.0

Necessary as the group is created by the dependencies

* Replace Whatsapp typos with Signal

* Fix service description inconsistency in install/upgrade/restore

* comment out bot_synapse_adm for now

* remove hack for signald permissions

* deactivate encryption by default

* no encryption in manifest

* fix db_pwd upgrade

* Update config.yaml

Co-authored-by: Nathanaël HANNEBERT <nathanael.hannebert@alterway.fr>
Co-authored-by: ericgaspar <junk.eg@free.fr>
Co-authored-by: Mayeul Cantan <oss@mayeul.net>
This commit is contained in:
Gredin67 2022-01-25 09:49:10 +01:00 committed by GitHub
parent fc1ba62e65
commit 66c49f0377
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 570 additions and 551 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
README.md
View file

@ -1,21 +1,27 @@
# A Matrix-Signal puppeting bridge for YunoHost
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# Matrix Signal bridge for YunoHost
[![Integration level](https://dash.yunohost.org/integration/mautrix_signal.svg)](https://dash.yunohost.org/appci/app/mautrix_signal) ![](https://ci-apps.yunohost.org/ci/badges/mautrix_signal.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/mautrix_signal.maintain.svg)
[![Install Mautrix-Signal with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=mautrix_signal)
[![Install Matrix Signal bridge with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=mautrix_signal)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allows you to install Mautrix-Signal quickly and simply on a YunoHost server.
> *This package allows you to install Matrix Signal bridge quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
## Overview
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Shipped version:** 0.1.1
Matrix / Synapse puppeting bridge for Signal
## Screenshots
**Shipped version:** 0.2.2~ynh1
![](Link to a screenshot of this app.)
## Disclaimers / important information
## List of known public services
@ -37,6 +43,7 @@ See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/
* Open Settings => Linked Devices => + => Capture the QR code with the camera
* By defaults, only conversations with very recent messages will be bridged
* Accept invitations to the bridged chat rooms
#### Registering the Bridge as a primary device
* Type ``!sg register <phone>``, where ``<phone>`` is your phone number in the international format with no space, e.g. ``!sg register +33612345678``
* Answer in the bot room with the verification code that you reveived in SMS.
@ -48,7 +55,11 @@ See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/
### Relaybot: Bridge a group for several Matrix and several Signal users to chat together
Not yet available
* Create a room on the signal side
* Your bridged users will be invited on the Matrix side once they are invited on the Signal side
* You can invite more people over on the Matrix side
* Have one of the bridged users (who has the right permission) type `!sg set-relay` on the Matrix side. Their signal account will relay messages from other Matrix users
It is not yet possible to bridge to an existing signal room, or create a new signal room from the Matrix side.
## Configuration of the bridge
@ -82,37 +93,17 @@ In case you need to upload your logs somewhere, be aware that they contain your
* Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Signal accounts.
* Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances.
#### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mautrix_signal%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/mautrix_signal/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mautrix_signal%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mautrix_signal/)
## Limitations
* It looks like media are not bridged.
* Signal chats are not grouped in a Matrix community (as opposed to the Mautrix-WhatsApp or Mautrix-Facebook bridges)
## Documentation and resources
## Additional information
* Other info you would like to add about this app.
**More info on the documentation page:**
https://docs.mau.fi/bridges/python/signal/index.html
## Links
* Report a bug: https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues
* App website: https://github.com/YunoHost-Apps/mautrix-whatsapp_ynh
* Upstream app documentation: https://docs.mau.fi/bridges/python/signal/index.html
* Upstream app repository: https://github.com/tulir/mautrix-signal
* Up-Upstream repository: https://gitlab.com/signald/signald
* YunoHost website: https://yunohost.org/
---
* YunoHost documentation for this app: https://yunohost.org/app_mautrix_signal
* Report a bug: https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues
## Developer info
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/mautrix_signal_ynh/tree/testing).
To try the testing branch, please proceed like that.
@ -122,8 +113,4 @@ or
sudo yunohost app upgrade mautrix_signal -u https://github.com/YunoHost-Apps/mautrix_signal_ynh/tree/testing --debug
```
To test communication between the App Service and Matrix-Synapse on a VM (e.g. with domain name: synapse.vm), you must install a certificate:
```
echo | openssl s_client -showcerts -servername synapse.vm -connect synapse.vm:443 2>/dev/null | awk '/-----BEGIN CERTIFICATE-----/, /-----END CERTIFICATE-----/' >> /usr/local/share/ca-certificates/synapse.vm.crt
update-ca-certificates
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps

60
README_fr.md
View file

@ -1,23 +1,24 @@
# Une passerelle entre Matrix et Signal pour YunoHost
[![Integration level](https://dash.yunohost.org/integration/mautrix-signal.svg)](https://dash.yunohost.org/appci/app/mautrix-signal)
[![Install Mautrix-Signal with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mautrix-signal)
# Matrix Signal bridge pour YunoHost
*[Read this readme in english.](./README.md)*
[![Niveau d'intégration](https://dash.yunohost.org/integration/mautrix_signal.svg)](https://dash.yunohost.org/appci/app/mautrix_signal) ![](https://ci-apps.yunohost.org/ci/badges/mautrix_signal.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/mautrix_signal.maintain.svg)
[![Installer Matrix Signal bridge avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=mautrix_signal)
> *Ce package vous permet d'installer Mautrix-Signal rapidement et simplement sur un serveur Yunohost.
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Matrix Signal bridge rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Une passerelle entre Matrix et Signal empaquetée comme un service YunoHost. Les messages, médias et notifications sont relayées entre un compte Signal et un compte Matrix.
La passerelle ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) consiste en un Service d'Application Matrix-Synapse et repose sur une base-de-données postgresql. C'est pourquoi [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) doit être préalablemnet installé.
** Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_signal en même temps!**
Passerelle Matrix / Synapse pour Signal
**Version incluse:** 0.1.1
**Version incluse :** 0.2.2~ynh1
## Captures d'écran
![](Lien vers une capture d'écran pour cette application)
## Avertissements / informations importantes
## Liste de passerelles publiques
@ -39,6 +40,7 @@ Voir aussi [upstream wiki Authentication page](https://docs.mau.fi/bridges/pytho
* Ouvrez Paramètres => Appareils reliés => + => filmer le QR
* Par défaut, seules les conversations avec des messages très récents seront mises-en-miroir
* Acceptez les invitations aux salons
#### Enregistrer la passerelle comme appareil principal
* Tapez ``!sg register <phone>``, où ``<phone>`` est votre numéro de téléphone au format international sans espace, p.ex. ``!sg register +33612345678``
* Répondez dans le salon d'administration avec le code de vérification reçu par SMS.
@ -78,39 +80,17 @@ Si vous devez téléverser vos fichiers log quelque-part, soyez avertis qu'ils c
* L'installation multi-instance devrait fonctionner. Plusieurs instances de passerelles pourraient être installées pour une instance de Matrix-Synapse. Cela permet à un compte matrix de se relier à plusieurs comptes Signal.
* Plusieurs instances de passerelles pourraient être installées pour que chaque instance de Matrix-Synapse puisse en bénéficier. Mais une passerelle peut être utilisée par les comptes de plusieurs instances Matrix-Synapse.
#### Architectures supportées
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mautrix_signal%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/mautrix_signal/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mautrix_signal%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mautrix_signal/)
## Limitations
* Les appels Audio/Video ne sont pas relayés. Seule une notification apparait.
## Informations additionnelles
## Documentations et ressources
*
* Documentation YunoHost pour cette app : https://yunohost.org/app_mautrix_signal
* Signaler un bug : https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues
**Plus d'informations sur la page de documentation:**
## Informations pour les développeurs
* https://docs.mau.fi/bridges/python/signal/index.html
* https://yunohost.org/packaging_apps
## Liens
* Signaler un bug: https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues
* Site de l'application: https://github.com/YunoHost-Apps/mautrix_signal_ynh
* Documentation de l'application principale: https://docs.mau.fi/bridges/python/signal/index.html
* Dépôt de l'application principale: https://github.com/tulir/mautrix-signal
* Up-Upstream repository: https://gitlab.com/signald/signald
* Site web YunoHost: https://yunohost.org/
---
Informations pour les développeurs
----------------
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/mautrix_signal_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
@ -120,8 +100,4 @@ ou
sudo yunohost app upgrade mautrix_signal -u https://github.com/YunoHost-Apps/mautrix_signal_ynh/tree/testing --debug
```
Pour tester la communication entre le Service d'Application et Matrix-Synapse sur une Machine Virtuelle (ex. avec un nom de domaine: synapse.vm), vous devez installer un certificat:
```
echo | openssl s_client -showcerts -servername synapse.vm -connect synapse.vm:443 2>/dev/null | awk '/-----BEGIN CERTIFICATE-----/, /-----END CERTIFICATE-----/' >> /usr/local/share/ca-certificates/synapse.vm.crt
update-ca-certificates
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps

11
check_process
View file

@ -7,7 +7,7 @@
sudo yunohost tools update apps
sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/ -a "domain=$domain&server_name=$server_name&is_public=$is_public&jitsi_server=$jitsi_server" --force
; Manifest
# mautrix_whatsapp manifest parameters
# mautrix_signal manifest parameters
port="8449" (PORT)
synapsenumber="1"
botname="signalbot"
@ -22,8 +22,7 @@
setup_private=0
setup_public=0
upgrade=1
upgrade=1 from_commit=898c8ffc11882f1411431bfd79d083a0c9471ea7
#upgrade=1 from_commit=c755a9e7e0d46402a231e00a675f41099dea3daa
upgrade=1 from_commit=fc1ba62e6529bb529a413d5895398baa5f2029d7
backup_restore=1
multi_instance=1
port_already_use=1
@ -34,7 +33,5 @@
# # If the level 5 (Package linter) is forced to 1. Please add justifications here.
# Level 5=auto
;;; Upgrade options
; commit=898c8ffc11882f1411431bfd79d083a0c9471ea7
name=0.1.1 before better signald handling.
# ; commit=c755a9e7e0d46402a231e00a675f41099dea3daa
# name=0.1.0 first working version.
; commit=fc1ba62e6529bb529a413d5895398baa5f2029d7
name=0.2.0

6
conf/app.src
View file

@ -1,7 +1,7 @@
SOURCE_URL=https://github.com/mautrix/signal/archive/v0.2.0.tar.gz
SOURCE_SUM=54d1bc214051769d5ecb165affba99037be5aa39dcdda863efb34b70ab6ea1ed
SOURCE_URL=https://mau.dev/mautrix/signal/-/archive/v0.2.2/signal-v0.2.2.tar.gz
SOURCE_SUM=204b82c8540f782c0e060d95949ff7d525f2deca93154a92420fa28474beef3a
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=mautrix-signal.tar.gz
SOURCE_EXTRACT=false
#SOURCE_FILENAME=mautrix-signal.tar.gz

83
conf/config.yaml
View file

@ -6,15 +6,19 @@ homeserver:
domain: __SERVER_NAME__
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: __VERIFY_SERVER_SSL_CERTIFICATES__
asmux: __MATRIX_SERVER_SUPPORTS_ASMUX__
verify_ssl: true
asmux: false
# Number of retries for all HTTP requests if the homeserver isn't reachable.
http_retry_count: 4
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Maximum number of simultaneous HTTP connections to the homeserver.
connection_limit: 100
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
@ -31,10 +35,16 @@ appservice:
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
database: postgres://__MAUTRIX_BRIDGE_USER__:__MAUTRIX_BRIDGE_DB_PWD__@localhost:5432/__MAUTRIX_BRIDGE_DB_NAME__
# Additional arguments for asyncpg.create_pool()
# The full URI to the database. SQLite and Postgres are supported.
# However, SQLite support is extremely experimental and should not be used.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
database_opts:
min_size: 5
max_size: 10
@ -48,12 +58,6 @@ appservice:
bot_displayname: Signal bridge bot
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually.
#
# Example: "+signal:example.com". Set to false to disable.
community_id: +sg:__SERVER_NAME__
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
@ -68,6 +72,17 @@ metrics:
enabled: false
listen_port: 8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-signal.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
signal:
# Path to signald unix socket
socket_path: /var/run/signald/signald.sock
@ -79,9 +94,18 @@ signal:
avatar_dir: ~/.config/signald/avatars
# Directory where signald stores auth data. Used to delete data when logging out.
data_dir: ~/.config/signald/data
# Whether or not unknown signald accounts should be deleted when the bridge is started.
# When this is enabled, any UserInUse errors should be resolved by restarting the bridge.
delete_unknown_accounts_on_start: false
# Whether or not message attachments should be removed from disk after they're bridged.
remove_file_after_handling: true
# Whether or not users can register a primary device
registration_enabled: true
# Whether or not to enable disappearing messages in groups. If enabled, then the expiration
# time of the messages will be determined by the first users to read the message, rather
# than individually. If the bridge has a single user, this can be turned on safely.
enable_disappearing_messages_in_groups: false
# Bridge config
bridge:
# Localpart template of MXIDs for Signal users.
@ -132,7 +156,7 @@ bridge:
# If false, created portal rooms will never be federated.
federate_rooms: true
# End-to-bridge encryption support options. You must install the e2be optional dependency for
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/Endtobridge-encryption
# this to work. See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: __ENCRYPTION__
@ -165,7 +189,7 @@ bridge:
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Interval at which to resync contacts.
# Interval at which to resync contacts (in seconds).
periodic_sync: 0
# Provisioning API part of the web server for automated portal creation and fetching information.
@ -182,6 +206,21 @@ bridge:
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!sg"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `register` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Permissions for using the bridge.
# Permitted values:
# relay - Allowed to be relayed through the bridge, no access to commands.
@ -197,9 +236,9 @@ bridge:
"__BOTADMIN__": "admin"
relay:
# Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
# Whether relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: false
enabled: __ENABLE_RELAYBOT__
# The formats to use when sending messages to Signal via a relay user.
#
# Available variables:
@ -212,10 +251,10 @@ bridge:
m.notice: '$sender_displayname: $message'
m.emote: '* $sender_displayname $message'
m.file: '$sender_displayname sent a file'
m.image: '$sender_displayname sent an image'
m.audio: '$sender_displayname sent an audio file'
m.video: '$sender_displayname sent a video'
m.location: '$sender_displayname sent a location'
m.image: '$sender_displayname sent an image'
m.audio: '$sender_displayname sent an audio file'
m.video: '$sender_displayname sent a video'
m.location: '$sender_displayname sent a location'
# Python logging configuration.
#
@ -233,7 +272,7 @@ logging:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: __LOG_FILENAME__
filename: /var/log/__APP__/__APP__.log
maxBytes: 10485760
backupCount: 10
console:

74
doc/DISCLAIMER.md Normal file
View file

@ -0,0 +1,74 @@
## List of known public services
* Ask on one of the following rooms: #mautrix_yunohost:matrix.fdn.fr or #signal:maunium.net
## Bridging usage
** Note that several Signal and Matrix users can be bridged, each Signal account has its own bot administration room. If they are in a same Signal group, only one matrix room will be created. **
### Bridge a Signal user and a Matrix user
* First your Matrix user or Synapse Server has to be authorized in the Configuration of the bridge (see below)
* Then, invite the bot (default @signalbot:yoursynapse.domain) in this new Mautrix-Signal bot administration room.
* If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html)
* Send ``!sg help`` to the bot in the created room to know how to control the bot.
See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/signal/authentication.html)
#### Linking the Bridge as a secondary device
* Type ``!sg link``
* Open Signal App of your primary device
* Open Settings => Linked Devices => + => Capture the QR code with the camera
* By defaults, only conversations with very recent messages will be bridged
* Accept invitations to the bridged chat rooms
#### Registering the Bridge as a primary device
* Type ``!sg register <phone>``, where ``<phone>`` is your phone number in the international format with no space, e.g. ``!sg register +33612345678``
* Answer in the bot room with the verification code that you reveived in SMS.
* Set a profile name with ``!sg set-profile-name <name>``
### Double puppeting
* Log in with ``login-matrix <access token>``
* After logging in, the default Matrix puppet of your Signal account should leave rooms and your account should join all rooms the puppet was in automatically.
### Relaybot: Bridge a group for several Matrix and several Signal users to chat together
* Create a room on the signal side
* Your bridged users will be invited on the Matrix side once they are invited on the Signal side
* You can invite more people over on the Matrix side
* Have one of the bridged users (who has the right permission) type `!sg set-relay` on the Matrix side. Their signal account will relay messages from other Matrix users
It is not yet possible to bridge to an existing signal room, or create a new signal room from the Matrix side.
## Configuration of the bridge
The bridge is [roughly configured at installation](https://github.com/YunoHost-Apps/mautrix_signal_ynh/blob/master/conf/config.yaml), e.g. allowed admin and user of the bot. Finer configuration can be done by modifying the
following configuration file with SSH:
```/opt/yunohost/mautrix_signal/config.yaml```
and then restarting the mautrix_signal service.
## Documentation
* Official "Mautrix-Signal" documentation: https://docs.mau.fi/bridges/python/signal/index.html
* Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr
* Matrix room (upstream app): #signal:maunium.net
In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with
``| sed -r 's/[0-9]{10,}/📞/g' ``
* "Mautrix-Signal" bridge is based on the [signal daemon](https://gitlab.com/signald/signald) project.
* YunoHost documentation: If more specific documentation is needed, feel free to contribute.
## YunoHost specific features
#### Multi-user support
* Bot users are not related to Yunohost users. Any Matrix account or Synapse server autorized in the configuration of the bridge can invite/use the bot.
* The Signal bot is a local Matrix-Synapse user, but accessible through federation (synapse public or private).
* Several Signal and Matrix users can be bridged with one bridge, each user has its own bot administration room.
* If several bot users are in a same Signal group, only one Matrix room will be created by the bridge.
* See https://github.com/YunoHost-Apps/synapse_ynh#multi-users-support
#### Multi-instance support
* Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Signal accounts.
* Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances.
## Limitations
* It looks like media are not bridged.
* Signal chats are not grouped in a Matrix community (as opposed to the Mautrix-WhatsApp or Mautrix-Facebook bridges)

64
doc/DISCLAIMER_fr.md Normal file
View file

@ -0,0 +1,64 @@
## Liste de passerelles publiques
* Demandez sur un des salons suivants: #mautrix_yunohost:matrix.fdn.fr or #signal:maunium.net
## Usages de la passerelle
** Notez que plusieurs comptes Signal et Matrix peuvent être relayés, chaque compte Signal connecté a son propre Salon d'Administration. Si plusieurs utilisateur.ice.s du Robot sont dans un même groupe Signal, seul un Salon Matrix sera créé par la passerelle. **
### Relayer TOUTES les conversations entre UN compte Signal et UN compte Matrix
* Prérequis : votre compte Matrix ou le serveur sur lequel il est hébergé doit être autorisé dans la configuration de la passerelle (voir ci-dessous)
* Invitez le Robot (par défaut @signalbot:synapse.votredomaine) à une nouvelle conversation.
* Ce nouveau salon d'administration du Robot Mautrix-Signal est appelé "Administration Room".
* Envoyez ``help`` au Robot dans le "Administration Room" pour une liste des commandes d'administration de la passerelle.
Voir aussi [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/signal/authentication.html)
#### Relier la passerelle comme un appareil secondaire
* Tapez ``!sg link``
* Ouvrez l'application Signal de votre appareil principal
* Ouvrez Paramètres => Appareils reliés => + => filmer le QR
* Par défaut, seules les conversations avec des messages très récents seront mises-en-miroir
* Acceptez les invitations aux salons
#### Enregistrer la passerelle comme appareil principal
* Tapez ``!sg register <phone>``, où ``<phone>`` est votre numéro de téléphone au format international sans espace, p.ex. ``!sg register +33612345678``
* Répondez dans le salon d'administration avec le code de vérification reçu par SMS.
* Définissez une nom de profil ``!sg set-profile-name <name>``
### Robot-Relai "Relaybot": Relayer les conversations de TOUS les comptes Matrix et TOUS les comptes Signal présents dans UN groupe/salon
* Pas implémenté pour l'instant
## Configuration de la passerelle
La passerelle est [configurée avec les paramètres standards adaptés pour votre YunoHost et l'instance Matrix-Synapse sélectionnée](https://github.com/YunoHost-Apps/mautrix_signal_ynh/blob/master/conf/config.yaml). Vous pouvez par exemple ajouter des administrateur.ice.s et utilisateur.ice.s du Robot autorisés en modifiant le fichier de configuration par liaison SSH:
``` sudo nano /opt/yunohost/mautrix_signal/config.yaml```
puis en redémarrant le service:
``` sudo yunohost service restart mautrix_signal```
## Documentation
* Documentation officielle "Mautrix-Signal": https://docs.mau.fi/bridges/python/signal/index.html
* Salon Matrix sur les Passerelles dans Yunohost): #mautrix_yunohost:matrix.fdn.fr
* Salon Matrix (application principale): #signal:maunium.net
Si vous devez téléverser vos fichiers log quelque-part, soyez avertis qu'ils contiennent des informations sur vos contacts et vos numéros de téléphone. Effacez-les avec
``| sed -r 's/[0-9]{10,}/📞/g' ``
* La passerelle "Mautrix-Signal" repose sur l'implémentation du [daemon signald](https://gitlab.com/signald/signald) .
* Documentation YunoHost: Si une documentation spécifique est nécessaire, n'hésitez pas à contribuer.
## Caractéristiques spécifiques YunoHost
#### Support multi-comptes
* Les utilisateur.ice.s du Robot ne sont pas liés aux comptes Yunohost. N'importe quel compte Matrix ou serveur Synapse autorisés dans la configuration de la passerelle peut inviter/utiliser le Robot.
* Le robot Signal est un utilisateur Matrix-Synapse local, mais accessible via la fédération (Synapse public ou privé).
* Plusieurs comptes Signal et Matrix peuvent être liés avec une seule passerelle, chaque compte a son propre salon d'administration.
* Si plusieurs utilisateur.ice.s du Robot sont dans un même groupe Signal, seul un Salon Matrix sera créé par la passerelle. Autrement dit, la passerelle construit un seul miroir du réseau de discussion existant sur Signal (utilisateurs et salons).
* Voir https://github.com/YunoHost-Apps/synapse_ynh#multi-users-support
#### Support multi-instance
* L'installation multi-instance devrait fonctionner. Plusieurs instances de passerelles pourraient être installées pour une instance de Matrix-Synapse. Cela permet à un compte matrix de se relier à plusieurs comptes Signal.
* Plusieurs instances de passerelles pourraient être installées pour que chaque instance de Matrix-Synapse puisse en bénéficier. Mais une passerelle peut être utilisée par les comptes de plusieurs instances Matrix-Synapse.
## Limitations
* Les appels Audio/Video ne sont pas relayés. Seule une notification apparait.

35
manifest.json
View file

@ -1,13 +1,13 @@
{
"name": "Matrix-Signal bridge",
"name": "Matrix Signal bridge",
"id": "mautrix_signal",
"packaging_format": 1,
"description": {
"en": "A Signal puppeting bridge for Matrix/Synapse.",
"fr": "Passerelle Signal pour Matrix/Synapse."
"en": "Matrix / Synapse puppeting bridge for Signal",
"fr": "Passerelle Matrix / Synapse pour Signal"
},
"version": "0.2.0~ynh1",
"url": "https://github.com/mautrix/mautrix-signal",
"version": "0.2.2~ynh1",
"url": "https://github.com/mautrix/signal",
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "Gredin67",
@ -15,7 +15,7 @@
"url": "https://github.com/YunoHost-Apps/mautrix_signal_ynh"
},
"requirements": {
"yunohost": ">= 4.0"
"yunohost": ">= 4.3.0"
},
"multi_instance": true,
"services": [
@ -51,19 +51,6 @@
},
"default": "signalbot"
},
{
"name": "encryption",
"type": "boolean",
"ask": {
"en": "Enable end-to-bridge encryption ?",
"fr": "Activer le chiffrement entre synapse et le bridge ?"
},
"help": {
"en": "Only activate if you know the prerequisites and constraints related to e2b.",
"fr": "N'activer que si vous connaissez les prérequis et constraintes liées à e2b."
},
"default": false
},
{
"name": "botadmin",
"type": "string",
@ -83,13 +70,13 @@
"type": "string",
"ask": {
"en": "Choose Matrix user(s) authorized to bridge with the Signal bot",
"fr": "Choisissez le/les compte(s) Matrix autorisés à utiliser le robot Signal"
"fr": "Choisissez le/les compte(s) Matrix autorisés à utiliser la passerelle Signal"
},
"example": "local or @johndoe:server.name or server.name or *",
"default": "local",
"example": "admin or domain or @johndoe:server.name or server.name or *",
"default": "domain",
"help": {
"en": "All local synapse users (local), a remote or local user (@johndoe:server.name), a remote server (matrix.org), or all remote/local servers (*) can be authorized. Give the matrix server_name, not the full domain/url.",
"fr": "On peut autoriser tous les comptes synapse locaux (local), un compte local ou distant (@johndoe:server.name), un serveur distant (matrix.org), ou tous les serveurs remote/local (*). Donner le nom du serveur matrix, pas le domaine/url complet."
"en": "Either the administrator only (admin), all local Synapse users (domain), a remote or local user (@johndoe:server.name), a remote server (matrix.org), or all remote/local servers (*) can be authorized. Give the Matrix server_name, not the full domain/URL.",
"fr": "L'administrateur seulement (admin), tous les comptes Synapse locaux (domain), un compte local ou distant (@johndoe:server.name), un serveur distant (matrix.org), ou tous les serveurs remote/local (*). Donner le nom du serveur Matrix, pas le domaine/URL complet."
}
}
]

4
scripts/_common.sh
View file

@ -5,8 +5,8 @@
#=================================================
# dependencies used by the app
pkg_dependencies="postgresql python3"
extra_dependencies="libunixsocket-java signald>=0.15.0-27 signaldctl"
pkg_dependencies="postgresql python3 python3-dev build-essential"
extra_dependencies="libunixsocket-java signald signaldctl"
#=================================================
# PERSONAL HELPERS
#=================================================

26
scripts/backup
View file

@ -24,32 +24,20 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path)
mautrix_config_path="$final_path/config.yaml"
signal_path="/var/lib/signald"
#signal_path="/usr/bin/signald"
#=================================================
# SET CONSTANTS
#=================================================
mautrix_bridge_db_name=$app
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
signald_data="/var/lib/signald"
#signald_exe="/usr/bin/signald"
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
### to be backuped and not an actual copy of any file. The actual backup that
### creates and fill the archive with the files happens in the core after this
### script is called. Hence ynh_backups calls takes basically 0 seconds to run.
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
@ -75,14 +63,14 @@ ynh_backup --src_path="/etc/systemd/system/$app.service"
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="$signal_path"
ynh_backup --src_path="$signald_data"
#=================================================
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Backing up the PostgreSQL database..." --weight=1
ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_psql_dump_db --database="$mautrix_bridge_db_name" > ${YNH_CWD}/dump.sql
ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT

275
scripts/install
View file

@ -24,12 +24,17 @@ ynh_abort_if_errors
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
botname=$YNH_APP_ARG_BOTNAME
bot_synapse_adm=true
#encryption=$YNH_APP_ARG_ENCRYPTION
encryption=false
botadmin=$YNH_APP_ARG_BOTADMIN
botusers=$YNH_APP_ARG_BOTUSERS
if [ "$botusers" = "admin" ]
then
botusers=$botadmin
fi
synapsenumber=$YNH_APP_ARG_SYNAPSENUMBER
app=$YNH_APP_INSTANCE_NAME
final_path=/opt/yunohost/$app
#signald_name="signald"
#signald_path=/opt/yunohost/signald_name
# ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge
if [ $synapsenumber -eq "1" ]
then
@ -39,52 +44,28 @@ synapse_instance="synapse__$synapsenumber"
fi
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
synapse_config_path="/etc/matrix-$synapse_instance"
app_service_registration_path="/etc/matrix-$synapse_instance/app-service"
synapse_name="matrix-$synapse_instance"
synapse_user="matrix-$synapse_instance"
synapse_db_name="matrix_$synapse_instance"
synapse_db_user="matrix_$synapse_instance"
botname=$YNH_APP_ARG_BOTNAME
encryption=$YNH_APP_ARG_ENCRYPTION
botadmin=$YNH_APP_ARG_BOTADMIN
if [ "$YNH_APP_ARG_BOTUSERS" = "local" ]
then
botusers=$server_name
elif [ "$YNH_APP_ARG_BOTUSERS" = "admin" ]
then
botusers=$botadmin
else
botusers=$YNH_APP_ARG_BOTUSERS
fi
#=================================================
# SET CONSTANTS
#=================================================
#botname_synapse_db_user="@$botname:$server_name"
mautrix_bridge_user=$app
mautrix_bridge_db_name=$app
mautrix_bridge_db_user=$app
upstream_version=$(ynh_app_upstream_version)
signald_user=signald # This is actually chosen by the signald dependency
mautrix_version=$(ynh_app_upstream_version)
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
#=================================================
# STANDARD MODIFICATIONS
# SET CONSTANTS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Configuring firewall..." --weight=1
# Find a free port for communication between your local synapse instance (home server) and its app service mautrix_bridge.
port=$(ynh_find_port --port=8449)
enable_relaybot=true
bot_synapse_db_user="@$botname:$server_name"
synapse_db_name="matrix_$synapse_instance"
signald_user="signald" # This is actually chosen by the signald dependency
#=================================================
# STORE SETTINGS FROM MANIFEST
@ -93,68 +74,37 @@ ynh_script_progression --message="Storing installation settings..." --weight=7
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=port --value=$port
ynh_app_setting_set --app=$app --key=botname --value=$botname
ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance
ynh_app_setting_set --app=$app --key=app_service_registration_path --value=$app_service_registration_path
ynh_app_setting_set --app=$app --key=bot_synapse_adm --value=$bot_synapse_adm
ynh_app_setting_set --app=$app --key=encryption --value=$encryption
ynh_app_setting_set --app=$app --key=mautrix_bridge_db_name --value=$mautrix_bridge_db_name
ynh_app_setting_set --app=$app --key=botadmin --value=$botadmin
ynh_app_setting_set --app=$app --key=botusers --value=$botusers
ynh_app_setting_set --app=$app --key=mautrix_version --value=$upstream_version
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=mautrix_version --value=$mautrix_version
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find a free port for communication between your local synapse instance (home server) and its app service mautrix_bridge.
port=$(ynh_find_port --port=8449)
ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=97
ynh_script_progression --message="Installing dependencies..." --weight=10
### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
### Those deb packages will be installed as dependencies of this package.
### If you're not using this helper:
### - Remove the section "REMOVE DEPENDENCIES" in the remove script
### - Remove the variable "pkg_dependencies" in _common.sh
### - As well as the section "REINSTALL DEPENDENCIES" in the restore script
### - And the section "UPGRADE DEPENDENCIES" in the upgrade script
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_install_app_dependencies $pkg_dependencies
ynh_install_extra_app_dependencies --repo="http://http.debian.net/debian buster-backports main" --package="libolm-dev" --key="https://keyserver.ubuntu.com/pks/lookup?search=0x0E98404D386FA1D9&op=get"
ynh_script_progression --message="Installing dependencies..." --weight=10
ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=3
ynh_print_OFF
mautrix_bridge_db_pwd=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=mautrix_bridge_db_pwd --value=$mautrix_bridge_db_pwd
ynh_print_ON
# Create postgresql database
ynh_psql_test_if_first_run
ynh_print_OFF
ynh_psql_create_user $mautrix_bridge_db_user $mautrix_bridge_db_pwd
ynh_print_ON
ynh_psql_execute_as_root \
--sql="CREATE DATABASE ""$mautrix_bridge_db_name"" ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ""$mautrix_bridge_db_user"";"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
# WARNING : theses command are used in INSTALL, UPGRADE (2 times)
# For any update do it in all files
#if [ -n "$(uname -m | grep 64)" ]
#then
# ynh_setup_source --dest_dir=$final_path/ --source_id="amd64_$(lsb_release --codename --short)"
#else
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/src"
#ynh_setup_source --dest_dir=$signald_path --source_id=$signald_name
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -163,130 +113,121 @@ ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
# Add the user to the signald group. The signald group was created when the signald
# package was installed from the extra repository
ynh_system_user_create --username=$mautrix_bridge_user --groups="$signald_user"
#ynh_system_user_create --username=$signald_user
ynh_system_user_create --username=$app --groups="$signald_user"
# Create folders and set permissions, otherwise signald creates them without rw for group
# Unfortunately subfolders are dynamically created for stickers, so those won't work for now.
mkdir -p /var/lib/signald/{avatars,attachments,stickers}
chown $signald_user:$mautrix_bridge_user /var/lib/signald/{avatars,attachments,stickers}
chmod g+rwX /var/lib/signald/{avatars,attachments,stickers}
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=3
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
db_pwd=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/src"
chmod 750 "$final_path"
chown $app:$app "$final_path"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring Mautrix Bridge..." --weight=2
# https://docs.python.org/3.6/library/logging.html#logging-levels
log_level="INFO"
ynh_add_config --template="../conf/config.yaml" --destination="$final_path/config.yaml"
chmod -R 750 "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=20
ynh_script_progression --message="Configuring a systemd service..." --weight=3
# Create systemd config for Mautrix-Bridge
#cp ../conf/default_mautrix-facebook /etc/default/$app
ynh_add_systemd_config --service=$app
#ynh_add_systemd_config --service="$signald_name" --template="signald.service"
#=================================================
#=================================================
# SET MAUTRIX-BRIDGE CONFIG
#=================================================
ynh_script_progression --message="Configuring Mautrix-Bridge..." --weight=2
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
# For any update do it in all files
mautrix_config_path="$final_path/config.yaml"
verify_server_ssl_certificates="true"
matrix_server_supports_asmux="false"
log_filename="/var/log/$app/$app.log"
# https://docs.python.org/3.6/library/logging.html#logging-levels
log_level="INFO"
ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_path"
#=================================================
# INSTALL SIGNALD
#=================================================
#cd $signald_path
#make installDist
#make setup
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# INSTALL MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Configuring python3 virtual environment" --weight=6
mkdir -p /var/log/$app
# Configure Mautrix-Bridge
python3 -m venv $final_path
$final_path/bin/pip3 install --upgrade pip setuptools wheel
$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers]
# -r optional-requirements.txt
$final_path/bin/python3 -m mautrix_signal -g -c $mautrix_config_path -r $app_service_registration_path/$app.yaml
ynh_script_progression --message="Installing Bridge with pip" --weight=6
# Pre-compiled python-olm to avoid libolm-dev, python3-dev -> does not work for arm
#$final_path/bin/pip3 install --upgrade python-olm --extra-index-url https://gitlab.matrix.org/api/v4/projects/27/packages/pypi/simple
# Build with libolm3 end-to-bridge encryption
$final_path/bin/pip3 install $final_path/src/mautrix-signal.tar.gz[metrics,e2be,formattednumbers,qrlink,stickers]
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
$final_path/bin/python3 -m mautrix_signal -g -c $final_path/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \
|| ynh_die "Synapse can't restart with the appservice configuration"
# Handled by synapse: synapse_ynh adds all registration files added in $app_service_registration_path to the app_service_config_files list
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$app_service_registration_path/$app.yaml"
ynh_store_file_checksum --file="$mautrix_config_path"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$final_path/config.yaml"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
### For security reason, any app should set the permissions to root: before anything else.
### Then, if write authorization is needed, any access should be given only to directories
### that really need such authorization.
# Set permissions to app files
chown -R root: $final_path
#chown -R root: $signald_path
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
chown $mautrix_bridge_user:root -R $final_path
#chown $signald_user:root -R $signald_path
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=3
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile "$log_filename"
chown $mautrix_bridge_user:root -R /var/log/$app
ynh_use_logrotate
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
#yunohost service add $app --log "/var/log/$app/log.log"
# if using yunohost version 3.2 or more in the 'manifest.json', a description can be added
yunohost service add $app --description "$app daemon for bridging Signal and Matrix messages" --log "$log_filename"
#yunohost service add $signald_name --description "$signald_name daemon for Signal messages" --log "$log_filename"
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Bridging Signal and Matrix messages" --log=/var/log/$app/$app.log
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_script_progression --message="Starting a systemd service..." --weight=2
# Start a systemd service
#ynh_systemd_action --service_name=$signald_name --action="start"
#sleep 5
ynh_systemd_action --service_name=$app --action="start"
# Wait until the synapse user is created
sleep 30
# # (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
# if [ "$bot_is_synapse_admin" = true ]
# then
ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
sleep 2
chown -R $app:$app "$final_path"
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
## Wait until the synapse user is created
#sleep 30
# # (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
# if [ "$bot_synapse_adm" = true ]
# then
# ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
# fi
ynh_systemd_action --service_name=$app --action="restart"
# fi
#ynh_systemd_action --service_name=$app --action="restart"
#=================================================
# END OF SCRIPT

43
scripts/remove
View file

@ -12,40 +12,25 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# language=$(ynh_app_setting_get --app=$app --key=language)
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
port=$(ynh_app_setting_get --app=$app --key=port)
botname=$(ynh_app_setting_get --app=$app --key=botname)
synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance)
app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path)
# bot_is_synapse_admin=$(ynh_app_setting_get --app=$app --key=bot_is_synapse_admin)
encryption=$(ynh_app_setting_get --app=$app --key=encryption)
botname=$(ynh_app_setting_get --app=$app --key=botname)
botadmin=$(ynh_app_setting_get --app=$app --key=botadmin)
botusers=$(ynh_app_setting_get --app=$app --key=botusers)
mautrix_config_path="$final_path/config.yaml"
mautrix_version=$(ynh_app_setting_get --app=$app --key=mautrix_version)
ynh_print_OFF
mautrix_bridge_db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd)
ynh_print_ON
port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# SET CONSTANTS
#=================================================
# synapse_db_name="matrix_$synapse_instance"
# botname_synapse_db_user="@$botname:$server_name"
mautrix_bridge_user=$app
mautrix_bridge_db_name=$app
mautrix_bridge_db_user=$app
upstream_version=$(ynh_app_upstream_version)
synapse_db_name="matrix_$synapse_instance"
bot_synapse_db_user="@$botname:$server_name"
signald_data="/var/lib/signald"
signald_exe="/usr/bin/signald"
signald_user="signald"
@ -77,9 +62,11 @@ ynh_remove_systemd_config
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=4
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$mautrix_bridge_db_name --db_name=$mautrix_bridge_db_user
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$mautrix_bridge_user"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$mautrix_bridge_user"";"
ynh_psql_remove_db --db_user=$db_name --db_name=$db_name
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$app"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$app"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$bot_synapse_db_user"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$bot_synapse_db_user"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$botname"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$botname"";"
ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$signald_user"";"
@ -118,7 +105,7 @@ ynh_remove_logrotate
ynh_script_progression --message="Removing synapse app service..." --weight=6
# Remove a directory securely
ynh_secure_remove --file="$app_service_registration_path/$app.yaml"
ynh_secure_remove --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \
|| ynh_die "Synapse can't restart with the appservice configuration"
@ -134,11 +121,11 @@ ynh_secure_remove --file="/var/log/$app"
ynh_script_progression --message="Removing the dedicated system user..." --weight=5
# Delete a system user
ynh_system_user_delete --username=$mautrix_bridge_user
ynh_system_user_delete --username=$app
ynh_system_user_delete --username=$signald_user
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --time --last
ynh_script_progression --message="Removal of $app completed" --last

148
scripts/restore
View file

@ -24,87 +24,84 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# language=$(ynh_app_setting_get --app=$app --key=language)
domain=$(ynh_app_setting_get --app=$app --key=domain)
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
port=$(ynh_app_setting_get --app=$app --key=port)
botname=$(ynh_app_setting_get --app=$app --key=botname)
synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance)
app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path)
# bot_is_synapse_admin=$(ynh_app_setting_get --app=$app --key=bot_is_synapse_admin)
bot_synapse_adm=$(ynh_app_setting_get --app=$app --key=bot_synapse_adm)
encryption=$(ynh_app_setting_get --app=$app --key=encryption)
botadmin=$(ynh_app_setting_get --app=$app --key=botadmin)
botusers=$(ynh_app_setting_get --app=$app --key=botusers)
mautrix_config_path="$final_path/config.yaml"
mautrix_version=$(ynh_app_setting_get --app=$app --key=mautrix_version)
botadmin=$(ynh_app_setting_get --app=$app --key=botadmin)
previous_mautrix_version=$(ynh_app_setting_get --app=$app --key=mautrix_version)
port=$(ynh_app_setting_get --app=$app --key=port)
ynh_print_OFF
mautrix_bridge_db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd)
ynh_print_ON
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
mautrix_version=$(ynh_app_upstream_version)
#=================================================
# SET CONSTANTS
#=================================================
synapse_db_name="matrix_$synapse_instance"
# botname_synapse_db_user="@$botname:$server_name"
mautrix_bridge_user=$app
mautrix_bridge_db_name=$app
mautrix_bridge_db_user=$app
upstream_version=$(ynh_app_upstream_version)
bot_synapse_db_user="@$botname:$server_name"
signald_data="/var/lib/signald"
#signald_exe="/usr/bin/signald"
signald_user="signald" # This is actually chosen by the signald dependency
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE APP MAIN DIR
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
# We need to install dependencies before recreating the dedicated user,
# as the dependencies create the `signald` user and group.
# Another option would be to `usermod -aG "$signald_user" $app` later.
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
ynh_restore_file --origin_path="$final_path"
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
# libolm-dev avoided by pre-compiled python-olm
ynh_install_extra_app_dependencies --repo="http://http.debian.net/debian buster-backports main" --package="libolm-dev" --key="https://keyserver.ubuntu.com/pks/lookup?search=0x0E98404D386FA1D9&op=get"
ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$mautrix_bridge_user
ynh_system_user_create --username=$app --groups="$signald_user"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root: $final_path
chown $mautrix_bridge_user:root -R $final_path
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="signald" --key="https://updates.signald.org/apt-signing-key.asc"
chmod 750 "$final_path"
chown $app:$app "$final_path"
chmod -R 750 "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
@ -112,13 +109,12 @@ ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=8
ynh_psql_test_if_first_run
ynh_print_OFF
ynh_psql_create_user $mautrix_bridge_db_user $mautrix_bridge_db_pwd
ynh_print_ON
ynh_psql_execute_as_root \
--sql="CREATE DATABASE ""$mautrix_bridge_db_name"" ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ""$mautrix_bridge_db_user"";"
ynh_psql_execute_file_as_root --file="${YNH_CWD}/dump.sql" --database="$mautrix_bridge_db_name"
ynh_psql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
#ynh_psql_execute_as_root --sql="CREATE DATABASE ""$db_name"" ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ""$dbname"";"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# RESTORE MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
@ -127,23 +123,23 @@ ynh_restore_file --origin_path="/var/log/$app"
#mkdir -p /var/log/$app
# Configure Mautrix-Bridge
python3 -m venv $final_path
#$final_path/bin/pip3 install --upgrade setuptools wheel
#$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[met$
# -r optional-requirements.txt
$final_path/bin/pip3 install --upgrade pip setuptools wheel
# Pre-compiled python-olm to avoid libolm-dev, python3-dev
#$final_path/bin/pip3 install --upgrade python-olm --extra-index-url https://gitlab.matrix.org/api/v4/projects/27/packages/pypi/simple
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
$final_path/bin/python3 -m mautrix_signal -g -c $mautrix_config_path -r $app_service_registration_path/$app.yaml
$final_path/bin/python3 -m mautrix_signal -g -c $final_path/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \
|| ynh_die "Synapse can't restart with the appservice configuration"
# Handled by synapse: synapse_ynh adds all registration files added in $app_service_registration_path to the app_service_config_files list
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
@ -152,41 +148,45 @@ systemctl enable $app.service --quiet
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_use_logrotate --logfile "/var/log/$app/$app.log"
chown $mautrix_bridge_user:root -R /var/log/$app
ynh_use_logrotate
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=$app --action="start"
# Wait until the synapse user is created
# sleep 30
# # # (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
# # if [ "$bot_is_synapse_admin" = true ]
# # then
# ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
# # #yunohost app action run $synapse_instance set_admin_user -a username=$botname
# # fi
# ynh_systemd_action --service_name=$app --action="restart"
yunohost service add $app --description="Bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_systemd_action --service_name=signald --action="stop"
ynh_restore_file --origin_path="$signald_data"
ynh_systemd_action --service_name=signald --action="start"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
# Wait until the synapse user is created
sleep 30
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ]
then
ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
fi
ynh_systemd_action --service_name=$app --action="restart"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --time --last
ynh_script_progression --message="Restoration completed for $app" --last

233
scripts/upgrade
View file

@ -12,81 +12,49 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --time --weight=1
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# language=$(ynh_app_setting_get --app=$app --key=language)
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
port=$(ynh_app_setting_get --app=$app --key=port)
botname=$(ynh_app_setting_get --app=$app --key=botname)
synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance)
app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path)
# bot_is_synapse_admin=$(ynh_app_setting_get --app=$app --key=bot_is_synapse_admin)
encryption=$(ynh_app_setting_get --app=$app --key=encryption)
botadmin=$(ynh_app_setting_get --app=$app --key=botadmin)
botusers=$(ynh_app_setting_get --app=$app --key=botusers)
mautrix_config_path="$final_path/config.yaml"
mautrix_version=$(ynh_app_setting_get --app=$app --key=mautrix_version)
botadmin=$(ynh_app_setting_get --app=$app --key=botadmin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
previous_mautrix_version=$(ynh_app_setting_get --app=$app --key=mautrix_version)
ynh_print_OFF
mautrix_bridge_db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd)
ynh_print_ON
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
mautrix_version=$(ynh_app_upstream_version)
signald_user="signald" # This is actually chosen by the signald dependency
#=================================================
# SET CONSTANTS
#=================================================
log_filename="/var/log/$app/$app.log"
enable_relaybot=true
# https://docs.python.org/3.6/library/logging.html#logging-levels
log_level="INFO"
#log_format="$app.log"
synapse_db_name="matrix_$synapse_instance"
# botname_synapse_db_user="@$botname:$server_name"
mautrix_bridge_user=$app
mautrix_bridge_db_name=$app
mautrix_bridge_db_user=$app
upstream_version=$(ynh_app_upstream_version)
bot_synapse_db_user="@$botname:$server_name"
#=================================================
# CHECK VERSION
#=================================================
### This helper will compare the version of the currently installed app and the version of the upstream package.
### $upgrade_type can have 2 different values
### - UPGRADE_APP if the upstream app version has changed
### - UPGRADE_PACKAGE if only the YunoHost package has changed
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
#
# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
# of what you may want to do in some cases (e.g. a setting was not defined on
# some legacy installs and you therefore want to initiaze stuff during upgrade)
#
# If db_name doesn't exist, create it
#if [ -z "$db_name" ]; then
# db_name=$(ynh_sanitize_dbid --db_name=$app)
# ynh_app_setting_set --app=$app --key=db_name --value=$db_name
#fi
# If final_path doesn't exist, create it
#if [ -z "$final_path" ]; then
# final_path=/var/www/$app
# ynh_app_setting_set --app=$app --key=final_path --value=$final_path
#fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=5
# Backup the current version of the app
ynh_backup_before_upgrade
@ -102,9 +70,53 @@ ynh_abort_if_errors
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="$log_filename"
ynh_systemd_action --service_name=$app --action="stop"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=5
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_install_extra_app_dependencies --repo="http://http.debian.net/debian buster-backports main" --package="libolm-dev" --key="https://keyserver.ubuntu.com/pks/lookup?search=0x0E98404D386FA1D9&op=get"
ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Upgrade from >0.2.0
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
# Upgrade from <=0.2.0
if [ -z "$db_name" ]
then
db_name=$(ynh_app_setting_get --app=$app --key=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
if [ -z "$db_pwd" ]
then
db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd)
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
fi
# Fix possible permission issues with a previous signald version, esp. with stickers
mkdir -p /var/lib/signald/{avatars,attachments,stickers}
chown $signald_user:$signald_user /var/lib/signald/{avatars,attachments,stickers}
chmod -R g+rwX /var/lib/signald/{avatars,attachments,stickers}
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --groups="$signald_user"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -112,136 +124,103 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="$log_filename
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --time --weight=1
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/src"
chmod 750 $final_path
chown $app:$app $final_path
fi
#=================================================
# UPGRADE DEPENDENCIES
# STORE THE CONFIG FILE CHECKSUM
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --time --weight=1
ynh_install_app_dependencies $pkg_dependencies
ynh_install_extra_app_dependencies --repo="https://updates.signald.org unstable main" --package="$extra_dependencies" --key="https://updates.signald.org/apt-signing-key.asc"
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
ynh_backup_if_checksum_is_different --file="$final_path/config.yaml"
ynh_backup_if_checksum_is_different --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
#=================================================
# CREATE DEDICATED USER
# UPDATE CONFIGURATION
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1
ynh_script_progression --message="Configuring Mautrix Bridge..." --weight=2
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$mautrix_bridge_user
ynh_add_config --template="../conf/config.yaml" --destination="$final_path/config.yaml"
chmod -R 750 "$final_path"
chown -R $app:$app "$final_path"
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ...
#=================================================
#=================================================
#================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
ynh_script_progression --message="Upgrading systemd configuration..." --weight=4
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# SET MAUTRIX-BRIDGE CONFIG
#=================================================
ynh_script_progression --message="Configuring Mautrix-Bridge..." --weight=2
mautrix_config_path="$final_path/config.yaml"
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
ynh_backup_if_checksum_is_different --file="$app_service_registration_path/$app.yaml"
ynh_backup_if_checksum_is_different --file="$mautrix_config_path"
verify_server_ssl_certificates="true"
matrix_server_supports_asmux="false"
# https://docs.python.org/3.6/library/logging.html#logging-levels
log_level="INFO"
ynh_add_config --template="../conf/config.yaml" --destination="$mautrix_config_path"
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$app_service_registration_path/$app.yaml"
ynh_store_file_checksum --file="$mautrix_config_path"
#=================================================
# UPGRADE MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Upgrading python3 virtual environment" --weight=6
mkdir -p /var/log/$app
# Configure Mautrix-Bridge
python3 -m venv $final_path
#$final_path/bin/pip3 install --upgrade setuptools wheel
$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,formattednumbers,qrlink,stickers]
# -r optional-requirements.txt
$final_path/bin/pip3 install --upgrade pip setuptools wheel
ynh_script_progression --message="Installing with pip" --weight=6
# Pre-compiled python-olm to avoid libolm-dev, python3-dev -> does not work for arm
#$final_path/bin/pip3 install --upgrade python-olm --extra-index-url https://gitlab.matrix.org/api/v4/projects/27/packages/pypi/simple
# Build with libolm3 end-to-bridge encryption
$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-signal.tar.gz[metrics,e2be,formattednumbers,qrlink,stickers]
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
$final_path/bin/python3 -m mautrix_signal -g -c $mautrix_config_path -r $app_service_registration_path/$app.yaml
$final_path/bin/python3 -m mautrix_signal -g -c $final_path/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \
|| ynh_die "Synapse can't restart with the appservice configuration"
# Handled by synapse: synapse_ynh adds all registration files added in $app_service_registration_path to the app_service_config_files list
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$final_path/config.yaml"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R root: $final_path
chown $mautrix_bridge_user:root -R $final_path
# Fix possible permission issues with a previous signald version, esp. with stickers
chmod -R g+rwX /var/lib/signald/{avatars,attachments,stickers}
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile "$log_filename"
chown $mautrix_bridge_user:root -R /var/log/$app
# Use logrotate to manage app-specific logfile(s)
# ynh_use_logrotate --non-append
ynh_use_logrotate
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="$app daemon for bridging Signal and Matrix messages" --log="$log_filename"
yunohost service add $app --description="Bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
ynh_script_progression --message="Starting a systemd service..." --weight=1
# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
sleep 2
chown -R $app:$app "$final_path"
ynh_systemd_action --service_name=$app --action="start"
# # Wait until the synapse user is created
# sleep 30
# # # (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
# # if [ "$bot_is_synapse_admin" = true ]
# # then
# ynh_psql_execute_as_root --database=$synapse_db_name --sql="UPDATE users SET admin = 1 WHERE name = ""$botname"";"
# # #yunohost app action run $synapse_instance set_admin_user -a username=$botname
# # fi
# ynh_systemd_action --service_name=$app --action="restart"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --time --last
ynh_script_progression --message="Upgrade of $app completed" --last