YunoHost-Apps/mautrix_signal_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mautrix_signal_ynh.git synced 2024-09-03 19:46:07 +02:00
Code Issues Activity Actions

Merge pull request #95 from YunoHost-Apps/ci-auto-update-0.5.1

Browse source 
Upgrade to v0.5.1 (migration from Python to Go version of the bridge)
This commit is contained in:
Nathanaël 2024-05-15 09:12:06 +02:00 committed by GitHub
commit a327639887
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 458 additions and 424 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -19,13 +19,13 @@ It shall NOT be edited by hand.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Shipped version:** 0.4.3~ynh2 **Shipped version:** 0.5.1~ynh1
## Documentation and resources ## Documentation and resources
- Official user documentation: <https://docs.mau.fi/bridges/python/signal/index.html> - Official user documentation: <https://docs.mau.fi/bridges/go/signal/index.html>
- Upstream app code repository: <https://github.com/mautrix/signal> - Upstream app code repository: <https://github.com/mautrix/signal>
- YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal> - YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal>
- Report a bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues> - Report a bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_eu.md
View file

@ -19,13 +19,13 @@ EZ editatu eskuz.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Paketatutako bertsioa:** 0.4.3~ynh2 **Paketatutako bertsioa:** 0.5.1~ynh1
## Dokumentazioa eta baliabideak ## Dokumentazioa eta baliabideak
- Erabiltzaileen dokumentazio ofiziala: <https://docs.mau.fi/bridges/python/signal/index.html> - Erabiltzaileen dokumentazio ofiziala: <https://docs.mau.fi/bridges/go/signal/index.html>
- Jatorrizko aplikazioaren kode-gordailua: <https://github.com/mautrix/signal> - Jatorrizko aplikazioaren kode-gordailua: <https://github.com/mautrix/signal>
- YunoHost Denda: <https://apps.yunohost.org/app/mautrix_signal> - YunoHost Denda: <https://apps.yunohost.org/app/mautrix_signal>
- Eman errore baten berri: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues> - Eman errore baten berri: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

4
README_fr.md
View file

@ -23,10 +23,10 @@ La passerelle ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index
**Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_signal en même temps!** **Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_signal en même temps!**
**Version incluse:** 0.4.3~ynh2 **Version incluse:** 0.5.1~ynh1
## Documentations et ressources ## Documentations et ressources
- Documentation officielle utilisateur: <https://docs.mau.fi/bridges/python/signal/index.html> - Documentation officielle utilisateur: <https://docs.mau.fi/bridges/go/signal/index.html>
- Dépôt de code officiel de lapp: <https://github.com/mautrix/signal> - Dépôt de code officiel de lapp: <https://github.com/mautrix/signal>
- YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal> - YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal>
- Signaler un bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues> - Signaler un bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_gl.md
View file

@ -19,13 +19,13 @@ NON debe editarse manualmente.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Versión proporcionada:** 0.4.3~ynh2 **Versión proporcionada:** 0.5.1~ynh1
## Documentación e recursos ## Documentación e recursos
- Documentación oficial para usuarias: <https://docs.mau.fi/bridges/python/signal/index.html> - Documentación oficial para usuarias: <https://docs.mau.fi/bridges/go/signal/index.html>
- Repositorio de orixe do código: <https://github.com/mautrix/signal> - Repositorio de orixe do código: <https://github.com/mautrix/signal>
- Tenda YunoHost: <https://apps.yunohost.org/app/mautrix_signal> - Tenda YunoHost: <https://apps.yunohost.org/app/mautrix_signal>
- Informar dun problema: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues> - Informar dun problema: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_zh_Hans.md
View file

@ -19,13 +19,13 @@
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**分发版本:** 0.4.3~ynh2 **分发版本:** 0.5.1~ynh1
## 文档与资源 ## 文档与资源
- 官方用户文档: <https://docs.mau.fi/bridges/python/signal/index.html> - 官方用户文档: <https://docs.mau.fi/bridges/go/signal/index.html>
- 上游应用代码库: <https://github.com/mautrix/signal> - 上游应用代码库: <https://github.com/mautrix/signal>
- YunoHost 商店: <https://apps.yunohost.org/app/mautrix_signal> - YunoHost 商店: <https://apps.yunohost.org/app/mautrix_signal>
- 报告 bug <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues> - 报告 bug <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

409
conf/config.yaml
View file

@ -1,168 +1,185 @@
# Homeserver details # Homeserver details.
homeserver: homeserver:
# The address that this appservice can use to connect to the homeserver. # The address that this appservice can use to connect to the homeserver.
address: https://__DOMAIN__ address: https://__DOMAIN__
# The domain of the homeserver (also known as server_name, used for MXIDs, etc). # The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: __SERVER_NAME__ domain: __SERVER_NAME__
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# What software is the homeserver running? # What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard software: standard
# Number of retries for all HTTP requests if the homeserver isn't reachable.
http_retry_count: 4
# The URL to push real-time bridge status to. # The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. # If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
# The bridge will use the appservice as_token to authorize requests. # The bridge will use the appservice as_token to authorize requests.
status_endpoint: null status_endpoint: null
# Endpoint for reporting per-message status. # Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null message_send_checkpoint_endpoint: null
# Maximum number of simultaneous HTTP connections to the homeserver. # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
connection_limit: 100
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a media repo that supports MSC2246.
async_media: false async_media: false
# Application service host/registration related details # Should the bridge use a websocket for connecting to the homeserver?
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
# mautrix-asmux (deprecated), and hungryserv (proprietary).
websocket: false
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration. # Changing these values requires regeneration of the registration.
appservice: appservice:
# The address that the homeserver can use to connect to this appservice. # The address that the homeserver can use to connect to this appservice.
address: http://localhost:__PORT__ address: http://localhost:__PORT__
# When using https:// the TLS certificate and key files for the address.
tls_cert: false
tls_key: false
# The hostname and port where this appservice should listen. # The hostname and port where this appservice should listen.
hostname: 0.0.0.0 hostname: localhost
port: __PORT__ port: __PORT__
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are supported. # Database config.
# Format examples: database:
# SQLite: sqlite:///filename.db # The database type. "sqlite3-fk-wal" and "postgres" are supported.
# Postgres: postgres://username:password@hostname/dbname type: postgres
database: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__ # The database URI.
# Additional arguments for asyncpg.create_pool() or sqlite3.connect() # SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool # https://github.com/mattn/go-sqlite3#connection-string
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored. # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
# Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs). uri: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__?sslmode=disable
database_opts: # Maximum number of connections. Mostly relevant for Postgres.
min_size: 5 max_open_conns: 20
max_size: 10 max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice. # The unique ID of this appservice.
id: __BOTNAME__ id: __BOTNAME__
# Username of the appservice bot. # Appservice bot details.
bot_username: __BOTNAME__ bot:
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # Username of the appservice bot.
# to leave display name/avatar as-is. username: __BOTNAME__
bot_displayname: Signal bridge bot # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp # to leave display name/avatar as-is.
displayname: Signal bridge bot
avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
# Whether or not to receive ephemeral events via appservice transactions. # Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+). # Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled. ephemeral_events: true
ephemeral_events: false
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "This value is generated when generating the registration" as_token: "This value is generated when generating the registration"
hs_token: "This value is generated when generating the registration" hs_token: "This value is generated when generating the registration"
# Prometheus telemetry config. Requires prometheus-client to be installed. # Prometheus config.
metrics: metrics:
# Enable prometheus metrics?
enabled: false enabled: false
listen_port: 8000 # IP and port where the metrics listener should be. The path is always /metrics
listen: 127.0.0.1:8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-signal.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
signal: signal:
# Path to signald unix socket # Default device name that shows up in the Signal app.
socket_path: /var/run/signald/signald.sock device_name: mautrix-signal
# Directory for temp files when sending files to Signal. This should be an
# absolute path that signald can read. For attachments in the other direction,
# make sure signald is configured to use an absolute path as the data directory.
outgoing_attachment_dir: /tmp
# Directory where signald stores avatars for groups.
avatar_dir: ~/.config/signald/avatars
# Directory where signald stores auth data. Used to delete data when logging out.
data_dir: ~/.config/signald/data
# Whether or not unknown signald accounts should be deleted when the bridge is started.
# When this is enabled, any UserInUse errors should be resolved by restarting the bridge.
delete_unknown_accounts_on_start: false
# Whether or not message attachments should be removed from disk after they're bridged.
remove_file_after_handling: true
# Whether or not users can register a primary device
registration_enabled: true
# Whether or not to enable disappearing messages in groups. If enabled, then the expiration
# time of the messages will be determined by the first users to read the message, rather
# than individually. If the bridge has a single user, this can be turned on safely.
enable_disappearing_messages_in_groups: false
# Bridge config # Bridge config
bridge: bridge:
# Localpart template of MXIDs for Signal users. # Localpart template of MXIDs for Signal users.
# {userid} is replaced with the UUID of the Signal user. # {{.}} is replaced with the internal ID of the Signal user.
username_template: "sg_{userid}" username_template: sg_{{.}}
# Displayname template for Signal users. # Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
# {displayname} is replaced with the displayname of the Signal user, which is the first # {{.ProfileName}} - The Signal profile name set by the user.
# available variable in displayname_preference. The variables in displayname_preference # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
# can also be used here directly. # {{.PhoneNumber}} - The phone number of the user.
displayname_template: "{displayname} (SG)" # {{.UUID}} - The UUID of the Signal user.
# Whether or not contact list displaynames should be used. # {{.AboutEmoji}} - The emoji set by the user in their profile.
# Possible values: disallow, allow, prefer displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}'
# # Whether to explicitly set the avatar and room name for private chat portal rooms.
# Multi-user instances are recommended to disallow contact list names, as otherwise there can # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# be conflicts between names from different users' contact lists. # If set to `always`, all DM rooms will have explicit names and avatars set.
contact_list_names: disallow # If set to `never`, DM rooms will never have names and avatars set.
# Available variables: full_name, first_name, last_name, phone, uuid private_chat_portal_meta: default
displayname_preference: # Should avatars from the user's contact list be used? This is not safe on multi-user instances.
- full_name use_contact_avatars: false
- phone # Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances.
use_outdated_profiles: false
# Should the Signal user's phone number be included in the room topic in private chat portal rooms?
number_in_topic: true
# Avatar image for the Note to Self room.
note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL
# Whether or not to create portals for all groups on login/connect. portal_message_buffer: 128
autocreate_group_portal: true
# Whether or not to create portals for all contacts on login/connect. # Should the bridge create a space for each logged-in user and add bridged rooms to it?
autocreate_contact_portal: false # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
# Whether or not to make portals of Signal groups in which joining via invite link does personal_filtering_spaces: true
# not need to be approved by an administrator publicly joinable on Matrix. # Should Matrix m.notice-type messages be bridged?
public_portals: false bridge_notices: true
# Whether or not to use /sync to get read receipts and typing notifications # Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
# when double puppeting is enabled delivery_receipts: false
sync_with_custom_puppets: true # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
# Whether or not to update the m.direct account data event when double puppeting is enabled. message_status_events: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux) # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions. # and is therefore prone to race conditions.
sync_direct_chat_list: false sync_direct_chat_list: false
# Allow using double puppeting from any server with a valid client .well-known file. # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
double_puppet_allow_discovery: false # This field will automatically be changed back to false after it, except if the config file is not writable.
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. resend_bridge_info: false
double_puppet_server_map: # Whether or not to make portals of groups that don't need approval of an admin to join by invite
example.com: https://example.com # link publicly joinable on Matrix.
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth public_portals: false
# # Send captions in the same message as images. This will send data compatible with both MSC2530.
# If set, custom puppets will be enabled automatically for local users # This is currently not supported in most clients.
# instead of users having to find an access token and run `login-matrix` caption_in_message: false
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map:
example.com: foo
# Whether or not created rooms should have federation enabled. # Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated. # If false, created portal rooms will never be federated.
federate_rooms: true federate_rooms: true
# Servers to always allow double puppeting from
double_puppet_server_map:
example.com: https://example.com
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map:
example.com: foobar
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
# Null means there's no enforced timeout.
message_handling_timeout:
# Send an error message after this timeout, but keep waiting for the response until the deadline.
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
error_after: null
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
# This is counted from the time the bridge starts handling the message.
deadline: 120s
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!signal'
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options. # End-to-bridge encryption support options.
# #
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
@ -196,6 +213,10 @@ bridge:
delete_on_device_delete: false delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session. # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users? # What level of device verification should be required from users?
# #
# Valid levels: # Valid levels:
@ -207,7 +228,7 @@ bridge:
# verified - Require manual per-device verification # verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table). # (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels: verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. # Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
receive: unverified receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages. # Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified send: unverified
@ -231,142 +252,62 @@ bridge:
# default. # default.
messages: 100 messages: 100
# Whether to explicitly set the avatar and room name for private chat portal rooms. # Disable rotating keys when a user's devices change?
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. # You should not enable this option unless you understand all the implications.
# If set to `always`, all DM rooms will have explicit names and avatars set. disable_device_change_key_rotation: false
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Signal. This let's you check manually whether the bridge is receiving your
# messages.
# Note that this is not related to Signal delivery receipts.
delivery_receipts: false
# Whether or not delivery errors should be reported as messages in the Matrix room.
delivery_error_reports: true
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Interval at which to resync contacts (in seconds).
periodic_sync: 0
# Should leaving the room on Matrix make the user leave on Signal? # Should leaving the room on Matrix make the user leave on Signal?
bridge_matrix_leave: true bridge_matrix_leave: true
# Should the bridge auto-create a group chat on Signal when a ghost is invited to a room? # Settings for provisioning API
# Requires the user to have sufficient power level and double puppeting enabled.
create_group_on_invite: true
hacky_contact_name_mixup_detection: false
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning: provisioning:
# Whether or not the provisioning API should be enabled. # Prefix for the provisioning API paths.
enabled: false
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision prefix: /_matrix/provision
# The shared secret to authorize users of the API. # Shared secret for authentication. If set to "generate", a random secret will be generated,
# Set to "generate" to generate and save a new token. # or if set to "disable", the provisioning API will be disabled.
shared_secret: generate shared_secret: generate
# Segment API key to enable analytics tracking for web server # Enable debug API at /debug with provisioning authentication.
# endpoints. Set to null to disable. debug_endpoints: false
# Currently the only events are login start, QR code scan, and login
# success/failure.
segment_key: null
# Optional user_id to use when sending Segment events. If null, defaults to using mxID.
segment_user_id: null
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!sg"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `link` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Permissions for using the bridge. # Permissions for using the bridge.
# Permitted values: # Permitted values:
# relay - Allowed to be relayed through the bridge, no access to commands. # relay - Talk through the relaybot (if enabled), no access otherwise
# user - Use the bridge with puppeting. # user - Access to use the bridge to chat with a Signal account.
# admin - Use and administrate the bridge. # admin - User level and some additional administration tools
# Permitted keys: # Permitted keys:
# * - All Matrix users # * - All Matrix users
# domain - All users on that homeserver # domain - All users on that homeserver
# mxid - Specific user # mxid - Specific user
permissions: permissions:
"*": "relay" "*": relay
__IF_BOTUSERS__"__BOTUSERS__": "user" __IF_BOTUSERS__"__BOTUSERS__": user
"__BOTADMIN__": "admin" "__BOTADMIN__": admin
# Settings for relay mode
relay: relay:
# Whether relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any # Whether relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
# authenticated user into a relaybot for that chat. # authenticated user into a relaybot for that chat.
enabled: __ENABLE_RELAYBOT__ enabled: __ENABLE_RELAYBOT__
# The formats to use when sending messages to Signal via a relay user. # Should only admins be allowed to set themselves as relay users?
# admin_only: false
# Available variables: # The formats to use when sending messages to Signal via the relaybot.
# $sender_displayname - The display name of the sender (e.g. Example User)
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
# $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
# $message - The message content
message_formats: message_formats:
m.text: '$sender_displayname: $message' m.text: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
m.notice: '$sender_displayname: $message' m.notice: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
m.emote: '* $sender_displayname $message' m.emote: "* <b>{{ .Sender.Displayname }}</b> {{ .Message }}"
m.file: '$sender_displayname sent a file' m.file: "<b>{{ .Sender.Displayname }}</b> sent a file"
m.image: '$sender_displayname sent an image' m.image: "<b>{{ .Sender.Displayname }}</b> sent an image"
m.audio: '$sender_displayname sent an audio file' m.audio: "<b>{{ .Sender.Displayname }}</b> sent an audio file"
m.video: '$sender_displayname sent a video' m.video: "<b>{{ .Sender.Displayname }}</b> sent a video"
m.location: '$sender_displayname sent a location' m.location: "<b>{{ .Sender.Displayname }}</b> sent a location"
# Specify a dedicated relay account. Must be a regular matrix account logged into this bridge
# and double puppeting working to auto-accept invites. When this user is invited to a room
# it will automatically be set as the relay user. May be overridden with `set-relay` or `unset-relay`
# relaybot: '@relaybot:example.com'
# Whether or not invites from non-logged-in users should be relayed
invite: true
# Format for generating URLs from location messages for sending to Signal # Logging config. See https://github.com/tulir/zeroconfig for details.
# Google Maps: 'https://www.google.com/maps/place/{lat},{long}'
# OpenStreetMap: 'https://www.openstreetmap.org/?mlat={lat}&mlon={long}'
location_format: 'https://www.google.com/maps/place/{lat},{long}'
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging: logging:
version: 1 min_level: info
formatters: writers:
colored: - type: stdout
(): mautrix_signal.util.ColorFormatter format: pretty-colored
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - type: file
normal: format: json
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" filename: /var/log/__APP__/__APP__.log
handlers: max_size: 100
file: max_backups: 10
class: logging.handlers.RotatingFileHandler compress: true
formatter: normal
filename: /var/log/__APP__/__APP__.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: INFO
aiohttp:
level: INFO
root:
level: INFO
handlers: [file, console]

21
conf/signald.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=A daemon for interacting with the Signal Private Messenger
Wants=network.target
After=network.target
[Service]
Type=simple
RuntimeDirectory=signald
RuntimeDirectoryMode=0770
User=__SIGNALD_USER__
Group=__SIGNALD_USER__
#ExecStart=/usr/bin/signald -d /var/lib/signald
ExecStart=__SIGNALD_PATH__/build/install/signald/bin/signald -d /var/lib/signald
EnvironmentFile=-/etc/default/signald
Restart=on-failure
UMask=0007
# JVM always exits with 143 in reaction to SIGTERM signal
SuccessExitStatus=143
[Install]
WantedBy=default.target

2
conf/systemd.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__INSTALL_DIR__/ WorkingDirectory=__INSTALL_DIR__/
ExecStart=__INSTALL_DIR__/bin/python3 -m mautrix_signal ExecStart=__INSTALL_DIR__/mautrix-signal -c=__INSTALL_DIR__/config.yaml
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

5
doc/ADMIN.md
View file

@ -12,7 +12,7 @@
* Then, invite the bot (default @signalbot:yoursynapse.domain) in this new Mautrix-Signal bot administration room. * Then, invite the bot (default @signalbot:yoursynapse.domain) in this new Mautrix-Signal bot administration room.
* If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html) * If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html)
* Send ``!sg help`` to the bot in the created room to know how to control the bot. * Send ``!sg help`` to the bot in the created room to know how to control the bot.
See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/signal/authentication.html) See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/go/signal/authentication.html)
#### Linking the Bridge as a secondary device #### Linking the Bridge as a secondary device
@ -50,12 +50,11 @@ and then restarting the mautrix_signal service.
## Documentation ## Documentation
* Official "Mautrix-Signal" documentation: <https://docs.mau.fi/bridges/python/signal/index.html> * Official "Mautrix-Signal" documentation: <https://docs.mau.fi/bridges/go/signal/index.html>
* Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr * Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr
* Matrix room (upstream app): #signal:maunium.net * Matrix room (upstream app): #signal:maunium.net
In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with
```| sed -r 's/[0-9]{10,}/📞/g'``` ```| sed -r 's/[0-9]{10,}/📞/g'```
* "Mautrix-Signal" bridge is based on the [signal daemon](https://gitlab.com/signald/signald) project.
* YunoHost documentation: If more specific documentation is needed, feel free to contribute. * YunoHost documentation: If more specific documentation is needed, feel free to contribute.
## YunoHost specific features ## YunoHost specific features

2
doc/DESCRIPTION.md
View file

@ -1,4 +1,4 @@
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user. A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations. Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.

72
manifest.toml
View file

@ -7,25 +7,25 @@ name = "Matrix Signal bridge"
description.en = "Matrix / Synapse puppeting bridge for Signal" description.en = "Matrix / Synapse puppeting bridge for Signal"
description.fr = "Passerelle Matrix / Synapse pour Signal" description.fr = "Passerelle Matrix / Synapse pour Signal"
version = "0.4.3~ynh2" version = "0.5.1~ynh1"
maintainers = ["MayeulC"] maintainers = ["MayeulC", "nathanael-h"]
[upstream] [upstream]
license = "AGPL-3.0-or-later" license = "AGPL-3.0-or-later"
userdoc = "https://docs.mau.fi/bridges/python/signal/index.html" userdoc = "https://docs.mau.fi/bridges/go/signal/index.html"
code = "https://github.com/mautrix/signal" code = "https://github.com/mautrix/signal"
fund = "https://github.com/sponsors/tulir" fund = "https://github.com/sponsors/tulir"
[integration] [integration]
yunohost = ">= 11.2" yunohost = ">= 11.2"
architectures = "all" architectures = ["amd64", "arm64"]
multi_instance = true multi_instance = true
ldap = "not_relevant" ldap = "not_relevant"
sso = "not_relevant" sso = "not_relevant"
disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... disk = "1G"
ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... ram.build = "128M"
ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... ram.runtime = "128M"
[install] [install]
[install.synapsenumber] [install.synapsenumber]
@ -46,6 +46,22 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
example = "signalbot" example = "signalbot"
default = "signalbot" default = "signalbot"
[install.bot_synapse_adm]
ask.en = "Give the Signal bot administrator rights to the Synapse instance?"
ask.fr = "Donner au robot Signal des droits administrateur à l'instance Synapse ?"
type = "boolean"
help.en = "If activated, the bot can group Signal chats in a Matrix space.Not required if you set up Synapse so that non-admins are authorized to create communities."
help.fr = "Si activé, le robot groupera les conversations Signal dans une communauté Matrix.Pas nécessaire si vous avez réglé Synapse pour qu'il autorise les non-admin à créer des communautés."
default = true
[install.encryption]
ask.en = "Enable end-to-bridge encryption?"
ask.fr = "Activer le chiffrement entre Synapse et le bridge ?"
type = "boolean"
help.en = "Only activate if you know the prerequisites and constraints related to E2B."
help.fr = "N'activer que si vous connaissez les prérequis et constraintes liées à E2B."
default = true
[install.botadmin] [install.botadmin]
ask.en = "Choose the Matrix account administrator of the Signal bot" ask.en = "Choose the Matrix account administrator of the Signal bot"
ask.fr = "Choisissez le compte Matrix administrateur du robot Signal" ask.fr = "Choisissez le compte Matrix administrateur du robot Signal"
@ -64,23 +80,34 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
example = "admin or domain or @johndoe:server.name or server.name or *" example = "admin or domain or @johndoe:server.name or server.name or *"
default = "domain" default = "domain"
[install.enable_relaybot]
ask.en = "Choose whether to enable the relay bot feature"
ask.fr = "Choisissez si vous souhaitez activer la fonctionnalité de relai par bot"
help.en = "If enabled, allows to use a single signal account (bot) to forward messages from multiple Matrix users. Messages will appear on Signal as if originating from a single user, with a prefix that indicates who is talking."
help.fr = "Si activé, permet d'utiliser un seul compte signal (bot) pour transmettre les messages de multiples utilisateurs Matrix. Les messages apparaîtront sur Signal comme envoyés par un seul utilisateur, avec un préfixe indiquant leur auteur."
type = "boolean"
default = true
[resources] [resources]
[resources.sources] [resources.sources]
[resources.sources.main] [resources.sources.main]
url = "https://github.com/mautrix/signal/archive/refs/tags/v0.4.3.tar.gz" in_subdir = false
sha256 = "e75636e845d4b9d84070efec510b7358b93a4fb0d6ffe4300dbdb9260725ba53"
rename = "mautrix-signal.tar.gz"
extract = false extract = false
rename = "mautrix-signal"
amd64.url = "https://github.com/mautrix/signal/releases/download/v0.5.1/mautrix-signal-amd64"
amd64.sha256 = "571919fa4402a22b6ff8bdcc451377174a2d0344a08d65d5dfcdbd2998902ba5"
arm64.url = "https://github.com/mautrix/signal/releases/download/v0.5.1/mautrix-signal-arm64"
arm64.sha256 = "55c5e685bf9d63a2cc5b436215adff1bc31cb78a8bc4845c94bb150e1d12760c"
autoupdate.strategy = "latest_github_release" autoupdate.strategy = "latest_github_release"
autoupdate.asset.amd64 = "^mautrix-signal-amd64$"
[resources.sources.signald] autoupdate.asset.arm64 = "^mautrix-signal-arm64$"
url = "https://gitlab.com/signald/signald/-/archive/0.17.0/signald-0.17.0.tar.gz"
sha256 = "225e36637daccf5f01138b7e29e3b2195bced7b13a290d163e34fe1f5d4a5d2a"
[resources.system_user] [resources.system_user]
home = "/opt/yunohost/__APP__"
[resources.install_dir] [resources.install_dir]
dir = "/opt/yunohost/__APP__"
[resources.permissions] [resources.permissions]
@ -88,22 +115,7 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
main.default = 8449 main.default = 8449
[resources.apt] [resources.apt]
packages = [ packages = "g++, postgresql, ffmpeg"
"postgresql",
"python3",
"python3-dev",
"build-essential",
"libolm-dev",
]
[resources.apt.extras.signal]
repo = "https://updates.signald.org unstable main"
key = "https://updates.signald.org/apt-signing-key.asc"
packages = [
"libunixsocket-java",
"signald",
"signaldctl",
]
[resources.database] [resources.database]
type = "postgresql" type = "postgresql"

73
scripts/_common.sh
View file

@ -4,31 +4,66 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
signald_data="/var/lib/signald"
signald_exe="/usr/bin/signald"
signald_user="signald"
enable_relaybot=true
#================================================= #=================================================
# PERSONAL HELPERS # PERSONAL HELPERS
#================================================= #=================================================
_install_rustup() { get_synapse_db_name() {
export PATH="$PATH:$install_dir/.cargo/bin:$install_dir/.local/bin:/usr/local/sbin" # Parameters: synapse instance identifier
# Returns: database name
if [ -e "$install_dir/.rustup" ]; then ynh_app_setting_get --app="$1" --key=db_name
ynh_exec_as "$app" env "PATH=$PATH" rustup update
else
ynh_exec_as "$app" bash -c 'curl -sSf -L https://static.rust-lang.org/rustup.sh | sh -s -- -y --default-toolchain=stable --profile=minimal'
fi
} }
_mautrix_signal_build_venv() { wait_for_user_to_exist_in_synapse_db() {
python3 -m venv "$install_dir/venv" # Indefinitely check if the user exists
"$install_dir/venv/bin/pip3" install --upgrade pip setuptools wheel # This is a separate script to allow launching with timeout(1)
"$install_dir/venv/bin/pip3" install --upgrade \ # Parameters:
"$install_dir/src/mautrix-signal.tar.gz[metrics,e2be,formattednumbers,qrlink,stickers]" # - username (in the form @user:server)
# - synapse database
# Returns 0 if user is found to exist
local username="$1"
local synapse_db="$2"
sql="select exists(select 1 from users where name = '$username');"
retval=""
while true; do
# A yunohost helper to do that would be welcome
retval=$(cd / && sudo -u postgres psql --dbname="$synapse_db" -c "$sql" -q -t)
if [ "$retval" = " t" ]; then # User exists
break
fi
sleep 0.5 # Avoid retrying too eagerly
done
return 0
}
set_bot_admin_status() {
# Set bot admin status in synapse DB
# This relies on several bash variables being set in the caller environment:
# server_name, botname, bot_synapse_adm, app
local timeout=120
local bot_synapse_db_user="@$botname:$server_name"
local synapse_db_name=$(get_synapse_db_name $synapse_instance)
ynh_print_info --message="Updating bot user admin status"
export -f wait_for_user_to_exist_in_synapse_db # Export function to subprocesses so that it may be called with timeout
# Wait until the user is created in synapse db
if ! timeout $timeout bash -c "wait_for_user_to_exist_in_synapse_db \"$bot_synapse_db_user\" \"$synapse_db_name\"" 2>&1; then
ynh_print_warn --message="Bot user $bot_synapse_db_user did not exist after $timeout seconds, skipping changing its admin status"
fi
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ] || [ "$bot_synapse_adm" = "1" ]; then
bot_synapse_adm=1
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
else
bot_synapse_adm=0
fi
ynh_psql_execute_as_root --database="$synapse_db_name" --sql="UPDATE users SET admin = $bot_synapse_adm WHERE name = '$bot_synapse_db_user';"
ynh_systemd_action --service_name="$app" --action="restart" --log_path="/var/log/$app/$app.log"
} }
#================================================= #=================================================

2
scripts/backup
View file

@ -33,7 +33,7 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
# BACKUP VARIOUS FILES # BACKUP VARIOUS FILES
#================================================= #=================================================
ynh_backup --src_path="$signald_data" # TODO: check if there are some files to backup
ynh_backup --src_path="/var/log/$app/" ynh_backup --src_path="/var/log/$app/"

84
scripts/install
View file

@ -9,14 +9,15 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# Satisfy shellcheck, those variables are known when starting the script:
# shellcheck disable=SC2154
echo From manifest: "$synapsenumber $bot_synapse_adm", \
From yunohost: "$app $install_dir" > /dev/null
#================================================= #=================================================
# INITIALIZE AND STORE SETTINGS # INITIALIZE AND STORE SETTINGS
#================================================= #=================================================
bot_synapse_adm=true
encryption=false
if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then
if_botusers="# " if_botusers="# "
else else
@ -24,42 +25,53 @@ else
fi fi
# ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge # ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge
if [ $synapsenumber -eq "1" ] if [ "$synapsenumber" -eq "1" ]
then then
synapse_instance="synapse" synapse_instance="synapse"
else else
synapse_instance="synapse__$synapsenumber" synapse_instance="synapse__$synapsenumber"
fi fi
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain) # Convert user choice boolean from the manifest into a config value
if [ "$enable_relaybot" -eq "1" ]
then
enable_relaybot="true"
else
enable_relaybot="false"
fi
if [ "$encryption" -eq "1" ]
then
encryption="true"
else
encryption="false"
fi
server_name=$(ynh_app_setting_get --app "$synapse_instance" --key server_name)
domain=$(ynh_app_setting_get --app "$synapse_instance" --key domain)
mautrix_version=$(ynh_app_upstream_version) mautrix_version=$(ynh_app_upstream_version)
bot_synapse_db_user="@$botname:$server_name"
synapse_db_name="matrix_$synapse_instance"
ynh_app_setting_set --app=$app --key=bot_synapse_adm --value=$bot_synapse_adm ynh_app_setting_set --app="$app" --key=synapse_instance --value="$synapse_instance"
ynh_app_setting_set --app=$app --key=encryption --value=$encryption ynh_app_setting_set --app="$app" --key=enable_relaybot --value="$enable_relaybot"
ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance ynh_app_setting_set --app="$app" --key=encryption --value="$encryption"
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=mautrix_version --value=$mautrix_version
ynh_app_setting_set --app="$app" --key=server_name --value="$server_name"
ynh_app_setting_set --app="$app" --key=domain --value="$domain"
ynh_app_setting_set --app="$app" --key=mautrix_version --value="$mautrix_version"
# Add the user to the signald group. The signald group was created when the signald ynh_app_setting_set --app="$app" --key=bot_synapse_adm --value="$bot_synapse_adm"
# package was installed from the extra repository
# resolved by https://gitlab.com/signald/signald/-/commit/278240f3f1cc40a3b444c958b68ca3d6908e98a8
usermod -a -G "$signald_user" "$app"
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=3 ynh_script_progression --message="Setting up source files..." --weight=5
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir/src" ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir" chmod 750 "$install_dir"
chown -R "$app:$app" "$install_dir" chmod -R 750 "$install_dir"
chown -R "$app":"$app" "$install_dir"
mkdir -p /var/log/$app
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION
@ -71,28 +83,15 @@ ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
chmod 400 "$install_dir/config.yaml" chmod 400 "$install_dir/config.yaml"
chown "$app:$app" "$install_dir/config.yaml" chown "$app:$app" "$install_dir/config.yaml"
#=================================================
# INSTALL MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#================================================= #=================================================
# REGISTER SYNAPSE APP-SERVICE # REGISTER SYNAPSE APP-SERVICE
#================================================= #=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1 ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml" "$install_dir"/mautrix-signal -g -c "$install_dir"/config.yaml -r "/etc/matrix-$synapse_instance/app-service/$app.yaml"
"/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh" || ynh_die --message="Synapse can't restart with the appservice configuration" /opt/yunohost/matrix-"$synapse_instance"/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
chown -R "$app:$app" "$install_dir" chown -R "$app":"$app" "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml" ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml" ynh_store_file_checksum --file="$install_dir/config.yaml"
@ -103,10 +102,10 @@ ynh_script_progression --message="Adding system configurations related to $app..
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log=/var/log/$app/$app.log yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user "$app/$app"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
@ -116,6 +115,9 @@ ynh_script_progression --message="Starting $app's systemd service..." --weight=2
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
# Update bot admin status
set_bot_admin_status
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

5
scripts/remove
View file

@ -13,7 +13,7 @@ source /usr/share/yunohost/helpers
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
synapse_db_name="matrix_$synapse_instance" synapse_db_name="$(get_synapse_db_name $synapse_instance)"
bot_synapse_db_user="@$botname:$server_name" bot_synapse_db_user="@$botname:$server_name"
#================================================= #=================================================
@ -48,8 +48,7 @@ ynh_psql_execute_as_root --database="$synapse_db_name" --sql="DROP OWNED BY \"$a
#================================================= #=================================================
ynh_script_progression --message="Removing various files..." --weight=6 ynh_script_progression --message="Removing various files..." --weight=6
ynh_secure_remove --file="$signald_data" # TODO: check if there is a data dir or some files to remove
ynh_secure_remove --file="$signald_exe"
# Remove a directory securely # Remove a directory securely
ynh_secure_remove --file="/etc/matrix-$synapse_instance/app-service/$app.yaml" ynh_secure_remove --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"

37
scripts/restore
View file

@ -11,7 +11,7 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
mautrix_version=$(ynh_app_upstream_version) mautrix_version=$(ynh_app_upstream_version)
synapse_db_name="matrix_$synapse_instance" synapse_db_name="$(get_synapse_db_name $synapse_instance)"
bot_synapse_db_user="@$botname:$server_name" bot_synapse_db_user="@$botname:$server_name"
#================================================= #=================================================
@ -35,32 +35,22 @@ ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name"
# RESTORE VARIOUS FILES # RESTORE VARIOUS FILES
#================================================= #=================================================
ynh_systemd_action --service_name=signald --action="stop" # TODO: check if there are some files to restore
ynh_restore_file --origin_path="$signald_data"
ynh_systemd_action --service_name=signald --action="start"
ynh_restore_file --origin_path="/var/log/$app/" ynh_restore_file --origin_path="/var/log/$app/"
#=================================================
# INSTALL MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#================================================= #=================================================
# REGISTER SYNAPSE APP-SERVICE # REGISTER SYNAPSE APP-SERVICE
#================================================= #=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1 ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml" $install_dir/mautrix-signal -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
"/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh" || ynh_die "Synapse can't restart with the appservice configuration" /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
chown -R $app:$app "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
#================================================= #=================================================
# RESTORE SYSTEM CONFIGURATIONS # RESTORE SYSTEM CONFIGURATIONS
@ -81,15 +71,8 @@ ynh_script_progression --message="Starting $app's systemd service..." --weight=1
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
# Wait until the synapse user is created # Update bot admin status
sleep 30 set_bot_admin_status
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ]; then
ynh_psql_execute_as_root --database="$synapse_db_name" --sql="UPDATE users SET admin = 1 WHERE name = \"$botname\";"
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
fi
ynh_systemd_action --service_name="$app" --action="restart" --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

60
scripts/upgrade Normal file → Executable file
View file

@ -14,6 +14,13 @@ synapse_db_name="matrix_$synapse_instance"
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name) server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain) domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
@ -28,27 +35,38 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Fix possible permission issues with a previous signald version, esp. with stickers # TODO: check if there are some file that need some chown chmod
mkdir -p /var/lib/signald/{avatars,attachments,stickers} # TODO: look at whatsapp to compare
chown "$signald_user:$signald_user" /var/lib/signald/{avatars,attachments,stickers}
chmod -R g+rwX /var/lib/signald/{avatars,attachments,stickers} # Check if an old version of the bridge is in use
# In this case it needs to be upgraded from python to go
# Note that 0.5.0 was never released, but it makes for a good cut-off
if ynh_compare_current_package_version --comparison lt --version 0.5.0~ynh1
then
source upgrade-pre-0.5.sh
fi
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src if [ "$upgrade_type" == "UPGRADE_APP" ]
ynh_setup_source --dest_dir="$install_dir/src" --full_replace=1 then
ynh_script_progression --message="Upgrading source files..." --weight=2
chmod -R o-rwx "$install_dir" # Download, check integrity, uncompress and patch the source from app.src
chown -R "$app:$app" "$install_dir" ynh_setup_source --dest_dir="$install_dir"
fi
chmod 750 "$install_dir"
chmod -R 750 "$install_dir"
chown -R $app:$app "$install_dir"
#================================================= #=================================================
# UPDATE A CONFIG FILE # UPDATE A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=2 ynh_script_progression --message="Updating a configuration file..." --weight=2
echo "botusers=$botusers"
if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then
if_botusers="# " if_botusers="# "
else else
@ -60,29 +78,15 @@ ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
chmod 400 "$install_dir/config.yaml" chmod 400 "$install_dir/config.yaml"
chown "$app:$app" "$install_dir/config.yaml" chown "$app:$app" "$install_dir/config.yaml"
#=================================================
# UPGRADE MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Upgrading Mautrix-Bridge Python Module..." --weight=2
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#================================================= #=================================================
# REGISTER SYNAPSE APP-SERVICE # REGISTER SYNAPSE APP-SERVICE
#================================================= #=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1 ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml" $install_dir/mautrix-signal -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die "Synapse can't restart with the appservice configuration" /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
# Set permissions on app files chown -R $app:$app "$install_dir"
chown -R "$app:$app" "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml" ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml" ynh_store_file_checksum --file="$install_dir/config.yaml"
@ -96,7 +100,7 @@ ynh_add_systemd_config
yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log" yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --nonappend ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user $app/$app
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE

62
scripts/upgrade-pre-0.5.sh Executable file
View file

@ -0,0 +1,62 @@
#!/bin/bash
# This script is intended to handle the upgrade from python to go.
# It should be ran exactly once, when installing a post-v5.0 version onto a pre-v5.0 version.
#
# This script is intended to be sourced from the main upgrade script, in order to retain variables
#=================================================
# MIGRATION 1 : PYTHON TO GO BRIDGE
#=================================================
# Version 0.5.1 of Mautrix Signal Bridge is written in Go, whereas previous versions
# were written in Python. Also signald data is not needed anymore.
signald_data="/var/lib/signald"
signald_exe="/usr/bin/signald"
signald_user="signald"
# Stop signald, and force stop all processes just in case
# We do not care about data loss, since we are going to delete the data anyway
ynh_systemd_action --service_name="signald" --action="stop"
sleep 10 # Temporisation to allow signald to stop gracefully
pkill -u "$signald_user" --signal 9 || true
# Remove rustup
if [ -e "$install_dir/.rustup" ]; then
ynh_exec_as "$app" "$install_dir/.cargo/bin/rustup" self uninstall
fi
# Remove signald executable
ynh_remove_systemd_config --service="signald"
ynh_secure_remove --file="$signald_exe"
# Remove signald data
ynh_secure_remove --file="$signald_data"
# Remove signald system user and group
ynh_system_user_delete --username=$signald_user
if ynh_system_group_exists --group="$signald_user"; then
groupdel "$signald_user"
fi
#=================================================
# MIGRATION 2 : MISSING CONFIGURATION VARIABLES
#=================================================
# Check if variable exists
enable_relaybot="$(ynh_app_setting_get --app="$app" --key=enable_relaybot)"
if [[ ! "$enable_relaybot" = "true" && ! "$enable_relaybot" = "false" ]] # Check setting is valid
then
enable_relaybot=$(python yaml2json.py "$install_dir/config.yaml" | jq -r .bridge.relay.enabled)
if [[ ! "$enable_relaybot" = "true" && ! "$enable_relaybot" = "false" ]]
then
ynh_script_progression --message="Previous setting for enable_relaybot was invalid, defaulting to enabled" --weight=2
enable_relaybot="true"
else
ynh_script_progression --message="Migrating previous configuration value for enable_relaybot: $enable_relaybot" --weight=1
fi
ynh_app_setting_set --app="$app" --key=enable_relaybot --value="$enable_relaybot"
fi

18
scripts/yaml2json.py Normal file
View file

@ -0,0 +1,18 @@
#!/usr/bin/python
# Usage: yaml2json.py <file>
import sys
import yaml
import json
assert len(sys.argv) == 2, "Expected a file as argument"
with open(sys.argv[1], "r") as f:
y = yaml.safe_load(f)
j = json.dumps(y)
print(j)

2
tests.toml
View file

@ -12,4 +12,4 @@ test_format = 1.0
args.botadmin = "@johndoe:synapsedomain.tld" args.botadmin = "@johndoe:synapsedomain.tld"
args.botusers = "synapsedomain.tld" args.botusers = "synapsedomain.tld"
test_upgrade_from.40c16d3c8898196c6e1a43e8f0af70c052dd41f6.name = "0.2.3~ynh1" test_upgrade_from.53823e7d92a678c5c27f62f64f7e914bd7096d0d.name = "Upgrade from 0.4.3~ynh2 (latest Python version)"