YunoHost-Apps/mautrix_signal_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mautrix_signal_ynh.git synced 2024-09-03 19:46:07 +02:00
Code Issues Activity Actions

Merge pull request #95 from YunoHost-Apps/ci-auto-update-0.5.1

Browse source 
Upgrade to v0.5.1 (migration from Python to Go version of the bridge)
This commit is contained in:
Nathanaël 2024-05-15 09:12:06 +02:00 committed by GitHub
commit a327639887
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 458 additions and 424 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -19,13 +19,13 @@ It shall NOT be edited by hand.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Shipped version:** 0.4.3~ynh2
**Shipped version:** 0.5.1~ynh1
## Documentation and resources
- Official user documentation: <https://docs.mau.fi/bridges/python/signal/index.html>
- Official user documentation: <https://docs.mau.fi/bridges/go/signal/index.html>
- Upstream app code repository: <https://github.com/mautrix/signal>
- YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal>
- Report a bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_eu.md
View file

@ -19,13 +19,13 @@ EZ editatu eskuz.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Paketatutako bertsioa:** 0.4.3~ynh2
**Paketatutako bertsioa:** 0.5.1~ynh1
## Dokumentazioa eta baliabideak
- Erabiltzaileen dokumentazio ofiziala: <https://docs.mau.fi/bridges/python/signal/index.html>
- Erabiltzaileen dokumentazio ofiziala: <https://docs.mau.fi/bridges/go/signal/index.html>
- Jatorrizko aplikazioaren kode-gordailua: <https://github.com/mautrix/signal>
- YunoHost Denda: <https://apps.yunohost.org/app/mautrix_signal>
- Eman errore baten berri: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

4
README_fr.md
View file

@ -23,10 +23,10 @@ La passerelle ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index
**Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_signal en même temps!**
**Version incluse:** 0.4.3~ynh2
**Version incluse:** 0.5.1~ynh1
## Documentations et ressources
- Documentation officielle utilisateur: <https://docs.mau.fi/bridges/python/signal/index.html>
- Documentation officielle utilisateur: <https://docs.mau.fi/bridges/go/signal/index.html>
- Dépôt de code officiel de lapp: <https://github.com/mautrix/signal>
- YunoHost Store: <https://apps.yunohost.org/app/mautrix_signal>
- Signaler un bug: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_gl.md
View file

@ -19,13 +19,13 @@ NON debe editarse manualmente.
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**Versión proporcionada:** 0.4.3~ynh2
**Versión proporcionada:** 0.5.1~ynh1
## Documentación e recursos
- Documentación oficial para usuarias: <https://docs.mau.fi/bridges/python/signal/index.html>
- Documentación oficial para usuarias: <https://docs.mau.fi/bridges/go/signal/index.html>
- Repositorio de orixe do código: <https://github.com/mautrix/signal>
- Tenda YunoHost: <https://apps.yunohost.org/app/mautrix_signal>
- Informar dun problema: <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

6
README_zh_Hans.md
View file

@ -19,13 +19,13 @@
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
**分发版本:** 0.4.3~ynh2
**分发版本:** 0.5.1~ynh1
## 文档与资源
- 官方用户文档: <https://docs.mau.fi/bridges/python/signal/index.html>
- 官方用户文档: <https://docs.mau.fi/bridges/go/signal/index.html>
- 上游应用代码库: <https://github.com/mautrix/signal>
- YunoHost 商店: <https://apps.yunohost.org/app/mautrix_signal>
- 报告 bug <https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues>

409
conf/config.yaml
View file

@ -1,168 +1,185 @@
# Homeserver details
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: https://__DOMAIN__
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: __SERVER_NAME__
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# Number of retries for all HTTP requests if the homeserver isn't reachable.
http_retry_count: 4
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Maximum number of simultaneous HTTP connections to the homeserver.
connection_limit: 100
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a media repo that supports MSC2246.
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
# Application service host/registration related details
# Should the bridge use a websocket for connecting to the homeserver?
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
# mautrix-asmux (deprecated), and hungryserv (proprietary).
websocket: false
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://localhost:__PORT__
# When using https:// the TLS certificate and key files for the address.
tls_cert: false
tls_key: false
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
hostname: localhost
port: __PORT__
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are supported.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
# Additionally, SQLite supports init_commands as an array of SQL queries to run on connect (e.g. to set PRAGMAs).
database_opts:
min_size: 5
max_size: 10
# Database config.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: postgres
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__?sslmode=disable
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: __BOTNAME__
# Username of the appservice bot.
bot_username: __BOTNAME__
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Signal bridge bot
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
# Appservice bot details.
bot:
# Username of the appservice bot.
username: __BOTNAME__
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: Signal bridge bot
avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: false
ephemeral_events: true
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "This value is generated when generating the registration"
hs_token: "This value is generated when generating the registration"
# Prometheus telemetry config. Requires prometheus-client to be installed.
# Prometheus config.
metrics:
# Enable prometheus metrics?
enabled: false
listen_port: 8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-signal.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
# IP and port where the metrics listener should be. The path is always /metrics
listen: 127.0.0.1:8000
signal:
# Path to signald unix socket
socket_path: /var/run/signald/signald.sock
# Directory for temp files when sending files to Signal. This should be an
# absolute path that signald can read. For attachments in the other direction,
# make sure signald is configured to use an absolute path as the data directory.
outgoing_attachment_dir: /tmp
# Directory where signald stores avatars for groups.
avatar_dir: ~/.config/signald/avatars
# Directory where signald stores auth data. Used to delete data when logging out.
data_dir: ~/.config/signald/data
# Whether or not unknown signald accounts should be deleted when the bridge is started.
# When this is enabled, any UserInUse errors should be resolved by restarting the bridge.
delete_unknown_accounts_on_start: false
# Whether or not message attachments should be removed from disk after they're bridged.
remove_file_after_handling: true
# Whether or not users can register a primary device
registration_enabled: true
# Whether or not to enable disappearing messages in groups. If enabled, then the expiration
# time of the messages will be determined by the first users to read the message, rather
# than individually. If the bridge has a single user, this can be turned on safely.
enable_disappearing_messages_in_groups: false
# Default device name that shows up in the Signal app.
device_name: mautrix-signal
# Bridge config
bridge:
# Localpart template of MXIDs for Signal users.
# {userid} is replaced with the UUID of the Signal user.
username_template: "sg_{userid}"
# Displayname template for Signal users.
# {displayname} is replaced with the displayname of the Signal user, which is the first
# available variable in displayname_preference. The variables in displayname_preference
# can also be used here directly.
displayname_template: "{displayname} (SG)"
# Whether or not contact list displaynames should be used.
# Possible values: disallow, allow, prefer
#
# Multi-user instances are recommended to disallow contact list names, as otherwise there can
# be conflicts between names from different users' contact lists.
contact_list_names: disallow
# Available variables: full_name, first_name, last_name, phone, uuid
displayname_preference:
- full_name
- phone
# {{.}} is replaced with the internal ID of the Signal user.
username_template: sg_{{.}}
# Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
# {{.ProfileName}} - The Signal profile name set by the user.
# {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
# {{.PhoneNumber}} - The phone number of the user.
# {{.UUID}} - The UUID of the Signal user.
# {{.AboutEmoji}} - The emoji set by the user in their profile.
displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}'
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
# Should avatars from the user's contact list be used? This is not safe on multi-user instances.
use_contact_avatars: false
# Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances.
use_outdated_profiles: false
# Should the Signal user's phone number be included in the room topic in private chat portal rooms?
number_in_topic: true
# Avatar image for the Note to Self room.
note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL
# Whether or not to create portals for all groups on login/connect.
autocreate_group_portal: true
# Whether or not to create portals for all contacts on login/connect.
autocreate_contact_portal: false
# Whether or not to make portals of Signal groups in which joining via invite link does
# not need to be approved by an administrator publicly joinable on Matrix.
public_portals: false
# Whether or not to use /sync to get read receipts and typing notifications
# when double puppeting is enabled
sync_with_custom_puppets: true
# Whether or not to update the m.direct account data event when double puppeting is enabled.
portal_message_buffer: 128
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
# Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time.
personal_filtering_spaces: true
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
delivery_receipts: false
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
double_puppet_server_map:
example.com: https://example.com
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map:
example.com: foo
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# Whether or not to make portals of groups that don't need approval of an admin to join by invite
# link publicly joinable on Matrix.
public_portals: false
# Send captions in the same message as images. This will send data compatible with both MSC2530.
# This is currently not supported in most clients.
caption_in_message: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
# Servers to always allow double puppeting from
double_puppet_server_map:
example.com: https://example.com
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map:
example.com: foobar
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
# Null means there's no enforced timeout.
message_handling_timeout:
# Send an error message after this timeout, but keep waiting for the response until the deadline.
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
error_after: null
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
# This is counted from the time the bridge starts handling the message.
deadline: 120s
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!signal'
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
@ -196,6 +213,10 @@ bridge:
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# Valid levels:
@ -207,7 +228,7 @@ bridge:
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix.
# Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
@ -231,142 +252,62 @@ bridge:
# default.
messages: 100
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Signal. This let's you check manually whether the bridge is receiving your
# messages.
# Note that this is not related to Signal delivery receipts.
delivery_receipts: false
# Whether or not delivery errors should be reported as messages in the Matrix room.
delivery_error_reports: true
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Interval at which to resync contacts (in seconds).
periodic_sync: 0
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Should leaving the room on Matrix make the user leave on Signal?
bridge_matrix_leave: true
# Should the bridge auto-create a group chat on Signal when a ghost is invited to a room?
# Requires the user to have sufficient power level and double puppeting enabled.
create_group_on_invite: true
hacky_contact_name_mixup_detection: false
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
# Settings for provisioning API
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: false
# The prefix to use in the provisioning API endpoints.
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: generate
# Segment API key to enable analytics tracking for web server
# endpoints. Set to null to disable.
# Currently the only events are login start, QR code scan, and login
# success/failure.
segment_key: null
# Optional user_id to use when sending Segment events. If null, defaults to using mxID.
segment_user_id: null
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!sg"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `link` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Permissions for using the bridge.
# Permitted values:
# relay - Allowed to be relayed through the bridge, no access to commands.
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a Signal account.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
"*": "relay"
__IF_BOTUSERS__"__BOTUSERS__": "user"
"__BOTADMIN__": "admin"
"*": relay
__IF_BOTUSERS__"__BOTUSERS__": user
"__BOTADMIN__": admin
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: __ENABLE_RELAYBOT__
# The formats to use when sending messages to Signal via a relay user.
#
# Available variables:
# $sender_displayname - The display name of the sender (e.g. Example User)
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
# $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
# $message - The message content
# Should only admins be allowed to set themselves as relay users?
admin_only: false
# The formats to use when sending messages to Signal via the relaybot.
message_formats:
m.text: '$sender_displayname: $message'
m.notice: '$sender_displayname: $message'
m.emote: '* $sender_displayname $message'
m.file: '$sender_displayname sent a file'
m.image: '$sender_displayname sent an image'
m.audio: '$sender_displayname sent an audio file'
m.video: '$sender_displayname sent a video'
m.location: '$sender_displayname sent a location'
# Specify a dedicated relay account. Must be a regular matrix account logged into this bridge
# and double puppeting working to auto-accept invites. When this user is invited to a room
# it will automatically be set as the relay user. May be overridden with `set-relay` or `unset-relay`
# relaybot: '@relaybot:example.com'
# Whether or not invites from non-logged-in users should be relayed
invite: true
m.text: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
m.notice: "<b>{{ .Sender.Displayname }}</b>: {{ .Message }}"
m.emote: "* <b>{{ .Sender.Displayname }}</b> {{ .Message }}"
m.file: "<b>{{ .Sender.Displayname }}</b> sent a file"
m.image: "<b>{{ .Sender.Displayname }}</b> sent an image"
m.audio: "<b>{{ .Sender.Displayname }}</b> sent an audio file"
m.video: "<b>{{ .Sender.Displayname }}</b> sent a video"
m.location: "<b>{{ .Sender.Displayname }}</b> sent a location"
# Format for generating URLs from location messages for sending to Signal
# Google Maps: 'https://www.google.com/maps/place/{lat},{long}'
# OpenStreetMap: 'https://www.openstreetmap.org/?mlat={lat}&mlon={long}'
location_format: 'https://www.google.com/maps/place/{lat},{long}'
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
# Logging config. See https://github.com/tulir/zeroconfig for details.
logging:
version: 1
formatters:
colored:
(): mautrix_signal.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: /var/log/__APP__/__APP__.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: INFO
aiohttp:
level: INFO
root:
level: INFO
handlers: [file, console]
min_level: info
writers:
- type: stdout
format: pretty-colored
- type: file
format: json
filename: /var/log/__APP__/__APP__.log
max_size: 100
max_backups: 10
compress: true

21
conf/signald.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=A daemon for interacting with the Signal Private Messenger
Wants=network.target
After=network.target
[Service]
Type=simple
RuntimeDirectory=signald
RuntimeDirectoryMode=0770
User=__SIGNALD_USER__
Group=__SIGNALD_USER__
#ExecStart=/usr/bin/signald -d /var/lib/signald
ExecStart=__SIGNALD_PATH__/build/install/signald/bin/signald -d /var/lib/signald
EnvironmentFile=-/etc/default/signald
Restart=on-failure
UMask=0007
# JVM always exits with 143 in reaction to SIGTERM signal
SuccessExitStatus=143
[Install]
WantedBy=default.target

2
conf/systemd.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__INSTALL_DIR__/
ExecStart=__INSTALL_DIR__/bin/python3 -m mautrix_signal
ExecStart=__INSTALL_DIR__/mautrix-signal -c=__INSTALL_DIR__/config.yaml
[Install]
WantedBy=multi-user.target

5
doc/ADMIN.md
View file

@ -12,7 +12,7 @@
* Then, invite the bot (default @signalbot:yoursynapse.domain) in this new Mautrix-Signal bot administration room.
* If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html)
* Send ``!sg help`` to the bot in the created room to know how to control the bot.
See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/signal/authentication.html)
See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/go/signal/authentication.html)
#### Linking the Bridge as a secondary device
@ -50,12 +50,11 @@ and then restarting the mautrix_signal service.
## Documentation
* Official "Mautrix-Signal" documentation: <https://docs.mau.fi/bridges/python/signal/index.html>
* Official "Mautrix-Signal" documentation: <https://docs.mau.fi/bridges/go/signal/index.html>
* Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr
* Matrix room (upstream app): #signal:maunium.net
In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with
```| sed -r 's/[0-9]{10,}/📞/g'```
* "Mautrix-Signal" bridge is based on the [signal daemon](https://gitlab.com/signald/signald) project.
* YunoHost documentation: If more specific documentation is needed, feel free to contribute.
## YunoHost specific features

2
doc/DESCRIPTION.md
View file

@ -1,4 +1,4 @@
A puppeting bridge between Matrix and Signal packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Signal user and a Matrix user.
Currently the Matrix user can NOT invite other Matrix user in a bridged Signal room, so only someone with a Signal account can participate to Signal group conversations.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/python/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.
The ["Mautrix-Signal"](https://docs.mau.fi/bridges/go/signal/index.html) bridge consists in a Synapse App Service and relies on postgresql (mysql also possible). Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand.

72
manifest.toml
View file

@ -7,25 +7,25 @@ name = "Matrix Signal bridge"
description.en = "Matrix / Synapse puppeting bridge for Signal"
description.fr = "Passerelle Matrix / Synapse pour Signal"
version = "0.4.3~ynh2"
version = "0.5.1~ynh1"
maintainers = ["MayeulC"]
maintainers = ["MayeulC", "nathanael-h"]
[upstream]
license = "AGPL-3.0-or-later"
userdoc = "https://docs.mau.fi/bridges/python/signal/index.html"
userdoc = "https://docs.mau.fi/bridges/go/signal/index.html"
code = "https://github.com/mautrix/signal"
fund = "https://github.com/sponsors/tulir"
[integration]
yunohost = ">= 11.2"
architectures = "all"
architectures = ["amd64", "arm64"]
multi_instance = true
ldap = "not_relevant"
sso = "not_relevant"
disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ...
ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
disk = "1G"
ram.build = "128M"
ram.runtime = "128M"
[install]
[install.synapsenumber]
@ -46,6 +46,22 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
example = "signalbot"
default = "signalbot"
[install.bot_synapse_adm]
ask.en = "Give the Signal bot administrator rights to the Synapse instance?"
ask.fr = "Donner au robot Signal des droits administrateur à l'instance Synapse ?"
type = "boolean"
help.en = "If activated, the bot can group Signal chats in a Matrix space.Not required if you set up Synapse so that non-admins are authorized to create communities."
help.fr = "Si activé, le robot groupera les conversations Signal dans une communauté Matrix.Pas nécessaire si vous avez réglé Synapse pour qu'il autorise les non-admin à créer des communautés."
default = true
[install.encryption]
ask.en = "Enable end-to-bridge encryption?"
ask.fr = "Activer le chiffrement entre Synapse et le bridge ?"
type = "boolean"
help.en = "Only activate if you know the prerequisites and constraints related to E2B."
help.fr = "N'activer que si vous connaissez les prérequis et constraintes liées à E2B."
default = true
[install.botadmin]
ask.en = "Choose the Matrix account administrator of the Signal bot"
ask.fr = "Choisissez le compte Matrix administrateur du robot Signal"
@ -64,23 +80,34 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
example = "admin or domain or @johndoe:server.name or server.name or *"
default = "domain"
[install.enable_relaybot]
ask.en = "Choose whether to enable the relay bot feature"
ask.fr = "Choisissez si vous souhaitez activer la fonctionnalité de relai par bot"
help.en = "If enabled, allows to use a single signal account (bot) to forward messages from multiple Matrix users. Messages will appear on Signal as if originating from a single user, with a prefix that indicates who is talking."
help.fr = "Si activé, permet d'utiliser un seul compte signal (bot) pour transmettre les messages de multiples utilisateurs Matrix. Les messages apparaîtront sur Signal comme envoyés par un seul utilisateur, avec un préfixe indiquant leur auteur."
type = "boolean"
default = true
[resources]
[resources.sources]
[resources.sources.main]
url = "https://github.com/mautrix/signal/archive/refs/tags/v0.4.3.tar.gz"
sha256 = "e75636e845d4b9d84070efec510b7358b93a4fb0d6ffe4300dbdb9260725ba53"
rename = "mautrix-signal.tar.gz"
in_subdir = false
extract = false
rename = "mautrix-signal"
amd64.url = "https://github.com/mautrix/signal/releases/download/v0.5.1/mautrix-signal-amd64"
amd64.sha256 = "571919fa4402a22b6ff8bdcc451377174a2d0344a08d65d5dfcdbd2998902ba5"
arm64.url = "https://github.com/mautrix/signal/releases/download/v0.5.1/mautrix-signal-arm64"
arm64.sha256 = "55c5e685bf9d63a2cc5b436215adff1bc31cb78a8bc4845c94bb150e1d12760c"
autoupdate.strategy = "latest_github_release"
[resources.sources.signald]
url = "https://gitlab.com/signald/signald/-/archive/0.17.0/signald-0.17.0.tar.gz"
sha256 = "225e36637daccf5f01138b7e29e3b2195bced7b13a290d163e34fe1f5d4a5d2a"
autoupdate.asset.amd64 = "^mautrix-signal-amd64$"
autoupdate.asset.arm64 = "^mautrix-signal-arm64$"
[resources.system_user]
home = "/opt/yunohost/__APP__"
[resources.install_dir]
dir = "/opt/yunohost/__APP__"
[resources.permissions]
@ -88,22 +115,7 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
main.default = 8449
[resources.apt]
packages = [
"postgresql",
"python3",
"python3-dev",
"build-essential",
"libolm-dev",
]
[resources.apt.extras.signal]
repo = "https://updates.signald.org unstable main"
key = "https://updates.signald.org/apt-signing-key.asc"
packages = [
"libunixsocket-java",
"signald",
"signaldctl",
]
packages = "g++, postgresql, ffmpeg"
[resources.database]
type = "postgresql"

73
scripts/_common.sh
View file

@ -4,31 +4,66 @@
# COMMON VARIABLES
#=================================================
signald_data="/var/lib/signald"
signald_exe="/usr/bin/signald"
signald_user="signald"
enable_relaybot=true
#=================================================
# PERSONAL HELPERS
#=================================================
_install_rustup() {
export PATH="$PATH:$install_dir/.cargo/bin:$install_dir/.local/bin:/usr/local/sbin"
if [ -e "$install_dir/.rustup" ]; then
ynh_exec_as "$app" env "PATH=$PATH" rustup update
else
ynh_exec_as "$app" bash -c 'curl -sSf -L https://static.rust-lang.org/rustup.sh | sh -s -- -y --default-toolchain=stable --profile=minimal'
fi
get_synapse_db_name() {
# Parameters: synapse instance identifier
# Returns: database name
ynh_app_setting_get --app="$1" --key=db_name
}
_mautrix_signal_build_venv() {
python3 -m venv "$install_dir/venv"
"$install_dir/venv/bin/pip3" install --upgrade pip setuptools wheel
"$install_dir/venv/bin/pip3" install --upgrade \
"$install_dir/src/mautrix-signal.tar.gz[metrics,e2be,formattednumbers,qrlink,stickers]"
wait_for_user_to_exist_in_synapse_db() {
# Indefinitely check if the user exists
# This is a separate script to allow launching with timeout(1)
# Parameters:
# - username (in the form @user:server)
# - synapse database
# Returns 0 if user is found to exist
local username="$1"
local synapse_db="$2"
sql="select exists(select 1 from users where name = '$username');"
retval=""
while true; do
# A yunohost helper to do that would be welcome
retval=$(cd / && sudo -u postgres psql --dbname="$synapse_db" -c "$sql" -q -t)
if [ "$retval" = " t" ]; then # User exists
break
fi
sleep 0.5 # Avoid retrying too eagerly
done
return 0
}
set_bot_admin_status() {
# Set bot admin status in synapse DB
# This relies on several bash variables being set in the caller environment:
# server_name, botname, bot_synapse_adm, app
local timeout=120
local bot_synapse_db_user="@$botname:$server_name"
local synapse_db_name=$(get_synapse_db_name $synapse_instance)
ynh_print_info --message="Updating bot user admin status"
export -f wait_for_user_to_exist_in_synapse_db # Export function to subprocesses so that it may be called with timeout
# Wait until the user is created in synapse db
if ! timeout $timeout bash -c "wait_for_user_to_exist_in_synapse_db \"$bot_synapse_db_user\" \"$synapse_db_name\"" 2>&1; then
ynh_print_warn --message="Bot user $bot_synapse_db_user did not exist after $timeout seconds, skipping changing its admin status"
fi
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ] || [ "$bot_synapse_adm" = "1" ]; then
bot_synapse_adm=1
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
else
bot_synapse_adm=0
fi
ynh_psql_execute_as_root --database="$synapse_db_name" --sql="UPDATE users SET admin = $bot_synapse_adm WHERE name = '$bot_synapse_db_user';"
ynh_systemd_action --service_name="$app" --action="restart" --log_path="/var/log/$app/$app.log"
}
#=================================================

2
scripts/backup
View file

@ -33,7 +33,7 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="$signald_data"
# TODO: check if there are some files to backup
ynh_backup --src_path="/var/log/$app/"

84
scripts/install
View file

@ -9,14 +9,15 @@
source _common.sh
source /usr/share/yunohost/helpers
# Satisfy shellcheck, those variables are known when starting the script:
# shellcheck disable=SC2154
echo From manifest: "$synapsenumber $bot_synapse_adm", \
From yunohost: "$app $install_dir" > /dev/null
#=================================================
# INITIALIZE AND STORE SETTINGS
#=================================================
bot_synapse_adm=true
encryption=false
if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then
if_botusers="# "
else
@ -24,42 +25,53 @@ else
fi
# ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge
if [ $synapsenumber -eq "1" ]
if [ "$synapsenumber" -eq "1" ]
then
synapse_instance="synapse"
else
synapse_instance="synapse__$synapsenumber"
fi
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
# Convert user choice boolean from the manifest into a config value
if [ "$enable_relaybot" -eq "1" ]
then
enable_relaybot="true"
else
enable_relaybot="false"
fi
if [ "$encryption" -eq "1" ]
then
encryption="true"
else
encryption="false"
fi
server_name=$(ynh_app_setting_get --app "$synapse_instance" --key server_name)
domain=$(ynh_app_setting_get --app "$synapse_instance" --key domain)
mautrix_version=$(ynh_app_upstream_version)
bot_synapse_db_user="@$botname:$server_name"
synapse_db_name="matrix_$synapse_instance"
ynh_app_setting_set --app=$app --key=bot_synapse_adm --value=$bot_synapse_adm
ynh_app_setting_set --app=$app --key=encryption --value=$encryption
ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=mautrix_version --value=$mautrix_version
ynh_app_setting_set --app="$app" --key=synapse_instance --value="$synapse_instance"
ynh_app_setting_set --app="$app" --key=enable_relaybot --value="$enable_relaybot"
ynh_app_setting_set --app="$app" --key=encryption --value="$encryption"
ynh_app_setting_set --app="$app" --key=server_name --value="$server_name"
ynh_app_setting_set --app="$app" --key=domain --value="$domain"
ynh_app_setting_set --app="$app" --key=mautrix_version --value="$mautrix_version"
# Add the user to the signald group. The signald group was created when the signald
# package was installed from the extra repository
# resolved by https://gitlab.com/signald/signald/-/commit/278240f3f1cc40a3b444c958b68ca3d6908e98a8
usermod -a -G "$signald_user" "$app"
ynh_app_setting_set --app="$app" --key=bot_synapse_adm --value="$bot_synapse_adm"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_script_progression --message="Setting up source files..." --weight=5
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir/src"
ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir"
chown -R "$app:$app" "$install_dir"
mkdir -p /var/log/$app
chmod 750 "$install_dir"
chmod -R 750 "$install_dir"
chown -R "$app":"$app" "$install_dir"
#=================================================
# ADD A CONFIGURATION
@ -71,28 +83,15 @@ ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
chmod 400 "$install_dir/config.yaml"
chown "$app:$app" "$install_dir/config.yaml"
#=================================================
# INSTALL MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml"
"/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh" || ynh_die --message="Synapse can't restart with the appservice configuration"
"$install_dir"/mautrix-signal -g -c "$install_dir"/config.yaml -r "/etc/matrix-$synapse_instance/app-service/$app.yaml"
/opt/yunohost/matrix-"$synapse_instance"/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
chown -R "$app:$app" "$install_dir"
chown -R "$app":"$app" "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
@ -103,10 +102,10 @@ ynh_script_progression --message="Adding system configurations related to $app..
# Create a dedicated systemd config
ynh_add_systemd_config
yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log=/var/log/$app/$app.log
yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user "$app/$app"
#=================================================
# START SYSTEMD SERVICE
@ -116,6 +115,9 @@ ynh_script_progression --message="Starting $app's systemd service..." --weight=2
# Start a systemd service
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
# Update bot admin status
set_bot_admin_status
#=================================================
# END OF SCRIPT
#=================================================

5
scripts/remove
View file

@ -13,7 +13,7 @@ source /usr/share/yunohost/helpers
# LOAD SETTINGS
#=================================================
synapse_db_name="matrix_$synapse_instance"
synapse_db_name="$(get_synapse_db_name $synapse_instance)"
bot_synapse_db_user="@$botname:$server_name"
#=================================================
@ -48,8 +48,7 @@ ynh_psql_execute_as_root --database="$synapse_db_name" --sql="DROP OWNED BY \"$a
#=================================================
ynh_script_progression --message="Removing various files..." --weight=6
ynh_secure_remove --file="$signald_data"
ynh_secure_remove --file="$signald_exe"
# TODO: check if there is a data dir or some files to remove
# Remove a directory securely
ynh_secure_remove --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"

37
scripts/restore
View file

@ -11,7 +11,7 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
mautrix_version=$(ynh_app_upstream_version)
synapse_db_name="matrix_$synapse_instance"
synapse_db_name="$(get_synapse_db_name $synapse_instance)"
bot_synapse_db_user="@$botname:$server_name"
#=================================================
@ -35,32 +35,22 @@ ynh_psql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name"
# RESTORE VARIOUS FILES
#=================================================
ynh_systemd_action --service_name=signald --action="stop"
ynh_restore_file --origin_path="$signald_data"
ynh_systemd_action --service_name=signald --action="start"
# TODO: check if there are some files to restore
ynh_restore_file --origin_path="/var/log/$app/"
#=================================================
# INSTALL MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml"
"/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh" || ynh_die "Synapse can't restart with the appservice configuration"
$install_dir/mautrix-signal -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
chown -R $app:$app "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
@ -81,15 +71,8 @@ ynh_script_progression --message="Starting $app's systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
# Wait until the synapse user is created
sleep 30
# (Note that, by default, non-admins might not have your homeserver's permission to create communities.)
if [ "$bot_synapse_adm" = true ]; then
ynh_psql_execute_as_root --database="$synapse_db_name" --sql="UPDATE users SET admin = 1 WHERE name = \"$botname\";"
# #yunohost app action run $synapse_instance set_admin_user -a username=$botname
fi
ynh_systemd_action --service_name="$app" --action="restart" --log_path="/var/log/$app/$app.log"
# Update bot admin status
set_bot_admin_status
#=================================================
# END OF SCRIPT

60
scripts/upgrade Normal file → Executable file
View file

@ -14,6 +14,13 @@ synapse_db_name="matrix_$synapse_instance"
server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name)
domain=$(ynh_app_setting_get --app $synapse_instance --key domain)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@ -28,27 +35,38 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Fix possible permission issues with a previous signald version, esp. with stickers
mkdir -p /var/lib/signald/{avatars,attachments,stickers}
chown "$signald_user:$signald_user" /var/lib/signald/{avatars,attachments,stickers}
chmod -R g+rwX /var/lib/signald/{avatars,attachments,stickers}
# TODO: check if there are some file that need some chown chmod
# TODO: look at whatsapp to compare
# Check if an old version of the bridge is in use
# In this case it needs to be upgraded from python to go
# Note that 0.5.0 was never released, but it makes for a good cut-off
if ynh_compare_current_package_version --comparison lt --version 0.5.0~ynh1
then
source upgrade-pre-0.5.sh
fi
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir/src" --full_replace=1
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=2
chmod -R o-rwx "$install_dir"
chown -R "$app:$app" "$install_dir"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
fi
chmod 750 "$install_dir"
chmod -R 750 "$install_dir"
chown -R $app:$app "$install_dir"
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=2
echo "botusers=$botusers"
if [[ -z "$botusers" ]] || [ "$botusers" == "admin" ]; then
if_botusers="# "
else
@ -60,29 +78,15 @@ ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml"
chmod 400 "$install_dir/config.yaml"
chown "$app:$app" "$install_dir/config.yaml"
#=================================================
# UPGRADE MAUTRIX-BRIDGE PYTHON MODULE
#=================================================
ynh_script_progression --message="Upgrading Mautrix-Bridge Python Module..." --weight=2
if [ "$YNH_ARCH" == "armhf" ] || [ "$YNH_ARCH" == "armel" ]; then
# Install rustup is not already installed
# We need this to be able to install cryptgraphy
_install_rustup
fi
_mautrix_signal_build_venv
#=================================================
# REGISTER SYNAPSE APP-SERVICE
#=================================================
ynh_script_progression --message="Registering Synapse app-service" --weight=1
"$install_dir/venv/bin/python3" -m mautrix_signal -g -c "$install_dir/config.yaml" -r "/etc/matrix-$synapse_instance/app-service/$app.yaml"
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die "Synapse can't restart with the appservice configuration"
$install_dir/mautrix-signal -g -c $install_dir/config.yaml -r /etc/matrix-$synapse_instance/app-service/$app.yaml
/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration"
# Set permissions on app files
chown -R "$app:$app" "$install_dir"
chown -R $app:$app "$install_dir"
ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.yaml"
ynh_store_file_checksum --file="$install_dir/config.yaml"
@ -96,7 +100,7 @@ ynh_add_systemd_config
yunohost service add "$app" --description="$app daemon for bridging Signal and Matrix messages" --log="/var/log/$app/$app.log"
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --nonappend
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user $app/$app
#=================================================
# START SYSTEMD SERVICE

62
scripts/upgrade-pre-0.5.sh Executable file
View file

@ -0,0 +1,62 @@
#!/bin/bash
# This script is intended to handle the upgrade from python to go.
# It should be ran exactly once, when installing a post-v5.0 version onto a pre-v5.0 version.
#
# This script is intended to be sourced from the main upgrade script, in order to retain variables
#=================================================
# MIGRATION 1 : PYTHON TO GO BRIDGE
#=================================================
# Version 0.5.1 of Mautrix Signal Bridge is written in Go, whereas previous versions
# were written in Python. Also signald data is not needed anymore.
signald_data="/var/lib/signald"
signald_exe="/usr/bin/signald"
signald_user="signald"
# Stop signald, and force stop all processes just in case
# We do not care about data loss, since we are going to delete the data anyway
ynh_systemd_action --service_name="signald" --action="stop"
sleep 10 # Temporisation to allow signald to stop gracefully
pkill -u "$signald_user" --signal 9 || true
# Remove rustup
if [ -e "$install_dir/.rustup" ]; then
ynh_exec_as "$app" "$install_dir/.cargo/bin/rustup" self uninstall
fi
# Remove signald executable
ynh_remove_systemd_config --service="signald"
ynh_secure_remove --file="$signald_exe"
# Remove signald data
ynh_secure_remove --file="$signald_data"
# Remove signald system user and group
ynh_system_user_delete --username=$signald_user
if ynh_system_group_exists --group="$signald_user"; then
groupdel "$signald_user"
fi
#=================================================
# MIGRATION 2 : MISSING CONFIGURATION VARIABLES
#=================================================
# Check if variable exists
enable_relaybot="$(ynh_app_setting_get --app="$app" --key=enable_relaybot)"
if [[ ! "$enable_relaybot" = "true" && ! "$enable_relaybot" = "false" ]] # Check setting is valid
then
enable_relaybot=$(python yaml2json.py "$install_dir/config.yaml" | jq -r .bridge.relay.enabled)
if [[ ! "$enable_relaybot" = "true" && ! "$enable_relaybot" = "false" ]]
then
ynh_script_progression --message="Previous setting for enable_relaybot was invalid, defaulting to enabled" --weight=2
enable_relaybot="true"
else
ynh_script_progression --message="Migrating previous configuration value for enable_relaybot: $enable_relaybot" --weight=1
fi
ynh_app_setting_set --app="$app" --key=enable_relaybot --value="$enable_relaybot"
fi

18
scripts/yaml2json.py Normal file
View file

@ -0,0 +1,18 @@
#!/usr/bin/python
# Usage: yaml2json.py <file>
import sys
import yaml
import json
assert len(sys.argv) == 2, "Expected a file as argument"
with open(sys.argv[1], "r") as f:
y = yaml.safe_load(f)
j = json.dumps(y)
print(j)

2
tests.toml
View file

@ -12,4 +12,4 @@ test_format = 1.0
args.botadmin = "@johndoe:synapsedomain.tld"
args.botusers = "synapsedomain.tld"
test_upgrade_from.40c16d3c8898196c6e1a43e8f0af70c052dd41f6.name = "0.2.3~ynh1"
test_upgrade_from.53823e7d92a678c5c27f62f64f7e914bd7096d0d.name = "Upgrade from 0.4.3~ynh2 (latest Python version)"