diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh index 0bf2f64..da21b75 100755 --- a/.github/workflows/updater.sh +++ b/.github/workflows/updater.sh @@ -18,59 +18,73 @@ current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') # Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -tarball_url="https://github.com/$repo/archive/refs/tags/$version.tar.gz" +assets="https://github.com/$repo/archive/refs/tags/$version.tar.gz" # Later down the script, we assume the version has only digits and dots # Sometimes the release name starts with a "v", so let's filter it out. # You may need more tweaks here if the upstream repository has different naming conventions. if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} + version=${version:1} fi # Setting up the environment variables echo "Current version: $current_version" echo "Latest release from upstream: $version" echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV # For the time being, let's assume the script will fail echo "PROCEED=false" >> $GITHUB_ENV # Proceed only if the retrieved version is greater than the current one if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 + echo "::warning ::No new version available" + exit 0 # Proceed only if a PR for this new version does not already exist elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 + echo "::warning ::A branch already exists for this update" + exit 0 fi #================================================= # UPDATE SOURCE FILES #================================================= +# Let's download source tarball +asset_url=$assets + +echo "Handling asset at $asset_url" + +src="app" + # Create the temporary directory tempdir="$(mktemp -d)" # Download sources and calculate checksum -filename=${tarball_url##*/} -curl --silent -4 -L "$tarball_url" -o "$tempdir/$filename" +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" checksum=$(sha256sum "$tempdir/$filename" | head -c 64) +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + # Rewrite source file -cat < conf/app.src -SOURCE_URL=$tarball_url +cat < conf/$src.src +SOURCE_URL=$asset_url SOURCE_SUM=$checksum SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz +SOURCE_FORMAT=$extension SOURCE_IN_SUBDIR=true SOURCE_FILENAME=mautrix-telegram.tar.gz SOURCE_EXTRACT=false EOT - -echo "... conf/app.src updated" - -# Delete temporary directory -rm -rf $tempdir +echo "... conf/$src.src updated" #================================================= # SPECIFIC UPDATE STEPS diff --git a/README.md b/README.md index ca6a0d8..4087800 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,13 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in A puppeting bridge between Matrix and Telegram packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Telegram user and a Matrix user. Currently the Matrix user can NOT invite other Matrix user in a bridged Telegram room, so only someone with a Telegram account can participate to Telegram group conversations. The ["Mautrix-Telegram"](https://docs.mau.fi/bridges/python/telegram/index.html) bridge is a Synapse App Service and relies on postgresql. Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. + +**Shipped version:** 0.12.0~ynh1 + +## Disclaimers / important information + ## List of known public services + * Ask on one of the following rooms: #mautrix_yunohost:matrix.fdn.fr or #telegram:maunium.net ## Bridging usage @@ -49,19 +55,14 @@ See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/ ### Relaybot: Bridge a group for several Matrix and several Telegram users to chat together * see https://docs.mau.fi/bridges/python/telegram/relay-bot.html - -**Shipped version:** 0.11.3~ynh2 - -## Disclaimers / important information - -### Configuration of the bridge +## Configuration of the bridge The bridge is [roughly configured at installation](https://github.com/YunoHost-Apps/mautrix_telegram_ynh/blob/master/conf/config.yaml), e.g. allowed admin and user of the bot. Finer configuration can be done by modifying the following configuration file with SSH: ```/opt/yunohost/mautrix_telegram/config.yaml``` and then restarting the mautrix_telegram service. -### Documentation +## Documentation * Official "Mautrix-Telegram" documentation: https://docs.mau.fi/bridges/python/telegram/index.html * Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr @@ -71,6 +72,8 @@ In case you need to upload your logs somewhere, be aware that they contain your * "Mautrix-Telegram" bridge is based on the [telegram daemon](https://gitlab.com/telegramd/telegramd) project. * YunoHost documentation: If more specific documentation is needed, feel free to contribute. +## YunoHost specific features + #### Multi-user support * Bot users are not related to Yunohost users. Any Matrix account or Synapse server autorized in the configuration of the bridge can invite/use the bot. @@ -84,7 +87,7 @@ In case you need to upload your logs somewhere, be aware that they contain your * Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Telegram accounts. * Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances. -### Troubleshooting +## Troubleshooting * Check the spelling of the bot name! * For slow servers it might be necessary to run ``systemctl edit mautrix_telegram.service`` (also for `coturn.service` and `coturn-synapse.service`) and insert diff --git a/README_fr.md b/README_fr.md index 19decaf..ab145a1 100644 --- a/README_fr.md +++ b/README_fr.md @@ -15,13 +15,22 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour ## Vue d'ensemble -A puppeting bridge between Matrix and Telegram packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Telegram user and a Matrix user. Currently the Matrix user can NOT invite other Matrix user in a bridged Telegram room, so only someone with a Telegram account can participate to Telegram group conversations. The ["Mautrix-Telegram"](https://docs.mau.fi/bridges/python/telegram/index.html) bridge is a Synapse App Service and relies on postgresql. Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. +Une passerelle entre Matrix et Telegram empaquetée comme un service YunoHost. Les messages, médias et notifications sont relayées entre un compte Telegram et un compte Matrix. +La passerelle ["Mautrix-Telegram"](https://docs.mau.fi/bridges/python/telegram/index.html) consiste en un Service d'Application Matrix-Synapse et repose sur une base-de-données postgresql. C'est pourquoi [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) doit être préalablemnet installé. -## List of known public services -* Ask on one of the following rooms: #mautrix_yunohost:matrix.fdn.fr or #telegram:maunium.net +** Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_telegram en même temps!** -## Bridging usage -** Note that several Telegram and Matrix users can be bridged, each Telegram account has its own bot administration room. If they are in a same Telegram group, only one matrix room will be created. ** + +**Version incluse :** 0.12.0~ynh1 + +## Avertissements / informations importantes + +## Liste de passerelles publiques + +* Demandez sur un des salons suivants: #mautrix_yunohost:matrix.fdn.fr ou #telegram:maunium.net + +## Usages de la passerelle +** Notez que plusieurs comptes Telegram et Matrix peuvent être pontés, chaque compte Telegram connecté a son propre Salon d'Administration. Si plusieurs utilisateur.ice.s du Robot sont dans un même groupe Signal, seul un Salon Matrix sera créé par la passerelle. ** ### Bridge a Telegram user and a Matrix user * First your Matrix user or Synapse Server has to be authorized in the Configuration of the bridge (see below) @@ -49,42 +58,31 @@ See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/ ### Relaybot: Bridge a group for several Matrix and several Telegram users to chat together * see https://docs.mau.fi/bridges/python/telegram/relay-bot.html - -**Version incluse :** 0.11.3~ynh2 - -## Avertissements / informations importantes - -### Configuration of the bridge - -The bridge is [roughly configured at installation](https://github.com/YunoHost-Apps/mautrix_telegram_ynh/blob/master/conf/config.yaml), e.g. allowed admin and user of the bot. Finer configuration can be done by modifying the -following configuration file with SSH: -```/opt/yunohost/mautrix_telegram/config.yaml``` -and then restarting the mautrix_telegram service. - -### Documentation +## Documentation * Official "Mautrix-Telegram" documentation: https://docs.mau.fi/bridges/python/telegram/index.html * Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr * Matrix room (upstream app): #telegram:maunium.net In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with -``| sed -r 's/[0-9]{10,}/📞/g' `` +``| sed -r 's/[0-9]{10,}/??/g' `` * "Mautrix-Telegram" bridge is based on the [telegram daemon](https://gitlab.com/telegramd/telegramd) project. * YunoHost documentation: If more specific documentation is needed, feel free to contribute. -#### Multi-user support +## Caractéristiques spécifiques YunoHost +#### Support multi-comptes * Bot users are not related to Yunohost users. Any Matrix account or Synapse server autorized in the configuration of the bridge can invite/use the bot. * The Telegram bot is a local Matrix-Synapse user, but accessible through federation (synapse public or private). * Several Telegram and Matrix users can be bridged with one bridge, each user has its own bot administration room. * If several bot users are in a same Telegram group, only one Matrix room will be created by the bridge. * See https://github.com/YunoHost-Apps/synapse_ynh#multi-users-support -#### Multi-instance support +#### Support multi-instance * Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Telegram accounts. * Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances. -### Troubleshooting +## Troubleshooting * Check the spelling of the bot name! * For slow servers it might be necessary to run ``systemctl edit mautrix_telegram.service`` (also for `coturn.service` and `coturn-synapse.service`) and insert diff --git a/check_process b/check_process index 2e09be7..8f3e621 100644 --- a/check_process +++ b/check_process @@ -1,7 +1,7 @@ ;; Default test serie ; pre-install sudo yunohost tools update - sudo yunohost app list | grep synapse || sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/ -a "domain=$domain&server_name=$server_name&is_public=$is_public&jitsi_server=$jitsi_server" --force + sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/ -a "domain=$domain&server_name=$server_name&is_free_registration=$is_free_registration&jitsi_server=$jitsi_server" --force ; Manifest port="29317" synapsenumber="1" @@ -21,6 +21,8 @@ setup_public=0 upgrade=1 upgrade=1 from_commit=dfed70e3419d23349690ea2234747ac1de2d7fb0 + # 0.11.3~ynh2 + upgrade=1 from_commit=d1892c2bdbcea8a30d4596fcd99d13f65e1ab54c backup_restore=1 multi_instance=1 port_already_use=1 diff --git a/conf/app.src b/conf/app.src index beb5781..2b46828 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/mautrix/telegram/archive/refs/tags/v0.11.3.tar.gz -SOURCE_SUM=5ce51e8265316e1ac706c7f70c446d28b9728cb26e63b6afc48412d12ccd9a97 +SOURCE_URL=https://github.com/mautrix/telegram/archive/refs/tags/v0.12.0.tar.gz +SOURCE_SUM=bcc971d638a985d5196c1986f8f332b0f8236b6f34da712bec8662ab38523434 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/config.yaml b/conf/config.yaml index d8af4c6..15048a3 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -1,13 +1,13 @@ # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: __DOMAIN__ + address: https://__DOMAIN__ # The domain of the homeserver (for MXIDs, etc). domain: __SERVER_NAME__ # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// - verify_ssl: __VERIFY_SERVER_SSL_CERTIFICATES__ - asmux: __MATRIX_SERVER_SUPPORTS_ASMUX__ + verify_ssl: true + asmux: false # Number of retries for all HTTP requests if the homeserver isn't reachable. http_retry_count: 4 # The URL to push real-time bridge status to. @@ -40,7 +40,7 @@ appservice: # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgres://username:password@hostname/dbname - database: postgres://__MAUTRIX_BRIDGE_USER__:__MAUTRIX_BRIDGE_DB_PWD__@localhost:5432/__MAUTRIX_BRIDGE_DB_NAME__ + database: postgres://__DB_USER__:__DB_PWD__@localhost:5432/__DB_NAME__ # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect @@ -102,7 +102,7 @@ manhole: # The list of UIDs who can be added to the whitelist. # If empty, any UIDs can be specified in the open-manhole command. whitelist: - - 0 + - 0 # Bridge config bridge: @@ -146,6 +146,10 @@ bridge: # will not send any more members. # -1 means no limit (which means it's limited to 10000 by the server) max_initial_member_sync: 100 + # Maximum number of participants in chats to bridge. Only applies when the portal is being created. + # If there are more members when trying to create a room, the room creation will be cancelled. + # -1 means no limit (which means all chats can be bridged) + max_member_count: -1 # Whether or not to sync the member list in channels. # If no channel admins have logged into the bridge, the bridge won't be able to sync the member # list regardless of this setting. @@ -172,10 +176,6 @@ bridge: # Allow logging in within Matrix. If false, users can only log in using login-qr or the # out-of-Matrix login website (see appservice.public config section) allow_matrix_login: true - # Whether or not to bridge plaintext highlights. - # Only enable this if your displayname_template has some static part that the bridge can use to - # reliably identify what is a plaintext highlight. - plaintext_highlights: false # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix. public_portals: true # Whether or not to use /sync to get presence, read receipts and typing notifications @@ -204,13 +204,13 @@ bridge: # Whether or not the !tg join command should do a HTTP request # to resolve redirects in invite links. invite_link_resolve: false - # Use inline images instead of a separate message for the caption. - # N.B. Inline images are not supported on all clients (e.g. Element iOS/Android). - inline_images: false + # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. + # This is currently not supported in most clients. + caption_in_message: false # Maximum size of image in megabytes before sending to Telegram as a document. image_as_file_size: 10 - # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 1280x1280 = 1638400. - image_as_file_pixels: 1638400 + # Maximum number of pixels in an image before sending to Telegram as a document. Defaults to 4096x4096 = 16777216. + image_as_file_pixels: 16777216 # Enable experimental parallel file transfer, which makes uploads/downloads much faster by # streaming from/to Matrix and using many connections for Telegram. # Note that generating HQ thumbnails for videos is not possible with streamed transfers. @@ -226,12 +226,24 @@ bridge: # png - converts to non-animated png (fastest), # gif - converts to animated gif # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support + # webp - converts to animated webp, requires ffmpeg executable with webp codec/container support target: gif + # Should video stickers be converted to the specified format as well? + convert_from_webm: false # Arguments for converter. All converters take width and height. args: width: 256 height: 256 - fps: 25 # only for webm and gif (2, 5, 10, 20 or 25 recommended) + fps: 25 # only for webm, webp and gif (2, 5, 10, 20 or 25 recommended) + # Settings for converting animated emoji. + # Same as animated_sticker, but webm is not supported as the target + # (because inline images can only contain images, not videos). + animated_emoji: + target: webp + args: + width: 64 + height: 64 + fps: 25 # End-to-bridge encryption support options. # # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. @@ -241,20 +253,46 @@ bridge: # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. default: __IS_ENCRYPTION_ENABLED__ - # Database for the encryption data. If set to `default`, will use the appservice database. - database: default - # Options for automatic key sharing. - key_sharing: - # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. - # You must use a client that supports requesting keys from other users to use this feature. - allow: false - # Require the requesting device to have a valid cross-signing signature? - # This doesn't require that the bridge has verified the device, only that the user has verified it. - # Not yet implemented. - require_cross_signing: false - # Require devices to be verified by the bridge? - # Verification by the bridge is not yet implemented. - require_verification: true + # Require encryption, drop any unencrypted messages. + require: __IS_ENCRYPTION_ENABLED__ + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + # Whether or not to explicitly set the avatar and room name for private # chat portal rooms. This will be implicitly enabled if encryption.default is true. private_chat_portal_meta: false @@ -263,6 +301,8 @@ bridge: delivery_receipts: false # Whether or not delivery errors should be reported as messages in the Matrix room. delivery_error_reports: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. # This field will automatically be changed back to false after it, # except if the config file is not writable. @@ -282,6 +322,9 @@ bridge: kick_on_logout: true # Should the "* user joined Telegram" notice always be marked as read automatically? always_read_joined_telegram_notice: true + # Should the bridge auto-create a group chat on Telegram when a ghost is invited to a room? + # Requires the user to have sufficient power level and double puppeting enabled. + create_group_on_invite: true # Settings for backfilling messages from Telegram. backfill: # Whether or not the Telegram ghosts of logged in Matrix users should be @@ -325,8 +368,7 @@ bridge: # List of user IDs for whom the previous flag is flipped. # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but # notices from users listed here will be bridged. - exceptions: - - "@importantbot:example.com" + exceptions: [] # An array of possible values for the $distinguisher variable in message formats. # Each user gets one of the values here, based on a hash of their user ID. @@ -451,6 +493,12 @@ telegram: # (Optional) Create your own bot at https://t.me/BotFather bot_token: __BOTTOKEN__ + # Should the bridge request missed updates from Telegram when restarting? + catch_up: true + # Should incoming updates be handled sequentially to make sure order is preserved on Matrix? + sequential_updates: true + exit_on_update_error: false + # Telethon connection options. connection: # The timeout in seconds to be used when connecting. @@ -476,7 +524,7 @@ telegram: # Device info sent to Telegram. device_info: # "auto" = OS name+version. - device_model: auto + device_model: mautrix-telegram # "auto" = Telethon version. system_version: auto # "auto" = mautrix-telegram version. @@ -526,7 +574,7 @@ logging: file: class: logging.handlers.RotatingFileHandler formatter: normal - filename: __LOG_FILENAME__ + filename: /var/log/__APP__/__APP__.log maxBytes: 10485760 backupCount: 10 console: @@ -534,11 +582,11 @@ logging: formatter: colored loggers: mau: - level: DEBUG + level: INFO telethon: level: INFO aiohttp: level: INFO root: - level: DEBUG + level: INFO handlers: [file, console] diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 0259bd2..60d9475 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -1,33 +1 @@ A puppeting bridge between Matrix and Telegram packaged as a YunoHost service. Messages, notifications (and sometimes media) are bridged between a Telegram user and a Matrix user. Currently the Matrix user can NOT invite other Matrix user in a bridged Telegram room, so only someone with a Telegram account can participate to Telegram group conversations. The ["Mautrix-Telegram"](https://docs.mau.fi/bridges/python/telegram/index.html) bridge is a Synapse App Service and relies on postgresql. Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) should be installed beforehand. - -## List of known public services -* Ask on one of the following rooms: #mautrix_yunohost:matrix.fdn.fr or #telegram:maunium.net - -## Bridging usage -** Note that several Telegram and Matrix users can be bridged, each Telegram account has its own bot administration room. If they are in a same Telegram group, only one matrix room will be created. ** - -### Bridge a Telegram user and a Matrix user -* First your Matrix user or Synapse Server has to be authorized in the Configuration of the bridge (see below) -* Then, invite the bot (default @telegrambot:yoursynapse.domain) in this new Mautrix-Telegram bot administration room. - * If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html) -* Send ``!tg help`` to the bot in the created room to know how to control the bot. -See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/telegram/authentication.html) - -#### Logging into Telegram account -* Type ``login`` or ``login-qr`` (untested) in main management room (`!tg` in any bridge room) -* follow setup instructions from bot -* By defaults, only conversations with very recent messages and groups will be suggested to be bridged -* Accept invitations to the bridged chat rooms - -#### Registering the Bridge as a primary device (untested) -* Type ``!tg register ``, where ```` is your phone number in the internation format with no space, e.g. ``!tg register +33612345678`` -* Answer in the bot room with the verification code that you reveived in SMS. -* Set a profile name with ``!tg set-profile-name `` - -### Double puppeting -* Log in with ``login-matrix `` -* After logging in, the default Matrix puppet of your Telegram account should leave rooms and your account should join all rooms the puppet was in automatically. - - -### Relaybot: Bridge a group for several Matrix and several Telegram users to chat together -* see https://docs.mau.fi/bridges/python/telegram/relay-bot.html diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..60caecc --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1,4 @@ +Une passerelle entre Matrix et Telegram empaquetée comme un service YunoHost. Les messages, médias et notifications sont relayées entre un compte Telegram et un compte Matrix. +La passerelle ["Mautrix-Telegram"](https://docs.mau.fi/bridges/python/telegram/index.html) consiste en un Service d'Application Matrix-Synapse et repose sur une base-de-données postgresql. C'est pourquoi [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh) doit être préalablemnet installé. + +** Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix-synapse et mautrix_telegram en même temps!** diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index a4363a9..ecbb086 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -1,11 +1,44 @@ -### Configuration of the bridge +## List of known public services + +* Ask on one of the following rooms: #mautrix_yunohost:matrix.fdn.fr or #telegram:maunium.net + +## Bridging usage +** Note that several Telegram and Matrix users can be bridged, each Telegram account has its own bot administration room. If they are in a same Telegram group, only one matrix room will be created. ** + +### Bridge a Telegram user and a Matrix user +* First your Matrix user or Synapse Server has to be authorized in the Configuration of the bridge (see below) +* Then, invite the bot (default @telegrambot:yoursynapse.domain) in this new Mautrix-Telegram bot administration room. + * If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html) +* Send ``!tg help`` to the bot in the created room to know how to control the bot. +See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/telegram/authentication.html) + +#### Logging into Telegram account +* Type ``login`` or ``login-qr`` (untested) in main management room (`!tg` in any bridge room) +* follow setup instructions from bot +* By defaults, only conversations with very recent messages and groups will be suggested to be bridged +* Accept invitations to the bridged chat rooms + +#### Registering the Bridge as a primary device (untested) +* Type ``!tg register ``, where ```` is your phone number in the internation format with no space, e.g. ``!tg register +33612345678`` +* Answer in the bot room with the verification code that you reveived in SMS. +* Set a profile name with ``!tg set-profile-name `` + +### Double puppeting +* Log in with ``login-matrix `` +* After logging in, the default Matrix puppet of your Telegram account should leave rooms and your account should join all rooms the puppet was in automatically. + + +### Relaybot: Bridge a group for several Matrix and several Telegram users to chat together +* see https://docs.mau.fi/bridges/python/telegram/relay-bot.html + +## Configuration of the bridge The bridge is [roughly configured at installation](https://github.com/YunoHost-Apps/mautrix_telegram_ynh/blob/master/conf/config.yaml), e.g. allowed admin and user of the bot. Finer configuration can be done by modifying the following configuration file with SSH: ```/opt/yunohost/mautrix_telegram/config.yaml``` and then restarting the mautrix_telegram service. -### Documentation +## Documentation * Official "Mautrix-Telegram" documentation: https://docs.mau.fi/bridges/python/telegram/index.html * Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr @@ -15,6 +48,8 @@ In case you need to upload your logs somewhere, be aware that they contain your * "Mautrix-Telegram" bridge is based on the [telegram daemon](https://gitlab.com/telegramd/telegramd) project. * YunoHost documentation: If more specific documentation is needed, feel free to contribute. +## YunoHost specific features + #### Multi-user support * Bot users are not related to Yunohost users. Any Matrix account or Synapse server autorized in the configuration of the bridge can invite/use the bot. @@ -28,7 +63,7 @@ In case you need to upload your logs somewhere, be aware that they contain your * Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Telegram accounts. * Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances. -### Troubleshooting +## Troubleshooting * Check the spelling of the bot name! * For slow servers it might be necessary to run ``systemctl edit mautrix_telegram.service`` (also for `coturn.service` and `coturn-synapse.service`) and insert diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..fa14045 --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,67 @@ +## Liste de passerelles publiques + +* Demandez sur un des salons suivants: #mautrix_yunohost:matrix.fdn.fr ou #telegram:maunium.net + +## Usages de la passerelle +** Notez que plusieurs comptes Telegram et Matrix peuvent être pontés, chaque compte Telegram connecté a son propre Salon d'Administration. Si plusieurs utilisateur.ice.s du Robot sont dans un même groupe Signal, seul un Salon Matrix sera créé par la passerelle. ** + +### Bridge a Telegram user and a Matrix user +* First your Matrix user or Synapse Server has to be authorized in the Configuration of the bridge (see below) +* Then, invite the bot (default @telegrambot:yoursynapse.domain) in this new Mautrix-Telegram bot administration room. + * If the Bot does bot accept, see the [troubleshooting page](https://docs.mau.fi/bridges/general/troubleshooting.html) +* Send ``!tg help`` to the bot in the created room to know how to control the bot. +See also [upstream wiki Authentication page](https://docs.mau.fi/bridges/python/telegram/authentication.html) + +#### Logging into Telegram account +* Type ``login`` or ``login-qr`` (untested) in main management room (`!tg` in any bridge room) +* follow setup instructions from bot +* By defaults, only conversations with very recent messages and groups will be suggested to be bridged +* Accept invitations to the bridged chat rooms + +#### Registering the Bridge as a primary device (untested) +* Type ``!tg register ``, where ```` is your phone number in the internation format with no space, e.g. ``!tg register +33612345678`` +* Answer in the bot room with the verification code that you reveived in SMS. +* Set a profile name with ``!tg set-profile-name `` + +### Double puppeting +* Log in with ``login-matrix `` +* After logging in, the default Matrix puppet of your Telegram account should leave rooms and your account should join all rooms the puppet was in automatically. + + +### Relaybot: Bridge a group for several Matrix and several Telegram users to chat together +* see https://docs.mau.fi/bridges/python/telegram/relay-bot.html + +## Documentation + + * Official "Mautrix-Telegram" documentation: https://docs.mau.fi/bridges/python/telegram/index.html + * Matrix room (Matrix Bridges in Yunohost): #mautrix_yunohost:matrix.fdn.fr + * Matrix room (upstream app): #telegram:maunium.net +In case you need to upload your logs somewhere, be aware that they contain your contacts' and your phone numbers. Strip them out with +``| sed -r 's/[0-9]{10,}/??/g' `` + * "Mautrix-Telegram" bridge is based on the [telegram daemon](https://gitlab.com/telegramd/telegramd) project. + * YunoHost documentation: If more specific documentation is needed, feel free to contribute. + +## Caractéristiques spécifiques YunoHost + +#### Support multi-comptes +* Bot users are not related to Yunohost users. Any Matrix account or Synapse server autorized in the configuration of the bridge can invite/use the bot. +* The Telegram bot is a local Matrix-Synapse user, but accessible through federation (synapse public or private). +* Several Telegram and Matrix users can be bridged with one bridge, each user has its own bot administration room. +* If several bot users are in a same Telegram group, only one Matrix room will be created by the bridge. +* See https://github.com/YunoHost-Apps/synapse_ynh#multi-users-support + +#### Support multi-instance + +* Multi-instance installation should work. Several bridge instances could be installed for one Matrix-Synapse instance so that one Matrix user can bridge several Telegram accounts. +* Several bridge instances could be installed for each Matrix-Synapse instance to benefit from it. But one bridge can be used by users from several Matrix-Synapse instances. + +## Troubleshooting + +* Check the spelling of the bot name! +* For slow servers it might be necessary to run ``systemctl edit mautrix_telegram.service`` (also for `coturn.service` and `coturn-synapse.service`) and insert +``` +[Service] +ExecStartPre=/bin/sleep 90 +``` +such that it is ensured that synapse is running before the bridge tries to connect. +(If it worked after installation but broke after a restart this probably is it.) diff --git a/issue_template.md b/issue_template.md deleted file mode 100644 index b5801fb..0000000 --- a/issue_template.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -name: Bug report -about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. - ---- - -**How to post a meaningful bug report** -1. *Read this whole template first.* -2. *Determine if you are on the right place:* - - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* - - *Otherwise, the issue may be due to mautrix_telegram itself. Refer to its documentation or repository for help.* - - *When in doubt, post here and we will figure it out together.* -3. *Delete the italic comments as you write over them below, and remove this guide.* ---- - -### Describe the bug - -*A clear and concise description of what the bug is.* - -### Context - -- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* -- YunoHost version: x.x.x -- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* -- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* - - If yes, please explain: -- Using, or trying to install package version/branch: -- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* - -### Steps to reproduce - -- *If you performed a command from the CLI, the command itself is enough. For example:* - ```sh - sudo yunohost app install mautrix_telegram - ``` -- *If you used the webadmin, please perform the equivalent command from the CLI first.* -- *If the error occurs in your browser, explain what you did:* - 1. *Go to '...'* - 2. *Click on '...'* - 3. *Scroll down to '...'* - 4. *See error* - -### Expected behavior - -*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* - -### Logs - -*When an operation fails, YunoHost provides a simple way to share the logs.* -- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* -- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* - -*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* - -*If applicable and useful, add screenshots to help explain your problem.* diff --git a/manifest.json b/manifest.json index b70bde8..bfd0ce5 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Telegram puppeting bridge for Matrix/Synapse", "fr": "Passerelle Telegram pour Matrix/Synapse" }, - "version": "0.11.3~ynh2", + "version": "0.12.0~ynh1", "url": "https://docs.mau.fi/bridges/python/telegram/index.html", "upstream": { "license": "AGPL-3.0-or-later", @@ -24,8 +24,7 @@ "yunohost": ">= 11.0.0" }, "multi_instance": true, - "services": [ - ], + "services": [], "arguments": { "install": [ { diff --git a/pull_request_template.md b/pull_request_template.md deleted file mode 100644 index 67f9e89..0000000 --- a/pull_request_template.md +++ /dev/null @@ -1,18 +0,0 @@ -## Problem -- *Description of why you made this PR* - -## Solution -- *And how do you fix that problem* - -## PR Status -- [ ] Code finished. -- [ ] Tested with Package_check. -- [ ] Fix or enhancement tested. -- [ ] Upgrade from last version tested. -- [ ] Can be reviewed and tested. - -## Package_check results ---- -*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* - -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/mautrix_telegram_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/mautrix_telegram_ynh%20PR-NUM-%20(USERNAME)/) diff --git a/scripts/_common.sh b/scripts/_common.sh index 8296088..9f14ec1 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,28 +4,14 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -# HACK zlib1g-dev libjpeg-dev (libwebp-dev optional but necessary for stickers) are necessary to compile / install pillow -pkg_dependencies="postgresql python3 zlib1g-dev libjpeg-dev libwebp-dev python3-venv libpq-dev libffi-dev" -pkg_dependencies_e2be="libolm-dev" +# dependencies used by the app (must be on a single line) +# HACK zlib1g-dev libjpeg-dev (libwebp-dev and libolm-dev optional but necessary for stickers/e2be) are necessary to compile / install pillow +pkg_dependencies="postgresql python3 zlib1g-dev libjpeg-dev libwebp-dev python3-venv libpq-dev libffi-dev libolm-dev" #================================================= # PERSONAL HELPERS #================================================= -write_bridge_config () { - domain="https://$domain" - if [ "$botusers" = "local" ] - then - botusers="$server_name" - fi - verify_server_ssl_certificates="true" - matrix_server_supports_asmux="false" - log_filename="/var/log/$app/$app.log" - log_level="error" - ynh_add_config --template="config.yaml" --destination="$mautrix_config_path" -} - #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index 38be0ba..917677c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -26,9 +26,9 @@ ynh_abort_if_errors ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME + final_path=$(ynh_app_setting_get --app=$app --key=final_path) -app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path) -mautrix_bridge_db_name=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_name) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -56,18 +56,11 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" #================================================= -# BACKUP VARIOUS FILES -#================================================= - -# backup synapse registration file -ynh_backup --src_path="$app_service_registration_path" - -#================================================= -# BACKUP THE PostrgeSQL DATABASE +# BACKUP THE POSTGRESQL DATABASE #================================================= ynh_print_info --message="Backing up the PostgreSQL database..." -ynh_psql_dump_db --database="$mautrix_bridge_db_name" > db.sql +ynh_psql_dump_db --database="$db_name" > db.sql #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 0362dc4..24ed703 100755 --- a/scripts/install +++ b/scripts/install @@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ynh_clean_check_starting + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -28,39 +28,22 @@ botname=$YNH_APP_ARG_BOTNAME encryption=$YNH_APP_ARG_ENCRYPTION botadmin=$YNH_APP_ARG_BOTADMIN botusers=$YNH_APP_ARG_BOTUSERS - -# TODO new settings specific to telegram apiid=$YNH_APP_ARG_APIID apihash=$YNH_APP_ARG_APIHASH bottoken=$YNH_APP_ARG_BOTTOKEN app=$YNH_APP_INSTANCE_NAME -# TODO check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge +# ToDo check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge if [ $synapsenumber -eq "1" ] then -synapse_instance="synapse" + synapse_instance="synapse" else -synapse_instance="synapse__$synapsenumber" + synapse_instance="synapse__$synapsenumber" fi server_name=$(ynh_app_setting_get --app $synapse_instance --key server_name) domain=$(ynh_app_setting_get --app $synapse_instance --key domain) -synapse_config_path="/etc/matrix-$synapse_instance" -app_service_registration_path="/etc/matrix-$synapse_instance/app-service" -synapse_name="matrix-$synapse_instance" -synapse_user="matrix-$synapse_instance" -synapse_db_name="matrix_$synapse_instance" -synapse_db_user="matrix_$synapse_instance" - -#================================================= -# SET CONSTANTS -#================================================= - -#botname_synapse_db_user="@$botname:$server_name" -mautrix_bridge_user=$app -mautrix_bridge_db_name=$app -mautrix_bridge_db_user=$app -upstream_version=$(ynh_app_upstream_version) +synapse_registration_path="/etc/matrix-$synapse_instance/app-service" #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS @@ -74,22 +57,18 @@ test ! -e "$final_path" || ynh_die --message="This path already contains a folde # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=7 -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=server_name --value=$server_name + ynh_app_setting_set --app=$app --key=botname --value=$botname -ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance -ynh_app_setting_set --app=$app --key=app_service_registration_path --value=$app_service_registration_path ynh_app_setting_set --app=$app --key=encryption --value=$encryption -ynh_app_setting_set --app=$app --key=mautrix_bridge_db_name --value=$mautrix_bridge_db_name ynh_app_setting_set --app=$app --key=botadmin --value=$botadmin ynh_app_setting_set --app=$app --key=botusers --value=$botusers - ynh_app_setting_set --app=$app --key=apiid --value=$apiid ynh_app_setting_set --app=$app --key=apihash --value=$apihash ynh_app_setting_set --app=$app --key=bottoken --value=$bottoken - -ynh_app_setting_set --app=$app --key=mautrix_version --value=$upstream_version -ynh_app_setting_set --app=$app --key=final_path --value=$final_path +ynh_app_setting_set --app=$app --key=synapse_instance --value=$synapse_instance +ynh_app_setting_set --app=$app --key=server_name --value=$server_name +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=synapse_registration_path --value=$synapse_registration_path #================================================= # STANDARD MODIFICATIONS @@ -107,11 +86,6 @@ ynh_app_setting_set --app=$app --key=port --value=$port #================================================= ynh_script_progression --message="Installing dependencies..." --weight=97 -if [ $encryption -eq 1 ]; then - # Install libolm-dev to be able to use encryption - ynh_install_extra_app_dependencies $pkg_dependencies_e2be -fi - ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= @@ -120,20 +94,19 @@ ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$mautrix_bridge_user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # CREATE A POSTGRESQL DATABASE #================================================= ynh_script_progression --message="Creating a PostgreSQL database..." --weight=3 -mautrix_bridge_db_pwd=$(ynh_string_random --length=30) -ynh_app_setting_set --app=$app --key=mautrix_bridge_db_pwd --value=$mautrix_bridge_db_pwd - -# Create postgresql database +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_psql_test_if_first_run -ynh_psql_create_user $mautrix_bridge_db_user $mautrix_bridge_db_pwd -ynh_psql_execute_as_root --sql="CREATE DATABASE ""$mautrix_bridge_db_name"" ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ""$mautrix_bridge_db_user"";" +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -141,45 +114,49 @@ ynh_psql_execute_as_root --sql="CREATE DATABASE ""$mautrix_bridge_db_name"" ENCO ynh_script_progression --message="Setting up source files..." --weight=3 ynh_app_setting_set --app=$app --key=final_path --value=$final_path - -# WARNING : theses command are used in INSTALL, UPGRADE (2 times) -# For any update do it in all files -#if [ -n "$(uname -m | grep 64)" ] -#then -# ynh_setup_source --dest_dir=$final_path/ --source_id="amd64_$(lsb_release --codename --short)" -#else - # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/src" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" + #================================================= # SPECIFIC SETUP #================================================= -# SET MAUTRIX-BRIDGE CONFIG +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Configuring Mautrix-Bridge..." --weight=2 +ynh_script_progression --message="Adding a configuration file..." --weight=2 # WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times) # For any update do it in all files -mautrix_config_path="$final_path/config.yaml" as_token="\"This value is generated when generating the registration\"" hs_token="\"This value is generated when generating the registration\"" -is_encryption_enabled=$encryption +is_encryption_enabled="$encryption" if [ $encryption -eq 1 ]; then - is_encryption_enabled=true + is_encryption_enabled="true" fi -write_bridge_config +if [ "$botusers" = "local" ] +then + botusers="$server_name" +fi + +ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml" + +chmod 400 "$final_path/config.yaml" +chown $app:$app "$final_path/config.yaml" #================================================= # INSTALL MAUTRIX-BRIDGE PYTHON MODULE #================================================= +ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6 mkdir -p /var/log/$app # Configure Mautrix-Bridge python3 -m venv $final_path -export HOME=$final_path # HACK see https://github.com/mautrix/telegram/issues/661 +export HOME=$final_path $final_path/bin/pip3 install --upgrade pip setuptools wheel $final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[speedups,qr_login] # metrics,e2be,hq_thumbnails,sqlite,formattednumbers @@ -187,19 +164,17 @@ if [ $encryption -eq 1 ]; then $final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[e2be] fi -# -r optional-requirements.txt -$final_path/bin/python3 -m mautrix_telegram -g -c "$mautrix_config_path" -r "$app_service_registration_path/$app.yaml" +#================================================= +# REGISTER SYNAPSE APP-SERVICE +#================================================= +ynh_script_progression --message="Registering Synapse app-service" --weight=1 -# Handled by synapse: synapse_ynh adds all registration files added in $app_service_registration_path to the app_service_config_files list +$final_path/bin/python3 -m mautrix_telegram -g -c $final_path/config.yaml -r "$synapse_registration_path/$app.yaml" /opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration" -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$mautrix_config_path" -ynh_store_file_checksum --file="$app_service_registration_path/$app.yaml" +chown -R $app:$app "$final_path" +ynh_store_file_checksum --file="$synapse_registration_path/$app.yaml" +ynh_store_file_checksum --file="$final_path/config.yaml" #================================================= # SETUP SYSTEMD @@ -209,14 +184,6 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=20 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE -# For any update do it in all files -chown $mautrix_bridge_user:root -R $final_path - #================================================= # GENERIC FINALIZATION #================================================= @@ -226,15 +193,15 @@ ynh_script_progression --message="Configuring log rotation..." --weight=3 # Use logrotate to manage application logfile(s) # TODO maybe --specific-user?? -ynh_use_logrotate --logfile "/var/log/$app/$app.log" --specific_user $mautrix_bridge_user -chown $mautrix_bridge_user:root -R /var/log/$app +ynh_use_logrotate --logfile "/var/log/$app/$app.log" --specific_user $app +chown -R $app:$app /var/log/$app #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --description "$app daemon for bridging Telegram and Matrix messages" --log "/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon for bridging Telegram and Matrix messages" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -242,7 +209,7 @@ yunohost service add $app --description "$app daemon for bridging Telegram and M ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 9382730..8f0e3ef 100755 --- a/scripts/remove +++ b/scripts/remove @@ -16,22 +16,14 @@ ynh_script_progression --message="Loading installation settings..." --weight=5 app=$YNH_APP_INSTANCE_NAME -server_name=$(ynh_app_setting_get --app=$app --key=server_name) -synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) -app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path) botname=$(ynh_app_setting_get --app=$app --key=botname) -port=$(ynh_app_setting_get --app=$app --key=port) +synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# SET CONSTANTS -#================================================= - +synapse_registration_path=$(ynh_app_setting_get --app=$app --key=synapse_registration_path) synapse_db_name="matrix_$synapse_instance" -botname_synapse_db_user="@$botname:$server_name" -mautrix_bridge_user=$app -mautrix_bridge_db_name=$app -mautrix_bridge_db_user=$app #================================================= # STANDARD REMOVE @@ -68,10 +60,9 @@ ynh_remove_logrotate ynh_script_progression --message="Removing the PostgreSQL database..." --weight=4 # Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user=$mautrix_bridge_db_name --db_name=$mautrix_bridge_db_user +ynh_psql_remove_db --db_user=$db_user --db_name=$db_name ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP OWNED BY ""$botname"";" ynh_psql_execute_as_root --database=$synapse_db_name --sql="DROP USER ""$botname"";" -#yunohost app action run $synapse_instance drop_user -a username=$botname #================================================= # REMOVE APP MAIN DIR @@ -94,13 +85,11 @@ ynh_remove_app_dependencies #================================================= # REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Removing synapse app service..." --weight=6 +ynh_script_progression --message="Removing various files..." --weight=6 # Remove a directory securely -ynh_secure_remove --file="$app_service_registration_path/$app.yaml" - -/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \ - || ynh_die --message="Synapse can't restart with the appservice configuration" +ynh_secure_remove --file="$synapse_registration_path/$app.yaml" +/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration" # Remove the log files ynh_secure_remove --file="/var/log/$app" @@ -113,7 +102,7 @@ ynh_secure_remove --file="/var/log/$app" ynh_script_progression --message="Removing the dedicated system user..." --weight=5 # Delete a system user -ynh_system_user_delete --username=$mautrix_bridge_user +ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index e7212ea..b866960 100755 --- a/scripts/restore +++ b/scripts/restore @@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ynh_clean_check_starting + true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -27,14 +27,11 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -mautrix_bridge_user=$app -domain=$(ynh_app_setting_get --app=$app --key=domain) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -mautrix_bridge_db_name=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_name) -mautrix_bridge_db_user=$mautrix_bridge_db_name -mautrix_bridge_db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd) -app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) +synapse_registration_path=$(ynh_app_setting_get --app=$app --key=synapse_registration_path) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -52,7 +49,7 @@ test ! -d $final_path \ ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR @@ -61,7 +58,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -chown $mautrix_bridge_user:root -R $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # SPECIFIC RESTORATION @@ -74,21 +73,33 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=1 ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= -# RESTORE THE MYSQL DATABASE +# RESTORE THE POSTGRESQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 +ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=8 ynh_psql_test_if_first_run -ynh_psql_create_user $mautrix_bridge_db_user $mautrix_bridge_db_pwd -ynh_psql_execute_as_root --sql="CREATE DATABASE ""$mautrix_bridge_db_name"" ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ""$mautrix_bridge_db_user"";" -ynh_psql_execute_file_as_root --file="db.sql" --database="$mautrix_bridge_db_name" +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name #================================================= -# RESTORE VARIOUS FILES +# INSTALL MAUTRIX-BRIDGE PYTHON MODULE #================================================= -ynh_script_progression --message="Restoring various files..." +ynh_script_progression --message="Installing Mautrix-Bridge Python Module..." --weight=6 -ynh_restore_file --origin_path="$app_service_registration_path" +mkdir -p /var/log/$app +# Configure Mautrix-Bridge +python3 -m venv $final_path +export HOME=$final_path +$final_path/bin/pip3 install --upgrade pip setuptools wheel + +#================================================= +# REGISTER SYNAPSE APP-SERVICE +#================================================= +ynh_script_progression --message="Registering Synapse app-service" --weight=1 + +$final_path/bin/python3 -m mautrix_telegram -g -c $final_path/config.yaml -r "$synapse_registration_path/$app.yaml" +/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || echo "Synapse can't restart with the appservice configuration" #================================================= # RESTORE SYSTEMD @@ -101,7 +112,7 @@ systemctl enable $app.service --quiet #================================================= # RESTORE THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." +ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 ynh_restore_file --origin_path="/etc/logrotate.d/$app" @@ -110,29 +121,16 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description "$app daemon for bridging Telegram and Matrix messages" --log /var/log/$app/$app.log +yunohost service add $app --description="$app daemon for bridging Telegram and Matrix messages" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 +# Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# -# also create an initial log file else the service fails -mkdir /var/log/$app -mkdir /var/log/$app/$app.log -chown $mautrix_bridge_user:root -R /var/log/$app - -# after restoring files ensure synapse knows about the bot but don't die on failure -# TODO check (in manifest?) if the selected synapse instance is not already connected to a mautrix_bridge bridge -/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \ - || echo "Synapse can't restart with the appservice configuration" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 170d407..f7fdee6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -16,42 +16,38 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -server_name=$(ynh_app_setting_get --app=$app --key=server_name) -port=$(ynh_app_setting_get --app=$app --key=port) botname=$(ynh_app_setting_get --app=$app --key=botname) -synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) -app_service_registration_path=$(ynh_app_setting_get --app=$app --key=app_service_registration_path) encryption=$(ynh_app_setting_get --app=$app --key=encryption) -mautrix_bridge_user=$app -mautrix_bridge_db_name=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_name) -mautrix_bridge_db_pwd=$(ynh_app_setting_get --app=$app --key=mautrix_bridge_db_pwd) botadmin=$(ynh_app_setting_get --app=$app --key=botadmin) botusers=$(ynh_app_setting_get --app=$app --key=botusers) - +domain=$(ynh_app_setting_get --app=$app --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) +port=$(ynh_app_setting_get --app=$app --key=port) +synapse_instance=$(ynh_app_setting_get --app=$app --key=synapse_instance) +server_name=$(ynh_app_setting_get --app=$app --key=server_name) +synapse_registration_path=$(ynh_app_setting_get --app=$app --key=synapse_registration_path) apiid=$(ynh_app_setting_get --app=$app --key=apiid) apihash=$(ynh_app_setting_get --app=$app --key=apihash) bottoken=$(ynh_app_setting_get --app=$app --key=bottoken) -upstream_version=$(ynh_app_setting_get --app=$app --key=mautrix_version) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." +ynh_script_progression --message="Checking version..." --weight=1 upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=5 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - ynh_clean_check_starting # Restore it if the upgrade fails ynh_restore_upgradebackup } @@ -78,7 +74,7 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$mautrix_bridge_user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -89,67 +85,71 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$final_path/src" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" + #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=1 -if [ $encryption -eq 1 ]; then - # Install libolm-dev to be able to use encryption - ynh_install_extra_app_dependencies $pkg_dependencies_e2be -fi - ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= # SPECIFIC UPGRADE -#================================================= -# UPGRADE PYTHON PACKAGE -#================================================= - -if [ "$upgrade_type" == "UPGRADE_APP" ]; then - ynh_script_progression --message="Upgrading python packages..." --weight=1 - python3 -m venv $final_path - export HOME=$final_path - $final_path/bin/pip3 install --upgrade pip setuptools wheel - $final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[speedups,qr_login] # metrics,e2be,hq_thumbnails,sqlite,formattednumbers - - if [ $encryption -eq 1 ]; then - $final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[e2be] - fi -fi - #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." +ynh_script_progression --message="Updating a configuration file..." --weight=2 # main configuration -mautrix_config_path="$final_path/config.yaml" -ynh_backup_if_checksum_is_different --file="$mautrix_config_path" +ynh_backup_if_checksum_is_different --file="$final_path/config.yaml" # as_token hs_token are autogenerated, save them before regenerating the config -as_token=$(grep "as_token:" "$mautrix_config_path" | sed -r "s/ *as_token: *//") -hs_token=$(grep "hs_token:" "$mautrix_config_path" | sed -r "s/ *hs_token: *//") -# ynh_replace_string --match_string=__AS_TOKEN__ --replace_string="$as_token" --target_file="$mautrix_config_path" -# ynh_replace_string --match_string=__HS_TOKEN__ --replace_string="$hs_token" --target_file="$mautrix_config_path" -is_encryption_enabled=$encryption +as_token=$(grep "as_token:" "$final_path/config.yaml" | sed -r "s/ *as_token: *//") +hs_token=$(grep "hs_token:" "$final_path/config.yaml" | sed -r "s/ *hs_token: *//") +# ynh_replace_string --match_string=__AS_TOKEN__ --replace_string="$as_token" --target_file="$final_path/config.yaml" +# ynh_replace_string --match_string=__HS_TOKEN__ --replace_string="$hs_token" --target_file="$final_path/config.yaml" +is_encryption_enabled="$encryption" if [ $encryption -eq 1 ]; then - is_encryption_enabled=true + is_encryption_enabled="true" fi -write_bridge_config +ynh_add_config --template="../conf/config.yaml" --destination="$final_path/config.yaml" -# upgrade the app-service-registration -ynh_backup_if_checksum_is_different --file="$app_service_registration_path/$app.yaml" -$final_path/bin/python3 -m mautrix_telegram -g -c "$mautrix_config_path" -r "$app_service_registration_path/$app.yaml" +chmod 400 "$final_path/config.yaml" +chown $app:$app "$final_path/config.yaml" -# Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$mautrix_config_path" -ynh_store_file_checksum --file="$app_service_registration_path/$app.yaml" +#================================================= +# UPGRADE MAUTRIX-BRIDGE PYTHON MODULE +#================================================= +ynh_script_progression --message="Upgrading Mautrix-Bridge Python Module..." --weight=2 + +python3 -m venv $final_path +export HOME=$final_path +$final_path/bin/pip3 install --upgrade pip setuptools wheel +$final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[speedups,qr_login] # metrics,e2be,hq_thumbnails,sqlite,formattednumbers + +if [ $encryption -eq 1 ]; then + $final_path/bin/pip3 install --upgrade $final_path/src/mautrix-telegram.tar.gz[e2be] +fi + +#================================================= +# REGISTER SYNAPSE APP-SERVICE +#================================================= +ynh_script_progression --message="Registering Synapse app-service" --weight=1 + +$final_path/bin/python3 -m mautrix_telegram -g -c $final_path/config.yaml -r "$synapse_registration_path/$app.yaml" +/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh || ynh_die --message="Synapse can't restart with the appservice configuration" + +# Set permissions on app files +chown -R $app:$app "$final_path" +ynh_store_file_checksum --file="$synapse_registration_path/$app.yaml" +ynh_store_file_checksum --file="$final_path/config.yaml" #================================================= # SETUP SYSTEMD @@ -159,13 +159,6 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown $mautrix_bridge_user:root -R $final_path - #================================================= # GENERIC FINALIZATION #================================================= @@ -175,29 +168,23 @@ ynh_script_progression --message="Upgrading logrotate configuration..." --weight # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append --logfile "/var/log/$app/$app.log" +chown -R $app:$app /var/log/$app #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description "$app daemon for bridging Telegram and Matrix messages" --log "/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon for bridging Telegram and Matrix messages" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 +# Start a systemd service ynh_systemd_action --service_name=$app --action="start" -#================================================= -# RELOAD SYNAPSE -#================================================= -ynh_script_progression --message="Reloading synapse server..." --weight=1 - -/opt/yunohost/matrix-$synapse_instance/update_synapse_for_appservice.sh \ - || ynh_die --message="Synapse can't restart with the appservice configuration" - #================================================= # END OF SCRIPT #=================================================