YunoHost-Apps/mautrix_whatsapp_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mautrix_whatsapp_ynh.git synced 2024-09-03 19:46:01 +02:00
Code Issues Activity Actions

Merge branch 'testing' into add-systemd-hardening

Browse source
This commit is contained in:
Dante 2022-07-20 17:50:57 +01:00
commit e1a5249fe6
10 changed files with 73 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -24,7 +24,7 @@ Therefore, [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_ynh)
** Attention: always backup and restore the Yunohost matrix_synapse et mautrix_whatsapp apps together!**
**Shipped version:** 0.5.0~ynh1
**Shipped version:** 0.6.0~ynh1
## Disclaimers / important information
### List of known public services

2
README_fr.md
View file

@ -24,7 +24,7 @@ C'est pourquoi [Synapse for YunoHost](https://github.com/YunoHost-Apps/synapse_y
** Attention : sauvegardez et restaurez toujours les deux applications Yunohost matrix_synapse et mautrix_whatsapp en même temps!**
**Version incluse :** 0.5.0~ynh1
**Version incluse :** 0.6.0~ynh1
## Avertissements / informations importantes
### Liste de passerelles publiques

4
conf/amd64.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.5.0/mautrix-whatsapp-amd64
SOURCE_SUM=fae05ccc2c4ecf0d2d429ad701c3223483e1f644c0dd3d3b016c0eb81bc95b1b
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.6.0/mautrix-whatsapp-amd64
SOURCE_SUM=16fb400dfff3ee41c67c90c4c81106dd1b18d83ce120e038e72d2b0f2e0c3654
SOURCE_SUM_PRG=sha256sum
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=mautrix-whatsapp

4
conf/arm64.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.5.0/mautrix-whatsapp-arm64
SOURCE_SUM=8c9f7ebe11e5e3c4d27b0b1a48dabdada4a11405cd10192c662360a64522cc2d
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.6.0/mautrix-whatsapp-arm64
SOURCE_SUM=3b17adb90a1368e9598c5302c1490f717e86c7d820dbeba20d6404f242edb772
SOURCE_SUM_PRG=sha256sum
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=mautrix-whatsapp

4
conf/armhf.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.5.0/mautrix-whatsapp-arm
SOURCE_SUM=2812c2e69df23f5a716e23c2fc6152d505e6c9d8e414690cc79d3a11d2fd630c
SOURCE_URL=https://github.com/mautrix/whatsapp/releases/download/v0.6.0/mautrix-whatsapp-arm
SOURCE_SUM=04c6d4d6327048c4d504e0ca349965d1cdcc17ef742eaf6b31148afb3361e02b
SOURCE_SUM_PRG=sha256sum
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=mautrix-whatsapp

83
conf/config.yaml
View file

@ -1,4 +1,3 @@
# From v0.5.0 https://github.com/mautrix/whatsapp/blob/master/example-config.yaml
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
@ -9,7 +8,7 @@ homeserver:
domain: __SERVER_NAME__
# Is the homeserver actually mautrix-asmux?
asmux: false
asmux: false
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
# The bridge will use the appservice as_token to authorize requests.
@ -18,14 +17,14 @@ homeserver:
message_send_checkpoint_endpoint: null
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
#address: http://localhost:29318
address: http://localhost:__PORT__
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
#port: 29318
@ -39,7 +38,7 @@ appservice:
# The database URI.
# SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql #uri: mautrix-whatsapp.db
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: postgres://__APP__:__DB_PWD__@localhost:5432/__DB_NAME__
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
@ -61,7 +60,7 @@ appservice:
# to leave display name/avatar as-is.
displayname: WhatsApp bridge bot
avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
@ -102,7 +101,7 @@ bridge:
# The following variables are also available, but will cause problems on multi-user instances:
# {{.FullName}} - full name from contact list
# {{.FirstName}} - first name from contact list
displayname_template: "{{if .PushName}}{{.PushName}}{{else if .BusinessName}}{{.BusinessName}}{{else}}{{.JID}}{{end}} (WA)"
displayname_template: "{{if .BusinessName}}{{.BusinessName}}{{else if .PushName}}{{.PushName}}{{else}}{{.JID}}{{end}} (WA)"
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
# Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time.
personal_filtering_spaces: false
@ -285,6 +284,19 @@ bridge:
# and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews`
# key in the event content even if this is disabled.
url_previews: false
# Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
# This is currently not supported in most clients.
caption_in_message: false
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
# Null means there's no enforced timeout.
message_handling_timeout:
# Send an error message after this timeout, but keep waiting for the response until the deadline.
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
error_after: null
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
# This is counted from the time the bridge starts handling the message.
deadline: 120s
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!wa"
@ -303,7 +315,7 @@ bridge:
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: __ENCRYPTION__
@ -311,18 +323,45 @@ bridge:
# This will cause the bridge bot to be in private chats for the encryption to work properly.
# It is recommended to also set private_chat_portal_meta to true when using this.
default: false
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow: false
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: false
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from WhatsApp to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Settings for provisioning API
provisioning:
@ -382,6 +421,6 @@ logging:
file_mode: 0o600
# Timestamp format for log entries in the Go time format.
timestamp_format: "Jan _2, 2006 15:04:05"
# Minimum severity for log messages printed to stdout/stderr. This doesn't affect the log file. # Options: debug, info, warn, error, fatal
#print_level: debug
# Minimum severity for log messages printed to stdout/stderr. This doesn't affect the log file.
# Options: debug, info, warn, error, fatal
print_level: __LOG_LEVEL__

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Matrix / Synapse puppeting bridge for WhatsApp",
"fr": "Passerelle Matrix / Synapse pour WhatsApp"
},
"version": "0.5.0~ynh1",
"version": "0.6.0~ynh1",
"url": "https://github.com/mautrix/whatsapp",
"upstream": {
"license": "AGPL-3.0-or-later",

2
scripts/install
View file

@ -177,7 +177,7 @@ ynh_store_file_checksum --file="$final_path/config.yaml"
ynh_script_progression --message="Configuring log rotation..." --weight=3
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --specific_user $app/$app
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user $app/$app
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app

2
scripts/restore
View file

@ -125,7 +125,7 @@ systemctl enable $app.service --quiet
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --specific_user $app/$app
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user $app/$app
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app

2
scripts/upgrade
View file

@ -207,7 +207,7 @@ ynh_store_file_checksum --file="/etc/matrix-$synapse_instance/app-service/$app.y
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --specific_user $app/$app
ynh_use_logrotate --logfile "/var/log/$app/$app.log" --nonappend --specific_user $app/$app
chmod -R 600 "/var/log/$app"
chmod 700 "/var/log/$app"
chown -R $app:$app /var/log/$app