2017-02-13 20:43:41 +01:00
#!/bin/bash
2018-01-30 23:44:49 +01:00
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
2019-04-30 19:15:33 +02:00
source _common.sh
source experimental_helper.sh
2017-07-21 22:28:49 +02:00
source /usr/share/yunohost/helpers
2019-04-30 19:15:33 +02:00
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
2017-07-21 22:28:49 +02:00
2019-04-30 19:15:33 +02:00
ynh_clean_setup () {
# Clean installation remainings that are not handled by the remove script.
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
2017-02-13 20:43:41 +01:00
2019-04-30 19:15:33 +02:00
#=================================================
# SET CONSTANTS
#=================================================
2018-01-30 23:44:49 +01:00
synapse_user="matrix-$app"
2022-05-26 17:27:30 +02:00
synapse_user_app="$app"
2022-05-26 17:19:33 +02:00
synapse_user_app_pwd="$(ynh_string_random --length=30)"
2018-01-30 23:44:49 +01:00
synapse_db_name="matrix_$app"
synapse_db_user="matrix_$app"
2021-02-18 09:16:37 +01:00
synapse_db_name="matrix_$app"
2018-01-30 23:44:49 +01:00
upstream_version=$(ynh_app_upstream_version)
2019-11-11 21:43:19 +01:00
report_stats="false"
2023-01-10 15:26:29 +01:00
e2e_enabled_by_default="off"
2019-08-24 15:59:03 +02:00
default_domain_value="Same than the domain"
2022-09-10 15:39:56 +02:00
domain_whitelist_client_=$(get_domain_list)
domain_whitelist_client=${domain_whitelist_client_%"\n"}
2018-01-30 23:44:49 +01:00
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
2017-02-13 20:43:41 +01:00
domain=$YNH_APP_ARG_DOMAIN
2019-08-24 15:49:44 +02:00
server_name=$YNH_APP_ARG_SERVER_NAME
2022-05-26 16:41:22 +02:00
is_free_registration=$YNH_APP_ARG_IS_FREE_REGISTRATION
2023-01-06 17:34:41 +01:00
jitsi_server=$YNH_APP_ARG_JITSI_SERVER
2018-01-19 22:05:39 +01:00
path_url="/_matrix"
final_path="/opt/yunohost/matrix-$app"
2020-02-22 00:42:32 +01:00
final_www_path="/var/www/$app"
2020-12-07 16:34:41 +01:00
data_path="/home/yunohost.app/matrix-$app"
2022-06-24 13:10:12 +02:00
main_domain=$(yunohost domain list --output-as json | jq -r .main)
2017-02-13 20:43:41 +01:00
2019-10-30 21:15:22 +01:00
if [[ "$server_name" == "$default_domain_value" ]]; then
2022-09-15 13:55:46 +02:00
server_name=$domain
2019-10-30 21:15:22 +01:00
fi
2018-01-30 23:44:49 +01:00
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Validating installation parameters..." --weight=2
test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die --message="$domain is not available as domain, please use an other domain."
2017-07-21 22:28:49 +02:00
# Check Final Path availability
2019-04-30 19:15:33 +02:00
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
2017-02-13 20:43:41 +01:00
2020-12-07 16:34:41 +01:00
if [ -e "$data_path" ]; then
old_data_dir_path="$data_path$(date '+%Y%m%d.%H%M%S')"
ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path"
mv "$data_path" "$old_data_dir_path"
fi
2018-01-30 23:44:49 +01:00
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Storing installation settings..." --weight=1
2018-01-30 23:44:49 +01:00
2019-12-14 15:11:33 +01:00
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
2019-10-30 21:15:22 +01:00
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
2023-01-06 17:34:41 +01:00
ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server
2019-04-30 19:15:33 +02:00
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=synapse_version --value=$upstream_version
ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats
2020-12-12 15:38:13 +01:00
ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
2022-05-26 17:19:33 +02:00
ynh_app_setting_set --app=$app --key=synapse_user_app_pwd --value=$synapse_user_app_pwd
2018-01-30 23:44:49 +01:00
2023-01-11 17:11:43 +01:00
if [ $is_free_registration -eq 0 ]
then
enable_registration="false"
turn_allow_guests="false"
sso_enabled="true"
password_enabled="false"
2023-01-19 10:08:18 +01:00
enable_3pid_lookup="false"
2023-01-11 17:11:43 +01:00
else
enable_registration="true"
turn_allow_guests="true"
sso_enabled="false"
password_enabled="true"
2023-01-19 10:08:18 +01:00
enable_3pid_lookup="true"
2023-01-11 17:11:43 +01:00
fi
ynh_app_setting_set --app=$app --key=enable_registration --value=$enable_registration
ynh_app_setting_set --app=$app --key=turn_allow_guests --value=$turn_allow_guests
ynh_app_setting_set --app=$app --key=sso_enabled --value=$sso_enabled
ynh_app_setting_set --app=$app --key=password_enabled --value=$password_enabled
2023-01-19 10:08:18 +01:00
ynh_app_setting_set --app=$app --key=enable_3pid_lookup --value=$enable_3pid_lookup
2023-01-11 17:11:43 +01:00
2023-01-06 14:38:14 +01:00
#=================================================
## SET STANDARD SETTINGS FROM DEFAULT CONFIG
#=================================================
2023-01-10 02:05:30 +01:00
element_ynh_url="https://matrix.to/"
2023-01-09 23:26:39 +01:00
# Get app name of first Element Instance (can be changed later in Config Panel)
element_instance="element"
2023-01-10 02:05:30 +01:00
if yunohost --output-as plain app list | grep -q "^$element_instance$"; then
2023-01-11 17:36:28 +01:00
element_domain=$(ynh_app_setting_get --app $element_instance --key domain)
element_path=$(ynh_app_setting_get --app $element_instance --key path)
element_ynh_url="https://""$element_domain""$element_path"
#if [ -z "$element_domain" ]; then
# element_ynh_url="https://matrix.to/"
2023-01-09 23:26:39 +01:00
fi
2023-01-11 14:03:52 +01:00
web_client_location=$element_ynh_url
client_base_url=$element_ynh_url
invite_client_location=$element_ynh_url
2023-01-11 17:11:43 +01:00
backup_before_upgrade="true"
server_statistics="false"
2023-01-06 14:38:14 +01:00
allow_public_rooms_without_auth="false"
allow_public_rooms_over_federation="false"
2023-01-13 12:38:30 +01:00
max_upload_size="10M"
2023-01-06 14:38:14 +01:00
disable_msisdn_registration="true"
2023-01-10 12:37:02 +01:00
registrations_require_3pid="email"
# here we need sed magic to transform $server_name
2023-01-19 10:08:18 +01:00
allowed_local_3pids_email="'^[^@]+@""matrix""\.org$'"
allowed_local_3pids_msisdn="'\+33'"
2023-01-06 14:38:14 +01:00
allow_guest_access="false"
default_identity_server="https://matrix.org"
2023-01-10 12:37:02 +01:00
auto_join_rooms="#auto_join_room:""$server_name"
2023-01-10 04:14:11 +01:00
autocreate_auto_join_rooms="false"
2023-01-06 14:38:14 +01:00
auto_join_rooms_for_guests="true"
password_enabled="true"
enable_notifs="true"
notif_for_new_users="true"
enable_group_creation="true"
2023-01-30 18:00:49 +01:00
push_include_content="true"
2023-01-06 14:38:14 +01:00
2023-01-11 17:11:43 +01:00
ynh_app_setting_set --app=$app --key=backup_before_upgrade --value=$backup_before_upgrade
ynh_app_setting_set --app=$app --key=server_statistics --value=$server_statistics
2023-01-11 14:03:52 +01:00
ynh_app_setting_set --app=$app --key=web_client_location --value=$web_client_location
ynh_app_setting_set --app=$app --key=client_base_url --value=$client_base_url
ynh_app_setting_set --app=$app --key=invite_client_location --value=$invite_client_location
2023-01-06 14:38:14 +01:00
ynh_app_setting_set --app=$app --key=allow_public_rooms_without_auth --value=$allow_public_rooms_without_auth
ynh_app_setting_set --app=$app --key=allow_public_rooms_over_federation --value=$allow_public_rooms_over_federation
2023-01-13 12:38:30 +01:00
ynh_app_setting_set --app=$app --key=max_upload_size --value=$max_upload_size
2023-01-06 14:38:14 +01:00
ynh_app_setting_set --app=$app --key=disable_msisdn_registration --value=$disable_msisdn_registration
2023-01-10 12:37:02 +01:00
ynh_app_setting_set --app=$app --key=registrations_require_3pid --value=$registrations_require_3pid
2023-01-19 10:08:18 +01:00
ynh_app_setting_set --app=$app --key=allowed_local_3pids_email --value=$allowed_local_3pids_email
ynh_app_setting_set --app=$app --key=allowed_local_3pids_msisdn --value=$allowed_local_3pids_msisdn
2023-01-06 14:38:14 +01:00
ynh_app_setting_set --app=$app --key=allow_guest_access --value=$allow_guest_access
ynh_app_setting_set --app=$app --key=default_identity_server --value=$default_identity_server
ynh_app_setting_set --app=$app --key=auto_join_rooms --value=$auto_join_rooms
2023-01-10 04:14:11 +01:00
ynh_app_setting_set --app=$app --key=autocreate_auto_join_rooms --value=$autocreate_auto_join_rooms
2023-01-06 14:38:14 +01:00
ynh_app_setting_set --app=$app --key=auto_join_rooms_for_guests --value=$auto_join_rooms_for_guests
ynh_app_setting_set --app=$app --key=password_enabled --value=$password_enabled
ynh_app_setting_set --app=$app --key=enable_notifs --value=$enable_notifs
ynh_app_setting_set --app=$app --key=notif_for_new_users --value=$notif_for_new_users
ynh_app_setting_set --app=$app --key=enable_group_creation --value=$enable_group_creation
2023-01-30 18:00:49 +01:00
ynh_app_setting_set --app=$app --key=push_include_content --value=$push_include_content
2023-01-06 14:38:14 +01:00
2018-01-30 23:44:49 +01:00
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Configuring firewall..." --weight=19
2018-01-30 23:44:49 +01:00
# Find a free port
2019-04-30 19:15:33 +02:00
synapse_tls_port=$(ynh_find_port --port=8448)
port=$(ynh_find_port --port=8008)
turnserver_tls_port=$(ynh_find_port --port=5349)
turnserver_alt_tls_port=$(ynh_find_port --port=$((turnserver_tls_port+1)))
cli_port=$(ynh_find_port --port=5766)
2017-03-07 15:46:05 +01:00
2018-01-30 23:44:49 +01:00
# Open this port
2019-04-30 19:15:33 +02:00
ynh_exec_warn_less yunohost firewall allow TCP $synapse_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
2018-05-10 20:28:26 +02:00
2018-01-30 23:44:49 +01:00
# Store opened ports
2019-04-30 19:15:33 +02:00
ynh_app_setting_set --app=$app --key=synapse_port --value=$port
ynh_app_setting_set --app=$app --key=synapse_tls_port --value=$synapse_tls_port
ynh_app_setting_set --app=$app --key=turnserver_tls_port --value=$turnserver_tls_port
ynh_app_setting_set --app=$app --key=turnserver_alt_tls_port --value=$turnserver_alt_tls_port
ynh_app_setting_set --app=$app --key=cli_port --value=$cli_port
2018-01-19 22:05:39 +01:00
2019-02-08 11:24:08 +01:00
#=================================================
# CREATE A DH FILE
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Creating a dh file..." --weight=3
2019-02-08 11:24:08 +01:00
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
2019-04-30 19:15:33 +02:00
# Make dh cert for synapse if it doesn't exist
if [ ! -e /etc/ssl/private/dh2048.pem ]
2019-02-08 11:24:08 +01:00
then
2019-04-30 19:15:33 +02:00
ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
2019-02-08 11:24:08 +01:00
chown root:ssl-cert /etc/ssl/private/dh2048.pem
chmod 640 /etc/ssl/private/dh2048.pem
fi
2018-01-30 23:44:49 +01:00
#=================================================
# INSTALL DEPENDENCIES
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Installing dependencies..." --weight=80
2018-01-30 23:44:49 +01:00
2018-08-03 15:58:40 +02:00
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
2018-01-30 23:44:49 +01:00
# For any update do it in all files
2022-10-28 10:50:43 +02:00
ynh_exec_warn_less ynh_install_app_dependencies $dependances
2018-01-30 23:44:49 +01:00
#=================================================
# CREATE DEDICATED USER
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Configuring system user..." --weight=3
2017-02-13 20:43:41 +01:00
2021-03-14 15:25:48 +01:00
ynh_system_user_create --username=$synapse_user --home_dir=$final_path
2023-01-10 16:56:15 +01:00
# The format to create an user account varies depending on the version of YunoHost currently installed.
ynh_current_version=$(dpkg-query --showformat='${Version}' --show yunohost)
if $(dpkg --compare-versions "$ynh_current_version" ge "11.1"); then
yunohost user create $synapse_user_app -F "Synapse Application" -d $domain -p "$synapse_user_app_pwd"
else
yunohost user create $synapse_user_app -f Synapse -l Application -d $domain -p "$synapse_user_app_pwd"
fi
2017-12-30 15:59:05 +01:00
adduser $synapse_user ssl-cert
adduser turnserver ssl-cert
2017-02-13 20:43:41 +01:00
2018-01-30 23:44:49 +01:00
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=4
2018-01-30 23:44:49 +01:00
2019-04-30 19:15:33 +02:00
synapse_db_pwd=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=synapse_db_pwd --value=$synapse_db_pwd
2018-01-30 23:44:49 +01:00
2017-07-21 22:28:49 +02:00
# Create postgresql database
2017-11-11 13:17:49 +01:00
ynh_psql_test_if_first_run
2017-07-21 22:28:49 +02:00
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
ynh_psql_execute_as_root \
2019-04-30 19:15:33 +02:00
--sql="CREATE DATABASE $synapse_db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $synapse_db_user;"
2017-02-13 20:43:41 +01:00
2018-01-30 23:44:49 +01:00
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Setting up source files..." --weight=50
2017-02-13 20:43:41 +01:00
2018-01-30 23:44:49 +01:00
# Create empty dir for synapse
2018-08-03 15:58:40 +02:00
# WARNING : theses command are used in INSTALL, UPGRADE
2018-01-30 23:44:49 +01:00
# For any update do it in all files
2020-12-07 16:34:41 +01:00
mkdir -p $data_path
2018-01-30 23:44:49 +01:00
mkdir -p /var/log/matrix-$app
mkdir -p /etc/matrix-$app/conf.d
2020-09-13 20:23:55 +02:00
mkdir -p /etc/matrix-$app/app-service
2020-10-06 22:28:23 +02:00
echo "app_service_config_files:" > /etc/matrix-$app/conf.d/app_service.yaml
2018-01-30 23:44:49 +01:00
# Install synapse in virtualenv
2020-07-29 22:52:58 +02:00
install_sources
2018-01-30 23:44:49 +01:00
2020-02-22 00:42:32 +01:00
#=================================================
# CREATE SMALL CAS SERVER
#=================================================
# WARNING : theses command are used in INSTALL, UPGRADE
# For any update do it in all files
mkdir -p $final_www_path
cp ../sources/cas_server.php $final_www_path/
chmod u=rwX,g=rX,o= -R $final_www_path
chown $synapse_user:root -R $final_www_path
2018-08-01 00:32:10 +02:00
#=================================================
2019-02-08 11:24:08 +01:00
# CREATE SYNAPSE CONFIG
2018-08-01 00:32:10 +02:00
#=================================================
2020-02-22 00:42:32 +01:00
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Creating Synapse config..." --weight=3
2018-08-01 00:32:10 +02:00
# Go in virtualenvironnement
2020-07-29 22:52:58 +02:00
set +u;
2018-08-01 00:32:10 +02:00
source $final_path/bin/activate
2020-07-29 22:52:58 +02:00
set -u;
2018-08-01 00:32:10 +02:00
2019-02-08 11:24:08 +01:00
# Generate config
2022-09-15 13:55:46 +02:00
python -m synapse.app.homeserver --keys-directory /etc/matrix-$app/ --generate-config --server-name $server_name --report-stats=no -c homeserver.yml
2018-08-01 00:32:10 +02:00
2018-08-21 07:27:01 +02:00
# This function was defined when we called "source $final_path/bin/activate". With this function we undo what "$final_path/bin/activate" does
2020-07-29 22:52:58 +02:00
set +u;
2018-08-01 00:32:10 +02:00
deactivate
2020-07-29 22:52:58 +02:00
set -u;
2018-08-01 00:32:10 +02:00
2018-08-21 07:27:01 +02:00
# Get random values from config
2019-11-19 20:29:11 +01:00
registration_shared_secret=$(egrep "^registration_shared_secret:" homeserver.yml | cut -d'"' -f2)
form_secret=$(egrep "^form_secret:" homeserver.yml | cut -d'"' -f2)
macaroon_secret_key=$(egrep "^macaroon_secret_key:" homeserver.yml | cut -d'"' -f2)
2018-08-01 00:32:10 +02:00
# store in yunohost settings
2019-04-30 19:15:33 +02:00
ynh_app_setting_set --app=$app --key=registration_shared_secret --value="$registration_shared_secret"
ynh_app_setting_set --app=$app --key=form_secret --value="$form_secret"
2019-11-12 21:59:46 +01:00
ynh_app_setting_set --app=$app --key=macaroon_secret_key --value="$macaroon_secret_key"
2018-08-01 00:32:10 +02:00
2018-01-30 23:44:49 +01:00
#=================================================
# SETUP SYSTEMD
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Configuring a systemd service..." --weight=2
2017-02-16 22:54:57 +01:00
2018-01-19 22:05:39 +01:00
# Create systemd service for synapse and turnserver
cp ../conf/default_matrix-synapse /etc/default/matrix-$app
2019-04-30 19:15:33 +02:00
ynh_add_systemd_config --service=matrix-$app --template=matrix-synapse.service
2018-01-19 22:05:39 +01:00
cp ../conf/default_coturn /etc/default/coturn-$app
2019-04-30 19:15:33 +02:00
ynh_add_systemd_config --service=coturn-$app --template=coturn-synapse.service
2017-02-13 20:43:41 +01:00
2018-01-30 23:44:49 +01:00
#=================================================
# NGINX CONFIGURATION
#=================================================
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
2018-01-30 23:44:49 +01:00
2020-02-22 00:42:32 +01:00
# Create a dedicated php-fpm config
ynh_script_progression --message="Configuring application..."
ynh_add_fpm_config
2019-12-14 15:14:27 +01:00
# Create .well-known redirection for access by federation
if yunohost --output-as plain domain list | grep -q "^$server_name$"
then
2020-12-15 22:25:29 +01:00
ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
2019-12-14 15:14:27 +01:00
fi
2020-05-07 14:41:35 +02:00
# Create a dedicated nginx config
ynh_add_nginx_config app
2018-01-30 23:44:49 +01:00
#=================================================
# SET SYNAPSE CONFIG
#=================================================
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Configuring Synapse..." --weight=2
2018-01-30 23:44:49 +01:00
# Find password for turnserver and database
2019-04-30 19:15:33 +02:00
turnserver_pwd=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=turnserver_pwd --value=$turnserver_pwd
2018-01-30 23:44:49 +01:00
2017-02-13 20:43:41 +01:00
# Configure Synapse
2019-12-14 15:15:25 +01:00
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
2018-01-30 23:44:49 +01:00
# For any update do it in all files
2018-02-03 11:32:59 +01:00
2020-12-15 22:25:29 +01:00
macaroon_secret_key_param='macaroon_secret_key: "'$macaroon_secret_key'"'
2019-04-30 19:15:33 +02:00
2020-12-15 22:25:29 +01:00
ynh_add_config --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
2018-01-30 23:44:49 +01:00
#=================================================
# SET COTURN CONFIG
#=================================================
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Configuring Coturn..." --weight=1
2018-01-30 23:44:49 +01:00
2018-08-03 15:58:40 +02:00
# WARNING : theses command are used in INSTALL, UPGRADE
2018-01-30 23:44:49 +01:00
# For any update do it in all files
2018-05-06 00:35:58 +02:00
# Get public IP and set as external IP for coturn
2018-05-10 14:23:26 +02:00
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
2021-06-04 21:21:42 +02:00
public_ip4="$(curl -s ip.yunohost.org)" || true
public_ip6="$(curl -s ipv6.yunohost.org)" || true
2018-05-10 14:23:26 +02:00
2020-12-15 22:25:29 +01:00
turn_external_ip=""
2019-04-30 19:15:33 +02:00
if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
2018-05-06 00:35:58 +02:00
then
2023-01-10 17:57:44 +01:00
turn_external_ip+="external-ip="$public_ip4%"\n"
2018-05-06 00:35:58 +02:00
fi
2019-04-30 19:15:33 +02:00
if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
2018-05-06 00:35:58 +02:00
then
2023-01-10 17:57:44 +01:00
turn_external_ip+="external-ip="$public_ip6%"\n"
2018-05-06 00:35:58 +02:00
fi
2020-12-15 22:25:29 +01:00
ynh_add_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
2018-01-30 23:44:49 +01:00
#=================================================
# SETUP LOGROTATE
#=================================================
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Configuring log rotation..." --weight=2
2017-02-13 20:43:41 +01:00
2019-09-30 10:37:22 +02:00
ynh_use_logrotate --logfile "/var/log/matrix-$app"
2017-02-13 20:43:41 +01:00
2018-06-20 19:16:01 +02:00
#=================================================
2020-07-24 23:33:53 +02:00
# ADD SCRIPT FOR COTURN CRON AND APP SERVICE
2018-06-20 19:16:01 +02:00
#=================================================
2018-08-03 15:58:40 +02:00
# WARNING : theses command are used in INSTALL, UPGRADE
2018-06-20 19:16:01 +02:00
# For any update do it in all files
2020-12-15 22:25:29 +01:00
ynh_add_config --template="../sources/Coturn_config_rotate.sh" --destination="$final_path/Coturn_config_rotate.sh"
ynh_add_config --template="../sources/update_synapse_for_appservice.sh" --destination="$final_path/update_synapse_for_appservice.sh"
2018-06-20 19:16:01 +02:00
2018-01-30 23:44:49 +01:00
#=================================================
# GENERIC FINALIZATION
#=================================================
2020-12-15 22:25:29 +01:00
# SETUP PERMISSIONS
2018-01-30 23:44:49 +01:00
#=================================================
2020-12-15 22:25:29 +01:00
ynh_script_progression --message="Configuring permissions..." --weight=1
2021-03-07 11:42:53 +01:00
ynh_permission_url --permission=main --url=$domain/_matrix/cas_server.php/login --auth_header=true
2021-03-31 21:49:36 +02:00
ynh_permission_update --permission=main --show_tile=false --protected=true
2018-01-30 23:44:49 +01:00
2021-05-09 15:25:02 +02:00
ynh_permission_create --permission=server_api --url=$domain/_matrix \
2021-01-26 22:21:02 +01:00
--label="Server access for client apps." --show_tile=false --allowed=visitors \
2020-12-15 22:25:29 +01:00
--auth_header=false --protected=true
2022-03-05 12:46:12 +01:00
ynh_permission_create --permission=admin_api --url=$domain/_synapse \
--label="Server administration API." --show_tile=false \
2022-10-24 10:53:52 +02:00
--auth_header=false --allowed=visitors
2021-05-09 15:25:02 +02:00
if yunohost --output-as plain domain list | grep -q "^$server_name$"; then
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
fi
2022-09-15 13:55:46 +02:00
2019-09-03 15:26:09 +02:00
#=================================================
# UPDATE HOOKS
#=================================================
# WARNING : theses command are used in INSTALL, UPGRADE
# For any update do it in all files
ynh_replace_string __APP__ $app ../hooks/post_cert_update
ynh_replace_string __DOMAIN__ $domain ../hooks/post_cert_update
2018-01-30 23:44:49 +01:00
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
2018-08-23 22:22:05 +02:00
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
2018-01-30 23:44:49 +01:00
# For any update do it in all files
chown $synapse_user:root -R $final_path
2018-08-20 12:45:35 +02:00
chmod 770 $final_path/Coturn_config_rotate.sh
2020-07-24 23:33:53 +02:00
chmod 700 $final_path/update_synapse_for_appservice.sh
2020-12-07 16:34:41 +01:00
chown $synapse_user:root -R $data_path
2018-01-30 23:44:49 +01:00
chown $synapse_user:root -R /var/log/matrix-$app
chown $synapse_user:root -R /etc/matrix-$app
chmod u=rwX,g=rX,o= -R /etc/matrix-$app
2019-05-11 15:01:17 +02:00
chmod 600 /etc/matrix-$app/$server_name.signing.key
2018-01-30 23:44:49 +01:00
setfacl -R -m user:turnserver:rX /etc/matrix-$app
setfacl -R -m user:turnserver:rwX /var/log/matrix-$app
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
2018-01-13 01:07:17 +01:00
2020-07-24 00:34:52 +02:00
yunohost service add matrix-$app --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $synapse_tls_port
2020-08-23 10:03:10 +02:00
yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
2017-05-26 15:29:12 +02:00
2018-01-30 23:44:49 +01:00
#=================================================
# RELOAD SERVICES
#=================================================
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Restarting Synapse services..." --weight=11
2018-01-30 23:44:49 +01:00
2019-04-30 19:15:33 +02:00
ynh_systemd_action --service_name=coturn-$app.service --action=restart
ynh_systemd_action --service_name=matrix-$app --action=restart --line_match="Synapse now listening on TCP port $synapse_tls_port" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
2018-03-13 16:50:27 +01:00
#=================================================
2019-02-12 21:24:25 +01:00
# SETUP FAIL2BAN
#=================================================
2022-10-28 10:59:40 +02:00
ynh_script_progression --message="Configuring Fail2Ban..." --weight=10
2019-02-12 21:24:25 +01:00
# WARNING : theses command are used in INSTALL, UPGRADE
# For any update do it in all files
2019-04-30 19:15:33 +02:00
ynh_add_fail2ban_config --use_template
2019-02-12 21:24:25 +01:00
#=================================================
2018-03-13 16:50:27 +01:00
# SEND A README FOR THE ADMIN
#=================================================
2018-08-03 15:58:40 +02:00
# WARNING : theses command are used in INSTALL, RESTORE
2018-06-20 19:32:48 +02:00
# For any update do it in all files
2019-04-30 19:15:33 +02:00
echo "If your server name is identical to the domain on which synapse is installed, and the default port 8448 is used, your server is normally already accessible by the federation.
2019-02-08 15:27:41 +01:00
If not, you may need to put the following line in the dns configuration:
2018-03-13 16:50:27 +01:00
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
2019-02-08 15:27:41 +01:00
For more details, see : https://github.com/matrix-org/synapse#setting-up-federation
2018-03-13 16:50:27 +01:00
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
2018-07-05 21:46:24 +02:00
Your synapse server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/synapse_ynh .
2018-03-13 16:50:27 +01:00
2019-02-08 11:24:08 +01:00
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh
2019-04-30 19:15:33 +02:00
You also need a valid TLS certificate for the domain used by synapse. To do that you can refer to the documentation here : https://yunohost.org/#/certificate_en" > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --type="install"
#=================================================
# END OF SCRIPT
#=================================================
2018-03-13 16:50:27 +01:00
2019-04-30 19:15:33 +02:00
ynh_script_progression --message="Installation of $app completed" --last