synapse_ynh/scripts/_common.sh

readonly python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)"
readonly code_dir="/opt/yunohost/matrix-$app"
readonly domain_whitelist_client="$(yunohost --output-as json domain list  | jq -r '.domains | .[]')"
readonly db_name_slidingproxy="${db_name}"_slidingproxy

install_sources() {
    # Install/upgrade synapse in virtualenv

    # Clean venv is it was on python2.7 or python3 with old version in case major upgrade of debian
    if [ ! -e "$code_dir"/bin/python3 ] || [ ! -e "$code_dir/lib/python$python_version" ]; then
        ynh_secure_remove --file="$code_dir"/bin
        ynh_secure_remove --file="$code_dir"/lib
        ynh_secure_remove --file="$code_dir"/lib64
        ynh_secure_remove --file="$code_dir"/include
        ynh_secure_remove --file="$code_dir"/share
        ynh_secure_remove --file="$code_dir"/pyvenv.cfg
    fi

    mkdir -p "$code_dir"
    chown "$app":root -R "$code_dir"

    if [ -n "$(uname -m | grep arm)" ]
    then
        # Clean old file, sometimes it could make some big issues if we don't do this!!
        ynh_secure_remove --file="$code_dir"/bin
        ynh_secure_remove --file="$code_dir"/lib
        ynh_secure_remove --file="$code_dir"/include
        ynh_secure_remove --file="$code_dir"/share

        ynh_setup_source --dest_dir="$code_dir"/ --source_id="synapse_prebuilt_armv7_$(lsb_release --codename --short)"

        # Fix multi-instance support
        for f in "$code_dir"/bin/*; do
            if ! [[ $f =~ "__" ]]; then
                ynh_replace_special_string --match_string='#!/opt/yunohost/matrix-synapse' --replace_string='#!'"$code_dir" --target_file="$f"
            fi
        done
    else

        # Install virtualenv if it don't exist
        test -e "$code_dir"/bin/python3 || python3 -m venv "$code_dir"

        # Install synapse in virtualenv
        local pip3="$code_dir"/bin/pip3

        $pip3 install --upgrade setuptools wheel pip cffi
        $pip3 install --upgrade -r "$YNH_APP_BASEDIR/conf/requirement_$(lsb_release --codename --short).txt"
    fi

    # Apply patch for LDAP auth if needed
    # Note that we put patch into scripts dir because /source are not stored and can't be used on restore
    if ! grep -F -q '# LDAP Filter anonymous user Applied' "$code_dir/lib/python$python_version/site-packages/ldap_auth_provider.py"; then
        pushd "$code_dir/lib/python$python_version/site-packages"
        patch < "$YNH_APP_BASEDIR"/scripts/patch/ldap_auth_filter_anonymous_user.patch
        popd
    fi

    # Setup chroot for sliding proxy
    # Note that on debian bullseye we can't support run directly sliding proxy as it require new version of libc not available on debian bullseye
    mkdir -p  $code_dir/sliding-chroot
    ynh_setup_source -r --dest_dir=$code_dir/sliding-chroot/ --source_id=sliding_proxy_rootfs
    mkdir -p  $code_dir/sliding-chroot/bin
    ynh_setup_source --dest_dir=$code_dir/sliding-chroot/bin/ --source_id=sliding_proxy
}

configure_coturn() {
    # Get public IP and set as external IP for coturn
    # note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
    local public_ip4
    local public_ip6
    public_ip4="$(curl -s ip.yunohost.org)" || true
    public_ip6="$(curl -s ipv6.yunohost.org)" || true

    local turn_external_ip=""
    if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
    then
        turn_external_ip+="$public_ip4,"
    fi
    if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
    then
        turn_external_ip+="$public_ip6"
    fi
    ynh_add_config --jinja --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
}

configure_nginx() {
    local e2e_enabled_by_default_client_config

    # Create .well-known redirection for access by federation
    if yunohost --output-as plain domain list | grep -q "^$server_name$"
    then
        local e2e_enabled_by_default_client_config
        if [ "$e2e_enabled_by_default" == "off" ]; then
            e2e_enabled_by_default_client_config=false
        else
            e2e_enabled_by_default_client_config=true
        fi
        ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
    fi

    # Create a dedicated NGINX config
    ynh_add_nginx_config
}

ensure_vars_set() {
    if [ -z "${report_stats:-}" ]; then
        report_stats=false
        ynh_app_setting_set --app="$app" --key=report_stats --value="$report_stats"
    fi
    if [ -z "${e2e_enabled_by_default:-}" ] ; then
        e2e_enabled_by_default=invite
        ynh_app_setting_set --app="$app" --key=e2e_enabled_by_default --value="$e2e_enabled_by_default"
    fi

    if [ -z "${turnserver_pwd:-}" ]; then
        turnserver_pwd=$(ynh_string_random --length=30)
        ynh_app_setting_set --app="$app" --key=turnserver_pwd --value="$turnserver_pwd"
    fi

    if [ -z "${turnserver_cli_pwd:-}" ]; then
        turnserver_cli_pwd=$(ynh_string_random --length=30)
        ynh_app_setting_set --app="$app" --key=turnserver_cli_pwd --value="$turnserver_cli_pwd"
    fi

    if [ -z "${web_client_location:-}" ]
    then
        web_client_location="https://matrix.to/"

        element_instance=element
        if yunohost --output-as plain app list | grep -q "^$element_instance"'$'; then
            element_domain=$(ynh_app_setting_get --app=$element_instance --key=domain)
            element_path=$(ynh_app_setting_get --app=$element_instance --key=path)
            web_client_location="https://""$element_domain""$element_path"
        fi
        ynh_app_setting_set --app="$app" --key=web_client_location --value="$web_client_location"
    fi
    if [ -z "${client_base_url:-}" ]
    then
        client_base_url="$web_client_location"
        ynh_app_setting_set --app="$app" --key=client_base_url --value="$client_base_url"
    fi
    if [ -z "${invite_client_location:-}" ]
    then
        invite_client_location="$web_client_location"
        ynh_app_setting_set --app="$app" --key=invite_client_location --value="$invite_client_location"
    fi

    if [ -z "${allow_public_rooms_without_auth:-}" ]
    then
        allow_public_rooms_without_auth=${allow_public_rooms:-false}
        ynh_app_setting_set --app="$app" --key=allow_public_rooms_without_auth --value="$allow_public_rooms_without_auth"
    fi
    if [ -z "${allow_public_rooms_over_federation:-}" ]
    then
        allow_public_rooms_over_federation=${allow_public_rooms:-false}
        ynh_app_setting_set --app="$app" --key=allow_public_rooms_over_federation --value="$allow_public_rooms_over_federation"
    fi
    if [ -z "${max_upload_size:-}" ]
    then
        max_upload_size=100M
        ynh_app_setting_set --app="$app" --key=max_upload_size --value="$max_upload_size"
    fi
    if [ -z "${disable_msisdn_registration:-}" ]
    then
        disable_msisdn_registration=true
        ynh_app_setting_set --app="$app" --key=disable_msisdn_registration --value=$disable_msisdn_registration
    fi
    if [ -z "${account_threepid_delegates_msisdn:-}" ]
    then
        account_threepid_delegates_msisdn=''
        ynh_app_setting_set --app="$app" --key=account_threepid_delegates_msisdn --value="$account_threepid_delegates_msisdn"
    fi

    if [ -z "${registrations_require_3pid:-}" ]
    then
        registrations_require_3pid=email
        ynh_app_setting_set --app="$app" --key=registrations_require_3pid --value="$registrations_require_3pid"
    fi
    if [ -z "${allowed_local_3pids_email:-}" ]
    then
        allowed_local_3pids_email=''
        ynh_app_setting_set --app="$app" --key=allowed_local_3pids_email --value="$allowed_local_3pids_email"
    fi
    if [ -z "${allowed_local_3pids_msisdn:-}" ]
    then
        allowed_local_3pids_msisdn=''
        ynh_app_setting_set --app="$app" --key=allowed_local_3pids_msisdn --value="$allowed_local_3pids_msisdn"
    fi
    if [ -z "${account_threepid_delegates_msisdn:-}" ]
    then
        account_threepid_delegates_msisdn=""
        ynh_app_setting_set --app="$app" --key=account_threepid_delegates_msisdn --value="$account_threepid_delegates_msisdn"
    fi

    if [ -z "${allow_guest_access:-}" ]
    then
        allow_guest_access=false
        ynh_app_setting_set --app="$app" --key=allow_guest_access --value="$allow_guest_access"
    fi
    if [ -z "${default_identity_server:-}" ]
    then
        default_identity_server='https://matrix.org'
        ynh_app_setting_set --app=$app --key=default_identity_server --value="$default_identity_server"
    fi

    if [ -z "${auto_join_rooms:-}" ]
    then
        auto_join_rooms=''
        ynh_app_setting_set --app="$app" --key=auto_join_rooms --value="$auto_join_rooms"
    fi
    if [ -z "${autocreate_auto_join_rooms:-}" ]
    then
        autocreate_auto_join_rooms=false
        ynh_app_setting_set --app="$app" --key=autocreate_auto_join_rooms --value="$autocreate_auto_join_rooms"
    fi
    if [ -z "${auto_join_rooms_for_guests:-}" ]
    then
        auto_join_rooms_for_guests=true
        ynh_app_setting_set --app="$app" --key=auto_join_rooms_for_guests --value="$auto_join_rooms_for_guests"
    fi

    if [ -z "${enable_notifs:-}" ]
    then
        enable_notifs=true
        ynh_app_setting_set --app="$app" --key=enable_notifs --value="$enable_notifs"
    fi
    if [ -z "${notif_for_new_users:-}" ]
    then
        notif_for_new_users=true
        ynh_app_setting_set --app="$app" --key=notif_for_new_users --value="$notif_for_new_users"
    fi
    if [ -z "${enable_group_creation:-}" ]
    then
        enable_group_creation=true
        ynh_app_setting_set --app="$app" --key=enable_group_creation --value="$enable_group_creation"
    fi

    if [ -z "${enable_3pid_lookup:-}" ]
    then
        enable_3pid_lookup=false
        ynh_app_setting_set --app="$app" --key=enable_3pid_lookup --value="$enable_3pid_lookup"
    fi

    if [ -z "${push_include_content:-}" ]
    then
        push_include_content=true
        ynh_app_setting_set --app="$app" --key=push_include_content --value="$push_include_content"
    fi

    if [ -z "${enable_dtls_for_audio_video_turn_call:-}" ]
    then
        enable_dtls_for_audio_video_turn_call=true
        ynh_app_setting_set --app="$app" --key=enable_dtls_for_audio_video_turn_call --value="$enable_dtls_for_audio_video_turn_call"
    fi

    if [ -z "${sync_proxy_secret:-}" ]
    then
        sync_proxy_secret=$(ynh_string_random -l 40)
        ynh_app_setting_set --app=$app --key=sync_proxy_secret --value=$sync_proxy_secret
    fi
}

set_permissions() {
    chown $app:$app -R "$code_dir"
    chmod o= -R "$code_dir"

    chmod 770 "$code_dir"/Coturn_config_rotate.sh
    chmod 700 "$code_dir"/update_synapse_for_appservice.sh
    chmod 700 "$code_dir"/set_admin_user.sh
    chmod 755 "$code_dir"/sliding-chroot/bin/sliding-proxy

    if [ "${1:-}" == data ]; then
        find "$data_dir" \(   \! -perm -o= \
                         -o \! -user "$app" \
                         -o \! -group "$app" \) \
                    -exec chown "$app:$app" {} \; \
                    -exec chmod o= {} \;
    fi

    chown "$app:$app" -R /etc/matrix-"$app"
    chmod u=rwX,g=rX,o= -R /etc/matrix-"$app"
    setfacl -R -m user:turnserver:rX  /etc/matrix-"$app"

    chmod 600 /etc/matrix-"$app"/"$server_name".signing.key

    chown "$app":root -R /var/log/matrix-"$app"
    chmod u=rwX,g=rX,o= -R /var/log/matrix-"$app"
    setfacl -R -m user:turnserver:rwX  /var/log/matrix-"$app"
}
Remove configure synapse function as it's not more needed 2024-04-05 01:02:47 +02:00			`readonly python_version="$(python3 -V \| cut -d' ' -f2 \| cut -d. -f1-2)"`
			`readonly code_dir="/opt/yunohost/matrix-$app"`
			`readonly domain_whitelist_client="$(yunohost --output-as json domain list \| jq -r '.domains \| .[]')"`
Merge branch 'testing' into matrix_v2 2024-06-22 21:34:36 +02:00			`readonly db_name_slidingproxy="${db_name}"_slidingproxy`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
			`install_sources() {`
			`# Install/upgrade synapse in virtualenv`

			`# Clean venv is it was on python2.7 or python3 with old version in case major upgrade of debian`
Fix shell check 2024-04-27 01:21:40 +02:00			`if [ ! -e "$code_dir"/bin/python3 ] \|\| [ ! -e "$code_dir/lib/python$python_version" ]; then`
			`ynh_secure_remove --file="$code_dir"/bin`
			`ynh_secure_remove --file="$code_dir"/lib`
			`ynh_secure_remove --file="$code_dir"/lib64`
			`ynh_secure_remove --file="$code_dir"/include`
			`ynh_secure_remove --file="$code_dir"/share`
			`ynh_secure_remove --file="$code_dir"/pyvenv.cfg`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`fi`

Fix shell check 2024-04-27 01:21:40 +02:00			`mkdir -p "$code_dir"`
			`chown "$app":root -R "$code_dir"`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
			`if [ -n "$(uname -m \| grep arm)" ]`
			`then`
			`# Clean old file, sometimes it could make some big issues if we don't do this!!`
Fix shell check 2024-04-27 01:21:40 +02:00			`ynh_secure_remove --file="$code_dir"/bin`
			`ynh_secure_remove --file="$code_dir"/lib`
			`ynh_secure_remove --file="$code_dir"/include`
			`ynh_secure_remove --file="$code_dir"/share`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
Fix shell check 2024-04-27 01:21:40 +02:00			`ynh_setup_source --dest_dir="$code_dir"/ --source_id="synapse_prebuilt_armv7_$(lsb_release --codename --short)"`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
			`# Fix multi-instance support`
fix shell check 2024-05-07 13:09:25 +02:00			`for f in "$code_dir"/bin/*; do`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`if ! [[ $f =~ "__" ]]; then`
fix shell check 2024-05-07 13:09:25 +02:00			`ynh_replace_special_string --match_string='#!/opt/yunohost/matrix-synapse' --replace_string='#!'"$code_dir" --target_file="$f"`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`fi`
			`done`
			`else`
Fix issue #248 and #244 2021-04-05 12:55:40 +02:00
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`# Install virtualenv if it don't exist`
Fix shell check 2024-04-27 01:21:40 +02:00			`test -e "$code_dir"/bin/python3 \|\| python3 -m venv "$code_dir"`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
			`# Install synapse in virtualenv`
Fix shell check 2024-04-27 01:21:40 +02:00			`local pip3="$code_dir"/bin/pip3`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00
Simplify pip command 2024-02-28 12:11:15 +01:00			`$pip3 install --upgrade setuptools wheel pip cffi`
Fix shell check 2024-04-27 01:21:40 +02:00			`$pip3 install --upgrade -r "$YNH_APP_BASEDIR/conf/requirement_$(lsb_release --codename --short).txt"`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`fi`
Patch upstream to add anonymous ldap filter 2024-02-06 20:55:10 +01:00
			`# Apply patch for LDAP auth if needed`
Move patch to script dir as source are not available on restore 2024-03-12 12:13:17 +01:00			`# Note that we put patch into scripts dir because /source are not stored and can't be used on restore`
Fix shell check 2024-04-27 01:21:40 +02:00			`if ! grep -F -q '# LDAP Filter anonymous user Applied' "$code_dir/lib/python$python_version/site-packages/ldap_auth_provider.py"; then`
			`pushd "$code_dir/lib/python$python_version/site-packages"`
			`patch < "$YNH_APP_BASEDIR"/scripts/patch/ldap_auth_filter_anonymous_user.patch`
Patch upstream to add anonymous ldap filter 2024-02-06 20:55:10 +01:00			`popd`
			`fi`
First implementation of matrix sliding proxy 2024-02-26 21:20:00 +01:00
			`# Setup chroot for sliding proxy`
			`# Note that on debian bullseye we can't support run directly sliding proxy as it require new version of libc not available on debian bullseye`
			`mkdir -p $code_dir/sliding-chroot`
			`ynh_setup_source -r --dest_dir=$code_dir/sliding-chroot/ --source_id=sliding_proxy_rootfs`
			`mkdir -p $code_dir/sliding-chroot/bin`
			`ynh_setup_source --dest_dir=$code_dir/sliding-chroot/bin/ --source_id=sliding_proxy`
Fix issues on upgrade of major debian version 2020-07-29 22:52:58 +02:00			`}`
Update configuration from upstream 2022-05-28 00:17:09 +02:00
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00			`configure_coturn() {`
			`# Get public IP and set as external IP for coturn`
			`# note : '\|\| true' is used to ignore the errors if we can't get the public ipv4 or ipv6`
Fix shell check 2024-04-27 01:21:40 +02:00			`local public_ip4`
			`local public_ip6`
			`public_ip4="$(curl -s ip.yunohost.org)" \|\| true`
			`public_ip6="$(curl -s ipv6.yunohost.org)" \|\| true`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
			`local turn_external_ip=""`
			`if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"`
			`then`
Use jinja template for complexe config file 2024-04-04 23:47:08 +02:00			`turn_external_ip+="$public_ip4,"`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00			`fi`
			`if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"`
			`then`
Use jinja template for complexe config file 2024-04-04 23:47:08 +02:00			`turn_external_ip+="$public_ip6"`
Avoid to block crear communication when call over dtls is disabled 2024-03-09 16:33:03 +01:00			`fi`
Use the official jinja helper 2024-06-04 21:00:22 +02:00			`ynh_add_config --jinja --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00			`}`

			`configure_nginx() {`
			`local e2e_enabled_by_default_client_config`

			`# Create .well-known redirection for access by federation`
			`if yunohost --output-as plain domain list \| grep -q "^$server_name$"`
			`then`
			`local e2e_enabled_by_default_client_config`
Fix shell check 2024-04-27 01:21:40 +02:00			`if [ "$e2e_enabled_by_default" == "off" ]; then`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00			`e2e_enabled_by_default_client_config=false`
			`else`
			`e2e_enabled_by_default_client_config=true`
			`fi`
			`ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"`
			`fi`

			`# Create a dedicated NGINX config`
			`ynh_add_nginx_config`
			`}`

Factorize variable initalization 2024-04-05 01:03:01 +02:00			`ensure_vars_set() {`
			`if [ -z "${report_stats:-}" ]; then`
			`report_stats=false`
			`ynh_app_setting_set --app="$app" --key=report_stats --value="$report_stats"`
			`fi`
			`if [ -z "${e2e_enabled_by_default:-}" ] ; then`
			`e2e_enabled_by_default=invite`
			`ynh_app_setting_set --app="$app" --key=e2e_enabled_by_default --value="$e2e_enabled_by_default"`
			`fi`

Move turn server password definition in same place than other definition 2024-04-17 08:44:41 +02:00			`if [ -z "${turnserver_pwd:-}" ]; then`
			`turnserver_pwd=$(ynh_string_random --length=30)`
			`ynh_app_setting_set --app="$app" --key=turnserver_pwd --value="$turnserver_pwd"`
			`fi`

Fix turnserver config 2024-06-22 17:39:59 +02:00			`if [ -z "${turnserver_cli_pwd:-}" ]; then`
			`turnserver_cli_pwd=$(ynh_string_random --length=30)`
			`ynh_app_setting_set --app="$app" --key=turnserver_cli_pwd --value="$turnserver_cli_pwd"`
			`fi`

Factorize variable initalization 2024-04-05 01:03:01 +02:00			`if [ -z "${web_client_location:-}" ]`
			`then`
			`web_client_location="https://matrix.to/"`

			`element_instance=element`
			`if yunohost --output-as plain app list \| grep -q "^$element_instance"'$'; then`
Use = intead of space for helper args to avoid issue with parameter 2024-04-26 21:57:26 +02:00			`element_domain=$(ynh_app_setting_get --app=$element_instance --key=domain)`
			`element_path=$(ynh_app_setting_get --app=$element_instance --key=path)`
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`web_client_location="https://""$element_domain""$element_path"`
			`fi`
			`ynh_app_setting_set --app="$app" --key=web_client_location --value="$web_client_location"`
			`fi`
			`if [ -z "${client_base_url:-}" ]`
			`then`
			`client_base_url="$web_client_location"`
			`ynh_app_setting_set --app="$app" --key=client_base_url --value="$client_base_url"`
			`fi`
			`if [ -z "${invite_client_location:-}" ]`
			`then`
			`invite_client_location="$web_client_location"`
			`ynh_app_setting_set --app="$app" --key=invite_client_location --value="$invite_client_location"`
			`fi`

			`if [ -z "${allow_public_rooms_without_auth:-}" ]`
			`then`
			`allow_public_rooms_without_auth=${allow_public_rooms:-false}`
			`ynh_app_setting_set --app="$app" --key=allow_public_rooms_without_auth --value="$allow_public_rooms_without_auth"`
			`fi`
			`if [ -z "${allow_public_rooms_over_federation:-}" ]`
			`then`
			`allow_public_rooms_over_federation=${allow_public_rooms:-false}`
			`ynh_app_setting_set --app="$app" --key=allow_public_rooms_over_federation --value="$allow_public_rooms_over_federation"`
			`fi`
			`if [ -z "${max_upload_size:-}" ]`
			`then`
			`max_upload_size=100M`
			`ynh_app_setting_set --app="$app" --key=max_upload_size --value="$max_upload_size"`
			`fi`
			`if [ -z "${disable_msisdn_registration:-}" ]`
			`then`
			`disable_msisdn_registration=true`
			`ynh_app_setting_set --app="$app" --key=disable_msisdn_registration --value=$disable_msisdn_registration`
			`fi`
			`if [ -z "${account_threepid_delegates_msisdn:-}" ]`
			`then`
			`account_threepid_delegates_msisdn=''`
			`ynh_app_setting_set --app="$app" --key=account_threepid_delegates_msisdn --value="$account_threepid_delegates_msisdn"`
			`fi`

			`if [ -z "${registrations_require_3pid:-}" ]`
			`then`
			`registrations_require_3pid=email`
			`ynh_app_setting_set --app="$app" --key=registrations_require_3pid --value="$registrations_require_3pid"`
			`fi`
			`if [ -z "${allowed_local_3pids_email:-}" ]`
			`then`
			`allowed_local_3pids_email=''`
			`ynh_app_setting_set --app="$app" --key=allowed_local_3pids_email --value="$allowed_local_3pids_email"`
			`fi`
			`if [ -z "${allowed_local_3pids_msisdn:-}" ]`
			`then`
			`allowed_local_3pids_msisdn=''`
			`ynh_app_setting_set --app="$app" --key=allowed_local_3pids_msisdn --value="$allowed_local_3pids_msisdn"`
			`fi`
			`if [ -z "${account_threepid_delegates_msisdn:-}" ]`
			`then`
			`account_threepid_delegates_msisdn=""`
			`ynh_app_setting_set --app="$app" --key=account_threepid_delegates_msisdn --value="$account_threepid_delegates_msisdn"`
			`fi`

			`if [ -z "${allow_guest_access:-}" ]`
			`then`
			`allow_guest_access=false`
			`ynh_app_setting_set --app="$app" --key=allow_guest_access --value="$allow_guest_access"`
			`fi`
			`if [ -z "${default_identity_server:-}" ]`
			`then`
			`default_identity_server='https://matrix.org'`
			`ynh_app_setting_set --app=$app --key=default_identity_server --value="$default_identity_server"`
			`fi`

			`if [ -z "${auto_join_rooms:-}" ]`
			`then`
			`auto_join_rooms=''`
			`ynh_app_setting_set --app="$app" --key=auto_join_rooms --value="$auto_join_rooms"`
			`fi`
			`if [ -z "${autocreate_auto_join_rooms:-}" ]`
			`then`
			`autocreate_auto_join_rooms=false`
			`ynh_app_setting_set --app="$app" --key=autocreate_auto_join_rooms --value="$autocreate_auto_join_rooms"`
			`fi`
			`if [ -z "${auto_join_rooms_for_guests:-}" ]`
			`then`
			`auto_join_rooms_for_guests=true`
			`ynh_app_setting_set --app="$app" --key=auto_join_rooms_for_guests --value="$auto_join_rooms_for_guests"`
			`fi`

			`if [ -z "${enable_notifs:-}" ]`
			`then`
			`enable_notifs=true`
			`ynh_app_setting_set --app="$app" --key=enable_notifs --value="$enable_notifs"`
			`fi`
			`if [ -z "${notif_for_new_users:-}" ]`
			`then`
			`notif_for_new_users=true`
			`ynh_app_setting_set --app="$app" --key=notif_for_new_users --value="$notif_for_new_users"`
			`fi`
			`if [ -z "${enable_group_creation:-}" ]`
			`then`
			`enable_group_creation=true`
			`ynh_app_setting_set --app="$app" --key=enable_group_creation --value="$enable_group_creation"`
			`fi`

			`if [ -z "${enable_3pid_lookup:-}" ]`
			`then`
			`enable_3pid_lookup=false`
			`ynh_app_setting_set --app="$app" --key=enable_3pid_lookup --value="$enable_3pid_lookup"`
			`fi`

			`if [ -z "${push_include_content:-}" ]`
			`then`
			`push_include_content=true`
			`ynh_app_setting_set --app="$app" --key=push_include_content --value="$push_include_content"`
			`fi`

			`if [ -z "${enable_dtls_for_audio_video_turn_call:-}" ]`
			`then`
			`enable_dtls_for_audio_video_turn_call=true`
			`ynh_app_setting_set --app="$app" --key=enable_dtls_for_audio_video_turn_call --value="$enable_dtls_for_audio_video_turn_call"`
			`fi`
Merge branch 'testing' into matrix_v2 2024-04-17 08:38:39 +02:00
			`if [ -z "${sync_proxy_secret:-}" ]`
			`then`
			`sync_proxy_secret=$(ynh_string_random -l 40)`
			`ynh_app_setting_set --app=$app --key=sync_proxy_secret --value=$sync_proxy_secret`
			`fi`
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`}`

Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00			`set_permissions() {`
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`chown $app:$app -R "$code_dir"`
			`chmod o= -R "$code_dir"`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`chmod 770 "$code_dir"/Coturn_config_rotate.sh`
			`chmod 700 "$code_dir"/update_synapse_for_appservice.sh`
			`chmod 700 "$code_dir"/set_admin_user.sh`
Merge branch 'testing' into matrix_v2 2024-04-17 08:38:39 +02:00			`chmod 755 "$code_dir"/sliding-chroot/bin/sliding-proxy`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
Avoid to set whole permission on data dir when change-url and config 2024-02-29 08:12:20 +01:00			`if [ "${1:-}" == data ]; then`
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`find "$data_dir" \( \! -perm -o= \`
			`-o \! -user "$app" \`
			`-o \! -group "$app" \) \`
			`-exec chown "$app:$app" {} \; \`
Avoid to set whole permission on data dir when change-url and config 2024-02-29 08:12:20 +01:00			`-exec chmod o= {} \;`
			`fi`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`chown "$app:$app" -R /etc/matrix-"$app"`
			`chmod u=rwX,g=rX,o= -R /etc/matrix-"$app"`
			`setfacl -R -m user:turnserver:rX /etc/matrix-"$app"`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`chmod 600 /etc/matrix-"$app"/"$server_name".signing.key`
Full rework of all scripts - Adapt all script with packaging v2 - Rework cleanly control pannel and remove all replace in file as it's breaken after each update - Cleanup 2023-11-01 18:52:07 +01:00
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`chown "$app":root -R /var/log/matrix-"$app"`
Fix log rotate permission 2024-06-05 12:37:17 +02:00			`chmod u=rwX,g=rX,o= -R /var/log/matrix-"$app"`
Factorize variable initalization 2024-04-05 01:03:01 +02:00			`setfacl -R -m user:turnserver:rwX /var/log/matrix-"$app"`
Update configuration from upstream 2022-05-28 00:17:09 +02:00			`}`