Fix some small issues and remove hardcoded version of PHP

conf/homeserver.yaml

@@ -184,7 +184,7 @@ listeners:
   # will also need to give Synapse a TLS key and certificate: see the TLS section
   # below.)
   #
-  - port: __TURNSERVER_TLS_PORT__
+  - port: __SYNAPSE_TLS_PORT__
     type: http
     tls: true
     resources:

conf/nginx.conf

@@ -8,7 +8,7 @@ location __PATH__ {
         location __PATH__/cas_server.php {
             alias /var/www/__APP__/;
             fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-            fastcgi_pass unix:/run/php7.0-fpm-__NAME__.sock;
+            fastcgi_pass unix:/run/php__PHPVERSION__-fpm-__NAME__.sock;
             include fastcgi_params;
             fastcgi_param REMOTE_USER $remote_user;
             fastcgi_param PATH_INFO $fastcgi_path_info;

conf/php-fpm.conf

@@ -30,7 +30,7 @@ group = matrix-__USER__
 ;                            specific port;
 ;   '/path/to/unix/socket' - to listen on a unix socket.
 ; Note: This value is mandatory.
-listen = /run/php7.0-fpm-__NAMETOCHANGE__.sock
+listen = /run/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
 
 ; Set listen(2) backlog. A value of '-1' means unlimited.
 ; Default Value: 128 (-1 on FreeBSD and OpenBSD)

scripts/change_url

@@ -120,7 +120,7 @@ ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
 
 ynh_script_progression --message="Configuring permissions..." --weight=1
 ynh_permission_url --permission=server_api --clear_urls
-ynh_permission_url --permission=server_api --url=/_matrix --additional_urls=$server_name/.well-known/matrix \
+ynh_permission_url --permission=server_api --url=$domain/_matrix --additional_urls=$server_name/.well-known/matrix \
 
 #=================================================
 # RELOAD SERVICES

scripts/install

@@ -341,10 +341,10 @@ ynh_add_config --template="../sources/update_synapse_for_appservice.sh" --destin
 #=================================================
 ynh_script_progression --message="Configuring permissions..." --weight=1
 
-ynh_permission_url --permission=main --url=/_matrix/cas_server.php/login --auth_header=true
+ynh_permission_url --permission=main --url=$domain/_matrix/cas_server.php/login --auth_header=true
 ynh_permission_update --permission=main --label="Synapse server SSO authentication" --show_tile=false --protected=true
 
-ynh_permission_create --permission=server_api --url=/_matrix --additional_urls=$server_name/.well-known/matrix \
+ynh_permission_create --permission=server_api --url=$domain/_matrix --additional_urls=$server_name/.well-known/matrix \
                       --label="Server access for client apps." --show_tile=false --allowed=visitors \
                       --auth_header=false --protected=true
 

scripts/remove

@@ -76,13 +76,6 @@ ynh_script_progression --message="Removing dependencies" --weight=15
 # Remove metapackage and its dependencies
 ynh_remove_app_dependencies
 
-#=================================================
-# SETUP SSOWAT
-#=================================================
-
-# Remove the skipped url
-python3 ../conf/remove_sso_conf.py $domain $server_name
-
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================

scripts/remove_sso_conf_persistent.py

@@ -1,21 +1,39 @@
 import json
 import sys
 
-domain = sys.argv[1]
-server_name = sys.argv[2]
-
 with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
     data = json.load(jsonFile)
 
     for domain in ("", sys.argv[1], sys.argv[2]):
         for path in ("/_matrix", "/.well-known/matrix/", "/_matrix/cas_server.php/login"):
-            for l in (data["skipped_urls"],
-                      data["protected_urls"],
-                      data["permissions"]["custom_protected"]["uris"],
-                      data["permissions"]["custom_skipped"]["uris"]):
             url = domain + path
-            while url in l:
+            try:
-                l.remove(url)
+                uri_list = data["skipped_urls"]
+                while url in uri_list:
+                    uri_list.remove(url)     
+            except:
+                pass
+
+            try:
+                uri_list = data["protected_urls"]
+                while url in uri_list:
+                    uri_list.remove(url)     
+            except:
+                pass
+
+            try:
+                uri_list = data["permissions"]["custom_protected"]["uris"]
+                while url in uri_list:
+                    uri_list.remove(url)     
+            except:
+                pass
+
+            try:
+                uri_list = data["permissions"]["custom_skipped"]["uris"]
+                while url in uri_list:
+                    uri_list.remove(url)     
+            except:
+                pass
 
 with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
     jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

scripts/restore

@@ -73,6 +73,16 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=70
 # For any update do it in all files
 ynh_install_app_dependencies $dependances
 
+#=================================================
+# RECREATE THE DEDICATED USER
+#=================================================
+ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
+
+# Create the dedicated user (if not existing)
+ynh_system_user_create --username=$synapse_user --home_dir=$data_path
+adduser $synapse_user ssl-cert
+adduser turnserver ssl-cert
+
 #=================================================
 # RESTORE ALL CONFIG AND DATA
 #=================================================
@@ -93,18 +103,6 @@ install_sources
 ynh_script_progression --message="Reload fail2ban..." --weight=6
 ynh_systemd_action --action=restart --service_name=fail2ban
 
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$synapse_user --home_dir=$data_path
-adduser $synapse_user ssl-cert
-adduser turnserver ssl-cert
-
 #=================================================
 # RESTORE THE POSTGRESQL DATABASE
 #=================================================
@@ -181,14 +179,12 @@ public_ip6="$(curl ipv6.yunohost.org)" || true
 turn_external_ip=""
 if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
 then
-    turn_external_ip+="
+    turn_external_ip+="\nexternal-ip=$public_ip4"
-external-ip=$public_ip4"
 fi
 
 if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
 then
-    turn_external_ip+="
+    turn_external_ip+="\nexternal-ip=$public_ip6"
-external-ip=$public_ip6"
 fi
 
 ynh_add_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
@@ -217,6 +213,7 @@ ynh_use_logrotate --logfile /var/log/matrix-$app
 
 # WARNING : theses command are used in INSTALL, UPGRADE, RESTORE (3 times)
 # For any update do it in all files
+ynh_script_progression --message="Configuring file permission..."
 chown $synapse_user:root -R $final_path
 chmod 770 $final_path/Coturn_config_rotate.sh
 chmod 700 $final_path/update_synapse_for_appservice.sh
@@ -264,7 +261,7 @@ ynh_send_readme_to_admin --app_message="mail_to_send" --type="restore"
 #=================================================
 ynh_script_progression --message="Reloading nginx web server..."
 
-systemctl reload php7.0-fpm
+ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
 ynh_systemd_action --service_name=nginx --action=reload
 
 #=================================================

scripts/upgrade

@@ -338,14 +338,12 @@ public_ip6="$(curl ipv6.yunohost.org)" || true
 turn_external_ip=""
 if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
 then
-    turn_external_ip+="
+    turn_external_ip+="\nexternal-ip=$public_ip4"
-external-ip=$public_ip4"
 fi
 
 if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
 then
-    turn_external_ip+="
+    turn_external_ip+="\nexternal-ip=$public_ip6"
-external-ip=$public_ip6"
 fi
 
 ynh_add_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
@@ -404,13 +402,13 @@ ynh_permission_url --permission=main --url=$domain/_matrix/cas_server.php/login
 ynh_permission_update --permission=main --label="Synapse server SSO authentication" --show_tile=false --protected=true
 
 if ! ynh_permission_exists --permission=server_api; then
-    ynh_permission_create --permission=server_api --url=/_matrix --additional_urls=$server_name/.well-known/matrix \
+    ynh_permission_create --permission=server_api --url=$domain/_matrix --additional_urls=$server_name/.well-known/matrix \
                           --label="Server access for client apps." --show_tile=false --allowed=visitors \
                           --auth_header=false --protected=true
     python3 remove_sso_conf_persistent.py $domain $server_name \
         || ynh_print_warn --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. The config file wasn't cleaned. Please clean it manually."
 else
-    ynh_permission_url --permission=server_api --url=/_matrix --additional_urls=$server_name/.well-known/matrix \
+    ynh_permission_url --permission=server_api --url=$domain/_matrix --add_url=$server_name/.well-known/matrix \
                        --auth_header=false
     ynh_permission_update --permission=server_api --label="Server access for client apps." --show_tile=false \
                           --protected=true