YunoHost-Apps/synapse_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Code Issues Activity Actions

v2

Browse source
This commit is contained in:
Éric Gaspar 2023-06-06 22:57:06 +02:00
parent 05f2b3e496
commit 1549e423aa
18 changed files with 139 additions and 785 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
actions.toml
View file

@ -1,33 +0,0 @@
[update_turnserver_ip]
name = "Update turnserver ip"
command = "/opt/yunohost/matrix-$YNH_APP_INSTANCE_NAME/Coturn_config_rotate.sh"
user = "root"
accepted_return_codes = [0]
description = "Update the ip in the turnserver config"
[open_turnserver_firewall_ports]
name = "Open ports for turnserver"
command = "yunohost firewall allow Both 49153:49193"
user = "root"
accepted_return_codes = [0]
description = "Open the ports range 49153:49193 with TCP and UDP to be able to use correctly the turnserver."
[close_turnserver_firewall_ports]
name = "Close ports for turnserver"
command = "yunohost firewall disallow Both 49153:49193"
user = "root"
accepted_return_codes = [0]
description = "Close the ports range 49153:49193 with TCP and UDP. (Undo \"Open ports for turnserver\" action)"
[set_admin_user]
name = "Set a user as admin"
command = "[[ \"$(su --command=\"psql matrix_synapse\" postgres <<< \"UPDATE users SET admin = 1 WHERE name = '@$YNH_ACTION_USERNAME:$(yunohost app setting $YNH_APP_INSTANCE_NAME server_name)'\")\" == 'UPDATE 1' ]]"
user = "root"
accepted_return_codes = [0]
description = "Set a synapse user as admin in the synapse server. It is mainly required to manage the community function."
[set_admin_user.arguments]
[set_admin_user.arguments.username]
type = "string"
ask = "username of the user to set as admin"
example = "bob"

4
conf/extra_php-fpm.conf Normal file
View file

@ -0,0 +1,4 @@
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 10M
php_admin_value[post_max_size] = 10M

10
conf/homeserver.yaml
View file

@ -285,7 +285,7 @@ listeners:
# will also need to give Synapse a TLS key and certificate: see the TLS section
# below.)
#
- port: __SYNAPSE_TLS_PORT__
- port: __PORT_SYNAPSE_TLS__
type: http
tls: true
resources:
@ -801,9 +801,9 @@ database:
name: psycopg2
#txn_limit: 10000
args:
user: __SYNAPSE_DB_USER__
password: __SYNAPSE_DB_PWD__
database: __SYNAPSE_DB_NAME__
user: __DB_USER__
password: __DB_PWD__
database: __DB_NAME__
host: localhost
port: 5432
cp_min: 5
@ -1178,7 +1178,7 @@ oembed:
# The public URIs of the TURN server to give to clients
#
turn_uris: [ "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=udp", "turn:__DOMAIN__:__TURNSERVER_TLS_PORT__?transport=tcp" ]
turn_uris: [ "turn:__DOMAIN__:__PORT_TURNSERVER_TLS__?transport=udp", "turn:__DOMAIN__:__PORT_TURNSERVER_TLS__?transport=tcp" ]
# The shared secret used to compute passwords for the TURN server
#

392
conf/php-fpm.conf
View file

@ -1,392 +0,0 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = matrix-__USER__
group = matrix-__USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /run/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; priority = -19
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 1
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 2
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: ouput header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = /var/www/__NAMETOCHANGE__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

2
conf/server_name.conf
View file

@ -1,5 +1,5 @@
location /.well-known/matrix/server {
return 200 '{"m.server": "__DOMAIN__:__SYNAPSE_TLS_PORT__"}';
return 200 '{"m.server": "__DOMAIN__:__PORT_SYNAPSE_TLS__"}';
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin '*';
}

6
conf/turnserver.conf
View file

@ -3,11 +3,11 @@ use-auth-secret
static-auth-secret=__TURNSERVER_PWD__
realm=__DOMAIN__
tls-listening-port=__TURNSERVER_TLS_PORT__
alt-tls-listening-port=__TURNSERVER_ALT_TLS_PORT__
tls-listening-port=__PORT_TURNSERVER_TLS__
alt-tls-listening-port=__PORT_TURNSERVER_ALT_TLS__
min-port=49153
max-port=49193
cli-port=__CLI_PORT__
cli-port=__PORT_CLI__
cert=/etc/yunohost/certs/__DOMAIN__/crt.pem
pkey=/etc/yunohost/certs/__DOMAIN__/key.pem

2
conf/virtualenv_activate
View file

@ -37,7 +37,7 @@ deactivate () {
# unset irrelevant variables
deactivate nondestructive
VIRTUAL_ENV="__FINAL_PATH__"
VIRTUAL_ENV="__INSTALL_DIR__"
export VIRTUAL_ENV
_OLD_VIRTUAL_PATH="$PATH"

0
doc/DISCLAIMER.md → doc/ADMIN.md
View file

7
doc/POST_INSTALL.md Normal file
View file

@ -0,0 +1,7 @@
To federate this app you need to add this line in your DNS configuration:
` _matrix._tcp.$domain. 3600 IN SRV 10 0 $port_synapse_tls $domain`
You also need to open the TCP port $port_synapse_tls on your ISP box if it's not automatically done.
Your Synapse server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/synapse_ynh .

69
manifest.json
View file

@ -1,69 +0,0 @@
{
"name": "Synapse",
"id": "synapse",
"packaging_format": 1,
"description": {
"en": "Instant messaging server which uses Matrix",
"fr": "Serveur de messagerie instantané basé sur Matrix"
},
"version": "1.84.1~ynh2",
"url": "http://matrix.org",
"license": "Apache-2.0",
"maintainer": {
"name": "Josué Tille",
"email": "josue@tille.ch"
},
"upstream": {
"license": "Apache-2.0",
"website": "https://matrix.org/",
"code": "https://github.com/matrix-org/synapse"
},
"requirements": {
"yunohost": ">= 11.0.11"
},
"multi_instance": true,
"services": [
"nginx"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain"
},
{
"name": "server_name",
"type": "string",
"ask": {
"en": "If your Synapse domain is a subdomain, you can choose a name for your Synapse server to have your Matrix user-ids looking like @user:domain.org instead of @user:synapse.domain.org",
"fr": "Si votre domaine pour Synapse est un sous-domaine, vous pouvez choisir un nom pour votre serveur Synapse afin que vos identifiants Matrix soient @utilisateur:domain.org plutôt que @utilisateur:synapse.domain.org"
},
"example": "domain.org",
"default": "Same than the domain"
},
{
"name": "is_free_registration",
"type": "boolean",
"ask": {
"en": "Is it a server with free registration?",
"fr": "Est-ce un serveur avec création de compte libre ?"
},
"default": false,
"help": {
"en": "A public server means that anybody will be able to register on this server.",
"fr": "Un serveur public signifie que n'importe qui pourra s'enregistrer sur ce serveur."
}
},
{
"name": "jitsi_server",
"type": "string",
"ask": {
"en": "Jitsi server address for conferencing?",
"fr": "Adresse du serveur Jitsi pour les conférences ?"
},
"example": "domain.org",
"default": "jitsi.riot.im"
}
]
}
}

46
manifest.toml
View file

@ -13,22 +13,20 @@ maintainers = ["Josué Tille"]
license = "Apache-2.0"
website = "https://matrix.org/"
code = "https://github.com/matrix-org/synapse"
cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)
fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin.
cpe = "cpe:2.3:a:matrix:synapse"
[integration]
yunohost = ">= 11.0.11"
architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
yunohost = ">= 11.1.19"
architectures = "all"
multi_instance = true
ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials.
sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal.
disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ...
ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
ldap = "not_relevant"
sso = "not_relevant"
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
[install]
[install.domain]
# this is a generic question - ask strings are automatically handled by Yunohost's core
type = "domain"
full_domain = true
@ -64,9 +62,37 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.84.1/matrix-synapse_1.84.1-bullseye-bin1_armv7l.tar.gz"
sha256 = "70ea244b3527ccaaba5384106078c60ef1482b104924311af02406bd52eebf3c"
[resources.system_user]
main.default = 8008
synapse_tls.default = 8448
synapse_tls.exposed = "TCP"
turnserver_tls.default = 5349
turnserver_tls.exposed = "Both"
turnserver_alt_tls.default = 5350
turnserver_alt_tls.exposed = "Both"
cli.default = 5766
[resources.system_user]
[resources.install_dir]
dir = "/opt/yunohost/matrix-__APP__"
[resources.permissions]
main.url = "__DOMAIN__/_matrix/cas_server.php/login"
main.show_tile=false
main.auth_header = true
server_api.url = "__DOMAIN__/_matrix"
server_api.allowed = "visitors"
server_api.show_tile = false
server_api.auth_header = false
server_api.protected = true
admin_api.url = "__DOMAIN__/_synapse"
admin_api.allowed = "visitors"
admin_api.show_tile = false
admin_api.auth_header = false
[resources.apt]
packages = "coturn build-essential python3-dev libffi-dev python3-pip python3-setuptools sqlite3 libssl-dev python3-venv libxml2-dev libxslt1-dev python3-lxml zlib1g-dev libjpeg-dev libpq-dev postgresql acl"
[resources.database]
type = "postgresql"

24
scripts/_common.sh
View file

@ -1,18 +1,16 @@
dependances="coturn build-essential python3-dev libffi-dev python3-pip python3-setuptools sqlite3 libssl-dev python3-venv libxml2-dev libxslt1-dev python3-lxml zlib1g-dev libjpeg-dev libpq-dev postgresql acl"
python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)"
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
install_sources() {
# Install/upgrade synapse in virtualenv
# Clean venv is it was on python2.7 or python3 with old version in case major upgrade of debian
if [ ! -e $install_dir/bin/python3 ] || [ ! -e $install_dir/lib/python$python_version ]; then
#REMOVEME? ynh_secure_remove --file=$install_dir/bin
#REMOVEME? ynh_secure_remove --file=$install_dir/lib
#REMOVEME? ynh_secure_remove --file=$install_dir/lib64
#REMOVEME? ynh_secure_remove --file=$install_dir/include
#REMOVEME? ynh_secure_remove --file=$install_dir/share
#REMOVEME? ynh_secure_remove --file=$install_dir/pyvenv.cfg
ynh_secure_remove --file=$install_dir/bin
ynh_secure_remove --file=$install_dir/lib
ynh_secure_remove --file=$install_dir/lib64
ynh_secure_remove --file=$install_dir/include
ynh_secure_remove --file=$install_dir/share
ynh_secure_remove --file=$install_dir/pyvenv.cfg
fi
mkdir -p $install_dir
@ -21,10 +19,10 @@ install_sources() {
if [ -n "$(uname -m | grep arm)" ]
then
# Clean old file, sometimes it could make some big issues if we don't do this!!
#REMOVEME? ynh_secure_remove --file=$install_dir/bin
#REMOVEME? ynh_secure_remove --file=$install_dir/lib
#REMOVEME? ynh_secure_remove --file=$install_dir/include
#REMOVEME? ynh_secure_remove --file=$install_dir/share
ynh_secure_remove --file=$install_dir/bin
ynh_secure_remove --file=$install_dir/lib
ynh_secure_remove --file=$install_dir/include
ynh_secure_remove --file=$install_dir/share
ynh_setup_source --dest_dir=$install_dir/ --source_id="armv7_$(lsb_release --codename --short)"
@ -37,7 +35,7 @@ install_sources() {
else
# Install virtualenv if it don't exist
#REMOVEME? test -e $install_dir/bin/python3 || python3 -m venv $install_dir
test -e $install_dir/bin/python3 || python3 -m venv $install_dir
# Install synapse in virtualenv

30
scripts/backup
View file

@ -10,24 +10,10 @@ source ../settings/scripts/_common.sh
source ../settings/scripts/experimental_helper.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
#REMOVEME? ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
#REMOVEME? ynh_print_info --message="Loading installation settings..."
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? server_name=$(ynh_app_setting_get --app=$app --key=server_name)
#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
#REMOVEME? phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
ynh_print_info --message="Loading installation settings..."
if [[ ! "$(systemctl status matrix-$app.service)" =~ "Active: inactive (dead)" ]]; then
ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service with this command before to run the backup 'systemctl stop matrix-$app.service'"
@ -67,17 +53,12 @@ ynh_backup --src_path="$final_www_path"
ynh_backup --src_path "/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
if yunohost --output-as plain domain list | grep -q "^$server_name$"
then
ynh_backup --src_path="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
fi
#=================================================
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_psql_dump_db --database="$synapse_db_name" > ${YNH_CWD}/dump.sql
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
@ -121,6 +102,13 @@ ynh_backup --src_path="/var/log/matrix-$app" --is_big=1
# Copy hook
ynh_backup --src_path "/etc/yunohost/hooks.d/post_cert_update/50-$app"
#=================================================
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================

116
scripts/install
View file

@ -10,17 +10,6 @@ source _common.sh
source experimental_helper.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
#REMOVEME? ynh_clean_setup () {
# Clean installation remainings that are not handled by the remove script.
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
#REMOVEME? ynh_abort_if_errors
#=================================================
# SET CONSTANTS
#=================================================
@ -28,9 +17,9 @@ source /usr/share/yunohost/helpers
synapse_user="matrix-$app"
synapse_user_app="$app"
synapse_user_app_pwd="$(ynh_string_random --length=30)"
synapse_db_name="matrix_$app"
synapse_db_user="matrix_$app"
synapse_db_name="matrix_$app"
#synapse_db_name="matrix_$app"
#synapse_db_user="matrix_$app"
#synapse_db_name="matrix_$app"
upstream_version=$(ynh_app_upstream_version)
report_stats="false"
allow_public_rooms="false"
@ -43,7 +32,7 @@ domain_whitelist_client=${domain_whitelist_client_%"\n"}
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
#REMOVEME? domain=$YNH_APP_ARG_DOMAIN
#REMOVEME? server_name=$YNH_APP_ARG_SERVER_NAME
#REMOVEME? is_free_registration=$YNH_APP_ARG_IS_FREE_REGISTRATION
#REMOVEME? jitsi_server=$YNH_APP_ARG_JITSI_SERVER
@ -60,11 +49,9 @@ fi
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
#REMOVEME? ynh_script_progression --message="Validating installation parameters..." --weight=2
test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die --message="$domain is not available as domain, please use an other domain."
ynh_script_progression --message="Validating installation parameters..." --weight=2
# Check Final Path availability
#REMOVEME? test ! -e "$install_dir" || ynh_die --message="This path already contains a folder"
test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die --message="$domain is not available as domain, please use an other domain."
if [ -e "$data_path" ]; then
old_data_dir_path="$data_path$(date '+%Y%m%d.%H%M%S')"
@ -77,12 +64,9 @@ fi
#=================================================
#REMOVEME? ynh_script_progression --message="Storing installation settings..." --weight=1
#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain
#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path
ynh_app_setting_set --app=$app --key=no_sso --value true
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server
#REMOVEME? ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
ynh_app_setting_set --app=$app --key=synapse_version --value=$upstream_version
ynh_app_setting_set --app=$app --key=is_free_registration --value=$is_free_registration
#REMOVEME? ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats
@ -90,32 +74,6 @@ ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_ro
ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
ynh_app_setting_set --app=$app --key=synapse_user_app_pwd --value=$synapse_user_app_pwd
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Configuring firewall..." --weight=19
# Find a free port
#REMOVEME? synapse_tls_port=$(ynh_find_port --port=8448)
#REMOVEME? port=$(ynh_find_port --port=8008)
#REMOVEME? turnserver_tls_port=$(ynh_find_port --port=5349)
#REMOVEME? turnserver_alt_tls_port=$(ynh_find_port --port=$((turnserver_tls_port+1)))
#REMOVEME? cli_port=$(ynh_find_port --port=5766)
# Open this port
ynh_exec_warn_less yunohost firewall allow TCP $synapse_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
# Store opened ports
#REMOVEME? ynh_app_setting_set --app=$app --key=synapse_port --value=$port
#REMOVEME? ynh_app_setting_set --app=$app --key=synapse_tls_port --value=$synapse_tls_port
#REMOVEME? ynh_app_setting_set --app=$app --key=turnserver_tls_port --value=$turnserver_tls_port
#REMOVEME? ynh_app_setting_set --app=$app --key=turnserver_alt_tls_port --value=$turnserver_alt_tls_port
#REMOVEME? ynh_app_setting_set --app=$app --key=cli_port --value=$cli_port
#=================================================
# CREATE A DH FILE
#=================================================
@ -132,21 +90,12 @@ then
chmod 640 /etc/ssl/private/dh2048.pem
fi
#=================================================
# INSTALL DEPENDENCIES
#=================================================
#REMOVEME? ynh_script_progression --message="Installing dependencies..." --weight=80
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
#REMOVEME? ynh_exec_warn_less ynh_install_app_dependencies $dependances
#=================================================
# CREATE DEDICATED USER
#=================================================
#REMOVEME? ynh_script_progression --message="Configuring system user..." --weight=3
ynh_script_progression --message="Configuring system user..." --weight=3
#REMOVEME? ynh_system_user_create --username=$synapse_user --home_dir=$install_dir
ynh_system_user_create --username=$synapse_user --home_dir=$install_dir
# The format to create an user account varies depending on the version of YunoHost currently installed.
ynh_current_version=$(dpkg-query --showformat='${Version}' --show yunohost)
if $(dpkg --compare-versions "$ynh_current_version" ge "11.1"); then
@ -160,14 +109,8 @@ adduser turnserver ssl-cert
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
#REMOVEME? ynh_script_progression --message="Creating a PostgreSQL database..." --weight=4
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=4
synapse_db_pwd=$(ynh_string_random --length=30)
#REMOVEME? ynh_app_setting_set --app=$app --key=synapse_db_pwd --value=$synapse_db_pwd
# Create postgresql database
#REMOVEME? ynh_psql_test_if_first_run
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
ynh_psql_execute_as_root \
--sql="CREATE DATABASE $synapse_db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $synapse_db_user;"
@ -248,7 +191,8 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated php-fpm config
ynh_script_progression --message="Configuring application..."
ynh_add_fpm_config
ynh_add_fpm_config --usage=low --footprint=low
# Create .well-known redirection for access by federation
if yunohost --output-as plain domain list | grep -q "^$server_name$"
@ -335,19 +279,10 @@ ynh_add_config --template="../sources/update_synapse_for_appservice.sh" --destin
#=================================================
# SETUP PERMISSIONS
#=================================================
#REMOVEME? ynh_script_progression --message="Configuring permissions..." --weight=1
ynh_script_progression --message="Configuring permissions..." --weight=1
ynh_permission_url --permission=main --url=$domain/_matrix/cas_server.php/login --auth_header=true
#REMOVEME? ynh_permission_update --permission=main --show_tile=false --protected=true
#REMOVEME? ynh_permission_create --permission=server_api --url=$domain/_matrix \
--label="Server access for client apps." --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
#REMOVEME? ynh_permission_create --permission=admin_api --url=$domain/_synapse \
--label="Server administration API." --show_tile=false \
--auth_header=false --allowed=visitors
if yunohost --output-as plain domain list | grep -q "^$server_name$"; then
#REMOVEME? ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
fi
@ -403,31 +338,6 @@ ynh_script_progression --message="Configuring Fail2Ban..." --weight=10
ynh_add_fail2ban_config --use_template
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
# WARNING : theses command are used in INSTALL, RESTORE
# For any update do it in all files
echo "If your server name is identical to the domain on which synapse is installed, and the default port 8448 is used, your server is normally already accessible by the federation.
If not, you may need to put the following line in the dns configuration:
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
For more details, see : https://github.com/matrix-org/synapse#setting-up-federation
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
Your synapse server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/synapse_ynh .
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh
You also need a valid TLS certificate for the domain used by synapse. To do that you can refer to the documentation here : https://yunohost.org/#/certificate_en" > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --type="install"
#=================================================
# END OF SCRIPT
#=================================================

60
scripts/remove
View file

@ -10,29 +10,15 @@ source _common.sh
source experimental_helper.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=3
#REMOVEME? app=$YNH_APP_INSTANCE_NAME
#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
#REMOVEME? server_name=$(ynh_app_setting_get --app=$app --key=server_name)
#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
#REMOVEME? synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
#REMOVEME? turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
#REMOVEME? turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
#=================================================
# SET CONSTANTS
#=================================================
synapse_user="matrix-$app"
synapse_user_app="$app"
synapse_db_name="matrix_$app"
synapse_db_user="matrix_$app"
synapse_db_name="matrix_$app"
#synapse_db_name="matrix_$app"
#synapse_db_user="matrix_$app"
#synapse_db_name="matrix_$app"
upstream_version=$(ynh_app_upstream_version)
final_www_path="/var/www/$app"
@ -61,28 +47,11 @@ ynh_script_progression --message="Stopping and removing the systemd service" --w
ynh_remove_systemd_config --service=matrix-$app
ynh_remove_systemd_config --service=coturn-$app
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
#REMOVEME? ynh_script_progression --message="Removing the PostgreSQL database" --weight=2
# Remove a database if it exists, along with the associated user
#REMOVEME? ynh_psql_remove_db --db_user=$synapse_db_name --db_name=$synapse_db_user
#=================================================
# REMOVE DEPENDENCIES
#=================================================
#REMOVEME? ynh_script_progression --message="Removing dependencies" --weight=15
# Remove metapackage and its dependencies
#REMOVEME? ynh_remove_app_dependencies
#=================================================
# REMOVE APP MAIN DIR
#=================================================
#REMOVEME? ynh_script_progression --message="Removing app main directory" --weight=2
ynh_script_progression --message="Removing app main directory" --weight=2
#REMOVEME? ynh_secure_remove --file=$install_dir
ynh_secure_remove --file=$final_www_path
ynh_secure_remove --file=/var/log/matrix-$app
ynh_secure_remove --file=/etc/matrix-$app
@ -109,23 +78,6 @@ ynh_script_progression --message="Removing logrotate configuration" --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# CLOSE A PORT
#=================================================
closeport() {
local port=$1
if yunohost firewall list | grep -q "\- $port$"
then
ynh_script_progression --message="Closing port $port"
ynh_exec_warn_less yunohost firewall disallow Both $port
fi
}
closeport $synapse_tls_port
closeport $turnserver_tls_port
closeport $turnserver_alt_tls_port
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
@ -139,10 +91,10 @@ ynh_remove_fail2ban_config
#=================================================
# REMOVE DEDICATED USER
#=================================================
#REMOVEME? ynh_script_progression --message="Removing the dedicated system user" --weight=1
ynh_script_progression --message="Removing the dedicated system user" --weight=1
# Delete a system user
#REMOVEME? ynh_system_user_delete --username=$synapse_user
ynh_system_user_delete --username=$synapse_user
yunohost user delete $synapse_user_app
#=================================================

103
scripts/restore
View file

@ -11,17 +11,6 @@ source ../settings/scripts/_common.sh
source ../settings/scripts/experimental_helper.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
#REMOVEME? ynh_clean_setup () {
# Clean installation remainings that are not handled by the remove script.
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
#REMOVEME? ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
@ -54,25 +43,6 @@ upstream_version=$(ynh_app_upstream_version)
final_www_path="/var/www/$app"
data_path="/home/yunohost.app/matrix-$app"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." --weight=2
#REMOVEME? test ! -d $install_dir \
|| ynh_die --message="There is already a directory: $install_dir "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=70
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
#REMOVEME? ynh_exec_warn_less ynh_install_app_dependencies $dependances
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
@ -106,25 +76,32 @@ install_sources
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Reload Fail2Ban..." --weight=6
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
#REMOVEME? ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=13
# ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=13
#REMOVEME? ynh_psql_test_if_first_run
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
ynh_psql_execute_as_root \
--sql="CREATE DATABASE $synapse_db_name
ENCODING 'UTF8'
LC_COLLATE='C'
LC_CTYPE='C'
template=template0
OWNER $synapse_db_user;"
ynh_psql_execute_file_as_root --file="${YNH_CWD}/dump.sql" --database="$synapse_db_name"
# #REMOVEME? ynh_psql_test_if_first_run
# ynh_psql_create_user $synapse_db_user $synapse_db_pwd
# ynh_psql_execute_as_root \
# --sql="CREATE DATABASE $synapse_db_name
# ENCODING 'UTF8'
# LC_COLLATE='C'
# LC_CTYPE='C'
# template=template0
# OWNER $synapse_db_user;"
# ynh_psql_execute_file_as_root --file="${YNH_CWD}/dump.sql" --database="$synapse_db_name"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
@ -165,12 +142,6 @@ ynh_script_progression --message="Reconfiguring Coturn..." --weight=23
# To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config
# Retrieve specific settings
#REMOVEME? turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
#REMOVEME? turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
#REMOVEME? cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
#REMOVEME? turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
# WARNING : these commands are used in INSTALL, UPGRADE
# For any update do it in all files
@ -192,15 +163,6 @@ fi
ynh_add_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
#=================================================
# OPEN THE PORT
#=================================================
# Ouvre le port dans le firewall
ynh_exec_warn_less yunohost firewall allow TCP $synapse_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
#=================================================
# SETUP LOGROTATE
#=================================================
@ -236,35 +198,18 @@ chown $synapse_user:root -R $final_www_path
ynh_script_progression --message="Restarting Synapse services..." --weight=7
ynh_systemd_action --service_name=coturn-$app.service --action=restart
ynh_systemd_action --service_name=matrix-$app --action=restart --line_match="Synapse now listening on TCP port $synapse_tls_port" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
# WARNING : theses command are used in INSTALL, RESTORE
# For any update do it in all files
echo "To federate this app you need to add this line in your DNS configuration:
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
Your synapse server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/synapse_ynh .
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh" > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --type="restore"
ynh_systemd_action --service_name=matrix-$app --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
# Typically you only have either $app or php-fpm but not both at the same time...
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================

3
scripts/upgrade
View file

@ -329,7 +329,8 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
# Create a dedicated php-fpm config
ynh_script_progression --message="Configuring application..."
ynh_add_fpm_config
ynh_add_fpm_config --usage=low --footprint=low
# Create .well-known redirection for access by federation
if yunohost --output-as plain domain list | grep -q "^$server_name$"

17
tests.toml Normal file
View file

@ -0,0 +1,17 @@
test_format = 1.0
[default]
# -------------------------------
# Default args to use for install
# -------------------------------
args.is_free_registration=1
args.server_name="domain.tld"
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.00a1a6e7.name = "Upgrade from 5.4"
test_upgrade_from.00a1a6e7.args.foo = "bar"