mirror of
https://github.com/YunoHost-Apps/synapse_ynh.git
synced 2024-09-03 20:26:38 +02:00
Merge branch 'testing' into matrix_v2
This commit is contained in:
commit
1a39c329a7
21 changed files with 65 additions and 199 deletions
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**Shipped version:** 1.108.0~ynh1
|
**Shipped version:** 1.109.0~ynh1
|
||||||
## Documentation and resources
|
## Documentation and resources
|
||||||
|
|
||||||
- Official app website: <https://matrix.org/>
|
- Official app website: <https://matrix.org/>
|
||||||
|
|
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**Versión actual:** 1.108.0~ynh1
|
**Versión actual:** 1.109.0~ynh1
|
||||||
## Documentaciones y recursos
|
## Documentaciones y recursos
|
||||||
|
|
||||||
- Sitio web oficial: <https://matrix.org/>
|
- Sitio web oficial: <https://matrix.org/>
|
||||||
|
|
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**Paketatutako bertsioa:** 1.108.0~ynh1
|
**Paketatutako bertsioa:** 1.109.0~ynh1
|
||||||
## Dokumentazioa eta baliabideak
|
## Dokumentazioa eta baliabideak
|
||||||
|
|
||||||
- Aplikazioaren webgune ofiziala: <https://matrix.org/>
|
- Aplikazioaren webgune ofiziala: <https://matrix.org/>
|
||||||
|
|
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**Version incluse :** 1.108.0~ynh1
|
**Version incluse :** 1.109.0~ynh1
|
||||||
## Documentations et ressources
|
## Documentations et ressources
|
||||||
|
|
||||||
- Site officiel de l’app : <https://matrix.org/>
|
- Site officiel de l’app : <https://matrix.org/>
|
||||||
|
|
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**Versión proporcionada:** 1.108.0~ynh1
|
**Versión proporcionada:** 1.109.0~ynh1
|
||||||
## Documentación e recursos
|
## Documentación e recursos
|
||||||
|
|
||||||
- Web oficial da app: <https://matrix.org/>
|
- Web oficial da app: <https://matrix.org/>
|
||||||
|
|
|
@ -21,7 +21,7 @@ Instant messaging server matrix network.
|
||||||
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
|
||||||
|
|
||||||
|
|
||||||
**分发版本:** 1.108.0~ynh1
|
**分发版本:** 1.109.0~ynh1
|
||||||
## 文档与资源
|
## 文档与资源
|
||||||
|
|
||||||
- 官方应用网站: <https://matrix.org/>
|
- 官方应用网站: <https://matrix.org/>
|
||||||
|
|
|
@ -163,7 +163,7 @@ then
|
||||||
else
|
else
|
||||||
result="Failed"
|
result="Failed"
|
||||||
fi
|
fi
|
||||||
msg="Build: $app_name version $app_version\n"
|
msg="Build: $app_name version $app_version"
|
||||||
msg+="$(cat ${app_name}_build_temp.log)"
|
|
||||||
echo -e "$msg" | mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "Autoupgrade $app_name : $result" "$notify_email"
|
echo "$msg" | mail.mailutils --content-type="text/plain; charset=UTF-8" -A "${app_name}_build_temp.log" -s "Autoupgrade $app_name : $result" "$notify_email"
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -4,14 +4,14 @@ Automat==22.10.0
|
||||||
bcrypt==4.1.3
|
bcrypt==4.1.3
|
||||||
bleach==6.1.0
|
bleach==6.1.0
|
||||||
canonicaljson==2.0.0
|
canonicaljson==2.0.0
|
||||||
certifi==2024.2.2
|
certifi==2024.6.2
|
||||||
cffi==1.16.0
|
cffi==1.16.0
|
||||||
charset-normalizer==3.3.2
|
charset-normalizer==3.3.2
|
||||||
constantly==23.10.4
|
constantly==23.10.4
|
||||||
cryptography==42.0.7
|
cryptography==42.0.8
|
||||||
hyperlink==21.0.0
|
hyperlink==21.0.0
|
||||||
idna==3.7
|
idna==3.7
|
||||||
ijson==3.2.3
|
ijson==3.3.0
|
||||||
immutabledict==4.2.0
|
immutabledict==4.2.0
|
||||||
incremental==22.10.0
|
incremental==22.10.0
|
||||||
Jinja2==3.1.4
|
Jinja2==3.1.4
|
||||||
|
@ -21,27 +21,27 @@ ldap3==2.9.1
|
||||||
lxml==5.2.2
|
lxml==5.2.2
|
||||||
MarkupSafe==2.1.5
|
MarkupSafe==2.1.5
|
||||||
matrix-common==1.3.0
|
matrix-common==1.3.0
|
||||||
matrix-synapse==1.108.0
|
matrix-synapse==1.109.0
|
||||||
matrix-synapse-ldap3==0.3.0
|
matrix-synapse-ldap3==0.3.0
|
||||||
msgpack==1.0.8
|
msgpack==1.0.8
|
||||||
ndg-httpsclient==0.5.1
|
ndg-httpsclient==0.5.1
|
||||||
netaddr==1.3.0
|
netaddr==1.3.0
|
||||||
packaging==24.0
|
packaging==24.1
|
||||||
phonenumbers==8.13.37
|
phonenumbers==8.13.39
|
||||||
pillow==10.3.0
|
pillow==10.3.0
|
||||||
prometheus_client==0.20.0
|
prometheus_client==0.20.0
|
||||||
psycopg2==2.9.9
|
psycopg2==2.9.9
|
||||||
pyasn1==0.6.0
|
pyasn1==0.6.0
|
||||||
pyasn1_modules==0.4.0
|
pyasn1_modules==0.4.0
|
||||||
pycparser==2.22
|
pycparser==2.22
|
||||||
pydantic==2.7.2
|
pydantic==2.7.4
|
||||||
pydantic_core==2.18.3
|
pydantic_core==2.18.4
|
||||||
pymacaroons==0.13.0
|
pymacaroons==0.13.0
|
||||||
PyNaCl==1.5.0
|
PyNaCl==1.5.0
|
||||||
pyOpenSSL==24.1.0
|
pyOpenSSL==24.1.0
|
||||||
PyYAML==6.0.1
|
PyYAML==6.0.1
|
||||||
referencing==0.35.1
|
referencing==0.35.1
|
||||||
requests==2.32.2
|
requests==2.32.3
|
||||||
rpds-py==0.18.1
|
rpds-py==0.18.1
|
||||||
semantic-version==2.10.0
|
semantic-version==2.10.0
|
||||||
service-identity==24.1.0
|
service-identity==24.1.0
|
||||||
|
@ -51,8 +51,8 @@ six==1.16.0
|
||||||
sortedcontainers==2.4.0
|
sortedcontainers==2.4.0
|
||||||
treq==23.11.0
|
treq==23.11.0
|
||||||
Twisted==24.3.0
|
Twisted==24.3.0
|
||||||
typing_extensions==4.12.0
|
typing_extensions==4.12.2
|
||||||
unpaddedbase64==2.1.0
|
unpaddedbase64==2.1.0
|
||||||
urllib3==2.2.1
|
urllib3==2.2.2
|
||||||
webencodings==0.5.1
|
webencodings==0.5.1
|
||||||
zope.interface==6.4.post2
|
zope.interface==6.4.post2
|
||||||
|
|
|
@ -4,14 +4,14 @@ Automat==22.10.0
|
||||||
bcrypt==4.1.3
|
bcrypt==4.1.3
|
||||||
bleach==6.1.0
|
bleach==6.1.0
|
||||||
canonicaljson==2.0.0
|
canonicaljson==2.0.0
|
||||||
certifi==2024.2.2
|
certifi==2024.6.2
|
||||||
cffi==1.16.0
|
cffi==1.16.0
|
||||||
charset-normalizer==3.3.2
|
charset-normalizer==3.3.2
|
||||||
constantly==23.10.4
|
constantly==23.10.4
|
||||||
cryptography==42.0.7
|
cryptography==42.0.8
|
||||||
hyperlink==21.0.0
|
hyperlink==21.0.0
|
||||||
idna==3.7
|
idna==3.7
|
||||||
ijson==3.2.3
|
ijson==3.3.0
|
||||||
immutabledict==4.2.0
|
immutabledict==4.2.0
|
||||||
incremental==22.10.0
|
incremental==22.10.0
|
||||||
Jinja2==3.1.4
|
Jinja2==3.1.4
|
||||||
|
@ -21,27 +21,27 @@ ldap3==2.9.1
|
||||||
lxml==5.2.2
|
lxml==5.2.2
|
||||||
MarkupSafe==2.1.5
|
MarkupSafe==2.1.5
|
||||||
matrix-common==1.3.0
|
matrix-common==1.3.0
|
||||||
matrix-synapse==1.108.0
|
matrix-synapse==1.109.0
|
||||||
matrix-synapse-ldap3==0.3.0
|
matrix-synapse-ldap3==0.3.0
|
||||||
msgpack==1.0.8
|
msgpack==1.0.8
|
||||||
ndg-httpsclient==0.5.1
|
ndg-httpsclient==0.5.1
|
||||||
netaddr==1.3.0
|
netaddr==1.3.0
|
||||||
packaging==24.0
|
packaging==24.1
|
||||||
phonenumbers==8.13.37
|
phonenumbers==8.13.39
|
||||||
pillow==10.3.0
|
pillow==10.3.0
|
||||||
prometheus_client==0.20.0
|
prometheus_client==0.20.0
|
||||||
psycopg2==2.9.9
|
psycopg2==2.9.9
|
||||||
pyasn1==0.6.0
|
pyasn1==0.6.0
|
||||||
pyasn1_modules==0.4.0
|
pyasn1_modules==0.4.0
|
||||||
pycparser==2.22
|
pycparser==2.22
|
||||||
pydantic==2.7.2
|
pydantic==2.7.4
|
||||||
pydantic_core==2.18.3
|
pydantic_core==2.18.4
|
||||||
pymacaroons==0.13.0
|
pymacaroons==0.13.0
|
||||||
PyNaCl==1.5.0
|
PyNaCl==1.5.0
|
||||||
pyOpenSSL==24.1.0
|
pyOpenSSL==24.1.0
|
||||||
PyYAML==6.0.1
|
PyYAML==6.0.1
|
||||||
referencing==0.35.1
|
referencing==0.35.1
|
||||||
requests==2.32.2
|
requests==2.32.3
|
||||||
rpds-py==0.18.1
|
rpds-py==0.18.1
|
||||||
semantic-version==2.10.0
|
semantic-version==2.10.0
|
||||||
service-identity==24.1.0
|
service-identity==24.1.0
|
||||||
|
@ -52,8 +52,8 @@ sortedcontainers==2.4.0
|
||||||
tomli==2.0.1
|
tomli==2.0.1
|
||||||
treq==23.11.0
|
treq==23.11.0
|
||||||
Twisted==24.3.0
|
Twisted==24.3.0
|
||||||
typing_extensions==4.12.0
|
typing_extensions==4.12.2
|
||||||
unpaddedbase64==2.1.0
|
unpaddedbase64==2.1.0
|
||||||
urllib3==2.2.1
|
urllib3==2.2.2
|
||||||
webencodings==0.5.1
|
webencodings==0.5.1
|
||||||
zope.interface==6.4.post2
|
zope.interface==6.4.post2
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
lt-cred-mech
|
|
||||||
use-auth-secret
|
use-auth-secret
|
||||||
static-auth-secret={{ turnserver_pwd }}
|
static-auth-secret={{ turnserver_pwd }}
|
||||||
|
cli-password={{ turnserver_cli_pwd }}
|
||||||
realm={{ domain }}
|
realm={{ domain }}
|
||||||
|
|
||||||
tls-listening-port={{ port_turnserver_tls }}
|
tls-listening-port={{ port_turnserver_tls }}
|
||||||
|
|
|
@ -150,7 +150,7 @@ services = ["__APP__"]
|
||||||
|
|
||||||
[advanced]
|
[advanced]
|
||||||
name = "Advanced Settings"
|
name = "Advanced Settings"
|
||||||
services = ["matrix-__APP__"]
|
services = ["__APP__"]
|
||||||
|
|
||||||
# Disabled as it don't work any more on bookworm
|
# Disabled as it don't work any more on bookworm
|
||||||
#
|
#
|
||||||
|
@ -230,7 +230,7 @@ services = ["matrix-__APP__"]
|
||||||
name = "Security"
|
name = "Security"
|
||||||
|
|
||||||
[advanced.security.enable_dtls_for_audio_video_turn_call]
|
[advanced.security.enable_dtls_for_audio_video_turn_call]
|
||||||
ask = "Enable TLS/DTLS on Audio/Video coll"
|
ask = "Enable TLS/DTLS on Audio/Video call"
|
||||||
type = "boolean"
|
type = "boolean"
|
||||||
yes = "true"
|
yes = "true"
|
||||||
no = "false"
|
no = "false"
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
- Synapse consumes a significant amount of resources (both CPU and ARM), and therefore is not recommended for "small" setups such as small ARM boards
|
- Synapse consumes a significant amount of resources (both CPU and RAM), and therefore is not recommended for "small" setups such as small ARM boards
|
||||||
- During the install, the generation of Diffie-Hellman parameters may take a significant amount of time. You can speed things up by manually initializing them before running the install: `openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -dsaparam 2048`
|
- During the install, the generation of Diffie-Hellman parameters may take a significant amount of time. You can speed things up by manually initializing them before running the install: `openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -dsaparam 2048`
|
||||||
- The package uses a prebuilt python virtual environnement. The binary are taken from this repository: <https://github.com/YunoHost-Apps/synapse_python_build>. The script to build the binary is also available.
|
- The package uses a prebuilt python virtual environnement. The binary are taken from this repository: <https://github.com/YunoHost-Apps/synapse_python_build>. The script to build the binary is also available.
|
||||||
|
|
|
@ -5,7 +5,7 @@ name = "Synapse"
|
||||||
description.en = "Instant messaging server which uses Matrix"
|
description.en = "Instant messaging server which uses Matrix"
|
||||||
description.fr = "Serveur de messagerie instantané basé sur Matrix"
|
description.fr = "Serveur de messagerie instantané basé sur Matrix"
|
||||||
|
|
||||||
version = "1.108.0~ynh1"
|
version = "1.109.0~ynh1"
|
||||||
|
|
||||||
maintainers = ["Josué Tille"]
|
maintainers = ["Josué Tille"]
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@ cpe = "cpe:2.3:a:matrix:synapse"
|
||||||
fund = "https://matrix.org/support/#"
|
fund = "https://matrix.org/support/#"
|
||||||
|
|
||||||
[integration]
|
[integration]
|
||||||
yunohost = ">= 11.2.11"
|
yunohost = ">= 11.2.13"
|
||||||
architectures = ["amd64", "arm64"]
|
architectures = ["amd64", "arm64"]
|
||||||
multi_instance = true
|
multi_instance = true
|
||||||
ldap = true
|
ldap = true
|
||||||
|
@ -63,13 +63,13 @@ ram.runtime = "1G"
|
||||||
[resources]
|
[resources]
|
||||||
[resources.sources.synapse_prebuilt_armv7_bookworm]
|
[resources.sources.synapse_prebuilt_armv7_bookworm]
|
||||||
prefetch = false
|
prefetch = false
|
||||||
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.108.0/matrix-synapse_1.108.0-bookworm-bin1_armv7l.tar.gz"
|
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.109.0/matrix-synapse_1.109.0-bookworm-bin1_armv7l.tar.gz"
|
||||||
armhf.sha256 = "ceff2b044fede6a7294c3d85619e6bbbb8d6371260c3492e9194a59f6f3a9e59"
|
armhf.sha256 = "d80915247255433ddad2e8283361f9d4c13c4f10ac50bf0de4139231c4f8164b"
|
||||||
|
|
||||||
[resources.sources.synapse_prebuilt_armv7_bullseye]
|
[resources.sources.synapse_prebuilt_armv7_bullseye]
|
||||||
prefetch = false
|
prefetch = false
|
||||||
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.108.0/matrix-synapse_1.108.0-bullseye-bin1_armv7l.tar.gz"
|
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.109.0/matrix-synapse_1.109.0-bullseye-bin1_armv7l.tar.gz"
|
||||||
armhf.sha256 = "658c4134927facc4c7d87e712388600c2759bc32f31951311bb0589d0c6da4e5"
|
armhf.sha256 = "e1ff4c600fae6f9ccc7a7e758dbcefcf64e55e6f29eece75e903ea6b93f02e78"
|
||||||
|
|
||||||
[resources.sources.sliding_proxy]
|
[resources.sources.sliding_proxy]
|
||||||
prefetch = true
|
prefetch = true
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
readonly python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)"
|
readonly python_version="$(python3 -V | cut -d' ' -f2 | cut -d. -f1-2)"
|
||||||
readonly code_dir="/opt/yunohost/matrix-$app"
|
readonly code_dir="/opt/yunohost/matrix-$app"
|
||||||
readonly domain_whitelist_client="$(yunohost --output-as json domain list | jq -r '.domains | .[]')"
|
readonly domain_whitelist_client="$(yunohost --output-as json domain list | jq -r '.domains | .[]')"
|
||||||
readonly db_name_slidingproxy=${db_name}_slidingproxy
|
readonly db_name_slidingproxy="${db_name}"_slidingproxy
|
||||||
|
|
||||||
install_sources() {
|
install_sources() {
|
||||||
# Install/upgrade synapse in virtualenv
|
# Install/upgrade synapse in virtualenv
|
||||||
|
@ -80,7 +80,7 @@ configure_coturn() {
|
||||||
then
|
then
|
||||||
turn_external_ip+="$public_ip6"
|
turn_external_ip+="$public_ip6"
|
||||||
fi
|
fi
|
||||||
ynh_add_jinja_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
|
ynh_add_config --jinja --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
|
||||||
}
|
}
|
||||||
|
|
||||||
configure_nginx() {
|
configure_nginx() {
|
||||||
|
@ -117,6 +117,11 @@ ensure_vars_set() {
|
||||||
ynh_app_setting_set --app="$app" --key=turnserver_pwd --value="$turnserver_pwd"
|
ynh_app_setting_set --app="$app" --key=turnserver_pwd --value="$turnserver_pwd"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -z "${turnserver_cli_pwd:-}" ]; then
|
||||||
|
turnserver_cli_pwd=$(ynh_string_random --length=30)
|
||||||
|
ynh_app_setting_set --app="$app" --key=turnserver_cli_pwd --value="$turnserver_cli_pwd"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "${web_client_location:-}" ]
|
if [ -z "${web_client_location:-}" ]
|
||||||
then
|
then
|
||||||
web_client_location="https://matrix.to/"
|
web_client_location="https://matrix.to/"
|
||||||
|
@ -279,5 +284,6 @@ set_permissions() {
|
||||||
chmod 600 /etc/matrix-"$app"/"$server_name".signing.key
|
chmod 600 /etc/matrix-"$app"/"$server_name".signing.key
|
||||||
|
|
||||||
chown "$app":root -R /var/log/matrix-"$app"
|
chown "$app":root -R /var/log/matrix-"$app"
|
||||||
|
chmod u=rwX,g=rX,o= -R /var/log/matrix-"$app"
|
||||||
setfacl -R -m user:turnserver:rwX /var/log/matrix-"$app"
|
setfacl -R -m user:turnserver:rwX /var/log/matrix-"$app"
|
||||||
}
|
}
|
||||||
|
|
|
@ -72,7 +72,7 @@ ynh_backup --src_path="/etc/matrix-$app"
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||||
ynh_backup --src_path="/etc/systemd/system/$app-coturn.service"
|
ynh_backup --src_path="/etc/systemd/system/$app-coturn.service"
|
||||||
ynh_backup --src_path=/etc/systemd/system/$app-sliding-proxy.service
|
ynh_backup --src_path=/etc/systemd/system/"$app"-sliding-proxy.service
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP SYNAPSE DATA
|
# BACKUP SYNAPSE DATA
|
||||||
|
|
|
@ -32,7 +32,7 @@ ynh_script_progression --message="Updating Synapse config..." --weight=2
|
||||||
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
||||||
password_enabled=true
|
password_enabled=true
|
||||||
|
|
||||||
ynh_add_jinja_config --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
ynh_add_config --jinja --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
||||||
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -31,7 +31,7 @@ ynh_app_config_apply() {
|
||||||
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
||||||
password_enabled=true
|
password_enabled=true
|
||||||
|
|
||||||
ynh_add_jinja_config --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
ynh_add_config --jinja --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
||||||
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
||||||
set_permissions
|
set_permissions
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,135 +0,0 @@
|
||||||
# Create a dedicated config file from a jinja template
|
|
||||||
#
|
|
||||||
# usage: ynh_add_jinja_config --template="template" --destination="destination"
|
|
||||||
# | arg: -t, --template= - Template config file to use
|
|
||||||
# | arg: -d, --destination= - Destination of the config file
|
|
||||||
# | arg: -i, --ignore_vars= - List separated by space of script variables to ignore and don't pass in the jinja context.
|
|
||||||
# | This could be useful mainly for special share which can't be retried by reference name (like the array).
|
|
||||||
#
|
|
||||||
# examples:
|
|
||||||
# ynh_add_jinja_config --template="app.conf" --destination="$install_dir/app.conf"
|
|
||||||
# ynh_add_jinja_config --template="app-env" --destination="$install_dir/app-env" --ignore_vars="complex_array yolo"
|
|
||||||
#
|
|
||||||
# The template can be by default the name of a file in the conf directory
|
|
||||||
#
|
|
||||||
# The helper will verify the checksum and backup the destination file
|
|
||||||
# if it's different before applying the new template.
|
|
||||||
#
|
|
||||||
# And it will calculate and store the destination file checksum
|
|
||||||
# into the app settings when configuration is done.
|
|
||||||
#
|
|
||||||
##
|
|
||||||
## About the variables passed to the template:
|
|
||||||
##
|
|
||||||
#
|
|
||||||
# All variable defined in the script are available into the template (as string) except someone described below.
|
|
||||||
# If a variable make crash the helper for some reason (by example if the variable is of type array)
|
|
||||||
# or you just want to don't pass a specific variable for some other reason you can add it in the '--ignore_vars=' parameter as described above.
|
|
||||||
# Here are the list of ignored variable and so there won't never be available in the template:
|
|
||||||
# - All system environment variable like (TERM, USER, PATH, LANG, etc).
|
|
||||||
# If you need someone you just need to declare an other variable with the same value.
|
|
||||||
# Note that all Yunohost variable whose name begins by 'YNH_' are available and can be used in the template.
|
|
||||||
# - This following list:
|
|
||||||
# legacy_args args_array template destination ignore_vars template_path python_env_var ignore_var_regex
|
|
||||||
# progress_scale progress_string0 progress_string1 progress_string2
|
|
||||||
# old changed binds types file_hash formats
|
|
||||||
#
|
|
||||||
##
|
|
||||||
## Usage in templates:
|
|
||||||
##
|
|
||||||
#
|
|
||||||
# For a full documentation of the template you can refer to: https://jinja.palletsprojects.com/en/3.1.x/templates/
|
|
||||||
# In Yunohost context there are no really some specificity except that all variable passed are of type string.
|
|
||||||
# So here are some example of recommended usage:
|
|
||||||
#
|
|
||||||
# If you need a conditional block
|
|
||||||
#
|
|
||||||
# {% if should_my_block_be_shown == 'true' %}
|
|
||||||
# ...
|
|
||||||
# {% endif %}
|
|
||||||
#
|
|
||||||
# or
|
|
||||||
#
|
|
||||||
# {% if should_my_block_be_shown == '1' %}
|
|
||||||
# ...
|
|
||||||
# {% endif %}
|
|
||||||
#
|
|
||||||
# If you need to iterate with loop:
|
|
||||||
#
|
|
||||||
# {% for yolo in var_with_multiline_value.splitlines() %}
|
|
||||||
# ...
|
|
||||||
# {% endfor %}
|
|
||||||
#
|
|
||||||
# or
|
|
||||||
#
|
|
||||||
# {% for jail in my_var_with_coma.split(',') %}
|
|
||||||
# ...
|
|
||||||
# {% endfor %}
|
|
||||||
#
|
|
||||||
ynh_add_jinja_config() {
|
|
||||||
# Declare an array to define the options of this helper.
|
|
||||||
local legacy_args=tdi
|
|
||||||
local -A args_array=([t]=template= [d]=destination= [i]=ignore_vars= )
|
|
||||||
local template
|
|
||||||
local destination
|
|
||||||
local ignore_vars
|
|
||||||
# Manage arguments with getopts
|
|
||||||
ynh_handle_getopts_args "$@"
|
|
||||||
local template_path
|
|
||||||
|
|
||||||
#
|
|
||||||
## List of all vars ignored and not passed to the template
|
|
||||||
# WARNING Update the list on the helper documentation at the top of the helper, if you change this list
|
|
||||||
#
|
|
||||||
|
|
||||||
# local vars used in the helper
|
|
||||||
ignore_vars+=" legacy_args args_array template destination ignore_vars template_path python_env_var ignore_var_regex"
|
|
||||||
# yunohost helpers
|
|
||||||
ignore_vars+=" progress_scale progress_string0 progress_string1 progress_string2"
|
|
||||||
# Arrays used in config panel
|
|
||||||
ignore_vars+=" old changed binds types file_hash formats"
|
|
||||||
|
|
||||||
if [ -f "$YNH_APP_BASEDIR/conf/$template" ]; then
|
|
||||||
template_path="$YNH_APP_BASEDIR/conf/$template"
|
|
||||||
elif [ -f "$template" ]; then
|
|
||||||
template_path=$template
|
|
||||||
else
|
|
||||||
ynh_die --message="The provided template $template doesn't exist"
|
|
||||||
fi
|
|
||||||
|
|
||||||
ynh_backup_if_checksum_is_different --file="$destination"
|
|
||||||
|
|
||||||
# Make sure to set the permissions before we copy the file
|
|
||||||
# This is to cover a case where an attacker could have
|
|
||||||
# created a file beforehand to have control over it
|
|
||||||
# (cp won't overwrite ownership / modes by default...)
|
|
||||||
touch "$destination"
|
|
||||||
chown root:root "$destination"
|
|
||||||
chmod 640 "$destination"
|
|
||||||
|
|
||||||
local python_env_var=''
|
|
||||||
local ignore_var_regex
|
|
||||||
ignore_var_regex="$(echo "$ignore_vars" | sed -E 's@^\s*(.*\w)\s*$@\1@g' | sed -E 's@(\s+)@|@g')"
|
|
||||||
while read -r one_var; do
|
|
||||||
# Blacklist of var to not pass to template
|
|
||||||
if { [[ "$one_var" =~ ^[A-Z0-9_]+$ ]] && [[ "$one_var" != YNH_* ]]; } \
|
|
||||||
|| [[ "$one_var" =~ ^($ignore_var_regex)$ ]]; then
|
|
||||||
continue
|
|
||||||
fi
|
|
||||||
# Well python is very bad for the last character on raw string
|
|
||||||
# https://stackoverflow.com/questions/647769/why-cant-pythons-raw-string-literals-end-with-a-single-backslash
|
|
||||||
# So the solution here is to add one last char '-' so we know what it is
|
|
||||||
# and we are sure that it not \ or ' or something else which will be problematic with python
|
|
||||||
# And then we remove it while we are processing
|
|
||||||
python_env_var+="$one_var=r'''${!one_var}-'''[:-1],"
|
|
||||||
done <<< "$(compgen -v)"
|
|
||||||
|
|
||||||
_ynh_apply_default_permissions "$destination"
|
|
||||||
(
|
|
||||||
python3 -c 'import os, sys, jinja2; sys.stdout.write(
|
|
||||||
jinja2.Template(source=sys.stdin.read(),
|
|
||||||
undefined=jinja2.StrictUndefined,
|
|
||||||
).render('"$python_env_var"'));' <"$template_path" >"$destination"
|
|
||||||
)
|
|
||||||
ynh_store_file_checksum --file="$destination"
|
|
||||||
}
|
|
|
@ -162,7 +162,7 @@ ynh_script_progression --message="Configuring Synapse..." --weight=2
|
||||||
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
||||||
password_enabled=true
|
password_enabled=true
|
||||||
|
|
||||||
ynh_add_jinja_config --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
ynh_add_config --jinja --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
||||||
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
||||||
ynh_add_config --template=sliding_proxy.conf --destination=/etc/matrix-$app/sliding_proxy.conf
|
ynh_add_config --template=sliding_proxy.conf --destination=/etc/matrix-$app/sliding_proxy.conf
|
||||||
|
|
||||||
|
@ -229,7 +229,7 @@ set_permissions data
|
||||||
|
|
||||||
yunohost service add "$app" --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports "$port_synapse_tls" --description 'Main matrix server service.'
|
yunohost service add "$app" --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports "$port_synapse_tls" --description 'Main matrix server service.'
|
||||||
yunohost service add "$app"-coturn --needs_exposed_ports "$port_turnserver_tls" --description 'Turn server for matrix server. Used for audio and video call.'
|
yunohost service add "$app"-coturn --needs_exposed_ports "$port_turnserver_tls" --description 'Turn server for matrix server. Used for audio and video call.'
|
||||||
yunohost service add $app-sliding-proxy --description 'Matrix v2 service for clients.'
|
yunohost service add "$app"-sliding-proxy --description 'Matrix v2 service for clients.'
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD SERVICES
|
# RELOAD SERVICES
|
||||||
|
@ -238,7 +238,7 @@ ynh_script_progression --message="Restarting Synapse services..." --weight=11
|
||||||
|
|
||||||
ynh_systemd_action --service_name="$app"-coturn.service --action=restart
|
ynh_systemd_action --service_name="$app"-coturn.service --action=restart
|
||||||
ynh_systemd_action --service_name="$app".service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
|
ynh_systemd_action --service_name="$app".service --action=restart --line_match="Synapse now listening on TCP port $port_synapse_tls" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
|
||||||
ynh_systemd_action --service_name=$app-sliding-proxy.service --action=restart
|
ynh_systemd_action --service_name="$app"-sliding-proxy.service --action=restart
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP FAIL2BAN
|
# SETUP FAIL2BAN
|
||||||
|
|
|
@ -17,32 +17,27 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# Remove a service from the admin panel, added by `yunohost service add`
|
# Remove a service from the admin panel, added by `yunohost service add`
|
||||||
yunohost service remove $app
|
yunohost service remove "$app"
|
||||||
yunohost service remove $app-coturn
|
yunohost service remove "$app"-coturn
|
||||||
yunohost service remove $app-sliding-proxy
|
yunohost service remove "$app"-sliding-proxy
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP AND REMOVE SERVICE
|
# STOP AND REMOVE SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping and removing the systemd service" --weight=2
|
ynh_script_progression --message="Stopping and removing the systemd service" --weight=2
|
||||||
|
|
||||||
ynh_remove_systemd_config --service=$app
|
ynh_remove_systemd_config --service="$app"
|
||||||
ynh_remove_systemd_config --service=$app-coturn
|
ynh_remove_systemd_config --service="$app"-coturn
|
||||||
ynh_remove_systemd_config --service=$app-sliding-proxy
|
ynh_remove_systemd_config --service="$app"-sliding-proxy
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE APP MAIN DIR
|
# REMOVE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing app main directory" --weight=2
|
ynh_script_progression --message="Removing app main directory" --weight=2
|
||||||
|
|
||||||
ynh_secure_remove --file=$code_dir
|
ynh_secure_remove --file="$code_dir"
|
||||||
ynh_secure_remove --file=/etc/matrix-$app
|
ynh_secure_remove --file=/etc/matrix-"$app"
|
||||||
ynh_secure_remove --file=/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf
|
ynh_secure_remove --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
|
||||||
|
|
||||||
if [ "$YNH_APP_PURGE" -eq 1 ]; then
|
|
||||||
ynh_script_progression --message="Removing logs..."
|
|
||||||
ynh_secure_remove --file=/var/log/matrix-"$app"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE DATABASE
|
# REMOVE DATABASE
|
||||||
|
|
|
@ -292,7 +292,7 @@ ynh_script_progression --message="Updating synapse config..." --weight=2
|
||||||
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
# Force enable it because some client like Element X don't support CAS and so require to have password authentication enabled
|
||||||
password_enabled=true
|
password_enabled=true
|
||||||
|
|
||||||
ynh_add_jinja_config --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
ynh_add_config --jinja --template="homeserver.yaml" --destination="/etc/matrix-$app/homeserver.yaml"
|
||||||
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
ynh_add_config --template="log.yaml" --destination="/etc/matrix-$app/log.yaml"
|
||||||
ynh_add_config --template=sliding_proxy.conf --destination=/etc/matrix-$app/sliding_proxy.conf
|
ynh_add_config --template=sliding_proxy.conf --destination=/etc/matrix-$app/sliding_proxy.conf
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue