mirror of
https://github.com/YunoHost-Apps/synapse_ynh.git
synced 2024-09-03 20:26:38 +02:00
Full upgrade
- Add multi instance support - Remove offical helper in common.sh - Improve turnserver config - Update checkprocess - Check synapse is fully started before the end script - Use helper nginx ynh_add_nginx_config
This commit is contained in:
parent
f2611f733d
commit
2473f90c5c
16 changed files with 299 additions and 188 deletions
11
README.md
11
README.md
|
@ -93,6 +93,17 @@ To solve the issue [#30](https://github.com/YunoHost-Apps/synapse_ynh/issues/30)
|
|||
|
||||
`yunohost app setting synapse disable_backup_before_upgrade -v 1`
|
||||
|
||||
Multi instance support
|
||||
----------------------
|
||||
|
||||
To give a possiblity to have multiple domain you can use synapse in multiple instance. In this case all instance will run on differents port so it's really important to use put a SRV record in your domain. You can get the port that your need to put in your SRV record by this following command :
|
||||
```
|
||||
yunohost app setting synapse__<instancenumber> synapse_tls_port
|
||||
```
|
||||
|
||||
Before to install a second instance of the app it's really recommend to update all instance already installed.
|
||||
|
||||
|
||||
Migration from old package
|
||||
--------------------------
|
||||
|
||||
|
|
|
@ -3,24 +3,26 @@
|
|||
# Commentaire ignoré
|
||||
; Manifest
|
||||
domain="domain.tld" (DOMAIN)
|
||||
path="/_matrix" (PATH)
|
||||
path="/_matrix/client/#/login" (PATH)
|
||||
is_public=1 (PUBLIC|public=1|private=0)
|
||||
; Checks
|
||||
pkg_linter=1
|
||||
setup_sub_dir=0
|
||||
setup_sub_dir=1
|
||||
setup_root=0
|
||||
setup_nourl=1
|
||||
setup_nourl=0
|
||||
setup_private=0
|
||||
setup_public=1
|
||||
upgrade=1
|
||||
upgrade=1 from_commit=a62bce7dbc6bc0e1f1b4e872286ff124747ea009
|
||||
upgrade=1 from_commit=bfc07c81c1bcac1b939838209bba6934fec35625
|
||||
backup_restore=1
|
||||
multi_instance=0
|
||||
multi_instance=1
|
||||
wrong_user=0
|
||||
wrong_path=1
|
||||
incorrect_path=0
|
||||
corrupt_source=1
|
||||
fail_download_source=1
|
||||
port_already_use=1 (8008)
|
||||
port_already_use=1 (8448)
|
||||
final_path_already_use=1
|
||||
change_url=0
|
||||
;;; Levels
|
||||
|
@ -34,3 +36,8 @@
|
|||
Level 8=0
|
||||
Level 9=0
|
||||
Level 10=0
|
||||
;;; Upgrade options
|
||||
; commit=a62bce7dbc6bc0e1f1b4e872286ff124747ea009
|
||||
name=Before multi_instance
|
||||
; commit=bfc07c81c1bcac1b939838209bba6934fec35625
|
||||
name=Old version package
|
27
conf/coturn-synapse.service
Normal file
27
conf/coturn-synapse.service
Normal file
|
@ -0,0 +1,27 @@
|
|||
[Unit]
|
||||
Description=coturn
|
||||
Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
|
||||
After=syslog.target network.target
|
||||
|
||||
[Service]
|
||||
User=turnserver
|
||||
Group=turnserver
|
||||
Type=forking
|
||||
EnvironmentFile=/etc/default/coturn-__APP__
|
||||
PIDFile=/var/run/coturn-__APP__/turnserver.pid
|
||||
RuntimeDirectory=coturn-__APP__
|
||||
RuntimeDirectoryMode=0755
|
||||
ExecStart=/usr/bin/turnserver -o -c /etc/matrix-__APP__/coturn.conf $EXTRA_OPTIONS
|
||||
ExecStopPost=/bin/rm -f /var/run/coturn-__APP__/turnserver.pid
|
||||
Restart=on-abort
|
||||
|
||||
LimitCORE=infinity
|
||||
LimitNOFILE=999999
|
||||
LimitNPROC=60000
|
||||
LimitRTPRIO=infinity
|
||||
LimitRTTIME=7000000
|
||||
CPUSchedulingPolicy=other
|
||||
UMask=0007
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -10,7 +10,7 @@ tls_certificate_path: "/etc/yunohost/certs/__DOMAIN__/crt.pem"
|
|||
tls_private_key_path: "/etc/yunohost/certs/__DOMAIN__/key.pem"
|
||||
|
||||
# PEM dh parameters for ephemeral keys
|
||||
tls_dh_params_path: "/etc/matrix-synapse/dh.pem"
|
||||
tls_dh_params_path: "/etc/matrix-__APP__/dh.pem"
|
||||
|
||||
# Don't bind to the https port
|
||||
no_tls: False
|
||||
|
@ -20,7 +20,7 @@ no_tls: False
|
|||
server_name: "__DOMAIN__"
|
||||
|
||||
# When running as a daemon, the file to store the pid in
|
||||
pid_file: "/var/run/matrix-synapse.pid"
|
||||
pid_file: "/var/run/matrix-__APP__.pid"
|
||||
|
||||
# Whether to serve a web client from the HTTP/HTTPS root resource.
|
||||
web_client: False
|
||||
|
@ -113,7 +113,7 @@ database:
|
|||
args:
|
||||
user: __SYNAPSE_DB_USER__
|
||||
password: __SYNAPSE_DB_PWD__
|
||||
database: matrix_synapse
|
||||
database: matrix___APP__
|
||||
host: localhost
|
||||
cp_min: 5
|
||||
cp_max: 10
|
||||
|
@ -123,7 +123,7 @@ event_cache_size: "10K"
|
|||
|
||||
|
||||
# A yaml python logging config file
|
||||
log_config: "/etc/matrix-synapse/log.yaml"
|
||||
log_config: "/etc/matrix-__APP__/log.yaml"
|
||||
|
||||
# Stop twisted from discarding the stack traces of exceptions in
|
||||
# deferreds by waiting a reactor tick before running a deferred's
|
||||
|
@ -161,7 +161,7 @@ federation_rc_concurrent: 3
|
|||
|
||||
|
||||
# Directory where uploaded images and attachments are stored.
|
||||
media_store_path: "/var/lib/matrix-synapse/media"
|
||||
media_store_path: "/var/lib/matrix-__APP__/media"
|
||||
|
||||
# The largest allowed upload size in bytes
|
||||
max_upload_size: "10M"
|
||||
|
@ -353,7 +353,7 @@ expire_access_token: False
|
|||
## Signing Keys ##
|
||||
|
||||
# Path to the signing key to sign messages with
|
||||
signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"
|
||||
signing_key_path: "/etc/matrix-__APP__/homeserver.signing.key"
|
||||
|
||||
# The keys that the server used to sign messages with but won't use
|
||||
# to sign new messages. E.g. it has lost its private key
|
||||
|
|
|
@ -14,7 +14,7 @@ handlers:
|
|||
file:
|
||||
class: logging.handlers.RotatingFileHandler
|
||||
formatter: precise
|
||||
filename: /var/log/matrix-synapse/homeserver.log
|
||||
filename: /var/log/matrix-__APP__/homeserver.log
|
||||
maxBytes: 104857600
|
||||
backupCount: 10
|
||||
filters: [context]
|
||||
|
|
|
@ -3,11 +3,11 @@ Description=Synapse Matrix homeserver
|
|||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=matrix-synapse
|
||||
WorkingDirectory=/var/lib/matrix-synapse
|
||||
EnvironmentFile=/etc/default/matrix-synapse
|
||||
ExecStartPre=/opt/yunohost/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
|
||||
ExecStart=/opt/yunohost/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
|
||||
User=matrix-__APP__
|
||||
WorkingDirectory=/var/lib/matrix-__APP__
|
||||
EnvironmentFile=/etc/default/matrix-__APP__
|
||||
ExecStartPre=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/ --generate-keys
|
||||
ExecStart=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/
|
||||
Restart=always
|
||||
RestartSec=3
|
||||
|
||||
|
|
|
@ -5,10 +5,17 @@ realm=__DOMAIN__
|
|||
no-stun
|
||||
|
||||
tls-listening-port=__TLS_PORT__
|
||||
alt-tls-listening-port=__TLS_ALT_PORT__
|
||||
cli-port=__CLI_PORT__
|
||||
|
||||
cert=/etc/yunohost/certs/__DOMAIN__/crt.pem
|
||||
pkey=/etc/yunohost/certs/__DOMAIN__/key.pem
|
||||
dh-file=/etc/yunohost/certs/__DOMAIN__/dh.pem
|
||||
dh-file=/etc/matrix-__APP__/dh.pem
|
||||
|
||||
no-sslv2
|
||||
no-sslv3
|
||||
no-udp
|
||||
no-tcp
|
||||
|
||||
log-file=/var/log/matrix-__APP__/turnserver.log
|
||||
pidfile="/var/run/coturn-__APP__/turnserver.pid"
|
||||
|
|
|
@ -40,7 +40,7 @@ deactivate () {
|
|||
# unset irrelevant variables
|
||||
deactivate nondestructive
|
||||
|
||||
VIRTUAL_ENV="/opt/yunohost/matrix-synapse"
|
||||
VIRTUAL_ENV="__FINAL_PATH__"
|
||||
export VIRTUAL_ENV
|
||||
|
||||
_OLD_VIRTUAL_PATH="$PATH"
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
"id": "synapse",
|
||||
"packaging_format": 1,
|
||||
"requirements": {
|
||||
"yunohost": ">= 2.7.2"
|
||||
"yunohost": ">= 2.7.7"
|
||||
},
|
||||
"description": {
|
||||
"en": "Instant messaging server who use matrix",
|
||||
|
@ -16,7 +16,7 @@
|
|||
"name": "Josué Tille",
|
||||
"email": "josue@tille.ch"
|
||||
},
|
||||
"multi_instance": false,
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx"
|
||||
],
|
||||
|
|
|
@ -2,9 +2,9 @@
|
|||
|
||||
# Retrieve arguments
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
synapse_user="matrix-synapse"
|
||||
synapse_db_name="matrix_synapse"
|
||||
synapse_db_user="matrix_synapse"
|
||||
synapse_user="matrix-$app"
|
||||
synapse_db_name="matrix_$app"
|
||||
synapse_db_user="matrix_$app"
|
||||
|
||||
get_app_version_from_json() {
|
||||
manifest_path="../manifest.json"
|
||||
|
@ -23,21 +23,21 @@ install_dependances() {
|
|||
|
||||
setup_dir() {
|
||||
# Create empty dir for synapse
|
||||
mkdir -p /var/lib/matrix-synapse
|
||||
mkdir -p /var/log/matrix-synapse
|
||||
mkdir -p /var/log/turnserver
|
||||
mkdir -p /etc/matrix-synapse/conf.d
|
||||
mkdir -p /var/lib/matrix-$app
|
||||
mkdir -p /var/log/matrix-$app
|
||||
mkdir -p /etc/matrix-$app/conf.d
|
||||
mkdir -p $final_path
|
||||
}
|
||||
|
||||
set_permission() {
|
||||
# Set permission
|
||||
chown $synapse_user:root -R $final_path
|
||||
chown $synapse_user:root -R /var/lib/matrix-synapse
|
||||
chown $synapse_user:root -R /var/log/matrix-synapse
|
||||
chown turnserver:root -R /var/log/turnserver
|
||||
chown $synapse_user:root -R /etc/matrix-synapse
|
||||
chmod 600 /etc/matrix-synapse/dh.pem
|
||||
chown $synapse_user:root -R /var/lib/matrix-$app
|
||||
chown $synapse_user:root -R /var/log/matrix-$app
|
||||
chown $synapse_user:root -R /etc/matrix-$app
|
||||
chmod 600 /etc/matrix-$app/dh.pem
|
||||
setfacl -R -m user:turnserver:rx /etc/matrix-$app
|
||||
setfacl -R -m user:turnserver:rwx /var/log/matrix-$app
|
||||
}
|
||||
|
||||
install_source() {
|
||||
|
@ -51,6 +51,7 @@ install_source() {
|
|||
# Install synapse in virtualenv
|
||||
PS1=""
|
||||
cp ../conf/virtualenv_activate $final_path/bin/activate
|
||||
ynh_replace_string __FINAL_PATH__ $final_path $final_path/bin/activate
|
||||
source $final_path/bin/activate
|
||||
pip install --upgrade pip
|
||||
pip install --upgrade setuptools
|
||||
|
@ -66,42 +67,46 @@ install_source() {
|
|||
fi
|
||||
}
|
||||
|
||||
config_nginx() {
|
||||
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
|
||||
ynh_replace_string __PATH__ $path /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
ynh_replace_string __PORT__ $synapse_port /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
|
||||
systemctl reload nginx.service
|
||||
}
|
||||
|
||||
config_synapse() {
|
||||
cp ../conf/homeserver.yaml /etc/matrix-synapse/homeserver.yaml
|
||||
cp ../conf/log.yaml /etc/matrix-synapse/log.yaml
|
||||
ynh_backup_if_checksum_is_different /etc/matrix-$app/homeserver.yaml
|
||||
ynh_backup_if_checksum_is_different /etc/matrix-$app/log.yaml
|
||||
cp ../conf/homeserver.yaml /etc/matrix-$app/homeserver.yaml
|
||||
cp ../conf/log.yaml /etc/matrix-$app/log.yaml
|
||||
|
||||
ynh_replace_string __DOMAIN__ $domain /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __SYNAPSE_DB_USER__ $synapse_db_user /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __SYNAPSE_DB_PWD__ $synapse_db_pwd /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __PORT__ $synapse_port /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __TLS_PORT__ $synapse_tls_port /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __TURNSERVER_TLS_PORT__ $turnserver_tls_port /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __APP__ $app /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __DOMAIN__ $domain /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __SYNAPSE_DB_USER__ $synapse_db_user /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __SYNAPSE_DB_PWD__ $synapse_db_pwd /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __PORT__ $port /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __TLS_PORT__ $synapse_tls_port /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __TURNSERVER_TLS_PORT__ $turnserver_tls_port /etc/matrix-$app/homeserver.yaml
|
||||
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/matrix-$app/homeserver.yaml
|
||||
|
||||
ynh_replace_string __APP__ $app /etc/matrix-$app/log.yaml
|
||||
|
||||
if [ "$is_public" = "0" ]
|
||||
then
|
||||
ynh_replace_string __ALLOWED_ACCESS__ False /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __ALLOWED_ACCESS__ False /etc/matrix-$app/homeserver.yaml
|
||||
else
|
||||
ynh_replace_string __ALLOWED_ACCESS__ True /etc/matrix-synapse/homeserver.yaml
|
||||
ynh_replace_string __ALLOWED_ACCESS__ True /etc/matrix-$app/homeserver.yaml
|
||||
fi
|
||||
|
||||
ynh_store_file_checksum /etc/matrix-$app/homeserver.yaml
|
||||
ynh_store_file_checksum /etc/matrix-$app/log.yaml
|
||||
}
|
||||
|
||||
config_coturn() {
|
||||
cp ../conf/default_coturn /etc/default/coturn
|
||||
cp ../conf/turnserver.conf /etc/turnserver.conf
|
||||
ynh_backup_if_checksum_is_different /etc/matrix-$app/coturn.conf
|
||||
cp ../conf/turnserver.conf /etc/matrix-$app/coturn.conf
|
||||
|
||||
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/turnserver.conf
|
||||
ynh_replace_string __DOMAIN__ $domain /etc/turnserver.conf
|
||||
ynh_replace_string __TLS_PORT__ $turnserver_tls_port /etc/turnserver.conf
|
||||
ynh_replace_string __APP__ $app /etc/matrix-$app/coturn.conf
|
||||
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/matrix-$app/coturn.conf
|
||||
ynh_replace_string __DOMAIN__ $domain /etc/matrix-$app/coturn.conf
|
||||
ynh_replace_string __TLS_PORT__ $turnserver_tls_port /etc/matrix-$app/coturn.conf
|
||||
ynh_replace_string __TLS_ALT_PORT__ $turnserver_alt_tls_port /etc/matrix-$app/coturn.conf
|
||||
ynh_replace_string __CLI_PORT__ $cli_port /etc/matrix-$app/coturn.conf
|
||||
|
||||
ynh_store_file_checksum /etc/matrix-$app/coturn.conf
|
||||
}
|
||||
|
||||
####### Solve issue https://dev.yunohost.org/issues/1006
|
||||
|
@ -147,59 +152,68 @@ ynh_package_install_from_equivs () {
|
|||
ynh_package_is_installed "$pkgname"
|
||||
}
|
||||
|
||||
# Implement PR : https://github.com/YunoHost/yunohost/pull/392
|
||||
# Start or restart a service and follow its booting
|
||||
#
|
||||
# usage: ynh_check_starting "Line to match" [service name] [Log file] [Timeout]
|
||||
#
|
||||
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
|
||||
# | arg: Log file - The log file to watch
|
||||
# /var/log/$app/$app.log will be used if no other log is defined.
|
||||
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
|
||||
ynh_check_starting () {
|
||||
local line_to_match="$1"
|
||||
local service_name="${2:-$app}"
|
||||
local app_log="${3:-/var/log/$app/$app.log}"
|
||||
local timeout=${4:-300}
|
||||
|
||||
# Use logrotate to manage the logfile
|
||||
#
|
||||
# usage: ynh_use_logrotate [logfile] [--non-append]
|
||||
# | arg: logfile - absolute path of logfile
|
||||
# | option: --non-append - Replace the config file instead of appending this new config.
|
||||
#
|
||||
# If no argument provided, a standard directory will be use. /var/log/${app}
|
||||
# You can provide a path with the directory only or with the logfile.
|
||||
# /parentdir/logdir
|
||||
# /parentdir/logdir/logfile.log
|
||||
#
|
||||
# It's possible to use this helper several times, each config will be added to the same logrotate config file.
|
||||
# Unless you use the option --non-append
|
||||
ynh_use_logrotate () {
|
||||
local customtee="tee -a"
|
||||
if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then
|
||||
customtee="tee"
|
||||
# Destroy this argument for the next command.
|
||||
shift
|
||||
elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then
|
||||
customtee="tee"
|
||||
ynh_clean_check_starting () {
|
||||
# Stop the execution of tail.
|
||||
kill -s 15 $pid_tail 2>&1
|
||||
ynh_secure_remove "$templog" 2>&1
|
||||
}
|
||||
|
||||
echo "Starting of $service_name" >&2
|
||||
systemctl restart $service_name
|
||||
|
||||
local i=0
|
||||
local templog="$(mktemp)"
|
||||
|
||||
# Wait if the log file don't exist
|
||||
if [[ ! -e $app_log ]]
|
||||
then
|
||||
for i in $(seq 1 $timeout)
|
||||
do
|
||||
if [[ -e $app_log ]]
|
||||
then
|
||||
cat $app_log > "$templog"
|
||||
break
|
||||
fi
|
||||
echo -n "." >&2
|
||||
sleep 1
|
||||
done
|
||||
fi
|
||||
if [ $# -gt 0 ]; then
|
||||
if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile
|
||||
logfile=$1 # In this case, focus logrotate on the logfile
|
||||
else
|
||||
logfile=$1/*.log # Else, uses the directory and all logfile into it.
|
||||
|
||||
# Following the starting of the app in its log
|
||||
tail -f -n1 "$app_log" >> "$templog" &
|
||||
# Get the PID of the tail command
|
||||
local pid_tail=$!
|
||||
|
||||
for i in $(seq $i $timeout)
|
||||
do
|
||||
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
|
||||
if grep --quiet "$line_to_match" "$templog"
|
||||
then
|
||||
echo "The service $service_name has correctly started." >&2
|
||||
break
|
||||
fi
|
||||
else
|
||||
logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log
|
||||
echo -n "." >&2
|
||||
sleep 1
|
||||
done
|
||||
if [ $i -eq $timeout ]
|
||||
then
|
||||
echo "The service $service_name didn't fully started before the timeout." >&2
|
||||
fi
|
||||
cat > ./${app}-logrotate << EOF # Build a config file for logrotate
|
||||
$logfile {
|
||||
# Rotate if the logfile exceeds 100Mo
|
||||
size 100M
|
||||
# Keep 12 old log maximum
|
||||
rotate 12
|
||||
# Compress the logs with gzip
|
||||
compress
|
||||
# Compress the log at the next cycle. So keep always 2 non compressed logs
|
||||
delaycompress
|
||||
# Copy and truncate the log to allow to continue write on it. Instead of move the log.
|
||||
copytruncate
|
||||
# Do not do an error if the log is missing
|
||||
missingok
|
||||
# Not rotate if the log is empty
|
||||
notifempty
|
||||
# Keep old logs in the same dir
|
||||
noolddir
|
||||
}
|
||||
EOF
|
||||
sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist
|
||||
cat ${app}-logrotate | sudo $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee)
|
||||
|
||||
echo ""
|
||||
ynh_clean_check_starting
|
||||
}
|
|
@ -12,31 +12,32 @@ source ../settings/scripts/psql.sh
|
|||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get $app special_domain)
|
||||
final_path="/opt/yunohost/matrix-synapse"
|
||||
final_path="/opt/yunohost/matrix-$app"
|
||||
|
||||
# Copy Nginx config
|
||||
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
|
||||
|
||||
# Backup synapse config
|
||||
ynh_backup "/etc/matrix-synapse" "synapse_config"
|
||||
ynh_backup "/etc/matrix-$app" "synapse_config"
|
||||
|
||||
# Backup coturn server
|
||||
ynh_backup "/etc/turnserver.conf" "coturn_config"
|
||||
ynh_backup "/etc/default/coturn" "coturn_config_default"
|
||||
|
||||
# Backup synapse database
|
||||
ynh_backup "/var/lib/matrix-synapse" "data" 1
|
||||
ynh_backup "/var/lib/matrix-$app" "data" 1
|
||||
|
||||
# Backup Postgresql database
|
||||
sudo su -c "pg_dump $synapse_db_name" postgres > ${YNH_CWD}/dump.sql
|
||||
|
||||
# Copy the logs
|
||||
ynh_backup "/var/log/matrix-synapse" "log"
|
||||
ynh_backup "/var/log/turnserver" "log_turnserver"
|
||||
ynh_backup "/var/log/matrix-$app" "log"
|
||||
|
||||
# Backup systemd service
|
||||
ynh_backup "/etc/default/matrix-synapse"
|
||||
ynh_backup "/etc/systemd/system/matrix-synapse.service"
|
||||
ynh_backup "/etc/default/matrix-$app"
|
||||
ynh_backup "/etc/systemd/system/matrix-$app.service"
|
||||
ynh_backup "/etc/default/coturn-$app"
|
||||
ynh_backup "/etc/systemd/system/coturn-$app.service"
|
||||
|
||||
# Backup synapse binary
|
||||
ynh_backup "$final_path" "bin"
|
|
@ -13,27 +13,26 @@ source ./_common.sh
|
|||
# Retrieve arguments
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
path="/_matrix"
|
||||
final_path="/opt/yunohost/matrix-synapse"
|
||||
path_url="/_matrix"
|
||||
final_path="/opt/yunohost/matrix-$app"
|
||||
|
||||
# Check domain/path availability
|
||||
test $(ynh_webpath_available $domain $path) == 'True' || ynh_die "$domain$path is not available, please use an other domain."
|
||||
test $(ynh_webpath_available $domain $path_url) == 'True' || ynh_die "$domain is not available as domain, please use an other domain."
|
||||
test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die "$domain is not available as domain, please use an other domain."
|
||||
|
||||
# Check Final Path availability
|
||||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||||
|
||||
# Ouvre le port dans le firewall
|
||||
synapse_tls_port=$(ynh_find_port 8448)
|
||||
synapse_port=$(ynh_find_port 8008)
|
||||
port=$(ynh_find_port 8008)
|
||||
turnserver_tls_port=$(ynh_find_port 5349)
|
||||
turnserver_alt_tls_port=$(ynh_find_port $((turnserver_tls_port+1)))
|
||||
cli_port=$(ynh_find_port 5766)
|
||||
|
||||
yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
|
||||
yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
|
||||
|
||||
# Make dh cert for synapse if it not exist
|
||||
test ! -e /etc/matrix-synapse/dh.pem && \
|
||||
mkdir -p /etc/matrix-synapse && \
|
||||
openssl dhparam -out /etc/matrix-synapse/dh.pem 2048 > /dev/null
|
||||
yunohost firewall allow --no-upnp Both $turnserver_alt_tls_port > /dev/null 2>&1
|
||||
|
||||
# Find password for turnserver and database
|
||||
turnserver_pwd=$(ynh_string_random 30)
|
||||
|
@ -41,21 +40,28 @@ synapse_db_pwd=$(ynh_string_random 30)
|
|||
|
||||
# Enregistre les infos dans la config YunoHost
|
||||
ynh_app_setting_set $app special_domain $domain
|
||||
ynh_app_setting_set $app special_path $path
|
||||
ynh_app_setting_set $app special_path $path_url
|
||||
ynh_app_setting_set $app final_path $final_path
|
||||
ynh_app_setting_set $app synapse_version $APP_VERSION
|
||||
ynh_app_setting_set $app synapse_db_pwd $synapse_db_pwd
|
||||
ynh_app_setting_set $app is_public $is_public
|
||||
ynh_app_setting_set $app synapse_port $synapse_port
|
||||
ynh_app_setting_set $app synapse_port $port
|
||||
ynh_app_setting_set $app synapse_tls_port $synapse_tls_port
|
||||
ynh_app_setting_set $app turnserver_tls_port $turnserver_tls_port
|
||||
ynh_app_setting_set $app turnserver_alt_tls_port $turnserver_alt_tls_port
|
||||
ynh_app_setting_set $app turnserver_pwd $turnserver_pwd
|
||||
ynh_app_setting_set $app cli_port $cli_port
|
||||
|
||||
# Make dh cert for synapse if it not exist
|
||||
test ! -e /etc/matrix-$app/dh.pem && \
|
||||
mkdir -p /etc/matrix-$app && \
|
||||
openssl dhparam -out /etc/matrix-$app/dh.pem 2048 > /dev/null
|
||||
|
||||
# Install all dependances
|
||||
install_dependances
|
||||
|
||||
# Create user
|
||||
ynh_system_user_create $synapse_user /var/lib/matrix-synapse
|
||||
ynh_system_user_create $synapse_user /var/lib/matrix-$app
|
||||
adduser $synapse_user ssl-cert
|
||||
adduser turnserver ssl-cert
|
||||
|
||||
|
@ -74,14 +80,21 @@ cp ../conf/add_sso_conf.py $final_path
|
|||
cp ../conf/remove_sso_conf.py $final_path
|
||||
python $final_path/add_sso_conf.py
|
||||
|
||||
# Create systemd service
|
||||
cp ../conf/default_matrix-synapse /etc/default/matrix-synapse
|
||||
cp ../conf/matrix-synapse.service /etc/systemd/system/
|
||||
# Create systemd service for synapse and turnserver
|
||||
cp ../conf/default_matrix-synapse /etc/default/matrix-$app
|
||||
cp ../conf/matrix-synapse.service /etc/systemd/system/matrix-$app.service
|
||||
ynh_replace_string __APP__ $app /etc/systemd/system/matrix-$app.service
|
||||
|
||||
cp ../conf/default_coturn /etc/default/coturn-$app
|
||||
cp ../conf/coturn-synapse.service /etc/systemd/system/coturn-$app.service
|
||||
ynh_replace_string __APP__ $app /etc/systemd/system/coturn-$app.service
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable matrix-synapse.service
|
||||
systemctl enable matrix-$app.service
|
||||
systemctl enable coturn-$app.service
|
||||
|
||||
# Config nginx
|
||||
config_nginx
|
||||
ynh_add_nginx_config
|
||||
|
||||
# Configure Synapse
|
||||
config_synapse
|
||||
|
@ -90,15 +103,14 @@ config_synapse
|
|||
config_coturn
|
||||
|
||||
# Configuration de logrotate
|
||||
ynh_use_logrotate /var/log/matrix-synapse
|
||||
ynh_use_logrotate /var/log/turnserver
|
||||
ynh_use_logrotate /var/log/matrix-$app
|
||||
|
||||
# Set Permission for all directory
|
||||
set_permission
|
||||
|
||||
# register yunohost service
|
||||
yunohost service add matrix-synapse
|
||||
yunohost service add matrix-$app
|
||||
|
||||
# Recharge la configuration Nginx
|
||||
systemctl restart matrix-synapse.service
|
||||
systemctl restart coturn.service
|
||||
# Reload service
|
||||
systemctl restart coturn-$app.service
|
||||
ynh_check_starting "Synapse now listening on port 8448" "matrix-$app" "/var/log/matrix-$app/homeserver.log" 60
|
||||
|
|
|
@ -117,7 +117,6 @@ ynh_psql_drop_user() {
|
|||
su --command="dropuser \"${user}\"" postgres
|
||||
}
|
||||
|
||||
|
||||
ynh_psql_test_if_first_run() {
|
||||
if [ -f /etc/yunohost/psql ];
|
||||
then
|
||||
|
|
|
@ -15,20 +15,17 @@ domain=$(ynh_app_setting_get $app special_domain)
|
|||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
|
||||
turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get $app turnserver_alt_tls_port)
|
||||
|
||||
systemctl stop matrix-synapse.service || true
|
||||
systemctl stop coturn.service || true
|
||||
|
||||
# Suppression de la configuration nginx
|
||||
ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
systemctl reload nginx.service
|
||||
systemctl stop matrix-$YNH_APP_INSTANCE_NAME.service || true
|
||||
systemctl stop coturn-$app.service || true
|
||||
|
||||
# Close firewall ports
|
||||
closeport() {
|
||||
if yunohost firewall list | grep -q "\- $port$"
|
||||
then
|
||||
echo "Close port $port"
|
||||
yunohost firewall disallow TCP $port > /dev/null
|
||||
yunohost firewall disallow Both $port > /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -36,6 +33,8 @@ port=$synapse_tls_port
|
|||
closeport
|
||||
port=$turnserver_tls_port
|
||||
closeport
|
||||
port=$turnserver_alt_tls_port
|
||||
closeport
|
||||
|
||||
# Remove the skipped url
|
||||
python $final_path/remove_sso_conf.py
|
||||
|
@ -45,29 +44,30 @@ ynh_remove_app_dependencies || true
|
|||
|
||||
# Clean all directory
|
||||
ynh_secure_remove $final_path
|
||||
ynh_secure_remove /var/lib/matrix-synapse
|
||||
ynh_secure_remove /var/log/matrix-synapse
|
||||
ynh_secure_remove /var/log/turnserver
|
||||
ynh_secure_remove /etc/matrix-synapse
|
||||
ynh_secure_remove /etc/default/matrix-synapse
|
||||
ynh_secure_remove /var/lib/matrix-$YNH_APP_INSTANCE_NAME
|
||||
ynh_secure_remove /var/log/matrix-$YNH_APP_INSTANCE_NAME
|
||||
ynh_secure_remove /etc/matrix-$YNH_APP_INSTANCE_NAME
|
||||
ynh_secure_remove /etc/default/matrix-$YNH_APP_INSTANCE_NAME
|
||||
ynh_secure_remove /etc/default/coturn-$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Remove nginx config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
# Remove systemd service
|
||||
systemctl disable matrix-synapse.service
|
||||
ynh_secure_remove /etc/systemd/system/matrix-synapse.service
|
||||
systemctl disable matrix-$YNH_APP_INSTANCE_NAME.service
|
||||
systemctl disable coturn-$YNH_APP_INSTANCE_NAME.service
|
||||
ynh_secure_remove /etc/systemd/system/matrix-$YNH_APP_INSTANCE_NAME.service
|
||||
ynh_secure_remove /etc/systemd/system/coturn-$app.service
|
||||
systemctl daemon-reload
|
||||
|
||||
# Remove database and user
|
||||
ynh_psql_remove_db $synapse_db_name $synapse_db_user
|
||||
|
||||
# Remove user
|
||||
ynh_system_user_delete matrix-synapse
|
||||
ynh_system_user_delete matrix-$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Remove logrotate
|
||||
ynh_remove_logrotate
|
||||
|
||||
# Remove Monitoring
|
||||
yunohost service remove matrix-synapse
|
||||
|
||||
# Reload nginx
|
||||
systemctl reload nginx.service
|
||||
|
||||
yunohost service remove matrix-$YNH_APP_INSTANCE_NAME
|
||||
|
|
|
@ -12,27 +12,29 @@ source ../settings/scripts/psql.sh
|
|||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get $app special_domain)
|
||||
path=$(ynh_app_setting_get $app special_path)
|
||||
path_url=$(ynh_app_setting_get $app special_path)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
synapse_db_pwd=$(ynh_app_setting_get $app synapse_db_pwd)
|
||||
is_public=$(ynh_app_setting_get $app is_public)
|
||||
synapse_port=$(ynh_app_setting_get $app synapse_port)
|
||||
port=$(ynh_app_setting_get $app synapse_port)
|
||||
synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
|
||||
turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get $app turnserver_alt_tls_port)
|
||||
turnserver_pwd=$(ynh_app_setting_get $app turnserver_pwd)
|
||||
|
||||
# Check domain/path availability
|
||||
ynh_webpath_available $domain $path || ynh_die "$domain/$path is not available, please use an other domain."
|
||||
ynh_webpath_available $domain $path_url || ynh_die "$domain/$path_url is not available, please use an other domain."
|
||||
|
||||
# Ouvre le port dans le firewall
|
||||
yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
|
||||
yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
|
||||
yunohost firewall allow --no-upnp Both $turnserver_alt_tls_port > /dev/null 2>&1
|
||||
|
||||
# Install all dependances
|
||||
install_dependances
|
||||
|
||||
# Create user
|
||||
ynh_system_user_create $synapse_user /var/lib/matrix-synapse
|
||||
ynh_system_user_create $synapse_user /var/lib/matrix-$app
|
||||
adduser $synapse_user ssl-cert
|
||||
adduser turnserver ssl-cert
|
||||
|
||||
|
@ -56,19 +58,18 @@ su -c "psql $synapse_db_name" postgres < ${YNH_CWD}/dump.sql
|
|||
|
||||
# Enable systemd service
|
||||
systemctl daemon-reload
|
||||
systemctl enable matrix-synapse.service
|
||||
systemctl enable matrix-$app.service
|
||||
|
||||
# Configuration de logrotate
|
||||
ynh_use_logrotate /var/log/matrix-synapse
|
||||
ynh_use_logrotate /var/log/turnserver
|
||||
ynh_use_logrotate /var/log/matrix-$app
|
||||
|
||||
# Set the permission
|
||||
set_permission
|
||||
|
||||
# register yunohost service
|
||||
yunohost service add matrix-synapse
|
||||
yunohost service add matrix-$app
|
||||
|
||||
# Reload webserver
|
||||
# Restart service
|
||||
systemctl reload nginx.service
|
||||
systemctl restart matrix-synapse.service
|
||||
systemctl restart coturn.service
|
||||
systemctl restart coturn-$app.service
|
||||
ynh_check_starting "Synapse now listening on port 8448" "matrix-$app" "/var/log/matrix-$app/homeserver.log" 60
|
||||
|
|
|
@ -12,15 +12,17 @@ source ./_common.sh
|
|||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get $app special_domain)
|
||||
path=$(ynh_app_setting_get $app special_path)
|
||||
path_url=$(ynh_app_setting_get $app special_path)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
synapse_old_version=$(ynh_app_setting_get $app synapse_version)
|
||||
synapse_db_pwd=$(ynh_app_setting_get $app synapse_db_pwd)
|
||||
is_public=$(ynh_app_setting_get $app is_public)
|
||||
synapse_port=$(ynh_app_setting_get $app synapse_port)
|
||||
port=$(ynh_app_setting_get $app synapse_port)
|
||||
synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
|
||||
turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get $app turnserver_alt_tls_port)
|
||||
turnserver_pwd=$(ynh_app_setting_get $app turnserver_pwd)
|
||||
cli_port=$(ynh_app_setting_get $app cli_port)
|
||||
|
||||
# To be sure that the migration is sucessfull we check that the old synapse version is compatible with the synapse_port_db script.
|
||||
if [[ -z $synapse_old_version ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.25") != 1 ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.26") != 1 ]]
|
||||
|
@ -28,7 +30,7 @@ then
|
|||
ynh_die "Update from this synapse version is not available now. You need to wait for the next update."
|
||||
fi
|
||||
|
||||
systemctl stop matrix-synapse.service
|
||||
systemctl stop matrix-$app.service
|
||||
|
||||
if [[ $(ynh_app_setting_get $app disable_backup_before_upgrade) != '1' ]]
|
||||
then
|
||||
|
@ -45,11 +47,11 @@ then
|
|||
|
||||
## We move from debian package to new package with python virtualenv
|
||||
# Change settings
|
||||
path="/_matrix"
|
||||
path_url="/_matrix"
|
||||
domain=$(ynh_app_setting_get $app domain)
|
||||
final_path="/opt/yunohost/matrix-synapse"
|
||||
ynh_app_setting_set $app special_domain $domain
|
||||
ynh_app_setting_set $app special_path $path
|
||||
ynh_app_setting_set $app special_path $path_url
|
||||
ynh_app_setting_set $app final_path $final_path
|
||||
ynh_app_setting_delete $app domain
|
||||
ynh_app_setting_delete $app path
|
||||
|
@ -91,7 +93,8 @@ then
|
|||
systemctl disable matrix-synapse.service
|
||||
|
||||
cp ../conf/default_matrix-synapse /etc/default/matrix-synapse
|
||||
cp ../conf/matrix-synapse.service /etc/systemd/system/
|
||||
cp ../conf/matrix-synapse.service /etc/systemd/system/matrix-synapse.service
|
||||
ynh_replace_string __APP__ $app /etc/systemd/system/matrix-synapse.service
|
||||
systemctl daemon-reload
|
||||
systemctl enable matrix-synapse.service
|
||||
|
||||
|
@ -125,23 +128,52 @@ then
|
|||
deactivate
|
||||
fi
|
||||
|
||||
# If the turnserver log is not ready configured we configure it now
|
||||
test -e /var/log/turnserver || (mkdir -p /var/log/turnserver && ynh_use_logrotate /var/log/turnserver)
|
||||
# Disable default config for turnserver and create a new service
|
||||
if [[ ! -e /etc/matrix-$app/coturn.conf ]]
|
||||
then
|
||||
systemctl stop coturn.service
|
||||
|
||||
# Set by default the system config for coturn
|
||||
echo "" > /etc/turnserver.conf
|
||||
ynh_replace_string "TURNSERVER_ENABLED=1" "TURNSERVER_ENABLED=0" /etc/default/coturn
|
||||
|
||||
# Set a port for each service in turnserver
|
||||
turnserver_alt_tls_port=$(ynh_find_port $((turnserver_tls_port+1)))
|
||||
cli_port=$(ynh_find_port 5766)
|
||||
|
||||
ynh_app_setting_set $app turnserver_alt_tls_port $turnserver_alt_tls_port
|
||||
ynh_app_setting_set $app cli_port $cli_port
|
||||
|
||||
yunohost firewall allow --no-upnp Both $turnserver_alt_tls_port > /dev/null 2>&1
|
||||
|
||||
# Configure systemd
|
||||
cp ../conf/default_coturn /etc/default/coturn-$app
|
||||
cp ../conf/coturn-synapse.service /etc/systemd/system/coturn-$app.service
|
||||
ynh_replace_string __APP__ $app /etc/systemd/system/coturn-$app.service
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable coturn-$app.service
|
||||
|
||||
# Clean logrotate file for all old instances
|
||||
ynh_remove_logrotate
|
||||
ynh_use_logrotate /var/log/matrix-$app
|
||||
fi
|
||||
|
||||
# Fix issue about certificates access
|
||||
if [[ ! $(grep "ssl-cert:x:[0-9]*:.*matrix-synapse" /etc/group) ]]
|
||||
if [[ ! $(grep "ssl-cert:x:[0-9]*:.*matrix-$app" /etc/group) ]]
|
||||
then
|
||||
adduser $synapse_user ssl-cert
|
||||
adduser turnserver ssl-cert
|
||||
fi
|
||||
|
||||
test -e /etc/matrix-synapse/dh.pem || cp /etc/yunohost/certs/$domain/dh.pem /etc/matrix-synapse/dh.pem
|
||||
# If we don't have the dh file in synapse config dir we copy it
|
||||
test -e /etc/matrix-$app/dh.pem || cp /etc/yunohost/certs/$domain/dh.pem /etc/matrix-$app/dh.pem
|
||||
|
||||
# Upgrade manually Synapse
|
||||
install_source
|
||||
|
||||
# Update nginx config
|
||||
config_nginx
|
||||
ynh_add_nginx_config
|
||||
|
||||
# Configure Synapse
|
||||
config_synapse
|
||||
|
@ -155,7 +187,7 @@ set_permission
|
|||
# Set new settings
|
||||
ynh_app_setting_set $app synapse_version $APP_VERSION
|
||||
|
||||
# Recharge la configuration Nginx
|
||||
systemctl reload nginx.service
|
||||
systemctl start matrix-synapse.service
|
||||
systemctl restart coturn.service
|
||||
# Restart service
|
||||
systemctl restart coturn-$app.service
|
||||
ynh_check_starting "Synapse now listening on port 8448" "matrix-$app" "/var/log/matrix-$app/homeserver.log" 60
|
||||
|
||||
|
|
Loading…
Reference in a new issue