YunoHost-Apps/synapse_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Code Issues Activity Actions

Merge branch 'testing' into matrix_v2

Browse source
This commit is contained in:
Josué Tille 2024-03-22 12:16:57 +01:00
commit 24fb0036b9
No known key found for this signature in database
GPG key ID: 5F259226AD51F2F5
16 changed files with 111 additions and 130 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -20,7 +20,7 @@ Instant messaging server matrix network.
Yunohost chatroom with matrix : [https://matrix.to/#/#yunohost:matrix.org](https://matrix.to/#/#yunohost:matrix.org)
**Shipped version:** 1.102.0~ynh1
**Shipped version:** 1.103.0~ynh1
## Documentation and resources
- Official app website: <https://matrix.org/>

50
auto_update/auto_update.sh
View file

@ -2,6 +2,8 @@
set -eu
readonly app_name=synapse
source auto_update_config.sh
readonly debian_version_name_1=bullseye
@ -21,20 +23,20 @@ EOL
echo $result | jq -r "$1"
}
check_synapse() {
synapse_remote_version=$(curl 'https://api.github.com/repos/element-hq/synapse/releases/latest' -H 'Host: api.github.com' --compressed | jq -r ".tag_name" | cut -dv -f2)
check_app_version() {
local app_remote_version=$(curl 'https://api.github.com/repos/element-hq/synapse/releases/latest' -H 'Host: api.github.com' --compressed | jq -r ".tag_name" | cut -dv -f2)
## Check if new build is needed
if [[ "$synapse_version" != "$synapse_remote_version" ]]
if [[ "$app_version" != "$app_remote_version" ]]
then
synapse_version="$synapse_remote_version"
app_version="$app_remote_version"
return 0
else
return 1
fi
}
upgrade_synapse() {
upgrade_app() {
(
set -eu
@ -42,12 +44,12 @@ upgrade_synapse() {
# arm build: ${result_prefix_name_deb_1}-bin1_armv7l.tar.gz
# arm build checksum: ${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt
# requirement.txt: ${result_prefix_name_deb_1}-build1_requirement.txt
readonly result_prefix_name_deb_1="matrix-synapse_${synapse_version}-$debian_version_name_1"
readonly result_prefix_name_deb_2="matrix-synapse_${synapse_version}-$debian_version_name_2"
readonly result_prefix_name_deb_1="matrix-synapse_${app_version}-$debian_version_name_1"
readonly result_prefix_name_deb_2="matrix-synapse_${app_version}-$debian_version_name_2"
# Build armv7 build
build_cmd_deb_1 $synapse_version $result_prefix_name_deb_1
build_cmd_deb_2 $synapse_version $result_prefix_name_deb_2
build_cmd_deb_1 $app_version $result_prefix_name_deb_1
build_cmd_deb_2 $app_version $result_prefix_name_deb_2
push_armv7_build
# Update python requirement
@ -55,30 +57,30 @@ upgrade_synapse() {
cp "$build_result_path_deb_2/${result_prefix_name_deb_2}"-build1_requirement.txt ../conf/requirement_"$debian_version_name_2".txt
# Update manifest
sed -r -i 's|version = "[[:alnum:].]{4,8}~ynh1"|version = "'${synapse_version}'~ynh1"|' ../manifest.toml
sed -r -i 's|version = "[[:alnum:].]{4,8}~ynh[[:alnum:].]{1,2}"|version = "'${app_version}'~ynh1"|' ../manifest.toml
# Update this link
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{4,8}/matrix-synapse_[[:alnum:].]{4,8}-$debian_version_name_1-bin1_armv7l.tar.gz|arm.url =\1/releases/download/v${synapse_version}/matrix-synapse_${synapse_version}-$debian_version_name_1-bin1_armv7l.tar.gz|" ../manifest.toml
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{4,8}/matrix-synapse_[[:alnum:].]{4,8}-$debian_version_name_2-bin1_armv7l.tar.gz|arm.url =\1/releases/download/v${synapse_version}/matrix-synapse_${synapse_version}-$debian_version_name_2-bin1_armv7l.tar.gz|" ../manifest.toml
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{4,10}/matrix-synapse_[[:alnum:].]{4,10}-$debian_version_name_1-bin[[:digit:]]_armv7l.tar.gz|armhf.url =\1/releases/download/v${app_version}/matrix-synapse_${app_version}-$debian_version_name_1-bin1_armv7l.tar.gz|" ../manifest.toml
sed -r -i "s|armhf.url\s*=(.*)/releases/download/v[[:alnum:].]{4,10}/matrix-synapse_[[:alnum:].]{4,10}-$debian_version_name_2-bin[[:digit:]]_armv7l.tar.gz|armhf.url =\1/releases/download/v${app_version}/matrix-synapse_${app_version}-$debian_version_name_2-bin1_armv7l.tar.gz|" ../manifest.toml
# Update checksum
sha256sum_arm_archive_deb_1=$(cat $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt)
sha256sum_arm_archive_deb_2=$(cat $build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l-sha256.txt)
prev_sha256sum_arm_archive_deb_1=$(get_from_manifest ".resources.sources.synapse_prebuilt_armv7_$debian_version_name_1.armhf.sha256")
prev_sha256sum_arm_archive_deb_2=$(get_from_manifest ".resources.sources.synapse_prebuilt_armv7_$debian_version_name_2.armhf.sha256")
prev_sha256sum_arm_archive_deb_1=$(get_from_manifest ".resources.sources.${app_name}_prebuilt_armv7_$debian_version_name_1.armhf.sha256")
prev_sha256sum_arm_archive_deb_2=$(get_from_manifest ".resources.sources.${app_name}_prebuilt_armv7_$debian_version_name_2.armhf.sha256")
sed -r -i "s|$prev_sha256sum_arm_archive_deb_1|$sha256sum_arm_archive_deb_1|" ../manifest.toml
sed -r -i "s|$prev_sha256sum_arm_archive_deb_2|$sha256sum_arm_archive_deb_2|" ../manifest.toml
git commit -a -m "Upgrade synapse to $synapse_version"
git commit -a -m "Upgrade $app_name to $app_version"
git push gitea auto_update:auto_update
) 2>&1 | tee "synapse_build_temp.log"
) 2>&1 | tee "${app_name}_build_temp.log"
return ${PIPESTATUS[0]}
}
push_armv7_build() {
## Make a draft release json with a markdown body
local release='"tag_name": "v'$synapse_version'", "target_commitish": "master", "name": "v'$synapse_version'", '
local body="Synapse prebuilt bin for synapse_ynh\\n=========\\nPlease refer to upstream project for the change : https://github.com/element-hq/synapse/releases\\n\\nSha256sum for $debian_version_name_1 : $(cat $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt)\\nSha256sum for $debian_version_name_2 : $(cat $build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l-sha256.txt)"
local release='"tag_name": "v'$app_version'", "target_commitish": "master", "name": "v'$app_version'", '
local body="$app_name prebuilt bin for ${app_name}_ynh\\n=========\\nPlease refer to upstream project for the change : https://github.com/element-hq/synapse/releases\\n\\nSha256sum for $debian_version_name_1 : $(cat $build_result_path_deb_1/${result_prefix_name_deb_1}-bin1_armv7l-sha256.txt)\\nSha256sum for $debian_version_name_2 : $(cat $build_result_path_deb_2/${result_prefix_name_deb_2}-bin1_armv7l-sha256.txt)"
release+='"body": "'$body'",'
release+='"draft": true, "prerelease": false'
release='{'$release'}'
@ -148,12 +150,12 @@ push_armv7_build() {
done
}
synapse_version=$(get_from_manifest ".version" | cut -d'~' -f1)
app_version=$(get_from_manifest ".version" | cut -d'~' -f1)
if check_synapse
if check_app_version
then
set +eu
upgrade_synapse
upgrade_app
res=$?
set -eu
if [ $res -eq 0 ]; then
@ -161,7 +163,7 @@ then
else
result="Failed"
fi
msg="Build: synapse version $synapse_version\n"
msg+="$(cat synapse_build_temp.log)"
echo -e "$msg" | mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "Autoupgrade synapse : $result" "$notify_email"
msg="Build: $app_name version $app_version\n"
msg+="$(cat ${app_name}_build_temp.log)"
echo -e "$msg" | mail.mailutils -a "Content-Type: text/plain; charset=UTF-8" -s "Autoupgrade $app_name : $result" "$notify_email"
fi

14
conf/requirement_bookworm.txt
View file

@ -12,7 +12,7 @@ cryptography==42.0.5
hyperlink==21.0.0
idna==3.6
ijson==3.2.3
immutabledict==4.1.0
immutabledict==4.2.0
incremental==22.10.0
Jinja2==3.1.3
jsonschema==4.21.1
@ -21,26 +21,26 @@ ldap3==2.9.1
lxml==5.1.0
MarkupSafe==2.1.5
matrix-common==1.3.0
matrix-synapse==1.102.0
matrix-synapse==1.103.0
matrix-synapse-ldap3==0.3.0
msgpack==1.0.8
ndg-httpsclient==0.5.1
netaddr==1.2.1
packaging==23.2
phonenumbers==8.13.31
packaging==24.0
phonenumbers==8.13.32
pillow==10.2.0
prometheus_client==0.20.0
psycopg2==2.9.9
pyasn1==0.5.1
pyasn1-modules==0.3.0
pycparser==2.21
pydantic==2.6.3
pydantic==2.6.4
pydantic_core==2.16.3
pymacaroons==0.13.0
PyNaCl==1.5.0
pyOpenSSL==24.0.0
pyOpenSSL==24.1.0
PyYAML==6.0.1
referencing==0.33.0
referencing==0.34.0
requests==2.31.0
rpds-py==0.18.0
semantic-version==2.10.0

14
conf/requirement_bullseye.txt
View file

@ -12,7 +12,7 @@ cryptography==42.0.5
hyperlink==21.0.0
idna==3.6
ijson==3.2.3
immutabledict==4.1.0
immutabledict==4.2.0
incremental==22.10.0
Jinja2==3.1.3
jsonschema==4.21.1
@ -21,26 +21,26 @@ ldap3==2.9.1
lxml==5.1.0
MarkupSafe==2.1.5
matrix-common==1.3.0
matrix-synapse==1.102.0
matrix-synapse==1.103.0
matrix-synapse-ldap3==0.3.0
msgpack==1.0.8
ndg-httpsclient==0.5.1
netaddr==1.2.1
packaging==23.2
phonenumbers==8.13.31
packaging==24.0
phonenumbers==8.13.32
pillow==10.2.0
prometheus_client==0.20.0
psycopg2==2.9.9
pyasn1==0.5.1
pyasn1-modules==0.3.0
pycparser==2.21
pydantic==2.6.3
pydantic==2.6.4
pydantic_core==2.16.3
pymacaroons==0.13.0
PyNaCl==1.5.0
pyOpenSSL==24.0.0
pyOpenSSL==24.1.0
PyYAML==6.0.1
referencing==0.33.0
referencing==0.34.0
requests==2.31.0
rpds-py==0.18.0
semantic-version==2.10.0

2
conf/synapse-coturn.service
View file

@ -7,7 +7,7 @@ After=syslog.target network-online.target
User=turnserver
Group=turnserver
Type=notify
EnvironmentFile=/etc/default/coturn-__APP__
EnvironmentFile=/etc/matrix-__APP__/coturn_env
ExecStart=/usr/bin/turnserver -c /etc/matrix-__APP__/coturn.conf $EXTRA_OPTIONS --pidfile=
Restart=on-failure
InaccessibleDirectories=/home

122
doc/ADMIN.md
View file

@ -1,17 +1,26 @@
# Installation
## Install for ARM arch (or slow arch)
For all slow or arm architecture it's recommended to build the dh file before the install to have a quicker install.
You could build it by this cmd : `openssl dhparam -out /etc/ssl/private/dh2048.pem 2048 > /dev/null`
After that you can install it without problem.
The package uses a prebuilt python virtual environnement. The binary are taken from this repository: https://github.com/YunoHost-Apps/synapse_python_build
The script to build the binary is also available.
## Web client
If you want a web client you can also install Element with this package: https://github.com/YunoHost-Apps/element_ynh .
The most well-known Matrix web client is Element, which is available in the YunoHost app catalog: <https://github.com/YunoHost-Apps/element_ynh>.
### Important Security Note
We do not recommend running Element from the same domain name as your Matrix homeserver (synapse). The reason is the risk of XSS (cross-site-scripting) vulnerabilities that could occur if someone caused Element to load and render malicious user generated content from a Matrix API which then had trusted access to Element (or other apps) due to sharing the same domain.
We have put some coarse mitigations into place to try to protect against this situation, but it's still not a good practice to do it in the first place. See https://github.com/vector-im/element-web/issues/1977 for more details.
## Admin UI
You may be interested in the synapse-admin app, which provides an administration interface for synapse: <https://github.com/YunoHost-Apps/synapse-admin_ynh>.
Then, to log in the API with your admin credentials (cf next section)
### Set user as admin
Currently, the client interface doesn't allow to grant admin rights. The workaround is to enable it manually in the database. The YunoHost app provides a small script to do so, which can be invoked:
```bash
/opt/yunohost/matrix-__APP__/set_admin_user.sh '@user_to_be_admin:domain.tld'
```
## Access by federation
@ -63,7 +72,7 @@ If you have a dynamic IP address, you also might need to update this config auto
## OpenVPN
In case of you have an OpenVPN server you might want than `synapse-coturn` restart when the VPN restart. To do this create a file named `/usr/local/bin/openvpn_up_script.sh` with this content:
If your server is behind a VPN, you may want `synapse-coturn` ti automatically restart when the VPN restarts. To do this, create a file named `/usr/local/bin/openvpn_up_script.sh` with this content:
```bash
#!/bin/bash
@ -84,50 +93,31 @@ And add this line in your OpenVPN config file
ipchange /usr/local/bin/openvpn_up_script.sh
```
## Important Security Note
## Backup
We do not recommend running Element from the same domain name as your Matrix
homeserver (synapse). The reason is the risk of XSS (cross-site-scripting)
vulnerabilities that could occur if someone caused Element to load and render
malicious user generated content from a Matrix API which then had trusted
access to Element (or other apps) due to sharing the same domain.
Before any major maintenance action, it is recommended to backup the app.
We have put some coarse mitigations into place to try to protect against this
situation, but it's still not a good practice to do it in the first place. See
https://github.com/vector-im/element-web/issues/1977 for more details.
To ensure the integrity of the data, it is recommended to explictly stop the server during the backup:
## Limitations
Synapse uses a lot of ressource. So on slow architecture (like small ARM board), this app could take a lot of CPU and RAM.
This app doesn't provide any real good web interface. So it's recommended to use Element client to connect to this app. This app is available [here](https://github.com/YunoHost-Apps/element_ynh)
# Additional information
## Administration
**All documentation of this section is not warranted. A bad use of command could break the app and all the data. So use these commands at your own risk.**
Before any manipulation it's recommended to do a backup by this following command :
`sudo yunohost backup create --apps synapse`
### Set user as admin
Actually there are no functions in the client interface to set a user as admin. So it's possible to enable it manually in the database.
The following command will grant admin privilege to the specified user:
- Stop synapse service with theses following command:
```bash
/opt/yunohost/matrix-<synapse_instance_name>/set_admin_user.sh '@user_to_be_admin:domain.tld'
systemctl stop synapse.service
```
### Administration API
- Launch the backup of synapse with this following command:
```bash
yunohost backup create --app synapse
```
There are an admiminstration application available if needed for example to use [Synapse Admin](https://github.com/YunoHost-Apps/synapse-admin_ynh).
- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/synapse`.
- Restart the synapse service with these command:
```bash
systemctl start synapse.service
```
Then, to log in the API with your credentials, you need to set your user as admin (cf. precedent section).
## Changing the server URL
### Change url
**All documentation of this section is not warranted. A bad use of command could break the app and all the data. So use these commands at your own risk.**
Synapse give the possibility to change the domain of the instance. Note that this will only change the domain on which the synapse server will run. **This won't change the domain name of the account which is an other thing.**
@ -141,16 +131,16 @@ The advantage of this is that you can put the app on a specific domain without i
To do the change url of synapse you can do it by this following command or with the webadmin.
```bash
yunohost app change-url synapse
sudo yunohost app change-url synapse
```
#### Avoid the need to reconnect all client after change-url operation
### Avoid the need to reconnect all client after change-url operation
In case of you have changed the url of synapse and you don't wan't to reconnect all client there are this workaround which should solve the issue.
If you did change the url of synapse and you don't wan't to reconnect all client, this workaround should solve the issue.
The idea is to setup again a minimal configuration on the previous domain so the client configurated with the previous domain will still work correctly.
##### Nginx config
#### Nginx config
Retrive the server port with this command:
```bash
@ -174,35 +164,13 @@ Then reload nginx config:
systemctl reload nginx.service
```
##### Add permanent rule on SSOWAT
#### Add permanent rule on SSOWAT
- Edit the file `/etc/ssowat/conf.json.persistent`
- Add `"<previous-domain.tld>/_matrix"` into the list in: `permissions` > `custom_skipped` > `uris`
Now the configured client before the change-url should work again.
### Backup
## Removing the app
This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this:
- Stop synapse service with theses following command:
```bash
systemctl stop synapse.service
```
- Launch the backup of synapse with this following command:
```bash
yunohost backup create --app synapse
```
- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/synapse`.
- Restart the synapse service with these command:
```bash
systemctl start synapse.service
```
### Remove
Due of the backup core only feature the data directory in `/home/yunohost.app/synapse` **is not removed**.
Use the `--purge` flag with the command, or remove it manually to purge app user data.
The YunoHost policy is to not remove the data when removing an app (stored in `/home/yunohost.app/synapse`). Use the `--purge` flag during the removal of the app to remove those, or just manually delete the folder after the app is deleted.

3
doc/PRE_INSTALL.md Normal file
View file

@ -0,0 +1,3 @@
- Synapse consumes a significant amount of resources (both CPU and ARM), and therefore is not recommended for "small" setups such as small ARM boards
- During the install, the generation of Diffie-Hellman parameters may take a significant amount of time. You can speed things up by manually initializing them before running the install: `openssl dhparam -out /etc/ssl/private/dh2048.pem 2048 > /dev/null`
- The package uses a prebuilt python virtual environnement. The binary are taken from this repository: <https://github.com/YunoHost-Apps/synapse_python_build>. The script to build the binary is also available.

2
hooks/post_cert_update
View file

@ -1,5 +1,5 @@
#!/bin/bash
if [ $1 == __DOMAIN__ ]; then
systemctl restart matrix-__APP__
systemctl restart __APP__.service
fi

14
manifest.toml
View file

@ -5,7 +5,7 @@ name = "Synapse"
description.en = "Instant messaging server which uses Matrix"
description.fr = "Serveur de messagerie instantané basé sur Matrix"
version = "1.102.0~ynh1"
version = "1.103.0~ynh1"
maintainers = ["Josué Tille"]
@ -24,8 +24,8 @@ multi_instance = true
ldap = true
sso = "not_relevant"
disk = "250M"
ram.build = "20M"
ram.runtime = "200M"
ram.build = "500M"
ram.runtime = "1G"
[install]
[install.domain]
@ -63,13 +63,13 @@ ram.runtime = "200M"
[resources]
[resources.sources.synapse_prebuilt_armv7_bookworm]
prefetch = false
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.102.0/matrix-synapse_1.102.0-bookworm-bin2_armv7l.tar.gz"
armhf.sha256 = "4027b8e41950aeec151dfa19eda2402e7974de56d33abb9eee3879e211227eef"
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.103.0/matrix-synapse_1.103.0-bookworm-bin1_armv7l.tar.gz"
armhf.sha256 = "b5e11567d9f90067965a7b1a3eb3569b1eaaa68b261e7f38bc78a8618da09db9"
[resources.sources.synapse_prebuilt_armv7_bullseye]
prefetch = false
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.102.0/matrix-synapse_1.102.0-bullseye-bin2_armv7l.tar.gz"
armhf.sha256 = "5fd5296d76675cd7a109115e1eb035758c16b095cd953a65fc8cc840fb449e40"
armhf.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.103.0/matrix-synapse_1.103.0-bullseye-bin1_armv7l.tar.gz"
armhf.sha256 = "f3e22265cfba060401cec2770b54d16b559a574baff93b78add3f8acc31aa1d8"
[resources.sources.sliding_proxy]
prefetch = true

3
scripts/_common.sh
View file

@ -46,9 +46,10 @@ install_sources() {
fi
# Apply patch for LDAP auth if needed
# Note that we put patch into scripts dir because /source are not stored and can't be used on restore
if ! grep -F -q '# LDAP Filter anonymous user Applied' $code_dir/lib/python$python_version/site-packages/ldap_auth_provider.py; then
pushd $code_dir/lib/python$python_version/site-packages
patch < $YNH_APP_BASEDIR/sources/ldap_auth_filter_anonymous_user.patch
patch < $YNH_APP_BASEDIR/scripts/patch/ldap_auth_filter_anonymous_user.patch
popd
fi

1
scripts/backup
View file

@ -71,7 +71,6 @@ ynh_backup --src_path="/etc/matrix-$app"
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path="/etc/default/coturn-$app"
ynh_backup --src_path="/etc/systemd/system/$app-coturn.service"
ynh_backup --src_path=/etc/systemd/system/$app-sliding-proxy.service

2
scripts/install
View file

@ -196,7 +196,7 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=2
# Create systemd service for synapse and turnserver
ynh_add_systemd_config --service=$app --template=synapse.service
cp ../conf/default_coturn /etc/default/coturn-$app
cp ../conf/default_coturn /etc/matrix-$app/coturn_env
ynh_add_systemd_config --service=$app-coturn --template=synapse-coturn.service
ynh_add_systemd_config --service=$app-sliding-proxy --template=synapse-sliding-proxy.service

0
sources/ldap_auth_filter_anonymous_user.patch → scripts/patch/ldap_auth_filter_anonymous_user.patch
View file

1
scripts/remove
View file

@ -38,7 +38,6 @@ ynh_script_progression --message="Removing app main directory" --weight=2
ynh_secure_remove --file=$code_dir
ynh_secure_remove --file=/var/log/matrix-$app
ynh_secure_remove --file=/etc/matrix-$app
ynh_secure_remove --file=/etc/default/coturn-$app
ynh_secure_remove --file=/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf
#=================================================

5
scripts/upgrade
View file

@ -210,6 +210,9 @@ then
ynh_app_setting_set --app=$app --key=sync_proxy_secret --value=$sync_proxy_secret
fi
# remove legacy env file into /etc/default
ynh_secure_remove --file=/etc/default/coturn-$app
#=================================================
# MIGRATION 7 : STANDARDIZE SYSTEMD UNIT
#=================================================
@ -479,7 +482,7 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=3
# Create systemd service for synapse and turnserver
ynh_add_systemd_config --service=$app --template=synapse.service
cp ../conf/default_coturn /etc/default/coturn-$app
cp ../conf/default_coturn /etc/matrix-$app/coturn_env
ynh_add_systemd_config --service=$app-coturn --template=synapse-coturn.service
ynh_add_systemd_config --service=$app-sliding-proxy --template=synapse-sliding-proxy.service

6
sources/Coturn_config_rotate.sh
View file

@ -3,9 +3,14 @@
set -eu
app=__APP__
YNH_APP_BASEDIR=/etc/yunohost/apps/"$app"
pushd /etc/yunohost/apps/$app/conf
source /usr/share/yunohost/helpers
# Must load db_name var to load _common.sh
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
source ../scripts/_common.sh
domain=$(ynh_app_setting_get --app=$app --key=domain)
@ -13,6 +18,7 @@ port_cli=$(ynh_app_setting_get --app=$app --key=port_cli)
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
port_turnserver_tls=$(ynh_app_setting_get --app=$app --key=port_turnserver_tls)
port_turnserver_alt_tls=$(ynh_app_setting_get --app=$app --key=port_turnserver_alt_tls)
enable_dtls_for_audio_video_turn_call=$(ynh_app_setting_get --app=$app --key=enable_dtls_for_audio_video_turn_call)
previous_checksum=$(ynh_app_setting_get --app=$app --key=checksum__etc_matrix-synapse_coturn.conf)
configure_coturn