YunoHost-Apps/synapse_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Code Issues Activity Actions

Merge pull request #39 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Maniack Crudelis 2018-04-16 22:00:38 +02:00 committed by GitHub
commit 3e91f1c316
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 146 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
README.md
View file

@ -6,7 +6,7 @@ Synapse for YunoHost
[![Integration level](https://dash.yunohost.org/integration/synapse.svg)](https://ci-apps.yunohost.org/jenkins/job/synapse%20%28Community%29/lastBuild/consoleFull)
[![Install Synapse with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=synapse)
> *This package allow you to install synapse quickly and simply on a YunoHost server.
> *This package allows you to install synapse quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
Overview
@ -14,37 +14,51 @@ Overview
Instant messaging server matrix network.
Yunohost chattroom with matrix : [https://riot.im/app/#/room/#yunohost:matrix.org](https://riot.im/app/#/room/#yunohost:matrix.org)
Yunohost chatroom with matrix : [https://riot.im/app/#/room/#yunohost:matrix.org](https://riot.im/app/#/room/#yunohost:matrix.org)
**Shipped version:** 0.26.0
**Shipped version:** 0.27.2
Configuration
-------------
### Install for ARM arch (or slow arch)
For all slow or arm architecture it's recommended to build the dh file before the install to have quicker install.
You could built it by this cmd : `mkdir -p /etc/matrix-synapse && openssl dhparam -out /etc/matrix-synapse/dh.pem 2048 > /dev/null`
For all slow or arm architecture it's recommended to build the dh file before the install to have a quicker install.
You could build it by this cmd : `mkdir -p /etc/matrix-synapse && openssl dhparam -out /etc/matrix-synapse/dh.pem 2048 > /dev/null`
After that you can install it without problem.
The package use a prebuild python virtualenvironnement. The binary are taken from this repos : https://github.com/Josue-T/synapse_python_build
The package uses a prebuilt python virtual environnement. The binary are taken from this repository: https://github.com/Josue-T/synapse_python_build
The script to build the binary is also available.
### Web client
If you want a web client you can also install riot with this package : https://github.com/YunoHost-Apps/riot_ynh .
If you want a web client you can also install riot with this package: https://github.com/YunoHost-Apps/riot_ynh .
### Access by federation
To be accessible by the federation you need to put this following line in the dns configuration :
To be accessible by the federation you need to put the following line in the dns configuration:
```
_matrix._tcp.<yourdomain.com> <ttl> IN SRV 10 0 <port> <synapse.server.name>
```
for example
```
_matrix._tcp.example.com. 3600 IN SRV 10 0 8448 synapse.example.com.
_matrix._tcp.example.com. 3600 IN SRV 10 0 SYNAPSE_PORT synapse.example.com.
```
You need to replace SYNAPSE_PORT by the real port. This port can be obtained by the command: `yunohost app setting SYNAPSE_INSTANCE_NAME synapse_tls_port`
If it is not automatically done, you need to open this in your ISP box.
### Turnserver
For Voip and video conferencing a turnserver is also installed (and configured). The turnserver listens on two UDP and TCP ports. You can get them with these commands:
```
yunohost app setting synapse turnserver_tls_port
yunohost app setting synapse turnserver_alt_tls_port
```
To have a fully functional turnserver you need to open these ports (if it is not automatically done) on your ISP box.
### Important Security Note
We do not recommend running Riot from the same domain name as your Matrix
@ -54,14 +68,14 @@ malicious user generated content from a Matrix API which then had trusted
access to Riot (or other apps) due to sharing the same domain.
We have put some coarse mitigations into place to try to protect against this
situation, but it's still not good practice to do it in the first place. See
situation, but it's still not a good practice to do it in the first place. See
https://github.com/vector-im/riot-web/issues/1977 for more details.
Documentation
-------------
- Official documentation: https://github.com/matrix-org/synapse
- YunoHost documentation: to be created ; feel free to help!
- YunoHost documentation: to be created; feel free to help!
YunoHost specific features
--------------------------
@ -78,9 +92,9 @@ Supported with LDAP.
Limitations
-----------
Synapse take a lot of ressurce. So in slow architecture (like small ARM board), this app could take a lot of CPU and RAM.
Synapse uses a lot of ressource. So on slow architecture (like small ARM board), this app could take a lot of CPU and RAM.
This app don't contains any real good web interface. So it's recommended to use Riot client to connect to this app. This app is available [here](https://github.com/YunoHost-Apps/riot_ynh)
This app doesn't provide any real good web interface. So it's recommended to use Riot client to connect to this app. This app is available [here](https://github.com/YunoHost-Apps/riot_ynh)
Links
-----
@ -89,7 +103,7 @@ Links
- Matrix website: https://matrix.org/
- YunoHost website: https://yunohost.org/
Additionnal informations
Additional information
-----
@ -97,7 +111,7 @@ Additionnal informations
Administation
-------------
**All documentation of this section is not warranted. A bad use of command could broke the app and all the data. So use theses command at your own risk.**
**All documentation of this section is not warranted. A bad use of command could break the app and all the data. So use these commands at your own risk.**
Before any manipulation it's recommended to do a backup by this following command :
@ -105,46 +119,46 @@ Before any manipulation it's recommended to do a backup by this following comman
### Set user as admin
Actually there are no function in the client interface to set a user as admin. So it's possible to enable it manually in the database.
Actually there are no functions in the client interface to set a user as admin. So it's possible to enable it manually in the database.
This following command will enable the admin access to the specified user :
The following command will grant admin privilege to the specified user:
```
su --command="psql matrix_synapse" postgres <<< "UPDATE users SET admin = 1 WHERE name = '@user_to_be_admin:domain.tld'"
```
### Disable backup in upgrade
To solve the issue [#30](https://github.com/YunoHost-Apps/synapse_ynh/issues/30) you can disable the upgrade in the upgrade by setting to true the key `disable_backup_before_upgrade` in the app setting. You can set it by this command :
To solve the issue [#30](https://github.com/YunoHost-Apps/synapse_ynh/issues/30) you can disable the backup in the upgrade by setting to true the key `disable_backup_before_upgrade` in the app setting. You can set it by this command :
`yunohost app setting synapse disable_backup_before_upgrade -v 1`
### Multi instance support
To give a possiblity to have multiple domain you can use synapse in multiple instance. In this case all instance will run on differents port so it's really important to use put a SRV record in your domain. You can get the port that your need to put in your SRV record by this following command :
To give a possibility to have multiple domains you can use multiple instances of synapse. In this case all instances will run on different ports so it's really important to put a SRV record in your domain. You can get the port that you need to put in your SRV record with this following command:
```
yunohost app setting synapse__<instancenumber> synapse_tls_port
```
Before to install a second instance of the app it's really recommend to update all instance already installed.
Before installing a second instance of the app it's really recommended to update all existing instances.
### Migration from old package
The old synapse package had some problem, the package has been reviewed in the summer 2017. The old package was made with the debian package with the synapse apt repos. The database used sqlite. To improve the performance and to have a better compatibility the new package use python virtual environment and postgresql as database. The Upgrade was made to make the migration from the old package to the new package. The part of this script is available here : https://github.com/YunoHost-Apps/synapse_ynh/blob/master/scripts/upgrade#L40-L119 .
The old synapse package had some problems, the package has been reviewed in the summer 2017. The old package was made with the debian package with the synapse apt repos. The database used sqlite. To improve the performance and to have a better compatibility the new package uses python virtual environment and postgresql as database. The Upgrade was made to make the migration from the old package to the new package. The part of this script is available here : https://github.com/YunoHost-Apps/synapse_ynh/blob/master/scripts/upgrade#L40-L119 .
This script try to upgrade the app without any problem but it could happen that something fail and in this case it NOT guaranteed that the restored successfully. So it's REALLY recommended to make manually a backup before this big upgrade.
This script tries to upgrade the app without any problem but it could happen that something fails and in this case the restoration is NOT guaranteed to be successful. So it's REALLY recommended to make MANUAL a backup before this big upgrade.
To check if you use the old synapse package type this command :
To check if you use the old synapse package type this command:
`sudo yunohost app setting synapse synapse_version`
- If the command return nothing you are using the old package.
- If the command return something like 0.25.1 you are using the new package.
- If the command returns nothing you are using the old package.
- If the command returns something like 0.25.1 you are using the new package.
To do a backup before the upgrade use this command : `sudo yunohost backup create --verbose --ignore-system --apps synapse`
If anything fail while you are doing the upgrade please make an issue here : https://github.com/YunoHost-Apps/synapse_ynh/issues
If anything fails while you are doing the upgrade please create an issue here: https://github.com/YunoHost-Apps/synapse_ynh/issues
### License
Synapse is published under the Apache License : https://github.com/matrix-org/synapse/blob/master/LICENSE
Synapse is published under the Apache License: https://github.com/matrix-org/synapse/blob/master/LICENSE
---

4
conf/add_sso_conf.py
View file

@ -1,11 +1,11 @@
import json
with open("/etc/ssowat/conf.json.persistent", "r") as jsonFile:
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
if "skipped_urls" in data:
data["skipped_urls"].append("/_matrix")
else:
data["skipped_urls"] = ["/_matrix"]
with open("/etc/ssowat/conf.json.persistent", "w") as jsonFile:
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

4
conf/armv7.src
View file

@ -1,6 +1,6 @@
SOURCE_URL=https://github.com/Josue-T/synapse_python_build/releases/download/v0.26.0/matrix-synapse_0.26.0-bin1_armv7l.tar.gz
SOURCE_SUM=2b450396b8264f7c596b49a68b1fefd4039014b0214e2b9f7bf461c53558a0c7
SOURCE_URL=https://github.com/Josue-T/synapse_python_build/releases/download/v0.27.2/matrix-synapse_0.27.2-bin1_armv7l.tar.gz
SOURCE_SUM=4dfba2316986ad0e3df7d3a14c79006d3f2dc48ef062fc14bb1614f4af99a2fb
# (Optional) Program to check the integrity (sha256sum, md5sum...)
# default: sha256
SOURCE_SUM_PRG=sha256sum

4
conf/python_source.src
View file

@ -1,2 +1,2 @@
SOURCE_URL=https://github.com/matrix-org/synapse/archive/v0.26.0.tar.gz
SOURCE_SUM=234dd5fa44895e855d11fbf50de9184d057977b10b296f594d2c3758f693eff3
SOURCE_URL=https://github.com/matrix-org/synapse/archive/v0.27.2.tar.gz
SOURCE_SUM=01080b19f66779335eb68d203c34a4caf681d3c3ed66a1ebd923dcd0833effa2

4
conf/remove_sso_conf.py
View file

@ -1,8 +1,8 @@
import json
with open("/etc/ssowat/conf.json.persistent", "r") as jsonFile:
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
data["skipped_urls"].remove("/_matrix")
with open("/etc/ssowat/conf.json.persistent", "w") as jsonFile:
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

2
manifest.json
View file

@ -9,7 +9,7 @@
"en": "Instant messaging server who use matrix",
"fr": "Un serveur de messagerie instantané basé sur matrix"
},
"version": "0.26.0~ynh1",
"version": "0.27.2~ynh1",
"url": "http://matrix.org",
"license": "Apache-2.0",
"maintainer": {

51
scripts/experimental_helper.sh
View file

@ -6,7 +6,7 @@
ynh_read_manifest () {
manifest="$1"
key="$2"
python3 -c "import sys, json;print(json.load(open('$manifest'))['$key'])"
python3 -c "import sys, json;print(json.load(open('$manifest', encoding='utf-8'))['$key'])"
}
# Read the upstream version from the manifest
@ -182,3 +182,52 @@ ynh_remove_systemd_config () {
sudo systemctl daemon-reload
fi
}
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Send the email to the recipients
echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}

18
scripts/install
View file

@ -269,7 +269,7 @@ ynh_use_logrotate /var/log/matrix-$app
# The script "add_sso_conf.py" will just add en entry for the path "/_matrix" in the sso conf.json.persistent file in the cathegory "skipped_urls".
cp ../conf/add_sso_conf.py $final_path
cp ../conf/remove_sso_conf.py $final_path
python $final_path/add_sso_conf.py || ynh_die "Your file /etc/ssowat/conf.json.persistent don't respect the json synaxe. Please fix the synaxe to install this app. For more information see here : https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
python3 $final_path/add_sso_conf.py || ynh_die "Your file /etc/ssowat/conf.json.persistent don't respect the json synaxe. Please fix the synaxe to install this app. For more information see here : https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
#=================================================
# SECURE FILES AND DIRECTORIES
@ -299,3 +299,19 @@ yunohost service add coturn-$app
systemctl restart coturn-$app.service
ynh_check_starting "Synapse now listening on port $synapse_tls_port" "/var/log/matrix-$app/homeserver.log" 300 "matrix-$app"
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="To federate this app you need to add this line in your DNS configuration:
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
Your synapse server also implements a turnserver (for VoIP), to have this fully functional open the TCP and UDP port $turnserver_tls_port and $turnserver_alt_tls_port (if it's not automatically done).
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh"
ynh_send_readme_to_admin "$message"

2
scripts/remove
View file

@ -64,7 +64,7 @@ closeport $turnserver_alt_tls_port
#=================================================
# Remove the skipped url
python $final_path/remove_sso_conf.py
python3 $final_path/remove_sso_conf.py
#=================================================
# REMOVE DEPENDENCIES

18
scripts/restore
View file

@ -88,7 +88,7 @@ yunohost firewall allow Both $turnserver_alt_tls_port > /dev/null 2>&1
# Open access to server without a button the home
# The script "add_sso_conf.py" will just add en entry for the path "/_matrix" in the sso conf.json.persistent file in the cathegory "skipped_urls".
python $final_path/add_sso_conf.py || ynh_die "Your file /etc/ssowat/conf.json.persistent don't respect the json synaxe. Please fix the synaxe to install this app. For more information see here : https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
python3 $final_path/add_sso_conf.py || ynh_die "Your file /etc/ssowat/conf.json.persistent don't respect the json synaxe. Please fix the synaxe to install this app. For more information see here : https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
@ -149,3 +149,19 @@ yunohost service add coturn-$app
systemctl reload nginx.service
systemctl restart coturn-$app.service
ynh_check_starting "Synapse now listening on port $synapse_tls_port" "/var/log/matrix-$app/homeserver.log" 300 "matrix-$app"
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="To federate this app you need to add this line in your DNS configuration:
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
Your synapse server also implements a turnserver (for VoIP), to have this fully functional open the TCP and UDP port $turnserver_tls_port and $turnserver_alt_tls_port (if it's not automatically done).
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh"
ynh_send_readme_to_admin "$message"

13
scripts/upgrade
View file

@ -48,7 +48,11 @@ cli_port=$(ynh_app_setting_get $app cli_port)
#=================================================
# To be sure that the migration is sucessfull we check that the old synapse version is compatible with the synapse_port_db script.
if [[ -z $synapse_old_version ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.25") != 1 ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.26") != 1 ]]
# We need to make the user able to do the migration to the new package.
# While the official synapse version is updated, the idea is to test the migration with the new version.
# If the migration pass we can update this next line with the new synapse package.
# For more information see comment : https://github.com/YunoHost-Apps/synapse_ynh/pull/40#pullrequestreview-108680051
if [[ -z $synapse_old_version ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.27") != 1 ]] && [[ $(dpkg -l | grep -c -E "ii.*matrix-synapse.*0.26") != 1 ]]
then
ynh_die "Update from this synapse version is not available now. You need to wait for the next update."
fi
@ -240,7 +244,7 @@ then
cp ../conf/add_sso_conf.py $final_path
cp ../conf/remove_sso_conf.py $final_path
python $final_path/add_sso_conf.py || echo "Error while sso config, please add '/_matrix' in /etc/ssowat/conf.json.persistent"
python3 $final_path/add_sso_conf.py || echo "Error while sso config, please add '/_matrix' in /etc/ssowat/conf.json.persistent"
#=================================================
# CREATE DEDICATED USER
@ -286,6 +290,11 @@ then
# We get the last version of the synapse_port_db script because an old version could be buggy.
cp ../sources/synapse_port_db /opt/yunohost/matrix-synapse/bin/synapse_port_db
# Fix "PS1: unbound variable" On ARM architecture
PS1=""
cp ../conf/virtualenv_activate $final_path/bin/activate
ynh_replace_string __FINAL_PATH__ $final_path $final_path/bin/activate
# Migrate database (in virtualenv)
source $final_path/bin/activate
/opt/yunohost/matrix-synapse/bin/synapse_port_db --sqlite-database /var/lib/matrix-synapse/homeserver.db \