From ae2b8366fa6476e48c8668726f7ebe5535d0b277 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Fri, 3 Aug 2018 16:06:29 +0200 Subject: [PATCH 1/7] Create config panel --- actions.json | 20 ++++++++++++++ config_panel.json | 33 ++++++++++++++++++++++++ scripts/config | 66 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 119 insertions(+) create mode 100644 actions.json create mode 100644 config_panel.json create mode 100644 scripts/config diff --git a/actions.json b/actions.json new file mode 100644 index 0000000..33eb397 --- /dev/null +++ b/actions.json @@ -0,0 +1,20 @@ +[{ + "id": "update_turnserver_ip", + "name": "Update turnserver ip", + "command": "/opt/yunohost/matrix-$YNH_APP_ID/Coturn_config_rotate.sh", + "user": "root", + "accepted_return_codes": [0], + "description": { + "en": "Update the ip in the turnserver config" + } +}, +{ + "id": "open_turnserver_firewall_ports", + "name": "Open ports for turnserver", + "command": "yunohost firewall allow Both 49153:49193", + "user": "root", + "accepted_return_codes": [0], + "description": { + "en": "Open the ports range 49153:49193 with TCP and UDP to be able to use correctly the turnserver." + } +}] \ No newline at end of file diff --git a/config_panel.json b/config_panel.json new file mode 100644 index 0000000..b3e1665 --- /dev/null +++ b/config_panel.json @@ -0,0 +1,33 @@ +{ + "name": "Synapse configuration panel", + "version": "0.1", + "panel": [{ + "name": "Synapse config", + "id": "synapse_config", + "sections": [{ + "name": "Synapse server configuration", + "id": "server_config", + "options": [{ + "name": "Server statistics", + "id": "server_statistics", + "type": "bool", + "help": "True to send anonymous statistics about synapse to improve the performances", + "default": false + }] + }] + },{ + "name": "Package config", + "id": "package_config", + "sections": [{ + "name": "Synapse server configuration", + "id": "package_config", + "options": [{ + "name": "Backup before upgrade", + "id": "backup_before_upgrade", + "type": "bool", + "help": "True to do a backup before every upgrade", + "default": false + }] + }] + }] +} \ No newline at end of file diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..abcdd2f --- /dev/null +++ b/scripts/config @@ -0,0 +1,66 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source /usr/share/yunohost/helpers + +# Stop script if errors +ynh_abort_if_errors + +# Import common fonctions +source ./psql.sh +source ./experimental_helper.sh +source ./_common.sh + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=$YNH_APP_ID + +#================================================= +# SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND +#================================================= + +show_config() { + # here you are supposed to read some config file/database/other then print the values + # echo "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + echo "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS=$(ynh_app_setting_get $app report_stats)" + + backup_before_upgrade=$(ynh_app_setting_get $app disable_backup_before_upgrade) + if [[ ${backup_before_upgrade:-0} -eq 1 ]] + then + echo "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=False" + else + echo "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=True" + fi +} + +#================================================= +# MODIFY THE CONFIGURATION +#================================================= + +apply_config() { + ynh_app_setting_set $app report_stats $YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS + + if ${YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE,,} + then + ynh_app_setting_set $app disable_backup_before_upgrade 0 + else + ynh_app_setting_set $app disable_backup_before_upgrade 1 + fi +} + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT +#================================================= +case $1 in + show) show_config;; + apply) apply_config;; +esac \ No newline at end of file From d7a7dfcd858378ea1d09e3a5a8c8bd78f4a3ed3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sun, 5 Aug 2018 21:09:13 +0200 Subject: [PATCH 2/7] Update homeserver config in apply_config --- scripts/config | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config b/scripts/config index abcdd2f..92dae58 100644 --- a/scripts/config +++ b/scripts/config @@ -46,6 +46,7 @@ show_config() { apply_config() { ynh_app_setting_set $app report_stats $YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS + ynh_replace_string 'report_stats: .*$' "report_stats: $YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS" "/etc/matrix-$app/homeserver.yaml" if ${YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE,,} then From 28eb7da9fce68f4b7cf3054f883d1672b82ded66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Mon, 27 Aug 2018 21:08:26 +0200 Subject: [PATCH 3/7] Remplace APP_ID by APP_INSTANCE_NAME --- actions.json | 4 ++-- scripts/config | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/actions.json b/actions.json index 33eb397..912e752 100644 --- a/actions.json +++ b/actions.json @@ -1,7 +1,7 @@ [{ "id": "update_turnserver_ip", "name": "Update turnserver ip", - "command": "/opt/yunohost/matrix-$YNH_APP_ID/Coturn_config_rotate.sh", + "command": "/opt/yunohost/matrix-$YNH_APP_INSTANCE_NAME/Coturn_config_rotate.sh", "user": "root", "accepted_return_codes": [0], "description": { @@ -17,4 +17,4 @@ "description": { "en": "Open the ports range 49153:49193 with TCP and UDP to be able to use correctly the turnserver." } -}] \ No newline at end of file +}] diff --git a/scripts/config b/scripts/config index 92dae58..54bed21 100644 --- a/scripts/config +++ b/scripts/config @@ -20,7 +20,7 @@ source ./_common.sh # RETRIEVE ARGUMENTS #================================================= -app=$YNH_APP_ID +app=$YNH_APP_INSTANCE_NAME #================================================= # SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND @@ -64,4 +64,4 @@ apply_config() { case $1 in show) show_config;; apply) apply_config;; -esac \ No newline at end of file +esac From 73b44d5fc539ce06cf9661bfeafdc535a2ce567a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Thu, 30 Aug 2018 18:33:24 +0200 Subject: [PATCH 4/7] Add action to close turnserver ports --- actions.json | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/actions.json b/actions.json index 912e752..4a9cdb4 100644 --- a/actions.json +++ b/actions.json @@ -7,8 +7,7 @@ "description": { "en": "Update the ip in the turnserver config" } -}, -{ +},{ "id": "open_turnserver_firewall_ports", "name": "Open ports for turnserver", "command": "yunohost firewall allow Both 49153:49193", @@ -17,4 +16,13 @@ "description": { "en": "Open the ports range 49153:49193 with TCP and UDP to be able to use correctly the turnserver." } +},{ + "id": "close_turnserver_firewall_ports", + "name": "Close ports for turnserver", + "command": "yunohost firewall disallow Both 49153:49193", + "user": "root", + "accepted_return_codes": [0], + "description": { + "en": "Close the ports range 49153:49193 with TCP and UDP. (Undo \"Open ports for turnserver\" action)" + } }] From 8193e46b963e16106d359c2cdb5ed3181bfbe2a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Thu, 30 Aug 2018 18:34:56 +0200 Subject: [PATCH 5/7] Change default value in config panel --- config_panel.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config_panel.json b/config_panel.json index b3e1665..788acc0 100644 --- a/config_panel.json +++ b/config_panel.json @@ -26,8 +26,8 @@ "id": "backup_before_upgrade", "type": "bool", "help": "True to do a backup before every upgrade", - "default": false + "default": true }] }] }] -} \ No newline at end of file +} From dcd2952357dd7f49c779c4d25f63c4fe83b556b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Fri, 8 Feb 2019 15:50:30 +0100 Subject: [PATCH 6/7] Add possibility to set a user as admin --- actions.json | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/actions.json b/actions.json index 4a9cdb4..a7a05e7 100644 --- a/actions.json +++ b/actions.json @@ -25,4 +25,23 @@ "description": { "en": "Close the ports range 49153:49193 with TCP and UDP. (Undo \"Open ports for turnserver\" action)" } +},{ + "id": "set_admin_user", + "name": "Set a user as admin", + "command": "[[ \"$(su --command=\"psql matrix_synapse\" postgres <<< \"UPDATE users SET admin = 1 WHERE name = '@$YNH_ACTION_USERNAME:$(yunohost app setting $YNH_APP_INSTANCE_NAME special_domain)'\")\" == 'UPDATE 1' ]]", + "user": "root", + "accepted_return_codes": [0], + "description": { + "en": "Set a synapse user as admin in the synapse server. It probably usefull only to manage the community function." + }, + "arguments": [ + { + "name": "username", + "type": "string", + "ask": { + "en": "username of the user to set as admin" + }, + "example": "bob" + } + ] }] From 347a4dab379c59fcf102e446dff40518377b5d11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Fri, 8 Feb 2019 20:01:35 +0100 Subject: [PATCH 7/7] Add public switch in config pannel --- config_panel.json | 6 +++++ scripts/config | 65 ++++++++++++++++++++++++++++++++++++++++++++++- scripts/install | 2 +- scripts/upgrade | 5 +++- 4 files changed, 75 insertions(+), 3 deletions(-) diff --git a/config_panel.json b/config_panel.json index 788acc0..0b02983 100644 --- a/config_panel.json +++ b/config_panel.json @@ -13,6 +13,12 @@ "type": "bool", "help": "True to send anonymous statistics about synapse to improve the performances", "default": false + },{ + "name": "Server public", + "id": "is_public", + "type": "bool", + "help": "Is it a public server", + "default": false }] }] },{ diff --git a/scripts/config b/scripts/config index 54bed21..ea60910 100644 --- a/scripts/config +++ b/scripts/config @@ -38,6 +38,13 @@ show_config() { else echo "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=True" fi + is_public=$(ynh_app_setting_get $app is_public) + if [[ ${is_public} -eq 1 ]] + then + echo "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC=False" + else + echo "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC=True" + fi } #================================================= @@ -46,7 +53,6 @@ show_config() { apply_config() { ynh_app_setting_set $app report_stats $YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS - ynh_replace_string 'report_stats: .*$' "report_stats: $YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_SERVER_STATISTICS" "/etc/matrix-$app/homeserver.yaml" if ${YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE,,} then @@ -54,6 +60,63 @@ apply_config() { else ynh_app_setting_set $app disable_backup_before_upgrade 1 fi + + if ${YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC,,} + then + ynh_app_setting_set $app is_public 1 + else + ynh_app_setting_set $app is_public 0 + fi + + domain=$(ynh_app_setting_get $app special_domain) + synapse_db_pwd=$(ynh_app_setting_get $app synapse_db_pwd) + is_public=$(ynh_app_setting_get $app is_public) + port=$(ynh_app_setting_get $app synapse_port) + synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port) + turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port) + turnserver_pwd=$(ynh_app_setting_get $app turnserver_pwd) + registration_shared_secret=$(ynh_app_setting_get $app registration_shared_secret) + form_secret=$(ynh_app_setting_get $app form_secret) + report_stats=$(ynh_app_setting_get $app report_stats) + synapse_user="matrix-$app" + synapse_db_name="matrix_$app" + synapse_db_user="matrix_$app" + + # Configure Synapse + + # WARNING : theses command are used in INSTALL, UPGRADE, CONFIG (3 times) + # For any update do it in all files + + homeserver_config_path="/etc/matrix-$app/homeserver.yaml" + + ynh_backup_if_checksum_is_different "$homeserver_config_path" + + cp ../conf/homeserver.yaml "$homeserver_config_path" + cp ../conf/log.yaml /etc/matrix-$app/log.yaml + + ynh_replace_string __APP__ $app "$homeserver_config_path" + ynh_replace_string __DOMAIN__ $domain "$homeserver_config_path" + ynh_replace_string __SYNAPSE_DB_USER__ $synapse_db_user "$homeserver_config_path" + ynh_replace_string __SYNAPSE_DB_PWD__ $synapse_db_pwd "$homeserver_config_path" + ynh_replace_string __PORT__ $port "$homeserver_config_path" + ynh_replace_string __TLS_PORT__ $synapse_tls_port "$homeserver_config_path" + ynh_replace_string __TURNSERVER_TLS_PORT__ $turnserver_tls_port "$homeserver_config_path" + ynh_replace_string __TURNPWD__ $turnserver_pwd "$homeserver_config_path" + ynh_replace_string __REGISTRATION_SECRET__ "$registration_shared_secret" "$homeserver_config_path" + ynh_replace_string __FORM_SECRET__ "$form_secret" "$homeserver_config_path" + ynh_replace_string __REPORT_STATS__ "$report_stats" "$homeserver_config_path" + + if [ "$is_public" = "0" ] + then + ynh_replace_string __ALLOWED_ACCESS__ False "$homeserver_config_path" + else + ynh_replace_string __ALLOWED_ACCESS__ True "$homeserver_config_path" + fi + + ynh_store_file_checksum "$homeserver_config_path" + setfacl -R -m user:turnserver:rX /etc/matrix-$app + + systemctl restart matrix-$app } #================================================= diff --git a/scripts/install b/scripts/install index 0ee8895..01dda53 100644 --- a/scripts/install +++ b/scripts/install @@ -208,7 +208,7 @@ ynh_app_setting_set $app turnserver_pwd $turnserver_pwd # Configure Synapse -# WARNING : theses command are used in INSTALL, UPGRADE (2 times) +# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG (3 times) # For any update do it in all files homeserver_config_path="/etc/matrix-$app/homeserver.yaml" diff --git a/scripts/upgrade b/scripts/upgrade index 1c4912b..50015b6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -151,11 +151,14 @@ fi # UPDATE SYNAPSE CONFIG #================================================= -# WARNING : theses command are used in INSTALL, UPGRADE +# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG # For any update do it in all files homeserver_config_path="/etc/matrix-$app/homeserver.yaml" +ynh_backup_if_checksum_is_different "$homeserver_config_path" +ynh_backup_if_checksum_is_different /etc/matrix-$app/log.yaml + cp ../conf/homeserver.yaml "$homeserver_config_path" cp ../conf/log.yaml /etc/matrix-$app/log.yaml