mirror of
https://github.com/YunoHost-Apps/synapse_ynh.git
synced 2024-09-03 20:26:38 +02:00
Create change-url script
This commit is contained in:
parent
11aabdf5c9
commit
ac7d2bb35b
5 changed files with 152 additions and 4 deletions
|
@ -18,7 +18,7 @@
|
||||||
multi_instance=1
|
multi_instance=1
|
||||||
incorrect_path=0
|
incorrect_path=0
|
||||||
port_already_use=1 (8448)
|
port_already_use=1 (8448)
|
||||||
change_url=0
|
change_url=1
|
||||||
;;; Levels
|
;;; Levels
|
||||||
Level 5=auto
|
Level 5=auto
|
||||||
;;; Upgrade options
|
;;; Upgrade options
|
||||||
|
|
148
scripts/change_url
Normal file
148
scripts/change_url
Normal file
|
@ -0,0 +1,148 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC START
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
# Import common cmd
|
||||||
|
source ./experimental_helper.sh
|
||||||
|
source ./_common.sh
|
||||||
|
|
||||||
|
ynh_script_progression --message="Loading installation settings..."
|
||||||
|
|
||||||
|
# RETRIEVE ARGUMENTS
|
||||||
|
old_domain=$YNH_APP_OLD_DOMAIN
|
||||||
|
domain=$YNH_APP_NEW_DOMAIN
|
||||||
|
path_url=$(ynh_normalize_url_path --path_url $YNH_APP_NEW_PATH)
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
synapse_old_version=$(ynh_app_setting_get --app=$app --key=synapse_version)
|
||||||
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||||
|
port=$(ynh_app_setting_get --app=$app --key=synapse_port)
|
||||||
|
synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
|
||||||
|
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
|
||||||
|
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
|
||||||
|
cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
|
||||||
|
report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
|
||||||
|
allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
|
||||||
|
ynh_print_OFF
|
||||||
|
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
|
||||||
|
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
|
||||||
|
registration_shared_secret=$(ynh_app_setting_get --app=$app --key=registration_shared_secret)
|
||||||
|
form_secret=$(ynh_app_setting_get --app=$app --key=form_secret)
|
||||||
|
macaroon_secret_key=$(ynh_app_setting_get --app=$app --key=macaroon_secret_key)
|
||||||
|
ynh_print_ON
|
||||||
|
|
||||||
|
synapse_user="matrix-$app"
|
||||||
|
synapse_db_name="matrix_$app"
|
||||||
|
synapse_db_user="matrix_$app"
|
||||||
|
upstream_version=$(ynh_app_upstream_version)
|
||||||
|
|
||||||
|
# Check if the new path stay /_matrix if not exit
|
||||||
|
|
||||||
|
if [[ $path_url != "/_matrix" ]]
|
||||||
|
then
|
||||||
|
ynh_die --message "You can't use an other path than '/_matrix'. You can only change the domain."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# We stop the service before to set ynh_clean_setup
|
||||||
|
ynh_systemd_action --service_name=matrix-$app.service --action=stop
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Updating nginx configuration..."
|
||||||
|
|
||||||
|
# MODIFY URL IN NGINX CONF
|
||||||
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
# Change the domain for nginx
|
||||||
|
# Delete file checksum for the old conf file location
|
||||||
|
ynh_delete_file_checksum --file "$nginx_conf_path"
|
||||||
|
mv $nginx_conf_path /etc/nginx/conf.d/$domain.d/$app.conf
|
||||||
|
# Store file checksum for the new config file location
|
||||||
|
ynh_store_file_checksum --file "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
|
# Create .well-known redirection for access by federation
|
||||||
|
if yunohost --output-as plain domain list | grep -q "^$server_name$"
|
||||||
|
then
|
||||||
|
cp ../conf/server_name.conf /etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf
|
||||||
|
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
|
||||||
|
ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
|
||||||
|
ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# UPDATE SYNAPSE CONFIG
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Updating synapse config..." --weight=2
|
||||||
|
|
||||||
|
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
|
||||||
|
# For any update do it in all files
|
||||||
|
|
||||||
|
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
||||||
|
|
||||||
|
ynh_backup_if_checksum_is_different --file="$homeserver_config_path"
|
||||||
|
ynh_backup_if_checksum_is_different --file=/etc/matrix-$app/log.yaml
|
||||||
|
|
||||||
|
cp ../conf/homeserver.yaml "$homeserver_config_path"
|
||||||
|
cp ../conf/log.yaml /etc/matrix-$app/log.yaml
|
||||||
|
|
||||||
|
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__SERVER_NAME__ --replace_string=$server_name --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__SYNAPSE_DB_USER__ --replace_string=$synapse_db_user --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__PORT__ --replace_string=$port --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$synapse_tls_port --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__TURNSERVER_TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__REPORT_STATS__ --replace_string="$report_stats" --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_string --match_string=__ALLOW_PUBLIC_ROOMS__ --replace_string="$allow_public_rooms" --target_file="$homeserver_config_path"
|
||||||
|
ynh_print_OFF
|
||||||
|
ynh_replace_special_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$synapse_db_pwd --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_special_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_special_string --match_string=__REGISTRATION_SECRET__ --replace_string="$registration_shared_secret" --target_file="$homeserver_config_path"
|
||||||
|
ynh_replace_special_string --match_string=__FORM_SECRET__ --replace_string="$form_secret" --target_file="$homeserver_config_path"
|
||||||
|
if [ -n $macaroon_secret_key ]; then
|
||||||
|
# Well, in this package this value was not managed because it was not needed, synapse is able to generate this with some other secret in the config file but after some vulnerability was found with this practice.
|
||||||
|
# For more detail about this issue you can see : https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
|
||||||
|
# The problem is that we can't just say generate a new value if the package has not already defined a value. The reason is that changing this value logout all user. And in case of a user has enabled the encryption, the user might lost all conversation !!
|
||||||
|
# So for the old install we just leave this as it is. And for the new install we use a real macaroon.
|
||||||
|
ynh_replace_special_string --match_string='macaroon_secret_key: "__MACAROON_SECRET_KEY__"' --replace_string='# macaroon_secret_key: "__MACAROON_SECRET_KEY__"' --target_file="$homeserver_config_path"
|
||||||
|
else
|
||||||
|
ynh_replace_special_string --match_string=__MACAROON_SECRET_KEY__ --replace_string="$macaroon_secret_key" --target_file="$homeserver_config_path"
|
||||||
|
fi
|
||||||
|
ynh_print_ON
|
||||||
|
|
||||||
|
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="/etc/matrix-$app/log.yaml"
|
||||||
|
|
||||||
|
if [ "$is_public" = "0" ]
|
||||||
|
then
|
||||||
|
ynh_replace_string --match_string=__ALLOWED_ACCESS__ --replace_string=False --target_file="$homeserver_config_path"
|
||||||
|
else
|
||||||
|
ynh_replace_string --match_string=__ALLOWED_ACCESS__ --replace_string=True --target_file="$homeserver_config_path"
|
||||||
|
fi
|
||||||
|
|
||||||
|
ynh_store_file_checksum --file="$homeserver_config_path"
|
||||||
|
ynh_store_file_checksum --file="/etc/matrix-$app/log.yaml"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD SERVICES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restarting synapse services..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=coturn-$app.service --action=restart
|
||||||
|
ynh_systemd_action --service_name=matrix-$app --action=restart --line_match="Synapse now listening on TCP port $synapse_tls_port" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
|
||||||
|
|
||||||
|
ynh_script_progression --message="Change of URL completed for $app" --last
|
|
@ -88,7 +88,7 @@ apply_config() {
|
||||||
|
|
||||||
# Configure Synapse
|
# Configure Synapse
|
||||||
|
|
||||||
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG (3 times)
|
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
|
||||||
# For any update do it in all files
|
# For any update do it in all files
|
||||||
|
|
||||||
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
||||||
|
|
|
@ -268,7 +268,7 @@ ynh_print_ON
|
||||||
|
|
||||||
# Configure Synapse
|
# Configure Synapse
|
||||||
|
|
||||||
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG (3 times)
|
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
|
||||||
# For any update do it in all files
|
# For any update do it in all files
|
||||||
|
|
||||||
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
||||||
|
|
|
@ -203,7 +203,7 @@ fi
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating synapse config..." --weight=2
|
ynh_script_progression --message="Updating synapse config..." --weight=2
|
||||||
|
|
||||||
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG
|
# WARNING : theses command are used in INSTALL, UPGRADE, CONFIG, CHANGE-URL (4 times)
|
||||||
# For any update do it in all files
|
# For any update do it in all files
|
||||||
|
|
||||||
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
homeserver_config_path="/etc/matrix-$app/homeserver.yaml"
|
||||||
|
|
Loading…
Reference in a new issue