mirror of
https://github.com/YunoHost-Apps/synapse_ynh.git
synced 2024-09-03 20:26:38 +02:00
Add don't prind password in debug logs
This commit is contained in:
Josué Tille
parent
2180249f10
commit
adb96d2e4a
4 changed files with 44 additions and 12 deletions
|
|
@ -138,3 +138,4 @@ __PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/service
|
|||
# Send the email to the recipients
|
||||
cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -135,12 +135,16 @@ adduser turnserver ssl-cert
|
|||
#=================================================
|
||||
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=4
|
||||
|
||||
ynh_print_OFF
|
||||
synapse_db_pwd=$(ynh_string_random --length=30)
|
||||
ynh_app_setting_set --app=$app --key=synapse_db_pwd --value=$synapse_db_pwd
|
||||
ynh_print_ON
|
||||
|
||||
# Create postgresql database
|
||||
ynh_psql_test_if_first_run
|
||||
ynh_print_OFF
|
||||
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
|
||||
ynh_print_ON
|
||||
ynh_psql_execute_as_root \
|
||||
--sql="CREATE DATABASE $synapse_db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $synapse_db_user;"
|
||||
|
||||
|
|
@ -200,12 +204,14 @@ python -m synapse.app.homeserver --keys-directory /etc/matrix-$app/ --generate-c
|
|||
deactivate
|
||||
|
||||
# Get random values from config
|
||||
ynh_print_OFF
|
||||
registration_shared_secret=$(egrep "^registration_shared_secret" homeserver.yml | cut -d'"' -f2)
|
||||
form_secret=$(egrep "^form_secret" homeserver.yml | cut -d'"' -f2)
|
||||
|
||||
# store in yunohost settings
|
||||
ynh_app_setting_set --app=$app --key=registration_shared_secret --value="$registration_shared_secret"
|
||||
ynh_app_setting_set --app=$app --key=form_secret --value="$form_secret"
|
||||
ynh_print_ON
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
|
|
@ -232,8 +238,10 @@ ynh_add_nginx_config
|
|||
ynh_script_progression --message="Configuring synapse..." --weight=2
|
||||
|
||||
# Find password for turnserver and database
|
||||
ynh_print_OFF
|
||||
turnserver_pwd=$(ynh_string_random --length=30)
|
||||
ynh_app_setting_set --app=$app --key=turnserver_pwd --value=$turnserver_pwd
|
||||
ynh_print_ON
|
||||
|
||||
# Configure Synapse
|
||||
|
||||
|
|
@ -248,14 +256,16 @@ cp ../conf/log.yaml /etc/matrix-$app/log.yaml
|
|||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_USER__ --replace_string=$synapse_db_user --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$synapse_db_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__PORT__ --replace_string=$port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$synapse_tls_port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__TURNSERVER_TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__REPORT_STATS__ --replace_string="$report_stats" --target_file="$homeserver_config_path"
|
||||
ynh_print_OFF
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$synapse_db_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_special_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_special_string --match_string=__REGISTRATION_SECRET__ --replace_string="$registration_shared_secret" --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__FORM_SECRET__ --replace_string="$form_secret" --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__REPORT_STATS__ --replace_string="$report_stats" --target_file="$homeserver_config_path"
|
||||
ynh_print_ON
|
||||
|
||||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="/etc/matrix-$app/log.yaml"
|
||||
|
||||
|
|
@ -282,11 +292,13 @@ coturn_config_path="/etc/matrix-$app/coturn.conf"
|
|||
cp ../conf/turnserver.conf "$coturn_config_path"
|
||||
|
||||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
|
||||
ynh_print_OFF
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_print_ON
|
||||
|
||||
# Get public IP and set as external IP for coturn
|
||||
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
|
||||
|
|
|
|||
|
|
@ -32,10 +32,12 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
domain=$(ynh_app_setting_get --app=$app --key=special_domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=special_path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
|
||||
synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
|
||||
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
|
||||
ynh_print_OFF
|
||||
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
|
||||
ynh_print_ON
|
||||
|
||||
#=================================================
|
||||
# SET ALL CONSTANT
|
||||
|
|
@ -99,7 +101,9 @@ adduser turnserver ssl-cert
|
|||
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=13
|
||||
|
||||
ynh_psql_test_if_first_run
|
||||
ynh_print_OFF
|
||||
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
|
||||
ynh_print_ON
|
||||
ynh_psql_execute_as_root \
|
||||
--sql="CREATE DATABASE $synapse_db_name
|
||||
ENCODING 'UTF8'
|
||||
|
|
@ -151,8 +155,10 @@ ynh_script_progression --message="Reconfiguring coturn..." --weight=23
|
|||
# Retrieve specific settings
|
||||
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
|
||||
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
|
||||
cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
|
||||
ynh_print_OFF
|
||||
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
|
||||
ynh_print_ON
|
||||
|
||||
# WARNING : these commands are used in INSTALL, UPGRADE
|
||||
# For any update do it in all files
|
||||
|
|
@ -162,11 +168,13 @@ coturn_config_path="/etc/matrix-$app/coturn.conf"
|
|||
cp ../settings/conf/turnserver.conf "$coturn_config_path"
|
||||
|
||||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
|
||||
ynh_print_OFF
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_print_ON
|
||||
|
||||
# Get public IP and set as external IP for coturn
|
||||
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
|
||||
|
|
|
|||
|
|
@ -21,17 +21,19 @@ domain=$(ynh_app_setting_get --app=$app --key=special_domain)
|
|||
path_url=$(ynh_app_setting_get --app=$app --key=special_path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
synapse_old_version=$(ynh_app_setting_get --app=$app --key=synapse_version)
|
||||
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
|
||||
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||
port=$(ynh_app_setting_get --app=$app --key=synapse_port)
|
||||
synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
|
||||
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
|
||||
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
|
||||
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
|
||||
cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
|
||||
report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
|
||||
ynh_print_OFF
|
||||
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
|
||||
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
|
||||
registration_shared_secret=$(ynh_app_setting_get --app=$app --key=registration_shared_secret)
|
||||
form_secret=$(ynh_app_setting_get --app=$app --key=form_secret)
|
||||
report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
|
||||
ynh_print_ON
|
||||
|
||||
#=================================================
|
||||
# SET ALL CONSTANT
|
||||
|
|
@ -134,8 +136,10 @@ fi
|
|||
# MIGRATION 1 : GENERATE SYNAPSE SECRET
|
||||
#=================================================
|
||||
|
||||
ynh_print_OFF
|
||||
if [ -z "$registration_shared_secret" ]
|
||||
then
|
||||
ynh_print_ON
|
||||
ynh_script_progression --message="Generating synapse secret..." --weight=1
|
||||
|
||||
# Go in virtualenvironnement
|
||||
|
|
@ -149,13 +153,16 @@ then
|
|||
deactivate
|
||||
|
||||
# Get random values from config
|
||||
ynh_print_OFF
|
||||
registration_shared_secret=$(egrep "^registration_shared_secret" homeserver.yml | cut -d'"' -f2)
|
||||
form_secret=$(egrep "^form_secret" homeserver.yml | cut -d'"' -f1)
|
||||
|
||||
# store in yunohost settings
|
||||
ynh_app_setting_set --app=$app --key=registration_shared_secret --value="$registration_shared_secret"
|
||||
ynh_app_setting_set --app=$app --key=form_secret --value="$form_secret"
|
||||
ynh_print_ON
|
||||
fi
|
||||
ynh_print_ON
|
||||
|
||||
#=================================================
|
||||
# UPDATE SYNAPSE CONFIG
|
||||
|
|
@ -176,14 +183,16 @@ cp ../conf/log.yaml /etc/matrix-$app/log.yaml
|
|||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_USER__ --replace_string=$synapse_db_user --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$synapse_db_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__PORT__ --replace_string=$port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$synapse_tls_port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__TURNSERVER_TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__REPORT_STATS__ --replace_string="$report_stats" --target_file="$homeserver_config_path"
|
||||
ynh_print_OFF
|
||||
ynh_replace_string --match_string=__SYNAPSE_DB_PWD__ --replace_string=$synapse_db_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_special_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$homeserver_config_path"
|
||||
ynh_replace_special_string --match_string=__REGISTRATION_SECRET__ --replace_string="$registration_shared_secret" --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__FORM_SECRET__ --replace_string="$form_secret" --target_file="$homeserver_config_path"
|
||||
ynh_replace_string --match_string=__REPORT_STATS__ --replace_string="$report_stats" --target_file="$homeserver_config_path"
|
||||
ynh_print_ON
|
||||
|
||||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="/etc/matrix-$app/log.yaml"
|
||||
|
||||
|
|
@ -287,11 +296,13 @@ coturn_config_path="/etc/matrix-$app/coturn.conf"
|
|||
cp ../conf/turnserver.conf "$coturn_config_path"
|
||||
|
||||
ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
|
||||
ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
|
||||
ynh_print_OFF
|
||||
ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
|
||||
ynh_print_ON
|
||||
|
||||
# Get public IP and set as external IP for coturn
|
||||
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue