YunoHost-Apps/synapse_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Code Issues Activity Actions

imrove config panel

Browse source
This commit is contained in:
Gredin 67 2023-01-06 14:38:14 +01:00
parent 77aeaae751
commit cbebfa9557
5 changed files with 332 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
conf/homeserver.yaml
View file

@ -50,7 +50,7 @@ pid_file: /run/matrix-__APP__/homeserver.pid
# The absolute URL to the web client which / will redirect to.
#
#web_client_location: https://riot.example.com/
web_client_location: __ELEMENT_YNH_URL__
# The public-facing base URL that clients use to access this Homeserver (not
# including _matrix/...). This is the same URL a user might enter into the
@ -122,12 +122,12 @@ presence:
# public rooms directory through the client API, meaning that anyone can
# query the room directory. Defaults to 'false'.
#
allow_public_rooms_without_auth: __ALLOW_PUBLIC_ROOMS__
allow_public_rooms_without_auth: __ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH__
# If set to 'true', allows any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'false'.
#
allow_public_rooms_over_federation: __ALLOW_PUBLIC_ROOMS__
allow_public_rooms_over_federation: __ALLOW_PUBLIC_ROOMS_OVER_FEDERATION__
# The default room version for newly created rooms.
#
@ -1278,12 +1278,12 @@ registrations_require_3pid:
# Explicitly disable asking for MSISDNs from the registration
# flow (overrides registrations_require_3pid if MSISDNs are set as required)
#
#disable_msisdn_registration: true
disable_msisdn_registration: __DISABLE_MSISDN_REGISTRATION__
# Mandate that users are only allowed to associate certain formats of
# 3PIDs with accounts on this server.
#
#allowed_local_3pids:
allowed_local_3pids:
# - medium: email
# pattern: '^[^@]+@matrix\.org$'
# - medium: email
@ -1327,7 +1327,7 @@ registration_shared_secret: "__REGISTRATION_SHARED_SECRET__"
# participate in rooms hosted on this server which have been made
# accessible to anonymous users.
#
#allow_guest_access: false
allow_guest_access: __ALLOW_GUEST_ACCESS__
# The identity server which we suggest that clients should use when users log
# in on this server.
@ -1335,7 +1335,7 @@ registration_shared_secret: "__REGISTRATION_SHARED_SECRET__"
# (By default, no suggestion is made, so it is left up to the client.
# This setting is ignored unless public_baseurl is also explicitly set.)
#
#default_identity_server: https://matrix.org
default_identity_server: __DEFAULT_IDENTITY_SERVER__
# Handle threepid (email/phone etc) registration and password resets through a set of
# *trusted* identity servers. Note that this allows the configured identity server to
@ -1394,7 +1394,7 @@ account_threepid_delegates:
# If the room already exists, make certain it is a publicly joinable
# room. The join rule of the room must be set to 'public'.
#
#auto_join_rooms:
auto_join_rooms:
# - "#example:example.com"
# Where auto_join_rooms are specified, setting this flag ensures that the
@ -1462,7 +1462,7 @@ account_threepid_delegates:
#
# Defaults to true.
#
#auto_join_rooms_for_guests: false
auto_join_rooms_for_guests: __AUTO_JOIN_ROOMS_FOR_GUESTS__
# Whether to inhibit errors raised when registering a new account if the user ID
# already exists. If turned on, that requests to /register/available will always
@ -2167,7 +2167,7 @@ __DOMAIN_WHITELIST_CLIENT__
password_config:
# Uncomment to disable password login
#
#enabled: false
enabled: __PASSWORD_ENABLED__
# Uncomment to disable authentication against the local password
# database. This is ignored if `enabled` is false, and is only useful
@ -2307,12 +2307,12 @@ email:
# Uncomment the following to enable sending emails for messages that the user
# has missed. Disabled by default.
#
enable_notifs: true
enable_notifs: __ENABLE_NOTIFS__
# Uncomment the following to disable automatic subscription to email
# notifications for new users. Enabled by default.
#
#notif_for_new_users: false
notif_for_new_users: __NOTIF_FOR_NEW_USERS__
# Custom URL for client links within the email notifications. By default
# links will be based on "https://matrix.to".
@ -2320,7 +2320,7 @@ email:
# (This setting used to be called riot_base_url; the old name is still
# supported for backwards-compatibility but is now deprecated.)
#
#client_base_url: "http://localhost/riot"
client_base_url: __ELEMENT_YNH_URL__
# Configure the time that a validation email will expire after sending.
# Defaults to 1h.
@ -2331,7 +2331,7 @@ email:
# to the identity server as the org.matrix.web_client_location key. Defaults
# to unset, giving no guidance to the identity server.
#
#invite_client_location: https://app.element.io
invite_client_location: __ELEMENT_YNH_URL__
# Subjects to use when sending emails from Synapse.
#
@ -2450,12 +2450,12 @@ push:
# Note that this option will only affect rooms created after it is set. It
# will also not affect rooms created by other servers.
#
#encryption_enabled_by_default_for_room_type: invite
encryption_enabled_by_default_for_room_type: __E2E_ENABLED_BY_DEFAULT__
# Uncomment to allow non-server-admin users to create groups on this server
#
enable_group_creation: true
enable_group_creation: __ENABLE_GROUP_CREATION__
# If enabled, non server admins can only create groups with local parts
# starting with this prefix

185
config_panel.toml Normal file
View file

@ -0,0 +1,185 @@
version = "1.0"
[homeserver]
name = "Synapse Homeserver"
services = ["__APP__"]
[homeserver.config]
name = "Configuration Options"
[homeserver.config.server_statistics]
ask = "Server statistics"
type = "boolean"
yes = true
no = false
help = "Set to 'true' to send anonymous statistics to Synapse to improve performance."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration]
name = "Homeserver Registration"
[homeserver.registration.turn_allow_guests]
ask = "Should guests be allowed to use the TURN server?"
type = "boolean"
yes = true
no = false
help = "This defaults to True, otherwise VoIP will be unreliable for guests. However, it does introduce a slight security risk as it allows users to connect to arbitrary endpoints without having first signed up for a valid account (e.g. by passing a CAPTCHA)."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration.enable_registration]
ask = "Enable Registration for new users."
type = "boolean"
yes = true
no = false
help = "Defaults to 'false'. If 'true', it is highly recommended to use either captcha, email, or token-based verification to avoid SPAM."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration.registrations_require_3pid]
ask = "Register only with all below types of 3PID."
type = "string"
help = "Defaults to: '- email'. Phone number: '- msisdn'"
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration.disable_msisdn_registration]
ask = "Disable asking Phone Number in Registration flow."
type = "boolean"
yes = true
no = false
help = "Overrides above setting if MSISDNs are set as required."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration.allowed_local_3pids]
ask = "Register only with given formats of 3PIDs."
type = "string"
help = '''
allowed_local_3pids:
- medium: email - medium: email
pattern: '^[^@]+@matrix\.org$'
- medium: msisdn
pattern: '\+33'
'''
[homeserver.registration.registration_shared_secret]
ask = "Shared Secret for Registration."
type = "string"
help = "Allows registration of standard or admin accounts, even if Registration disabled."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.registration.allow_guest_access]
ask = "Allow Users to Register as Guests?"
type = "boolean"
yes = true
no = false
help = "Guests can participate on this server in rooms with guest access enabled, without a password/email/etc."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.privacy]
name = "Data Privacy"
[homeserver.privacy.default_identity_server]
ask = "Identity server suggested to clients."
type = "string"
help = "By default, no suggestion is made, so it is left up to the client."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.privacy.allow_public_rooms_without_auth]
ask = "Public rooms directory"
type = "boolean"
yes = true
no = false
help = "If set to 'false', requires authentication to access the server's public rooms directory through the client API and forbids any other homeserver to fetch the server's public rooms directory via federation."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[homeserver.privacy.allow_public_rooms_over_federation]
ask = "Public rooms directory"
type = "boolean"
yes = true
no = false
help = "If set to 'false', requires authentication to access the server's public rooms directory through the client API and forbids any other homeserver to fetch the server's public rooms directory via federation."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client]
name = "Matrix Client"
services = ["__APP__"]
[client.welcome]
name = "Welcome User Experience"
[client.welcome.auto_join_rooms]
ask = "Auto Join new Users in following Rooms."
type = "string"
default = '#example:example.com'
help = "Room should be public. If not existing, will be created as public and federated by default. Can be customised with the settings autocreate_auto_join_rooms."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.welcome.auto_join_rooms_for_guests]
ask = "Enable Auto Join Room for Guests?"
type = "boolean"
yes = true
no = false
help = "Defaults to 'true'."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.welcome.password_enabled]
ask = "Enable Password Login?"
type = "boolean"
yes = true
no = false
help = "Defaults to 'true'."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.welcome.enable_notifs]
ask = "Enable sending emails for messages the user missed?"
type = "boolean"
yes = true
no = false
help = "Defaults to 'false'."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.welcome.notif_for_new_users]
ask = "Enable email notifications for new users?"
type = "boolean"
yes = true
no = false
help = "Defaults to 'true'."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.experience]
name = "User Experience"
[client.experience.element_ynh_url]
ask = "URL of the Default Element Instance."
type = "string"
default = '#example:example.com'
help = "URL for web client links within the email notifications (client_base_url) AND to direct users to during an invite (invite_client_location) AND to which / will redirect to (web_client_location)"
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.experience.enable_group_creation]
ask = "Allow non-server-admin Users to create Spaces?"
type = "boolean"
yes = true
no = false
help = "Defaults to 'false'."
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.experience.e2e_enabled_by_default]
ask = "End-to-End Encryption by default for locally-created Rooms"
type = "select"
choices = ["all", "invite", "off"]
help = '''
* "all": any locally-created room
* "invite": any room created with the "private_chat" or "trusted_private_chat" room creation presets
* "off": this option will take no effect
'''
bind = ":/etc/matrix-__APP__/homeserver.yaml"
[client.package_config]
name = "Package configuration"
[client.package_config.backup_before_upgrade]
ask = "Backup before upgrade"
type = "boolean"
yes = true
no = false
help = "Set to 'true' to back up before each upgrade."
bind = ":/etc/matrix-__APP__/homeserver.yaml"

54
config_panel.toml.example
View file

@ -1,54 +0,0 @@
version = "1.0"
[main]
name = "Synapse configuration"
[main.config]
name = "Configuration Options"
[main.config.server_statistics]
ask = "Server statistics"
type = "boolean"
yes = true
no = false
help = "Set to 'true' to send anonymous statistics to Synapse to improve performance."
[main.config.is_free_registration]
ask = "Free registration"
type = "boolean"
yes = true
no = false
help = "A public server means that anybody will be able to register on this server."
[main.config.allow_public_rooms]
ask = "Public rooms directory"
type = "boolean"
yes = true
no = false
help = "If set to 'false', requires authentication to access the server's public rooms directory through the client API and forbids any other homeserver to fetch the server's public rooms directory via federation."
[main.client_config]
name = "Matrix client configuration"
[main.client_config.jitsi_server]
ask = "Jitsi server address"
type = "string"
default = 'jitsi.riot.im'
help = "Jitsi server address for the conference. Note that this is only for conferences in rooms with more than 2 people. With 2 people, the stun/turn server is used."
[main.client_config.e2e_enabled_by_default]
ask = "End to end encryption by default for direct messages"
type = "boolean"
yes = true
no = false
help = "By default, Element will create encrypted DM rooms if the user you are chatting with has keys uploaded on their account. For private room creation, Element will default to encryption on but give you can disable this settings here."
[main.package_config]
name = "Package configuration"
[main.package_config.backup_before_upgrade]
ask = "Backup before upgrade"
type = "boolean"
yes = true
no = false
help = "Set to 'true' to back up before each upgrade."

40
scripts/install
View file

@ -33,7 +33,6 @@ synapse_db_user="matrix_$app"
synapse_db_name="matrix_$app"
upstream_version=$(ynh_app_upstream_version)
report_stats="false"
allow_public_rooms="false"
e2e_enabled_by_default="true"
default_domain_value="Same than the domain"
domain_whitelist_client=$(get_domain_list)
@ -45,7 +44,6 @@ domain_whitelist_client=$(get_domain_list)
domain=$YNH_APP_ARG_DOMAIN
server_name=$YNH_APP_ARG_SERVER_NAME
is_free_registration=$YNH_APP_ARG_IS_FREE_REGISTRATION
jitsi_server=$YNH_APP_ARG_JITSI_SERVER
path_url="/_matrix"
final_path="/opt/yunohost/matrix-$app"
final_www_path="/var/www/$app"
@ -56,6 +54,11 @@ if [[ "$server_name" == "$default_domain_value" ]]; then
server_name=$domain
fi
# Get app name of first Element Instance (can be changed later in Config Panel)
element_instance="element"
element_domain=$(ynh_app_setting_get --app $element_instance --key domain)
element_path=$(ynh_app_setting_get --app $element_instance --key path)
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
@ -80,7 +83,6 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=no_sso --value true
ynh_app_setting_set --app=$app --key=server_name --value=$server_name
ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=synapse_version --value=$upstream_version
ynh_app_setting_set --app=$app --key=is_free_registration --value=$is_free_registration
@ -89,6 +91,38 @@ ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_ro
ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
ynh_app_setting_set --app=$app --key=synapse_user_app_pwd --value=$synapse_user_app_pwd
#=================================================
## SET STANDARD SETTINGS FROM DEFAULT CONFIG
#=================================================
element_ynh_url=element_domain+element_path
allow_public_rooms_without_auth="false"
allow_public_rooms_over_federation="false"
disable_msisdn_registration="true"
allowed_local_3pids=""
allow_guest_access="false"
default_identity_server="https://matrix.org"
auto_join_rooms=""
auto_join_rooms_for_guests="true"
password_enabled="true"
enable_notifs="true"
notif_for_new_users="true"
enable_group_creation="true"
ynh_app_setting_set --app=$app --key=element_ynh_url --value=$element_ynh_url
ynh_app_setting_set --app=$app --key=allow_public_rooms_without_auth --value=$allow_public_rooms_without_auth
ynh_app_setting_set --app=$app --key=allow_public_rooms_over_federation --value=$allow_public_rooms_over_federation
ynh_app_setting_set --app=$app --key=disable_msisdn_registration --value=$disable_msisdn_registration
ynh_app_setting_set --app=$app --key=allowed_local_3pids --value=$allowed_local_3pids
ynh_app_setting_set --app=$app --key=allow_guest_access --value=$allow_guest_access
ynh_app_setting_set --app=$app --key=default_identity_server --value=$default_identity_server
ynh_app_setting_set --app=$app --key=auto_join_rooms --value=$auto_join_rooms
ynh_app_setting_set --app=$app --key=auto_join_rooms_for_guests --value=$auto_join_rooms_for_guests
ynh_app_setting_set --app=$app --key=password_enabled --value=$password_enabled
ynh_app_setting_set --app=$app --key=enable_notifs --value=$enable_notifs
ynh_app_setting_set --app=$app --key=notif_for_new_users --value=$notif_for_new_users
ynh_app_setting_set --app=$app --key=enable_group_creation --value=$enable_group_creation
#=================================================
# STANDARD MODIFICATIONS
#=================================================

95
scripts/upgrade
View file

@ -33,7 +33,6 @@ turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default)
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
@ -58,6 +57,23 @@ upgrade_type=$(ynh_check_app_version_changed)
final_www_path="/var/www/$app"
data_path="/home/yunohost.app/matrix-$app"
#=================================================
# GET CONFIG PANEL SETTINGS
#=================================================
element_ynh_url=$(ynh_app_setting_get --app=$app --key=element_ynh_url)
allow_public_rooms_without_auth=$(ynh_app_setting_get --app=$app --key=allow_public_rooms_without_auth)
allow_public_rooms_over_federation=$(ynh_app_setting_get --app=$app --key=allow_public_rooms_over_federation)
disable_msisdn_registration=$(ynh_app_setting_get --app=$app --key=disable_msisdn_registration)
allowed_local_3pids=$(ynh_app_setting_get --app=$app --key=allowed_local_3pids)
allow_guest_access=$(ynh_app_setting_get --app=$app --key=allow_guest_access)
default_identity_server=$(ynh_app_setting_get --app=$app --key=default_identity_server)
auto_join_rooms=$(ynh_app_setting_get --app=$app --key=auto_join_rooms)
auto_join_rooms_for_guests=$(ynh_app_setting_get --app=$app --key=auto_join_rooms_for_guests)
password_enabled=$(ynh_app_setting_get --app=$app --key=password_enabled)
enable_notifs=$(ynh_app_setting_get --app=$app --key=enable_notifs)
notif_for_new_users=$(ynh_app_setting_get --app=$app --key=notif_for_new_users)
enable_group_creation=$(ynh_app_setting_get --app=$app --key=enable_group_creation)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
@ -162,6 +178,83 @@ if ! grep -q "$final_path" /etc/passwd; then
sed --in-place -r "s@matrix-$app\:x\:([[:digit:]]+\:[[:digit:]]+)\:\:/.*/matrix-$app\:/usr/sbin/nologin@matrix-$app\:x\:\1\:\:$final_path\:/usr/sbin/nologin@g" /etc/passwd
fi
# MIGRATION 7 : Working config panel v1
#=================================================
allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
# Get app name of first Element Instance
element_instance="element"
element_domain=$(ynh_app_setting_get --app $element_instance --key domain)
element_path=$(ynh_app_setting_get --app $element_instance --key path)
# SET STANDARD SETTINGS FROM DEFAULT CONFIG
if [ -z "$element_ynh_url" ]
then
element_ynh_url=element_domain+element_path
ynh_app_setting_set --app=$app --key=element_ynh_url --value=$element_ynh_url
fi
if [ -z "$allow_public_rooms_without_auth" ]
then
allow_public_rooms_without_auth=allow_public_rooms
ynh_app_setting_set --app=$app --key=allow_public_rooms_without_auth --value=$allow_public_rooms_without_auth
fi
if [ -z "$allow_public_rooms_over_federation" ]
then
allow_public_rooms_over_federation=allow_public_rooms
ynh_app_setting_set --app=$app --key=allow_public_rooms_over_federation --value=$allow_public_rooms_over_federation
fi
if [ -z "$disable_msisdn_registration" ]
then
disable_msisdn_registration="true"
ynh_app_setting_set --app=$app --key=disable_msisdn_registration --value=$disable_msisdn_registration
fi
if [ -z "$allowed_local_3pids" ]
then
allowed_local_3pids=""
ynh_app_setting_set --app=$app --key=allowed_local_3pids --value=$allowed_local_3pids
fi
if [ -z "$allow_guest_access" ]
then
allow_guest_access="false"
ynh_app_setting_set --app=$app --key=allow_guest_access --value=$allow_guest_access
fi
if [ -z "$default_identity_server" ]
then
default_identity_server="https://matrix.org"
ynh_app_setting_set --app=$app --key=default_identity_server --value=$default_identity_server
fi
if [ -z "$auto_join_rooms" ]
then
auto_join_rooms=""
ynh_app_setting_set --app=$app --key=auto_join_rooms --value=$auto_join_rooms
fi
if [ -z "$auto_join_rooms_for_guests" ]
then
auto_join_rooms_for_guests="true"
ynh_app_setting_set --app=$app --key=auto_join_rooms_for_guests --value=$auto_join_rooms_for_guests
fi
if [ -z "$password_enabled" ]
then
password_enabled="true"
ynh_app_setting_set --app=$app --key=password_enabled --value=$password_enabled
fi
if [ -z "$enable_notifs" ]
then
enable_notifs="true"
ynh_app_setting_set --app=$app --key=enable_notifs --value=$enable_notifs
fi
if [ -z "$notif_for_new_users" ]
then
notif_for_new_users="true"
ynh_app_setting_set --app=$app --key=notif_for_new_users --value=$notif_for_new_users
fi
if [ -z "$enable_group_creation" ]
then
enable_group_creation="true"
ynh_app_setting_set --app=$app --key=enable_group_creation --value=$enable_group_creation
fi
#=================================================
# INSTALL DEPENDENCIES
#=================================================