From ce99168ba379d448add8174efc643d269ebdbfac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josu=C3=A9=20Tille?= <josue@tille.ch>
Date: Sat, 12 Dec 2020 15:38:13 +0100
Subject: [PATCH] Add ability to disable e2e encryption by default for DM

---
 conf/server_name.conf |  3 ++-
 config_panel.toml     |  8 +++++++-
 scripts/change_url    |  3 +++
 scripts/config        | 15 +++++++++++++--
 scripts/install       |  3 +++
 scripts/upgrade       |  8 ++++++++
 6 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/conf/server_name.conf b/conf/server_name.conf
index 4555203..783927b 100644
--- a/conf/server_name.conf
+++ b/conf/server_name.conf
@@ -7,7 +7,8 @@ location /.well-known/matrix/server {
 location /.well-known/matrix/client {
     return 200 '{
         "m.homeserver": { "base_url": "https://__DOMAIN__" },
-        "im.vector.riot.jitsi": {"preferredDomain": "__JITSI_SERVER_ADDR__"}
+        "im.vector.riot.jitsi": {"preferredDomain": "__JITSI_SERVER_ADDR__"},
+        "im.vector.riot.e2ee": {"default": __E2E_ENABLED_BY_DEFAULT__ }
     }';
     add_header Content-Type application/json;
     add_header Access-Control-Allow-Origin '*';
diff --git a/config_panel.toml b/config_panel.toml
index a5c37e3..aeff9ab 100644
--- a/config_panel.toml
+++ b/config_panel.toml
@@ -33,12 +33,18 @@ name = "Synapse configuration"
         type = "string"
         default = 'jitsi.riot.im'
         help = "Address of the Jitsi server for conference. Note that it's only for conference in rooms with more than 2 person. With 2 person the stun/turn server is used."
+        
+        [synapse_config.client_config.e2e_enabled_by_default]
+        ask = "End to end encryption by default for direct messages"
+        type = "boolean"
+        default = true
+        help = "By default, Element will create encrypted DM rooms if the user you are chatting with has keys uploaded on their account. For private room creation, Element will default to encryption on but give you can disable this settings here."
 
 [package_config]
 name = "Package configuration"
 
     [package_config.package_config]
-    name = "Synapse server configuration"
+    name = "Upgrade"
 
         [package_config.package_config.backup_before_upgrade]
         ask = "Backup before upgrade"
diff --git a/scripts/change_url b/scripts/change_url
index cbd5146..51fde8e 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -25,6 +25,7 @@ app=$YNH_APP_INSTANCE_NAME
 server_name=$(ynh_app_setting_get --app=$app --key=server_name)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 synapse_old_version=$(ynh_app_setting_get --app=$app --key=synapse_version)
+jitsi_server=$(ynh_app_setting_get --app=$app --key=jitsi_server)
 is_public=$(ynh_app_setting_get --app=$app --key=is_public)
 port=$(ynh_app_setting_get --app=$app --key=synapse_port)
 synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
@@ -33,6 +34,7 @@ turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tl
 cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
 report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
 allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
+e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default)
 ynh_print_OFF
 synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
 turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
@@ -81,6 +83,7 @@ then
     ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
+    ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
 fi
 
diff --git a/scripts/config b/scripts/config
index ca43f24..a52171e 100644
--- a/scripts/config
+++ b/scripts/config
@@ -25,6 +25,7 @@ allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
 disable_backup_before_upgrade=$(ynh_app_setting_get --app $app --key disable_backup_before_upgrade)
 is_public=$(ynh_app_setting_get --app $app --key is_public)
 jitsi_server=$(ynh_app_setting_get --app=$app --key=jitsi_server)
+e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default)
 
 #=================================================
 # SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND
@@ -37,12 +38,13 @@ show_config() {
     ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_ALLOW_PUBLIC_ROOMS=$allow_public_rooms"
     ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_JITSI_SERVER=$jitsi_server"
     ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC=${is_public}"
+    ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_E2E_ENABLED_BY_DEFAULT=${e2e_enabled_by_default}"
 
     if [[ ${disable_backup_before_upgrade:-0} -eq 1 ]]
     then
-        ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=false"
+        ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=0"
     else
-        ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=true"
+        ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=1"
     fi
 }
 
@@ -56,6 +58,7 @@ apply_config() {
     do_backup_before_upgrade=${YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE:-}
     is_public=${YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC:-$is_public}
     jitsi_server=${YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_JITSI_SERVER:-$jitsi_server}
+    e2e_enabled_by_default=${YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_E2E_ENABLED_BY_DEFAULT:-$e2e_enabled_by_default}
 
     if [ $report_stats == 1 ]; then
         report_stats=true
@@ -69,11 +72,18 @@ apply_config() {
     if [ $allow_public_rooms == 0 ]; then
         allow_public_rooms=false
     fi
+    if [ $e2e_enabled_by_default == 1 ]; then
+        e2e_enabled_by_default=true
+    fi
+    if [ $e2e_enabled_by_default == 0 ]; then
+        e2e_enabled_by_default=false
+    fi
 
     ynh_app_setting_set --app $app --key report_stats --value $report_stats
     ynh_app_setting_set --app $app --key allow_public_rooms --value $allow_public_rooms
     ynh_app_setting_set --app $app --key is_public --value $is_public
     ynh_app_setting_set --app $app --key jitsi_server --value $jitsi_server
+    ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
 
     if [[ -n $do_backup_before_upgrade ]]; then
         if [ $do_backup_before_upgrade -eq 1 ]; then
@@ -149,6 +159,7 @@ apply_config() {
         ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
         ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
         ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
+        ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
         ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     fi
 
diff --git a/scripts/install b/scripts/install
index f0efec9..ceaf927 100644
--- a/scripts/install
+++ b/scripts/install
@@ -40,6 +40,7 @@ synapse_db_user="matrix_$app"
 upstream_version=$(ynh_app_upstream_version)
 report_stats="false"
 allow_public_rooms="false"
+e2e_enabled_by_default="true"
 default_domain_value="Same than the domain"
 
 #=================================================
@@ -91,6 +92,7 @@ ynh_app_setting_set --app=$app --key=synapse_version --value=$upstream_version
 ynh_app_setting_set --app=$app --key=is_public --value=$is_public
 ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats
 ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_rooms
+ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
 
 #=================================================
 # STANDARD MODIFICATIONS
@@ -258,6 +260,7 @@ then
     ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
+    ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
 fi
 
diff --git a/scripts/upgrade b/scripts/upgrade
index 405e99e..b3682fd 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -34,6 +34,7 @@ turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tl
 cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
 report_stats=$(ynh_app_setting_get --app=$app --key=report_stats)
 allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms)
+e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default)
 ynh_print_OFF
 synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
 turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
@@ -118,6 +119,12 @@ if [ -z $jitsi_server ]; then
    ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server
 fi
 
+# Define $e2e_enabled_by_default if not already defined
+if [ -z $e2e_enabled_by_default ]; then
+   e2e_enabled_by_default='true'
+   ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default
+fi
+
 if [ -z $report_stats ]; then
     report_stats="false"
     ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats
@@ -345,6 +352,7 @@ then
     ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
+    ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
     ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
 fi