From bf5e61c816b2c9e297b08b87a277f7fe4da34ef9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sat, 12 Dec 2020 15:04:21 +0100 Subject: [PATCH 1/3] Fix package linter and update install badge --- README.md | 2 +- scripts/backup | 22 +++++++++++----------- scripts/restore | 4 ++-- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index b470c2e..15b39f7 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ ![](https://matrix.org/blog/wp-content/uploads/2015/01/logo1.png) [![Integration level](https://dash.yunohost.org/integration/synapse.svg)](https://dash.yunohost.org/appci/app/synapse) ![](https://ci-apps.yunohost.org/ci/badges/synapse.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/synapse.maintain.svg) -[![Install Synapse with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=synapse) +[![Install Synapse with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=synapse) > *This package allows you to install Synapse quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* diff --git a/scripts/backup b/scripts/backup index 113e694..ffb2ed3 100644 --- a/scripts/backup +++ b/scripts/backup @@ -20,7 +20,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -48,7 +48,7 @@ data_path="/home/yunohost.app/matrix-$app" #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_script_progression --message="Backing up the main app directory..." --weight=1 +ynh_print_info --message="Backing up the main app directory..." ynh_backup --src_path="$final_path" ynh_backup --src_path="$final_www_path" @@ -56,7 +56,7 @@ ynh_backup --src_path="$final_www_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." --weight=1 +ynh_print_info --message="Backing up nginx web server configuration..." # BACKUP THE PHP-FPM CONFIGURATION ynh_backup --src_path "/etc/php/7.0/fpm/pool.d/$app.conf" @@ -70,14 +70,14 @@ fi #================================================= # BACKUP THE POSTGRESQL DATABASE #================================================= -ynh_script_progression --message="Backing up the PostgreSQL database..." --weight=2 +ynh_print_info --message="Backing up the PostgreSQL database..." ynh_psql_dump_db --database="$synapse_db_name" > ${YNH_CWD}/dump.sql #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Backing up fail2ban configuration" --weight=1 +ynh_print_info --message="Backing up fail2ban configuration" ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" @@ -87,14 +87,14 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #================================================= # BACKUP SYNAPSE CONFIG #================================================= -ynh_script_progression --message="Backing up synapse configuration..." --weight=2 +ynh_print_info --message="Backing up synapse configuration..." ynh_backup --src_path="/etc/matrix-$app" #================================================= # BACKUP SYSTEMD #================================================= -ynh_script_progression --message="Backing up systemd configuration..." --weight=1 +ynh_print_info --message="Backing up systemd configuration..." ynh_backup --src_path="/etc/default/matrix-$app" ynh_backup --src_path="/etc/systemd/system/matrix-$app.service" @@ -104,21 +104,21 @@ ynh_backup --src_path="/etc/systemd/system/coturn-$app.service" #================================================= # BACKUP SYNAPSE DATA #================================================= -ynh_script_progression --message="Backing up synapse data..." --weight=1 +ynh_print_info --message="Backing up synapse data..." ynh_backup --src_path="$data_path" --is_big=1 #================================================= # BACKUP SYNAPSE LOG #================================================= -ynh_script_progression --message="Backing up synapse log..." --weight=1 +ynh_print_info --message="Backing up synapse log..." ynh_backup --src_path="/var/log/matrix-$app" #================================================= # BACKUP HOOKS #================================================= -ynh_script_progression --message="Backing up synapse hook..." --weight=1 +ynh_print_info --message="Backing up synapse hook..." # Copy hook ynh_backup --src_path "/etc/yunohost/hooks.d/post_cert_update/50-$app" @@ -127,4 +127,4 @@ ynh_backup --src_path "/etc/yunohost/hooks.d/post_cert_update/50-$app" # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/restore b/scripts/restore index 19b0c3f..9b27ca4 100644 --- a/scripts/restore +++ b/scripts/restore @@ -128,8 +128,8 @@ ynh_psql_execute_file_as_root --file="${YNH_CWD}/dump.sql" --database="$synapse_ ynh_script_progression --message="Enable systemd services" --weight=2 # systemctl daemon-reload -systemctl enable matrix-$app.service -systemctl enable coturn-$app.service +systemctl enable matrix-$app.service --quiet +systemctl enable coturn-$app.service --quiet #================================================= # ADVERTISE SERVICE IN ADMIN PANEL From ce99168ba379d448add8174efc643d269ebdbfac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Sat, 12 Dec 2020 15:38:13 +0100 Subject: [PATCH 2/3] Add ability to disable e2e encryption by default for DM --- conf/server_name.conf | 3 ++- config_panel.toml | 8 +++++++- scripts/change_url | 3 +++ scripts/config | 15 +++++++++++++-- scripts/install | 3 +++ scripts/upgrade | 8 ++++++++ 6 files changed, 36 insertions(+), 4 deletions(-) diff --git a/conf/server_name.conf b/conf/server_name.conf index 4555203..783927b 100644 --- a/conf/server_name.conf +++ b/conf/server_name.conf @@ -7,7 +7,8 @@ location /.well-known/matrix/server { location /.well-known/matrix/client { return 200 '{ "m.homeserver": { "base_url": "https://__DOMAIN__" }, - "im.vector.riot.jitsi": {"preferredDomain": "__JITSI_SERVER_ADDR__"} + "im.vector.riot.jitsi": {"preferredDomain": "__JITSI_SERVER_ADDR__"}, + "im.vector.riot.e2ee": {"default": __E2E_ENABLED_BY_DEFAULT__ } }'; add_header Content-Type application/json; add_header Access-Control-Allow-Origin '*'; diff --git a/config_panel.toml b/config_panel.toml index a5c37e3..aeff9ab 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -33,12 +33,18 @@ name = "Synapse configuration" type = "string" default = 'jitsi.riot.im' help = "Address of the Jitsi server for conference. Note that it's only for conference in rooms with more than 2 person. With 2 person the stun/turn server is used." + + [synapse_config.client_config.e2e_enabled_by_default] + ask = "End to end encryption by default for direct messages" + type = "boolean" + default = true + help = "By default, Element will create encrypted DM rooms if the user you are chatting with has keys uploaded on their account. For private room creation, Element will default to encryption on but give you can disable this settings here." [package_config] name = "Package configuration" [package_config.package_config] - name = "Synapse server configuration" + name = "Upgrade" [package_config.package_config.backup_before_upgrade] ask = "Backup before upgrade" diff --git a/scripts/change_url b/scripts/change_url index cbd5146..51fde8e 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -25,6 +25,7 @@ app=$YNH_APP_INSTANCE_NAME server_name=$(ynh_app_setting_get --app=$app --key=server_name) final_path=$(ynh_app_setting_get --app=$app --key=final_path) synapse_old_version=$(ynh_app_setting_get --app=$app --key=synapse_version) +jitsi_server=$(ynh_app_setting_get --app=$app --key=jitsi_server) is_public=$(ynh_app_setting_get --app=$app --key=is_public) port=$(ynh_app_setting_get --app=$app --key=synapse_port) synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port) @@ -33,6 +34,7 @@ turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tl cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) report_stats=$(ynh_app_setting_get --app=$app --key=report_stats) allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms) +e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default) ynh_print_OFF synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd) turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) @@ -81,6 +83,7 @@ then ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" + ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" fi diff --git a/scripts/config b/scripts/config index ca43f24..a52171e 100644 --- a/scripts/config +++ b/scripts/config @@ -25,6 +25,7 @@ allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms) disable_backup_before_upgrade=$(ynh_app_setting_get --app $app --key disable_backup_before_upgrade) is_public=$(ynh_app_setting_get --app $app --key is_public) jitsi_server=$(ynh_app_setting_get --app=$app --key=jitsi_server) +e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default) #================================================= # SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND @@ -37,12 +38,13 @@ show_config() { ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_ALLOW_PUBLIC_ROOMS=$allow_public_rooms" ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_JITSI_SERVER=$jitsi_server" ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC=${is_public}" + ynh_return "YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_E2E_ENABLED_BY_DEFAULT=${e2e_enabled_by_default}" if [[ ${disable_backup_before_upgrade:-0} -eq 1 ]] then - ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=false" + ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=0" else - ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=true" + ynh_return "YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE=1" fi } @@ -56,6 +58,7 @@ apply_config() { do_backup_before_upgrade=${YNH_CONFIG_PACKAGE_CONFIG_PACKAGE_CONFIG_BACKUP_BEFORE_UPGRADE:-} is_public=${YNH_CONFIG_SYNAPSE_CONFIG_SERVER_CONFIG_IS_PUBLIC:-$is_public} jitsi_server=${YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_JITSI_SERVER:-$jitsi_server} + e2e_enabled_by_default=${YNH_CONFIG_SYNAPSE_CONFIG_CLIENT_CONFIG_E2E_ENABLED_BY_DEFAULT:-$e2e_enabled_by_default} if [ $report_stats == 1 ]; then report_stats=true @@ -69,11 +72,18 @@ apply_config() { if [ $allow_public_rooms == 0 ]; then allow_public_rooms=false fi + if [ $e2e_enabled_by_default == 1 ]; then + e2e_enabled_by_default=true + fi + if [ $e2e_enabled_by_default == 0 ]; then + e2e_enabled_by_default=false + fi ynh_app_setting_set --app $app --key report_stats --value $report_stats ynh_app_setting_set --app $app --key allow_public_rooms --value $allow_public_rooms ynh_app_setting_set --app $app --key is_public --value $is_public ynh_app_setting_set --app $app --key jitsi_server --value $jitsi_server + ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default if [[ -n $do_backup_before_upgrade ]]; then if [ $do_backup_before_upgrade -eq 1 ]; then @@ -149,6 +159,7 @@ apply_config() { ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" + ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" fi diff --git a/scripts/install b/scripts/install index f0efec9..ceaf927 100644 --- a/scripts/install +++ b/scripts/install @@ -40,6 +40,7 @@ synapse_db_user="matrix_$app" upstream_version=$(ynh_app_upstream_version) report_stats="false" allow_public_rooms="false" +e2e_enabled_by_default="true" default_domain_value="Same than the domain" #================================================= @@ -91,6 +92,7 @@ ynh_app_setting_set --app=$app --key=synapse_version --value=$upstream_version ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_rooms +ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default #================================================= # STANDARD MODIFICATIONS @@ -258,6 +260,7 @@ then ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" + ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" fi diff --git a/scripts/upgrade b/scripts/upgrade index 405e99e..b3682fd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -34,6 +34,7 @@ turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tl cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) report_stats=$(ynh_app_setting_get --app=$app --key=report_stats) allow_public_rooms=$(ynh_app_setting_get --app=$app --key=allow_public_rooms) +e2e_enabled_by_default=$(ynh_app_setting_get --app=$app --key=e2e_enabled_by_default) ynh_print_OFF synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd) turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) @@ -118,6 +119,12 @@ if [ -z $jitsi_server ]; then ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server fi +# Define $e2e_enabled_by_default if not already defined +if [ -z $e2e_enabled_by_default ]; then + e2e_enabled_by_default='true' + ynh_app_setting_set --app=$app --key=e2e_enabled_by_default --value=$e2e_enabled_by_default +fi + if [ -z $report_stats ]; then report_stats="false" ynh_app_setting_set --app=$app --key=report_stats --value=$report_stats @@ -345,6 +352,7 @@ then ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__PORT__ --replace_string=$synapse_tls_port --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_replace_string --match_string=__JITSI_SERVER_ADDR__ --replace_string=$jitsi_server --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" + ynh_replace_string --match_string=__E2E_ENABLED_BY_DEFAULT__ --replace_string=$e2e_enabled_by_default --target_file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf" fi From a27856fdfb81866f5668a4dc9a2047e0c045a283 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Mon, 14 Dec 2020 16:14:54 +0100 Subject: [PATCH 3/3] Fix readme --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 15b39f7..8853f91 100644 --- a/README.md +++ b/README.md @@ -140,7 +140,11 @@ By default a backup is made before the upgrade. To avoid this you have theses fo `yunohost app setting synapse disable_backup_before_upgrade -v 1` -After this settings will be applied for all next upgrade. +After this settings will be applied for **all** next upgrade. + +From command line: + +`yunohost app upgrade seafile` ### Backup