From e4158175a2e6a9633cf1cc3eb3196943ae386e4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Mon, 7 Dec 2020 16:34:41 +0100 Subject: [PATCH] Implement backup core only --- README.md | 29 +++++++++++++++++++++++++++-- conf/homeserver.yaml | 6 +++--- conf/matrix-synapse.service | 2 +- scripts/backup | 7 ++++++- scripts/install | 13 ++++++++++--- scripts/remove | 3 ++- scripts/restore | 5 +++-- scripts/upgrade | 24 ++++++++++++++++++------ 8 files changed, 70 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 636b640..92549ae 100644 --- a/README.md +++ b/README.md @@ -132,12 +132,37 @@ The following command will grant admin privilege to the specified user: su --command="psql matrix_synapse" postgres <<< "UPDATE users SET admin = 1 WHERE name = '@user_to_be_admin:domain.tld'" ``` -### Disable backup in upgrade +### Upgrade -To solve the issue [#30](https://github.com/YunoHost-Apps/synapse_ynh/issues/30) you can disable the backup in the upgrade by setting to true the key `disable_backup_before_upgrade` in the app setting. You can set it by this command : +By default a backup is made before the upgrade. To avoid this you have theses following possibilites: +- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. By example `NO_BACKUP_UPGRADE=1 yunohost app upgrade synapse`. +- Set the settings `disable_backup_before_upgrade` to `1`. You can set this with this command: `yunohost app setting synapse disable_backup_before_upgrade -v 1` +After this settings will be applied for all next upgrade. + +### Backup + +This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this: + +- Stop synapse service with theses following command: + +`systemctl stop synapse.service` + +- Launch the backup of synapse with this following command: + +`yunohost backup create --app synapse` + +- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/matrix-synapse`. +- Restart the synapse service with theses command: + +`systemctl start synapse.service` + +### Remove + +Due of the backup core only feature the data directory in `/home/yunohost.app/matrix-synapse` **is not removed**. It need to be removed manually to purge app user data. + ### Multi instance support To give a possibility to have multiple domains you can use multiple instances of synapse. In this case all instances will run on different ports so it's really important to put a SRV record in your domain. You can get the port that you need to put in your SRV record with this following command: diff --git a/conf/homeserver.yaml b/conf/homeserver.yaml index 8d69522..abb6e15 100644 --- a/conf/homeserver.yaml +++ b/conf/homeserver.yaml @@ -598,7 +598,7 @@ log_config: "/etc/matrix-__APP__/log.yaml" # Directory where uploaded images and attachments are stored. # -media_store_path: "/var/lib/matrix-__APP__/media" +media_store_path: "/home/yunohost.app/matrix-__APP__/media" # Media storage providers allow media to be stored in different # locations. @@ -613,11 +613,11 @@ media_storage_providers: # provider to complete store_synchronous: false config: - directory: "/var/lib/matrix-__APP__/media_storage" + directory: "/home/yunohost.app/matrix-__APP__/media_storage" # Directory where in-progress uploads are stored. # -uploads_path: "/var/lib/matrix-__APP__/uploads" +uploads_path: "/home/yunohost.app/matrix-__APP__/uploads" # The largest allowed upload size in bytes # diff --git a/conf/matrix-synapse.service b/conf/matrix-synapse.service index c82ad3b..57d205d 100644 --- a/conf/matrix-synapse.service +++ b/conf/matrix-synapse.service @@ -5,7 +5,7 @@ After=network.target [Service] Type=simple User=matrix-__APP__ -WorkingDirectory=/var/lib/matrix-__APP__ +WorkingDirectory=/opt/yunohost/matrix-__APP__ EnvironmentFile=/etc/default/matrix-__APP__ ExecStartPre=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/ --generate-keys ExecStart=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/ diff --git a/scripts/backup b/scripts/backup index 1632188..113e694 100644 --- a/scripts/backup +++ b/scripts/backup @@ -28,6 +28,10 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) server_name=$(ynh_app_setting_get --app=$app --key=server_name) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +if [[ ! "$(systemctl status matrix-$app.service)" =~ "Active: inactive (dead)" ]]; then + ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service with this command before to run the backup 'systemctl stop matrix-$app.service'" +fi + #================================================= # SET CONSTANTS #================================================= @@ -37,6 +41,7 @@ synapse_db_name="matrix_$app" synapse_db_user="matrix_$app" upstream_version=$(ynh_app_upstream_version) final_www_path="/var/www/$app" +data_path="/home/yunohost.app/matrix-$app" #================================================= # STANDARD BACKUP STEPS @@ -101,7 +106,7 @@ ynh_backup --src_path="/etc/systemd/system/coturn-$app.service" #================================================= ynh_script_progression --message="Backing up synapse data..." --weight=1 -ynh_backup --src_path="/var/lib/matrix-$app" +ynh_backup --src_path="$data_path" --is_big=1 #================================================= # BACKUP SYNAPSE LOG diff --git a/scripts/install b/scripts/install index 1354ec0..f0efec9 100644 --- a/scripts/install +++ b/scripts/install @@ -53,6 +53,7 @@ jitsi_server=$YNH_APP_ARG_JITSI_SERVER path_url="/_matrix" final_path="/opt/yunohost/matrix-$app" final_www_path="/var/www/$app" +data_path="/home/yunohost.app/matrix-$app" if [[ "$server_name" == "$default_domain_value" ]]; then server_name=$domain @@ -69,6 +70,12 @@ test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die --message="$dom # Check Final Path availability test ! -e "$final_path" || ynh_die --message="This path already contains a folder" +if [ -e "$data_path" ]; then + old_data_dir_path="$data_path$(date '+%Y%m%d.%H%M%S')" + ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path" + mv "$data_path" "$old_data_dir_path" +fi + #================================================= # STORE SETTINGS FROM MANIFEST #================================================= @@ -141,7 +148,7 @@ ynh_install_app_dependencies $dependances #================================================= ynh_script_progression --message="Configuring system user..." --weight=3 -ynh_system_user_create --username=$synapse_user --home_dir=/var/lib/matrix-$app +ynh_system_user_create --username=$synapse_user --home_dir=$data_path adduser $synapse_user ssl-cert adduser turnserver ssl-cert @@ -172,7 +179,7 @@ ynh_script_progression --message="Setting up source files..." --weight=50 # WARNING : theses command are used in INSTALL, UPGRADE # For any update do it in all files -mkdir -p /var/lib/matrix-$app +mkdir -p $data_path mkdir -p /var/log/matrix-$app mkdir -p /etc/matrix-$app/conf.d mkdir -p /etc/matrix-$app/app-service @@ -396,7 +403,7 @@ ynh_replace_string __DOMAIN__ $domain ../hooks/post_cert_update chown $synapse_user:root -R $final_path chmod 770 $final_path/Coturn_config_rotate.sh chmod 700 $final_path/update_synapse_for_appservice.sh -chown $synapse_user:root -R /var/lib/matrix-$app +chown $synapse_user:root -R $data_path chown $synapse_user:root -R /var/log/matrix-$app chown $synapse_user:root -R /etc/matrix-$app chmod u=rwX,g=rX,o= -R /etc/matrix-$app diff --git a/scripts/remove b/scripts/remove index b2d3936..34ed766 100755 --- a/scripts/remove +++ b/scripts/remove @@ -89,7 +89,6 @@ ynh_script_progression --message="Removing app main directory" --weight=2 ynh_secure_remove --file=$final_path ynh_secure_remove --file=$final_www_path -ynh_secure_remove --file=/var/lib/matrix-$app ynh_secure_remove --file=/var/log/matrix-$app ynh_secure_remove --file=/etc/matrix-$app ynh_secure_remove --file=/etc/default/matrix-$app @@ -153,5 +152,7 @@ ynh_system_user_delete --username=$synapse_user #================================================= # END OF SCRIPT #================================================= +ynh_print_info --message="Due of the backup core only feature the data directory in '/home/yunohost.app/matrix-$app' was not removed. It need to be removed manually to purge app user data." ynh_script_progression --message="Removal of $app completed" --last +sleep 1 diff --git a/scripts/restore b/scripts/restore index 2c288ce..19b0c3f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -49,6 +49,7 @@ synapse_db_name="matrix_$app" synapse_db_user="matrix_$app" upstream_version=$(ynh_app_upstream_version) final_www_path="/var/www/$app" +data_path="/home/yunohost.app/matrix-$app" #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -99,7 +100,7 @@ ynh_systemd_action --action=restart --service_name=fail2ban ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$synapse_user --home_dir=/var/lib/matrix-$app +ynh_system_user_create --username=$synapse_user --home_dir=$data_path adduser $synapse_user ssl-cert adduser turnserver ssl-cert @@ -237,7 +238,7 @@ ynh_use_logrotate --logfile /var/log/matrix-$app chown $synapse_user:root -R $final_path chmod 770 $final_path/Coturn_config_rotate.sh chmod 700 $final_path/update_synapse_for_appservice.sh -chown $synapse_user:root -R /var/lib/matrix-$app +chown $synapse_user:root -R $data_path chown $synapse_user:root -R /var/log/matrix-$app chown $synapse_user:root -R /etc/matrix-$app chmod u=rwX,g=rX,o= -R /etc/matrix-$app diff --git a/scripts/upgrade b/scripts/upgrade index 8b9f3f5..9efbb4b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -10,6 +10,9 @@ source _common.sh source experimental_helper.sh source /usr/share/yunohost/helpers +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # LOAD SETTINGS #================================================= @@ -48,6 +51,7 @@ synapse_db_name="matrix_$app" synapse_db_user="matrix_$app" upstream_version=$(ynh_app_upstream_version) final_www_path="/var/www/$app" +data_path="/home/yunohost.app/matrix-$app" #================================================= # CHECK VERSION @@ -75,18 +79,15 @@ ynh_script_progression --message="Backing up the app before upgrading (may take ynh_systemd_action --service_name=matrix-$app.service --action=stop # Backup the current version of the app -if [ "$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" != '1' ] +if [ "0$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" -ne 1 ] then ynh_backup_before_upgrade ynh_clean_setup () { # Clean installation remainings that are not handled by the remove script. ynh_clean_check_starting - ynh_restore_upgradebackup } fi -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS @@ -111,7 +112,7 @@ if [ -z $server_name ]; then ynh_app_setting_set --app=$app --key=server_name --value=$domain fi -# Define $server_name if not already defined +# Define $jitsi_server if not already defined if [ -z $jitsi_server ]; then jitsi_server='jitsi.riot.im' ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server @@ -127,6 +128,17 @@ if [ -z $allow_public_rooms ]; then ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_rooms fi +#================================================= +# MIGRATION 6 : Migrate data directory +#================================================= + +if [ ! -e "$data_path" ] && [ -e "/var/lib/matrix-$app" ]; then + ynh_script_progression --message="Moving data directory to $data_path..." --weight=1 + mv "/var/lib/matrix-$app" "$data_path" + # matrix-synapse:x:994:994::/var/lib/matrix-synapse:/usr/sbin/nologin + sed --in-place -r "s@matrix-$app\:x\:(\n*:\n*)\:\:/var/lib/matrix-$app\:/usr/sbin/nologin@matrix-$app\:x\:(\n*:\n*)\:\:$final_path\:/usr/sbin/nologin@g" /etc/passwd +fi + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -440,7 +452,7 @@ ynh_permission_url --permission main --url $domain/_matrix/cas_server.php/login chown $synapse_user:root -R $final_path chmod 770 $final_path/Coturn_config_rotate.sh chmod 700 $final_path/update_synapse_for_appservice.sh -chown $synapse_user:root -R /var/lib/matrix-$app +chown $synapse_user:root -R $data_path chown $synapse_user:root -R /var/log/matrix-$app chown $synapse_user:root -R /etc/matrix-$app chmod u=rwX,g=rX,o= -R /etc/matrix-$app