Merge branch 'testing' into master

README.md

@@ -14,7 +14,7 @@ Instant messaging server matrix network.
 
 Yunohost chatroom with matrix : [https://riot.im/app/#/room/#yunohost:matrix.org](https://riot.im/app/#/room/#yunohost:matrix.org)
 
-**Shipped version:** 1.23.0
+**Shipped version:** 1.23.1
 
 ## Configuration
 
@@ -132,12 +132,37 @@ The following command will grant admin privilege to the specified user:
 su --command="psql matrix_synapse" postgres <<< "UPDATE users SET admin = 1 WHERE name = '@user_to_be_admin:domain.tld'"
 ```
 
-### Disable backup in upgrade
+### Upgrade
 
-To solve the issue [#30](https://github.com/YunoHost-Apps/synapse_ynh/issues/30) you can disable the backup in the upgrade by setting to true the key `disable_backup_before_upgrade` in the app setting. You can set it by this command :
+By default a backup is made before the upgrade. To avoid this you have theses following possibilites:
+- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. By example `NO_BACKUP_UPGRADE=1 yunohost app upgrade synapse`.
+- Set the settings `disable_backup_before_upgrade` to `1`. You can set this with this command:
 
 `yunohost app setting synapse disable_backup_before_upgrade -v 1`
 
+After this settings will be applied for all next upgrade.
+
+### Backup
+
+This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this:
+
+- Stop synapse service with theses following command:
+
+`systemctl stop synapse.service`
+
+- Launch the backup of synapse with this following command:
+
+`yunohost backup create --app synapse`
+
+- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/yunohost.app/matrix-synapse`.
+- Restart the synapse service with theses command:
+
+`systemctl start synapse.service`
+
+### Remove
+
+Due of the backup core only feature the data directory in `/home/yunohost.app/matrix-synapse` **is not removed**. It need to be removed manually to purge app user data.
+
 ### Multi instance support
 
 To give a possibility to have multiple domains you can use multiple instances of synapse. In this case all instances will run on different ports so it's really important to put a SRV record in your domain. You can get the port that you need to put in your SRV record with this following command:

conf/armv7_buster.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.23.0/matrix-synapse_1.23.0-buster-bin1_armv7l.tar.gz
+SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.23.1/matrix-synapse_1.23.1-buster-bin1_armv7l.tar.gz
-SOURCE_SUM=d5f5c05b34b8fc3a7eb2f97a48eac9c5737818d3b21621c261be18540c779a28
+SOURCE_SUM=a2e2e1ff7dafff49da20bf3e374bd4567002430881187071761056a275bc98e1
 # (Optional) Program to check the integrity (sha256sum, md5sum...)
 # default: sha256
 SOURCE_SUM_PRG=sha256sum

conf/armv7_stretch.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.23.0/matrix-synapse_1.23.0-stretch-bin1_armv7l.tar.gz
+SOURCE_URL=https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.23.1/matrix-synapse_1.23.1-stretch-bin1_armv7l.tar.gz
-SOURCE_SUM=5f787c992541d0f58d22fc4d9cd243746f09db879e6663960060ba097386e0c0
+SOURCE_SUM=eb513ee692067e98ea8d5ceaa927398d17f89057ff0c62f106504e86fced5dae
 # (Optional) Program to check the integrity (sha256sum, md5sum...)
 # default: sha256
 SOURCE_SUM_PRG=sha256sum

conf/homeserver.yaml

@@ -598,7 +598,7 @@ log_config: "/etc/matrix-__APP__/log.yaml"
 
 # Directory where uploaded images and attachments are stored.
 #
-media_store_path: "/var/lib/matrix-__APP__/media"
+media_store_path: "/home/yunohost.app/matrix-__APP__/media"
 
 # Media storage providers allow media to be stored in different
 # locations.
@@ -613,11 +613,11 @@ media_storage_providers:
    # provider to complete
    store_synchronous: false
    config:
-     directory: "/var/lib/matrix-__APP__/media_storage"
+     directory: "/home/yunohost.app/matrix-__APP__/media_storage"
 
 # Directory where in-progress uploads are stored.
 #
-uploads_path: "/var/lib/matrix-__APP__/uploads"
+uploads_path: "/home/yunohost.app/matrix-__APP__/uploads"
 
 # The largest allowed upload size in bytes
 #

conf/matrix-synapse.service

@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=simple
 User=matrix-__APP__
-WorkingDirectory=/var/lib/matrix-__APP__
+WorkingDirectory=/opt/yunohost/matrix-__APP__
 EnvironmentFile=/etc/default/matrix-__APP__
 ExecStartPre=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/ --generate-keys
 ExecStart=/opt/yunohost/matrix-__APP__/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-__APP__/homeserver.yaml --config-path=/etc/matrix-__APP__/conf.d/

manifest.json

@@ -6,7 +6,7 @@
 		"en": "Instant messaging server which uses Matrix",
 		"fr": "Un serveur de messagerie instantané basé sur Matrix"
 	},
-	"version": "1.23.0~ynh1",
+	"version": "1.23.1~ynh1",
 	"url": "http://matrix.org",
 	"license": "Apache-2.0",
 	"maintainer": {

scripts/_common.sh

@@ -40,7 +40,7 @@ install_sources() {
         set -u;
         pip3 install --upgrade setuptools wheel
         pip3 install --upgrade cffi ndg-httpsclient psycopg2 lxml jinja2
-        pip3 install --upgrade 'Twisted>=20.3.0' matrix-synapse==$upstream_version matrix-synapse-ldap3
+        pip3 install --upgrade 'Twisted>=20.3.0' 'cryptography>=3.3' matrix-synapse==$upstream_version matrix-synapse-ldap3
 
         # This function was defined when we called "source $final_path/bin/activate". With this function we undo what "$final_path/bin/activate" does
         set +u;

scripts/backup

@@ -28,6 +28,10 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 server_name=$(ynh_app_setting_get --app=$app --key=server_name)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 
+if [[ ! "$(systemctl status matrix-$app.service)" =~ "Active: inactive (dead)" ]]; then
+    ynh_print_warn --message="It's hightly recommended to make your backup when the service is stopped. Please stop $app service with this command before to run the backup 'systemctl stop matrix-$app.service'"
+fi
+
 #=================================================
 # SET CONSTANTS
 #=================================================
@@ -37,6 +41,7 @@ synapse_db_name="matrix_$app"
 synapse_db_user="matrix_$app"
 upstream_version=$(ynh_app_upstream_version)
 final_www_path="/var/www/$app"
+data_path="/home/yunohost.app/matrix-$app"
 
 #=================================================
 # STANDARD BACKUP STEPS
@@ -101,7 +106,7 @@ ynh_backup --src_path="/etc/systemd/system/coturn-$app.service"
 #=================================================
 ynh_script_progression --message="Backing up synapse data..." --weight=1
 
-ynh_backup --src_path="/var/lib/matrix-$app"
+ynh_backup --src_path="$data_path" --is_big=1
 
 #=================================================
 # BACKUP SYNAPSE LOG

scripts/install

@@ -53,6 +53,7 @@ jitsi_server=$YNH_APP_ARG_JITSI_SERVER
 path_url="/_matrix"
 final_path="/opt/yunohost/matrix-$app"
 final_www_path="/var/www/$app"
+data_path="/home/yunohost.app/matrix-$app"
 
 if [[ "$server_name" == "$default_domain_value" ]]; then
     server_name=$domain    
@@ -69,6 +70,12 @@ test ! -e "/etc/nginx/conf.d/$domain.d/synapse*.conf" || ynh_die --message="$dom
 # Check Final Path availability
 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
 
+if [ -e "$data_path" ]; then
+    old_data_dir_path="$data_path$(date '+%Y%m%d.%H%M%S')"
+    ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path"
+    mv "$data_path" "$old_data_dir_path"
+fi
+
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
@@ -141,7 +148,7 @@ ynh_install_app_dependencies $dependances
 #=================================================
 ynh_script_progression --message="Configuring system user..." --weight=3
 
-ynh_system_user_create --username=$synapse_user --home_dir=/var/lib/matrix-$app
+ynh_system_user_create --username=$synapse_user --home_dir=$data_path
 adduser $synapse_user ssl-cert
 adduser turnserver ssl-cert
 
@@ -172,7 +179,7 @@ ynh_script_progression --message="Setting up source files..." --weight=50
 
 # WARNING : theses command are used in INSTALL, UPGRADE
 # For any update do it in all files
-mkdir -p /var/lib/matrix-$app
+mkdir -p $data_path
 mkdir -p /var/log/matrix-$app
 mkdir -p /etc/matrix-$app/conf.d
 mkdir -p /etc/matrix-$app/app-service
@@ -396,7 +403,7 @@ ynh_replace_string __DOMAIN__ $domain ../hooks/post_cert_update
 chown $synapse_user:root -R $final_path
 chmod 770 $final_path/Coturn_config_rotate.sh
 chmod 700 $final_path/update_synapse_for_appservice.sh
-chown $synapse_user:root -R /var/lib/matrix-$app
+chown $synapse_user:root -R $data_path
 chown $synapse_user:root -R /var/log/matrix-$app
 chown $synapse_user:root -R /etc/matrix-$app
 chmod u=rwX,g=rX,o= -R /etc/matrix-$app

scripts/remove

@@ -89,7 +89,6 @@ ynh_script_progression --message="Removing app main directory" --weight=2
 
 ynh_secure_remove --file=$final_path
 ynh_secure_remove --file=$final_www_path
-ynh_secure_remove --file=/var/lib/matrix-$app
 ynh_secure_remove --file=/var/log/matrix-$app
 ynh_secure_remove --file=/etc/matrix-$app
 ynh_secure_remove --file=/etc/default/matrix-$app
@@ -153,5 +152,7 @@ ynh_system_user_delete --username=$synapse_user
 #=================================================
 # END OF SCRIPT
 #=================================================
+ynh_print_info --message="Due of the backup core only feature the data directory in '/home/yunohost.app/matrix-$app' was not removed. It need to be removed manually to purge app user data."
 
 ynh_script_progression --message="Removal of $app completed" --last
+sleep 1

scripts/restore

@@ -49,6 +49,7 @@ synapse_db_name="matrix_$app"
 synapse_db_user="matrix_$app"
 upstream_version=$(ynh_app_upstream_version)
 final_www_path="/var/www/$app"
+data_path="/home/yunohost.app/matrix-$app"
 
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
@@ -99,7 +100,7 @@ ynh_systemd_action --action=restart --service_name=fail2ban
 ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
 
 # Create the dedicated user (if not existing)
-ynh_system_user_create --username=$synapse_user --home_dir=/var/lib/matrix-$app
+ynh_system_user_create --username=$synapse_user --home_dir=$data_path
 adduser $synapse_user ssl-cert
 adduser turnserver ssl-cert
 
@@ -237,7 +238,7 @@ ynh_use_logrotate --logfile /var/log/matrix-$app
 chown $synapse_user:root -R $final_path
 chmod 770 $final_path/Coturn_config_rotate.sh
 chmod 700 $final_path/update_synapse_for_appservice.sh
-chown $synapse_user:root -R /var/lib/matrix-$app
+chown $synapse_user:root -R $data_path
 chown $synapse_user:root -R /var/log/matrix-$app
 chown $synapse_user:root -R /etc/matrix-$app
 chmod u=rwX,g=rX,o= -R /etc/matrix-$app

scripts/upgrade

@@ -10,6 +10,9 @@ source _common.sh
 source experimental_helper.sh
 source /usr/share/yunohost/helpers
 
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
 #=================================================
 # LOAD SETTINGS
 #=================================================
@@ -48,6 +51,7 @@ synapse_db_name="matrix_$app"
 synapse_db_user="matrix_$app"
 upstream_version=$(ynh_app_upstream_version)
 final_www_path="/var/www/$app"
+data_path="/home/yunohost.app/matrix-$app"
 
 #=================================================
 # CHECK VERSION
@@ -75,18 +79,15 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
 ynh_systemd_action --service_name=matrix-$app.service --action=stop
 
 # Backup the current version of the app
-if [ "$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" != '1' ]
+if [ "0$(ynh_app_setting_get --app=$app --key=disable_backup_before_upgrade)" -ne 1 ]
 then
     ynh_backup_before_upgrade
     ynh_clean_setup () {
         # Clean installation remainings that are not handled by the remove script.
         ynh_clean_check_starting
-
         ynh_restore_upgradebackup
     }
 fi
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
 
 #=================================================
 # STANDARD UPGRADE STEPS
@@ -111,7 +112,7 @@ if [ -z $server_name ]; then
    ynh_app_setting_set --app=$app --key=server_name --value=$domain
 fi
 
-# Define $server_name if not already defined
+# Define $jitsi_server if not already defined
 if [ -z $jitsi_server ]; then
    jitsi_server='jitsi.riot.im'
    ynh_app_setting_set --app=$app --key=jitsi_server --value=$jitsi_server
@@ -127,6 +128,22 @@ if [ -z $allow_public_rooms ]; then
     ynh_app_setting_set --app=$app --key=allow_public_rooms --value=$allow_public_rooms
 fi
 
+#=================================================
+# MIGRATION 6 : Migrate data directory
+#=================================================
+
+if [ -e "/var/lib/matrix-$app" ]; then
+    ynh_script_progression --message="Moving data directory to $data_path..." --weight=1
+    if [ -e "$data_path" ]; then
+        old_data_dir_path="$data_path$(date '+%Y%m%d.%H%M%S')"
+        ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path"
+        mv "$data_path" "$old_data_dir_path"
+    fi
+    mv "/var/lib/matrix-$app" "$data_path"
+    # matrix-synapse:x:994:994::/var/lib/matrix-synapse:/usr/sbin/nologin
+    sed --in-place -r "s@matrix-$app\:x\:(\n*:\n*)\:\:/var/lib/matrix-$app\:/usr/sbin/nologin@matrix-$app\:x\:(\n*:\n*)\:\:$final_path\:/usr/sbin/nologin@g" /etc/passwd
+fi
+
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
@@ -440,7 +457,7 @@ ynh_permission_url --permission main --url $domain/_matrix/cas_server.php/login
 chown $synapse_user:root -R $final_path
 chmod 770 $final_path/Coturn_config_rotate.sh
 chmod 700 $final_path/update_synapse_for_appservice.sh
-chown $synapse_user:root -R /var/lib/matrix-$app
+chown $synapse_user:root -R $data_path
 chown $synapse_user:root -R /var/log/matrix-$app
 chown $synapse_user:root -R /etc/matrix-$app
 chmod u=rwX,g=rX,o= -R /etc/matrix-$app