YunoHost-Apps/synapse_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Code Issues Activity Actions
synapse_ynh/scripts/restore
Carlos Solís 39ffead3a9 Make user creation script depend on YNH version 
The format used to create a new user on YunoHost 11.1 and above is different than the one used beforehand. This change is intended to detect which version is currently installed and use the correct format.
2023-01-10 09:56:15 -06:00

274 lines
11 KiB
Bash
Raw Blame History

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source ../settings/scripts/experimental_helper.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
# Clean installation remainings that are not handled by the remove script.
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
server_name=$(ynh_app_setting_get --app=$app --key=server_name)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
synapse_tls_port=$(ynh_app_setting_get --app=$app --key=synapse_tls_port)
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
synapse_db_pwd=$(ynh_app_setting_get --app=$app --key=synapse_db_pwd)
synapse_user_app_pwd=$(ynh_app_setting_get --app=$app --key=synapse_user_app_pwd)
main_domain=$(yunohost domain list --output-as json | jq -r .main)
#=================================================
# SET ALL CONSTANT
#=================================================
synapse_user="matrix-$app"
synapse_user_app="$app"
synapse_db_name="matrix_$app"
synapse_db_user="matrix_$app"
synapse_db_name="matrix_$app"
upstream_version=$(ynh_app_upstream_version)
final_www_path="/var/www/$app"
data_path="/home/yunohost.app/matrix-$app"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=70
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
ynh_exec_warn_less ynh_install_app_dependencies $dependances
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$synapse_user --home_dir=$final_path
# The format to create an user account varies depending on the version of YunoHost currently installed.
ynh_current_version=$(dpkg-query --showformat='${Version}' --show yunohost)
if $(dpkg --compare-versions "$ynh_current_version" ge "11.1"); then
yunohost user create $synapse_user_app -F "Synapse Application" -d $domain -p "$synapse_user_app_pwd"
else
yunohost user create $synapse_user_app -f Synapse -l Application -d $domain -p "$synapse_user_app_pwd"
fi
adduser $synapse_user ssl-cert
adduser turnserver ssl-cert
#=================================================
# RESTORE ALL CONFIG AND DATA
#=================================================
ynh_script_progression --message="Restoring directory and configuration..." --weight=10
ynh_restore
mkdir -p /etc/matrix-$app/app-service
# Check that the good python version is installed
# If not upgrade the source
ynh_script_progression --message="Check for source up to date..." --weight=5
install_sources
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Reload Fail2Ban..." --weight=6
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=13
ynh_psql_test_if_first_run
ynh_psql_create_user $synapse_db_user $synapse_db_pwd
ynh_psql_execute_as_root \
--sql="CREATE DATABASE $synapse_db_name
ENCODING 'UTF8'
LC_COLLATE='C'
LC_CTYPE='C'
template=template0
OWNER $synapse_db_user;"
ynh_psql_execute_file_as_root --file="${YNH_CWD}/dump.sql" --database="$synapse_db_name"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Enable systemd services" --weight=2
# systemctl daemon-reload
systemctl enable matrix-$app.service --quiet
systemctl enable coturn-$app.service --quiet
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
yunohost service add matrix-$app --log "/var/log/matrix-$app/homeserver.log" --needs_exposed_ports $synapse_tls_port
yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
#=================================================
# CREATE A DH FILE
#=================================================
ynh_script_progression --message="Creating a dh file..." --weight=40
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
# For any update do it in all files
# Make dh cert for synapse if it doesn't exist
if [ ! -e /etc/ssl/private/dh2048.pem ]
then
ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
chown root:ssl-cert /etc/ssl/private/dh2048.pem
chmod 640 /etc/ssl/private/dh2048.pem
fi
#=================================================
# RECONFIGURE THE TURNSERVER
#=================================================
ynh_script_progression --message="Reconfiguring Coturn..." --weight=23
# To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config
# Retrieve specific settings
turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
# WARNING : these commands are used in INSTALL, UPGRADE
# For any update do it in all files
# Get public IP and set as external IP for coturn
# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
public_ip4="$(curl -s ip.yunohost.org)" || true
public_ip6="$(curl -s ipv6.yunohost.org)" || true
turn_external_ip=""
if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
then
turn_external_ip+="\nexternal-ip=$public_ip4"
fi
if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
then
turn_external_ip+="\nexternal-ip=$public_ip6"
fi
ynh_add_config --template="turnserver.conf" --destination="/etc/matrix-$app/coturn.conf"
#=================================================
# OPEN THE PORT
#=================================================
# Ouvre le port dans le firewall
ynh_exec_warn_less yunohost firewall allow TCP $synapse_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile /var/log/matrix-$app
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE (3 times)
# For any update do it in all files
ynh_script_progression --message="Configuring file permission..."
chown $synapse_user:root -R $final_path
chmod 770 $final_path/Coturn_config_rotate.sh
chmod 700 $final_path/update_synapse_for_appservice.sh
chown $synapse_user:root -R $data_path
chown $synapse_user:root -R /var/log/matrix-$app
chown $synapse_user:root -R /etc/matrix-$app
chmod u=rwX,g=rX,o= -R /etc/matrix-$app
chmod 600 /etc/matrix-$app/$server_name.signing.key
setfacl -R -m user:turnserver:rX /etc/matrix-$app
setfacl -R -m user:turnserver:rwX /var/log/matrix-$app
chmod u=rwX,g=rX,o= -R $final_www_path
chown $synapse_user:root -R $final_www_path
#=================================================
# RELOAD NGINX, SYNAPSE AND COTURN
#=================================================
ynh_script_progression --message="Restarting Synapse services..." --weight=7
ynh_systemd_action --service_name=coturn-$app.service --action=restart
ynh_systemd_action --service_name=matrix-$app --action=restart --line_match="Synapse now listening on TCP port $synapse_tls_port" --log_path="/var/log/matrix-$app/homeserver.log" --timeout=300
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
# WARNING : theses command are used in INSTALL, RESTORE
# For any update do it in all files
echo "To federate this app you need to add this line in your DNS configuration:
_matrix._tcp.$domain. 3600 IN SRV 10 0 $synapse_tls_port $domain.
You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
Your synapse server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/synapse_ynh .
If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/synapse_ynh" > mail_to_send
ynh_send_readme_to_admin --app_message="mail_to_send" --type="restore"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last
Reference in a new issue View git blame Copy permalink