mirror of
https://github.com/YunoHost-Apps/synapse_ynh.git
synced 2024-09-03 20:26:38 +02:00
247 lines
8.9 KiB
Bash
Executable file
247 lines
8.9 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Retrieve arguments
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
synapse_user="matrix-synapse"
|
|
synapse_db_name="matrix_synapse"
|
|
synapse_db_user="matrix_synapse"
|
|
|
|
get_app_version_from_json() {
|
|
manifest_path="../manifest.json"
|
|
if [ ! -e "$manifest_path" ]; then
|
|
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
|
|
fi
|
|
echo $(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file.
|
|
}
|
|
APP_VERSION=$(get_app_version_from_json)
|
|
|
|
install_dependances() {
|
|
ynh_install_app_dependencies coturn build-essential python2.7-dev libffi-dev python-pip python-setuptools sqlite3 libssl-dev python-virtualenv libxml2-dev libxslt1-dev python-lxml libjpeg-dev libpq-dev postgresql acl
|
|
pip install --upgrade pip
|
|
pip install --upgrade virtualenv
|
|
}
|
|
|
|
setup_dir() {
|
|
# Create empty dir for synapse
|
|
mkdir -p /var/lib/matrix-synapse
|
|
mkdir -p /var/log/matrix-synapse
|
|
mkdir -p /var/log/turnserver
|
|
mkdir -p /etc/matrix-synapse/conf.d
|
|
mkdir -p $final_path
|
|
}
|
|
|
|
install_source() {
|
|
if [ -n "$(uname -m | grep arm)" ]
|
|
then
|
|
ynh_replace_string __APP_VERSION__ $APP_VERSION "$YNH_CWD/../conf/armv7.src"
|
|
ynh_setup_source $final_path/ "armv7"
|
|
else
|
|
# Install virtualenv if it don't exist
|
|
test -e $final_path/bin || virtualenv -p python2.7 $final_path
|
|
|
|
# Install synapse in virtualenv
|
|
PS1=""
|
|
cp ../conf/virtualenv_activate $final_path/bin/activate
|
|
source $final_path/bin/activate
|
|
pip install --upgrade pip
|
|
pip install --upgrade setuptools
|
|
pip install --upgrade cffi ndg-httpsclient psycopg2 lxml
|
|
pip install --upgrade https://github.com/matrix-org/synapse/archive/v$APP_VERSION.tar.gz
|
|
deactivate
|
|
fi
|
|
|
|
# Set permission
|
|
chown $synapse_user:root -R $final_path
|
|
chown $synapse_user:root -R /var/lib/matrix-synapse
|
|
chown $synapse_user:root -R /var/log/matrix-synapse
|
|
chown turnserver:root -R /var/log/turnserver
|
|
chown $synapse_user:root -R /etc/matrix-synapse
|
|
}
|
|
|
|
config_nginx() {
|
|
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
ynh_replace_string __PATH__ $path /etc/nginx/conf.d/$domain.d/$app.conf
|
|
ynh_replace_string __PORT__ $synapse_port /etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
systemctl reload nginx.service
|
|
}
|
|
|
|
config_synapse() {
|
|
cp ../conf/homeserver.yaml /etc/matrix-synapse/homeserver.yaml
|
|
cp ../conf/log.yaml /etc/matrix-synapse/log.yaml
|
|
|
|
ynh_replace_string __DOMAIN__ $domain /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __SYNAPSE_DB_USER__ $synapse_db_user /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __SYNAPSE_DB_PWD__ $synapse_db_pwd /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __PORT__ $synapse_port /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __TLS_PORT__ $synapse_tls_port /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __TURNSERVER_TLS_PORT__ $turnserver_tls_port /etc/matrix-synapse/homeserver.yaml
|
|
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/matrix-synapse/homeserver.yaml
|
|
|
|
if [ "$is_public" = "0" ]
|
|
then
|
|
ynh_replace_string __ALLOWED_ACCESS__ False /etc/matrix-synapse/homeserver.yaml
|
|
else
|
|
ynh_replace_string __ALLOWED_ACCESS__ True /etc/matrix-synapse/homeserver.yaml
|
|
fi
|
|
}
|
|
|
|
config_coturn() {
|
|
cp ../conf/default_coturn /etc/default/coturn
|
|
cp ../conf/turnserver.conf /etc/turnserver.conf
|
|
|
|
ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/turnserver.conf
|
|
ynh_replace_string __DOMAIN__ $domain /etc/turnserver.conf
|
|
ynh_replace_string __TLS_PORT__ $turnserver_tls_port /etc/turnserver.conf
|
|
}
|
|
|
|
set_certificat_access() {
|
|
set_access $synapse_user /etc/yunohost/certs/$domain/crt.pem
|
|
set_access $synapse_user /etc/yunohost/certs/$domain/key.pem
|
|
set_access $synapse_user /etc/yunohost/certs/$domain/dh.pem
|
|
|
|
set_access turnserver /etc/yunohost/certs/$domain/crt.pem
|
|
set_access turnserver /etc/yunohost/certs/$domain/key.pem
|
|
set_access turnserver /etc/yunohost/certs/$domain/dh.pem
|
|
}
|
|
|
|
set_access() { # example : set_access USER FILE
|
|
user="$1"
|
|
file_to_set="$2"
|
|
while [[ 0 ]]
|
|
do
|
|
path_to_set=""
|
|
oldIFS="$IFS"
|
|
IFS="/"
|
|
for dirname in $file_to_set
|
|
do
|
|
if [[ -n "$dirname" ]]
|
|
then
|
|
test -f "$path_to_set"/"$dirname" && setfacl -m d:u:$user:r "$path_to_set"
|
|
|
|
path_to_set="$path_to_set/$dirname"
|
|
|
|
if $(sudo -u $user test ! -r "$path_to_set")
|
|
then
|
|
test -d "$path_to_set" && setfacl -m user:$user:rx "$path_to_set"
|
|
test -f "$path_to_set" && setfacl -m user:$user:r "$path_to_set"
|
|
fi
|
|
fi
|
|
done
|
|
IFS="$oldIFS"
|
|
|
|
if $(test -L "$file_to_set")
|
|
then
|
|
if [[ -n "$(readlink "$file_to_set" | grep -e "^/")" ]]
|
|
then
|
|
file_to_set=$(readlink "$file_to_set") # If it is an absolute path
|
|
else
|
|
file_to_set=$(realpath -s -m "$(echo "$file_to_set" | cut -d'/' -f-$(echo "$file_to_set" | grep -o '/' | wc -l))/$(readlink "$file_to_set")") # If it is an relative path (we get with realpath the absolute path)
|
|
fi
|
|
else
|
|
break
|
|
fi
|
|
done
|
|
}
|
|
|
|
|
|
####### Solve issue https://dev.yunohost.org/issues/1006
|
|
|
|
# Build and install a package from an equivs control file
|
|
#
|
|
# example: generate an empty control file with `equivs-control`, adjust its
|
|
# content and use helper to build and install the package:
|
|
# ynh_package_install_from_equivs /path/to/controlfile
|
|
#
|
|
# usage: ynh_package_install_from_equivs controlfile
|
|
# | arg: controlfile - path of the equivs control file
|
|
ynh_package_install_from_equivs () {
|
|
controlfile=$1
|
|
|
|
# Check if the equivs package is installed. Or install it.
|
|
ynh_package_is_installed 'equivs' \
|
|
|| ynh_package_install equivs
|
|
|
|
# retrieve package information
|
|
pkgname=$(grep '^Package: ' $controlfile | cut -d' ' -f 2) # Retrieve the name of the debian package
|
|
pkgversion=$(grep '^Version: ' $controlfile | cut -d' ' -f 2) # And its version number
|
|
[[ -z "$pkgname" || -z "$pkgversion" ]] \
|
|
&& echo "Invalid control file" && exit 1 # Check if this 2 variables aren't empty.
|
|
|
|
# Update packages cache
|
|
ynh_package_update
|
|
|
|
# Build and install the package
|
|
TMPDIR=$(mktemp -d)
|
|
# Note that the cd executes into a sub shell
|
|
# Create a fake deb package with equivs-build and the given control file
|
|
# Install the fake package without its dependencies with dpkg
|
|
# Install missing dependencies with ynh_package_install
|
|
(cp "$controlfile" "${TMPDIR}/control" && cd "$TMPDIR" \
|
|
&& equivs-build ./control 1>/dev/null \
|
|
&& sudo dpkg --force-depends \
|
|
-i "./${pkgname}_${pkgversion}_all.deb" 2>&1 \
|
|
&& ynh_package_install -f) || ynh_die "Unable to install dependencies"
|
|
[[ -n "$TMPDIR" ]] && rm -rf $TMPDIR # Remove the temp dir.
|
|
|
|
# check if the package is actually installed
|
|
ynh_package_is_installed "$pkgname"
|
|
}
|
|
|
|
# Implement PR : https://github.com/YunoHost/yunohost/pull/392
|
|
|
|
# Use logrotate to manage the logfile
|
|
#
|
|
# usage: ynh_use_logrotate [logfile] [--non-append]
|
|
# | arg: logfile - absolute path of logfile
|
|
# | option: --non-append - Replace the config file instead of appending this new config.
|
|
#
|
|
# If no argument provided, a standard directory will be use. /var/log/${app}
|
|
# You can provide a path with the directory only or with the logfile.
|
|
# /parentdir/logdir
|
|
# /parentdir/logdir/logfile.log
|
|
#
|
|
# It's possible to use this helper several times, each config will be added to the same logrotate config file.
|
|
# Unless you use the option --non-append
|
|
ynh_use_logrotate () {
|
|
local customtee="tee -a"
|
|
if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then
|
|
customtee="tee"
|
|
# Destroy this argument for the next command.
|
|
shift
|
|
elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then
|
|
customtee="tee"
|
|
fi
|
|
if [ $# -gt 0 ]; then
|
|
if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile
|
|
logfile=$1 # In this case, focus logrotate on the logfile
|
|
else
|
|
logfile=$1/*.log # Else, uses the directory and all logfile into it.
|
|
fi
|
|
else
|
|
logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log
|
|
fi
|
|
cat > ./${app}-logrotate << EOF # Build a config file for logrotate
|
|
$logfile {
|
|
# Rotate if the logfile exceeds 100Mo
|
|
size 100M
|
|
# Keep 12 old log maximum
|
|
rotate 12
|
|
# Compress the logs with gzip
|
|
compress
|
|
# Compress the log at the next cycle. So keep always 2 non compressed logs
|
|
delaycompress
|
|
# Copy and truncate the log to allow to continue write on it. Instead of move the log.
|
|
copytruncate
|
|
# Do not do an error if the log is missing
|
|
missingok
|
|
# Not rotate if the log is empty
|
|
notifempty
|
|
# Keep old logs in the same dir
|
|
noolddir
|
|
}
|
|
EOF
|
|
sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist
|
|
cat ${app}-logrotate | sudo $customtee /etc/logrotate.d/$app > /dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee)
|
|
}
|