diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 81db798..dba7864 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,29 +1,14 @@ stages: - test - - doc -image: code.ungleich.ch:5050/ungleich-public/cdist-contrib/ci-container:latest +image: code.ungleich.ch:5050/ungleich-public/cdist/cdist-ci:latest shellcheck: stage: test script: - - make lint + - ./scripts/run-shellcheck.sh manpages: stage: test script: - - make check-manpages - -docs: - stage: doc - only: - - master - before_script: - - eval $(ssh-agent -s) - - echo "$CD_SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null - - mkdir -p ~/.ssh - - echo "$CD_SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - script: - - make html - - sftp fnux@staticwebhosting.ungleich.ch:public_html/cdist-contrib <<< "put -r docs/dist/html/*" + - ./scripts/run-manpage-checks.sh diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..a61c82d --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,4 @@ +# cdist-contrib changes + +* 2020-06-03: New type: __unbound (Timothée Floure) +* 2020-04-28: New type: __find_exec (Ander Punnar) diff --git a/Makefile b/Makefile deleted file mode 100644 index 1a0cfb3..0000000 --- a/Makefile +++ /dev/null @@ -1,70 +0,0 @@ -.PHONY: help -help: - @echo "Please use \`make ' where is one of" - @echo "man build only man user documentation" - @echo "html build only html user documentation" - @echo "docs build both man and html user documentation" - @echo "check-manpages check for manpage in types" - @echo "lint run shellcheck on types" - @echo "check run both type manpage checks and linting" - @echo "clean clean" - -DOCS_SRC_DIR=./docs/src -TYPEDIR=./type - -SPHINXM=make -C $(DOCS_SRC_DIR) man -SPHINXH=make -C $(DOCS_SRC_DIR) html -SPHINXC=make -C $(DOCS_SRC_DIR) clean - -################################################################################ -# Manpages -# -MAN7DSTDIR=$(DOCS_SRC_DIR)/man7 - -# Use shell / ls to get complete list - $(TYPEDIR)/*/man.rst does not work -# Using ls does not work if no file with given pattern exist, so use wildcard -MANTYPESRC=$(wildcard $(TYPEDIR)/*/man.rst) -MANTYPEPREFIX=$(subst $(TYPEDIR)/,$(MAN7DSTDIR)/cdist-type,$(MANTYPESRC)) -MANTYPES=$(subst /man.rst,.rst,$(MANTYPEPREFIX)) - -# Link manpage: do not create man.html but correct named file -$(MAN7DSTDIR)/cdist-type%.rst: $(TYPEDIR)/%/man.rst - mkdir -p $(MAN7DSTDIR) - ln -sf "../../../$^" $@ - -DOCSINDEX=$(MAN7DSTDIR)/index.rst -DOCSINDEXH=$(DOCS_SRC_DIR)/index.rst.sh - -$(DOCSINDEX): $(DOCSINDEXH) - $(DOCSINDEXH) - -# Manpages: .cdist Types -DOT_CDIST_PATH=${HOME}/.cdist -DOTMAN7DSTDIR=$(MAN7DSTDIR) -DOTTYPEDIR=$(DOT_CDIST_PATH)/type - -# Link manpage: do not create man.html but correct named file -$(DOTMAN7DSTDIR)/cdist-type%.rst: $(DOTTYPEDIR)/%/man.rst - ln -sf "$^" $@ - -man: $(MANTYPES) $(DOCSINDEX) - $(SPHINXM) - -html: $(MANTYPES) $(DOCSINDEX) - $(SPHINXH) - -docs: man html - -check-manpages: - ./scripts/run-manpage-checks.sh - -lint: - ./scripts/run-shellcheck.sh - -check: check-manpages lint - -clean: - $(SPHINXC) - rm -f docs/src/index.rst - rm -rf docs/src/man7/ - rm -rf docs/src/__pycache__/ diff --git a/README.md b/README.md index 28f54db..ef4b2c3 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,8 @@ tool with community-maitained types which are either too specific to fit/be maintained in cdist itself or were not accepted in code cdist but could still be useful. -This project does not have releases and is continously updated: see git history -for change log. You will find HTML documentation at -[contrib.cdi.st](https://contrib.cdi.st). +This project does not have releases and is continously updated: see +`CHANGELOG.md` for details. ## Using cdist-contrib @@ -33,11 +32,14 @@ And you would run [cdist][cdist] from the same directory as follows: ## Participating in the [cdist][cdist] community -Join us on [#cdist:ungleich.ch][cdistmatrix] on matrix! +Join us on [#cdist:ungleich.ch][cdistmatrix] on matrix or on +[#cdist over mattermost][cdistmattermost]. + [cdist]: https://www.cdi.st/ [cdistconfig]: https://www.cdi.st/manual/latest/cdist-configuration.html [cdistmatrix]: https://matrix.to/#/#cdist:ungleich.ch +[cdistmattermost]: https://chat.ungleich.ch/ungleich/channels/cdist ## Contributing @@ -51,11 +53,3 @@ Every type in cdist-contrib must: * Have a `man.rst` documentation page. * Pass [shellcheck](http://shellcheck.net/) without errors. - -## Other resources - -Some people/organizations are known to keep some cdist types that might be of -interest to others: - -* [cdist-evilham](https://git.sr.ht/~evilham/cdist-evilham): Evilham's cdist-types -* [cdist-recycledcloud](https://code.recycled.cloud/e-Durable/cdist-recycledcloud): e-Durable SA / Recycled Cloud public types diff --git a/docs/src/Makefile b/docs/src/Makefile deleted file mode 100644 index 2e9d6ce..0000000 --- a/docs/src/Makefile +++ /dev/null @@ -1,235 +0,0 @@ -# Makefile for Sphinx documentation -# - -# You can set these variables from the command line. -SPHINXOPTS ?= -SPHINXBUILD ?= sphinx-build -PAPER ?= -BUILDDIR ?= ../dist -# for cache, etc. -_BUILDDIR = _build - -# User-friendly check for sphinx-build -ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) - $(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don\'t have Sphinx installed, grab it from http://sphinx-doc.org/) -endif - -# Internal variables. -PAPEROPT_a4 = -D latex_paper_size=a4 -PAPEROPT_letter = -D latex_paper_size=letter -ALLSPHINXOPTS = -d $(_BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . -# the i18n builder cannot share the environment and doctrees with the others -I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . - -.PHONY: help -help: - @echo "Please use \`make ' where is one of" - @echo " html to make standalone HTML files" - @echo " dirhtml to make HTML files named index.html in directories" - @echo " singlehtml to make a single large HTML file" - @echo " pickle to make pickle files" - @echo " json to make JSON files" - @echo " htmlhelp to make HTML files and a HTML help project" - @echo " qthelp to make HTML files and a qthelp project" - @echo " applehelp to make an Apple Help Book" - @echo " devhelp to make HTML files and a Devhelp project" - @echo " epub to make an epub" - @echo " epub3 to make an epub3" - @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" - @echo " latexpdf to make LaTeX files and run them through pdflatex" - @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" - @echo " text to make text files" - @echo " man to make manual pages" - @echo " texinfo to make Texinfo files" - @echo " info to make Texinfo files and run them through makeinfo" - @echo " gettext to make PO message catalogs" - @echo " changes to make an overview of all changed/added/deprecated items" - @echo " xml to make Docutils-native XML files" - @echo " pseudoxml to make pseudoxml-XML files for display purposes" - @echo " linkcheck to check all external links for integrity" - @echo " doctest to run all doctests embedded in the documentation (if enabled)" - @echo " coverage to run coverage check of the documentation (if enabled)" - @echo " dummy to check syntax errors of document sources" - -.PHONY: clean -clean: - rm -rf $(BUILDDIR)/* - rm -rf $(_BUILDDIR)/* - -.PHONY: html -html: - $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html - @echo - @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." - -.PHONY: dirhtml -dirhtml: - $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml - @echo - @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." - -.PHONY: singlehtml -singlehtml: - $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml - @echo - @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." - -.PHONY: pickle -pickle: - $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle - @echo - @echo "Build finished; now you can process the pickle files." - -.PHONY: json -json: - $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json - @echo - @echo "Build finished; now you can process the JSON files." - -.PHONY: htmlhelp -htmlhelp: - $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp - @echo - @echo "Build finished; now you can run HTML Help Workshop with the" \ - ".hhp project file in $(BUILDDIR)/htmlhelp." - -.PHONY: qthelp -qthelp: - $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp - @echo - @echo "Build finished; now you can run "qcollectiongenerator" with the" \ - ".qhcp project file in $(BUILDDIR)/qthelp, like this:" - @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/cdist-docs.qhcp" - @echo "To view the help file:" - @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/cdist-docs.qhc" - -.PHONY: applehelp -applehelp: - $(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp - @echo - @echo "Build finished. The help book is in $(BUILDDIR)/applehelp." - @echo "N.B. You won't be able to view it unless you put it in" \ - "~/Library/Documentation/Help or install it in your application" \ - "bundle." - -.PHONY: devhelp -devhelp: - $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp - @echo - @echo "Build finished." - @echo "To view the help file:" - @echo "# mkdir -p $$HOME/.local/share/devhelp/cdist-docs" - @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/cdist-docs" - @echo "# devhelp" - -.PHONY: epub -epub: - $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub - @echo - @echo "Build finished. The epub file is in $(BUILDDIR)/epub." - -.PHONY: epub3 -epub3: - $(SPHINXBUILD) -b epub3 $(ALLSPHINXOPTS) $(BUILDDIR)/epub3 - @echo - @echo "Build finished. The epub3 file is in $(BUILDDIR)/epub3." - -.PHONY: latex -latex: - $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex - @echo - @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." - @echo "Run \`make' in that directory to run these through (pdf)latex" \ - "(use \`make latexpdf' here to do that automatically)." - -.PHONY: latexpdf -latexpdf: - $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex - @echo "Running LaTeX files through pdflatex..." - $(MAKE) -C $(BUILDDIR)/latex all-pdf - @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." - -.PHONY: latexpdfja -latexpdfja: - $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex - @echo "Running LaTeX files through platex and dvipdfmx..." - $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja - @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." - -.PHONY: text -text: - $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text - @echo - @echo "Build finished. The text files are in $(BUILDDIR)/text." - -.PHONY: man -man: - $(SPHINXBUILD) -b cman $(ALLSPHINXOPTS) $(BUILDDIR)/man - mkdir -p $(BUILDDIR)/man/man7 - mv -f $(BUILDDIR)/man/*.7 $(BUILDDIR)/man/man7/ - @echo - @echo "Build finished. The manual pages are in $(BUILDDIR)/man." - -.PHONY: texinfo -texinfo: - $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo - @echo - @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." - @echo "Run \`make' in that directory to run these through makeinfo" \ - "(use \`make info' here to do that automatically)." - -.PHONY: info -info: - $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo - @echo "Running Texinfo files through makeinfo..." - make -C $(BUILDDIR)/texinfo info - @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." - -.PHONY: gettext -gettext: - $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale - @echo - @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." - -.PHONY: changes -changes: - $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes - @echo - @echo "The overview file is in $(BUILDDIR)/changes." - -.PHONY: linkcheck -linkcheck: - $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck - @echo - @echo "Link check complete; look for any errors in the above output " \ - "or in $(BUILDDIR)/linkcheck/output.txt." - -.PHONY: doctest -doctest: - $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest - @echo "Testing of doctests in the sources finished, look at the " \ - "results in $(BUILDDIR)/doctest/output.txt." - -.PHONY: coverage -coverage: - $(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage - @echo "Testing of coverage in the sources finished, look at the " \ - "results in $(BUILDDIR)/coverage/python.txt." - -.PHONY: xml -xml: - $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml - @echo - @echo "Build finished. The XML files are in $(BUILDDIR)/xml." - -.PHONY: pseudoxml -pseudoxml: - $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml - @echo - @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." - -.PHONY: dummy -dummy: - $(SPHINXBUILD) -b dummy $(ALLSPHINXOPTS) $(BUILDDIR)/dummy - @echo - @echo "Build finished. Dummy builder generates no files." diff --git a/docs/src/conf.py b/docs/src/conf.py deleted file mode 100644 index 19b2dfd..0000000 --- a/docs/src/conf.py +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env python3 - -import sys -import os -import sphinx_rtd_theme - -from datetime import date - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -# sys.path.insert(0, os.path.abspath('.')) -sys.path.insert(0, os.path.abspath(os.path.join( - os.path.dirname(os.path.realpath(__file__)), "..", ".."))) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -# needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [ - 'docs.src.manpage', - 'sphinx.ext.extlinks', -] - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -source_suffix = ['.rst'] - -# The encoding of source files. -# source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = 'cdist-contrib' -copyright = 'cdist-contrib contributors' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. - -version = str(date.today()) -release = os.popen('git rev-parse HEAD').read() - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = False - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'sphinx_rtd_theme' -html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] - -# Output file base name for HTML help builder. -htmlhelp_basename = 'cdistcontribdoc' - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -root_mandir = os.path.dirname(os.path.realpath(__file__)) -mandirs = [] -for mansubdir in ('man7',): - mandirs.append((os.path.join(root_mandir, mansubdir), mansubdir[-1])) -man_pages = [] -for mandir, section in mandirs: - for root, dirs, files in os.walk(mandir): - for fname in files: - froot, fext = os.path.splitext(fname) - if fext == '.rst': - man_page = (os.path.join('man' + str(section), froot), - froot, '', [], section) - man_pages.append(man_page) - -# man_pages = [ -# ('cdist-type', 'cdist-type', 'cdist-type documentation', -# [author], 1), -# ('man7/cdist-type__file', 'cdist-type__file', -# '', [], 1), -# ('cdist-type__directory', 'cdist-type__directory', -# 'cdist-type__directory documentation', [author], 1), -# ] - -# If true, show URL addresses after external links. -# man_show_urls = False diff --git a/docs/src/index.rst.sh b/docs/src/index.rst.sh deleted file mode 100755 index babc1d9..0000000 --- a/docs/src/index.rst.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh - -__cdist_pwd="$(pwd -P)" -__cdist_mydir="${0%/*}"; -__cdist_abs_mydir="$(cd "$__cdist_mydir" && pwd -P)" -__cdist_myname=${0##*/}; -__cdist_abs_myname="$__cdist_abs_mydir/$__cdist_myname" - -filename="${__cdist_myname%.sh}" -dest="$__cdist_abs_mydir/$filename" - -if ! command -v pandoc > /dev/null; then - echo "Pandoc is required to generate HTML index from README." >&2 - exit 1 -fi - -cd "$__cdist_abs_mydir" - -exec > "$dest" - -pandoc -f markdown -t rst ../../README.md - -cat << EOF - -.. toctree:: - :hidden: - -EOF - -# If there is no such file then ls prints error to stderr, -# so redirect stderr to /dev/null. -for type in $(ls man7/cdist-type__*.rst 2>/dev/null | LC_ALL=C sort); do - no_dir="${type#man7/}"; - no_type="${no_dir#cdist-type}"; - name="${no_type%.rst}"; - manref="${no_dir%.rst}" - man="${manref}(7)" - - echo " $name" "" -done diff --git a/docs/src/manpage.py b/docs/src/manpage.py deleted file mode 100644 index 1f8ac4f..0000000 --- a/docs/src/manpage.py +++ /dev/null @@ -1,87 +0,0 @@ -import sphinx.builders.manpage -import sphinx.writers.manpage -from docutils.frontend import OptionParser -from sphinx.util.console import bold, darkgreen -from six import string_types -from docutils.io import FileOutput -from os import path -from sphinx.util.nodes import inline_all_toctrees -from sphinx import addnodes -from sphinx.util import logging - -""" - Extension based on sphinx builtin manpage. - It does not write its own .SH NAME based on config, - but leaves everything to actual reStructuredText file content. -""" - - -logger = logging.getLogger(__name__) - - -class ManualPageTranslator(sphinx.writers.manpage.ManualPageTranslator): - - def header(self): - tmpl = (".TH \"%(title_upper)s\" \"%(manual_section)s\"" - " \"%(date)s\" \"%(version)s\" \"%(manual_group)s\"\n") - return tmpl % self._docinfo - - -class ManualPageWriter(sphinx.writers.manpage.ManualPageWriter): - - def __init__(self, builder): - super().__init__(builder) - self.translator_class = ( - self.builder.get_translator_class() or ManualPageTranslator) - - -class ManualPageBuilder(sphinx.builders.manpage.ManualPageBuilder): - - name = 'cman' - default_translator_class = ManualPageTranslator - - def write(self, *ignored): - docwriter = ManualPageWriter(self) - docsettings = OptionParser( - defaults=self.env.settings, - components=(docwriter,), - read_config_files=True).get_default_values() - - logger.info(bold('writing... '), nonl=True) - - for info in self.config.man_pages: - docname, name, description, authors, section = info - if isinstance(authors, string_types): - if authors: - authors = [authors] - else: - authors = [] - - targetname = '%s.%s' % (name, section) - logger.info(darkgreen(targetname) + ' { ', nonl=True) - destination = FileOutput( - destination_path=path.join(self.outdir, targetname), - encoding='utf-8') - - tree = self.env.get_doctree(docname) - docnames = set() - largetree = inline_all_toctrees(self, docnames, docname, tree, - darkgreen, [docname]) - logger.info('} ', nonl=True) - self.env.resolve_references(largetree, docname, self) - # remove pending_xref nodes - for pendingnode in largetree.traverse(addnodes.pending_xref): - pendingnode.replace_self(pendingnode.children) - - largetree.settings = docsettings - largetree.settings.title = name - largetree.settings.subtitle = description - largetree.settings.authors = authors - largetree.settings.section = section - - docwriter.write(largetree, destination) - logger.info("") - - -def setup(app): - app.add_builder(ManualPageBuilder) diff --git a/scripts/ci-container/Dockerfile b/scripts/ci-container/Dockerfile deleted file mode 100644 index 9900322..0000000 --- a/scripts/ci-container/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -# This image is used in the cdist-contrib CI for linting and generating the -# documentation. -FROM fedora:latest -MAINTAINER Timothée Floure - -RUN dnf install -y git findutils make python3-sphinx python3-sphinx_rtd_theme \ - ShellCheck openssh-clients pandoc diff --git a/scripts/run-shellcheck.sh b/scripts/run-shellcheck.sh index d6c2db6..769f853 100755 --- a/scripts/run-shellcheck.sh +++ b/scripts/run-shellcheck.sh @@ -1,29 +1,21 @@ -#!/bin/sh -eu +#!/bin/sh -SHELLCHECKCMD='shellcheck -s sh -f gcc -x' +SHELLCHECKCMD="shellcheck -s sh -f gcc -x" # Skip SC2154 for variables starting with __ since such variables are cdist # environment variables. SHELLCHECK_SKIP=': __.*is referenced but not assigned.*\[SC2154\]' -SHELLCHECKTMP='.shellcheck.tmp' +SHELLCHECKTMP=".shellcheck.tmp" # Move to top-level cdist-contrib directory. -cd "$(dirname $0)"/.. +cd $(dirname $0)/.. -check() { - find type/ -type f "$@" -exec ${SHELLCHECKCMD} {} + \ - | grep -v "${SHELLCHECK_SKIP}" >>"${SHELLCHECKTMP}" || true +check () { + find type/ -type f $1 $2 -exec ${SHELLCHECKCMD} {} + | grep -v "${SHELLCHECK_SKIP}" > "${SHELLCHECKTMP}" + test ! -s "${SHELLCHECKTMP}" || { cat "${SHELLCHECKTMP}"; exit 1; } } -rm -f "${SHELLCHECKTMP}" - -check -path '*/explorer/*' -check -path '*/files/*' -name '*.sh' +check -path "*/explorer/*" +check -path "*/files/*" check -name manifest check -name gencode-local check -name gencode-remote - -if test -s "${SHELLCHECKTMP}" -then - cat "${SHELLCHECKTMP}" >&2 - exit 1 -fi diff --git a/type/__borg_repo/gencode-remote b/type/__borg_repo/gencode-remote deleted file mode 100644 index 542bf5f..0000000 --- a/type/__borg_repo/gencode-remote +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -passphrase= -appendonly= - -case "$(cat "${__object:?}/parameter/encryption")" in - none) - enc=none - ;; - repokey) - enc=repokey - if [ -f "${__object:?}/parameter/passphrase" ]; - then - passphrase="$(cat "${__object:?}/parameter/passphrase")" - else - echo "__borg_repo cannot use repokey encryption with no passphrase. Aborting." >&2; - exit 1; - fi - ;; - *) - echo "$enc is not a known encryption mode for __borg_repo. Aborting." >&2 - exit 1; -esac - -if [ -f "${__object:?}/parameter/append-only" ]; -then - appendonly='--append-only' -fi - -cat <<- EOF - if ! borg check --repository-only 1>&2 2>/dev/null "/${__object_id:?}"; - then - BORG_NEW_PASSPHRASE=$passphrase borg init -e ${enc:?} $appendonly /${__object_id:?} - fi -EOF - diff --git a/type/__borg_repo/man.rst b/type/__borg_repo/man.rst deleted file mode 100644 index 38ab0c9..0000000 --- a/type/__borg_repo/man.rst +++ /dev/null @@ -1,43 +0,0 @@ -cdist-type__borg_repo(7) -======================== - -NAME ----- -cdist-type__borg_repo - Configure a borg repository on host - - -DESCRIPTION ------------ - -Initializes a borg repository at the location specified in the -`${__object_id}`. Nothing is done if the repository already exists. - -Currently, only `none` and `repokey` are supported as encryption modes; -`repokey` requires the `passphrase` argument to be given. The default is -`none`. - -REQUIRED PARAMETERS -------------------- -encryption - The encryption to use. - -OPTIONAL PARAMETERS -------------------- -passphrase - The passphrase to encrypt the keyfile with. - -BOOLEAN PARAMETERS ------------------- -append-only - If the repository is append-only - -AUTHORS -------- -Joachim Desroches - -COPYING -------- -Copyright \(C) 2020 Joachim Desroches. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/type/__borg_repo/manifest b/type/__borg_repo/manifest deleted file mode 100644 index fe18c9c..0000000 --- a/type/__borg_repo/manifest +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -os="$(cat "${__global:?}"/explorer/os)" - -case "$os" in - "alpine") - borg_package=borgbackup - ;; - *) - echo "__borg_repo is not yet implemented for os $os. Aborting." >&2; - exit 1; -esac - -__package "$borg_package" diff --git a/type/__borg_repo/parameter/boolean b/type/__borg_repo/parameter/boolean deleted file mode 100644 index f8ee7c6..0000000 --- a/type/__borg_repo/parameter/boolean +++ /dev/null @@ -1 +0,0 @@ -append-only diff --git a/type/__borg_repo/parameter/default/encryption b/type/__borg_repo/parameter/default/encryption deleted file mode 100644 index 621e94f..0000000 --- a/type/__borg_repo/parameter/default/encryption +++ /dev/null @@ -1 +0,0 @@ -none diff --git a/type/__borg_repo/parameter/optional b/type/__borg_repo/parameter/optional deleted file mode 100644 index f63b25b..0000000 --- a/type/__borg_repo/parameter/optional +++ /dev/null @@ -1 +0,0 @@ -passphrase diff --git a/type/__borg_repo/parameter/required b/type/__borg_repo/parameter/required deleted file mode 100644 index a5465f8..0000000 --- a/type/__borg_repo/parameter/required +++ /dev/null @@ -1 +0,0 @@ -encryption diff --git a/type/__dma/explorer/auth_conf b/type/__dma/explorer/auth_conf deleted file mode 100755 index cef0aca..0000000 --- a/type/__dma/explorer/auth_conf +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# This explorer determines the path of dma's auth.conf file - -# No dma.conf -> use default -test -f /etc/dma/dma.conf || { - echo /etc/dma/auth.conf - exit 0 -} -test -r /etc/dma/dma.conf || { - echo 'Cannot read /etc/dma/dma.conf' >&2 - exit 1 -} - -# Get AUTHPATH from dma.conf -awk -F'[ \t]' ' -{ - sub(/#.*$/, "", $0) # remove comments - if (!$0) next # ignore empty lines -} -$1 == "AUTHPATH" { - # Store authpath. In dma conf parsing last wins. - if ($2) authpath = substr($0, index($0, " ") + 1) -} -END { - if (authpath) { - print authpath - exit 0 - } else exit 1 -} -' /etc/dma/dma.conf \ -|| echo /etc/dma/auth.conf # default diff --git a/type/__dma/explorer/conf b/type/__dma/explorer/conf deleted file mode 100755 index b4d6d26..0000000 --- a/type/__dma/explorer/conf +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# This explorer returns a sorted list of "active" (= non-commented) lines -# in the dma.conf file. -# "Trailing" line comments are stripped off. -# -# NOTE: This explorer assumes that the sort(1) utility supports the non-POXIX -# -s (stable sort) option. - -CONF_PATH=/etc/dma # set in Makefile -dma_conf="${CONF_PATH:?}/dma.conf" - -test -f "${dma_conf}" || exit 0 - -grep -v -e '^[ \t]*#\|^$' "${dma_conf}" \ -| sed -e 's/[ \t]*#.*$//' \ -| sort -s -k 1,1 diff --git a/type/__dma/files/update_dma_conf.awk b/type/__dma/files/update_dma_conf.awk deleted file mode 100644 index 15ef7bf..0000000 --- a/type/__dma/files/update_dma_conf.awk +++ /dev/null @@ -1,178 +0,0 @@ -#!/usr/bin/awk -f -# -# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . - -function comment_line(line) { - # returns the position in line at which the comment's text starts - # (0 if the line is not a comment) - match(line, /^[ \t]*\#+[ \t]*/) - return RSTART ? (RLENGTH + 1) : 0 -} -function empty_line(line) { return line ~ /^[ \t]*$/ } -function is_word(s) { return s ~ /^[A-Z_]+$/ } # "looks like a plausible word" - -function first(line, sep_re) { - # returns the part of the line until sep is found - # (or the whole line if sep is not found) - if (!sep_re) sep_re = "[" SUBSEP "]" - match(line, sep_re) - return RSTART ? substr(line, 1, RSTART - 1) : line -} - -function rest(line, sep_re) { - # returns the part of the line after the first occurrence of sep is found. - # (or nothing if sep is not found) - if (!sep_re) sep_re = "[" SUBSEP "]" - if (match(line, sep_re)) - return substr(line, RSTART + RLENGTH) -} - -function conf_pop(word, value) { - # returns the next value for the config `word` and delete it from the list. - # if value is set, this function will only return value if it is the first - # option in the list, otherwise it returns 0. - - if (!(word in conf)) return 0 - if (!value) { - if (index(conf[word], SUBSEP)) # more than one element? - value = substr(conf[word], 1, index(conf[word], SUBSEP) - 1) - else - value = conf[word] - } - - if (index(conf[word], SUBSEP)) { - if (index(conf[word], value SUBSEP) != 1) return 0 - conf[word] = substr(conf[word], length(value) + 2) - } else { - if (conf[word] != value) return 0 - delete conf[word] - } - return value -} - -function print_conf(word, value) { - # print a config line with the given parameters - printf "%s", word - if (value) printf " %s", value - printf "\n" -} - -function print_confs(word, value) { - # print config lines for all values stored in conf[word]. - if (!(word in conf)) return - if (conf[word]) { - while (value = conf_pop(word)) - print_conf(word, value) - } else { - print_conf(word) - delete conf[word] - } -} - -BEGIN { - FS = "\n" - EQS = "[ \t]" # copied from dma/conf.c - - if (ARGV[2]) exit (e=1) - - # Loop over file twice! - ARGV[2] = ARGV[1] - ARGC++ - - # read the "should" state into the `conf` array. - while (getline < "/dev/stdin") { - word = first($0, EQS) - if ((word in conf)) - conf[word] = conf[word] SUBSEP rest($0, EQS) - else - conf[word] = rest($0, EQS) - } -} - -# first pass, gather information about where which information is stored in the -# current config file. This information will be used in the second pass. -NR == FNR { - if (comment_line($0)) { - # comment line - word = first(substr($0, comment_line($0)), " ") - if (is_word(word)) last_occ["#" word] = FNR - } else { - word = first($0, EQS) - if (is_word(word)) last_occ[word] = FNR - } -} - -# before second pass prepare hashes containing location information to be used -# in the second pass. -NR > FNR && FNR == 1 { - # First we drop the locations of commented-out options if a non-commented - # option is available. If a non-commented option is available, we will - # append new config options there to have them all at one place. - for (k in last_occ) - if (k ~ /^\#/ && (substr(k, 2) in last_occ)) - delete last_occ[k] - - # Reverse the option => line mapping. The line_map allows for easier lookups - # in the second pass. - for (k in last_occ) line_map[last_occ[k]] = k -} - -# second pass, generate and output new config -NR > FNR { - if (comment_line($0) || empty_line($0)) { - # comment or empty line - print - - if ((FNR in line_map)) { - if (line_map[FNR] ~ /^\#/) { - # This line contains a commented config option. If the conf hash - # contains options to be set, we output them here because this - # option is not used in the current config. - k = substr(line_map[FNR], 2) - if ((k in conf)) print_confs(k) - } - - if (("INSECURE" in conf) && line_map[FNR] ~ /^\#?SECURE$/) { - # INSECURE goes where SECURE comment is. - print_confs("INSECURE") - } - } - } else { - word = first($0, EQS) - value = rest($0, EQS) - sub(/[ \t]*\#.*$/, "", value) # ignore comments in value - - if ((word in conf) && value == first(conf[word])) { - # keep config options we want - conf_pop(word) - print - } - - if ((FNR in line_map) && line_map[FNR] == word) { - # rest of config options should be here - print_confs(word) - } - } -} - -END { - if (e) exit - - # print rest of config options ( - for (word in conf) print_confs(word) -} diff --git a/type/__dma/gencode-remote b/type/__dma/gencode-remote deleted file mode 100755 index 580b22e..0000000 --- a/type/__dma/gencode-remote +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -quote() { printf "'%s'" "$(printf '%s' "$*" | sed -e "s/'/'\\\\''/g")"; } -drop_awk_comments() { quote "$(sed '/^[[:blank:]]*#.*$/d;/^$/d' "$@")"; } - -CONF_PATH=/etc/dma # set in Makefile - -# Determine mailname -if test -f "${__object:?}/parameter/mailname" -then - mailname=$(cat "${__object:?}/parameter/mailname") -else - case $(cat "${__global:?}/explorer/os") - in - (debian|devuan|ubuntu) - # On Debian-like systems use /etc/mailname unless --mailname is used - mailname='/etc/mailname' - ;; - (*) - mailname=${__target_fqdn:?} - ;; - esac -fi - - -# Generate "should" values for config -conf_should=$( - if test -s "${__object:?}/parameter/smarthost" - then - printf 'SMARTHOST %s\n' "$(cat "${__object:?}/parameter/smarthost")" - fi - - printf 'MAILNAME %s\n' "${mailname}" - - if test -s "${__object:?}/explorer/auth_conf" - then - printf "AUTHPATH %s\n" "$(cat "${__object:?}/explorer/auth_conf")" - fi - - case $(cat "${__object:?}/parameter/security") - in - (ssl|tls) - default_smtp_port=465 - echo 'SECURETRANSFER' - ;; - (starttls) - default_smtp_port=587 - echo 'SECURETRANSFER' - echo 'STARTTLS' - ;; - (opportunistic) - default_smtp_port=25 - echo 'SECURETRANSFER' - echo 'STARTTLS' - echo 'OPPORTUNISTIC_TLS' - ;; - (insecure) - default_smtp_port=25 - echo 'INSECURE' - ;; - esac - - if test -s "${__object:?}/parameter/port" - then - printf 'PORT %u\n' "$(cat "${__object:?}/parameter/port")" - elif test "${default_smtp_port}" -ne 25 # DMA uses port 25 by default - then - printf 'PORT %u\n' "${default_smtp_port}" - fi - - if test -f "${__object:?}/parameter/masquerade" - then - while read -r line - do - printf 'MASQUERADE %s\n' "${line}" - done <"${__object:?}/parameter/masquerade" - fi - - if test -f "${__object:?}/parameter/defer" - then - echo 'DEFER' - fi - - if test -f "${__object:?}/parameter/fullbounce" - then - echo 'FULLBOUNCE' - fi - - if test -f "${__object:?}/parameter/nullclient" - then - test -s "${__object:?}/parameter/smarthost" || { - echo '--nullclient requires a --smarthost to be defined' >&2 - exit 1 - } - - echo 'NULLCLIENT' - fi -) -# Sort conf_should to compare against "conf_is" -conf_should=$(echo "${conf_should}" | sort -s -k 1,1) - -config_updated=false -if ! echo "${conf_should}" | cmp -s "${__object:?}/explorer/conf" - -then - # config needs to be updated - dma_conf="${CONF_PATH:?}/dma.conf" - - # The following AWK script will output the new config file to be stored on - # disk. To do so it reads the current dma.conf file and the config options - # that should be set (from stdin). - # Note that the path to the current dma.conf is passed to AWK twice, because - # the new file cannot be generated in one pass. - - # The logic tries to place options at a sensible location, that is: - # a) if the option is already used in the config file: - # group all similar options (e.g. MASQUERADE) at one place in the order - # they are listed in stdin. - # b) if it is a new option and a "default comment" (e.g. "#PORT 25") exists: - # place options grouped directly after the comment (the comment is left - # alone) - # c) otherwise: - # options are grouped by word (the first word in the line) and appended - # at the end of the file. - - cat <<-CODE - awk $(drop_awk_comments "${__type:?}/files/update_dma_conf.awk") $(quote "${dma_conf}") <<'EOF' >$(quote "${dma_conf}.tmp") \ - && cat $(quote "${dma_conf}.tmp") >$(quote "${dma_conf}") - ${conf_should} - EOF - rm $(quote "${dma_conf}.tmp") - CODE - - config_updated=true - echo 'config updated' >>"${__messages_out:?}" -fi - - -# Send a test email if enabled and necessary (=configuration changed) -if test -f "${__object:?}/parameter/send-test-mail" -then - if grep -q '^__mail_alias/root:' "${__messages_in:?}" \ - || grep -q '^__dma_auth/' "${__messages_in:?}" \ - || ${config_updated} - then - cat <<-CODE - sendmail root <<'EOF' - Subject: [cdist] Test mail from '${__target_fqdn:?}' - - Hi, - - you can ignore this message. - Its sole purpose is to notify you that root mail on ${__target_fqdn:?} - will be redirected to you. - - Enjoy! - EOF - CODE - fi -fi diff --git a/type/__dma/man.rst b/type/__dma/man.rst deleted file mode 100644 index 29a71fa..0000000 --- a/type/__dma/man.rst +++ /dev/null @@ -1,112 +0,0 @@ -cdist-type__dma(7) -============================ - -NAME ----- -cdist-type__dma - Setup the DragonFly Mail Agent as the MTA. - - -DESCRIPTION ------------ -This (singleton) type uses DMA, a small Mail Transport Agent (MTA), to accept -mails from locally installed Mail User Agents (MUA) and either deliver the mails -to a remote smart host for delivery or communicate with remote SMTP servers -directly. - - -REQUIRED PARAMETERS -------------------- -None. - - -BOOLEAN PARAMETERS ------------------- -defer - If enabled, mail will not be sent immediately, but stored in a queue. - To flush the queue and send the mails, ```dma -q`` has to be run - periodically (e.g. using a cron job.) - This type does not manage such a cron job, but some operating systems ship - such a cron job with the package. -fullbounce - Enable if bounce messages should include the complete original message, - not just the headers. -nullclient - Enable to bypass aliases and local delivery, and instead forward all mails - to the defined ``--smarthost``. -send-test-mail - If set, this type will send a test email to root after setup, to check if - the configured settings work. - - -OPTIONAL PARAMETERS -------------------- -mailname - If present, this will be the hostname used to identify this host and the - remote part of the sender addresses. - If not defined, it defaults to ``/etc/mailname`` on Debian derivatives and - to ``__target_fqdn`` otherwise. - See `dma(8)` for more information. - - Note: on Debian derivatives the ``/etc/mailname`` file should be updated - instead of using this parameter. -masquerade - Masquerade the envelope-from addresses with this address/hostname. - Use this setting if mails are not accepted by destination mail servers - because your sender domain is invalid. - This option can be used multiple times. - For more information see the `dma(8)` man page. -port - The port on which to deliver email. - If not provided, a sensible default port will be used based on the - ``--security`` argument. -security - Configures whether and how DMA should use secure connections. - - ssl/tls - Enable TLS/SSL secured transfer. - starttls - Use STARTTLS to establish a secure connection. - opportunistic (default) - Will try to establish a secure connection using STARTTLS, but allow - unencrypted transfer if STARTTLS fails. - Most useful when dma is used without a smarthost, delivering remote - messages directly to the outside mail exchangers. - insecure - allow plain text SMTP login over an insecure connection. - Should really *not* be used anymore! -smarthost - The mail server used to send email. - It must be configured to act as a relay for the host being configured by - this type so that mail can be sent to users non-local to the smarthost. - - -EXAMPLES --------- - -.. code-block:: sh - - # Install DMA and use the smarthost mx1.domain.tld to send mail. - __dma --smarthost mx1.domain.tld --send-test-mail - - # Install DMA in a default configuration. - __dma - - -SEE ALSO --------- -- `DragonFly Mail Agent `_ -- `DragonFly Handbook MTA `_ - - -AUTHORS -------- -Evilham -Dennis Camera - - -COPYING -------- -Copyright \(C) 2020 Evilham and Dennis Camera. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/type/__dma/manifest b/type/__dma/manifest deleted file mode 100755 index 530ad09..0000000 --- a/type/__dma/manifest +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -os=$(cat "${__global:?}/explorer/os") - -# Install DMA -case ${os} -in - (alpine) - __package dma --state present - export require='__package/dma' - ;; - (debian|devuan|ubuntu) - __package dma --state present - export require='__package/dma' - ;; - (freebsd) - # Stop sendmail if necessary - __process 'sendmail' --name 'sendmail.*' --state absent \ - --stop '/etc/rc.d/sendmail onestop' - - # ... and disable it - __key_value 'rcconf-sendmail-enable' --file '/etc/rc.conf' \ - --key 'sendmail_enable' --delimiter '=' --value '"NONE"' \ - --exact_delimiter - - # Setup mailwrapper accordingly - __file '/etc/mail/mailer.conf' --mode 0644 --source - <<-'EOF' - # - # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail - # - sendmail /usr/libexec/dma - send-mail /usr/libexec/dma - mailq /usr/libexec/dma - newaliases /usr/libexec/dma - rmail /usr/libexec/dma - EOF - ;; - (*) - cat <&2 -Your OS (${os}) is not supported yet. - -Maybe adding support is as simple as adapting the packages or allowing it, -we highly encourage you to open a PR with the necessary changes. -See: https://code.ungleich.ch/ungleich-public/cdist-contrib/ -EOF - exit 1 - ;; -esac diff --git a/type/__dma/parameter/boolean b/type/__dma/parameter/boolean deleted file mode 100644 index 523bb97..0000000 --- a/type/__dma/parameter/boolean +++ /dev/null @@ -1,4 +0,0 @@ -defer -fullbounce -nullclient -send-test-mail diff --git a/type/__dma/parameter/default/security b/type/__dma/parameter/default/security deleted file mode 100644 index 9f1e0a6..0000000 --- a/type/__dma/parameter/default/security +++ /dev/null @@ -1 +0,0 @@ -opportunistic diff --git a/type/__dma/parameter/optional b/type/__dma/parameter/optional deleted file mode 100644 index 615c189..0000000 --- a/type/__dma/parameter/optional +++ /dev/null @@ -1,4 +0,0 @@ -mailname -port -security -smarthost diff --git a/type/__dma/parameter/optional_multiple b/type/__dma/parameter/optional_multiple deleted file mode 100644 index 70f4146..0000000 --- a/type/__dma/parameter/optional_multiple +++ /dev/null @@ -1 +0,0 @@ -masquerade diff --git a/type/__dma_auth/explorer/auth_conf b/type/__dma_auth/explorer/auth_conf deleted file mode 120000 index e89de93..0000000 --- a/type/__dma_auth/explorer/auth_conf +++ /dev/null @@ -1 +0,0 @@ -../../__dma/explorer/auth_conf \ No newline at end of file diff --git a/type/__dma_auth/explorer/state b/type/__dma_auth/explorer/state deleted file mode 100755 index c829cd4..0000000 --- a/type/__dma_auth/explorer/state +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# This explorer looks for a line matching the server parameter -# in dma's auth.conf and reports: -# present: a line matching login + host + password exists -# absent: no line matching login + host exists -# different_login: a line exists but with a different login user -# different_password: a line exists but with a different password -# multiple: multiple lines matching host exist (should not happen) - -auth_conf=$("${__type_explorer:?}/auth_conf") -test -r "${auth_conf}" || exit 0 - -awk -F'\n' ' -function getvalue(path) { - # Reads the first line of the file located at path and returns it. - getline < path - close(path) - return $0 -} - -BEGIN { - DP = "[: \t]" # copied from dma/conf.c - - parameter_dir = ENVIRON["__object"] "/parameter/" - - # Read the parameters of this object - host_param = ENVIRON["__object_id"] - login_param = getvalue(parameter_dir "login") - passwd_param = getvalue(parameter_dir "password") - - state = "absent" -} - -/^#/ || /^$/ { - # skip comments and empty lines - next -} - -{ - # parse line - - login = substr($0, 1, index($0, "|") - 1) - if (!login) { login = $0 } # if no "|" found - - host = substr($0, length(login) + 2) - - if (match(host, DP)) { - passwd = substr(host, RSTART + 1) - host = substr(host, 1, RSTART - 1) - } else { - passwd = "" - } -} - -host == host_param { - # a match… - if (state == "absent") { - if (login != login_param) - state = "different_login" - else if (passwd != passwd_param) - state = "different_password" - else - state = "present" - } else { - # report "multiple" to that the type can remove the duplicates. - state = "multiple" - } -} - -END { - print state -} -' "${auth_conf}" diff --git a/type/__dma_auth/files/update_dma_auth.awk b/type/__dma_auth/files/update_dma_auth.awk deleted file mode 100644 index c50198b..0000000 --- a/type/__dma_auth/files/update_dma_auth.awk +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/awk -f -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -function getvalue(path) { - # Reads the first line of the file located at path and returns it. - getline < path - close(path) - return $0 -} - -function print_should() { - printf "%s|%s:%s\n", login_param, host_param, passwd_param -} - -BEGIN { - FS = "\n" - DP = "[: \t]" # copied from dma/conf.c - - parameter_dir = ENVIRON["__object"] "/parameter/" - - mode = (getvalue(parameter_dir "state") != "absent") - - host_param = ENVIRON["__object_id"] - login_param = getvalue(parameter_dir "login") - passwd_param = getvalue(parameter_dir "password") -} - -# skip comments and empty lines -/^#/ || /^$/ { - print - next -} - -{ - # parse line (like dma/conf.c would) - - login = substr($0, 1, index($0, "|") - 1) - if (!login) { login = $0 } # if no "|" found - - host = substr($0, length(login) + 2) - - if (match(host, DP)) { - passwd = substr(host, RSTART + 1) - host = substr(host, 1, RSTART - 1) - } else { - passwd = "" - } -} - -host == host_param { - if (mode) { - # state_should == present - if (!written) { - # replace first line if host matches (but only if no line has - # been written already -> no duplicates) - print_should() - written = 1 - } - next - } else { - # state_should == absent - next - } -} - -# leave other lines alone -{ - print -} - -END { - if (mode && !written) { - # append line if no match to replace was found - print_should() - } -} diff --git a/type/__dma_auth/gencode-remote b/type/__dma_auth/gencode-remote deleted file mode 100755 index b6a0100..0000000 --- a/type/__dma_auth/gencode-remote +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -quote() { printf "'%s'" "$(printf '%s' "$*" | sed -e "s/'/'\\\\''/g")"; } -drop_awk_comments() { quote "$(sed '/^[[:blank:]]*#.*$/d;/^$/d' "$@")"; } - -state_is=$(cat "${__object:?}/explorer/state") -state_should=$(cat "${__object:?}/parameter/state") - -server=${__object_id:?} -login=$(cat "${__object:?}/parameter/login") - - -auth_conf=$(cat "${__object:?}/explorer/auth_conf") -test -n "${auth_conf}" || { - echo 'Cannot determine path of dma auth.conf' >&2 - exit 1 -} - -if test "${state_is}" = "${state_should}" -then - # state is as it should - exit 0 -fi - -case ${state_should} -in - (present) - test -n "${login}" || { echo '--login must be non-empty' >&2; exit 1; } - - if test "${state_is}" = 'absent' - then - printf 'add authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out:?}" - else - printf 'set authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out:?}" - fi - ;; - (absent) - printf 'delete authuser %s on %s\n' "${login}" "${server}" >>"${__messages_out:?}" - ;; - (*) - printf 'Invalid --state: %s.\n' "${state_should}" >&2 - printf 'Acceptable values are: present, absent.\n' >&2 - exit 1 - ;; -esac - - -cat <$(quote "${auth_conf}.tmp") \ -&& cat $(quote "${auth_conf}.tmp") >$(quote "${auth_conf}") -rm -f $(quote "${auth_conf}.tmp") -EOF diff --git a/type/__dma_auth/man.rst b/type/__dma_auth/man.rst deleted file mode 100644 index da76883..0000000 --- a/type/__dma_auth/man.rst +++ /dev/null @@ -1,66 +0,0 @@ -cdist-type__dma_auth(7) -======================= - -NAME ----- -cdist-type__dma_auth - Configure SMTP logins for the DragonFly Mail Agent MTA. - - -DESCRIPTION ------------ -This cdist type allows you to set up credentials to log in to remote SMTP -servers. - -NB: dma currently (v0.13) does not differentiate between users on a host. - It will use whatever user it finds in the ``auth.conf`` first. - Thus, this type will use the ``__object_id`` as the host specifier. - - -REQUIRED PARAMETERS -------------------- -login - The user's LOGIN name on the SMTP server. -password - The user's password (in plain text.) - - -OPTIONAL PARAMETERS -------------------- -state - Either ``present`` or ``absent``. Defaults to ``present``. - -BOOLEAN PARAMETERS ------------------- -None. - - -EXAMPLES --------- - -.. code-block:: sh - - # Set the password for smarthost - __dma_auth smarthost.example.com --login joe --password hunter2 - - # Set credentials for user at an external provider - __dma_auth mail.provider.com --login paul@example.com --password letmein - - # Delete credentials for example.com (for all users) - __dma_auth example.com --login '' --password '' --state absent - -SEE ALSO --------- -:strong:`cdist-type__dma`\ (7), :strong:`dma`\ (8) - - -AUTHORS -------- -Dennis Camera - - -COPYING -------- -Copyright \(C) 2020 Dennis Camera. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/type/__dma_auth/parameter/default/state b/type/__dma_auth/parameter/default/state deleted file mode 100644 index e7f6134..0000000 --- a/type/__dma_auth/parameter/default/state +++ /dev/null @@ -1 +0,0 @@ -present diff --git a/type/__dma_auth/parameter/optional b/type/__dma_auth/parameter/optional deleted file mode 100644 index ff72b5c..0000000 --- a/type/__dma_auth/parameter/optional +++ /dev/null @@ -1 +0,0 @@ -state diff --git a/type/__dma_auth/parameter/required b/type/__dma_auth/parameter/required deleted file mode 100644 index ae3c622..0000000 --- a/type/__dma_auth/parameter/required +++ /dev/null @@ -1,2 +0,0 @@ -login -password diff --git a/type/__jitsi_meet/explorer/prometheus-jitsi-meet-explorer-version b/type/__jitsi_meet/explorer/prometheus-jitsi-meet-explorer-version deleted file mode 100755 index b1cec48..0000000 --- a/type/__jitsi_meet/explorer/prometheus-jitsi-meet-explorer-version +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -e - -EXPORTER_VERSION_FILE="/usr/local/bin/.prometheus-jitsi-meet-exporter.cdist.version" - -if [ -f "${EXPORTER_VERSION_FILE}" ]; then - cat "${EXPORTER_VERSION_FILE}" -fi diff --git a/type/__jitsi_meet/files/debconf_settings.sh b/type/__jitsi_meet/files/debconf_settings.sh deleted file mode 100644 index 9e358f0..0000000 --- a/type/__jitsi_meet/files/debconf_settings.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -e - -# This can be obtained with debconf-get-selections on a host with jitsi -# (and also analysing the deb-src) -if false; then - # We are currently not using these, just here as documentation - DEBCONF_SETTINGS="$(cat < - - -COPYING -------- -Copyright \(C) 2020 Evilham. diff --git a/type/__jitsi_meet/manifest b/type/__jitsi_meet/manifest deleted file mode 100755 index d4d16dc..0000000 --- a/type/__jitsi_meet/manifest +++ /dev/null @@ -1,197 +0,0 @@ -#!/bin/sh -e - -os="$(cat "${__global}/explorer/os")" -init="$(cat "${__global}/explorer/init")" -case "${os}" in - devuan|debian) - ;; - *) - echo "Your OS '${os}' is currently not supported." > /dev/stderr - exit 1 - ;; -esac - - -JITSI_HOST="${__target_host}" -TURN_SERVER="$(cat "${__object}/parameter/turn-server")" -TURN_SECRET="$(cat "${__object}/parameter/turn-secret")" - -if [ -z "${TURN_SERVER}" ]; then - TURN_SERVER="${JITSI_HOST}" -fi - -PROMETHEUS_JITSI_EXPORTER_IS_VERSION="$(cat "${__object}/explorer/prometheus-jitsi-meet-explorer-version")" - -# The rest is loosely based on Jitsi's documentation -# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart - -# Setup repositories -## First the signing keys -__package gnupg2 -require="__package/gnupg2" __apt_key_uri jitsi_meet \ - --name 'Jitsi ' \ - --uri https://download.jitsi.org/jitsi-key.gpg.key \ - --state present -## Now the repositories (they are a tad weird, so distribution is 'stable/') -require="__apt_key_uri/jitsi_meet" __apt_source jitsi_meet \ - --uri 'https://download.jitsi.org' \ - --distribution 'stable/' \ - --state present -## Ensure apt cache is up-to-date -require="__apt_source/jitsi_meet" __apt_update_index - -export require="${require} __apt_source/jitsi_meet __apt_update_index" - -# Pre-feed debconf settings, so Jitsi's installation has a good config -# shellcheck source=type/__jitsi_meet/files/debconf_settings.sh -. "${__type}/files/debconf_settings.sh" # This defines DEBCONF_SETTINGS -__debconf_set_selections jitsi_meet --file - <&1 -EOF - - export require="__runit_service/prometheus-jitsi-meet-exporter" - JITSI_MEET_EXPORTER_SERVICE="sv %s prometheus-jitsi-meet-exporter" - ;; - systemd) - __systemd_unit prometheus-jitsi-meet-exporter.service \ - --source "-" \ - --enablement-state "enabled" <${JITSI_HOST}' - }, - - // BOSH URL. FIXME: use XEP-0156 to discover it. - bosh: '//${JITSI_HOST}/http-bind', - - // Websocket URL - // websocket: 'wss://${JITSI_HOST}/xmpp-websocket', - - // The name of client node advertised in XEP-0115 'c' stanza - clientNode: 'http://jitsi.org/jitsimeet', - - // The real JID of focus participant - can be overridden here - // Do not change username - FIXME: Make focus username configurable - // https://github.com/jitsi/jitsi-meet/issues/7376 - // focusUserJid: 'focus@auth.${JITSI_HOST}', - - - // Testing / experimental features. - // - - testing: { - // Disables the End to End Encryption feature. Useful for debugging - // issues related to insertable streams. - // disableE2EE: false, - - // P2P test mode disables automatic switching to P2P when there are 2 - // participants in the conference. - p2pTestMode: false - - // Enables the test specific features consumed by jitsi-meet-torture - // testMode: false - - // Disables the auto-play behavior of *all* newly created video element. - // This is useful when the client runs on a host with limited resources. - // noAutoPlayVideo: false - - // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, - // simulcast is turned off for the desktop share. If presenter is turned - // on while screensharing is in progress, the max bitrate is automatically - // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines - // the probability for this to be enabled. - // capScreenshareBitrate: 1 // 0 to disable - - // Enable callstats only for a percentage of users. - // This takes a value between 0 and 100 which determines the probability for - // the callstats to be enabled. - // callStatsThreshold: 5 // enable callstats for 5% of the users. - }, - - // Disables ICE/UDP by filtering out local and remote UDP candidates in - // signalling. - // webrtcIceUdpDisable: false, - - // Disables ICE/TCP by filtering out local and remote TCP candidates in - // signalling. - // webrtcIceTcpDisable: false, - - - // Media - // - - // Audio - - // Disable measuring of audio levels. - disableAudioLevels: $(if [ -n "${DISABLE_AUDIO_LEVELS}" ]; then printf "true"; else printf "false"; fi), - // audioLevelsInterval: 200, - - // Enabling this will run the lib-jitsi-meet no audio detection module which - // will notify the user if the current selected microphone has no audio - // input and will suggest another valid device if one is present. - enableNoAudioDetection: true, - - // Enabling this will run the lib-jitsi-meet noise detection module which will - // notify the user if there is noise, other than voice, coming from the current - // selected microphone. The purpose it to let the user know that the input could - // be potentially unpleasant for other meeting participants. - enableNoisyMicDetection: true, - - // Start the conference in audio only mode (no video is being received nor - // sent). - // startAudioOnly: false, - - // Every participant after the Nth will start audio muted. - // startAudioMuted: 10, - - // Start calls with audio muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithAudioMuted: false, - - // Enabling it (with #params) will disable local audio output of remote - // participants and to enable it back a reload is needed. - // startSilent: false - - // Sets the preferred target bitrate for the Opus audio codec by setting its - // 'maxaveragebitrate' parameter. Currently not available in p2p mode. - // Valid values are in the range 6000 to 510000 - // opusMaxAverageBitrate: 20000, - - // Enables redundancy for Opus - // enableOpusRed: false - - // Video - - // Sets the preferred resolution (height) for local video. Defaults to 720. - // resolution: 720, - - // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. - // Use -1 to disable. - // maxFullResolutionParticipants: 2, - - // w3c spec-compliant video constraints to use for video capture. Currently - // used by browsers that return true from lib-jitsi-meet's - // util#browser#usesNewGumFlow. The constraints are independent from - // this config's resolution value. Defaults to requesting an ideal - // resolution of 720p. - // constraints: { - // video: { - // height: { - // ideal: 720, - // max: 720, - // min: 240 - // } - // } - // }, -$(if [ -n "${VIDEO_CONSTRAINTS}" ]; then echo "${VIDEO_CONSTRAINTS},"; fi) - - // Enable / disable simulcast support. - // disableSimulcast: false, - - // Enable / disable layer suspension. If enabled, endpoints whose HD - // layers are not in use will be suspended (no longer sent) until they - // are requested again. - // enableLayerSuspension: false, - - // Every participant after the Nth will start video muted. - startVideoMuted: ${START_VIDEO_MUTED}, - - // Start calls with video muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithVideoMuted: false, - - // If set to true, prefer to use the H.264 video codec (if supported). - // Note that it's not recommended to do this because simulcast is not - // supported when using H.264. For 1-to-1 calls this setting is enabled by - // default and can be toggled in the p2p section. - // This option has been deprecated, use preferredCodec under videoQuality section instead. - // preferH264: true, - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. - // disableH264: false, - - // Desktop sharing - - // Optional desktop sharing frame rate options. Default value: min:5, max:5. - // desktopSharingFrameRate: { - // min: 5, - // max: 5 - // }, - - // Try to start calls with screen-sharing instead of camera video. - // startScreenSharing: false, - - // Recording - - // Whether to enable file recording or not. - // fileRecordingsEnabled: false, - // Enable the dropbox integration. - // dropbox: { - // appKey: '' // Specify your app key here. - // // A URL to redirect the user to, after authenticating - // // by default uses: - // // 'https://${JITSI_HOST}/static/oauth.html' - // redirectURI: - // 'https://${JITSI_HOST}/subfolder/static/oauth.html' - // }, - // When integrations like dropbox are enabled only that will be shown, - // by enabling fileRecordingsServiceEnabled, we show both the integrations - // and the generic recording service (its configuration and storage type - // depends on jibri configuration) - // fileRecordingsServiceEnabled: false, - // Whether to show the possibility to share file recording with other people - // (e.g. meeting participants), based on the actual implementation - // on the backend. - // fileRecordingsServiceSharingEnabled: false, - - // Whether to enable live streaming or not. - // liveStreamingEnabled: false, - - // Transcription (in interface_config, - // subtitles and buttons can be configured) - // transcribingEnabled: false, - - // Enables automatic turning on captions when recording is started - // autoCaptionOnRecord: false, - - // Misc - - // Default value for the channel "last N" attribute. -1 for unlimited. - channelLastN: ${CHANNEL_LAST_N}, - - // Provides a way to use different "last N" values based on the number of participants in the conference. - // The keys in an Object represent number of participants and the values are "last N" to be used when number of - // participants gets to or above the number. - // - // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than - // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' - // will be used as default until the first threshold is reached. - // - // lastNLimits: { - // 5: 20, - // 30: 15, - // 50: 10, - // 70: 5, - // 90: 2 - // }, - - // Specify the settings for video quality optimizations on the client. - // videoQuality: { - // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified - // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the - // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. - // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. - // disabledCodec: 'H264', - // - // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, - // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only - // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the - // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this - // // to take effect. - // preferredCodec: 'VP8', - // - // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for - // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values - // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on - // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. - // // This is currently not implemented on app based clients on mobile. - // maxBitratesVideo: { - // low: 200000, - // standard: 500000, - // high: 1500000 - // }, - // - // // The options can be used to override default thresholds of video thumbnail heights corresponding to - // // the video quality levels used in the application. At the time of this writing the allowed levels are: - // // 'low' - for the low quality level (180p at the time of this writing) - // // 'standard' - for the medium quality level (360p) - // // 'high' - for the high quality level (720p) - // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. - // // - // // With the default config value below the application will use 'low' quality until the thumbnails are - // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to - // // the high quality. - // minHeightForQualityLvl: { - // 360: 'standard, - // 720: 'high' - // } - // }, - - // // Options for the recording limit notification. - // recordingLimit: { - // - // // The recording limit in minutes. Note: This number appears in the notification text - // // but doesn't enforce the actual recording time limit. This should be configured in - // // jibri! - // limit: 60, - // - // // The name of the app with unlimited recordings. - // appName: 'Unlimited recordings APP', - // - // // The URL of the app with unlimited recordings. - // appURL: 'https://unlimited.recordings.app.com/' - // }, - - // Disables or enables RTX (RFC 4588) (defaults to false). - // disableRtx: false, - - // Disables or enables TCC (the default is in Jicofo and set to true) - // (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting - // affects congestion control, it practically enables send-side bandwidth - // estimations. - // enableTcc: true, - - // Disables or enables REMB (the default is in Jicofo and set to false) - // (draft-alvestrand-rmcat-remb-03). This setting affects congestion - // control, it practically enables recv-side bandwidth estimations. When - // both TCC and REMB are enabled, TCC takes precedence. When both are - // disabled, then bandwidth estimations are disabled. - // enableRemb: false, - - // Enables ICE restart logic in LJM and displays the page reload overlay on - // ICE failure. Current disabled by default because it's causing issues with - // signaling when Octo is enabled. Also when we do an "ICE restart"(which is - // not a real ICE restart), the client maintains the TCC sequence number - // counter, but the bridge resets it. The bridge sends media packets with - // TCC sequence numbers starting from 0. - // enableIceRestart: false, - - // Defines the minimum number of participants to start a call (the default - // is set in Jicofo and set to 2). - // minParticipants: 2, - - // Use TURN/UDP servers for the jitsi-videobridge connection (by default - // we filter out TURN/UDP because it is usually not needed since the - // bridge itself is reachable via UDP) - // useTurnUdp: false - - // Enables / disables a data communication channel with the Videobridge. - // Values can be 'datachannel', 'websocket', true (treat it as - // 'datachannel'), undefined (treat it as 'datachannel') and false (don't - // open any channel). - // openBridgeChannel: true, - openBridgeChannel: 'websocket', - - - // UI - // - - // Hides lobby button - // hideLobbyButton: false, - - // Require users to always specify a display name. - // requireDisplayName: true, - - // Whether to use a welcome page or not. In case it's false a random room - // will be joined when no room is specified. - enableWelcomePage: true, - - // Enabling the close page will ignore the welcome page redirection when - // a call is hangup. - // enableClosePage: false, - - // Disable hiding of remote thumbnails when in a 1-on-1 conference call. - // disable1On1Mode: false, - - // Default language for the user interface. - defaultLanguage: '${DEFAULT_LANGUAGE}', - - // If true all users without a token will be considered guests and all users - // with token will be considered non-guests. Only guests will be allowed to - // edit their profile. - enableUserRolesBasedOnToken: false, - - // Whether or not some features are checked based on token. - // enableFeaturesBasedOnToken: false, - - // Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests. - // lockRoomGuestEnabled: false, - - // When enabled the password used for locking a room is restricted to up to the number of digits specified - // roomPasswordNumberOfDigits: 10, - // default: roomPasswordNumberOfDigits: false, - - // Message to show the users. Example: 'The service will be down for - // maintenance at 01:00 AM GMT, - noticeMessage: '${NOTICE_MESSAGE}', - - // Enables calendar integration, depends on googleApiApplicationClientID - // and microsoftApiApplicationClientID - // enableCalendarIntegration: false, - - // When 'true', it shows an intermediate page before joining, where the user can configure their devices. - // prejoinPageEnabled: false, - - // If true, shows the unsafe room name warning label when a room name is - // deemed unsafe (due to the simplicity in the name) and a password is not - // set or the lobby is not enabled. - // enableInsecureRoomNameWarning: false, - - // Whether to automatically copy invitation URL after creating a room. - // Document should be focused for this option to work - // enableAutomaticUrlCopy: false, - - // Stats - // - - // Whether to enable stats collection or not in the TraceablePeerConnection. - // This can be useful for debugging purposes (post-processing/analysis of - // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth - // estimation tests. - // gatherStats: false, - - // The interval at which PeerConnection.getStats() is called. Defaults to 10000 - // pcStatsInterval: 10000, - - // To enable sending statistics to callstats.io you must provide the - // Application ID and Secret. - // callStatsID: '', - // callStatsSecret: '', - - // Enables sending participants' display names to callstats - // enableDisplayNameInStats: false, - - // Enables sending participants' emails (if available) to callstats and other analytics - // enableEmailInStats: false, - - // Privacy - // - - // If third party requests are disabled, no other server will be contacted. - // This means avatars will be locally generated and callstats integration - // will not function. - disableThirdPartyRequests: $(if [ -z "${ENABLE_THIRD_PARTY_REQUESTS}" ]; then printf "true"; else printf "false"; fi), - - - // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. - // - - p2p: { - // Enables peer to peer mode. When enabled the system will try to - // establish a direct connection when there are exactly 2 participants - // in the room. If that succeeds the conference will stop sending data - // through the JVB and use the peer to peer connection instead. When a - // 3rd participant joins the conference will be moved back to the JVB - // connection. - enabled: true, - - // The STUN servers that will be used in the peer to peer connections - stunServers: [ - - { urls: 'stun:${TURN_SERVER}:443' } - ] - - // Sets the ICE transport policy for the p2p connection. At the time - // of this writing the list of possible values are 'all' and 'relay', - // but that is subject to change in the future. The enum is defined in - // the WebRTC standard: - // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. - // If not set, the effective value is 'all'. - // iceTransportPolicy: 'all', - - // If set to true, it will prefer to use H.264 for P2P calls (if H.264 - // is supported). This setting is deprecated, use preferredCodec instead. - // preferH264: true - - // Provides a way to set the video codec preference on the p2p connection. Acceptable - // codec values are 'VP8', 'VP9' and 'H264'. - // preferredCodec: 'H264', - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. This setting is deprecated, use disabledCodec instead. - // disableH264: false, - - // Provides a way to prevent a video codec from being negotiated on the p2p connection. - // disabledCodec: '', - - // How long we're going to wait, before going back to P2P after the 3rd - // participant has left the conference (to filter out page reload). - // backToP2PDelay: 5 - }, - - analytics: { - // The Google Analytics Tracking ID: - // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' - - // Matomo configuration: - // matomoEndpoint: 'https://your-matomo-endpoint/', - // matomoSiteID: '42', - - // The Amplitude APP Key: - // amplitudeAPPKey: '' - - // Configuration for the rtcstats server: - // By enabling rtcstats server every time a conference is joined the rtcstats - // module connects to the provided rtcstatsEndpoint and sends statistics regarding - // PeerConnection states along with getStats metrics polled at the specified - // interval. - // rtcstatsEnabled: true, - - // In order to enable rtcstats one needs to provide a endpoint url. - // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, - - // The interval at which rtcstats will poll getStats, defaults to 1000ms. - // If the value is set to 0 getStats won't be polled and the rtcstats client - // will only send data related to RTCPeerConnection events. - // rtcstatsPolIInterval: 1000 - - // Array of script URLs to load as lib-jitsi-meet "analytics handlers". - // scriptURLs: [ - // "libs/analytics-ga.min.js", // google-analytics - // "https://example.com/my-custom-analytics.js" - // ], - }, - - // Logs that should go be passed through the 'log' event if a handler is defined for it - // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], - - // Information about the jitsi-meet instance we are connecting to, including - // the user region as seen by the server. - deploymentInfo: { - // shard: "shard1", - // region: "europe", - // userRegion: "asia" - }, - - // Decides whether the start/stop recording audio notifications should play on record. - // disableRecordAudioNotification: false, - - // Information for the chrome extension banner - // chromeExtensionBanner: { - // // The chrome extension to be installed address - // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', - - // // Extensions info which allows checking if they are installed or not - // chromeExtensionsInfo: [ - // { - // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', - // path: 'jitsi-logo-48x48.png' - // } - // ] - // }, - - // Local Recording - // - - // localRecording: { - // Enables local recording. - // Additionally, 'localrecording' (all lowercase) needs to be added to - // TOOLBAR_BUTTONS in interface_config.js for the Local Recording - // button to show up on the toolbar. - // - // enabled: true, - // - - // The recording format, can be one of 'ogg', 'flac' or 'wav'. - // format: 'flac' - // - - // }, - - // Options related to end-to-end (participant to participant) ping. - // e2eping: { - // // The interval in milliseconds at which pings will be sent. - // // Defaults to 10000, set to <= 0 to disable. - // pingInterval: 10000, - // - // // The interval in milliseconds at which analytics events - // // with the measured RTT will be sent. Defaults to 60000, set - // // to <= 0 to disable. - // analyticsInterval: 60000, - // }, - - // If set, will attempt to use the provided video input device label when - // triggering a screenshare, instead of proceeding through the normal flow - // for obtaining a desktop stream. - // NOTE: This option is experimental and is currently intended for internal - // use only. - // _desktopSharingSourceDevice: 'sample-id-or-label', - - // If true, any checks to handoff to another application will be prevented - // and instead the app will continue to display in the current browser. - // disableDeepLinking: false, - - // A property to disable the right click context menu for localVideo - // the menu has option to flip the locally seen video for local presentations - // disableLocalVideoFlip: false, - - // Mainly privacy related settings - - // Disables all invite functions from the app (share, invite, dial out...etc) - // disableInviteFunctions: true, - - // Disables storing the room name to the recents list - // doNotStoreRoom: true, - - // Deployment specific URLs. - // deploymentUrls: { - // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for - // // user documentation. - // userDocumentationURL: 'https://docs.example.com/video-meetings.html', - // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link - // // to the specified URL for an app download page. - // downloadAppsUrl: 'https://docs.example.com/our-apps.html' - // }, - - // Options related to the remote participant menu. - // remoteVideoMenu: { - // // If set to true the 'Kick out' button will be disabled. - // disableKick: true - // }, - - // If set to true all muting operations of remote participants will be disabled. - // disableRemoteMute: true, - - /** - External API url used to receive branding specific information. - If there is no url set or there are missing fields, the defaults are applied. - None of the fields are mandatory and the response must have the shape: - { - // The hex value for the colour used as background - backgroundColor: '#fff', - // The url for the image used as background - backgroundImageUrl: 'https://example.com/background-img.png', - // The anchor url used when clicking the logo image - logoClickUrl: 'https://example-company.org', - // The url used for the image used as logo - logoImageUrl: 'https://example.com/logo-img.png' - } - */ - brandingDataUrl: "$(if [ -n "${BRANDING_JSON}" ]; then printf "/branding.json"; fi)", - - // The URL of the moderated rooms microservice, if available. If it - // is present, a link to the service will be rendered on the welcome page, - // otherwise the app doesn't render it. - // moderatedRoomServiceUrl: 'https://moderated.${JITSI_HOST}', - - // List of undocumented settings used in jitsi-meet - /** - _immediateReloadThreshold - debug - debugAudioLevels - deploymentInfo - dialInConfCodeUrl - dialInNumbersUrl - dialOutAuthUrl - dialOutCodesUrl - disableRemoteControl - displayJids - etherpad_base - externalConnectUrl - firefox_fake_device - googleApiApplicationClientID - iAmRecorder - iAmSipGateway - microsoftApiApplicationClientID - peopleSearchQueryTypes - peopleSearchUrl - requireDisplayName - tokenAuthUrl - */ - - /** - * This property can be used to alter the generated meeting invite links (in combination with a branding domain - * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting - * can become https://brandedDomain/roomAlias) - */ - // brandingRoomAlias: null, - - // List of undocumented settings used in lib-jitsi-meet - /** - _peerConnStatusOutOfLastNTimeout - _peerConnStatusRtcMuteTimeout - abTesting - avgRtpStatsN - callStatsConfIDNamespace - callStatsCustomScriptUrl - desktopSharingSources - disableAEC - disableAGC - disableAP - disableHPF - disableNS - enableLipSync - enableTalkWhileMuted - forceJVB121Ratio - hiddenDomain - ignoreStartMuted - nick - startBitrate - */ - - - // Allow all above example options to include a trailing comma and - // prevent fear when commenting out the last value. - makeJsonParserHappy: 'even if last key had a trailing comma' - - // no configuration value should follow this line. -}; - -/* eslint-enable no-unused-vars, no-var */ -EOF -)" diff --git a/type/__jitsi_meet_domain/files/config.js.sh.orig b/type/__jitsi_meet_domain/files/config.js.sh.orig deleted file mode 100644 index da2bff5..0000000 --- a/type/__jitsi_meet_domain/files/config.js.sh.orig +++ /dev/null @@ -1,694 +0,0 @@ -/* eslint-disable no-unused-vars, no-var */ - -var config = { - // Connection - // - - hosts: { - // XMPP domain. - domain: 'jitsi-meet.example.org', - - // When using authentication, domain for guest users. - // anonymousdomain: 'guest.example.com', - - // Domain for authenticated users. Defaults to . - // authdomain: 'jitsi-meet.example.org', - - // Call control component (Jigasi). - // call_control: 'callcontrol.jitsi-meet.example.org', - - // Focus component domain. Defaults to focus.. - // focus: 'focus.jitsi-meet.example.org', - - // XMPP MUC domain. FIXME: use XEP-0030 to discover it. - muc: 'conference.jitsi-meet.example.org' - }, - - // BOSH URL. FIXME: use XEP-0156 to discover it. - bosh: '//jitsi-meet.example.org/http-bind', - - // Websocket URL - // websocket: 'wss://jitsi-meet.example.org/xmpp-websocket', - - // The name of client node advertised in XEP-0115 'c' stanza - clientNode: 'http://jitsi.org/jitsimeet', - - // The real JID of focus participant - can be overridden here - // Do not change username - FIXME: Make focus username configurable - // https://github.com/jitsi/jitsi-meet/issues/7376 - // focusUserJid: 'focus@auth.jitsi-meet.example.org', - - - // Testing / experimental features. - // - - testing: { - // Disables the End to End Encryption feature. Useful for debugging - // issues related to insertable streams. - // disableE2EE: false, - - // P2P test mode disables automatic switching to P2P when there are 2 - // participants in the conference. - p2pTestMode: false - - // Enables the test specific features consumed by jitsi-meet-torture - // testMode: false - - // Disables the auto-play behavior of *all* newly created video element. - // This is useful when the client runs on a host with limited resources. - // noAutoPlayVideo: false - - // Enable / disable 500 Kbps bitrate cap on desktop tracks. When enabled, - // simulcast is turned off for the desktop share. If presenter is turned - // on while screensharing is in progress, the max bitrate is automatically - // adjusted to 2.5 Mbps. This takes a value between 0 and 1 which determines - // the probability for this to be enabled. - // capScreenshareBitrate: 1 // 0 to disable - - // Enable callstats only for a percentage of users. - // This takes a value between 0 and 100 which determines the probability for - // the callstats to be enabled. - // callStatsThreshold: 5 // enable callstats for 5% of the users. - }, - - // Disables ICE/UDP by filtering out local and remote UDP candidates in - // signalling. - // webrtcIceUdpDisable: false, - - // Disables ICE/TCP by filtering out local and remote TCP candidates in - // signalling. - // webrtcIceTcpDisable: false, - - - // Media - // - - // Audio - - // Disable measuring of audio levels. - // disableAudioLevels: false, - // audioLevelsInterval: 200, - - // Enabling this will run the lib-jitsi-meet no audio detection module which - // will notify the user if the current selected microphone has no audio - // input and will suggest another valid device if one is present. - enableNoAudioDetection: true, - - // Enabling this will run the lib-jitsi-meet noise detection module which will - // notify the user if there is noise, other than voice, coming from the current - // selected microphone. The purpose it to let the user know that the input could - // be potentially unpleasant for other meeting participants. - enableNoisyMicDetection: true, - - // Start the conference in audio only mode (no video is being received nor - // sent). - // startAudioOnly: false, - - // Every participant after the Nth will start audio muted. - // startAudioMuted: 10, - - // Start calls with audio muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithAudioMuted: false, - - // Enabling it (with #params) will disable local audio output of remote - // participants and to enable it back a reload is needed. - // startSilent: false - - // Sets the preferred target bitrate for the Opus audio codec by setting its - // 'maxaveragebitrate' parameter. Currently not available in p2p mode. - // Valid values are in the range 6000 to 510000 - // opusMaxAverageBitrate: 20000, - - // Enables redundancy for Opus - // enableOpusRed: false - - // Video - - // Sets the preferred resolution (height) for local video. Defaults to 720. - // resolution: 720, - - // How many participants while in the tile view mode, before the receiving video quality is reduced from HD to SD. - // Use -1 to disable. - // maxFullResolutionParticipants: 2, - - // w3c spec-compliant video constraints to use for video capture. Currently - // used by browsers that return true from lib-jitsi-meet's - // util#browser#usesNewGumFlow. The constraints are independent from - // this config's resolution value. Defaults to requesting an ideal - // resolution of 720p. - // constraints: { - // video: { - // height: { - // ideal: 720, - // max: 720, - // min: 240 - // } - // } - // }, - - // Enable / disable simulcast support. - // disableSimulcast: false, - - // Enable / disable layer suspension. If enabled, endpoints whose HD - // layers are not in use will be suspended (no longer sent) until they - // are requested again. - // enableLayerSuspension: false, - - // Every participant after the Nth will start video muted. - // startVideoMuted: 10, - - // Start calls with video muted. Unlike the option above, this one is only - // applied locally. FIXME: having these 2 options is confusing. - // startWithVideoMuted: false, - - // If set to true, prefer to use the H.264 video codec (if supported). - // Note that it's not recommended to do this because simulcast is not - // supported when using H.264. For 1-to-1 calls this setting is enabled by - // default and can be toggled in the p2p section. - // This option has been deprecated, use preferredCodec under videoQuality section instead. - // preferH264: true, - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. - // disableH264: false, - - // Desktop sharing - - // Optional desktop sharing frame rate options. Default value: min:5, max:5. - // desktopSharingFrameRate: { - // min: 5, - // max: 5 - // }, - - // Try to start calls with screen-sharing instead of camera video. - // startScreenSharing: false, - - // Recording - - // Whether to enable file recording or not. - // fileRecordingsEnabled: false, - // Enable the dropbox integration. - // dropbox: { - // appKey: '' // Specify your app key here. - // // A URL to redirect the user to, after authenticating - // // by default uses: - // // 'https://jitsi-meet.example.org/static/oauth.html' - // redirectURI: - // 'https://jitsi-meet.example.org/subfolder/static/oauth.html' - // }, - // When integrations like dropbox are enabled only that will be shown, - // by enabling fileRecordingsServiceEnabled, we show both the integrations - // and the generic recording service (its configuration and storage type - // depends on jibri configuration) - // fileRecordingsServiceEnabled: false, - // Whether to show the possibility to share file recording with other people - // (e.g. meeting participants), based on the actual implementation - // on the backend. - // fileRecordingsServiceSharingEnabled: false, - - // Whether to enable live streaming or not. - // liveStreamingEnabled: false, - - // Transcription (in interface_config, - // subtitles and buttons can be configured) - // transcribingEnabled: false, - - // Enables automatic turning on captions when recording is started - // autoCaptionOnRecord: false, - - // Misc - - // Default value for the channel "last N" attribute. -1 for unlimited. - channelLastN: -1, - - // Provides a way to use different "last N" values based on the number of participants in the conference. - // The keys in an Object represent number of participants and the values are "last N" to be used when number of - // participants gets to or above the number. - // - // For the given example mapping, "last N" will be set to 20 as long as there are at least 5, but less than - // 29 participants in the call and it will be lowered to 15 when the 30th participant joins. The 'channelLastN' - // will be used as default until the first threshold is reached. - // - // lastNLimits: { - // 5: 20, - // 30: 15, - // 50: 10, - // 70: 5, - // 90: 2 - // }, - - // Specify the settings for video quality optimizations on the client. - // videoQuality: { - // // Provides a way to prevent a video codec from being negotiated on the JVB connection. The codec specified - // // here will be removed from the list of codecs present in the SDP answer generated by the client. If the - // // same codec is specified for both the disabled and preferred option, the disable settings will prevail. - // // Note that 'VP8' cannot be disabled since it's a mandatory codec, the setting will be ignored in this case. - // disabledCodec: 'H264', - // - // // Provides a way to set a preferred video codec for the JVB connection. If 'H264' is specified here, - // // simulcast will be automatically disabled since JVB doesn't support H264 simulcast yet. This will only - // // rearrange the the preference order of the codecs in the SDP answer generated by the browser only if the - // // preferred codec specified here is present. Please ensure that the JVB offers the specified codec for this - // // to take effect. - // preferredCodec: 'VP8', - // - // // Provides a way to configure the maximum bitrates that will be enforced on the simulcast streams for - // // video tracks. The keys in the object represent the type of the stream (LD, SD or HD) and the values - // // are the max.bitrates to be set on that particular type of stream. The actual send may vary based on - // // the available bandwidth calculated by the browser, but it will be capped by the values specified here. - // // This is currently not implemented on app based clients on mobile. - // maxBitratesVideo: { - // low: 200000, - // standard: 500000, - // high: 1500000 - // }, - // - // // The options can be used to override default thresholds of video thumbnail heights corresponding to - // // the video quality levels used in the application. At the time of this writing the allowed levels are: - // // 'low' - for the low quality level (180p at the time of this writing) - // // 'standard' - for the medium quality level (360p) - // // 'high' - for the high quality level (720p) - // // The keys should be positive numbers which represent the minimal thumbnail height for the quality level. - // // - // // With the default config value below the application will use 'low' quality until the thumbnails are - // // at least 360 pixels tall. If the thumbnail height reaches 720 pixels then the application will switch to - // // the high quality. - // minHeightForQualityLvl: { - // 360: 'standard, - // 720: 'high' - // } - // }, - - // // Options for the recording limit notification. - // recordingLimit: { - // - // // The recording limit in minutes. Note: This number appears in the notification text - // // but doesn't enforce the actual recording time limit. This should be configured in - // // jibri! - // limit: 60, - // - // // The name of the app with unlimited recordings. - // appName: 'Unlimited recordings APP', - // - // // The URL of the app with unlimited recordings. - // appURL: 'https://unlimited.recordings.app.com/' - // }, - - // Disables or enables RTX (RFC 4588) (defaults to false). - // disableRtx: false, - - // Disables or enables TCC (the default is in Jicofo and set to true) - // (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting - // affects congestion control, it practically enables send-side bandwidth - // estimations. - // enableTcc: true, - - // Disables or enables REMB (the default is in Jicofo and set to false) - // (draft-alvestrand-rmcat-remb-03). This setting affects congestion - // control, it practically enables recv-side bandwidth estimations. When - // both TCC and REMB are enabled, TCC takes precedence. When both are - // disabled, then bandwidth estimations are disabled. - // enableRemb: false, - - // Enables ICE restart logic in LJM and displays the page reload overlay on - // ICE failure. Current disabled by default because it's causing issues with - // signaling when Octo is enabled. Also when we do an "ICE restart"(which is - // not a real ICE restart), the client maintains the TCC sequence number - // counter, but the bridge resets it. The bridge sends media packets with - // TCC sequence numbers starting from 0. - // enableIceRestart: false, - - // Defines the minimum number of participants to start a call (the default - // is set in Jicofo and set to 2). - // minParticipants: 2, - - // Use TURN/UDP servers for the jitsi-videobridge connection (by default - // we filter out TURN/UDP because it is usually not needed since the - // bridge itself is reachable via UDP) - // useTurnUdp: false - - // Enables / disables a data communication channel with the Videobridge. - // Values can be 'datachannel', 'websocket', true (treat it as - // 'datachannel'), undefined (treat it as 'datachannel') and false (don't - // open any channel). - // openBridgeChannel: true, - openBridgeChannel: 'websocket', - - - // UI - // - - // Hides lobby button - // hideLobbyButton: false, - - // Require users to always specify a display name. - // requireDisplayName: true, - - // Whether to use a welcome page or not. In case it's false a random room - // will be joined when no room is specified. - enableWelcomePage: true, - - // Enabling the close page will ignore the welcome page redirection when - // a call is hangup. - // enableClosePage: false, - - // Disable hiding of remote thumbnails when in a 1-on-1 conference call. - // disable1On1Mode: false, - - // Default language for the user interface. - // defaultLanguage: 'en', - - // If true all users without a token will be considered guests and all users - // with token will be considered non-guests. Only guests will be allowed to - // edit their profile. - enableUserRolesBasedOnToken: false, - - // Whether or not some features are checked based on token. - // enableFeaturesBasedOnToken: false, - - // Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests. - // lockRoomGuestEnabled: false, - - // When enabled the password used for locking a room is restricted to up to the number of digits specified - // roomPasswordNumberOfDigits: 10, - // default: roomPasswordNumberOfDigits: false, - - // Message to show the users. Example: 'The service will be down for - // maintenance at 01:00 AM GMT, - // noticeMessage: '', - - // Enables calendar integration, depends on googleApiApplicationClientID - // and microsoftApiApplicationClientID - // enableCalendarIntegration: false, - - // When 'true', it shows an intermediate page before joining, where the user can configure their devices. - // prejoinPageEnabled: false, - - // If true, shows the unsafe room name warning label when a room name is - // deemed unsafe (due to the simplicity in the name) and a password is not - // set or the lobby is not enabled. - // enableInsecureRoomNameWarning: false, - - // Whether to automatically copy invitation URL after creating a room. - // Document should be focused for this option to work - // enableAutomaticUrlCopy: false, - - // Stats - // - - // Whether to enable stats collection or not in the TraceablePeerConnection. - // This can be useful for debugging purposes (post-processing/analysis of - // the webrtc stats) as it is done in the jitsi-meet-torture bandwidth - // estimation tests. - // gatherStats: false, - - // The interval at which PeerConnection.getStats() is called. Defaults to 10000 - // pcStatsInterval: 10000, - - // To enable sending statistics to callstats.io you must provide the - // Application ID and Secret. - // callStatsID: '', - // callStatsSecret: '', - - // Enables sending participants' display names to callstats - // enableDisplayNameInStats: false, - - // Enables sending participants' emails (if available) to callstats and other analytics - // enableEmailInStats: false, - - // Privacy - // - - // If third party requests are disabled, no other server will be contacted. - // This means avatars will be locally generated and callstats integration - // will not function. - // disableThirdPartyRequests: false, - - - // Peer-To-Peer mode: used (if enabled) when there are just 2 participants. - // - - p2p: { - // Enables peer to peer mode. When enabled the system will try to - // establish a direct connection when there are exactly 2 participants - // in the room. If that succeeds the conference will stop sending data - // through the JVB and use the peer to peer connection instead. When a - // 3rd participant joins the conference will be moved back to the JVB - // connection. - enabled: true, - - // The STUN servers that will be used in the peer to peer connections - stunServers: [ - - // { urls: 'stun:jitsi-meet.example.org:3478' }, - { urls: 'stun:meet-jit-si-turnrelay.jitsi.net:443' } - ] - - // Sets the ICE transport policy for the p2p connection. At the time - // of this writing the list of possible values are 'all' and 'relay', - // but that is subject to change in the future. The enum is defined in - // the WebRTC standard: - // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum. - // If not set, the effective value is 'all'. - // iceTransportPolicy: 'all', - - // If set to true, it will prefer to use H.264 for P2P calls (if H.264 - // is supported). This setting is deprecated, use preferredCodec instead. - // preferH264: true - - // Provides a way to set the video codec preference on the p2p connection. Acceptable - // codec values are 'VP8', 'VP9' and 'H264'. - // preferredCodec: 'H264', - - // If set to true, disable H.264 video codec by stripping it out of the - // SDP. This setting is deprecated, use disabledCodec instead. - // disableH264: false, - - // Provides a way to prevent a video codec from being negotiated on the p2p connection. - // disabledCodec: '', - - // How long we're going to wait, before going back to P2P after the 3rd - // participant has left the conference (to filter out page reload). - // backToP2PDelay: 5 - }, - - analytics: { - // The Google Analytics Tracking ID: - // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1' - - // Matomo configuration: - // matomoEndpoint: 'https://your-matomo-endpoint/', - // matomoSiteID: '42', - - // The Amplitude APP Key: - // amplitudeAPPKey: '' - - // Configuration for the rtcstats server: - // By enabling rtcstats server every time a conference is joined the rtcstats - // module connects to the provided rtcstatsEndpoint and sends statistics regarding - // PeerConnection states along with getStats metrics polled at the specified - // interval. - // rtcstatsEnabled: true, - - // In order to enable rtcstats one needs to provide a endpoint url. - // rtcstatsEndpoint: wss://rtcstats-server-pilot.jitsi.net/, - - // The interval at which rtcstats will poll getStats, defaults to 1000ms. - // If the value is set to 0 getStats won't be polled and the rtcstats client - // will only send data related to RTCPeerConnection events. - // rtcstatsPolIInterval: 1000 - - // Array of script URLs to load as lib-jitsi-meet "analytics handlers". - // scriptURLs: [ - // "libs/analytics-ga.min.js", // google-analytics - // "https://example.com/my-custom-analytics.js" - // ], - }, - - // Logs that should go be passed through the 'log' event if a handler is defined for it - // apiLogLevels: ['warn', 'log', 'error', 'info', 'debug'], - - // Information about the jitsi-meet instance we are connecting to, including - // the user region as seen by the server. - deploymentInfo: { - // shard: "shard1", - // region: "europe", - // userRegion: "asia" - }, - - // Decides whether the start/stop recording audio notifications should play on record. - // disableRecordAudioNotification: false, - - // Information for the chrome extension banner - // chromeExtensionBanner: { - // // The chrome extension to be installed address - // url: 'https://chrome.google.com/webstore/detail/jitsi-meetings/kglhbbefdnlheedjiejgomgmfplipfeb', - - // // Extensions info which allows checking if they are installed or not - // chromeExtensionsInfo: [ - // { - // id: 'kglhbbefdnlheedjiejgomgmfplipfeb', - // path: 'jitsi-logo-48x48.png' - // } - // ] - // }, - - // Local Recording - // - - // localRecording: { - // Enables local recording. - // Additionally, 'localrecording' (all lowercase) needs to be added to - // TOOLBAR_BUTTONS in interface_config.js for the Local Recording - // button to show up on the toolbar. - // - // enabled: true, - // - - // The recording format, can be one of 'ogg', 'flac' or 'wav'. - // format: 'flac' - // - - // }, - - // Options related to end-to-end (participant to participant) ping. - // e2eping: { - // // The interval in milliseconds at which pings will be sent. - // // Defaults to 10000, set to <= 0 to disable. - // pingInterval: 10000, - // - // // The interval in milliseconds at which analytics events - // // with the measured RTT will be sent. Defaults to 60000, set - // // to <= 0 to disable. - // analyticsInterval: 60000, - // }, - - // If set, will attempt to use the provided video input device label when - // triggering a screenshare, instead of proceeding through the normal flow - // for obtaining a desktop stream. - // NOTE: This option is experimental and is currently intended for internal - // use only. - // _desktopSharingSourceDevice: 'sample-id-or-label', - - // If true, any checks to handoff to another application will be prevented - // and instead the app will continue to display in the current browser. - // disableDeepLinking: false, - - // A property to disable the right click context menu for localVideo - // the menu has option to flip the locally seen video for local presentations - // disableLocalVideoFlip: false, - - // Mainly privacy related settings - - // Disables all invite functions from the app (share, invite, dial out...etc) - // disableInviteFunctions: true, - - // Disables storing the room name to the recents list - // doNotStoreRoom: true, - - // Deployment specific URLs. - // deploymentUrls: { - // // If specified a 'Help' button will be displayed in the overflow menu with a link to the specified URL for - // // user documentation. - // userDocumentationURL: 'https://docs.example.com/video-meetings.html', - // // If specified a 'Download our apps' button will be displayed in the overflow menu with a link - // // to the specified URL for an app download page. - // downloadAppsUrl: 'https://docs.example.com/our-apps.html' - // }, - - // Options related to the remote participant menu. - // remoteVideoMenu: { - // // If set to true the 'Kick out' button will be disabled. - // disableKick: true - // }, - - // If set to true all muting operations of remote participants will be disabled. - // disableRemoteMute: true, - - /** - External API url used to receive branding specific information. - If there is no url set or there are missing fields, the defaults are applied. - None of the fields are mandatory and the response must have the shape: - { - // The hex value for the colour used as background - backgroundColor: '#fff', - // The url for the image used as background - backgroundImageUrl: 'https://example.com/background-img.png', - // The anchor url used when clicking the logo image - logoClickUrl: 'https://example-company.org', - // The url used for the image used as logo - logoImageUrl: 'https://example.com/logo-img.png' - } - */ - // brandingDataUrl: '', - - // The URL of the moderated rooms microservice, if available. If it - // is present, a link to the service will be rendered on the welcome page, - // otherwise the app doesn't render it. - // moderatedRoomServiceUrl: 'https://moderated.jitsi-meet.example.org', - - // List of undocumented settings used in jitsi-meet - /** - _immediateReloadThreshold - debug - debugAudioLevels - deploymentInfo - dialInConfCodeUrl - dialInNumbersUrl - dialOutAuthUrl - dialOutCodesUrl - disableRemoteControl - displayJids - etherpad_base - externalConnectUrl - firefox_fake_device - googleApiApplicationClientID - iAmRecorder - iAmSipGateway - microsoftApiApplicationClientID - peopleSearchQueryTypes - peopleSearchUrl - requireDisplayName - tokenAuthUrl - */ - - /** - * This property can be used to alter the generated meeting invite links (in combination with a branding domain - * which is retrieved internally by jitsi meet) (e.g. https://meet.jit.si/someMeeting - * can become https://brandedDomain/roomAlias) - */ - // brandingRoomAlias: null, - - // List of undocumented settings used in lib-jitsi-meet - /** - _peerConnStatusOutOfLastNTimeout - _peerConnStatusRtcMuteTimeout - abTesting - avgRtpStatsN - callStatsConfIDNamespace - callStatsCustomScriptUrl - desktopSharingSources - disableAEC - disableAGC - disableAP - disableHPF - disableNS - enableLipSync - enableTalkWhileMuted - forceJVB121Ratio - hiddenDomain - ignoreStartMuted - nick - startBitrate - */ - - - // Allow all above example options to include a trailing comma and - // prevent fear when commenting out the last value. - makeJsonParserHappy: 'even if last key had a trailing comma' - - // no configuration value should follow this line. -}; - -/* eslint-enable no-unused-vars, no-var */ diff --git a/type/__jitsi_meet_domain/files/nginx.sh b/type/__jitsi_meet_domain/files/nginx.sh deleted file mode 100644 index bb300fd..0000000 --- a/type/__jitsi_meet_domain/files/nginx.sh +++ /dev/null @@ -1,156 +0,0 @@ -#!/bin/sh -e - -# shellcheck disable=SC2034 # This is intended to be included -JITSI_NGINX_CONFIG="$(cat < - - -COPYING -------- -Copyright \(C) 2020 Evilham. diff --git a/type/__jitsi_meet_domain/manifest b/type/__jitsi_meet_domain/manifest deleted file mode 100755 index 40b07b0..0000000 --- a/type/__jitsi_meet_domain/manifest +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/sh -e - -os="$(cat "${__global}/explorer/os")" -case "${os}" in - devuan|debian) - ;; - *) - echo "Your OS '${os}' is currently not supported." > /dev/stderr - exit 1 - ;; -esac - -DOMAIN="${__object_id}" -ADMIN_EMAIL="$(cat "${__object}/parameter/admin-email")" -CHANNEL_LAST_N="$(cat "${__object}/parameter/channel-last-n")" -DEFAULT_LANGUAGE="$(cat "${__object}/parameter/default-language")" -NOTICE_MESSAGE="$(cat "${__object}/parameter/notice-message")" -START_VIDEO_MUTED="$(cat "${__object}/parameter/start-video-muted")" -TURN_SERVER="$(cat "${__object}/parameter/turn-server")" -VIDEO_CONSTRAINTS="$(cat "${__object}/parameter/video-constraints")" -BRANDING_INDEX="$(cat "${__object}/parameter/branding-index")" -BRANDING_JSON="$(cat "${__object}/parameter/branding-json")" -BRANDING_WATERMARK="$(cat "${__object}/parameter/branding-watermark")" - -if [ -f "${__object}/parameter/enable-third-party-requests" ]; then - ENABLE_THIRD_PARTY_REQUESTS="YES" -fi -if [ -f "${__object}/parameter/disable-audio-levels" ]; then - DISABLE_AUDIO_LEVELS="YES" -fi - -if [ -z "${TURN_SERVER}" ]; then - TURN_SERVER="${__target_host}" -fi -if [ -z "${JITSI_HOST}" ]; then - JITSI_HOST="${__target_host}" -fi - -# -# Deal with certbot -# -# use object id as domain -__letsencrypt_cert "${DOMAIN}" \ - --admin-email "${ADMIN_EMAIL}" \ - --automatic-renewal \ - --renew-hook "service nginx reload" \ - --webroot /usr/share/jitsi-meet - -# Create virtualhost for nginx -# shellcheck source=type/__jitsi_meet_domain/files/nginx.sh -. "${__type}/files/nginx.sh" # This defines JITSI_NGINX_CONFIG -require="__letsencrypt_cert/${DOMAIN}" __file \ - "/etc/nginx/sites-enabled/${DOMAIN}.conf" \ - --mode 0644 --source "-" <. -# -# Find aliases for a given user name and print the aliases (each one on a -# separate line) - -aliases_file=$("${__type_explorer:?}/aliases_file") -test -r "${aliases_file}" || exit 0 - -: "${__object_id:?}" # assert __object_id is set, because it is used in AWK - -awk -F ':[ \t]*' ' -function print_aliases(aliases, matches) { - # prints comma-separated aliases (one per line) - split(aliases, matches, /,[ \t]*/) - for (i in matches) { - gsub(/^[ \t]*|[ \t]*$/, "", matches[i]) - if (matches[i]) print matches[i] - } -} - -/^#/ { - # comment line (ignore) - select = 0; cont = 0 # comments terminate alias lists and continuations - next -} - -{ - # is this line a continuation line? - # (the prev. line ended in a backslash or the line starts with whitespace) - is_cont = /^[ \t]/ || cont - - # detect if the line is a line to be continued (ends with a backslash) - cont = /\\$/ - - # if it is, we drop the backslash from the line - if (cont) sub(/[ \t]*\\$/, "", $0) -} - -is_cont { - # if in the alias list of the "target" user, we also print these aliases. - if (select) print_aliases($0) - next -} - -$1 == ENVIRON["__object_id"] { - # "target" user -> print alias list - select = 1 - print_aliases($2) - next -} - -{ - # other user - select = 0 -} -' "${aliases_file}" diff --git a/type/__mail_alias/explorer/aliases_file b/type/__mail_alias/explorer/aliases_file deleted file mode 100755 index 7f09f88..0000000 --- a/type/__mail_alias/explorer/aliases_file +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# -# This explorer finds the aliases file to modify. - -found() { echo "$*"; exit 0; } - -check_file() { - if test -f "$1" - then - found "$1" - fi -} - -case $("${__explorer:?}/os") -in - (freebsd|openbsd|solaris) - check_file /etc/mail/aliases - - # default - found /etc/mail/aliases - ;; - (alpine|debian|devuan|ubuntu) - check_file /etc/aliases - - # default - found /etc/aliases - ;; - (*) - check_file /etc/mail/aliases - check_file /etc/aliases - - # default - found /etc/aliases - ;; -esac diff --git a/type/__mail_alias/files/update_aliases.awk b/type/__mail_alias/files/update_aliases.awk deleted file mode 100644 index 11a4c85..0000000 --- a/type/__mail_alias/files/update_aliases.awk +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/awk -f -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -function getvalue(path, line) { - # Reads the first line of the file located at path and returns it. - getline line < path - close(path) - return line -} - -function sepafter(f, def, _) { - # finds the separator between field $f and $(f+1) - _ = substr($0, length($f)+1, index(substr($0, length($f)+1), $(f+1))-1) - return _ ? _ : def -} - -function write_aliases( line) { - if (aliases_written) return - - # print aliases line - printf "%s%s", ENVIRON["__object_id"], sepafter(1, ": ") - while ((getline line < aliases_should_file) > 0) { - if (aliases_written) printf ", " - printf "%s", line - aliases_written = 1 - } - printf "\n" - close(aliases_should_file) -} - -BEGIN { - FS = ":[ \t]*" - - parameter_dir = ENVIRON["__object"] "/parameter/" - - mode = (getvalue(parameter_dir "state") != "absent") - aliases_should_file = (parameter_dir "/alias") -} - -/^[ \t]*\#/ { - # comment line (leave alone) - select = 0; cont = 0 # comments terminate alias lists and continuations - print - next -} - -{ - # is this line a continuation line? - # (the prev. line ended in a backslash or the line starts with whitespace) - is_cont = /^[ \t]/ || cont - - # detect if the line is a line to be continued (ends with a backslash) - cont = /\\$/ -} - -is_cont { - # we only print the line if it has not been rewritten (select) - if (!select) print - next -} - -$1 == ENVIRON["__object_id"] { - # "target" user -> rewrite aliases list - select = 1 - if (mode) write_aliases() - next -} - -{ - # other user - select = 0 - print -} - -END { - # if the last line was an alias, the separator will be reused (looks better) - if (mode && !aliases_written) - write_aliases() -} diff --git a/type/__mail_alias/gencode-remote b/type/__mail_alias/gencode-remote deleted file mode 100755 index 4a8f889..0000000 --- a/type/__mail_alias/gencode-remote +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/sh -e -# -# 2020 Dennis Camera (dennis.camera@ssrq-sds-fds.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -quote() { printf "'%s'" "$(printf '%s' "$*" | sed -e "s/'/'\\\\''/g")"; } -drop_awk_comments() { quote "$(sed '/^[[:blank:]]*#.*$/d;/^$/d' "$@")"; } - -aliases_file=$(cat "${__object:?}/explorer/aliases_file") - -test -n "${aliases_file}" || { - echo 'Could not determine aliases file path.' >&2 - exit 1 -} - - -state_should=$(cat "${__object:?}/parameter/state") - -case ${state_should} -in - (present) - if cmp -s "${__object:?}/explorer/aliases" "${__object:?}/parameter/alias" - then - # all good! - exit 0 - fi - - test -s "${__object:?}/parameter/alias" || { - printf 'The --alias parameter is required if --state present.\n' >&2 - printf 'Use --state absent to remove all aliases.\n' >&2 - exit 1 - } - - if test -s "${__object:?}/explorer/aliases" - then - echo "update aliases" >>"${__messages_out:?}" - else - echo "add aliases" >>"${__messages_out:?}" - fi - ;; - (absent) - # nothing to do if no aliases found. - test -s "${__object:?}/explorer/aliases" || exit 0 - - echo "delete aliases" >>"${__messages_out:?}" - ;; - (*) - printf 'Invalid --state: %s.\n' "${state_should}" >&2 - printf 'Acceptable values are: present, absent.\n' >&2 - exit 1 -esac - -cat <$(quote "${aliases_file}.tmp") \ -|| { - rm -f $(quote "${aliases_file}.tmp") - echo 'Generating new aliases file failed!' >&2 - exit 1 -} - -if ! cmp -s $(quote "${aliases_file}") $(quote "${aliases_file}.tmp") -then - # aliases file was modified, replace: - cat $(quote "${aliases_file}.tmp") >$(quote "${aliases_file}") - - # then, run newaliases if present ("missing" on Alpine Linux because of typo) - command -v newaliases >/dev/null 2>&1 && newaliases || true -fi -rm -f $(quote "${aliases_file}.tmp") -EOF diff --git a/type/__mail_alias/man.rst b/type/__mail_alias/man.rst deleted file mode 100644 index de40512..0000000 --- a/type/__mail_alias/man.rst +++ /dev/null @@ -1,76 +0,0 @@ -cdist-type__mail_alias(7) -========================= - -NAME ----- -cdist-type__mail_alias - Manage mail aliases. - - -DESCRIPTION ------------ -This cdist type allows you to configure mail aliases (/etc/aliases). - - -REQUIRED PARAMETERS -------------------- -None. - - -OPTIONAL PARAMETERS -------------------- -state - 'present' or 'absent', defaults to 'present' -alias - an alias, i.e. a mail address where mail for the user should be redirected - to. - This parameter can be specified multiple times to redirect to multiple - recipients. - If ``--state`` is ``present`` this parameter is required. - See `aliases(5)` for the different forms this parameter can take. - - -BOOLEAN PARAMETERS ------------------- -None. - - -EXAMPLES --------- - -.. code-block:: sh - - # Redirect root mail to a "real" email address - __mail_alias root --alias admin@example.com - - # Disable redirection of mail for joe - __mail_alias joe --state absent - - -BUGS ----- -- Quoted strings are not parsed by this type. As a result, aliases - containing ``,`` (commas) are treated incorrectly (they are treated as - separate aliases.) - Make sure that email addresses, file names, and pipe commands do not contain - commas. -- ``:include:`` directives in the aliases file are not evaluated by this type. - They are treated like a regular alias, the values of the included file are - not expanded. - - -SEE ALSO --------- -:strong:`aliases`\ (5) - - -AUTHORS -------- -Dennis Camera - - -COPYING -------- -Copyright \(C) 2020 Dennis Camera. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/type/__mail_alias/nonparallel b/type/__mail_alias/nonparallel deleted file mode 100644 index e69de29..0000000 diff --git a/type/__mail_alias/parameter/default/state b/type/__mail_alias/parameter/default/state deleted file mode 100644 index e7f6134..0000000 --- a/type/__mail_alias/parameter/default/state +++ /dev/null @@ -1 +0,0 @@ -present diff --git a/type/__mail_alias/parameter/optional b/type/__mail_alias/parameter/optional deleted file mode 100644 index ff72b5c..0000000 --- a/type/__mail_alias/parameter/optional +++ /dev/null @@ -1 +0,0 @@ -state diff --git a/type/__mail_alias/parameter/optional_multiple b/type/__mail_alias/parameter/optional_multiple deleted file mode 100644 index d077ed8..0000000 --- a/type/__mail_alias/parameter/optional_multiple +++ /dev/null @@ -1 +0,0 @@ -alias diff --git a/type/__matrix_element/files/config.json.sh b/type/__matrix_element/files/config.json.sh deleted file mode 100755 index 9791f38..0000000 --- a/type/__matrix_element/files/config.json.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/sh -# -# Upstream configuration guide/documentation: -# https://github.com/vector-im/riot-web/blob/develop/docs/config.md - -generate_embedded_pages () { - if [ "$EMBED_HOMEPAGE" != "" ]; then - cat << EOF - "embeddedPages": { - "homeUrl": "home.html" - }, -EOF - fi -} - -generate_jitsi_config () { - if [ "$JITSI_DOMAIN" != "" ]; then - cat << EOF - "jitsi": { - "preferredDomain": "$JITSI_DOMAIN" - }, -EOF - fi -} - -generate_branding () { - echo '"branding": {' - - if [ "$BRANDING_AUTH_HEADER_LOGO_URL" != "" ]; then - cat << EOF - "authHeaderLogoUrl": "$BRANDING_AUTH_HEADER_LOGO_URL", -EOF - fi - - if [ "$BRANDING_AUTH_FOOTER_LINKS" != "" ]; then - cat << EOF - "authFooterLinks": "$BRANDING_AUTH_FOOTER_LINKS", -EOF - fi - - cat << EOF - "welcomeBackgroundUrl": "themes/element/img/backgrounds/lake.jpg" -EOF - echo '},' -} - -cat << EOF -{ - "default_server_config": { - "m.homeserver": { - "base_url": "$DEFAULT_SERVER_URL", - "server_name": "$DEFAULT_SERVER_NAME" - }, - "m.identity_server": { - "base_url": "https://vector.im" - } - }, - "brand": "$BRAND", - $(generate_branding) - "defaultCountryCode": "$DEFAULT_COUNTRY_CODE", - "integrations_ui_url": "https://scalar.vector.im/", - "integrations_rest_url": "https://scalar.vector.im/api", - "integrations_widgets_urls": [ - "https://scalar.vector.im/_matrix/integrations/v1", - "https://scalar.vector.im/api", - "https://scalar-staging.vector.im/_matrix/integrations/v1", - "https://scalar-staging.vector.im/api", - "https://scalar-staging.riot.im/scalar/api" - ], - "bug_report_endpoint_url": "https://riot.im/bugreports/submit", - "roomDirectory": { - "servers": [ - $ROOM_DIRECTORY_SERVERS - ] - }, - "disable_custom_urls": "$DISABLE_CUSTOM_URLS", - $(generate_embedded_pages) - $(generate_jitsi_config) - "terms_and_conditions_links": [ - { - "url": "$PRIVACY_POLICY_URL", - "text": "Privacy Policy" - }, - { - "url": "$COOKIE_POLICY_URL", - "text": "Cookie Policy" - } - ] -} -EOF diff --git a/type/__matrix_element/gencode-remote b/type/__matrix_element/gencode-remote deleted file mode 100755 index ff3bbaa..0000000 --- a/type/__matrix_element/gencode-remote +++ /dev/null @@ -1,95 +0,0 @@ -#!/bin/sh -e -# -# 2019 Timothée Floure (timothee.floure@ungleich.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . -# - -# Function to compare version strings. Returns success (0) if the version -# given by stdin is higher than the version provided by the argument. -# -# Taken from the cdist core type __sensible_editor. -version_ge() { - awk -F '[^0-9.]' -v target="${1:?}" ' - function max(x, y) { return x > y ? x : y; } - BEGIN { - getline; - nx = split($1, x, "."); - ny = split(target, y, "."); - for (i = 1; i <= max(nx, ny); ++i) { - diff = int(x[i]) - int(y[i]); - if (diff < 0) exit 1; - else if (diff > 0) exit 0; - else continue; - } - }' -} - - -VERSION=$(cat "$__object/parameter/version") -INSTALL_DIR=$(cat "$__object/parameter/install_dir") -OWNER=$(cat "$__object/parameter/owner") - -# tarball name changed due to application renaming -if echo "$VERSION" | version_ge 1.7.14; then - src="element-v$VERSION" -else - src="riot-v$VERSION" -fi -archive="$src.tar.gz" -url="https://github.com/vector-im/riot-web/releases/download/v$VERSION/$archive" - -# tar and curl are installed by the __matrix-riot manifest. mktemp is usually -# provided by coreutils and assumed installed. -cat << EOF -set -e - -# Ensure that coreutils is installed. -if [ ! -x \$(which mktemp) ]; then - echo "mktemp is not available on the remote host." >&2 - exit 1 -fi - -# Create temporary working directory. -tmpdir=\$(mktemp -d) -custom_files_dir="\$tmpdir/custom_files" -cd \$tmpdir - -# Download and extract sources. -curl -L '$url' > $archive -tar xf $archive - -# Backup files deployed by __matrix_element. -mkdir -p \$custom_files_dir -for file in $INSTALL_DIR/cdist/*; do - cp "\$file" "\$custom_files_dir" -done - -# Deploy sources and restore configuration. -rm -r '$INSTALL_DIR' -mv '$src' '$INSTALL_DIR' - -for file in \$custom_files_dir/*; do - cp "\$file" '$INSTALL_DIR' -done - -# Chown deployed files to requested owner. -chown -R '$OWNER' '$INSTALL_DIR' - -# Remove temporary working directory. -cd / -rm -r \$tmpdir -EOF diff --git a/type/__matrix_element/man.rst b/type/__matrix_element/man.rst deleted file mode 100644 index 05f0685..0000000 --- a/type/__matrix_element/man.rst +++ /dev/null @@ -1,87 +0,0 @@ -cdist-type__matrix_element(7) -============================= - -NAME ----- -cdist-type__matrix_element - Install and configure Element, a web Matrix client. - - -DESCRIPTION ------------ -This type install and configure the Element web client. - - -REQUIRED PARAMETERS -------------------- -install_dir - Root directory of Element's static files. - -version - Release of Element to install. - -OPTIONAL PARAMETERS -------------------- -default_server_name - Name of matrix homeserver to connect to, defaults to 'matrix.org'. - -default_server_url - URL of matrix homeserver to connect to, defaults to 'https://matrix-client.matrix.org'. - -owner - Owner of the deployed files, passed to `chown`. Defaults to 'root'. - -brand - Web UI branding, defaults to 'Element'. - -default_country_code - ISO 3166 alpha2 country code to use when showing country selectors, such as - phone number inputs. Defaults to GB. - -privacy_policy_url - Defaults to 'https://element.io/privacy'. - -cookie_policy_url - Defaults to 'https://matrix.org/docs/guides/element_im_cookie_policy'. - -jitsi_domain - Domain name of preferred Jitsi instance (default is jitsi.element.im). This is - used whenever a user clicks on the voice/video call buttons. - -homepage - Path to custom homepage, displayed once logged in. - -welcomepage - Path to custom welcome (= login) page. - -custom_asset - Serve a file a the top-level directory (e.g. /my-custom-logo.svg). Can be specified multiple times. - -BOOLEAN PARAMETERS -------------------- -disable_custom_urls - Disallow the user to change the default homeserver when signing up or logging in. - -EXAMPLES --------- - -.. code-block:: sh - - __matrix_element my-element --install_dir /var/www/element-web --version 1.5.6 - - -SEE ALSO --------- -- `cdist-type__matrix_synapse(7) `_ - - -AUTHORS -------- -Timothée Floure - - -COPYING -------- -Copyright \(C) 2019 Timothée Floure. You can redistribute it -and/or modify it under the terms of the GNU General Public License as -published by the Free Software Foundation, either version 3 of the -License, or (at your option) any later version. diff --git a/type/__matrix_element/manifest b/type/__matrix_element/manifest deleted file mode 100755 index 544bd96..0000000 --- a/type/__matrix_element/manifest +++ /dev/null @@ -1,106 +0,0 @@ -#!/bin/sh -e -# -# 2019 Timothée Floure (timothee.floure@ungleich.ch) -# -# This file is part of cdist. -# -# cdist is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# cdist is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with cdist. If not, see . - -# Ignore "Declare and assign separately to avoid masking return values. [SC2155]" -# => not relevant for the type arguments. -# shellcheck disable=SC2155 - -INSTALL_DIR=$(cat "$__object/parameter/install_dir") - -export DEFAULT_SERVER_NAME=$(cat "$__object/parameter/default_server_name") -export DEFAULT_SERVER_URL=$(cat "$__object/parameter/default_server_url") -export BRAND=$(cat "$__object/parameter/brand") -export DEFAULT_COUNTRY_CODE=$(cat "$__object/parameter/default_country_code") -export ROOM_DIRECTORY_SERVERS=$(cat "$__object/parameter/room_directory_servers") -export PRIVACY_POLICY_URL=$(cat "$__object/parameter/privacy_policy_url") -export COOKIE_POLICY_URL=$(cat "$__object/parameter/cookie_policy_url") - -if [ -f "$__object/parameter/jitsi_domain" ]; then - export JITSI_DOMAIN=$(cat "$__object/parameter/jitsi_domain") -fi - -if [ -f "$__object/parameter/branding_auth_header_logo_url" ]; then - export BRANDING_AUTH_HEADER_LOGO_URL=$(cat "$__object/parameter/branding_auth_header_logo_url") -fi - -if [ -f "$__object/parameter/branding_auth_footer_links" ]; then - export BRANDING_AUTH_FOOTER_LINKS=$(cat "$__object/parameter/branding_auth_footer_links") -fi - -if [ -f "$__object/parameter/homepage" ]; then - export EMBED_HOMEPAGE=1 - homepage=$(cat "$__object/parameter/homepage") -fi - -if [ -f "$__object/parameter/welcomepage" ]; then - export EMBED_WELCOMEPAGE=1 - welcomepage=$(cat "$__object/parameter/welcomepage") -fi - -if [ -f "$__object/parameter/custom_asset" ]; then - "$__object/parameter/custom_asset" | while IFS= read -r file; do - require="__directory/$INSTALL_DIR/cdist" __file "$INSTALL_DIR/cdist/$(basename "$file")" \ - --source "$file" \ - --mode 0664 \ - --state present - done -fi - -if [ -f "$__object/parameter/disable_custom_urls" ]; then - export DISABLE_CUSTOM_URLS='true' -else - export DISABLE_CUSTOM_URLS='false' -fi - -# Owner of the uploaded files. -owner=$(cat "$__object/parameter/owner") - -# Ensure that curl and tar are installed, as they will be required by the -# gencode-remote script. -__package curl --state present -__package tar --state present - -# Generate and deploy configuration file. -mkdir -p "$__object/files" -"$__type/files/config.json.sh" > "$__object/files/config.json" - -# Install the config.json configuration file. The application's sources are -# downloaded and deployed by gencode-remote. -__directory "$INSTALL_DIR/cdist" \ - --owner "$owner" --mode 0755 --parents \ - --state present - -require="__directory/$INSTALL_DIR/cdist" __file "$INSTALL_DIR/cdist/config.json" \ - --source "$__object/files/config.json" \ - --mode 0664 \ - --state present - -if [ $EMBED_HOMEPAGE ]; then - require="__directory/$INSTALL_DIR/cdist" __file "$INSTALL_DIR/cdist/home.html" \ - --source "$homepage" \ - --mode 0664 \ - --state present -fi - -if [ $EMBED_WELCOMEPAGE ]; then - require="__directory/$INSTALL_DIR/cdist" __file "$INSTALL_DIR/cdist/welcome.html" \ - --source "$welcomepage" \ - --mode 0664 \ - --state present -fi diff --git a/type/__matrix_element/parameter/boolean b/type/__matrix_element/parameter/boolean deleted file mode 100644 index 4d77768..0000000 --- a/type/__matrix_element/parameter/boolean +++ /dev/null @@ -1 +0,0 @@ -disable_custom_urls diff --git a/type/__matrix_element/parameter/default/brand b/type/__matrix_element/parameter/default/brand deleted file mode 100644 index 907f907..0000000 --- a/type/__matrix_element/parameter/default/brand +++ /dev/null @@ -1 +0,0 @@ -Element diff --git a/type/__matrix_element/parameter/default/cookie_policy_url b/type/__matrix_element/parameter/default/cookie_policy_url deleted file mode 100644 index 04e9c2b..0000000 --- a/type/__matrix_element/parameter/default/cookie_policy_url +++ /dev/null @@ -1 +0,0 @@ -https://matrix.org/docs/guides/riot_im_cookie_policy diff --git a/type/__matrix_element/parameter/default/default_country_code b/type/__matrix_element/parameter/default/default_country_code deleted file mode 100644 index 30ac4a3..0000000 --- a/type/__matrix_element/parameter/default/default_country_code +++ /dev/null @@ -1 +0,0 @@ -GB diff --git a/type/__matrix_element/parameter/default/default_server_name b/type/__matrix_element/parameter/default/default_server_name deleted file mode 100644 index 5528ffd..0000000 --- a/type/__matrix_element/parameter/default/default_server_name +++ /dev/null @@ -1 +0,0 @@ -matrix.org diff --git a/type/__matrix_element/parameter/default/default_server_url b/type/__matrix_element/parameter/default/default_server_url deleted file mode 100644 index 2cb9227..0000000 --- a/type/__matrix_element/parameter/default/default_server_url +++ /dev/null @@ -1 +0,0 @@ -https://matrix-client.matrix.org diff --git a/type/__matrix_element/parameter/default/owner b/type/__matrix_element/parameter/default/owner deleted file mode 100644 index d8649da..0000000 --- a/type/__matrix_element/parameter/default/owner +++ /dev/null @@ -1 +0,0 @@ -root diff --git a/type/__matrix_element/parameter/default/privacy_policy_url b/type/__matrix_element/parameter/default/privacy_policy_url deleted file mode 100644 index 37fa4bc..0000000 --- a/type/__matrix_element/parameter/default/privacy_policy_url +++ /dev/null @@ -1 +0,0 @@ -https://element.io/privacy diff --git a/type/__matrix_element/parameter/default/room_directory_servers b/type/__matrix_element/parameter/default/room_directory_servers deleted file mode 100644 index 4ea73ad..0000000 --- a/type/__matrix_element/parameter/default/room_directory_servers +++ /dev/null @@ -1 +0,0 @@ -"matrix.org" diff --git a/type/__matrix_element/parameter/optional b/type/__matrix_element/parameter/optional deleted file mode 100644 index 21a2faf..0000000 --- a/type/__matrix_element/parameter/optional +++ /dev/null @@ -1,13 +0,0 @@ -default_server_url -default_server_name -brand -default_country_code -privacy_policy_url -cookie_policy_url -room_directory_servers -owner -homepage -welcomepage -jitsi_domain -branding_auth_header_logo_url -branding_auth_footer_links diff --git a/type/__matrix_element/parameter/optional_multiple b/type/__matrix_element/parameter/optional_multiple deleted file mode 100644 index 4c2ca54..0000000 --- a/type/__matrix_element/parameter/optional_multiple +++ /dev/null @@ -1 +0,0 @@ -custom_asset diff --git a/type/__matrix_element/parameter/required b/type/__matrix_element/parameter/required deleted file mode 100644 index a76477e..0000000 --- a/type/__matrix_element/parameter/required +++ /dev/null @@ -1,2 +0,0 @@ -version -install_dir diff --git a/type/__matrix_synapse/files/environment.sh b/type/__matrix_synapse/files/environment.sh new file mode 100644 index 0000000..99179be --- /dev/null +++ b/type/__matrix_synapse/files/environment.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +cat << EOF +# Specify environment variables used when running Synapse +SYNAPSE_CACHE_FACTOR=$CACHE_FACTOR +EOF diff --git a/type/__matrix_synapse/files/homeserver.yaml.sh b/type/__matrix_synapse/files/homeserver.yaml.sh new file mode 100755 index 0000000..4d47ed3 --- /dev/null +++ b/type/__matrix_synapse/files/homeserver.yaml.sh @@ -0,0 +1,1785 @@ +#!/bin/sh + +# NOTE: this template has been generated using the +# matrix-synapse-1.5.1-1.fc31.noarch Fedora package for use with CDIST. + +generate_extra_settings () { + for line in $EXTRA_SETTINGS; do + echo "$line" + done +} + +generate_database () { + if [ "$DATABASE_ENGINE" = "sqlite3" ]; then + cat << EOF +database: + # The database engine name + name: "$DATABASE_ENGINE" + # Arguments to pass to the engine + args: + # Path to the database + database: "$DATABASE_NAME" +EOF + else +cat << EOF +database: + # The database engine name + name: "$DATABASE_ENGINE" + # Arguments to pass to the engine + args: + database: "$DATABASE_NAME" + host: "$DATABASE_HOST" + user: "$DATABASE_USER" + password: "$DATABASE_PASSWORD" +EOF + fi +} + +generate_password_providers () { + if [ "$ENABLE_LDAP_AUTH" = "true" ]; then + cat <