2020-06-25 09:16:20 +00:00
|
|
|
#!/bin/sh -e
|
|
|
|
#
|
|
|
|
# 2019 Timothée Floure (timothee.floure@ungleich.ch)
|
|
|
|
#
|
|
|
|
# This file is part of cdist.
|
|
|
|
#
|
|
|
|
# cdist is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# cdist is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
#
|
|
|
|
|
|
|
|
# OS-specific configuration.
|
|
|
|
os=$(cat "$__global/explorer/os")
|
|
|
|
|
|
|
|
case "$os" in
|
2021-11-30 12:32:03 +00:00
|
|
|
debian|ubuntu)
|
2021-02-15 17:50:12 +00:00
|
|
|
synapse_user=matrix-synapse
|
2021-11-16 13:16:16 +00:00
|
|
|
synapse_pkg=matrix-synapse-py3
|
2021-02-15 17:50:12 +00:00
|
|
|
synapse_service=matrix-synapse
|
|
|
|
ldap_auth_provider_pkg=matrix-synapse-ldap3
|
|
|
|
synapse_conf_dir='/etc/matrix-synapse'
|
|
|
|
synapse_data_dir='/var/lib/matrix-synapse'
|
|
|
|
|
2021-11-30 12:32:03 +00:00
|
|
|
__apt_key matrix-org \
|
|
|
|
--uri https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
|
|
|
|
|
|
|
|
require="__apt_key/matrix-org" __apt_source matrix-org \
|
|
|
|
--uri https://packages.matrix.org/debian/ \
|
|
|
|
--component main
|
|
|
|
package_req="__apt_source/matrix-org"
|
2022-01-07 10:42:13 +00:00
|
|
|
;;
|
2021-02-15 17:50:12 +00:00
|
|
|
alpine)
|
|
|
|
synapse_user=synapse
|
|
|
|
synapse_pkg=synapse
|
|
|
|
synapse_service=synapse
|
|
|
|
# Note available as of writing (2021-02-15)
|
|
|
|
ldap_auth_provider_pkg=
|
|
|
|
synapse_conf_dir='/etc/synapse'
|
|
|
|
synapse_data_dir='/var/lib/synapse'
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
|
|
|
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
|
|
|
exit 1
|
|
|
|
;;
|
2020-06-25 09:16:20 +00:00
|
|
|
esac
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Small helper used to get boolean values which can be used as-is in the
|
|
|
|
# configuration template.
|
|
|
|
get_boolean_for () {
|
|
|
|
if [ -f "$__object/parameter/${1:?}" ]; then
|
|
|
|
echo 'true'
|
|
|
|
else
|
|
|
|
echo 'false'
|
|
|
|
fi
|
|
|
|
}
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Small helper for erroring out on invalid combinations.
|
|
|
|
is_required_when () {
|
|
|
|
value=$1
|
|
|
|
flag=$2
|
|
|
|
when=$3
|
|
|
|
|
|
|
|
if [ -z "$value" ]; then
|
|
|
|
echo "$flag is required when $when." >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
# Generic configuration.
|
2020-06-25 09:16:20 +00:00
|
|
|
export DATA_DIR=$synapse_data_dir
|
|
|
|
export LOG_DIR='/var/log/matrix-synapse'
|
|
|
|
export PIDFILE='/var/run/matrix/homeserver.pid'
|
|
|
|
export LOG_CONFIG_PATH="$synapse_conf_dir/log.yaml"
|
|
|
|
export SIGNING_KEY_PATH="$synapse_conf_dir/signin.key"
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Base parameters.
|
|
|
|
SERVER_NAME=$(cat "$__object/parameter/server-name")
|
|
|
|
BASE_URL=$(cat "$__object/parameter/base-url")
|
|
|
|
REPORT_STATS=$(get_boolean_for 'report-stats')
|
|
|
|
MAX_UPLOAD_SIZE=$(cat "$__object/parameter/max-upload-size")
|
|
|
|
EXPOSE_METRICS=$(get_boolean_for 'expose-metrics')
|
|
|
|
WEB_CLIENT_URL=$(cat "$__object/parameter/web-client-url")
|
|
|
|
ROOM_ENCRYPTION_POLICY=$(cat "$__object/parameter/room-encryption-policy")
|
2021-02-19 10:25:16 +00:00
|
|
|
BIND_ADDRESSES=$(cat "$__object/parameter/bind-address")
|
2021-02-15 17:50:12 +00:00
|
|
|
export SERVER_NAME BASE_URL REPORT_STATS MAX_UPLOAD_SIZE EXPOSE_METRICS \
|
2021-02-19 10:25:16 +00:00
|
|
|
WEB_CLIENT_URL ROOM_ENCRYPTION_POLICY BIND_ADDRESSES
|
2021-02-15 17:50:12 +00:00
|
|
|
|
|
|
|
if [ -f "$__object/parameter/enable-server-notices" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
export ENABLE_SERVER_NOTICES=1
|
2021-02-15 17:50:12 +00:00
|
|
|
fi
|
|
|
|
|
2021-02-17 13:01:06 +00:00
|
|
|
# TLS.
|
2021-02-18 10:27:34 +00:00
|
|
|
if [ -f "$__object/parameter/tls-cert" ]; then
|
|
|
|
TLS_CERTIFICATE_PATH=$(cat "$__object/parameter/tls-cert")
|
|
|
|
export TLS_CERTIFICATE_PATH
|
|
|
|
fi
|
|
|
|
if [ -f "$__object/parameter/tls-private-key" ]; then
|
|
|
|
TLS_PRIVATE_KEY_PATH=$(cat "$__object/parameter/tls-private-key")
|
|
|
|
export TLS_PRIVATE_KEY_PATH
|
|
|
|
fi
|
2021-02-17 13:01:06 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Performance flags.
|
|
|
|
GLOBAL_CACHE_FACTOR=$(cat "$__object/parameter/global-cache-factor")
|
|
|
|
EVENT_CACHE_SIZE=$(cat "$__object/parameter/event-cache-size")
|
|
|
|
export GLOBAL_CACHE_FACTOR EVENT_CACHE_SIZE
|
|
|
|
|
|
|
|
if [ -f "$__object/parameter/disable-presence" ]; then
|
|
|
|
export USE_PRESENCE='false'
|
|
|
|
else
|
|
|
|
export USE_PRESENCE='true'
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Database configuration.
|
2021-02-12 08:58:10 +00:00
|
|
|
DATABASE_ENGINE=$(cat "$__object/parameter/database-engine")
|
|
|
|
DATABASE_NAME=$(cat "$__object/parameter/database-name")
|
|
|
|
DATABASE_HOST=$(cat "$__object/parameter/database-host")
|
|
|
|
DATABASE_USER=$(cat "$__object/parameter/database-user")
|
|
|
|
DATABASE_PASSWORD=$(cat "$__object/parameter/database-password")
|
2021-02-24 17:50:01 +00:00
|
|
|
DATABASE_CP_MIN=$(cat "$__object/parameter/database-connection-pool-min")
|
|
|
|
DATABASE_CP_MAX=$(cat "$__object/parameter/database-connection-pool-max")
|
2021-02-15 17:50:12 +00:00
|
|
|
export DATABASE_ENGINE DATABASE_NAME DATABASE_HOST DATABASE_USER \
|
2021-02-24 17:50:01 +00:00
|
|
|
DATABASE_PASSWORD DATABASE_CP_MIN DATABASE_CP_MAX
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# LDAP-based authentication.
|
2021-02-22 12:12:47 +00:00
|
|
|
if [ -f "$__object/parameter/enable-ldap-auth" ]; then
|
2021-02-18 10:27:34 +00:00
|
|
|
ENABLE_LDAP_AUTH=$(get_boolean_for 'enable-ldap-auth')
|
|
|
|
export ENABLE_LDAP_AUTH
|
|
|
|
fi
|
|
|
|
|
2021-02-12 08:58:10 +00:00
|
|
|
LDAP_FILTER=$(cat "$__object/parameter/ldap-filter")
|
|
|
|
LDAP_UID_ATTRIBUTE=$(cat "$__object/parameter/ldap-uid-attribute")
|
|
|
|
LDAP_MAIL_ATTRIBUTE=$(cat "$__object/parameter/ldap-mail-attribute")
|
|
|
|
LDAP_NAME_ATTRIBUTE=$(cat "$__object/parameter/ldap-name-attribute")
|
|
|
|
LDAP_URI=$(cat "$__object/parameter/ldap-uri")
|
|
|
|
LDAP_BASE_DN=$(cat "$__object/parameter/ldap-base-dn")
|
|
|
|
LDAP_BIND_DN=$(cat "$__object/parameter/ldap-bind-dn")
|
|
|
|
LDAP_BIND_PASSWORD=$(cat "$__object/parameter/ldap-bind-password")
|
2021-02-15 17:50:12 +00:00
|
|
|
LDAP_USE_STARTTLS=$(get_boolean_for 'ldap-use-starttls')
|
2021-02-18 10:27:34 +00:00
|
|
|
export LDAP_FILTER LDAP_UID_ATTRIBUTE LDAP_MAIL_ATTRIBUTE LDAP_NAME_ATTRIBUTE \
|
|
|
|
LDAP_URI LDAP_BASE_DN LDAP_BIND_DN LDAP_BIND_PASSWORD LDAP_USE_STARTTLS
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Outgoing emails (= notifications).
|
|
|
|
ENABLE_NOTIFICATIONS=$(get_boolean_for 'enable-notifications')
|
|
|
|
SMTP_HOST=$(cat "$__object/parameter/smtp-host")
|
|
|
|
SMTP_PORT=$(cat "$__object/parameter/smtp-port")
|
|
|
|
SMTP_USE_STARTTLS=$(get_boolean_for 'smtp-use-starttls')
|
|
|
|
SMTP_USER=$(cat "$__object/parameter/smtp-user")
|
|
|
|
SMTP_PASSWORD=$(cat "$__object/parameter/smtp-password")
|
|
|
|
export SMTP_HOST SMTP_PORT SMTP_USER SMTP_PASSWORD SMTP_USE_STARTTLS \
|
|
|
|
ENABLE_NOTIFICATIONS
|
|
|
|
|
|
|
|
if [ -f "$__object/parameter/notification-from" ]; then
|
|
|
|
NOTIFICATION_FROM=$(cat "$__object/parameter/notification-from")
|
|
|
|
export NOTIFICATION_FROM
|
|
|
|
else
|
2021-02-17 09:05:26 +00:00
|
|
|
export NOTIFICATION_FROM="%(app)s <no-reply@$SERVER_NAME>"
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Registrations and users.
|
|
|
|
ALLOW_GUEST_ACCESS=$(get_boolean_for 'allow-guest-access')
|
|
|
|
ENABLE_REGISTRATIONS=$(get_boolean_for 'enable-registrations')
|
|
|
|
USER_DIRECTORY_SEARCH_ALL_USERS=$(get_boolean_for 'user-directory-search-all-users')
|
|
|
|
export ALLOW_GUEST_ACCESS ENABLE_REGISTRATIONS USER_DIRECTORY_SEARCH_ALL_USERS
|
|
|
|
|
2021-12-01 07:32:37 +00:00
|
|
|
if [ -f "$__object/parameter/registration-shared-secret" ]; then
|
2021-02-18 10:27:34 +00:00
|
|
|
REGISTRATION_SHARED_SECRET=$(cat "$__object/parameter/registration-shared-secret")
|
|
|
|
export REGISTRATION_SHARED_SECRET
|
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
if [ -f "$__object/parameter/registration-requires-email" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
export REGISTRATION_REQUIRES_EMAIL=1
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2022-02-08 12:45:03 +00:00
|
|
|
ENABLE_SET_DISPLAYNAME='true'
|
|
|
|
if [ -f "$__object/parameter/disable-displayname-changes" ]; then
|
|
|
|
ENABLE_SET_DISPLAYNAME='false'
|
|
|
|
fi
|
|
|
|
export ENABLE_SET_DISPLAYNAME
|
|
|
|
|
|
|
|
ENABLE_3PID_CHANGES='true'
|
|
|
|
if [ -f "$__object/parameter/disable-3pid-changes" ]; then
|
|
|
|
ENABLE_3PID_CHANGES='false'
|
|
|
|
fi
|
|
|
|
export ENABLE_3PID_CHANGES
|
|
|
|
|
2021-02-12 08:58:10 +00:00
|
|
|
if [ -f "$__object/parameter/auto-join-room" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
AUTO_JOIN_ROOMS="$(cat "$__object/parameter/auto-join-room")"
|
|
|
|
export AUTO_JOIN_ROOMS
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
if [ -f "$__object/parameter/registration-allows-email-pattern" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
RESGISTRATION_ALLOWS_EMAIL_PATTERN=$(cat "$__object/parameter/registration-allows-email-pattern")
|
|
|
|
export RESGISTRATION_ALLOWS_EMAIL_PATTERN
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2021-12-02 10:38:26 +00:00
|
|
|
if [ -f "$__object/parameter/saml2-idp-metadata-url" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
# Synapse fails to start while trying to parse IDP metadata if this package
|
|
|
|
# is not installed.
|
|
|
|
__package xmlsec1
|
2021-12-02 10:38:26 +00:00
|
|
|
|
2022-01-07 10:42:13 +00:00
|
|
|
SAML2_IDP_METADATA_URL=$(cat "$__object/parameter/saml2-idp-metadata-url")
|
|
|
|
export SAML2_IDP_METADATA_URL
|
2021-12-02 10:38:26 +00:00
|
|
|
fi
|
|
|
|
|
2021-12-23 09:46:21 +00:00
|
|
|
if [ -f "$__object/parameter/saml2-sp-key" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
SAML2_SP_KEY=$(cat "$__object/parameter/saml2-sp-key")
|
|
|
|
export SAML2_SP_KEY
|
2021-12-23 09:46:21 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f "$__object/parameter/saml2-sp-cert" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
SAML2_SP_CERT=$(cat "$__object/parameter/saml2-sp-cert")
|
|
|
|
export SAML2_SP_CERT
|
2021-12-23 09:46:21 +00:00
|
|
|
fi
|
|
|
|
|
2022-01-12 15:21:17 +00:00
|
|
|
if [ -f "$__object/parameter/saml2-mapping-provider-module" ]; then
|
|
|
|
SAML2_MAPPING_PROVIDER_MODULE=$(cat "$__object/parameter/saml2-mapping-provider-module")
|
|
|
|
export SAML2_MAPPING_PROVIDER_MODULE
|
|
|
|
fi
|
|
|
|
|
2022-01-16 11:41:03 +00:00
|
|
|
if [ -f "$__object/parameter/saml2-mapping-provider-extra-config" ]; then
|
|
|
|
SAML2_MAPPING_PROVIDER_EXTRA_CONFIG=$(cat "$__object/parameter/saml2-mapping-provider-extra-config")
|
|
|
|
export SAML2_MAPPING_PROVIDER_EXTRA_CONFIG
|
|
|
|
fi
|
|
|
|
|
2022-01-24 10:23:38 +00:00
|
|
|
SSO_TEMPLATE_DIR=$(cat "$__object/parameter/sso-template-dir")
|
|
|
|
export SSO_TEMPLATE_DIR
|
|
|
|
|
2021-12-23 09:46:21 +00:00
|
|
|
if [ -n "$SAML2_SP_KEY" ] && [ -z "$SAML2_SP_CERT" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
echo "--saml2-sp-cert must be set if --saml2-sp-key is provided." >&2
|
|
|
|
exit 1
|
2021-12-23 09:46:21 +00:00
|
|
|
elif [ -n "$SAML2_SP_CERT" ] && [ -z "$SAML2_SP_KEY" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
echo "--saml2-sp-key must be set if --saml2-sp-cert is provided." >&2
|
|
|
|
exit 1
|
2021-12-23 09:46:21 +00:00
|
|
|
fi
|
|
|
|
|
2021-12-02 12:07:06 +00:00
|
|
|
if [ -f "$__object/parameter/default-identity-server" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
DEFAULT_IDENTITY_SERVER=$(cat "$__object/parameter/default-identity-server")
|
|
|
|
export DEFAULT_IDENTITY_SERVER
|
2021-12-02 12:07:06 +00:00
|
|
|
fi
|
|
|
|
|
2022-01-07 10:42:13 +00:00
|
|
|
ENABLE_3PID_LOOKUPS='false'
|
2022-01-12 15:21:46 +00:00
|
|
|
if [ -f "$__object/parameter/enable-3pid-lookups" ]; then
|
2022-01-07 10:42:13 +00:00
|
|
|
ENABLE_3PID_LOOKUPS='true'
|
|
|
|
fi
|
|
|
|
export ENABLE_3PID_LOOKUPS
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Federation.
|
|
|
|
ALLOW_PUBLIC_ROOMS_OVER_FEDERATION=$(get_boolean_for 'allow-public-room-over-federation')
|
|
|
|
ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH=$(get_boolean_for 'allow-public-rooms-without-auth')
|
|
|
|
LIMIT_REMOTE_ROOM_COMPLEXITY=$(get_boolean_for 'limit-remote-room-complexity')
|
2021-02-24 13:36:00 +00:00
|
|
|
REMOTE_ROOM_COMPLEXITY_THRESHOLD=$(cat "$__object/parameter/remote-room-complexity-threshold")
|
2021-02-18 10:27:34 +00:00
|
|
|
export ALLOW_PUBLIC_ROOMS_OVER_FEDERATION ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH \
|
2021-02-24 13:36:00 +00:00
|
|
|
LIMIT_REMOTE_ROOM_COMPLEXITY REMOTE_ROOM_COMPLEXITY_THRESHOLD
|
2021-02-18 10:27:34 +00:00
|
|
|
|
|
|
|
if [ -f "$__object/parameter/disable-federation" ]; then
|
|
|
|
export DISABLE_FEDERATION=1
|
|
|
|
fi
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Message retention.
|
|
|
|
ENABLE_MESSAGE_RETENTION_POLICY=$(get_boolean_for 'enable-message-retention-policy')
|
|
|
|
MESSAGE_RETENTION_POLICY_MAX_LIFETIME=$(cat "$__object/parameter/message-max-lifetime")
|
2022-01-24 07:56:12 +00:00
|
|
|
MESSAGE_RETENTION_POLICY_MIN_LIFETIME=$MESSAGE_RETENTION_POLICY_MAX_LIFETIME
|
|
|
|
export ENABLE_MESSAGE_RETENTION_POLICY MESSAGE_RETENTION_POLICY_MAX_LIFETIME MESSAGE_RETENTION_POLICY_MIN_LIFETIME
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-17 13:01:06 +00:00
|
|
|
# Previews.
|
|
|
|
ENABLE_URL_PREVIEW=$(get_boolean_for 'enable-url-preview')
|
|
|
|
export ENABLE_URL_PREVIEW
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Rate-limiting
|
2021-02-12 08:58:10 +00:00
|
|
|
RC_MESSAGE_PER_SECOND=$(cat "$__object/parameter/rc-message-per-second")
|
2021-02-15 17:50:12 +00:00
|
|
|
RC_MESSAGE_BURST=$(cat "$__object/parameter/rc-message-burst")
|
2021-02-12 08:58:10 +00:00
|
|
|
RC_LOGIN_PER_SECOND=$(cat "$__object/parameter/rc-login-per-second")
|
|
|
|
RC_LOGIN_BURST=$(cat "$__object/parameter/rc-login-burst")
|
2021-02-15 17:50:12 +00:00
|
|
|
export RC_MESSAGE_PER_SECOND RC_MESSAGE_BURST RC_LOGIN_PER_SECOND \
|
|
|
|
RC_LOGIN_BURST
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Application services.
|
|
|
|
if [ -f "$__object/parameter/app-service-config-file" ]; then
|
|
|
|
APP_SERVICE_CONFIG_FILES=$(cat "$__object/parameter/app-service-config-file")
|
|
|
|
export APP_SERVICE_CONFIG_FILES
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Anything that did not fit in this type's template.
|
|
|
|
if [ -f "$__object/parameter/extra-setting" ]; then
|
|
|
|
EXTRA_SETTINGS=$(cat "$__object/parameter/extra-setting")
|
|
|
|
export EXTRA_SETTINGS
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
2021-02-15 17:50:12 +00:00
|
|
|
|
|
|
|
# TURN server (NAT traversal for P2P calls).
|
|
|
|
TURN_USER_LIFETIME=$(cat "$__object/parameter/turn-user-lifetime")
|
|
|
|
export TURN_USER_LIFETIME
|
|
|
|
|
|
|
|
if [ -f "$__object/parameter/turn-shared-secret" ]; then
|
|
|
|
TURN_SHARED_SECRET=$(cat "$__object/parameter/turn-shared-secret")
|
|
|
|
export TURN_SHARED_SECRET
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
2021-02-15 17:50:12 +00:00
|
|
|
|
|
|
|
if [ -f "$__object/parameter/turn-uri" ]; then
|
|
|
|
TURN_URIS=$(cat "$__object/parameter/turn-uri")
|
|
|
|
export TURN_URIS
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
2021-02-15 17:50:12 +00:00
|
|
|
|
2021-12-01 14:55:34 +00:00
|
|
|
if [ -f "$__object/parameter/turn-username" ]; then
|
|
|
|
TURN_USERNAME=$(cat "$__object/parameter/turn-username")
|
|
|
|
export TURN_USERNAME
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f "$__object/parameter/turn-password" ]; then
|
|
|
|
TURN_PASSWORD=$(cat "$__object/parameter/turn-password")
|
|
|
|
export TURN_PASSWORD
|
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Worker-mode configuration.
|
|
|
|
export MAIN_LISTENER_PORT=8008
|
|
|
|
export ENABLE_MEDIA_REPO='true'
|
2021-02-24 18:31:48 +00:00
|
|
|
if [ -f "$__object/parameter/outbound-federation-worker" ]; then
|
|
|
|
FEDERATION_SENDER_INSTANCES=$(cat "$__object/parameter/outbound-federation-worker")
|
|
|
|
export FEDERATION_SENDER_INSTANCES
|
|
|
|
fi
|
2021-02-15 17:50:12 +00:00
|
|
|
MAIN_LISTENER_RESOURCES="[federation,client]"
|
|
|
|
if [ "$EXPOSE_METRICS" = "true" ]; then
|
|
|
|
MAIN_LISTENER_RESOURCES="$(echo "$MAIN_LISTENER_RESOURCES" | tr -d ']'),metrics]"
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
2021-02-24 18:31:48 +00:00
|
|
|
if [ -n "$FEDERATION_SENDER_INSTANCES" ]; then
|
|
|
|
export SEND_FEDERATION_FROM_MAIN_PROCESS='false'
|
|
|
|
else
|
|
|
|
export SEND_FEDERATION_FROM_MAIN_PROCESS='true'
|
|
|
|
fi
|
2021-02-15 17:50:12 +00:00
|
|
|
export MAIN_LISTENER_RESOURCES
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-17 09:05:26 +00:00
|
|
|
ENABLE_REPLICATION=
|
|
|
|
ENABLE_REDIS_SUPPORT='false'
|
|
|
|
WORKER_REPLICATION_SECRET=$(cat "$__object/parameter/worker-replication-secret")
|
|
|
|
BACKGROUND_TASKS_WORKER=$(cat "$__object/parameter/background-tasks-worker")
|
|
|
|
if [ -f "$__object/parameter/worker-mode" ]; then
|
|
|
|
ENABLE_REPLICATION=1
|
|
|
|
ENABLE_REDIS_SUPPORT='true'
|
|
|
|
fi
|
|
|
|
export ENABLE_REPLICATION ENABLE_REDIS_SUPPORT WORKER_REPLICATION_SECRET \
|
|
|
|
BACKGROUND_TASKS_WORKER
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Error out on invalid parameter combination.
|
|
|
|
case "$DATABASE_ENGINE" in
|
|
|
|
sqlite3)
|
|
|
|
:
|
2022-01-07 10:42:13 +00:00
|
|
|
;;
|
2021-02-15 17:50:12 +00:00
|
|
|
psycopg2)
|
|
|
|
when='database engine is psycopg2'
|
|
|
|
is_required_when "$DATABASE_HOST" '--database-host' "$when"
|
|
|
|
is_required_when "$DATABASE_USER" '--database-user' "$when"
|
2022-01-07 10:42:13 +00:00
|
|
|
;;
|
2021-02-15 17:50:12 +00:00
|
|
|
*)
|
|
|
|
echo "Invalid database engine: $DATABASE_ENGINE." >&2
|
|
|
|
exit 1
|
2022-01-07 10:42:13 +00:00
|
|
|
;;
|
2021-02-15 17:50:12 +00:00
|
|
|
esac
|
2020-06-25 09:16:20 +00:00
|
|
|
|
|
|
|
|
2021-11-16 13:16:16 +00:00
|
|
|
# Install OS packages.
|
|
|
|
require="$package_req" __package "$synapse_pkg"
|
|
|
|
synapse_req="__package/$synapse_pkg"
|
2021-02-15 17:50:12 +00:00
|
|
|
|
2021-02-18 10:27:34 +00:00
|
|
|
if [ -n "$ENABLE_LDAP_AUTH" ]; then
|
2021-11-16 13:16:16 +00:00
|
|
|
require="$package_req" __package "$ldap_auth_provider_pkg"
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Generate and deploy configuration files.
|
|
|
|
mkdir -p "$__object/files"
|
|
|
|
"$__type/files/homeserver.yaml.sh" > "$__object/files/homeserver.yaml"
|
|
|
|
"$__type/files/log.config.sh" > "$__object/files/log.config"
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
require="$synapse_req" __file "$synapse_conf_dir/homeserver.yaml" \
|
2022-01-07 10:42:13 +00:00
|
|
|
--owner $synapse_user \
|
|
|
|
--mode 600 \
|
|
|
|
--source "$__object/files/homeserver.yaml"
|
2021-02-15 17:50:12 +00:00
|
|
|
require="$synapse_req" __file "$LOG_CONFIG_PATH" \
|
2022-01-07 10:42:13 +00:00
|
|
|
--owner $synapse_user \
|
|
|
|
--mode 600 \
|
|
|
|
--source "$__object/files/log.config"
|
2020-06-25 09:16:20 +00:00
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
for directory in $DATA_DIR $LOG_DIR; do
|
|
|
|
require="$synapse_req" __directory $directory \
|
|
|
|
--state present \
|
|
|
|
--owner $synapse_user
|
|
|
|
done
|
|
|
|
|
2021-11-30 12:32:03 +00:00
|
|
|
# Make dpkg-reconfigure happy on debian-based systems.
|
|
|
|
if [ "$os" = "debian" ] || [ "$os" = "ubuntu" ]; then
|
2021-02-15 17:50:12 +00:00
|
|
|
require="$synapse_req" __file "$synapse_conf_dir/conf.d/server_name.yaml" \
|
|
|
|
--owner $synapse_user \
|
|
|
|
--source - <<- EOF
|
|
|
|
server_name: "$SERVER_NAME"
|
|
|
|
EOF
|
|
|
|
|
|
|
|
require="$synapse_req" __file "$synapse_conf_dir/conf.d/report_stats.yaml" \
|
|
|
|
--owner $synapse_user \
|
|
|
|
--source - <<- EOF
|
|
|
|
report_stats: $REPORT_STATS
|
|
|
|
EOF
|
2020-06-25 09:16:20 +00:00
|
|
|
fi
|
|
|
|
|
2021-02-15 17:50:12 +00:00
|
|
|
# Start service at boot - started/reload in gencode-remote.
|
|
|
|
require="$synapse_req" __start_on_boot $synapse_service
|