Compare commits
2 commits
master
...
__matrix_s
Author | SHA1 | Date | |
---|---|---|---|
716b4de8e1 | |||
451f09d746 |
33 changed files with 2413 additions and 0 deletions
6
type/__matrix_synapse/files/environment.sh
Normal file
6
type/__matrix_synapse/files/environment.sh
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
cat << EOF
|
||||||
|
# Specify environment variables used when running Synapse
|
||||||
|
SYNAPSE_CACHE_FACTOR=$CACHE_FACTOR
|
||||||
|
EOF
|
1785
type/__matrix_synapse/files/homeserver.yaml.sh
Executable file
1785
type/__matrix_synapse/files/homeserver.yaml.sh
Executable file
File diff suppressed because it is too large
Load diff
60
type/__matrix_synapse/files/log.config.sh
Executable file
60
type/__matrix_synapse/files/log.config.sh
Executable file
|
@ -0,0 +1,60 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
cat << EOF
|
||||||
|
|
||||||
|
version: 1
|
||||||
|
|
||||||
|
formatters:
|
||||||
|
precise:
|
||||||
|
format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
|
||||||
|
journal_fmt:
|
||||||
|
format: '%(name)s: [%(request)s] %(message)s'
|
||||||
|
|
||||||
|
filters:
|
||||||
|
context:
|
||||||
|
(): synapse.util.logcontext.LoggingContextFilter
|
||||||
|
request: ""
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
file:
|
||||||
|
class: logging.handlers.WatchedFileHandler
|
||||||
|
formatter: precise
|
||||||
|
filename: $LOG_DIR/homeserver.log
|
||||||
|
filters: [context]
|
||||||
|
level: DEBUG
|
||||||
|
encoding: utf8
|
||||||
|
console:
|
||||||
|
class: logging.StreamHandler
|
||||||
|
formatter: precise
|
||||||
|
level: WARN
|
||||||
|
journal:
|
||||||
|
class: systemd.journal.JournalHandler
|
||||||
|
formatter: journal_fmt
|
||||||
|
filters: [context]
|
||||||
|
SYSLOG_IDENTIFIER: synapse
|
||||||
|
|
||||||
|
loggers:
|
||||||
|
twisted:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
synapse:
|
||||||
|
level: INFO
|
||||||
|
|
||||||
|
# the following levels are more verbose than most users want
|
||||||
|
# set them to INFO if you need more logging
|
||||||
|
synapse.metrics:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
synapse.http.federation.well_known_resolver:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
synapse.storage.TIME:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
synapse.http.matrixfederationclient:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
root:
|
||||||
|
level: INFO
|
||||||
|
handlers: [file, journal]
|
||||||
|
EOF
|
180
type/__matrix_synapse/man.rst
Normal file
180
type/__matrix_synapse/man.rst
Normal file
|
@ -0,0 +1,180 @@
|
||||||
|
cdist-type__matrix_synapse(7)
|
||||||
|
======================
|
||||||
|
|
||||||
|
NAME
|
||||||
|
----
|
||||||
|
cdist-type__matrix_synapse - Install and configure Synapse, a Matrix homeserver
|
||||||
|
|
||||||
|
|
||||||
|
DESCRIPTION
|
||||||
|
-----------
|
||||||
|
This type install and configure the Synapse Matrix homeserver. This is a
|
||||||
|
signleton type.
|
||||||
|
|
||||||
|
|
||||||
|
REQUIRED PARAMETERS
|
||||||
|
-------------------
|
||||||
|
server_name
|
||||||
|
Name of your homeserver (e.g. ungleich.ch) used as part of your MXIDs. This
|
||||||
|
value cannot be changed without meddling with the database once the server is
|
||||||
|
being used.
|
||||||
|
|
||||||
|
base_url
|
||||||
|
Public URL of your homeserver (e.g. http://matrix.ungleich.ch).
|
||||||
|
|
||||||
|
database_engine
|
||||||
|
'sqlite3' or 'postgresql'
|
||||||
|
|
||||||
|
database_name
|
||||||
|
Path to the database if SQLite3 is used or database name if PostgresSQL is
|
||||||
|
used.
|
||||||
|
|
||||||
|
OPTIONAL PARAMETERS
|
||||||
|
-------------------
|
||||||
|
database_host
|
||||||
|
Database node address, only used with PostgresSQL.
|
||||||
|
|
||||||
|
database_user
|
||||||
|
Database user, only used with PostgresSQL.
|
||||||
|
|
||||||
|
database_password
|
||||||
|
Database password, only used with PostgresSQL.
|
||||||
|
|
||||||
|
ldap_uri
|
||||||
|
Address of your LDAP server.
|
||||||
|
|
||||||
|
ldap_base_dn
|
||||||
|
Base DN of your LDAP tree.
|
||||||
|
|
||||||
|
ldap_uid_attribute
|
||||||
|
LDAP attriute mapping to Synapse's uid field, default to uid.
|
||||||
|
|
||||||
|
ldap_mail_attribute
|
||||||
|
LDAP attriute mapping to Synapse's mail field, default to mail.
|
||||||
|
|
||||||
|
ldap_name_attribute
|
||||||
|
LDAP attriute mapping to Synapse's name field, default to givenName.
|
||||||
|
|
||||||
|
ldap_bind_dn
|
||||||
|
User used to authenticate against your LDAP server in 'search' mode.
|
||||||
|
|
||||||
|
ldap_bind_password
|
||||||
|
Password used to authenticate against your LDAP server in 'search' mode.
|
||||||
|
|
||||||
|
ldap_filter
|
||||||
|
LDAP user filter, defaulting to `(objectClass=posixAccount)`.
|
||||||
|
|
||||||
|
turn_uri
|
||||||
|
URI to TURN server, can be provided multiple times if there is more than one
|
||||||
|
server.
|
||||||
|
|
||||||
|
turn_shared_secret
|
||||||
|
Shared secret used to access the TURN REST API.
|
||||||
|
|
||||||
|
turn_user_lifetime
|
||||||
|
Lifetime of TURN credentials. Defaults to 1h.
|
||||||
|
|
||||||
|
max_upload_size
|
||||||
|
Maximum size for user-uploaded files. Defaults to 10M.
|
||||||
|
|
||||||
|
rc_message_per_second
|
||||||
|
Message rate-limiting (per second). Defaults to 0.17.
|
||||||
|
|
||||||
|
rc_message_burst
|
||||||
|
Message rate-limiting (burst). Defaults to 3.
|
||||||
|
|
||||||
|
rc_login_per_second
|
||||||
|
Login rate-limiting (per-second). Defaults to 0.17.
|
||||||
|
|
||||||
|
rc_login_burst
|
||||||
|
Login rate-limiting (burst). Defaults to 3.
|
||||||
|
|
||||||
|
branding_auth_header_logo_url
|
||||||
|
A logo that is shown in the header during authentication flows.
|
||||||
|
|
||||||
|
branding_auth_footer_links
|
||||||
|
A list of links to show in the authentication page footer: `[{"text": "Link text", "url": "https://link.target"}, {"text": "Other link", ...}]`
|
||||||
|
|
||||||
|
registration_allows_email_pattern
|
||||||
|
Only allow email addresses matching specified filter. Can be specified multiple times. A pattern must look like `.*@vector\.im`.
|
||||||
|
|
||||||
|
auto_join_room
|
||||||
|
Room where newly-registered users are automatically added. Can be specified multiple times.
|
||||||
|
|
||||||
|
app_service_config_file
|
||||||
|
Path (on remote) of an application service configuration file to load. Can be specified multiple times.
|
||||||
|
|
||||||
|
extra_setting
|
||||||
|
Arbitrary string to be added to the configuration file. Can be specified multiple times.
|
||||||
|
|
||||||
|
BOOLEAN PARAMETERS
|
||||||
|
------------------
|
||||||
|
allow_registration
|
||||||
|
Enables user registration on the homeserver.
|
||||||
|
|
||||||
|
enable_ldap_auth
|
||||||
|
Enables ldap-backed authentication.
|
||||||
|
|
||||||
|
ldap_search_mode
|
||||||
|
Enables 'search' mode for LDAP auth backend.
|
||||||
|
|
||||||
|
report_stats
|
||||||
|
Whether or not to report anonymized homeserver usage statistics.
|
||||||
|
|
||||||
|
expose_metrics
|
||||||
|
Expose metrics endpoint for Prometheus.
|
||||||
|
|
||||||
|
disable_federation
|
||||||
|
Disable federation to the broader matrix network.
|
||||||
|
|
||||||
|
registration_require_email
|
||||||
|
Make email a required field on registration.
|
||||||
|
|
||||||
|
allow_public_rooms_over_federation
|
||||||
|
Allow other homeservers to fetch this server's public room directory.
|
||||||
|
|
||||||
|
allow_public_rooms_without_auth
|
||||||
|
If set to 'false', requires authentication to access the server's public rooms directory through the client API.
|
||||||
|
|
||||||
|
enable_server_notices
|
||||||
|
Enable the server notices room.
|
||||||
|
|
||||||
|
global_cache_factor
|
||||||
|
Controls the global cache factor, which is the default cache factor
|
||||||
|
for all caches if a specific factor for that cache is not otherwise
|
||||||
|
set. Defaults to 0.5.
|
||||||
|
|
||||||
|
event_cache_size
|
||||||
|
Number of events to cache in memory. Defaults to 10K.
|
||||||
|
|
||||||
|
allow_guest_access
|
||||||
|
Allows users to register as guests without a password/email/etc, and
|
||||||
|
participate in rooms hosted on this server which have been made accessible to
|
||||||
|
anonymous users.
|
||||||
|
|
||||||
|
EXAMPLES
|
||||||
|
--------
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
__matrix_synapse --server_name ungleich.ch \
|
||||||
|
--base_url https://matrix.ungleich.ch \
|
||||||
|
--database_engine sqlite3 \
|
||||||
|
--database_name /var/lib/matrix-syanpse/homeserver.db
|
||||||
|
|
||||||
|
SEE ALSO
|
||||||
|
--------
|
||||||
|
- `cdist-type__matrix_riot(7) <cdist-type__matrix_riot.html>`_
|
||||||
|
|
||||||
|
|
||||||
|
AUTHORS
|
||||||
|
-------
|
||||||
|
Timothée Floure <timothee.floure@ungleich.ch>
|
||||||
|
|
||||||
|
|
||||||
|
COPYING
|
||||||
|
-------
|
||||||
|
Copyright \(C) 2019 Timothée Floure. You can redistribute it
|
||||||
|
and/or modify it under the terms of the GNU General Public License as
|
||||||
|
published by the Free Software Foundation, either version 3 of the
|
||||||
|
License, or (at your option) any later version.
|
320
type/__matrix_synapse/manifest
Executable file
320
type/__matrix_synapse/manifest
Executable file
|
@ -0,0 +1,320 @@
|
||||||
|
#!/bin/sh -e
|
||||||
|
#
|
||||||
|
# 2019 Timothée Floure (timothee.floure@ungleich.ch)
|
||||||
|
#
|
||||||
|
# This file is part of cdist.
|
||||||
|
#
|
||||||
|
# cdist is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 3 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
#
|
||||||
|
# cdist is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
#
|
||||||
|
|
||||||
|
# OS-specific configuration.
|
||||||
|
os=$(cat "$__global/explorer/os")
|
||||||
|
distribution=$(cat "$__global/explorer/lsb_codename")
|
||||||
|
|
||||||
|
case "$os" in
|
||||||
|
debian)
|
||||||
|
synapse_user=matrix-synapse
|
||||||
|
synapse_pkg=matrix-synapse
|
||||||
|
synapse_service=matrix-synapse
|
||||||
|
ldap_auth_provider_pkg=matrix-synapse-ldap3
|
||||||
|
psycopg2_pkg=python3-psycopg2
|
||||||
|
synapse_conf_dir='/etc/matrix-synapse'
|
||||||
|
synapse_data_dir='/var/lib/matrix-synapse'
|
||||||
|
|
||||||
|
if [ ! -f "$__global/explorer/lsb_codename" ]; then
|
||||||
|
ls "$__global/explorer" >&2
|
||||||
|
echo "Could not determine Debian release, ensure that lsb-release is installed on the target." >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
fedora)
|
||||||
|
synapse_user=synapse
|
||||||
|
synapse_pkg=matrix-synapse
|
||||||
|
synapse_service=synapse
|
||||||
|
ldap_auth_provider_pkg=python-matrix-synapse-ldap3
|
||||||
|
synapse_conf_dir='/etc/synapse'
|
||||||
|
synapse_data_dir='/var/lib/synapse'
|
||||||
|
;;
|
||||||
|
freebsd)
|
||||||
|
synapse_user=synapse
|
||||||
|
synapse_pkg=py36-matrix-synapse
|
||||||
|
synapse_service=synapse
|
||||||
|
ldap_auth_provider_pkg=py36-matrix-synapse-ldap3
|
||||||
|
synapse_conf_dir='/usr/local/etc/matrix-synapse'
|
||||||
|
synapse_data_dir='/var/matrix-synapse'
|
||||||
|
;;
|
||||||
|
alpine)
|
||||||
|
echo "As of 2019-12-19 matrix-synapse is not in alpine stable. Exiting."
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
|
||||||
|
printf "Please contribute an implementation for it if you can.\n" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# Required parameters:
|
||||||
|
SERVER_NAME=$(cat "$__object/parameter/server_name")
|
||||||
|
export SERVER_NAME
|
||||||
|
BASE_URL=$(cat "$__object/parameter/base_url")
|
||||||
|
export BASE_URL
|
||||||
|
|
||||||
|
export DATA_DIR=$synapse_data_dir
|
||||||
|
export LOG_DIR='/var/log/matrix-synapse'
|
||||||
|
export PIDFILE='/var/run/matrix/homeserver.pid'
|
||||||
|
export LOG_CONFIG_PATH="$synapse_conf_dir/log.yaml"
|
||||||
|
export SIGNING_KEY_PATH="$synapse_conf_dir/signin.key"
|
||||||
|
|
||||||
|
DATABASE_ENGINE=$(cat "$__object/parameter/database_engine")
|
||||||
|
export DATABASE_ENGINE
|
||||||
|
DATABASE_NAME=$(cat "$__object/parameter/database_name")
|
||||||
|
export DATABASE_NAME
|
||||||
|
|
||||||
|
# Optional parameters:
|
||||||
|
DATABASE_HOST=$(cat "$__object/parameter/database_host")
|
||||||
|
export DATABASE_HOST
|
||||||
|
DATABASE_USER=$(cat "$__object/parameter/database_user")
|
||||||
|
export DATABASE_USER
|
||||||
|
DATABASE_PASSWORD=$(cat "$__object/parameter/database_password")
|
||||||
|
export DATABASE_PASSWORD
|
||||||
|
|
||||||
|
GLOBAL_CACHE_FACTOR=$(cat "$__object/parameter/global_cache_factor")
|
||||||
|
export GLOBAL_CACHE_FACTOR
|
||||||
|
EVENT_CACHE_SIZE=$(cat "$__object/parameter/event_cache_size")
|
||||||
|
export EVENT_CACHE_SIZE
|
||||||
|
|
||||||
|
LDAP_FILTER=$(cat "$__object/parameter/ldap_filter")
|
||||||
|
export LDAP_FILTER
|
||||||
|
LDAP_UID_ATTRIBUTE=$(cat "$__object/parameter/ldap_uid_attribute")
|
||||||
|
export LDAP_UID_ATTRIBUTE
|
||||||
|
LDAP_MAIL_ATTRIBUTE=$(cat "$__object/parameter/ldap_mail_attribute")
|
||||||
|
export LDAP_MAIL_ATTRIBUTE
|
||||||
|
LDAP_NAME_ATTRIBUTE=$(cat "$__object/parameter/ldap_name_attribute")
|
||||||
|
export LDAP_NAME_ATTRIBUTE
|
||||||
|
LDAP_URI=$(cat "$__object/parameter/ldap_uri")
|
||||||
|
export LDAP_URI
|
||||||
|
LDAP_BASE_DN=$(cat "$__object/parameter/ldap_base_dn")
|
||||||
|
export LDAP_BASE_DN
|
||||||
|
LDAP_BIND_DN=$(cat "$__object/parameter/ldap_bind_dn")
|
||||||
|
export LDAP_BIND_DN
|
||||||
|
LDAP_BIND_PASSWORD=$(cat "$__object/parameter/ldap_bind_password")
|
||||||
|
export LDAP_BIND_PASSWORD
|
||||||
|
|
||||||
|
TURN_USER_LIFETIME=$(cat "$__object/parameter/turn_user_lifetime")
|
||||||
|
export TURN_USER_LIFETIME
|
||||||
|
if [ -f "$__object/parameter/turn_shared_secret" ]; then
|
||||||
|
TURN_SHARED_SECRET=$(cat "$__object/parameter/turn_shared_secret")
|
||||||
|
export TURN_SHARED_SECRET
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/turn_uri" ]; then
|
||||||
|
uris=$(tr "\n" "," < "$__object/parameter/turn_uri" | sed 's/,$//')
|
||||||
|
export TURN_URIS="[$uris]"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/registration_allows_email_pattern" ]; then
|
||||||
|
RESGISTRATION_ALLOWS_EMAIL_PATTERN=$(cat "$__object/parameter/registration_allows_email_pattern")
|
||||||
|
export RESGISTRATION_ALLOWS_EMAIL_PATTERN
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/auto_join_room" ]; then
|
||||||
|
AUTO_JOIN_ROOMS="$(cat "$__object/parameter/auto_join_room")"
|
||||||
|
export AUTO_JOIN_ROOMS
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/app_service_config_file" ]; then
|
||||||
|
APP_SERVICE_CONFIG_FILES=$(cat "$__object/parameter/app_service_config_file")
|
||||||
|
export APP_SERVICE_CONFIG_FILES
|
||||||
|
fi
|
||||||
|
|
||||||
|
MAX_UPLOAD_SIZE=$(cat "$__object/parameter/max_upload_size")
|
||||||
|
export MAX_UPLOAD_SIZE
|
||||||
|
RIOT_BASE_URL=$(cat "$__object/parameter/riot_base_url")
|
||||||
|
export RIOT_BASE_URL
|
||||||
|
|
||||||
|
SMTP_HOST=$(cat "$__object/parameter/smtp_host")
|
||||||
|
export SMTP_HOST
|
||||||
|
SMTP_PORT=$(cat "$__object/parameter/smtp_port")
|
||||||
|
export SMTP_PORT
|
||||||
|
SMTP_USER=$(cat "$__object/parameter/smtp_user")
|
||||||
|
export SMTP_USER
|
||||||
|
SMTP_PASS=$(cat "$__object/parameter/smtp_pass")
|
||||||
|
export SMTP_PASS
|
||||||
|
|
||||||
|
RC_MESSAGE_PER_SECOND=$(cat "$__object/parameter/rc_message_per_second")
|
||||||
|
export RC_MESSAGE_PER_SECOND
|
||||||
|
RC_MESSAGE_BURST=$(cat "$__object/parameter/rc_message_burst")
|
||||||
|
export RC_MESSAGE_BURST
|
||||||
|
RC_LOGIN_PER_SECOND=$(cat "$__object/parameter/rc_login_per_second")
|
||||||
|
export RC_LOGIN_PER_SECOND
|
||||||
|
RC_LOGIN_BURST=$(cat "$__object/parameter/rc_login_burst")
|
||||||
|
export RC_LOGIN_BURST
|
||||||
|
|
||||||
|
if [ -f "$__object/parameter/extra_setting" ]; then
|
||||||
|
EXTRA_SETTINGS=$(cat "$__object/parameter/extra_setting")
|
||||||
|
export EXTRA_SETTINGS
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Boolean parameters:
|
||||||
|
if [ -f "$__object/parameter/report_stats" ]; then
|
||||||
|
export REPORT_STATS='true'
|
||||||
|
else
|
||||||
|
export REPORT_STATS='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/allow_registration" ]; then
|
||||||
|
export ALLOW_REGISTRATION='true'
|
||||||
|
else
|
||||||
|
export ALLOW_REGISTRATION='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/enable_ldap_auth" ]; then
|
||||||
|
export ENABLE_LDAP_AUTH='true'
|
||||||
|
else
|
||||||
|
export ENABLE_LDAP_AUTH='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/ldap_search_mode" ]; then
|
||||||
|
export LDAP_SEARCH_MODE=1
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/expose_metrics" ]; then
|
||||||
|
export EXPOSE_METRICS='true'
|
||||||
|
else
|
||||||
|
export EXPOSE_METRICS='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/enable_notifications" ]; then
|
||||||
|
export ENABLE_NOTIFICATIONS='true'
|
||||||
|
else
|
||||||
|
export ENABLE_NOTIFICATIONS='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/enable_notifications_by_default" ]; then
|
||||||
|
export ENABLE_NOTIFICATIONS_BY_DEFAULT='true'
|
||||||
|
else
|
||||||
|
export ENABLE_NOTIFICATIONS_BY_DEFAULT='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/smtp_requires_tls" ]; then
|
||||||
|
export SMTP_TLS='true'
|
||||||
|
else
|
||||||
|
export SMTP_TLS='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/disable_federation" ]; then
|
||||||
|
export DISABLE_FEDERATION='true'
|
||||||
|
else
|
||||||
|
export DISABLE_FEDERATION='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/allow_guest_access" ]; then
|
||||||
|
export ALLOW_GUEST_ACCESS='true'
|
||||||
|
else
|
||||||
|
export ALLOW_GUEST_ACCESS='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/registration_requires_email" ]; then
|
||||||
|
export REGISTRATION_REQUIRES_EMAIL=1
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/allow_public_rooms_over_federation" ]; then
|
||||||
|
export ALLOW_PUBLIC_ROOMS_OVER_FEDERATION='true'
|
||||||
|
else
|
||||||
|
export ALLOW_PUBLIC_ROOMS_OVER_FEDERATION='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/allow_public_rooms_without_auth" ]; then
|
||||||
|
export ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH='true'
|
||||||
|
else
|
||||||
|
export ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH='false'
|
||||||
|
fi
|
||||||
|
if [ -f "$__object/parameter/enable_server_notices" ]; then
|
||||||
|
export ENABLE_SERVER_NOTICES=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Specific case for debian-buster, boilerplate but there's not much I can do
|
||||||
|
# about it.
|
||||||
|
|
||||||
|
installation_reqs=""
|
||||||
|
if [ "$os" = "debian" ] && [ "$distribution" = "buster" ]; then
|
||||||
|
# Enable debian-backports for debian Buster, as the 'stable'
|
||||||
|
# matrix-synapse package is ways too old (< 1.0).
|
||||||
|
__apt_source debian-backports \
|
||||||
|
--uri http://deb.debian.org/debian/ \
|
||||||
|
--distribution "$distribution-backports" \
|
||||||
|
--component main
|
||||||
|
require="__apt_source/debian-backports" __apt_update_index
|
||||||
|
|
||||||
|
# Install base matrix-synapse package.
|
||||||
|
require="__apt_update_index" __package_apt $synapse_pkg \
|
||||||
|
--state present \
|
||||||
|
--target-release "$distribution-backports"
|
||||||
|
|
||||||
|
# Install LdapAuthProvider module if LDAP auth is enabled.
|
||||||
|
if [ "$ENABLE_LDAP_AUTH" = "true" ]; then
|
||||||
|
require="__package_apt/$synapse_pkg" __package_apt $ldap_auth_provider_pkg \
|
||||||
|
--state present \
|
||||||
|
--target-release "$distribution-backports"
|
||||||
|
installation_reqs="$installation_reqs __package_apt/$ldap_auth_provider_pkg"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# For some reason, psycopg2 is not considered a dependency of
|
||||||
|
# matrix-synapse in matrix.org's APT repository.
|
||||||
|
if [ "$DATABASE_ENGINE" = "psycopg2" ]; then
|
||||||
|
require="__package_apt/$synapse_pkg" __package_apt $psycopg2_pkg \
|
||||||
|
--state present
|
||||||
|
installation_reqs="$installation_reqs __package_apt/$psycopg2_pkg"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Used for dependency order resolution.
|
||||||
|
installation_reqs="$installation_reqs __package_apt/$synapse_pkg"
|
||||||
|
else
|
||||||
|
# Install base matrix-synapse package.
|
||||||
|
__package $synapse_pkg --state present
|
||||||
|
|
||||||
|
# Install LdapAuthProvider module if LDAP auth is enabled.
|
||||||
|
if [ "$ENABLE_LDAP_AUTH" = "true" ]; then
|
||||||
|
require="__package/$synapse_pkg" __package $ldap_auth_provider_pkg \
|
||||||
|
--state present
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Used for dependency order resolution.
|
||||||
|
installation_reqs="__package/$synapse_pkg"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Generate and deploy configuration files.
|
||||||
|
mkdir -p "$__object/files"
|
||||||
|
"$__type/files/homeserver.yaml.sh" > "$__object/files/homeserver.yaml"
|
||||||
|
"$__type/files/log.config.sh" > "$__object/files/log.config"
|
||||||
|
|
||||||
|
require="$installation_reqs" __file "$synapse_conf_dir/homeserver.yaml" \
|
||||||
|
--state present \
|
||||||
|
--owner $synapse_user \
|
||||||
|
--mode 600 \
|
||||||
|
--source "$__object/files/homeserver.yaml"
|
||||||
|
require="$installation_reqs" __file "$LOG_CONFIG_PATH" \
|
||||||
|
--state present \
|
||||||
|
--owner $synapse_user \
|
||||||
|
--mode 600 \
|
||||||
|
--source "$__object/files/log.config"
|
||||||
|
require="$installation_reqs" __directory $DATA_DIR --state present --owner $synapse_user
|
||||||
|
require="$installation_reqs" __directory $LOG_DIR --state present --owner $synapse_user
|
||||||
|
|
||||||
|
# Work around dpkg-reconfigure for Debian package.
|
||||||
|
RESTART_REQUIRES="__file/$synapse_conf_dir/homeserver.yaml"
|
||||||
|
if [ "$os" = "debian" ]; then
|
||||||
|
require="$installation_reqs" __file "$synapse_conf_dir/conf.d/server_name.yaml" \
|
||||||
|
--state present --owner $synapse_user --source - << EOF
|
||||||
|
server_name: "$SERVER_NAME"
|
||||||
|
EOF
|
||||||
|
require="$installation_reqs" __file "$synapse_conf_dir/conf.d/report_stats.yaml" \
|
||||||
|
--state present --owner $synapse_user --source - << EOF
|
||||||
|
report_stats: $REPORT_STATS
|
||||||
|
EOF
|
||||||
|
|
||||||
|
RESTART_REQUIRES="$RESTART_REQUIRES __file/$synapse_conf_dir/conf.d/server_name.yaml \
|
||||||
|
__file/$synapse_conf_dir/conf.d/report_stats.yaml"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Restart synapse homeserver to reload configuration.
|
||||||
|
require="$RESTART_REQUIRES" __service $synapse_service --action restart
|
14
type/__matrix_synapse/parameter/boolean
Normal file
14
type/__matrix_synapse/parameter/boolean
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
allow_registration
|
||||||
|
enable_ldap_auth
|
||||||
|
ldap_search_mode
|
||||||
|
report_stats
|
||||||
|
expose_metrics
|
||||||
|
enable_notifications
|
||||||
|
enable_notifications_by_default
|
||||||
|
smtp_requires_tls
|
||||||
|
disable_federation
|
||||||
|
registration_requires_email
|
||||||
|
allow_public_rooms_over_federation
|
||||||
|
enable_server_notices
|
||||||
|
allow_guest_access
|
||||||
|
allow_public_rooms_without_auth
|
0
type/__matrix_synapse/parameter/default/database_host
Normal file
0
type/__matrix_synapse/parameter/default/database_host
Normal file
0
type/__matrix_synapse/parameter/default/database_user
Normal file
0
type/__matrix_synapse/parameter/default/database_user
Normal file
1
type/__matrix_synapse/parameter/default/event_cache_size
Normal file
1
type/__matrix_synapse/parameter/default/event_cache_size
Normal file
|
@ -0,0 +1 @@
|
||||||
|
10K
|
|
@ -0,0 +1 @@
|
||||||
|
0.5
|
0
type/__matrix_synapse/parameter/default/ldap_base_dn
Normal file
0
type/__matrix_synapse/parameter/default/ldap_base_dn
Normal file
0
type/__matrix_synapse/parameter/default/ldap_bind_dn
Normal file
0
type/__matrix_synapse/parameter/default/ldap_bind_dn
Normal file
1
type/__matrix_synapse/parameter/default/ldap_filter
Normal file
1
type/__matrix_synapse/parameter/default/ldap_filter
Normal file
|
@ -0,0 +1 @@
|
||||||
|
(objectClass=posixAccount)
|
|
@ -0,0 +1 @@
|
||||||
|
mail
|
|
@ -0,0 +1 @@
|
||||||
|
givenName
|
|
@ -0,0 +1 @@
|
||||||
|
uid
|
0
type/__matrix_synapse/parameter/default/ldap_uri
Normal file
0
type/__matrix_synapse/parameter/default/ldap_uri
Normal file
1
type/__matrix_synapse/parameter/default/max_upload_size
Normal file
1
type/__matrix_synapse/parameter/default/max_upload_size
Normal file
|
@ -0,0 +1 @@
|
||||||
|
10M
|
1
type/__matrix_synapse/parameter/default/rc_login_burst
Normal file
1
type/__matrix_synapse/parameter/default/rc_login_burst
Normal file
|
@ -0,0 +1 @@
|
||||||
|
3
|
|
@ -0,0 +1 @@
|
||||||
|
0.17
|
1
type/__matrix_synapse/parameter/default/rc_message_burst
Normal file
1
type/__matrix_synapse/parameter/default/rc_message_burst
Normal file
|
@ -0,0 +1 @@
|
||||||
|
3
|
|
@ -0,0 +1 @@
|
||||||
|
0.17
|
1
type/__matrix_synapse/parameter/default/smtp_host
Normal file
1
type/__matrix_synapse/parameter/default/smtp_host
Normal file
|
@ -0,0 +1 @@
|
||||||
|
localhost
|
0
type/__matrix_synapse/parameter/default/smtp_pass
Normal file
0
type/__matrix_synapse/parameter/default/smtp_pass
Normal file
1
type/__matrix_synapse/parameter/default/smtp_port
Normal file
1
type/__matrix_synapse/parameter/default/smtp_port
Normal file
|
@ -0,0 +1 @@
|
||||||
|
25
|
0
type/__matrix_synapse/parameter/default/smtp_user
Normal file
0
type/__matrix_synapse/parameter/default/smtp_user
Normal file
|
@ -0,0 +1 @@
|
||||||
|
1h
|
25
type/__matrix_synapse/parameter/optional
Normal file
25
type/__matrix_synapse/parameter/optional
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
database_host
|
||||||
|
database_user
|
||||||
|
database_password
|
||||||
|
ldap_uri
|
||||||
|
ldap_base_dn
|
||||||
|
ldap_uid_attribute
|
||||||
|
ldap_mail_attribute
|
||||||
|
ldap_name_attribute
|
||||||
|
ldap_bind_dn
|
||||||
|
ldap_bind_password
|
||||||
|
ldap_filter
|
||||||
|
turn_shared_secret
|
||||||
|
turn_user_lifetime
|
||||||
|
max_upload_size
|
||||||
|
smtp_host
|
||||||
|
smtp_port
|
||||||
|
smtp_user
|
||||||
|
smtp_pass
|
||||||
|
riot_base_url
|
||||||
|
rc_message_per_second
|
||||||
|
rc_message_burst
|
||||||
|
rc_login_per_second
|
||||||
|
rc_login_burst
|
||||||
|
global_cache_factor
|
||||||
|
event_cache_size
|
5
type/__matrix_synapse/parameter/optional_multiple
Normal file
5
type/__matrix_synapse/parameter/optional_multiple
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
turn_uri
|
||||||
|
registration_allows_email_pattern
|
||||||
|
auto_join_room
|
||||||
|
app_service_config_file
|
||||||
|
extra_setting
|
4
type/__matrix_synapse/parameter/required
Normal file
4
type/__matrix_synapse/parameter/required
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
server_name
|
||||||
|
base_url
|
||||||
|
database_engine
|
||||||
|
database_name
|
0
type/__matrix_synapse/singleton
Normal file
0
type/__matrix_synapse/singleton
Normal file
Loading…
Reference in a new issue