From d872f1d4f069717ca3f746b572a2c9e35ced02f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= <timothee.floure@posteo.net>
Date: Wed, 1 Dec 2021 15:55:34 +0100
Subject: [PATCH] __matrix_synapse: add --turn-username and --turn-password
 flags

---
 type/__matrix_synapse/files/homeserver.yaml.sh | 18 +++++++++++++++---
 type/__matrix_synapse/man.rst                  |  8 ++++++++
 type/__matrix_synapse/manifest                 | 10 ++++++++++
 type/__matrix_synapse/parameter/optional       |  2 ++
 4 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/type/__matrix_synapse/files/homeserver.yaml.sh b/type/__matrix_synapse/files/homeserver.yaml.sh
index 2952919..5ba7d1a 100755
--- a/type/__matrix_synapse/files/homeserver.yaml.sh
+++ b/type/__matrix_synapse/files/homeserver.yaml.sh
@@ -1175,14 +1175,26 @@ fi
 cat << EOF
 # The shared secret used to compute passwords for the TURN server
 #
-turn_shared_secret: "$TURN_SHARED_SECRET"
+EOF
 
+if [ -n "$TURN_SHARED_SECRET" ]; then
+	echo "turn_shared_secret: \"$TURN_SHARED_SECRET\""
+fi
+
+cat << EOF
 # The Username and password if the TURN server needs them and
 # does not use a token
 #
-#turn_username: "TURNSERVER_USERNAME"
-#turn_password: "TURNSERVER_PASSWORD"
+EOF
 
+if [ -n "$TURN_USERNAME" ] || [ "$TURN_PASSWORD" ]; then
+	cat <<- EOF
+	turn_username: "$TURN_USERNAME"
+	turn_password: "$TURN_PASSWORD"
+	EOF
+fi
+
+cat << EOF
 # How long generated TURN credentials last
 #
 turn_user_lifetime: ${TURN_USER_LIFETIME:?}
diff --git a/type/__matrix_synapse/man.rst b/type/__matrix_synapse/man.rst
index 4eb23bb..c3de79d 100644
--- a/type/__matrix_synapse/man.rst
+++ b/type/__matrix_synapse/man.rst
@@ -133,6 +133,14 @@ turn-uri
 turn-shared-secret
   Shared secret used to access the TURN REST API.
 
+turn-username
+  Username used to authenticate against the TURN server if needed / a shared
+  secret token is not used.
+
+turn-password
+  Password used to authenticate against the TURN server if needed / a shared
+  secret token is not used.
+
 turn-user-lifetime
   Lifetime of TURN credentials. Defaults to 1h.
 
diff --git a/type/__matrix_synapse/manifest b/type/__matrix_synapse/manifest
index d2bb9fd..dbf318f 100755
--- a/type/__matrix_synapse/manifest
+++ b/type/__matrix_synapse/manifest
@@ -246,6 +246,16 @@ if [ -f "$__object/parameter/turn-uri" ]; then
 	export TURN_URIS
 fi
 
+if [ -f "$__object/parameter/turn-username" ]; then
+	TURN_USERNAME=$(cat "$__object/parameter/turn-username")
+	export TURN_USERNAME
+fi
+
+if [ -f "$__object/parameter/turn-password" ]; then
+	TURN_PASSWORD=$(cat "$__object/parameter/turn-password")
+	export TURN_PASSWORD
+fi
+
 # Worker-mode configuration.
 export MAIN_LISTENER_PORT=8008
 export ENABLE_MEDIA_REPO='true'
diff --git a/type/__matrix_synapse/parameter/optional b/type/__matrix_synapse/parameter/optional
index 1378365..67250d7 100644
--- a/type/__matrix_synapse/parameter/optional
+++ b/type/__matrix_synapse/parameter/optional
@@ -13,6 +13,8 @@ ldap-bind-password
 ldap-filter
 turn-shared-secret
 turn-user-lifetime
+turn-username
+turn-password
 max-upload-size
 smtp-host
 smtp-port