andreas/synapse-app-mas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update to 1.0.0

Browse Source
This commit is contained in:
Matthias
2019-06-20 12:15:59 +02:00
parent b91565e4c1
commit ad1d4b3c4a
6 changed files with 91 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
CHANGELOG
View File

@@ -1,39 +1,5 @@
[0.2.2] [0.1.0]
* Update to synapse v0.99.5.2 * Initial version
[0.2.1]
* Update to synapse v0.99.5.1
[0.2.0]
* Update to synapse v0.99.4
[0.1.9]
* Update to synapse v0.99.3
[0.1.8]
* Update to synapse v0.99.0
* Fixed missing LDAP stuff
[0.1.7]
* Update to synapse v0.33.9
[0.1.6]
* Update to synapse v0.33.8
[0.1.5]
* Update to synapse v0.31.2
[0.1.4]
* Changed log location of synapse due to backup crashes
* Updated some configs
[0.1.3]
* Changed log location of nginx due to backup crashes
[0.1.2]
* Updated logo (transparent)
* Enabled email settings
[0.1.1] [0.1.1]
* Removed the Riot part of the installation due to security * Removed the Riot part of the installation due to security
@@ -43,5 +9,43 @@
* Added bogus index.html so cloudron recognizes the matrix server as online * Added bogus index.html so cloudron recognizes the matrix server as online
* Added coturn as TURN server * Added coturn as TURN server
[0.1.0] [0.1.2]
* Initial version * Updated logo (transparent)
* Enabled email settings
[0.1.3]
* Changed log location of nginx due to backup crashes
[0.1.4]
* Changed log location of synapse due to backup crashes
* Updated some configs
[0.1.5]
* Update to synapse v0.31.2
[0.1.6]
* Update to synapse v0.33.8
[0.1.7]
* Update to synapse v0.33.9
[0.1.8]
* Update to synapse v0.99.0
* Fixed missing LDAP stuff
[0.1.9]
* Update to synapse v0.99.3
[0.2.0]
* Update to synapse v0.99.4
[0.2.1]
* Update to synapse v0.99.5.1
[0.2.2]
* Update to synapse v0.99.5.2
[0.2.3]
* Update to synapse v1.0.0
* Fixed url preview
* Fixed voip

2
CloudronManifest.json
View File

@@ -5,7 +5,7 @@
"description": "file://DESCRIPTION.md", "description": "file://DESCRIPTION.md",
"changelog": "file://CHANGELOG", "changelog": "file://CHANGELOG",
"tagline": "standalone matrix server", "tagline": "standalone matrix server",
"version": "0.2.2", "version": "0.2.3",
"healthCheckPath": "/", "healthCheckPath": "/",
"httpPort": 8000, "httpPort": 8000,
"memoryLimit": 536870912, "memoryLimit": 536870912,

26
Dockerfile
View File

@@ -6,7 +6,7 @@ RUN mkdir -p /app/code/nginx
WORKDIR /app/code WORKDIR /app/code
ENV MATRIXVERSION=v0.99.5.2 ENV MATRIXVERSION=v1.0.0
EXPOSE 8000 EXPOSE 8000
EXPOSE 3478/udp EXPOSE 3478/udp
@@ -19,26 +19,24 @@ RUN rm -rf /var/log/nginx && ln -sf /run/nginx_log /var/log/nginx
# TURN # TURN
RUN apt update && apt-get install -y coturn RUN apt update && apt-get install -y coturn
RUN sed -e 's,#TURNSERVER_ENABLED=1,TURNSERVER_ENABLED=1,' -i /etc/default/coturn \ RUN sed -e 's,#TURNSERVER_ENABLED=1,TURNSERVER_ENABLED=1,' -i /etc/default/coturn && \
&& rm /etc/turnserver.conf \ rm /etc/turnserver.conf && \
&& ln -s /app/data/turnserver.conf /etc/turnserver.conf ln -s /app/data/turnserver.conf /etc/turnserver.conf
# Synapse # Synapse
# a local copy is needed because of the mail templates, else the pip installation would suffice # a local copy is needed because of the mail templates, else the pip installation would suffice
RUN git clone https://github.com/matrix-org/synapse.git RUN git clone https://github.com/matrix-org/synapse.git
RUN cd /app/code/synapse && git pull origin master RUN cd /app/code/synapse && git pull origin master
RUN apt-get install -y build-essential python2.7-dev libffi-dev libldap2-dev libsasl2-dev \ RUN apt-get install -y build-essential python3-dev libffi-dev \
python-pip python-setuptools sqlite3 \ python3-pip python-setuptools sqlite3 libxml2-dev \
libssl-dev libjpeg-dev libxslt1-dev libssl-dev python-virtualenv libjpeg-dev libxslt1-dev libldap2-dev libsasl2-dev && \
RUN pip install --upgrade pip rm -rf /var/cache/apt /var/lib/apt/lists
RUN pip install --upgrade setuptools
RUN pip install psycopg2-binary py-bcrypt python-ldap matrix-synapse-ldap3 lxml netaddr twisted jinja2
RUN pip install https://github.com/matrix-org/synapse/archive/${MATRIXVERSION}.tar.gz
#https://github.com/matrix-org/synapse/tarball/master
# copy index.html RUN pip3 install --upgrade pip
COPY index.html /app/code/nginx RUN pip3 install --upgrade setuptools
RUN pip3 install psycopg2-binary python-ldap matrix-synapse-ldap3 lxml netaddr twisted jinja2 bleach bcrypt
RUN pip3 install https://github.com/matrix-org/synapse/archive/${MATRIXVERSION}.tar.gz
RUN chown -R www-data.www-data /app/code RUN chown -R www-data.www-data /app/code

8
index.html
View File

@@ -1,8 +0,0 @@
<html>
<head>
<title> Cloudron Matrix app </title>
</head>
<body>
<h1 style="text-align: center;">Server online!</h1>
</body>
</html>

11
nginx_matrix.conf
View File

@@ -7,14 +7,15 @@ server {
# required, else the limit is 1mb # required, else the limit is 1mb
client_max_body_size 20M; client_max_body_size 20M;
location /_matrix { # location /_matrix {
# proxy_pass http://localhost:8448;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
location / {
proxy_pass http://localhost:8008; proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
} }
location / {
root /app/code/nginx;
index index.html;
}
} }

58
start_matrix.sh
View File

@@ -2,7 +2,7 @@
set -eux set -eux
if [[ ! -d /app/data/synapse ]]; then if [[ ! -f /app/data/synapse/homeserver.yaml ]]; then
echo "=> Detected first run" echo "=> Detected first run"
# create dirs (for whatever reason the nginx dir couldn't get created by nginx) # create dirs (for whatever reason the nginx dir couldn't get created by nginx)
@@ -27,11 +27,10 @@ if [[ ! -d /app/data/synapse ]]; then
cp -r /app/code/synapse/synapse/res/templates /app/data/templates cp -r /app/code/synapse/synapse/res/templates /app/data/templates
# set default TURN listening port # set default TURN listening port
if [ -z ${TURN_TLS_PORT+x} ]; then TURN_TLS_PORT="5349"; else echo "TURN_TLS_PORT is set to '$TURN_TLS_PORT'"; fi if [ -z ${TURN_TLS_PORT+x} ]; then TURN_TLS_PORT="3478"; else echo "TURN_TLS_PORT is set to '$TURN_TLS_PORT'"; fi
mkdir -p /app/data/synapse
cd /app/data/synapse cd /app/data/synapse
python -m synapse.app.homeserver \ python3 -m synapse.app.homeserver \
--server-name ${APP_DOMAIN} \ --server-name ${APP_DOMAIN} \
--config-path homeserver.yaml \ --config-path homeserver.yaml \
--report-stats=no \ --report-stats=no \
@@ -39,9 +38,8 @@ if [[ ! -d /app/data/synapse ]]; then
# synapse config # synapse config
sed -i "s/server_name:.*/server_name: ${APP_DOMAIN}/" homeserver.yaml sed -i "s/server_name:.*/server_name: ${APP_DOMAIN}/" homeserver.yaml
sed -i "s/#public_baseurl:.*/public_baseurl: https:\/\/${APP_DOMAIN}/" homeserver.yaml
sed -i "s/web_client:.*/web_client: False/" homeserver.yaml sed -i "s/web_client:.*/web_client: False/" homeserver.yaml
sed -i "s,- webclient .*,# - webclient # The bundled webclient," homeserver.yaml
sed -i "s/client, webclient/client/" homeserver.yaml
sed -i "s/bind_addresses: \['::1'.*/bind_addresses: \['0.0.0.0'\]/" homeserver.yaml sed -i "s/bind_addresses: \['::1'.*/bind_addresses: \['0.0.0.0'\]/" homeserver.yaml
sed -i "s/sqlite3/psycopg2/" homeserver.yaml sed -i "s/sqlite3/psycopg2/" homeserver.yaml
sed -i "s/ database: .*/ user: ${POSTGRESQL_USERNAME}\n password: ${POSTGRESQL_PASSWORD}\n database: ${POSTGRESQL_DATABASE}\n host: ${POSTGRESQL_HOST}\n cp_min: 5\n cp_max: 10/" homeserver.yaml sed -i "s/ database: .*/ user: ${POSTGRESQL_USERNAME}\n password: ${POSTGRESQL_PASSWORD}\n database: ${POSTGRESQL_DATABASE}\n host: ${POSTGRESQL_HOST}\n cp_min: 5\n cp_max: 10/" homeserver.yaml
@@ -64,6 +62,19 @@ if [[ ! -d /app/data/synapse ]]; then
sed -i "s/turn_allow_guests:.*/turn_allow_guests: False/" homeserver.yaml sed -i "s/turn_allow_guests:.*/turn_allow_guests: False/" homeserver.yaml
sed -i "s/enable_group_creation:.*/enable_group_creation: True/" homeserver.yaml sed -i "s/enable_group_creation:.*/enable_group_creation: True/" homeserver.yaml
sed -i "s/enable_group_creation:.*/enable_group_creation: True/" homeserver.yaml sed -i "s/enable_group_creation:.*/enable_group_creation: True/" homeserver.yaml
sed -i "s/#url_preview_enabled:.*/url_preview_enabled: true/" homeserver.yaml
sed -i "s/#url_preview_ip_range_blacklist.*/url_preview_ip_range_blacklist:\n - '127.0.0.0\/8'\n - '10.0.0.0\/8'/" homeserver.yaml
# also enable the tls port, not quite sure why this is needed, but without it, no integratiosn are possible
sed -i "s/#- port: 8448/- port: 8448/" homeserver.yaml
sed -i "s/# type: http/ type: http/" homeserver.yaml
sed -i "s/# tls: true/ tls: true/" homeserver.yaml
sed -i "s/# resources:/ resources:/" homeserver.yaml
sed -i "s/# - names: \[client, federation\]/ - names: \[client, federation\]/" homeserver.yaml
sed -i "s/#tls_certificate_path:/tls_certificate_path:/" homeserver.yaml
sed -i "s/#tls_private_key_path:/tls_private_key_path:/" homeserver.yaml
# get synapse log name and set path # get synapse log name and set path
LOG_CONFIG=$(ls *.log.config) LOG_CONFIG=$(ls *.log.config)
@@ -73,7 +84,7 @@ if [[ ! -d /app/data/synapse ]]; then
# coturn # coturn
TURNPWD=$(pwgen -s 64 1) TURNPWD=$(pwgen -s 64 1)
sed -i "s/#tls-listening-port=5349/tls-listening-port=5349/" /app/data/turnserver.conf sed -i "s/#tls-listening-port=5349/tls-listening-port=3478/" /app/data/turnserver.conf
sed -i "s/#realm=mycompany.org/realm=${APP_DOMAIN}/" /app/data/turnserver.conf sed -i "s/#realm=mycompany.org/realm=${APP_DOMAIN}/" /app/data/turnserver.conf
sed -i "s/#lt-cred-mech/lt-cred-mech/" /app/data/turnserver.conf sed -i "s/#lt-cred-mech/lt-cred-mech/" /app/data/turnserver.conf
sed -i "s/#use-auth-secret/use-auth-secret/" /app/data/turnserver.conf sed -i "s/#use-auth-secret/use-auth-secret/" /app/data/turnserver.conf
@@ -88,47 +99,36 @@ if [[ ! -d /app/data/synapse ]]; then
# get cert names from synapse # get cert names from synapse
TLS_CRT=$(ls *.tls.crt) TLS_CRT=$(ls *.tls.crt)
TLS_KEY=$(ls *.tls.key) TLS_KEY=$(ls *.tls.key)
TLS_DH=$(ls *.tls.dh) #TLS_DH=$(ls *.tls.dh)
sed -i "s,#cert=.*,cert=/app/data/synapse/${TLS_CRT}," /app/data/turnserver.conf sed -i "s,#cert=.*,cert=/app/data/synapse/${TLS_CRT}," /app/data/turnserver.conf
sed -i "s,#pkey=.*,pkey=/app/data/synapse/${TLS_KEY}," /app/data/turnserver.conf sed -i "s,#pkey=.*,pkey=/app/data/synapse/${TLS_KEY}," /app/data/turnserver.conf
#sed -i "s,#dh-file=.*,dh-file=/app/data/synapse/${TLS_DH}," /app/data/turnserver.conf #sed -i "s,#dh-file=.*,dh-file=/app/data/synapse/${TLS_DH}," /app/data/turnserver.conf
# set up email # set up email
sed -i 's/#email:/email:/' homeserver.yaml sed -i 's/#email:/email:/' homeserver.yaml
sed -i 's/# enable_notifs: false/ enable_notifs: false/' homeserver.yaml sed -i 's/# enable_notifs: false/ enable_notifs: true/' homeserver.yaml
sed -i 's/# smtp_host: \"localhost\"/ smtp_host: \"${MAIL_SMTP_SERVER}\"/' homeserver.yaml sed -i 's/# smtp_host: \"localhost\"/ smtp_host: \"${MAIL_SMTP_SERVER}\"/' homeserver.yaml
sed -i 's/# smtp_port: .*/ smtp_port: ${MAIL_SMTP_PORT}/' homeserver.yaml sed -i 's/# smtp_port: .*/ smtp_port: ${MAIL_SMTP_PORT}/' homeserver.yaml
sed -i 's/# smtp_user: \"exampleusername\"/ smtp_user: \"${MAIL_SMTP_USERNAME}\"/' homeserver.yaml sed -i 's/# smtp_user: \"exampleusername\"/ smtp_user: \"${MAIL_SMTP_USERNAME}\"/' homeserver.yaml
sed -i 's/# smtp_pass: \"examplepassword\"/ smtp_pass: \"${MAIL_SMTP_PASSWORD}\"/' homeserver.yaml sed -i 's/# smtp_pass: \"examplepassword\"/ smtp_pass: \"${MAIL_SMTP_PASSWORD}\"/' homeserver.yaml
sed -i 's/# require_transport_security: False/ require_transport_security: True/' homeserver.yaml sed -i 's/# require_transport_security: False/ require_transport_security: false/' homeserver.yaml
sed -i "s/# notif_from: .*/ notif_from: \"Your Friendly Matrix Home Server <${MAIL_FROM}>\"/" homeserver.yaml sed -i "s/# notif_from: .*/ notif_from: \"Your Friendly Matrix Home Server <${MAIL_FROM}>\"/" homeserver.yaml
sed -i 's/# app_name: Matrix/ app_name: Matrix/' homeserver.yaml sed -i 's/# app_name: Matrix/ app_name: Matrix/' homeserver.yaml
sed -i 's/# template_dir: res\/templates/ template_dir: \/app\/data\/templates/' homeserver.yaml sed -i 's/# notif_template_html: .*/ notif_template_html: notif_mail.html/' homeserver.yaml
sed -i 's/# notif_template_html: notif_mail.html/ notif_template_html: notif_mail.html/' homeserver.yaml sed -i 's/# notif_template_text: .*/ notif_template_text: notif_mail.txt/' homeserver.yaml
sed -i 's/# notif_template_text: notif_mail.txt/ notif_template_text: notif_mail.txt/' homeserver.yaml
sed -i 's/# notif_for_new_users: True/ notif_for_new_users: True/' homeserver.yaml sed -i 's/# notif_for_new_users: True/ notif_for_new_users: True/' homeserver.yaml
fi fi
mkdir -p /app/data/synapse \ # logs
/app/data/nginx/fastcgi \ mkdir -p /run/nginx_log /run/synapse /run/turn_log
/run/nginx_log \
/run/synapse \
/run/turn_log
# fix permissions
chown -R www-data.www-data /run/synapse \
/run/turn_log \
/app/data
chown -R www-data.www-data /app/data
# fix permissions
chown -R www-data.www-data /run/synapse /run/turn_log /app/data
cd /app/data/synapse cd /app/data/synapse
# check if TURN port has changed and update it # check if TURN port has changed and update it
if [ -z ${TURN_TLS_PORT+x} ]; then TURN_TLS_PORT="5349"; fi if [ -z ${TURN_TLS_PORT+x} ]; then TURN_TLS_PORT="3478"; fi
sed -i "s/turn_uris: .*/turn_uris: [\"turn:${APP_DOMAIN}:${TURN_TLS_PORT}?transport=udp\", \"turn:${APP_DOMAIN}:${TURN_TLS_PORT}?transport=tcp\"]/" homeserver.yaml sed -i "s/turn_uris: .*/turn_uris: [\"turn:${APP_DOMAIN}:${TURN_TLS_PORT}?transport=udp\", \"turn:${APP_DOMAIN}:${TURN_TLS_PORT}?transport=tcp\"]/" homeserver.yaml
sed -i "s/tls-listening-port=.*/tls-listening-port=${TURN_TLS_PORT}/" /app/data/turnserver.conf sed -i "s/tls-listening-port=.*/tls-listening-port=${TURN_TLS_PORT}/" /app/data/turnserver.conf
@@ -150,6 +150,6 @@ sed -i "s/ smtp_port:.*/ smtp_port: ${MAIL_SMTP_PORT}/" homeserver.yaml
sed -i "s/ smtp_user:.*/ smtp_user: \"${MAIL_SMTP_USERNAME}\"/" homeserver.yaml sed -i "s/ smtp_user:.*/ smtp_user: \"${MAIL_SMTP_USERNAME}\"/" homeserver.yaml
sed -i "s/ smtp_pass:.*/ smtp_pass: \"${MAIL_SMTP_PASSWORD}\"/" homeserver.yaml sed -i "s/ smtp_pass:.*/ smtp_pass: \"${MAIL_SMTP_PASSWORD}\"/" homeserver.yaml
gosu www-data python -m synapse.app.homeserver --config-path homeserver.yaml &> /dev/null & gosu www-data python3 -m synapse.app.homeserver --config-path homeserver.yaml &> /dev/null &
exec /usr/sbin/nginx -g 'daemon off;' exec /usr/sbin/nginx -g 'daemon off;'