Another matrix implementation

src/freedombone-app-matrix

@@ -0,0 +1,394 @@
+#!/bin/bash
+#
+# .---.                  .              .
+# |                      |              |
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
+#
+#                    Freedom in the Cloud
+#
+# matrix server
+#
+# https://raw.githubusercontent.com/silvio/docker-matrix
+#
+# License
+# =======
+#
+# Copyright (C) 2016 Bob Mottram <bob@freedombone.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS=''
+
+IN_DEFAULT_INSTALL=0
+SHOW_ON_ABOUT=1
+
+MATRIX_DATA_DIR='/var/lib/matrix'
+MATRIX_TURN_PORT=3478
+MATRIX_PORT=8448
+MATRIX_REPO="https://github.com/matrix-org/synapse"
+MATRIX_COMMIT='f5a4001bb116c468cc5e8e0ae04a1c570e2cb171'
+
+matrix_variables=(ONION_ONLY
+                  MY_USERNAME
+                  MATRIX_PASSWORD
+                  DEFAULT_DOMAIN_NAME)
+
+function matrix_generate_turn_key {
+    local turnkey="${1}"
+    local filepath="${2}"
+
+    echo "lt-cred-mech" > "${filepath}"
+    echo "use-auth-secret" >> "${filepath}"
+    echo "static-auth-secret=${turnkey}" >> "${filepath}"
+    echo "realm=turn.${DEFAULT_DOMAIN_NAME}" >> "${filepath}"
+    echo "cert=${MATRIX_DATA_DIR}/${DEFAULT_DOMAIN_NAME}.tls.crt" >> "${filepath}"
+    echo "pkey=${MATRIX_DATA_DIR}/${DEFAULT_DOMAIN_NAME}.tls.key" >> "${filepath}"
+}
+
+function matrix_generate_synapse_file {
+    local filepath="${1}"
+
+    cd /etc/matrix
+    python -m synapse.app.homeserver \
+           --config-path "${filepath}" \
+           --generate-config \
+           --report-stats ${REPORT_STATS} \
+           --server-name ${DEFAULT_DOMAIN_NAME}
+}
+
+function matrix_configure_homeserver_yaml {
+    local turnkey="${1}"
+    local filepath="${2}"
+
+    local ymltemp="$(mktemp)"
+
+    awk -v TURNURIES="turn_uris: [\"turn:${DEFAULT_DOMAIN_NAME}:${MATRIX_TURN_PORT}?transport=udp\", \"turn:${DEFAULT_DOMAIN_NAME}:${MATRIX_TURN_PORT}?transport=tcp\"]" \
+        -v TURNSHAREDSECRET="turn_shared_secret: \"${turnkey}\"" \
+        -v PIDFILE="pid_file: ${MATRIX_DATA_DIR}/homeserver.pid" \
+        -v DATABASE="database: \"${MATRIX_DATA_DIR}/homeserver.db\"" \
+        -v LOGFILE="log_file: \"${MATRIX_DATA_DIR}/homeserver.log\"" \
+        -v MEDIASTORE="media_store_path: \"${MATRIX_DATA_DIR}/media_store\"" \
+        '{
+        sub(/turn_shared_secret: "YOUR_SHARED_SECRET"/, TURNSHAREDSECRET);
+        sub(/turn_uris: \[\]/, TURNURIES);
+        sub(/pid_file: \/homeserver.pid/, PIDFILE);
+        sub(${MATRIX_DATA_DIR}base: "\/homeserver.db"/, DATABASE);
+        sub(/log_file: "\/homeserver.log"/, LOGFILE);
+        sub(/media_store_path: "\/media_store"/, MEDIASTORE);
+        print;
+        }' "${filepath}" > "${ymltemp}"
+
+    mv ${ymltemp} "${filepath}"
+}
+
+function matrix_start {
+    if [ -f ${MATRIX_DATA_DIR}/turnserver.conf ]; then
+        echo "-=> start turn"
+        /usr/bin/turnserver --daemon -c ${MATRIX_DATA_DIR}/turnserver.conf
+    fi
+
+    echo "-=> start riot.im client"
+    (
+        if [ -f ${MATRIX_DATA_DIR}/vector.im.conf ] || [ -f ${MATRIX_DATA_DIR}/riot.im.conf ] ; then
+            echo "The riot web client is now handled via silvio/matrix-riot-docker"
+        fi
+    )
+
+    echo "-=> start matrix"
+    python -m synapse.app.homeserver --config-path ${MATRIX_DATA_DIR}/homeserver.yaml
+}
+
+function matrix_stop {
+    echo "-=> stop matrix"
+    echo "-=> via docker stop ..."
+}
+
+
+function matrix_diff {
+    echo "-=> Diff between local configfile and a fresh generated config file"
+    echo "-=>      some values are different in technical point of view, like"
+    echo "-=>      autogenerated secret keys etc..."
+
+    DIFFPARAMS="${DIFFPARAMS:-Naur}"
+    DEFAULT_DOMAIN_NAME="${DEFAULT_DOMAIN_NAME:-demo_server_name}"
+    REPORT_STATS="${REPORT_STATS:-no_or_yes}"
+    export DEFAULT_DOMAIN_NAME REPORT_STATS
+
+    matrix_generate_synapse_file /tmp/homeserver.synapse.yaml
+    diff -${DIFFPARAMS} /tmp/homeserver.synapse.yaml ${MATRIX_DATA_DIR}/homeserver.yaml
+    rm /tmp/homeserver.synapse.yaml
+}
+
+function matrix_generate {
+    breakup="0"
+    [[ -z "${DEFAULT_DOMAIN_NAME}" ]] && echo "STOP! environment variable DEFAULT_DOMAIN_NAME must be set" && breakup="1"
+    [[ -z "${REPORT_STATS}" ]] && echo "STOP! environment variable REPORT_STATS must be set to 'no' or 'yes'" && breakup="1"
+    [[ "${breakup}" == "1" ]] && exit 1
+
+    [[ "${REPORT_STATS}" != "yes" ]] && [[ "${REPORT_STATS}" != "no" ]] && \
+        echo "STOP! REPORT_STATS needs to be 'no' or 'yes'" && breakup="1"
+
+    echo "-=> generate turn config"
+    turnkey=$(pwgen -s 64 1)
+    matrix_generate_turn_key $turnkey ${MATRIX_DATA_DIR}/turnserver.conf
+
+    echo "-=> generate synapse config"
+    matrix_generate_synapse_file ${MATRIX_DATA_DIR}/homeserver.tmp
+
+    echo "-=> configure some settings in homeserver.yaml"
+    matrix_configure_homeserver_yaml $turnkey ${MATRIX_DATA_DIR}/homeserver.tmp
+
+    mv ${MATRIX_DATA_DIR}/homeserver.tmp ${MATRIX_DATA_DIR}/homeserver.yaml
+}
+
+function remove_user_matrix {
+    remove_username="$1"
+
+    ${PROJECT_NAME}-pass -u $remove_username --rmapp matrix
+
+    # TODO
+}
+
+function add_user_matrix {
+    new_username="$1"
+    new_user_password="$2"
+
+    ${PROJECT_NAME}-pass -u $new_username -a matrix -p "$new_user_password"
+
+    cd /etc/matrix
+    register_new_matrix_user -c ${MATRIX_DATA_DIR}/homeserver.yaml https://localhost:${MATRIX_PORT} -u "${new_username}" -p "${new_user_password}" -a
+    echo '0'
+}
+
+function install_interactive_matrix {
+    echo -n ''
+    APP_INSTALLED=1
+}
+
+function change_password_matrix {
+    curr_username="$1"
+    new_user_password="$2"
+
+    #${PROJECT_NAME}-pass -u "$curr_username" -a matrix -p "$new_user_password"
+}
+
+function reconfigure_matrix {
+    echo -n ''
+}
+
+function upgrade_matrix {
+    function_check set_repo_commit
+    set_repo_commit /etc/matrix "matrix commit" "$MATRIX_COMMIT" $MATRIX_REPO
+
+    pip install --upgrade --process-dependency-links .
+    chown -R matrix:matrix /etc/matrix
+    chown -R matrix:matrix /var/lib/matrix
+}
+
+function backup_local_matrix {
+    source_directory=/etc/matrix
+    if [ -d $source_directory ]; then
+        systemctl stop matrix
+        function_check backup_directory_to_usb
+        backup_directory_to_usb $source_directory matrix
+        source_directory=/var/lib/matrix
+        if [ -d $source_directory ]; then
+            backup_directory_to_usb $source_directory matrixdata
+        fi
+        systemctl start matrix
+    fi
+}
+
+function restore_local_matrix {
+    if [ -d /etc/matrix ]; then
+        systemctl stop matrix
+
+        temp_restore_dir=/root/tempmatrix
+        function_check restore_directory_from_usb
+        restore_directory_from_usb $temp_restore_dir matrix
+        cp -r $temp_restore_dir/etc/matrix/* /etc/matrix
+        if [ ! "$?" = "0" ]; then
+            function_check backup_unmount_drive
+            backup_unmount_drive
+            exit 3783
+        fi
+        rm -rf $temp_restore_dir
+        chown -R matrix:matrix /etc/matrix
+
+        temp_restore_dir=/root/tempmatrixdata
+        restore_directory_from_usb $temp_restore_dir matrixdata
+        cp -r $temp_restore_dir/var/lib/matrix/* /var/lib/matrix
+        if [ ! "$?" = "0" ]; then
+            function_check backup_unmount_drive
+            backup_unmount_drive
+            exit 78352
+        fi
+        rm -rf $temp_restore_dir
+        chown -R matrix:matrix /var/lib/matrix
+
+        systemctl start matrix
+    fi
+}
+
+function backup_remote_matrix {
+    source_directory=/etc/matrix
+    if [ -d $source_directory ]; then
+        systemctl stop matrix
+        function_check backup_directory_to_friend
+        backup_directory_to_friend $source_directory matrix
+        source_directory=/var/lib/matrix
+        if [ -d $source_directory ]; then
+            backup_directory_to_friend $source_directory matrixdata
+        fi
+        systemctl start matrix
+    fi
+}
+
+function restore_remote_synapse {
+    if [ -d /etc/matrix ]; then
+        systemctl stop matrix
+
+        temp_restore_dir=/root/tempmatrix
+        function_check restore_directory_from_friend
+        restore_directory_from_friend $temp_restore_dir matrix
+        cp -r $temp_restore_dir/etc/matrix/* /etc/matrix
+        if [ ! "$?" = "0" ]; then
+            exit 38935
+        fi
+        rm -rf $temp_restore_dir
+        chown -R matrix:matrix /etc/matrix
+
+        temp_restore_dir=/root/tempmatrixdata
+        restore_directory_from_friend $temp_restore_dir matrixdata
+        cp -r $temp_restore_dir/var/lib/matrix/* /var/lib/matrix
+        if [ ! "$?" = "0" ]; then
+            exit 60923
+        fi
+        rm -rf $temp_restore_dir
+        chown -R matrix:matrix /var/lib/matrix
+
+        systemctl start matrix
+    fi
+}
+
+function remove_matrix {
+    firewall_remove ${MATRIX_PORT}
+    firewall_remove ${MATRIX_TURN_PORT}
+    systemctl stop matrix
+    systemcrl disable matrix
+    if [ -f /etc/systemd/system/matrix.service ]; then
+        rm /etc/systemd/system/matrix.service
+    fi
+    apt-get -y remove --purge coturn
+    cd /etc/matrix
+    pip uninstall .
+    rm -rf $MATRIX_DATA_DIR
+    rm -rf /etc/matrix
+    deluser matrix
+    delgroup matrix
+    remove_onion_service matrix ${MATRIX_PORT}
+
+    remove_completion_param install_matrix
+    sed -i '/matrix/d' $COMPLETION_FILE
+}
+
+function install_matrix {
+    if [[ ${ONION_ONLY} == 'no' ]]; then
+        # obtain a cert for the default domain
+        if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
+            echo $'Obtaining certificate for the main domain'
+            create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
+        fi
+    fi
+
+    REBUILD=1
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get -yq install coreutils coturn \
+            curl file gcc git libevent-2.0-5 \
+            libevent-dev libffi-dev libffi6 \
+            libgnutls28-dev libjpeg62-turbo \
+            libjpeg62-turbo-dev libldap-2.4-2 \
+            libldap2-dev libsasl2-dev \
+            libsqlite3-dev libssl-dev \
+            libssl1.0.0 libtool libxml2 \
+            libxml2-dev libxslt1-dev libxslt1.1 \
+            make pwgen python python-dev \
+            python-pip python-psycopg2 \
+            python-virtualenv sqlite unzip \
+            zlib1g zlib1g-dev
+
+    pip install --upgrade pip
+    pip install --upgrade python-ldap
+    pip install --upgrade lxml
+
+    if [ ! -d /etc/matrix ]; then
+        function_check git_clone
+        git_clone $MATRIX_REPO /etc/matrix
+        if [ ! -d /etc/matrix ]; then
+            echo $'Unable to clone matrix repo'
+            exit 6724683
+        fi
+    fi
+
+    cd /etc/matrix
+    git checkout $MATRIX_COMMIT -b $MATRIX_COMMIT
+    set_completion_param "matrix commit" "$MATRIX_COMMIT"
+    pip install --upgrade --process-dependency-links .
+    if [ ! "$?" = "0" ]; then
+        exit 782542
+    fi
+
+    groupadd matrix
+    useradd -c "Matrix system account" -d /var/lib/matrix -m -r -g matrix matrix
+
+    chown -R matrix:matrix /etc/matrix
+    chown -R matrix:matrix /var/lib/matrix
+
+    echo '[Unit]' > /etc/systemd/system/matrix.service
+    echo 'Description=Matrix federated messaging' >> /etc/systemd/system/matrix.service
+    echo '' >> /etc/systemd/system/matrix.service
+    echo '[Service]' >> /etc/systemd/system/matrix.service
+    echo 'Type=simple' >> /etc/systemd/system/matrix.service
+    echo 'User=matrix' >> /etc/systemd/system/matrix.service
+    echo "WorkingDirectory=/etc/matrix" >> /etc/systemd/system/matrix.service
+    echo "ExecStart=/usr/bin/turnserver --daemon -c ${MATRIX_DATA_DIR}/turnserver.conf" >> /etc/systemd/system/matrix.service
+    echo "ExecStart=/usr/bin/python -m synapse.app.homeserver --config-path ${MATRIX_DATA_DIR}/homeserver.yaml" >> /etc/systemd/system/matrix.service
+    echo 'Restart=always' >> /etc/systemd/system/matrix.service
+    echo 'RestartSec=10' >> /etc/systemd/system/matrix.service
+    echo '' >> /etc/systemd/system/matrix.service
+    echo '[Install]' >> /etc/systemd/system/matrix.service
+    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/matrix.service
+    systemctl enable matrix
+    systemctl daemon-reload
+    systemctl start matrix
+
+    update_default_domain
+
+    firewall_add matrix ${MATRIX_PORT}
+    firewall_add matrix-turn ${MATRIX_TURN_PORT}
+
+    MATRIX_ONION_HOSTNAME=$(add_onion_service matrix ${MATRIX_PORT} ${MATRIX_PORT})
+    if [ ! ${MATRIX_PASSWORD} ]; then
+        if [ -f ${IMAGE_PASSWORD_FILE} ]; then
+            MATRIX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+        else
+            MATRIX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+        fi
+    fi
+
+    add_user_matrix "${MY_USERNAME}" "${MATRIX_PASSWORD}"
+    APP_INSTALLED=1
+}