207 lines
6.5 KiB

  1. #!/bin/bash
  2. ## Init is run on host
  3. ## For now it is run every time the script is launched, but
  4. ## it should be launched only once after build.
  5. ## Accessible variables are:
  6. ## - SERVICE_NAME Name of current service
  7. ## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
  8. ## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
  9. ## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
  10. . lib/common
  11. # Please note that postgres detect on its own if its datadir needs to be populated
  12. service_def=$(get_compose_service_def "$SERVICE_NAME") || return 1
  13. options="$(e "$service_def" | shyaml -y get-value options)" || true
  14. SYNAPSE_OPTIONS=(
  15. server_name:string ## The server name
  16. report_stats:bool ## Enable anon stat reporting back to the Matrix project
  17. enable_registration:bool ## Enable registration on the Synapse instance.
  18. allow_guest_access:bool ## allow guest joining this server.
  19. event_cache_size:size ## event cache size [default 10K].
  20. max_upload_size:size ## max upload size [default 10M].
  21. ## shared secrets
  22. registration_shared_secret:string ## registrering users if registration is disable.
  23. macaroon_secret_key:string ## secret for signing access tokens to the server.
  24. ## recaptcha
  25. recaptcha_public_key:string ## required to have recaptcha upon registration
  26. recaptcha_private_key:string ## required to have recaptcha upon registration
  27. enable_registration_captcha:bool ## required to have recaptcha upon registration
  28. recaptcha_siteverify_api:string
  29. ## others
  30. soft_file_limit:numeric
  31. rc_messages_per_second:float
  32. rc_message_burst_count:float
  33. federation_rc_window_size:numeric
  34. federation_rc_sleep_limit:numeric
  35. federation_rc_sleep_delay:numeric
  36. federation_rc_reject_limit:numeric
  37. federation_rc_concurrent:numeric
  38. max_image_pixels:size
  39. dynamic_thumbnails:bool
  40. url_preview_enabled:bool
  41. max_spider_size:size
  42. bcrypt_rounds:numeric
  43. enable_group_creation:bool
  44. trusted_third_party_id_servers:sequence
  45. enable_metrics:bool
  46. room_invite_state_types:sequence
  47. expire_access_token:bool
  48. key_refresh_interval:string
  49. perspectives:struct
  50. password_config:struct
  51. ## NOT SUPPORTED YET
  52. #thumbnail_sizes
  53. )
  54. OPTIONS_CONCAT=" ${SYNAPSE_OPTIONS[*]} "
  55. yaml_opts=()
  56. while read-0 key val; do
  57. key_option="$key"
  58. case "$OPTIONS_CONCAT" in
  59. *" ${key_option}:bool "*)
  60. case "${val,,}" in
  61. true|ok|yes|y|1)
  62. val="\"yes\""
  63. ;;
  64. false|ko|nok|no|n|0)
  65. val="\"no\""
  66. ;;
  67. *)
  68. die "Invalid value for ${WHITE}$key$NORMAL, please use a boolean value."
  69. ;;
  70. esac
  71. ;;
  72. *" ${key_option}:numeric "*)
  73. if ! is_int "$val"; then
  74. die "Invalid value for ${WHITE}$key$NORMAL, please use numeric value."
  75. fi
  76. ;;
  77. *" ${key_option}:float "*)
  78. if ! is_float "$val"; then
  79. die "Invalid value for ${WHITE}$key$NORMAL, please use float value."
  80. fi
  81. ;;
  82. *" ${key_option}:struct "*)
  83. val_type=$(e "$val" | shyaml get-type) || return 1
  84. if [ "$val_type" != "struct" ]; then
  85. die "Invalid value for ${WHITE}$key$NORMAL, please use struct value."
  86. fi
  87. ;;
  88. *" ${key_option}:sequence "*)
  89. val_type=$(e "$val" | shyaml get-type) || return 1
  90. if [ "$val_type" != "sequence" ]; then
  91. die "Invalid value for ${WHITE}$key$NORMAL, please use sequence value."
  92. fi
  93. ;;
  94. *" ${key_option}:string "*)
  95. :
  96. ;;
  97. *" ${key_option}:size "*)
  98. [[ "${val}" =~ ^[0-9\.]+[KkMmGgTtPp]$ ]] || {
  99. die "Unknown size specification '${val}'."
  100. }
  101. ;;
  102. *)
  103. case "${key//_/-}" in
  104. *) die "Unknown option ${WHITE}$key$NORMAL.";;
  105. esac
  106. continue
  107. ;;
  108. esac
  109. yaml_opts+=("$key" "$val")
  110. done < <(e "$options" | shyaml key-values-0)
  111. setup_dirs || exit 1
  112. cfg-base || exit 1
  113. cfg-merge "$options" || exit 1
  114. HOST_KEY_DIR=$SERVICE_DATASTORE$DATA_DIR/keys
  115. for name_secret in registration_shared_secret macaroon_secret_key; do
  116. secret=$(e "$options" | shyaml -q get-value "$name_secret") || true
  117. if [ "$secret" == "None" ]; then
  118. secret=""
  119. fi
  120. coming_from_file=
  121. key_file="$HOST_KEY_DIR/${name_secret}.key"
  122. if [ -z "$secret" ]; then
  123. if [ -e "$key_file" ]; then
  124. secret="$(cat "$key_file")"
  125. coming_from_file=true
  126. else
  127. secret="$(gen_password 64)"
  128. fi
  129. cfg-merge "${name_secret}: \"$secret\"" || exit 1
  130. fi
  131. if [ -z "$coming_from_file" ]; then
  132. e "$secret" > "$key_file"
  133. chown -v "$uid:$gid" "$key_file" &&
  134. chmod -v 600 "$key_file" || exit 1
  135. fi
  136. done
  137. ## XXXvlab: what to do with appservices ?
  138. # environ["SYNAPSE_APPSERVICES"] = glob.glob("/data/appservices/*.yaml")
  139. # {% if SYNAPSE_APPSERVICES %}
  140. # app_service_config_files:
  141. # {% for appservice in SYNAPSE_APPSERVICES %} - "{{ appservice }}"
  142. # {% endfor %}
  143. # {% else %}
  144. # app_service_config_files: []
  145. # {% endif %}
  146. # ## Turn ##
  147. # {% if SYNAPSE_TURN_URIS %}
  148. # turn_uris:
  149. # {% for uri in SYNAPSE_TURN_URIS.split(',') %} - "{{ uri }}"
  150. # {% endfor %}
  151. # turn_shared_secret: "{{ SYNAPSE_TURN_SECRET }}"
  152. # turn_user_lifetime: "1h"
  153. # turn_allow_guests: True
  154. # {% else %}
  155. # turn_uris: []
  156. # turn_shared_secret: "YOUR_SHARED_SECRET"
  157. # turn_user_lifetime: "1h"
  158. # turn_allow_guests: True
  159. # {% endif %}
  160. ## XXXvlab: for SMTP relation
  161. # {% if SYNAPSE_SMTP_HOST %}
  162. # email:
  163. # enable_notifs: false
  164. # smtp_host: "{{ SYNAPSE_SMTP_HOST }}"
  165. # smtp_port: {{ SYNAPSE_SMTP_PORT or "25" }}
  166. # smtp_user: "{{ SYNAPSE_SMTP_USER }}"
  167. # smtp_pass: "{{ SYNAPSE_SMTP_PASSWORD }}"
  168. # require_transport_security: False
  169. # notif_from: "{{ SYNAPSE_SMTP_FROM or "hostmaster@" + SYNAPSE_SERVER_NAME }}"
  170. # app_name: Matrix
  171. # # if template_dir is unset, uses the example templates that are part of
  172. # # the Synapse distribution.
  173. # #template_dir: res/templates
  174. # notif_template_html: notif_mail.html
  175. # notif_template_text: notif_mail.txt
  176. # notif_for_new_users: True
  177. # riot_base_url: "https://{{ SYNAPSE_SERVER_NAME }}"
  178. # {% endif %}