Added plus support for element and matrix
This commit is contained in:
root
parent
1c7bbd4208
commit
b968aaff53
@ -3,6 +3,7 @@
|
||||
# Element Service
|
||||
|
||||
PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
. /etc/federated
|
||||
|
||||
config_element() {
|
||||
echo -ne "* Configuring element container.."
|
||||
@ -36,6 +37,8 @@ networks:
|
||||
external: true
|
||||
EOF
|
||||
|
||||
[[ "${PLUS}" = "true" ]] && sed -i "s/letsencrypt/httpresolver/g" /federated/apps/element/docker-compose.yml
|
||||
|
||||
cat > /federated/apps/element/.env <<EOF
|
||||
IMAGE_VERSION="v1.11.33"
|
||||
EOF
|
||||
@ -126,5 +129,24 @@ start_element() {
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service "element" "nc -z 192.168.0.20 80 &> /dev/null" "7"
|
||||
|
||||
[[ "${PLUS}" != "true" ]] && docker exec pdns pdnsutil add-record $DOMAIN element A 86400 $EXTERNALIP &> /dev/null
|
||||
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
uninstall_element() {
|
||||
echo -ne "* Uninstalling element container.."
|
||||
|
||||
# First stop the service
|
||||
cd /federated/apps/element && docker compose -f docker-compose.yml -p element down &> /dev/null
|
||||
|
||||
# Delete the app directory
|
||||
rm -rf /federated/apps/element
|
||||
|
||||
# Delete the image
|
||||
docker image rm vectorim/element-web:$IMAGE_VERSION &> /dev/null
|
||||
|
||||
# Delete the DNS record
|
||||
[[ "${PLUS}" != "true" ]] && docker exec pdns pdnsutil delete-rrset $DOMAIN element A
|
||||
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
|
||||
@ -3,6 +3,7 @@
|
||||
# Matrix Service
|
||||
|
||||
PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
. /etc/federated
|
||||
get_appvars
|
||||
|
||||
config_matrix() {
|
||||
@ -10,16 +11,16 @@ config_matrix() {
|
||||
|
||||
if [ ! -d "/federated/apps/matrix" ]; then
|
||||
mkdir -p /federated/apps/matrix/data/matrix &> /dev/null
|
||||
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
|
||||
chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
|
||||
if [[ "${PLUS}" != "true" ]]; then
|
||||
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
|
||||
chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
|
||||
fi
|
||||
chown -R 991:991 /federated/apps/matrix/data/matrix
|
||||
fi
|
||||
|
||||
MATRIX_SECRET=$(create_password);
|
||||
|
||||
cat > /federated/apps/matrix/docker-compose.yml <<EOF
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
matrix:
|
||||
image: matrixdotorg/synapse:\${IMAGE_VERSION}
|
||||
@ -46,6 +47,8 @@ networks:
|
||||
external: true
|
||||
EOF
|
||||
|
||||
[[ "${PLUS}" = "true" ]] && sed -i "s/letsencrypt/httpresolver/g" /federated/apps/matrix/docker-compose.yml
|
||||
|
||||
cat > /federated/apps/matrix/.env <<EOF
|
||||
IMAGE_VERSION="v1.100.0"
|
||||
EOF
|
||||
@ -62,6 +65,36 @@ sed -i 's!name: sqlite3!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
||||
sed -i 's!args:!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
||||
|
||||
# Insert our Postgres and LDAP config
|
||||
if [[ "${PLUS}" = "true" ]]; then
|
||||
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
||||
|
||||
web_client_location: https://element.$DOMAIN/
|
||||
public_baseurl: https://matrix.$DOMAIN/
|
||||
serve_server_wellknown: true
|
||||
turn_uris: [ "turn:turn.$DOMAIN?transport=udp", "turn:turn.$DOMAIN?transport=tcp" ]
|
||||
turn_shared_secret: "$COTURN_MATRIX_SECRET"
|
||||
turn_user_lifetime: 86400000
|
||||
database:
|
||||
name: psycopg2
|
||||
args:
|
||||
user: matrix
|
||||
password: $MATRIX_SECRET
|
||||
host: postgresql.$DOMAIN
|
||||
database: matrix
|
||||
cp_min: 5
|
||||
cp_max: 10
|
||||
email:
|
||||
smtp_host: "mail.$DOMAIN"
|
||||
smtp_port: 587
|
||||
smtp_user: "$SMTPUSER"
|
||||
smtp_pass: "$ADMINPASS"
|
||||
force_tls: true
|
||||
# require_transport_security: true
|
||||
enable_tls: true
|
||||
notif_from: "Your Friendly %(app)s homeserver <matrix@matrix.$DOMAIN>"
|
||||
app_name: $COMPANY Matrix Server
|
||||
EOF
|
||||
else
|
||||
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
||||
|
||||
web_client_location: https://element.$DOMAIN/
|
||||
@ -116,6 +149,8 @@ else
|
||||
sed -i "s#dc=federatedcomputer,dc=cloud#dc=$LDAP_DOMAIN_FIRST,dc=$LDAP_DOMAIN_LAST#g" /federated/apps/matrix/data/matrix/homeserver.yaml
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
# Set permissions
|
||||
chown -R 991:991 /federated/apps/matrix/data/matrix
|
||||
|
||||
@ -136,8 +171,7 @@ start_matrix() {
|
||||
# Set admin user as admin in Matrix
|
||||
docker exec postgresql psql -U matrix -c "update users set admin='1' where name='\"@admin:matrix.$DOMAIN\"'" &> /dev/null
|
||||
|
||||
docker exec pdns pdnsutil add-record $DOMAIN matrix A 86400 $EXTERNALIP &> /dev/null
|
||||
[ $? -ne 0 ] && fail "Couldn't add dns record for matrix"
|
||||
[[ "${PLUS}" != "true" ]] && docker exec pdns pdnsutil add-record $DOMAIN matrix A 86400 $EXTERNALIP &> /dev/null
|
||||
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
@ -233,7 +267,7 @@ uninstall_matrix() {
|
||||
docker image rm matrixdotorg/synapse:$IMAGE_VERSION &> /dev/null
|
||||
|
||||
# Delete the DNS record
|
||||
docker exec pdns pdnsutil delete-rrset $DOMAIN matrix A
|
||||
[[ "${PLUS}" != "true" ]] && docker exec pdns pdnsutil delete-rrset $DOMAIN matrix A
|
||||
|
||||
# Uninstall the SSO configuration if it exists in authelia (authelia must exist too)
|
||||
if [[ $(grep "### Matrix" /federated/apps/authelia/data/config/idproviders.yml 2>/dev/null) ]]; then
|
||||
@ -246,6 +280,7 @@ uninstall_matrix() {
|
||||
echo -ne "done.\n"
|
||||
}
|
||||
configsso_matrix() {
|
||||
if [[ "${PLUS}" != "true" ]]; then
|
||||
echo -ne "* Configuring matrix container with SSO.."
|
||||
|
||||
[ ! -d "/federated/apps/authelia" ] && failcheck "Authelia is not installed. You need this first before continuing."
|
||||
@ -303,4 +338,31 @@ EOF
|
||||
run_command "/federated/bin/start matrix"
|
||||
|
||||
echo -ne "done.\n"
|
||||
fi
|
||||
}
|
||||
configsso_matrix_plus() {
|
||||
MATRIX_CLIENT_SECRET=$(cat /federated/apps/matrix/.matrix.client.secret)
|
||||
|
||||
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
||||
oidc_providers:
|
||||
- idp_id: authelia
|
||||
idp_name: "Authelia"
|
||||
idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
|
||||
discover: true
|
||||
issuer: "https://authelia.$DOMAIN"
|
||||
client_id: "matrix"
|
||||
client_secret: "$MATRIX_CLIENT_SECRET"
|
||||
scopes: ["openid", "profile", "email"]
|
||||
allow_existing_users: true
|
||||
user_mapping_provider:
|
||||
config:
|
||||
subject_claim: "sub"
|
||||
localpart_template: "{{ user.name }}"
|
||||
display_name_template: "{{ user.name }}"
|
||||
email_template: "{{ user.email }}"
|
||||
EOF
|
||||
|
||||
# Restart Matrix for changes to take the above configuration
|
||||
run_command "/federated/bin/stop matrix"
|
||||
run_command "/federated/bin/start matrix"
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user