From f61c6b5a4c36e1eed45bd69bf60a0c0c0e32978e Mon Sep 17 00:00:00 2001
From: root <root@f11391a1.federatedcomputer.cloud>
Date: Thu, 8 Feb 2024 14:55:57 +0000
Subject: [PATCH] Added convert MMR import script for Element / Matrix

---
 bin/convertmmrimport | 148 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 148 insertions(+)
 create mode 100644 bin/convertmmrimport

diff --git a/bin/convertmmrimport b/bin/convertmmrimport
new file mode 100644
index 0000000..c9cdc05
--- /dev/null
+++ b/bin/convertmmrimport
@@ -0,0 +1,148 @@
+#!/bin/bash -x
+
+. /federated/lib/functions.sh
+. /etc/federated
+
+usage() {
+cat << EOF
+Convert to MMR and install export from EMS
+Usage: $0 hostname
+Arguments:
+    hostname        hostname.ems.host
+		    will search for these files in /federated/tmp based on hostname:
+ 		    hostname.ems.host-config.md
+                    hostname.ems.host-synapse-database.zip
+                    hostname.ems.host-media-hostname.ems.host.zip
+
+EOF
+exit 2;
+}
+
+[ $# != 1 ] && usage
+HOSTNAME=$1
+
+# Check if files are there
+[ ! -f "/federated/tmp/$HOSTNAME-config.md" ] && failcheck "/federated/tmp/$HOSTNAME-config.md doesn't exist."
+[ ! -f "/federated/tmp/$HOSTNAME-synapse-database.zip" ] && failcheck "/federated/tmp/$HOSTNAME-synapse-database.zip doesn't exist."
+[ ! -f "/federated/tmp/$HOSTNAME-media-$HOSTNAME.zip" ] && failcheck "/federated/tmp/$HOSTNAME-media-$HOSTNAME.zip doesn't exist."
+
+# First install MMR server
+#/federated/bin/installapp matrixmmr
+
+# Then stop regular matrix
+/federated/bin/stop matrix
+
+# Set Matrix to latest version
+echo 'IMAGE_VERSION="v1.100.0"' > /federated/apps/matrix/.env
+
+# Delete matrix database so we can start from scratch
+ADMINPASS=`cat /federated/apps/panel/.env | grep SMTP_PASSWORD | awk -F= '{ print $2 }'`
+# Set SMTP user based on if fcore exists
+[[ $(docker exec ldap slapcat | grep fcore) ]] && SMTPUSER="fcore" || SMTPUSER="admin"
+EXTERNALIP=$(get_externalip);
+LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
+MATRIX_SECRET=$(create_password);
+COTURN_MATRIX_SECRET=$(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf | awk -F= '{ print $2 }');
+docker exec postgresql psql -U postgres -c "drop database matrix" &> /dev/null
+docker exec postgresql psql -U postgres -c "drop user matrix" &> /dev/null
+docker exec postgresql psql -U postgres -c "CREATE USER matrix WITH PASSWORD '$MATRIX_SECRET'"
+docker exec postgresql psql -U postgres -c "CREATE DATABASE matrix"
+docker exec postgresql psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix"
+
+rm -rf /federated/apps/matrix/data
+mkdir -p /federated/apps/matrix/data/matrix
+cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
+chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
+chown -R 991:991 /federated/apps/matrix/data/matrix
+
+# Generate the matrix homeserver.yaml file
+docker run --rm -v "/federated/apps/matrix/data/matrix:/data" -e SYNAPSE_SERVER_NAME=$HOSTNAME -e SYNAPSE_REPORT_STATS=yes matrixdotorg/synapse:latest generate &> /dev/null
+[ $? -ne 0 ] && fail "Couldn't run docker matrixdotorg/synapse:latest generate"
+
+# Take out default Sqlite database config
+sed -i 's!database: /data/homeserver.db!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
+sed -i 's!database:!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
+sed -i 's!name: sqlite3!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
+sed -i 's!args:!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
+
+# Set signing key into /federated/apps/matrix/data/matrix/$HOSTNAME.signing.key
+SIGNING_KEY=$(grep ed25519 /federated/tmp/$HOSTNAME-config.md)
+echo "$SIGNING_KEY" > /federated/apps/matrix/data/matrix/$HOSTNAME.signing.key
+
+# Set macaroon_secret_key
+MACAROON_SECRET_KEY=$(grep macaroon_secret_key /federated/tmp/$HOSTNAME-config.md)
+sed -i "s#macaroon_secret_key:.*#$MACAROON_SECRET_KEY#g" /federated/apps/matrix/data/matrix/homeserver.yaml
+
+# Insert our Postgres and LDAP config
+cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
+
+serve_server_wellknown: true
+turn_uris: [ "turn:turn.$DOMAIN?transport=udp", "turn:turn.$DOMAIN?transport=tcp" ]
+turn_shared_secret: "$COTURN_MATRIX_SECRET"
+turn_user_lifetime: 86400000
+EOF
+
+# Set password_config into homeserver.yaml from HOSTNAME-config.md
+grep -A2 password_config /federated/tmp/$HOSTNAME-config.md >> /federated/apps/matrix/data/matrix/homeserver.yaml
+
+# Insert remaining of our Postgres and LDAP config
+cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
+database:
+    name: psycopg2
+    args:
+        user: matrix
+        password: $MATRIX_SECRET
+        host: postgresql.$DOMAIN
+        database: matrix
+        cp_min: 5
+        cp_max: 10
+email:
+  smtp_host: "mail.$DOMAIN"
+  smtp_port: 587
+  smtp_user: "$SMTPUSER"
+  smtp_pass: "$ADMINPASS"
+  force_tls: true
+  #  require_transport_security: true
+  enable_tls: true
+  notif_from: "Your Friendly %(app)s homeserver <matrix@matrix.$DOMAIN>"
+  app_name: $COMPANY Matrix Server
+modules:
+  - module: "ldap_auth_provider.LdapAuthProviderModule"
+    config:
+      enabled: true
+      uri: "ldaps://ldap.$DOMAIN:636"
+      start_tls: true
+      base: "dc=federatedcomputer,dc=cloud"
+      attributes:
+        mail: "mail"
+        uid: "uid"
+        name: "givenName"
+      bind_dn: cn=admin,dc=federatedcomputer,dc=cloud
+      bind_password: $LDAP_SECRET
+      tls_options:
+        validate: true
+        local_certificate_file: /data/$DOMAIN.crt
+        local_private_key_file: /data/$DOMAIN.key
+EOF
+
+# Unzip database zip file into postgres container
+unzip -jo /federated/tmp/$HOSTNAME-synapse-database.zip -d /federated/apps/postgresql/data/docker-entrypoint-initdb.d/matrixdatabase
+[ $? -ne 0 ] && failcheck "Couldn't unzip database files into postgresql container"
+
+# Run pg_restore on database files
+docker exec postgresql /bin/bash -c "PGPASSWORD=$MATRIX_SECRET pg_restore -w --username $USERNAME --host $HOSTNAME --dbname $DATABASENAME --no-owner /docker-entrypoint-initdb.d/matrixdatabase/"
+[ $? -ne 0 ] && failcheck "Couldn't run pg_restore on database files inside postgresql container"
+
+# Run SELECT * FROM state_group_id_seq; and make sure last_value is greater than 1
+docker exec postgresql psql -U matrix -c "SELECT * FROM state_group_id_seq;"
+[ $? -ne 0 ] && failcheck "Couldn't run select statement in postgresql container"
+
+# unzip media files into /federated/tmp/matrixmedia
+unzip -jo /federated/tmp/$HOSTNAME-media-$HOSTNAME.zip -d /federated/tmp/matrixmedia
+[ $? -ne 0 ] && failcheck "Couldn't unzip media files into tmp/matrixmedia"
+
+# run the matrix-media-repo:latest image and convert / import the media into our matrix server DB
+docker run -v /federated/tmp/matrixmedia:/export --network=federated --rm turt2live/matrix-media-repo:latest /usr/local/bin/import_to_synapse -dbHost 172.99.0.14 -dbName matrix -dbUsername matrix -debug -directory /export -serverName matrix.$DOMAIN -dbPassword $MATRIX_SECRET
+
+# Start matrix back up
+/federated/bin/start matrix