155 lines
6.5 KiB
Bash
Executable File
155 lines
6.5 KiB
Bash
Executable File
#!/bin/bash -x
|
|
|
|
. /federated/lib/functions.sh
|
|
. /etc/federated
|
|
|
|
usage() {
|
|
cat << EOF
|
|
Convert to MMR and install export from EMS
|
|
Usage: $0 hostname
|
|
Arguments:
|
|
hostname hostname.ems.host
|
|
will search for these files in /federated/tmp based on hostname:
|
|
hostname.ems.host-config.md
|
|
hostname.ems.host-synapse-database.zip
|
|
hostname.ems.host-media-hostname.ems.host.zip
|
|
|
|
EOF
|
|
exit 2;
|
|
}
|
|
|
|
[ $# != 1 ] && usage
|
|
HOSTNAME=$1
|
|
|
|
# Check if files are there
|
|
[ ! -f "/federated/tmp/$HOSTNAME-config.md" ] && failcheck "/federated/tmp/$HOSTNAME-config.md doesn't exist."
|
|
[ ! -f "/federated/tmp/$HOSTNAME-synapse-database.zip" ] && failcheck "/federated/tmp/$HOSTNAME-synapse-database.zip doesn't exist."
|
|
[ ! -f "/federated/tmp/$HOSTNAME-media-$HOSTNAME.zip" ] && failcheck "/federated/tmp/$HOSTNAME-media-$HOSTNAME.zip doesn't exist."
|
|
|
|
# Install unzip
|
|
sudo apt install unzip -y
|
|
|
|
# First install MMR server
|
|
#/federated/bin/installapp matrixmmr
|
|
|
|
# Then stop regular matrix
|
|
/federated/bin/stop matrix
|
|
|
|
# Set Matrix to latest version
|
|
echo 'IMAGE_VERSION="v1.100.0"' > /federated/apps/matrix/.env
|
|
|
|
# Delete matrix database so we can start from scratch
|
|
ADMINPASS=`cat /federated/apps/panel/.env | grep SMTP_PASSWORD | awk -F= '{ print $2 }'`
|
|
# Set SMTP user based on if fcore exists
|
|
[[ $(docker exec ldap slapcat | grep fcore) ]] && SMTPUSER="fcore" || SMTPUSER="admin"
|
|
EXTERNALIP=$(get_externalip);
|
|
LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret`
|
|
MATRIX_SECRET=$(create_password);
|
|
COTURN_MATRIX_SECRET=$(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf | awk -F= '{ print $2 }');
|
|
docker exec postgresql psql -U postgres -c "drop database matrix" &> /dev/null
|
|
docker exec postgresql psql -U postgres -c "drop user matrix" &> /dev/null
|
|
docker exec postgresql psql -U postgres -c "CREATE USER matrix WITH PASSWORD '$MATRIX_SECRET'"
|
|
docker exec postgresql psql -U postgres -c "CREATE DATABASE matrix"
|
|
docker exec postgresql psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix"
|
|
|
|
rm -rf /federated/apps/matrix/data
|
|
mkdir -p /federated/apps/matrix/data/matrix
|
|
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
|
|
chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key
|
|
chown -R 991:991 /federated/apps/matrix/data/matrix
|
|
|
|
# Generate the matrix homeserver.yaml file
|
|
docker run --rm -v "/federated/apps/matrix/data/matrix:/data" -e SYNAPSE_SERVER_NAME=$HOSTNAME -e SYNAPSE_REPORT_STATS=yes matrixdotorg/synapse:latest generate &> /dev/null
|
|
[ $? -ne 0 ] && fail "Couldn't run docker matrixdotorg/synapse:latest generate"
|
|
|
|
# Take out default Sqlite database config
|
|
sed -i 's!database: /data/homeserver.db!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
sed -i 's!database:!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
sed -i 's!name: sqlite3!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
sed -i 's!args:!!g' /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
|
|
# Set signing key into /federated/apps/matrix/data/matrix/$HOSTNAME.signing.key
|
|
SIGNING_KEY=$(grep ed25519 /federated/tmp/$HOSTNAME-config.md)
|
|
echo "$SIGNING_KEY" > /federated/apps/matrix/data/matrix/$HOSTNAME.signing.key
|
|
|
|
# Set macaroon_secret_key
|
|
MACAROON_SECRET_KEY=$(grep macaroon_secret_key /federated/tmp/$HOSTNAME-config.md)
|
|
sed -i "s#macaroon_secret_key:.*#$MACAROON_SECRET_KEY#g" /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
|
|
# Insert our Postgres and LDAP config
|
|
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
|
|
|
serve_server_wellknown: true
|
|
turn_uris: [ "turn:turn.$DOMAIN?transport=udp", "turn:turn.$DOMAIN?transport=tcp" ]
|
|
turn_shared_secret: "$COTURN_MATRIX_SECRET"
|
|
turn_user_lifetime: 86400000
|
|
EOF
|
|
|
|
# Set password_config into homeserver.yaml from HOSTNAME-config.md
|
|
grep -A2 password_config /federated/tmp/$HOSTNAME-config.md >> /federated/apps/matrix/data/matrix/homeserver.yaml
|
|
|
|
# Insert remaining of our Postgres and LDAP config
|
|
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
|
database:
|
|
name: psycopg2
|
|
args:
|
|
user: matrix
|
|
password: $MATRIX_SECRET
|
|
host: postgresql.$DOMAIN
|
|
database: matrix
|
|
cp_min: 5
|
|
cp_max: 10
|
|
email:
|
|
smtp_host: "mail.$DOMAIN"
|
|
smtp_port: 587
|
|
smtp_user: "$SMTPUSER"
|
|
smtp_pass: "$ADMINPASS"
|
|
force_tls: true
|
|
# require_transport_security: true
|
|
enable_tls: true
|
|
notif_from: "Your Friendly %(app)s homeserver <matrix@matrix.$DOMAIN>"
|
|
app_name: $COMPANY Matrix Server
|
|
modules:
|
|
- module: "ldap_auth_provider.LdapAuthProviderModule"
|
|
config:
|
|
enabled: true
|
|
uri: "ldaps://ldap.$DOMAIN:636"
|
|
start_tls: true
|
|
base: "dc=federatedcomputer,dc=cloud"
|
|
attributes:
|
|
mail: "mail"
|
|
uid: "uid"
|
|
name: "givenName"
|
|
bind_dn: cn=admin,dc=federatedcomputer,dc=cloud
|
|
bind_password: $LDAP_SECRET
|
|
tls_options:
|
|
validate: true
|
|
local_certificate_file: /data/$DOMAIN.crt
|
|
local_private_key_file: /data/$DOMAIN.key
|
|
EOF
|
|
|
|
# Fix permissions again
|
|
chown -R 991:991 /federated/apps/matrix/data/matrix
|
|
|
|
# Unzip database zip file into postgres container
|
|
unzip -jo /federated/tmp/$HOSTNAME-synapse-database.zip -d /federated/apps/postgresql/data/docker-entrypoint-initdb.d/matrixdatabase
|
|
[ $? -ne 0 ] && failcheck "Couldn't unzip database files into postgresql container"
|
|
|
|
# Run pg_restore on database files
|
|
docker exec postgresql /bin/bash -c "PGPASSWORD=$MATRIX_SECRET pg_restore -w --username matrix --host postgresql.$DOMAIN --dbname matrix --no-owner /docker-entrypoint-initdb.d/matrixdatabase/"
|
|
#[ $? -ne 0 ] && failcheck "Couldn't run pg_restore on database files inside postgresql container"
|
|
|
|
# Run SELECT * FROM state_group_id_seq; and make sure last_value is greater than 1
|
|
docker exec postgresql psql -U matrix -c "SELECT * FROM state_group_id_seq;"
|
|
[ $? -ne 0 ] && failcheck "Couldn't run select statement in postgresql container"
|
|
|
|
# unzip media files into /federated/tmp/matrixmedia
|
|
unzip -jo /federated/tmp/$HOSTNAME-media-$HOSTNAME.zip -d /federated/tmp/matrixmedia
|
|
[ $? -ne 0 ] && failcheck "Couldn't unzip media files into tmp/matrixmedia"
|
|
|
|
# run the matrix-media-repo:latest image and convert / import the media into our matrix server DB
|
|
docker run -v /federated/tmp/matrixmedia:/export --network=federated --rm turt2live/matrix-media-repo:latest /usr/local/bin/import_to_synapse -dbHost 192.168.0.14 -dbName matrix -dbUsername matrix -debug -directory /export -serverName $HOSTNAME -dbPassword $MATRIX_SECRET
|
|
|
|
# Start matrix back up
|
|
/federated/bin/start matrix
|