From 7a97bbe06c0a8eb7b462d87b128c5ca3154eb582 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 26 Oct 2019 21:16:24 +0200 Subject: [PATCH 1/3] New seafile version + WIP facebook bridge --- consul/configuration/chat/fb2mx/config.yaml | 133 ++++++++++++++++++ .../chat/fb2mx/registration.yaml | 11 ++ consul/secrets/chat/fb2mx/as_token.sample | 0 consul/secrets/chat/fb2mx/db_url.sample | 1 + consul/secrets/chat/fb2mx/hs_token.sample | 0 docker/seafile/Dockerfile | 11 +- docker/seafile/README.md | 4 +- nomad/seafile.hcl | 7 +- 8 files changed, 159 insertions(+), 8 deletions(-) create mode 100644 consul/configuration/chat/fb2mx/config.yaml create mode 100644 consul/configuration/chat/fb2mx/registration.yaml create mode 100644 consul/secrets/chat/fb2mx/as_token.sample create mode 100644 consul/secrets/chat/fb2mx/db_url.sample create mode 100644 consul/secrets/chat/fb2mx/hs_token.sample diff --git a/consul/configuration/chat/fb2mx/config.yaml b/consul/configuration/chat/fb2mx/config.yaml new file mode 100644 index 0000000..1e2860f --- /dev/null +++ b/consul/configuration/chat/fb2mx/config.yaml @@ -0,0 +1,133 @@ +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: https://im.deuxfleurs.fr + # The domain of the homeserver (for MXIDs, etc). + domain: deuxfleurs.fr + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319 + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29319 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are fully supported. + # Other DBMSes supported by SQLAlchemy may or may not work. + # Format examples: + # SQLite: sqlite:///filename.db + # Postgres: postgres://username:password@hostname/dbname + database: '{{ key "secrets/chat/fb2mx/db_url" | trimSpace }}' + + # The unique ID of this appservice. + id: facebook + # Username of the appservice bot. + bot_username: facebookbot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Facebook bridge bot + bot_avatar: mxc://maunium.net/ddtNPZSKMNqaUzqrHuWvUADv + + # Community ID for bridged users (changes registration file) and rooms. + # Must be created manually. + community_id: "fbusers" + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" + +# Bridge config +bridge: + # Localpart template of MXIDs for Facebook users. + # {userid} is replaced with the user ID of the Facebook user. + username_template: "facebook_{userid}" + # Localpart template for per-user room grouping community IDs. + # The bridge will create these communities and add all of the specific user's portals to the community. + # {localpart} is the MXID localpart and {server} is the MXID server part of the user. + # + # `facebook_{localpart}={server}` is a good value. + community_template: "facebook_{localpart}={server}" + # Displayname template for Facebook users. + # {displayname} is replaced with the display name of the Facebook user + # as defined below in displayname_preference. + # Keys available for displayname_preference are also available here. + displayname_template: "{displayname} (FB)" + # Available keys: + # "name" (full name) + # "first_name" + # "last_name" + # "nickname" + # "own_nickname" (user-specific!) + displayname_preference: + - name + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!fb" + + # Number of chats to sync (and create portals for) on startup/login. + # Maximum 20, set 0 to disable automatic syncing. + initial_chat_sync: 10 + # Whether or not the Facebook users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications when using + # your own Matrix account as the Matrix puppet for your Facebook account. + sync_with_custom_puppets: true + # Whether or not to bridge presence in both directions. Facebook allows users not to broadcast + # presence, but then it won't send other users' presence to the client. + presence: true + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + + # Permissions for using the bridge. + # Permitted values: + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "deuxfleurs.fr": "user" + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_facebook.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: ./mautrix-facebook.log + maxBytes: 10485760 + backupCount: 10 + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + fbchat: + level: DEBUG + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [file, console] diff --git a/consul/configuration/chat/fb2mx/registration.yaml b/consul/configuration/chat/fb2mx/registration.yaml new file mode 100644 index 0000000..bbd4293 --- /dev/null +++ b/consul/configuration/chat/fb2mx/registration.yaml @@ -0,0 +1,11 @@ +id: facebook +as_token: '{{ key "secrets/chat/fb2mx/as_token" | trimSpace }}' +hs_token: '{{ key "secrets/chat/fb2mx/hs_token" | trimSpace }}' +namespaces: + users: + - exclusive: true + regex: '@facebook_.+:deuxfleurs.fr' + group_id: fbusers +url: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319 +sender_localpart: facebookbot +rate_limited: false diff --git a/consul/secrets/chat/fb2mx/as_token.sample b/consul/secrets/chat/fb2mx/as_token.sample new file mode 100644 index 0000000..e69de29 diff --git a/consul/secrets/chat/fb2mx/db_url.sample b/consul/secrets/chat/fb2mx/db_url.sample new file mode 100644 index 0000000..aff4635 --- /dev/null +++ b/consul/secrets/chat/fb2mx/db_url.sample @@ -0,0 +1 @@ +postgres://username:password@hostname/dbname diff --git a/consul/secrets/chat/fb2mx/hs_token.sample b/consul/secrets/chat/fb2mx/hs_token.sample new file mode 100644 index 0000000..e69de29 diff --git a/docker/seafile/Dockerfile b/docker/seafile/Dockerfile index 7373b47..88dee4f 100644 --- a/docker/seafile/Dockerfile +++ b/docker/seafile/Dockerfile @@ -9,7 +9,7 @@ RUN apt-get update && \ tar xf ./seafile.tar.gz && \ mv seafile-server-${VERSION} seafile-server -FROM debian:buster +FROM amd64/debian:buster COPY --from=builder ./seafile-server /srv/webstore/seafile-server @@ -32,10 +32,11 @@ RUN apt-get update && \ pip install Pillow==4.3.0 && \ pip install moviepy && \ useradd -u 1000 -d /srv/webstore seauser && \ - chown -R seauser:1000 /srv/webstore/ && \ - mkdir -p /usr/lib64/mysql/plugin/ && \ - ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/lib64/mysql/plugin/ && \ - ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/lib64/mysql/plugin/ + chown -R seauser:1000 /srv/webstore/ + +RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \ + ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \ + ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/ WORKDIR /srv/webstore/seafile-server COPY seadocker /usr/local/bin/seadocker diff --git a/docker/seafile/README.md b/docker/seafile/README.md index 98cc5b0..819ad54 100644 --- a/docker/seafile/README.md +++ b/docker/seafile/README.md @@ -1,8 +1,7 @@ ```bash -sudo docker build -t superboum/amd64_seafile:v5 . +sudo docker build -t superboum/amd64_seafile:v6 . -# When upgrading: sudo docker run -t -i \ -v /mnt/glusterfs/seafile:/mnt/seafile-data \ -v /mnt/glusterfs/seaconf/conf:/srv/webstore/conf \ @@ -10,3 +9,4 @@ sudo docker run -t -i \ superboum/amd64_seafile:v5 ``` +when upgrading, change the command on start diff --git a/nomad/seafile.hcl b/nomad/seafile.hcl index 574f6bc..c930396 100644 --- a/nomad/seafile.hcl +++ b/nomad/seafile.hcl @@ -12,7 +12,12 @@ job "seafile" { task "server" { driver = "docker" config { - image = "superboum/amd64_seafile:v4" + image = "superboum/amd64_seafile:v6" + + ## cmd + args are used for running an instance attachable for update + # command = "/bin/sleep" + # args = ["999999"] + port_map { seahub_port = 8000 seafdav_port = 8084 From 1850d9a6539ff88373508327eb9aa1e8832688fa Mon Sep 17 00:00:00 2001 From: Quentin Date: Sun, 27 Oct 2019 15:26:21 +0100 Subject: [PATCH 2/3] [chat] Synapse finally accepts my registration file... --- consul/configuration/chat/fb2mx/config.yaml | 2 +- consul/configuration/chat/fb2mx/registration.yaml | 2 +- consul/configuration/chat/synapse/homeserver.yaml | 7 ++++++- consul/restore_configuration.sh | 2 +- nomad/chat.hcl | 13 ++++++++++++- 5 files changed, 21 insertions(+), 5 deletions(-) diff --git a/consul/configuration/chat/fb2mx/config.yaml b/consul/configuration/chat/fb2mx/config.yaml index 1e2860f..751ca22 100644 --- a/consul/configuration/chat/fb2mx/config.yaml +++ b/consul/configuration/chat/fb2mx/config.yaml @@ -39,7 +39,7 @@ appservice: # Community ID for bridged users (changes registration file) and rooms. # Must be created manually. - community_id: "fbusers" + community_id: "+fbusers@deuxfleurs.fr" # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "This value is generated when generating the registration" diff --git a/consul/configuration/chat/fb2mx/registration.yaml b/consul/configuration/chat/fb2mx/registration.yaml index bbd4293..c3d8c05 100644 --- a/consul/configuration/chat/fb2mx/registration.yaml +++ b/consul/configuration/chat/fb2mx/registration.yaml @@ -5,7 +5,7 @@ namespaces: users: - exclusive: true regex: '@facebook_.+:deuxfleurs.fr' - group_id: fbusers + group_id: '+fbusers:deuxfleurs.fr' url: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319 sender_localpart: facebookbot rate_limited: false diff --git a/consul/configuration/chat/synapse/homeserver.yaml b/consul/configuration/chat/synapse/homeserver.yaml index 119dd7c..9e0e97f 100644 --- a/consul/configuration/chat/synapse/homeserver.yaml +++ b/consul/configuration/chat/synapse/homeserver.yaml @@ -307,7 +307,8 @@ room_invite_state_types: # A list of application service config file to use -app_service_config_files: [] +app_service_config_files: + - "/etc/matrix-synapse/fb2mx_registration.yaml" # macaroon_secret_key: @@ -402,4 +403,8 @@ password_config: # notif_template_html: notif_mail.html # notif_template_text: notif_mail.txt # notif_for_new_users: True + +# Key that had to be added after some synapse updates to please matrix developers... report_stats: false +suppress_key_server_warning: true +enable_group_creation: true diff --git a/consul/restore_configuration.sh b/consul/restore_configuration.sh index ba4d353..33742e5 100755 --- a/consul/restore_configuration.sh +++ b/consul/restore_configuration.sh @@ -1,6 +1,6 @@ #!/bin/bash -find {configuration,secrets} -type f \ +find {configuration,secrets}/$1 -type f \ | grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \ | while read filename; do consul kv put "${filename}" "@${filename}" diff --git a/nomad/chat.hcl b/nomad/chat.hcl index 50c657b..a0c5397 100644 --- a/nomad/chat.hcl +++ b/nomad/chat.hcl @@ -29,7 +29,7 @@ job "chat" { } artifact { - source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw&a=a" + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw" destination = "secrets/tpl/homeserver.yaml.tpl" mode = "file" } @@ -37,6 +37,17 @@ job "chat" { source = "secrets/tpl/homeserver.yaml.tpl" destination = "secrets/conf/homeserver.yaml" } + + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw" + destination = "secrets/tpl/fb2mx_registration.yaml.tpl" + mode = "file" + } + template { + source = "secrets/tpl/fb2mx_registration.yaml.tpl" + destination = "secrets/conf/fb2mx_registration.yaml" + } + template { data = "{{ key \"configuration/chat/synapse/log.yaml\" }}" destination = "secrets/conf/log.yaml" From 08f3ef8c179b499f6b6051ad95a66ea9d352e5f9 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sun, 27 Oct 2019 15:27:13 +0100 Subject: [PATCH 3/3] Fix wrong URI --- consul/configuration/chat/fb2mx/config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/consul/configuration/chat/fb2mx/config.yaml b/consul/configuration/chat/fb2mx/config.yaml index 751ca22..51684e3 100644 --- a/consul/configuration/chat/fb2mx/config.yaml +++ b/consul/configuration/chat/fb2mx/config.yaml @@ -39,7 +39,7 @@ appservice: # Community ID for bridged users (changes registration file) and rooms. # Must be created manually. - community_id: "+fbusers@deuxfleurs.fr" + community_id: "+fbusers:deuxfleurs.fr" # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "This value is generated when generating the registration"