Merge branch 'master' of gitlab.com:superboum/deuxfleurs.fr

This commit is contained in:
Quentin 2019-12-04 16:54:59 +01:00
commit 0b3eb8ec1b
11 changed files with 178 additions and 9 deletions

View file

@ -0,0 +1,133 @@
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: https://im.deuxfleurs.fr
# The domain of the homeserver (for MXIDs, etc).
domain: deuxfleurs.fr
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 29319
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are fully supported.
# Other DBMSes supported by SQLAlchemy may or may not work.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: '{{ key "secrets/chat/fb2mx/db_url" | trimSpace }}'
# The unique ID of this appservice.
id: facebook
# Username of the appservice bot.
bot_username: facebookbot
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Facebook bridge bot
bot_avatar: mxc://maunium.net/ddtNPZSKMNqaUzqrHuWvUADv
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually.
community_id: "+fbusers:deuxfleurs.fr"
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "This value is generated when generating the registration"
hs_token: "This value is generated when generating the registration"
# Bridge config
bridge:
# Localpart template of MXIDs for Facebook users.
# {userid} is replaced with the user ID of the Facebook user.
username_template: "facebook_{userid}"
# Localpart template for per-user room grouping community IDs.
# The bridge will create these communities and add all of the specific user's portals to the community.
# {localpart} is the MXID localpart and {server} is the MXID server part of the user.
#
# `facebook_{localpart}={server}` is a good value.
community_template: "facebook_{localpart}={server}"
# Displayname template for Facebook users.
# {displayname} is replaced with the display name of the Facebook user
# as defined below in displayname_preference.
# Keys available for displayname_preference are also available here.
displayname_template: "{displayname} (FB)"
# Available keys:
# "name" (full name)
# "first_name"
# "last_name"
# "nickname"
# "own_nickname" (user-specific!)
displayname_preference:
- name
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!fb"
# Number of chats to sync (and create portals for) on startup/login.
# Maximum 20, set 0 to disable automatic syncing.
initial_chat_sync: 10
# Whether or not the Facebook users of logged in Matrix users should be
# invited to private chats when the user sends a message from another client.
invite_own_puppet_to_pm: false
# Whether or not to use /sync to get presence, read receipts and typing notifications when using
# your own Matrix account as the Matrix puppet for your Facebook account.
sync_with_custom_puppets: true
# Whether or not to bridge presence in both directions. Facebook allows users not to broadcast
# presence, but then it won't send other users' presence to the client.
presence: true
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
"deuxfleurs.fr": "user"
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_facebook.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: ./mautrix-facebook.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: DEBUG
fbchat:
level: DEBUG
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [file, console]

View file

@ -0,0 +1,11 @@
id: facebook
as_token: '{{ key "secrets/chat/fb2mx/as_token" | trimSpace }}'
hs_token: '{{ key "secrets/chat/fb2mx/hs_token" | trimSpace }}'
namespaces:
users:
- exclusive: true
regex: '@facebook_.+:deuxfleurs.fr'
group_id: '+fbusers:deuxfleurs.fr'
url: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319
sender_localpart: facebookbot
rate_limited: false

View file

@ -307,7 +307,8 @@ room_invite_state_types:
# A list of application service config file to use # A list of application service config file to use
app_service_config_files: [] app_service_config_files:
- "/etc/matrix-synapse/fb2mx_registration.yaml"
# macaroon_secret_key: <PRIVATE STRING> # macaroon_secret_key: <PRIVATE STRING>
@ -402,4 +403,8 @@ password_config:
# notif_template_html: notif_mail.html # notif_template_html: notif_mail.html
# notif_template_text: notif_mail.txt # notif_template_text: notif_mail.txt
# notif_for_new_users: True # notif_for_new_users: True
# Key that had to be added after some synapse updates to please matrix developers...
report_stats: false report_stats: false
suppress_key_server_warning: true
enable_group_creation: true

View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
find {configuration,secrets} -type f \ find {configuration,secrets}/$1 -type f \
| grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \ | grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \
| while read filename; do | while read filename; do
consul kv put "${filename}" "@${filename}" consul kv put "${filename}" "@${filename}"

View file

@ -0,0 +1 @@
postgres://username:password@hostname/dbname

View file

@ -9,7 +9,7 @@ RUN apt-get update && \
tar xf ./seafile.tar.gz && \ tar xf ./seafile.tar.gz && \
mv seafile-server-${VERSION} seafile-server mv seafile-server-${VERSION} seafile-server
FROM debian:buster FROM amd64/debian:buster
COPY --from=builder ./seafile-server /srv/webstore/seafile-server COPY --from=builder ./seafile-server /srv/webstore/seafile-server
@ -32,10 +32,11 @@ RUN apt-get update && \
pip install Pillow==4.3.0 && \ pip install Pillow==4.3.0 && \
pip install moviepy && \ pip install moviepy && \
useradd -u 1000 -d /srv/webstore seauser && \ useradd -u 1000 -d /srv/webstore seauser && \
chown -R seauser:1000 /srv/webstore/ && \ chown -R seauser:1000 /srv/webstore/
mkdir -p /usr/lib64/mysql/plugin/ && \
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/lib64/mysql/plugin/ && \ RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/lib64/mysql/plugin/ ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/
WORKDIR /srv/webstore/seafile-server WORKDIR /srv/webstore/seafile-server
COPY seadocker /usr/local/bin/seadocker COPY seadocker /usr/local/bin/seadocker

View file

@ -7,6 +7,7 @@ When upgrading, connect on a production server and run:
```bash ```bash
nomad stop seafile nomad stop seafile
sudo docker build -t superboum/amd64_seafile:v6 .
sudo docker run -t -i \ sudo docker run -t -i \
-v /mnt/glusterfs/seafile:/mnt/seafile-data \ -v /mnt/glusterfs/seafile:/mnt/seafile-data \
@ -23,3 +24,4 @@ sudo docker run -t -i \
nomad start seafile.hcl nomad start seafile.hcl
``` ```
when upgrading, change the command on start

View file

@ -29,7 +29,7 @@ job "chat" {
} }
artifact { artifact {
source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw&a=a" source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw"
destination = "secrets/tpl/homeserver.yaml.tpl" destination = "secrets/tpl/homeserver.yaml.tpl"
mode = "file" mode = "file"
} }
@ -37,6 +37,17 @@ job "chat" {
source = "secrets/tpl/homeserver.yaml.tpl" source = "secrets/tpl/homeserver.yaml.tpl"
destination = "secrets/conf/homeserver.yaml" destination = "secrets/conf/homeserver.yaml"
} }
artifact {
source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw"
destination = "secrets/tpl/fb2mx_registration.yaml.tpl"
mode = "file"
}
template {
source = "secrets/tpl/fb2mx_registration.yaml.tpl"
destination = "secrets/conf/fb2mx_registration.yaml"
}
template { template {
data = "{{ key \"configuration/chat/synapse/log.yaml\" }}" data = "{{ key \"configuration/chat/synapse/log.yaml\" }}"
destination = "secrets/conf/log.yaml" destination = "secrets/conf/log.yaml"

View file

@ -12,7 +12,12 @@ job "seafile" {
task "server" { task "server" {
driver = "docker" driver = "docker"
config { config {
image = "superboum/amd64_seafile:v4" image = "superboum/amd64_seafile:v6"
## cmd + args are used for running an instance attachable for update
# command = "/bin/sleep"
# args = ["999999"]
port_map { port_map {
seahub_port = 8000 seahub_port = 8000
seafdav_port = 8084 seafdav_port = 8084