148 lines
4.9 KiB
Bash
148 lines
4.9 KiB
Bash
export DISCORD_BRIDGE_YAML_VERSION=v2
|
|
export ENTRYPOINT_CONF_VERSION=v3
|
|
export HOMESERVER_YAML_VERSION=v36
|
|
export LOG_CONFIG_VERSION=v2
|
|
export SHARED_SECRET_AUTH_VERSION=v2
|
|
export SIGNAL_BRIDGE_YAML_VERSION=v6
|
|
export TELEGRAM_BRIDGE_YAML_VERSION=v6
|
|
export NGINX_CONFIG_VERSION=v13
|
|
export WK_SERVER_VERSION=v1
|
|
export WK_CLIENT_VERSION=v2
|
|
export MAS_CONFIG_VERSION=v2
|
|
export PG_BACKUP_VERSION=v2
|
|
export ADMIN_CONFIG_VERSION=v1
|
|
|
|
ensure_mas_database () {
|
|
if ! psql -U synapse -d postgres -v ON_ERROR_STOP=1 -Atqc "SELECT 1 FROM pg_database WHERE datname = 'mas'" | grep -qx 1
|
|
then
|
|
psql -U synapse -d postgres -v ON_ERROR_STOP=1 -c "CREATE DATABASE mas OWNER synapse"
|
|
fi
|
|
}
|
|
|
|
# Generate a PEM RSA private key and insert it as the MAS signing secret.
|
|
# `abra app secret generate` can only produce random hex/charset strings, so this
|
|
# secret is marked `generate=false` in .env.sample and handled here instead.
|
|
generate_mas_signing_rsa() {
|
|
if ! command -v openssl &> /dev/null; then
|
|
echo "openssl is required on your local machine to generate the MAS signing key."
|
|
echo "It could not be found in your PATH, please install openssl to proceed."
|
|
exit 1
|
|
fi
|
|
|
|
KEY=$(openssl genrsa 2048 2>/dev/null)
|
|
if [ -z "$KEY" ]; then
|
|
echo "Failed to generate RSA private key with openssl."
|
|
exit 1
|
|
fi
|
|
|
|
if printf '%s\n' "$KEY" | abra app secret insert -C "$APP_NAME" mas_signing_rsa v1; then
|
|
echo "MAS signing RSA key generated and inserted as v1."
|
|
else
|
|
echo "Failed to insert MAS signing RSA key."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
# Local helper: fetch homeserver.yaml from app, push to mas, then syn2mas check + dry-run.
|
|
prepare_mas_migration () {
|
|
local syn_cfg
|
|
|
|
syn_cfg=/tmp/homeserver.yaml
|
|
|
|
cleanup_prepare_mas_migration() {
|
|
rm -f "homeserver.yaml"
|
|
}
|
|
trap cleanup_prepare_mas_migration EXIT
|
|
|
|
echo "Fetching /data/homeserver.yaml from app to homeserver.yaml (abra app run … cat)..."
|
|
if ! abra app run -t "$DOMAIN" app cat /data/homeserver.yaml > "homeserver.yaml"
|
|
then
|
|
return 1
|
|
fi
|
|
if [ ! -s "homeserver.yaml" ]; then
|
|
echo "Error: fetched homeserver.yaml is empty." >&2
|
|
return 1
|
|
fi
|
|
|
|
echo "Copying into mas:/tmp"
|
|
abra app cp "$DOMAIN" "homeserver.yaml" "mas:/tmp" || return 1
|
|
|
|
echo "Running mas-cli syn2mas check..."
|
|
abra app run -t "$DOMAIN" mas -- mas-cli syn2mas check \
|
|
--config /etc/mas/config.yaml \
|
|
--synapse-config "$syn_cfg" || return 1
|
|
|
|
echo "Running mas-cli syn2mas migrate --dry-run..."
|
|
abra app run -t "$DOMAIN" mas -- mas-cli syn2mas migrate \
|
|
--config /etc/mas/config.yaml \
|
|
--synapse-config "$syn_cfg" \
|
|
--dry-run || return 1
|
|
|
|
trap - EXIT
|
|
cleanup_prepare_mas_migration
|
|
|
|
echo ""
|
|
echo "=== Next migration step: stop Synapse (downtime) ==="
|
|
echo "Run on a host whose Docker CLI targets this Swarm (same machine you use for 'abra app deploy')."
|
|
if [ -n "${STACK_NAME:-}" ]; then
|
|
echo " docker service scale ${STACK_NAME}_app=0"
|
|
else
|
|
echo "STACK_NAME is not set here; resolve the Synapse service name with 'docker service ls' on that host, then:"
|
|
echo "docker service scale <STACK_NAME>_app=0"
|
|
fi
|
|
}
|
|
|
|
# Run syn2mas migrate for real (writes MAS data). Run from your operator machine as MAS image is distroless.
|
|
# Requires /tmp/homeserver.yaml in the mas container (e.g. from prepare_mas_migration) and
|
|
# Synapse scaled down before migrate.
|
|
run_mas_migration () {
|
|
local syn_cfg=/tmp/homeserver.yaml
|
|
|
|
echo "Running mas-cli syn2mas migrate in mas via abra app run..."
|
|
abra app run -t "$DOMAIN" mas -- mas-cli syn2mas migrate \
|
|
--config /etc/mas/config.yaml \
|
|
--synapse-config "$syn_cfg"
|
|
}
|
|
|
|
set_admin () {
|
|
admin=akadmin
|
|
if [ -n "$1" ]
|
|
then
|
|
admin=$1
|
|
fi
|
|
psql -U synapse -c "UPDATE users SET admin = 1 WHERE name = '@$admin:$DOMAIN'";
|
|
}
|
|
|
|
set_bridge_tokens() {
|
|
if [ -z "$1" ]; then
|
|
echo "Error: Missing parameter. Usage: set_bridge_tokens <BRIDGETYPE>"
|
|
return 1
|
|
fi
|
|
|
|
BRIDGETYPE=$1
|
|
echo "retrieve tokens from registration.yaml..."
|
|
output=$(abra app run $DOMAIN app cat /${BRIDGETYPE}-data/registration.yaml)
|
|
if [ $? -ne 0 ]; then
|
|
echo "Error: Failed to retrieve registration.yaml for ${BRIDGETYPE} bridge:"
|
|
echo "$output"
|
|
return 1
|
|
fi
|
|
|
|
hs_token=$(echo "$output" | sed -n 's/^hs_token:[[:space:]]*\(.*\)$/\1/p')
|
|
as_token=$(echo "$output" | sed -n 's/^as_token:[[:space:]]*\(.*\)$/\1/p')
|
|
|
|
echo "HS Token: $hs_token"
|
|
echo "AS Token: $as_token"
|
|
echo "UNDEPLOY $DOMAIN?"
|
|
abra app undeploy $DOMAIN
|
|
|
|
echo "Replacing tokens:"
|
|
abra app secret rm $DOMAIN ${BRIDGETYPE}_as_token
|
|
abra app secret insert $DOMAIN ${BRIDGETYPE}_as_token v1 $as_token
|
|
abra app secret rm $DOMAIN ${BRIDGETYPE}_hs_token
|
|
abra app secret insert $DOMAIN ${BRIDGETYPE}_hs_token v1 $hs_token
|
|
|
|
echo "Redeploying $DOMAIN..."
|
|
abra app deploy -n $DOMAIN
|
|
}
|