Extend config panel and patch manifest

README.md

@@ -25,7 +25,7 @@ Dendrite is a second-generation Matrix homeserver written in Go. It intends to p
 - Scalable: can run on multiple machines and eventually scale to massive homeserver deployments.
 
 
-**Shipped version:** 0.13.1~ynh3
+**Shipped version:** 0.13.2~ynh4
 ## :red_circle: Antifeatures
 
 - **Alpha software**: Early development stage. May contain changing or unstable features, bugs, and security vulnerability.

README_fr.md

@@ -25,7 +25,7 @@ Dendrite est un serveur domestique Matrix de deuxième génération écrit en Go
 - Évolutif : peut fonctionner sur plusieurs machines et éventuellement évoluer vers des déploiements massifs de serveurs domestiques.
 
 
-**Version incluse :** 0.13.1~ynh3
+**Version incluse :** 0.13.2~ynh4
 ## :red_circle: Fonctions indésirables
 
 - **Alpha software**: Early development stage. May contain changing or unstable features, bugs, and security vulnerability.

conf/dendrite.yaml

@@ -81,7 +81,7 @@ global:
 
   # Disables federation. Dendrite will not be able to communicate with other servers
   # in the Matrix federation and the federation API will not be exposed.
-  disable_federation: false
+  disable_federation: __DISABLE_FEDERATION__
 
   # Configures the handling of presence events. Inbound controls whether we receive
   # presence events from other servers, outbound controls whether we send presence
@@ -164,16 +164,16 @@ client_api:
 
   # Prevents new guest accounts from being created. Guest registration is also
   # disabled implicitly by setting 'registration_disabled' above.
-  guests_disabled: true
+  guests_disabled: __GUESTS_DISABLED__
 
   # If set, allows registration by anyone who knows the shared secret, regardless
   # of whether registration is otherwise disabled.
-  registration_shared_secret: ""
+  registration_shared_secret: __REGISTRATION_SHARED_SECRET__
 
   # Whether to require reCAPTCHA for registration. If you have enabled registration
   # then this is HIGHLY RECOMMENDED to reduce the risk of your homeserver being used
   # for coordinated spam attacks.
-  enable_registration_captcha: false
+  enable_registration_captcha: __ENABLE_REGISTRATION_CAPTCHA__
 
   # Settings for ReCAPTCHA.
   recaptcha_public_key: ""

config_panel.toml

@@ -2,11 +2,57 @@ version = "1.0"
 
 [main]
 name = "Dendrite configuration"
+services = ["__APP__"]
 
     [main.registration]
     name = "User registration"
 
-        [main.registration.registration]
-        ask = "Should registration be enabled?"
+        [main.registration.registration_shared_secret]
+        ask = "Shared Secret for Registration."
+        type = "string"
+        help = "Allows registration of default user or admin accounts, even if Registration disabled. See instructions https://matrix-org.github.io/synapse/latest/admin_api/register_api.html . Avoid double quotes in the password."
+        bind = ":/opt/yunohost/__APP__/dendrite.yaml"
+
+        [main.registration.helptext]
+        ask = """\
+###### How to register an account ?
+ * Provide a Registration Shared Secret
+ * To register an **admin** account for the user `USERNAME`, connect to your server with ssh and type:
+   `/opt/yunohost/dendrite/bin/create-account -config /opt/yunohost/dendrite/dendrite.yaml -username USERNAME -admin`
+ * Remove `-admin` to register a default user account.
+        """
+        type = "markdown"
+
+        [main.registration.registration_disabled]
+        ask = "Disable Registration from Element ?"
+        type = "boolean"
+        yes = "true"
+        no = "false"
+        help = "If True, Registration of default user accounts from a Client App is disabled. If false and your server is federated, reCAPTCHA verification should be activated to avoid spamming the whole Matrix network."
+
+        [main.registration.enable_registration_captcha]
+        ask = "Require CAPTCHA verification for Registration."
+        type = "boolean"
+        yes = "true"
+        no = "false"
+        help = "ReCAPTCHA API should be configured. See instructions https://matrix-org.github.io/dendrite/administration/registration#recaptcha-verification"
+        bind = ":/opt/yunohost/__APP__/dendrite.yaml"
+        visible = "!registration_disabled"
+
+        [main.registration.guests_disabled]
+        ask = "Disable guests registration."
+        type = "boolean"
+        yes = "true"
+        no = "false"
+        help = "Guest registration is also disabled implicitly if Registration from Element is disabled."
+        bind = ":/opt/yunohost/__APP__/dendrite.yaml"
+        visible = "!registration_disabled"
+
+        [main.registration.disable_federation]
+        ask = "Disable Federation."
         type = "boolean"
-        default = false
+        yes = "true"
+        no = "false"
+        help = "Do not communicate with other homeservers of the Matrix Federation."
+        bind = ":/opt/yunohost/__APP__/dendrite.yaml"
+        visible = "enable_registration_captcha"

doc/PRE_INSTALL.md

@@ -1,3 +1,3 @@
 Dendrite is still in beta phase.
 It is functional, but all Matrix features are yet to be implemented.
-See the upstream repo for more information: https://github.com/matrix-org/dendrite\n\nThis package est encore en development, all features from Matrix/Synapse are yet to be implemented."
+See the upstream repo for more information: https://github.com/matrix-org/dendrite

doc/PRE_INSTALL_fr.md

@@ -1,3 +1,3 @@
    Dendrite est encore en phase bêta.
    Cette application est fonctionnelle, mais n'implémente pas encore toutes les fonctionnalités de Matrix.
-   Consultez le dépôt source pour plus d'information : https://github.com/matrix-org/dendrite\n\nCe package est encore en développement, toutes les fonctionalités de Matrix/Synapse ne sont pas encore implémentées.
+   Consultez le dépôt source pour plus d'information : https://github.com/matrix-org/dendrite

manifest.toml

@@ -5,7 +5,7 @@ name = "Dendrite"
 description.en = "Matrix homeserver of second generation"
 description.fr = "Serveur Matrix de seconde génération"
 
-version = "0.13.1~ynh3"
+version = "0.13.2~ynh4"
 
 maintainers = ["tituspijean"]
 
@@ -16,7 +16,7 @@ admindoc = "https://github.com/matrix-org/dendrite/tree/master/docs"
 code = "https://github.com/matrix-org/dendrite"
 
 [integration]
-yunohost = ">= 11.1.17"
+yunohost = ">= 11.2"
 architectures = "all"
 multi_instance = false
 ldap = "not_relevant"
@@ -31,7 +31,10 @@ ram.runtime = "50M"
     help.en = "Select the domain onto which Dendrite will be exclusively installed, e.g. dendrite.domain.tld"
     help.fr = "Sélectionnez le domaine exclusivement dédié à Dendrite, par exemple dendrite.domain.tld"
     type = "domain"
-    full_domain = true
+
+    [install.init_main_permission]
+    type = "group"
+    default = "visitors"
 
     [install.server_name]
     ask.en = "Select the display name for your Dendrite server"
@@ -44,13 +47,15 @@ ram.runtime = "50M"
     ask.en = "Should the server allow any visitor to register as a user?"
     ask.fr = "Le serveur doit-il permettre à quiconque de s'enregistrer comme utilisateur ?"
     type = "boolean"
+    help.en = "If no, accounts should be registered by an admin after defining a secret. If yes, to protect your server and the federation from spammer, federation will be deactived by default. You must Activate CAPTCHA verification before federation reactivation. See Config Panel for instructions"
+    help.fr = "Si non, les comptes seront créés par un admin après avoir défini un secret. Si oui, la fédération sera désactivée pour protéger la fédération et vous des spammeurs. Activez la vérification par CAPTCHA avant de réactiver la fédération ! Voir les instructions dans le Config Panel"
     default = false
 
 [resources]
-        [resources.sources.main]
-        url = "https://github.com/matrix-org/dendrite/archive/refs/tags/v0.13.1.tar.gz"
-        sha256 = "d3217759c5abef155c4e3f9cbbfb3361725cf2e17457b4478c9a4c84ff6881ea"
-        autoupdate.strategy = "latest_github_tag"
+    [resources.sources.main]
+    url = "https://github.com/matrix-org/dendrite/archive/refs/tags/v0.13.2.tar.gz"
+    sha256 = "d98e7d3ca596155b9799feff741a7d39b9712497c516126936202484daea3640"
+    autoupdate.strategy = "latest_github_tag"
 
     [resources.ports]
     main.default = 8008
@@ -64,7 +69,9 @@ ram.runtime = "50M"
 
     [resources.permissions]
     main.url = "/"
+    main.allowed = "visitors"
     main.show_tile = false
+
     server_api.url = "__DOMAIN__/_matrix"
     server_api.label = "Server access for client apps."
     server_api.show_tile = false

scripts/config

@@ -9,30 +9,33 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
+# Stop script if errors
+ynh_abort_if_errors
 
-ynh_app_config_apply() {
-    _ynh_app_config_apply
+get_registration_disabled() {
+    registration_disabled=$(ynh_app_setting_get --app $app --key registration_disabled)
+    echo "${registration_disabled}"
+}
 
-    if [ "${changed[registration]}" == "true" ]
+set__registration_disabled() { 
+    if [ "$registration_disabled" -eq "1" ]
     then
-        if [ $registration -eq 1 ]
-        then
-            registration_disabled="false"
-            really_enable_open_registration="--really-enable-open-registration"
-        else
-            registration_disabled="true"
-            really_enable_open_registration=""
-        fi
-
-        ynh_add_config --template="../conf/dendrite.yaml" --destination="$install_dir/dendrite.yaml"
-        ynh_add_systemd_config
-        ynh_systemd_action --service_name=$app --action="restart" --line_match="Starting external listener" --log_path="systemd"
-        ynh_app_setting_set --app=$app --key=registration --value=$registration
-
+        really_enable_open_registration=""
+    else
+        really_enable_open_registration="--really-enable-open-registration"
     fi
+
+    ynh_write_var_in_file --file=$install_dir/dendrite.yaml --key=registration_disabled --value="${registration_disabled}" 
+    domain=$(ynh_app_setting_get --app $app --key domain)
+    port_tls=$(ynh_app_setting_get --app $app --key port_tls)
+    port=$(ynh_app_setting_get --app $app --key port)
+    psql_version=$(ynh_app_setting_get --app $app --key psql_version)
+    ynh_add_systemd_config
+    ynh_systemd_action --service_name=$app --action="restart" --line_match="Starting external listener" --log_path="systemd"
+    ynh_app_setting_set --app=$app --key=registration_disabled --value=$registration_disabled
 }
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
 
 ynh_app_config_run $1

scripts/install

@@ -15,21 +15,23 @@ source /usr/share/yunohost/helpers
 #=================================================
 
 # Allow or deny registration based on is_public
-if [ $registration -eq 1 ]
+if [ "$registration" -eq "1" ]
 then
 	registration_disabled="false"
 	really_enable_open_registration="--really-enable-open-registration"
+	disable_federation="true"
 else
 	registration_disabled="true"
 	really_enable_open_registration=""
+	disable_federation="false"
 fi
 
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
 
 ynh_app_setting_set --app=$app --key=server_name --value=$server_name
-ynh_app_setting_set --app=$app --key=registration --value=$registration
+ynh_app_setting_set --app=$app --key=domain --value=$domain
 
 #=================================================
 # ADD USER TO THE SSL-CERT GROUP
@@ -103,6 +105,18 @@ popd
 # Set permissions to app files
 chown -R $app:root "$install_dir"
 
+#=================================================
+## SET STANDARD SETTINGS FROM DEFAULT CONFIG
+#=================================================
+guests_disabled="true"
+registration_shared_secret=""
+enable_registration_captcha="false"
+ynh_app_setting_set --app=$app --key=registration_disabled --value=$registration_disabled
+ynh_app_setting_set --app=$app --key=disable_federation --value=$disable_federation
+ynh_app_setting_set --app=$app --key=guests_disabled --value=$guests_disabled
+ynh_app_setting_set --app=$app --key=registration_shared_secret --value=$registration_shared_secret
+ynh_app_setting_set --app=$app --key=enable_registration_captcha --value=$enable_registration_captcha
+
 #=================================================
 # ADD A CONFIGURATION
 #=================================================

scripts/upgrade

@@ -34,21 +34,75 @@ if ! groups $app | grep -q 'ssl-cert'; then
         adduser $app ssl-cert
 fi
 
+#=================================================
+# GET CONFIG PANEL SETTINGS
+#=================================================
+
+server_name=$(ynh_app_setting_get --app=$app --key=server_name)
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+
+registration_disabled=$(ynh_app_setting_get --app=$app --key=registration_disabled)
+disable_federation=$(ynh_app_setting_get --app=$app --key=disable_federation)
+guests_disabled=$(ynh_app_setting_get --app=$app --key=guests_disabled)
+registration_shared_secret=$(ynh_app_setting_get --app=$app --key=registration_shared_secret)
+enable_registration_captcha=$(ynh_app_setting_get --app=$app --key=enable_registration_captcha)
+
+#=================================================
+# STANDARD UPGRADE STEPS
+#=================================================
+# MIGRATION : Manage old settings
+#=================================================
+
+
 # Define $server_name if not already defined
-if [ -z $server_name ]; then
+if [ -z ${server_name:-} ]; then
    server_name=$domain
    ynh_app_setting_set --app=$app --key=server_name --value=$domain
 fi
 
+# Define $disable_federation if not already defined
+if [ -z ${enable_registration_captcha:-} ]; then
+   enable_registration_captcha="false"
+   ynh_app_setting_set --app=$app --key=enable_registration_captcha --value=$enable_registration_captcha
+fi
+
+# Define $guests_disabled if not already defined
+if [ -z ${guests_disabled:-} ]; then
+   guests_disabled="true"
+   ynh_app_setting_set --app=$app --key=guests_disabled --value=$guests_disabled
+fi
+
+# Define $registration_shared_secret if not already defined
+if [ -z ${registration_shared_secret:-} ]; then
+   registration_shared_secret=""
+   ynh_app_setting_set --app=$app --key=registration_shared_secret --value=$registration_shared_secret
+fi
+
 # Load up registration variables
-if [[ $registration -eq 1 ]]
-then
-        registration_disabled="false"
-        really_enable_open_registration="--really-enable-open-registration"
+registration=$(ynh_app_setting_get --app=$app --key=registration)
+if [ -z ${registration:-} ]; then
+	if [[ $registration_disabled = *"alse" ]]
+	then
+		really_enable_open_registration="--really-enable-open-registration"
+	else
+		really_enable_open_registration=""
+	fi
 else
-        registration_disabled="true"
-        really_enable_open_registration=""
-        ynh_app_setting_set --app=$app --key=registration --value=0
+	ynh_app_setting_delete --app=$app --key=registration
+	if [[ $registration == *"rue" || $registration -eq 1 ]]
+	then
+		registration_disabled="false"
+		really_enable_open_registration="--really-enable-open-registration"
+		disable_federation="true"
+		ynh_app_setting_set --app=$app --key=registration_disabled --value=$registration_disabled
+		ynh_app_setting_set --app=$app --key=disable_federation --value=$disable_federation
+	else
+		registration_disabled="true"
+		really_enable_open_registration=""
+		disable_federation="false"
+		ynh_app_setting_set --app=$app --key=registration_disabled --value=$registration_disabled
+		ynh_app_setting_set --app=$app --key=disable_federation --value=$disable_federation
+	fi
 fi
 
 #=================================================

tests.toml

@@ -2,6 +2,8 @@ test_format = 1.0
 
 [default]
 
+    exclude = ["install.private"]
+
     # -------------------------------
     # Default args to use for install
     # -------------------------------
@@ -17,3 +19,6 @@ test_format = 1.0
     # -------------------------------
 
     test_upgrade_from.15f4690b.name = "Upgrade from 0.9.9"
+    test_upgrade_from.15f4690b.args.domain = "domain.tld"
+    test_upgrade_from.15f4690b.args.server_name = "domain.tld"
+    test_upgrade_from.15f4690b.args.registration = true