From b08c9fb5a4eef1cf21c6613b2c2b9e0d17fdfbee Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 2 Sep 2023 13:35:04 +0200 Subject: [PATCH] replace matrix-dimension on rx300 with matrix-stickerpicker on carlene --- .../files/matrix-dimension.service | 14 --- .../matrix-dimension/files/production.yaml | 93 --------------- bundles/matrix-dimension/items.py | 78 ------------- bundles/matrix-dimension/metadata.py | 110 ------------------ .../matrix-stickerpicker/files/sticker-import | 7 ++ bundles/matrix-stickerpicker/items.py | 47 ++++++++ bundles/matrix-stickerpicker/metadata.py | 35 ++++++ nodes/carlene.toml | 9 ++ nodes/rx300.py | 35 ------ 9 files changed, 98 insertions(+), 330 deletions(-) delete mode 100644 bundles/matrix-dimension/files/matrix-dimension.service delete mode 100644 bundles/matrix-dimension/files/production.yaml delete mode 100644 bundles/matrix-dimension/items.py delete mode 100644 bundles/matrix-dimension/metadata.py create mode 100644 bundles/matrix-stickerpicker/files/sticker-import create mode 100644 bundles/matrix-stickerpicker/items.py create mode 100644 bundles/matrix-stickerpicker/metadata.py diff --git a/bundles/matrix-dimension/files/matrix-dimension.service b/bundles/matrix-dimension/files/matrix-dimension.service deleted file mode 100644 index 9d2bebc..0000000 --- a/bundles/matrix-dimension/files/matrix-dimension.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Matrix Dimension -After=network.target - -[Service] -User=matrix-dimension -Group=matrix-dimension -Environment="NODE_ENV=production" -ExecStart=/usr/bin/node ${config['install_dir']}/build/app/index.js -WorkingDirectory=${config['install_dir']} -Restart=on-failure - -[Install] -WantedBy=multi-user.target diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml deleted file mode 100644 index 321f6d2..0000000 --- a/bundles/matrix-dimension/files/production.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# The web settings for the service (API and UI). -# It is best to have this run on localhost and use a reverse proxy to access Dimension. -web: - port: 20030 - address: '127.0.0.1' - -# Homeserver configuration -homeserver: - # The domain name of the homeserver. This is used in many places, such as with go-neb - # setups, to identify the homeserver. - name: "${config['homeserver']['name']}" - - # The URL that Dimension, go-neb, and other services provisioned by Dimension should - # use to access the homeserver with. - clientServerUrl: "${config['homeserver']['clientServerUrl']}" - - # The URL that Dimension should use when trying to communicate with federated APIs on - # the homeserver. If not supplied or left empty Dimension will try to resolve the address - # through the normal federation process. - #federationUrl: "https://t2bot.io:8448" - - # The URL that Dimension will redirect media requests to for downloading media such as - # stickers. If not supplied or left empty Dimension will use the clientServerUrl. - #mediaUrl: "https://t2bot.io" - - # The access token Dimension should use for miscellaneous access to the homeserver, and - # for tracking custom sticker pack updates. This should be a user configured on the homeserver - # and be dedicated to Dimension (create a user named "dimension" on your homeserver). For - # information on how to acquire an access token, visit https://t2bot.io/docs/access_tokens - accessToken: "${config['homeserver']['accessToken']}" - -# These users can modify the integrations this Dimension supports. -# To access the admin interface, open Dimension in Riot and click the settings icon. -admins: -% for i in config['admins']: - - "${i}" -% endfor -# IPs and CIDR ranges listed here will be blocked from being widgets. -# Note: Widgets may still be embedded with restricted content, although not through Dimension directly. -widgetBlacklist: - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 - - 127.0.0.0/8 - -database: - # Where the database for Dimension is - uri: "postgres://${node.metadata['matrix-dimension']['database']['user']}:${node.metadata['matrix-dimension']['database']['password']}@${node.metadata['matrix-dimension']['database'].get('host', 'localhost')}/${node.metadata['matrix-dimension']['database']['database']}" - - # Where to store misc information for the utility bot account. - botData: "${config['data_dir']}/dimension.bot.json" - -# Display settings that apply to self-hosted go-neb instances -goneb: - # The avatars to set for each bot. Usually these don't need to be changed, however if your homeserver - # is not able to reach t2bot.io then you should specify your own here. To not use an avatar for a bot, - # make the bot's avatar an empty string. - avatars: - giphy: "mxc://t2bot.io/c5eaab3ef0133c1a61d3c849026deb27" - imgur: "mxc://t2bot.io/6749eaf2b302bb2188ae931b2eeb1513" - github: "mxc://t2bot.io/905b64b3cd8e2347f91a60c5eb0832e1" - wikipedia: "mxc://t2bot.io/7edfb54e9ad9e13fec0df22636feedf1" - travisci: "mxc://t2bot.io/7f4703126906fab8bb27df34a17707a8" - rss: "mxc://t2bot.io/aace4fcbd045f30afc1b4e5f0928f2f3" - google: "mxc://t2bot.io/636ad10742b66c4729bf89881a505142" - guggy: "mxc://t2bot.io/e7ef0ed0ba651aaf907655704f9a7526" - echo: "mxc://t2bot.io/3407ff2db96b4e954fcbf2c6c0415a13" - circleci: "mxc://t2bot.io/cf7d875845a82a6b21f5f66de78f6bee" - jira: "mxc://t2bot.io/f4a38ebcc4280ba5b950163ca3e7c329" - -# Settings for interacting with Telegram. Currently only applies for importing -# sticker packs from Telegram. -telegram: - # Talk to @BotFather on Telegram to get a token - botToken: "${config['telegram']['botToken']}" - -# Custom sticker pack options. -# Largely based on https://github.com/turt2live/matrix-sticker-manager -stickers: - # Whether or not to allow people to add custom sticker packs - enabled: true - - # The sticker manager bot to promote - stickerBot: "@stickers:t2bot.io" - - # The sticker manager URL to promote - managerUrl: "https://stickers.t2bot.io" - - -# Settings for controlling how logging works -logging: - console: true - consoleLevel: info diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py deleted file mode 100644 index 9744754..0000000 --- a/bundles/matrix-dimension/items.py +++ /dev/null @@ -1,78 +0,0 @@ -repo.libs.tools.require_bundle(node, 'nodejs') - - -directories = { - node.metadata['matrix-dimension']['install_dir']: { - 'owner': 'matrix-dimension', - 'group': 'matrix-dimension', - }, -} - -git_deploy = { - node.metadata['matrix-dimension']['install_dir']: { - 'rev': node.metadata.get('matrix-dimension/version', 'master'), # doesn't have releases yet - 'repo': 'https://github.com/turt2live/matrix-dimension.git', - 'triggers': { - 'action:matrix_dimension_build', - }, - 'needs': { - 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir')), - 'directory:{}'.format(node.metadata.get('matrix-dimension/data_dir')), - }, - }, -} - -files = { - '{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')): { - 'owner': 'matrix-dimension', - 'group': 'matrix-dimension', - 'content_type': 'mako', - 'context': { - 'config': node.metadata.get('matrix-dimension', {}), - }, - 'needs': { - 'git_deploy:{}'.format(node.metadata.get('matrix-dimension/install_dir')), - }, - 'triggers': { - 'svc_systemd:matrix-dimension:restart', - }, - }, - '/etc/systemd/system/matrix-dimension.service': { - 'content_type': 'mako', - 'context': { - 'config': node.metadata.get('matrix-dimension', {}), - }, - 'triggers': { - 'action:systemd-reload', - 'svc_systemd:matrix-dimension:restart', - }, - }, -} - -actions = { - 'matrix_dimension_build': { - 'command': ' && '.join([ - 'cd ' + node.metadata.get('matrix-dimension/install_dir'), - 'sudo -u matrix-dimension npm install --legacy-peer-deps', - 'sudo -u matrix-dimension NODE_OPTIONS=--openssl-legacy-provider npm run build', - ]), - 'needs': { - 'pkg_apt:nodejs', - }, - 'triggered': True, - 'triggers': { - 'svc_systemd:matrix-dimension:restart', - }, - }, -} - -svc_systemd = { - 'matrix-dimension': { - 'needs': { - 'action:matrix_dimension_build', - 'file:{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')), - 'postgres_db:matrix-dimension', - 'postgres_role:matrix-dimension', - }, - }, -} diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py deleted file mode 100644 index c3f037d..0000000 --- a/bundles/matrix-dimension/metadata.py +++ /dev/null @@ -1,110 +0,0 @@ -defaults = { - 'backups': { - 'paths': { - '/opt/matrix-dimension', - '/var/opt/matrix-dimension', - }, - }, - 'icinga2_api': { - 'matrix-dimension': { - 'services': { - 'MATRIX-DIMENSION PROCESS': { - 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a matrix-dimension -c 1:', - }, - }, - }, - }, - 'matrix-dimension': { - 'install_dir': '/opt/matrix-dimension', - 'data_dir': '/var/opt/matrix-dimension', - 'database': { - 'user': 'matrix-dimension', - 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), - 'database': 'matrix-dimension', - }, - }, - 'postgresql': { - 'roles': { - 'matrix-dimension': { - 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), - }, - }, - 'databases': { - 'matrix-dimension': { - 'owner': 'matrix-dimension', - }, - }, - }, - 'users': { - 'matrix-dimension': { - 'home': '/var/opt/matrix-dimension', - }, - }, -} - - -@metadata_reactor.provides( - 'nginx/vhosts/matrix-dimension', -) -def nginx_config(metadata): - return { - 'nginx': { - 'vhosts': { - 'matrix-dimension': { - 'domain': metadata.get('matrix-dimension/url'), - 'do_not_set_content_security_headers': True, - 'max_body_size': '50M', - 'locations': { - '/': { - 'target': 'http://127.0.0.1:20030', - }, - }, - }, - }, - }, - } - - -@metadata_reactor.provides( - 'zfs/datasets', -) -def zfs(metadata): - return { - 'zfs': { - 'datasets': { - 'tank/matrix-dimension': {}, - 'tank/matrix-dimension/install': { - 'mountpoint': metadata.get('matrix-dimension/install_dir'), - 'needed_by': { - 'directory:{}'.format(metadata.get('matrix-dimension/install_dir')), - }, - }, - 'tank/matrix-dimension/var': { - 'mountpoint': metadata.get('matrix-dimension/data_dir'), - 'needed_by': { - 'directory:{}'.format(metadata.get('matrix-dimension/data_dir')), - }, - }, - }, - }, - } - - -# XXX enable this once there are releases for matrix-dimension -#@metadata_reactor.provides( -# 'icinga2_api/matrix-dimension/services', -#) -#def icinga_check_for_new_release(metadata): -# return { -# 'icinga2_api': { -# 'matrix-dimension': { -# 'services': { -# 'MATRIX-DIMENSION UPDATE': { -# 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release turt2live/matrix-dimension {}'.format(metadata.get('matrix-dimension/version')), -# 'vars.notification.mail': True, -# 'check_interval': '60m', -# }, -# }, -# }, -# }, -# } diff --git a/bundles/matrix-stickerpicker/files/sticker-import b/bundles/matrix-stickerpicker/files/sticker-import new file mode 100644 index 0000000..fd765c9 --- /dev/null +++ b/bundles/matrix-stickerpicker/files/sticker-import @@ -0,0 +1,7 @@ +#!/bin/bash + +/opt/matrix-stickerpicker/venv/bin/sticker-import \ + --config /opt/matrix-stickerpicker/config.json \ + --session /opt/matrix-stickerpicker/sticker-import.session \ + --output-dir /var/opt/matrix-stickerpicker/ \ + "$@" diff --git a/bundles/matrix-stickerpicker/items.py b/bundles/matrix-stickerpicker/items.py new file mode 100644 index 0000000..0cbe6c5 --- /dev/null +++ b/bundles/matrix-stickerpicker/items.py @@ -0,0 +1,47 @@ +actions['matrix-stickerpicker_create_virtualenv'] = { + 'command': '/usr/bin/python3 -m virtualenv -p python3 /opt/matrix-stickerpicker/venv/', + 'unless': 'test -d /opt/matrix-stickerpicker/venv/', + 'needs': { + # actually /opt/matrix-stickerpicker, but we don't create that + 'directory:/opt/matrix-stickerpicker/src', + }, +} + +actions['matrix-stickerpicker_install'] = { + 'command': 'cd /opt/matrix-stickerpicker/src && /opt/matrix-stickerpicker/venv/bin/pip install --upgrade pip .', + 'needs': { + 'action:matrix-stickerpicker_create_virtualenv', + }, + 'triggered': True, +} + +users['matrix-stickerpicker'] = { + 'home': '/opt/matrix-stickerpicker', +} + +files['/usr/local/bin/sticker-import'] = { + 'mode': '0700', +} + +files['/opt/matrix-stickerpicker/config.json'] = { + 'content': repo.libs.faults.dict_as_json(node.metadata.get('matrix-stickerpicker/config')), +} + +directories['/opt/matrix-stickerpicker/src'] = {} + +directories['/var/opt/matrix-stickerpicker'] = {} + +git_deploy['/opt/matrix-stickerpicker/src'] = { + 'repo': 'https://github.com/maunium/stickerpicker.git', + 'rev': node.metadata.get('matrix-stickerpicker/version', 'master'), + 'triggers': { + 'action:matrix-stickerpicker_install', + }, +} + +symlinks['/opt/matrix-stickerpicker/src/web/packs'] = { + 'target': '/var/opt/matrix-stickerpicker', + 'after': { + 'git_deploy:/opt/matrix-stickerpicker/src', + }, +} diff --git a/bundles/matrix-stickerpicker/metadata.py b/bundles/matrix-stickerpicker/metadata.py new file mode 100644 index 0000000..32bc870 --- /dev/null +++ b/bundles/matrix-stickerpicker/metadata.py @@ -0,0 +1,35 @@ +defaults = { + 'backups': { + 'paths': '/var/opt/matrix-stickerpicker', + }, + 'zfs': { + 'datasets': { + 'tank/matrix-stickerpicker': { + 'mountpoint': '/var/opt/matrix-stickerpicker', + 'needed_by': { + 'directory:/var/opt/matrix-stickerpicker', + }, + }, + }, + }, +} + + +@metadata_reactor.provides( + 'nginx/vhosts/matrix-stickerpicker', +) +def nginx(metadata): + if not node.has_bundle('nginx'): + raise DoNotRunAgain + + return { + 'nginx': { + 'vhosts': { + 'matrix-stickerpicker': { + 'domain': metadata.get('matrix-stickerpicker/domain'), + 'do_not_set_content_security_headers': True, + 'webroot': '/opt/matrix-stickerpicker/src/web/', + }, + }, + }, + } diff --git a/nodes/carlene.toml b/nodes/carlene.toml index a689188..8835238 100644 --- a/nodes/carlene.toml +++ b/nodes/carlene.toml @@ -9,6 +9,7 @@ bundles = [ "element-web", "forgejo", "matrix-media-repo", + "matrix-stickerpicker", "matrix-synapse", "mautrix-telegram", "mautrix-whatsapp", @@ -75,6 +76,14 @@ version = "v1.2.13" api = "synapse" domain = "http://[::1]:20080/" +[metadata.matrix-stickerpicker] +# use this bot token: encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q +domain = "matrix-stickers.franzi.business" +[metadata.matrix-stickerpicker.config] +access_token = "!decrypt:encrypt$gAAAAABg-wBmGbAy-Ou1mkG2w5UyoqWmWYzDr4ZavyUQdmG_VtrUSmwHjx-qcBGIz_7NniD3zKm9GGvzRZItDu5zYiojcudYr74TkWJKhdDrgFbcWlfJJ_m3bWzrSORaTYzBGRckp2Vz_8xHgDk1W03vpT6mdIPMDzjuINssIcPs0YDth25W942tMfPA2csvLADY50qVRMJpdBOVIWba55o0g6-mAAQLOz6Ld4cCvYqZsqXsxjT8JUytJv_uSG4zgCS_aX20JlAyJWpJgT8FQF5HzIbsko_-Z9-TwtY7yllJp5Ri3n0WaDaWoMmUfhLvkMJeymmOc32A4WJBAePQ_2F-_oUDE7t97A-m3ZiMVAEefDnH5MkoiQEJTfHrJsXRkdBT_BnJlY1CoAuXpRYDdvbVDwN_qZHHHtqsno437l9S6GgDK_-sKBiojYkYsfHcJCdSEqeFGuxT" +homeserver = "https://matrix.franzi.business" +user_id = "@dimension:franzi.business" + [metadata.matrix-synapse] admin_contact = "mailto:hostmaster@kunbox.net" baseurl = "matrix.franzi.business" diff --git a/nodes/rx300.py b/nodes/rx300.py index bccf91a..917c9c6 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -12,7 +12,6 @@ nodes['rx300'] = { 'jenkins-ci', 'jugendhackt_tools', 'lm-sensors', - 'matrix-dimension', 'minecraft', 'nodejs', 'oidentd', @@ -72,22 +71,6 @@ nodes['rx300'] = { 'allowed_hosts': ['jh.franzi.business'], 'timezone': 'Europe/Berlin', }, - 'matrix-dimension': { - 'url': 'dimension.franzi.business', - 'version': 'c6d047c', # XXX master is broken as of 2021-11-27 - 'homeserver': { - 'name': 'franzi.business', - 'clientServerUrl': 'https://matrix.franzi.business', - 'accessToken': vault.decrypt('encrypt$gAAAAABg-wBmGbAy-Ou1mkG2w5UyoqWmWYzDr4ZavyUQdmG_VtrUSmwHjx-qcBGIz_7NniD3zKm9GGvzRZItDu5zYiojcudYr74TkWJKhdDrgFbcWlfJJ_m3bWzrSORaTYzBGRckp2Vz_8xHgDk1W03vpT6mdIPMDzjuINssIcPs0YDth25W942tMfPA2csvLADY50qVRMJpdBOVIWba55o0g6-mAAQLOz6Ld4cCvYqZsqXsxjT8JUytJv_uSG4zgCS_aX20JlAyJWpJgT8FQF5HzIbsko_-Z9-TwtY7yllJp5Ri3n0WaDaWoMmUfhLvkMJeymmOc32A4WJBAePQ_2F-_oUDE7t97A-m3ZiMVAEefDnH5MkoiQEJTfHrJsXRkdBT_BnJlY1CoAuXpRYDdvbVDwN_qZHHHtqsno437l9S6GgDK_-sKBiojYkYsfHcJCdSEqeFGuxT'), - }, - 'admins': [ - '@kunsi:franzi.business', - ], - 'telegram': { - # same as for mautrix-telegram - 'botToken': vault.decrypt('encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q'), - }, - }, 'minecraft': { 'heap_mb': 16*1024, 'sha1': '82be5e1bbdfd1bcb001644780562282fd42ee5a9', @@ -102,23 +85,6 @@ nodes['rx300'] = { }, 'restrict-to': {'*'}, }, - 'mx-puppet-discord': { - 'homeserver': { - 'domain': 'franzi.business', - 'url': 'https://matrix.franzi.business', - }, - 'allowed-users': { - '@.*:franzi\\\\.business', - }, - }, - 'netbox': { - 'domain': 'netbox.franzi.business', - 'version': 'v3.5.6', - 'changelog_retention_days': 360, - 'admins': { - 'kunsi': 'hostmaster@kunbox.net', - }, - }, 'nginx': { 'security.txt': { 'contact': 'mailto:security@kunsmann.eu', @@ -126,7 +92,6 @@ nodes['rx300'] = { }, 'vhosts': { 'jenkins-ci': {'ssl': '_.franzi.business'}, - 'matrix-dimension': {'ssl': '_.franzi.business'}, 'radicale': {'ssl': '_.franzi.business'}, 'daskritzelt-redirect': { 'domain': 'die-brontosaurier-waren-es.org',