The following message is shown when Matrix Synapse server is started.
"""
This server is configured to use 'matrix.org' as its trusted key server via the
'trusted_key_servers' config option. 'matrix.org' is a good choice for a key
server since it is long-lived, stable and trusted. However, some admins may
wish to use another server for this purpose.
To suppress this warning and continue using 'matrix.org', admins should set
'suppress_key_server_warning' to 'true' in homeserver.yaml.
"""
Explicitly configure the server to use matrix.org as the trusted key server to
avoid the warning. The value can be set to empty list of servers, however, our
users are served best by this default.
Tests:
- On a testing container, when patch is applied after Matrix app installation,
the configuration file is updated.
- After the configuration is updated the warning is removed during Matrix
Synapse startup.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- mypy does not show any errors.
- Installing ejabberd app works. Privileged actions run fine.
- Unit tests work.
- No additional testing was done as type annotations don't have any effect at
runtime.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Remove database, mediafiles and freedombox configs.
Removal of certs are not neccessary since the next setup will
overwrite them
Test:
1. Install the app and set a domain
2. Reinstall the app and confirm the domain can be set like it's the first time
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Update docstrings, make uninstall fail-safe]
[sunil: Fix uninstall functional test]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Allow setting registration verification to token based registration
verification.
- Configure the server with registration secret. Use the registration secret to
register an admin account for FreedomBox's use. Store the access token provided
during registration for future use.
- Use Admin API and the access token to create a registration verification
token. Show list of all registration tokens on app page.
Tests:
- On a fresh installation, setup succeeds, public registration is disabled.
Enabling public registration sets verification to be disabled by default.
Registration tokens are not shown in status.
- Without the patch, install the app and enable public registration. Apply the
patches. After update registration verification will show as disabled.
- Setting verification method to registration token works.
freedombox-registration-secret.yaml file is created. This file has 0o600
permissions and is owned by matrix-synapse:nogroup.
freedombox-admin-access-token.txt file is created. This file has 0o600
permissions and is owned by root:root. List of registration tokens are shown in
status section. Registration with Element app works with the token listed.
- Disabling registration verification works. Registration tokens are not shown
in status section. Registration with Element app works without verification.
- Disable app. Try to update the verification configuration to use tokens. An
error should be thrown that configuration can't be updated when app is disabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2321.
- Without verification configuration being set, if public registrations are
enabled, matrix-synapse server does not start. Fix this by disabling
registration verification.
Tests:
- Without the patch, install matrix and enable public registrations. Matrix
daemon will no longer be running. Apply patches and restart. Matrix app will be
updated. 'enable_registration_without_verification: true' will appear in
/etc/matrix-synapse/conf.d/freedombox-registration.yaml. Server will be running.
- Enabling/disabling the public registration option works. The option will be
added and removed. enable_public_registration is set to true/false.
- Functional tests for matrix-synapse work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Consistency with rest of the apps, more robustness and extensibility.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Initial setup works
- Setup after install works
- Domain is properly set
- Configure domains is properly shown in the app page
- Updating TURN configuration works
- Configuration file is updated
- Enabling/disabling public registration works
- Configuration file is updated
- App page show current status
- FAIL: Daemon fails to start when public registration is enabled
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
