Add mautrix-syncproxy and mautrix-wsproxy

2022-02-26 04:53:01 +01:00 · 2022-02-26 04:53:01 +01:00 · 51bcd703d6
commit 51bcd703d6
parent eaba9effe3
18 changed files with 185 additions and 5 deletions
--- a/ressources/mautrix-syncproxy/mautrix-syncproxy
+++ b/ressources/mautrix-syncproxy/mautrix-syncproxy
@ -0,0 +1,29 @@
+#!/bin/bash
+
+STEP="envinit prebuild build makedeb"
+
+envinit() {
+	apt install -y --no-install-recommends build-essential git wget ca-certificates dpkg fakeroot
+	wget -qO - https://go.dev/dl/go1.17.7.linux-amd64.tar.gz | tar -C /usr/local -xz
+}
+
+prebuild(){
+	GIT_VERSION=$1
+	git clone --depth 1 https://github.com/mautrix/syncproxy.git /tmp/mautrix-syncproxy
+}
+
+build() {
+	cd /tmp/mautrix-syncproxy/
+	PATH=$PATH:/usr/local/go/bin
+	go build -o mautrix-syncproxy
+}
+
+makedeb(){
+	GIT_VERSION=$1
+	DEB_VERSION=$2
+	PATH_DEB=/tmp/src/rootfs
+
+	cp /tmp/mautrix-syncproxy/mautrix-syncproxy ${PATH_DEB}/usr/bin/mautrix-syncproxy
+	sed -i "s/%VERSION%/$DEB_VERSION/" ${PATH_DEB}/DEBIAN/control
+	fakeroot dpkg-deb -Z gzip --build ${PATH_DEB} /tmp/dist
+}
--- a/ressources/mautrix-syncproxy/rootfs/DEBIAN/changelog
+++ b/ressources/mautrix-syncproxy/rootfs/DEBIAN/changelog
--- a/ressources/mautrix-syncproxy/rootfs/DEBIAN/conffiles
+++ b/ressources/mautrix-syncproxy/rootfs/DEBIAN/conffiles
@ -0,0 +1 @@
+/etc/default/mautrix-syncproxy
--- a/ressources/mautrix-syncproxy/rootfs/DEBIAN/control
+++ b/ressources/mautrix-syncproxy/rootfs/DEBIAN/control
@ -0,0 +1,7 @@
+Package: mautrix-syncproxy
+Version: %VERSION%
+Section: base
+Priority: optional
+Architecture: all
+Maintainer: Thomas Legay <thomas@syngate.fr>
+Description: mautrix-syncproxy
--- a/ressources/mautrix-syncproxy/rootfs/DEBIAN/postinst
+++ b/ressources/mautrix-syncproxy/rootfs/DEBIAN/postinst
@ -0,0 +1,4 @@
+#!/bin/bash
+
+id mautrix-syncproxy &> /dev/null || useradd mautrix-syncproxy -r -s /bin/false -d /
+
--- a/ressources/mautrix-syncproxy/rootfs/etc/default/mautrix-syncproxy
+++ b/ressources/mautrix-syncproxy/rootfs/etc/default/mautrix-syncproxy
@ -0,0 +1,5 @@
+DATABASE_URL=postgres://syncproxy:xxxxxxxxxx@postgres/syncproxy
+HOMESERVER_URL=https://domaine.fr/
+LISTEN_ADDRESS=:29331
+SHARED_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+#DEBUG=true
--- a/ressources/mautrix-syncproxy/rootfs/etc/systemd/system/mautrix-syncproxy.service
+++ b/ressources/mautrix-syncproxy/rootfs/etc/systemd/system/mautrix-syncproxy.service
@ -0,0 +1,37 @@
+[Unit]
+Description=service mautrix-syncproxy
+Documentation=https://github.com/mautrix/syncproxy
+
+After=network.target
+
+[Service]
+User=mautrix-syncproxy
+Group=mautrix-syncproxy
+EnvironmentFile=/etc/default/mautrix-syncproxy
+ExecStart=/usr/bin/mautrix-syncproxy
+WorkingDirectory=/tmp
+Restart=on-failure
+RestartSec=30s
+#ReadWritePaths=/tmp
+NoNewPrivileges=yes
+MemoryDenyWriteExecute=true
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectHome=yes
+ProtectSystem=strict
+ProtectControlGroups=true
+RestrictSUIDSGID=true
+RestrictRealtime=true
+LockPersonality=true
+ProtectKernelLogs=true
+ProtectKernelTunables=true
+ProtectHostname=true
+ProtectKernelModules=true
+PrivateUsers=true
+ProtectClock=true
+SystemCallArchitectures=native
+SystemCallErrorNumber=EPERM
+SystemCallFilter=@system-service
+
+[Install]
+WantedBy=multi-user.target