From ab58609d3d85149ffcd342911dd326f397f39f24 Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 16 Apr 2021 22:07:58 +0200 Subject: [PATCH 1/6] No longer use/support a local environment file --- Cargo.toml | 1 - debian/env.local | 33 --------------------------------- 2 files changed, 34 deletions(-) delete mode 100644 debian/env.local diff --git a/Cargo.toml b/Cargo.toml index 57b6f7f..ebfd56f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -98,7 +98,6 @@ instead of a server that has high scalability.""" section = "net" priority = "optional" assets = [ - ["debian/env.local", "etc/matrix-conduit/local", "644"], ["debian/README.Debian", "usr/share/doc/matrix-conduit/", "644"], ["README.md", "usr/share/doc/matrix-conduit/", "644"], ["target/release/conduit", "usr/sbin/matrix-conduit", "755"], diff --git a/debian/env.local b/debian/env.local deleted file mode 100644 index cd552de..0000000 --- a/debian/env.local +++ /dev/null @@ -1,33 +0,0 @@ -# Conduit homeserver local configuration -# -# Conduit is an application based on the Rocket web framework. -# Configuration of Conduit happens via Debconf (see the resulting config in -# `/etc/matrix-conduit/debian`) and optionally by uncommenting and tweaking the -# variables in this file below. - -# The maximum size of a Matrix HTTP requests in bytes. -# -# This mostly affects the size of files that can be downloaded/uploaded. -# It defaults to 20971520 (20MB). -#ROCKET_MAX_REQUEST_SIZE=20971520 - -# Whether user registration is allowed. -# -# User registration is not disabled by default. -#ROCKET_REGISTRATION_DISABLED=false - -# Whether encryption is enabled. -# -# (End-to-end) encryption is not disabled by default. -#ROCKET_ENCRYPTION_DISABLED=false - -# Whether federation with other Matrix servers is enabled. -# -# Federation is not enabled by default; it is still experimental. -#ROCKET_FEDERATION_ENABLED=false - -# The log level of the homeserver. -# -# The log level is "critical" by default. -# Allowed values are: "off", "normal", "debug", "critical" -#ROCKET_LOG="critical" From 5bf43a4d7e5861cd9696da79aa26714bd18c8c3c Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 16 Apr 2021 22:10:07 +0200 Subject: [PATCH 2/6] Generate conduit.toml instead of debian environment file Only generate this file once. I am not sure what to do with future upgrades yet. --- Cargo.toml | 2 +- conduit-example.toml | 2 +- debian/README.Debian | 12 ++--- debian/matrix-conduit.service | 5 +-- debian/postinst | 84 ++++++++++++++++++++--------------- 5 files changed, 57 insertions(+), 48 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index ebfd56f..d510a1b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -103,7 +103,7 @@ assets = [ ["target/release/conduit", "usr/sbin/matrix-conduit", "755"], ] conf-files = [ - "/etc/matrix-conduit/local" + "/etc/matrix-conduit/conduit.toml" ] maintainer-scripts = "debian/" systemd-units = { unit-name = "matrix-conduit" } diff --git a/conduit-example.toml b/conduit-example.toml index 87f959d..246465e 100644 --- a/conduit-example.toml +++ b/conduit-example.toml @@ -11,7 +11,7 @@ # YOU NEED TO EDIT THIS #server_name = "your.server.name" -# This is the only directly where Conduit will save its data +# This is the only directory where Conduit will save its data database_path = "/var/lib/conduit/conduit.db" # The port Conduit will be running on. You need to set up a reverse proxy in diff --git a/debian/README.Debian b/debian/README.Debian index 69fb975..22416cf 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -4,19 +4,19 @@ Conduit for Debian Configuration ------------- -When installed, Debconf handles the configuration of the homeserver (host)name, -the address and port it listens on. These configuration variables end up in -/etc/matrix-conduit/debian. +When installed, Debconf generates the configuration of the homeserver +(host)name, the address and port it listens on. This configuration ends up in +/etc/matrix-conduit/conduit.toml. You can tweak more detailed settings by uncommenting and setting the variables -in /etc/matrix-conduit/local. This involves settings such as the maximum file -size for download/upload, enabling federation, etc. +in /etc/matrix-conduit/conduit.toml. This involves settings such as the maximum +file size for download/upload, enabling federation, etc. Running ------- The package uses the matrix-conduit.service systemd unit file to start and -stop Conduit. It loads the configuration files mentioned above to set up the +stop Conduit. It loads the configuration file mentioned above to set up the environment before running the server. This package assumes by default that Conduit is placed behind a reverse proxy diff --git a/debian/matrix-conduit.service b/debian/matrix-conduit.service index 5ab7917..7c12d1a 100644 --- a/debian/matrix-conduit.service +++ b/debian/matrix-conduit.service @@ -34,10 +34,7 @@ SystemCallFilter=@system-service SystemCallErrorNumber=EPERM StateDirectory=matrix-conduit -Environment="ROCKET_ENV=production" -Environment="ROCKET_DATABASE_PATH=/var/lib/matrix-conduit" -EnvironmentFile=/etc/matrix-conduit/debian -EnvironmentFile=/etc/matrix-conduit/local +Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml" ExecStart=/usr/sbin/matrix-conduit Restart=on-failure diff --git a/debian/postinst b/debian/postinst index bd7fb85..4a55930 100644 --- a/debian/postinst +++ b/debian/postinst @@ -4,7 +4,7 @@ set -e . /usr/share/debconf/confmodule CONDUIT_CONFIG_PATH=/etc/matrix-conduit -CONDUIT_CONFIG_FILE="$CONDUIT_CONFIG_PATH/debian" +CONDUIT_CONFIG_FILE="${CONDUIT_CONFIG_PATH}/conduit.toml" CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit case "$1" in @@ -25,48 +25,60 @@ case "$1" in chown _matrix-conduit "$CONDUIT_DATABASE_PATH" fi - # Write the debconf values in the config. - db_get matrix-conduit/hostname - ROCKET_SERVER_NAME="$RET" - db_get matrix-conduit/address - ROCKET_ADDRESS="$RET" - db_get matrix-conduit/port - ROCKET_PORT="$RET" - cat >"$CONDUIT_CONFIG_FILE" << EOF -# Conduit homeserver Debian configuration -# -# Conduit is an application based on the Rocket web framework. -# Configuration of Conduit happens via Debconf (of which the resulting config -# is in this file) and optionally by uncommenting and tweaking the variables in -# /etc/matrix-conduit/local. + if [ ! -e "$CONDUIT_CONFIG_FILE" ]; then + # Write the debconf values in the config. + db_get matrix-conduit/hostname + CONDUIT_SERVER_NAME="$RET" + db_get matrix-conduit/address + CONDUIT_ADDRESS="$RET" + db_get matrix-conduit/port + CONDUIT_PORT="$RET" + mkdir -p "$CONDUIT_CONFIG_PATH" + cat > "$CONDUIT_CONFIG_FILE" << EOF +[global] +# The server_name is the name of this server. It is used as a suffix for user +# and room ids. Examples: matrix.org, conduit.rs +# The Conduit server needs to be reachable at https://your.server.name/ on port +# 443 (client-server) and 8448 (federation) OR you can create /.well-known +# files to redirect requests. See +# https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client +# and https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server +# for more information. +server_name = "${CONDUIT_SERVER_NAME}" -# THIS FILE IS GENERATED BY DEBCONF AND WILL BE OVERRIDDEN! -# -# Please make changes by running: -# -# \$ dpkg-reconfigure matrix-conduit -# -# or by providing overriding changes in /etc/matrix-conduit/local. +# This is the only directory where Conduit will save its data. +database_path = "${CONDUIT_DATABASE_PATH}" -# The server (host)name of the Matrix homeserver. -# -# This is the hostname the homeserver will be reachable at via a client. -ROCKET_SERVER_NAME="$ROCKET_SERVER_NAME" - -# The address the Matrix homeserver listens on. -# +# The address Conduit will be listening on. # By default the server listens on address 0.0.0.0. Change this to 127.0.0.1 to # only listen on the localhost when using a reverse proxy. -ROCKET_ADDRESS="$ROCKET_ADDRESS" +address = "${CONDUIT_ADDRESS}" -# The port of the Matrix homeserver. -# -# This port is could be any available port if accessed by a reverse proxy. -# By default the server listens on port 8000. -ROCKET_PORT="$ROCKET_PORT" +# The port Conduit will be running on. You need to set up a reverse proxy in +# your web server (e.g. apache or nginx), so all requests to /_matrix on port +# 443 and 8448 will be forwarded to the Conduit instance running on this port. +port = ${CONDUIT_PORT} -# THIS FILE IS GENERATED BY DEBCONF AND WILL BE OVERRIDDEN! +# Max size for uploads +max_request_size = 20_000_000 # in bytes + +# Disable registration. No new users will be able to register on this server. +#allow_registration = false + +# Disable encryption, so no new encrypted rooms can be created. +# Note: Existing rooms will continue to work. +#allow_encryption = false +#allow_federation = false + +# Enable jaeger to support monitoring and troubleshooting through jaeger. +#allow_jaeger = false + +#cache_capacity = 1073741824 # in bytes, 1024 * 1024 * 1024 +#max_concurrent_requests = 4 # How many requests Conduit sends to other servers at the same time +#log = "info,state_res=warn,rocket=off,_=off,sled=off" +#workers = 4 # default: cpu core count * 2 EOF + fi ;; esac From f3b1096417605790c04ce0eb051efb339c0008d1 Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 16 Apr 2021 22:10:52 +0200 Subject: [PATCH 3/6] Change the default library path (follows DEPLOY.md) --- debian/postinst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/postinst b/debian/postinst index 4a55930..c3d727c 100644 --- a/debian/postinst +++ b/debian/postinst @@ -5,7 +5,7 @@ set -e CONDUIT_CONFIG_PATH=/etc/matrix-conduit CONDUIT_CONFIG_FILE="${CONDUIT_CONFIG_PATH}/conduit.toml" -CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit +CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit/conduit_db case "$1" in configure) @@ -13,7 +13,7 @@ case "$1" in if ! getent passwd _matrix-conduit > /dev/null ; then echo 'Adding system user for the Conduit Matrix homeserver' 1>&2 adduser --system --group --quiet \ - --home $CONDUIT_DATABASE_PATH \ + --home "$CONDUIT_DATABASE_PATH" \ --disabled-login \ --force-badname \ _matrix-conduit From 19aaffeb23c6f6838e1afebd975a49ff0fbf1ab8 Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 16 Apr 2021 22:11:07 +0200 Subject: [PATCH 4/6] Change the default port (follows DEPLOY.md) --- debian/README.Debian | 8 ++++---- debian/templates | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debian/README.Debian b/debian/README.Debian index 22416cf..5f63b5c 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -19,10 +19,10 @@ The package uses the matrix-conduit.service systemd unit file to start and stop Conduit. It loads the configuration file mentioned above to set up the environment before running the server. -This package assumes by default that Conduit is placed behind a reverse proxy -such as Apache or nginx. This default deployment entails just listening on -127.0.0.1 and the free port 14004 and is reachable via a client using the URL -http://localhost:14004. +This package assumes by default that Conduit will be placed behind a reverse +proxy such as Apache or nginx. This default deployment entails just listening +on 127.0.0.1 and the free port 6167 and is reachable via a client using the URL +http://localhost:6167. At a later stage this packaging may support also setting up TLS and running stand-alone. In this case, however, you need to set up some certificates and diff --git a/debian/templates b/debian/templates index a408f84..c4281ad 100644 --- a/debian/templates +++ b/debian/templates @@ -16,6 +16,6 @@ Description: The listen address of the Matrix homeserver Template: matrix-conduit/port Type: string -Default: 14004 +Default: 6167 Description: The port of the Matrix homeserver This port is most often just accessed by a reverse proxy. From 4fb2f17b8365185319595d178d72df6f06bcacfd Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 16 Apr 2021 22:11:58 +0200 Subject: [PATCH 5/6] Purge debconf changes from the DB on purge --- debian/postrm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/debian/postrm b/debian/postrm index 04ca325..2894909 100644 --- a/debian/postrm +++ b/debian/postrm @@ -1,11 +1,16 @@ #!/bin/sh set -e +. /usr/share/debconf/confmodule + CONDUIT_CONFIG_PATH=/etc/matrix-conduit CONDUIT_DATABASE_PATH=/var/lib/matrix-conduit case $1 in purge) + # Remove debconf changes from the db + db_purge + # Per https://www.debian.org/doc/debian-policy/ch-files.html#behavior # "configuration files must be preserved when the package is removed, and # only deleted when the package is purged." From f63a624743ef73f417b569ecadded8d4046c338e Mon Sep 17 00:00:00 2001 From: Paul van Tilburg Date: Fri, 23 Apr 2021 19:11:42 +0200 Subject: [PATCH 6/6] Add text about using cargo-deb to the README --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index 32fa657..b128e81 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,26 @@ Check out the [Conduit 1.0 Release Milestone](https://gitlab.com/famedly/conduit Download or compile a Conduit binary, set up the config and call it from somewhere like a systemd script. [Read more](DEPLOY.md) +##### Deloy using a Debian package + +You need to have the `deb` helper command installed that creates Debian packages from Cargo projects (see [cargo-deb](https://github.com/mmstick/cargo-deb/) for more info): + +```shell +$ cargo install cargo-deb +``` + +Then, you can create and install a Debian package at a whim: + +```shell +$ cargo deb +$ dpkg -i target/debian/matrix-conduit_0.1.0_amd64.deb +``` + +This will build, package, install, configure and start Conduit. [Read more](debian/README.Debian). + +Note that `cargo deb` supports [cross-compilation](https://github.com/mmstick/cargo-deb/#cross-compilation) too! +Official Debian packages will follow once Conduit starts to have stable releases. + ##### Deploy using Docker Pull and run the docker image with