Handle onion only installs of matrix
This commit is contained in:
parent
1d7ebc1585
commit
51ab10094e
|
@ -59,6 +59,19 @@ function matrix_nginx {
|
||||||
proxy_buffering on; \
|
proxy_buffering on; \
|
||||||
}'
|
}'
|
||||||
|
|
||||||
|
if [[ $ONION_ONLY != 'no' ]]; then
|
||||||
|
matrix_proxy_str=' \
|
||||||
|
location /matrix { \
|
||||||
|
proxy_pass http://localhost:8448; \
|
||||||
|
proxy_buffering on; \
|
||||||
|
}'
|
||||||
|
turn_proxy_str=' \
|
||||||
|
location /turn { \
|
||||||
|
proxy_pass http://localhost:3478; \
|
||||||
|
proxy_buffering on; \
|
||||||
|
}'
|
||||||
|
fi
|
||||||
|
|
||||||
if [ ! -f /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} ]; then
|
if [ ! -f /etc/nginx/sites-available/${DEFAULT_DOMAIN_NAME} ]; then
|
||||||
matrix_nginx_site=/etc/nginx/sites-available/$DEFAULT_DOMAIN_NAME
|
matrix_nginx_site=/etc/nginx/sites-available/$DEFAULT_DOMAIN_NAME
|
||||||
if [[ $ONION_ONLY == "no" ]]; then
|
if [[ $ONION_ONLY == "no" ]]; then
|
||||||
|
@ -450,6 +463,7 @@ function install_matrix {
|
||||||
groupadd matrix
|
groupadd matrix
|
||||||
useradd -c "Matrix system account" -d $MATRIX_DATA_DIR -m -r -g matrix matrix
|
useradd -c "Matrix system account" -d $MATRIX_DATA_DIR -m -r -g matrix matrix
|
||||||
|
|
||||||
|
chmod -R 700 /var/lib/matrix/homeserver.yaml
|
||||||
chown -R matrix:matrix /etc/matrix
|
chown -R matrix:matrix /etc/matrix
|
||||||
chown -R matrix:matrix $MATRIX_DATA_DIR
|
chown -R matrix:matrix $MATRIX_DATA_DIR
|
||||||
|
|
||||||
|
@ -471,6 +485,10 @@ function install_matrix {
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
systemctl start matrix
|
systemctl start matrix
|
||||||
|
|
||||||
|
if [ -f /var/lib/matrix/homeserver.db ]; then
|
||||||
|
chmod -R 700 /var/lib/matrix/homeserver.db
|
||||||
|
fi
|
||||||
|
|
||||||
update_default_domain
|
update_default_domain
|
||||||
|
|
||||||
firewall_add matrix ${MATRIX_PORT}
|
firewall_add matrix ${MATRIX_PORT}
|
||||||
|
|
|
@ -38,8 +38,10 @@ function generate_turn_key {
|
||||||
echo "use-auth-secret" >> "${filepath}"
|
echo "use-auth-secret" >> "${filepath}"
|
||||||
echo "static-auth-secret=${turnkey}" >> "${filepath}"
|
echo "static-auth-secret=${turnkey}" >> "${filepath}"
|
||||||
echo "realm=turn.${DEFAULT_DOMAIN_NAME}" >> "${filepath}"
|
echo "realm=turn.${DEFAULT_DOMAIN_NAME}" >> "${filepath}"
|
||||||
|
if [[ $ONION_ONLY == 'no' ]]; then
|
||||||
echo "cert=$MATRIX_DATA_DIR/${DEFAULT_DOMAIN_NAME}.tls.crt" >> "${filepath}"
|
echo "cert=$MATRIX_DATA_DIR/${DEFAULT_DOMAIN_NAME}.tls.crt" >> "${filepath}"
|
||||||
echo "pkey=$MATRIX_DATA_DIR/${DEFAULT_DOMAIN_NAME}.tls.key" >> "${filepath}"
|
echo "pkey=$MATRIX_DATA_DIR/${DEFAULT_DOMAIN_NAME}.tls.key" >> "${filepath}"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function remove_turn {
|
function remove_turn {
|
||||||
|
@ -84,6 +86,7 @@ function install_turn {
|
||||||
turnkey="$(create_password 30)"
|
turnkey="$(create_password 30)"
|
||||||
generate_turn_key $turnkey /var/lib/turn/turnserver.conf
|
generate_turn_key $turnkey /var/lib/turn/turnserver.conf
|
||||||
|
|
||||||
|
chmod -R 700 /var/lib/turn/turnserver.conf
|
||||||
chown -R matrix:matrix /var/lib/turn
|
chown -R matrix:matrix /var/lib/turn
|
||||||
|
|
||||||
echo '[Unit]' > /etc/systemd/system/turn.service
|
echo '[Unit]' > /etc/systemd/system/turn.service
|
||||||
|
|
Loading…
Reference in New Issue