From 951f1883eb6192b618e2605403172dd8bfcdce65 Mon Sep 17 00:00:00 2001
From: CDaut <git@cdaut.de>
Date: Mon, 28 Aug 2023 00:06:56 +0200
Subject: [PATCH] matrix

---
 matrix/doc.md                  |  4 ++
 matrix/docker-compose.yml      | 45 +++++++++++++++++++++
 matrix/element-config.json     | 72 ++++++++++++++++++++++++++++++++++
 matrix/environment.env         |  0
 matrix/sql_setup.sql           | 10 +++++
 matrix/synapse/homeserver.yaml | 54 +++++++++++++++++++++++++
 6 files changed, 185 insertions(+)
 create mode 100644 matrix/doc.md
 create mode 100644 matrix/docker-compose.yml
 create mode 100644 matrix/element-config.json
 create mode 100644 matrix/environment.env
 create mode 100644 matrix/sql_setup.sql
 create mode 100644 matrix/synapse/homeserver.yaml

diff --git a/matrix/doc.md b/matrix/doc.md
new file mode 100644
index 0000000..34d13b2
--- /dev/null
+++ b/matrix/doc.md
@@ -0,0 +1,4 @@
+# Matrix
+
+- Beinhaltet: Synapse, Element und synapse-admin
+- Ordner erstellen: `postgresdata` und `synapse`
\ No newline at end of file
diff --git a/matrix/docker-compose.yml b/matrix/docker-compose.yml
new file mode 100644
index 0000000..6e595e4
--- /dev/null
+++ b/matrix/docker-compose.yml
@@ -0,0 +1,45 @@
+version: '3.6'
+services:
+  postgres:
+    image: postgres:14.1-alpine
+    restart: unless-stopped
+    volumes:
+     - ./postgresdata:/var/lib/postgresql/data
+     - ./sql_setup.sql:/docker-entrypoint-initdb.d/create_tables.sql
+
+    # These will be used in homeserver.yaml later on
+    env_file:
+     - enviroment.env
+  element:
+    depends_on:
+      - postgres
+    image: vectorim/element-web:latest
+    restart: unless-stopped
+    volumes:
+      - ./element-config.json:/app/config.json
+    ports:
+      - 6888:80
+
+  synapse:
+    image: matrixdotorg/synapse:latest
+    restart: unless-stopped
+    volumes:
+     - ./synapse:/data
+    ports:
+     - "5888:8008"
+
+  # Achtung: Das auf zu lassen ist ggf. ein Sicherheitsrisiko
+  # synapse-admin:
+  #   container_name: synapse-admin
+  #   hostname: synapse-admin
+  #   build:
+  #     context: https://github.com/Awesome-Technologies/synapse-admin.git
+  #     args:
+  #      - PUBLIC_URL=https://admin.matrix.cdaut.de
+  #      - REACT_APP_SERVER=https://matrix.cdaut.de
+  #   ports:
+  #    - "8999:80"
+  #   restart: unless-stopped
+networks:
+  default:
+    name: matrix_net
\ No newline at end of file
diff --git a/matrix/element-config.json b/matrix/element-config.json
new file mode 100644
index 0000000..1aa72e1
--- /dev/null
+++ b/matrix/element-config.json
@@ -0,0 +1,72 @@
+{
+    "default_server_config": {
+        "m.homeserver": {
+            "base_url": "https://matrix.cdaut.de",
+            "server_name": "chat.cdaut.de"
+        },
+        "m.identity_server": {
+            "base_url": "https://vector.im"
+        }
+    },
+    "brand": "Element",
+    "integrations_ui_url": "https://scalar.vector.im/",
+    "integrations_rest_url": "https://scalar.vector.im/api",
+    "integrations_widgets_urls": [
+        "https://scalar.vector.im/_matrix/integrations/v1",
+        "https://scalar.vector.im/api",
+        "https://scalar-staging.vector.im/_matrix/integrations/v1",
+        "https://scalar-staging.vector.im/api",
+        "https://scalar-staging.riot.im/scalar/api"
+    ],
+    "hosting_signup_link": "https://element.io/matrix-services?utm_source=element-web&utm_medium=web",
+    "bug_report_endpoint_url": "https://element.io/bugreports/submit",
+    "uisi_autorageshake_app": "element-auto-uisi",
+    "showLabsSettings": true,
+    "piwik": {
+        "url": "https://piwik.riot.im/",
+        "siteId": 1,
+        "policyUrl": "https://element.io/cookie-policy"
+    },
+    "roomDirectory": {
+        "servers": [
+            "matrix.org",
+            "gitter.im",
+            "libera.chat"
+        ]
+    },
+    "enable_presence_by_hs_url": {
+        "https://matrix.org": false,
+        "https://matrix-client.matrix.org": false
+    },
+    "terms_and_conditions_links": [{
+            "url": "https://element.io/privacy",
+            "text": "Privacy Policy"
+        },
+        {
+            "url": "https://element.io/cookie-policy",
+            "text": "Cookie Policy"
+        }
+    ],
+    "hostSignup": {
+        "brand": "Element Home",
+        "cookiePolicyUrl": "https://element.io/cookie-policy",
+        "domains": [
+            "matrix.org"
+        ],
+        "privacyPolicyUrl": "https://element.io/privacy",
+        "termsOfServiceUrl": "https://element.io/terms-of-service",
+        "url": "https://ems.element.io/element-home/in-app-loader"
+    },
+    "sentry": {
+        "dsn": "https://<redacted>@sentry.matrix.org/6",
+        "environment": "develop"
+    },
+    "posthog": {
+        "projectApiKey": "<redacted>",
+        "apiHost": "https://posthog.element.io"
+    },
+    "features": {
+        "feature_spotlight": true
+    },
+    "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=<redacted>"
+}
\ No newline at end of file
diff --git a/matrix/environment.env b/matrix/environment.env
new file mode 100644
index 0000000..e69de29
diff --git a/matrix/sql_setup.sql b/matrix/sql_setup.sql
new file mode 100644
index 0000000..4f85524
--- /dev/null
+++ b/matrix/sql_setup.sql
@@ -0,0 +1,10 @@
+\set dbuser `echo "$POSTGRES_USER"`
+\set dbname `echo "$POSTGRES_DB"`
+\set pwd `echo "$POSTGRES_PASSWORD"`
+\set synapsedb `echo "$SYNAPSE_DB"`
+
+CREATE DATABASE :"synapsedb"
+    LC_COLLATE 'C'
+    LC_CTYPE 'C'
+    TEMPLATE template0;
+GRANT ALL PRIVILEGES ON DATABASE :"dbname" TO :"dbuser";
\ No newline at end of file
diff --git a/matrix/synapse/homeserver.yaml b/matrix/synapse/homeserver.yaml
new file mode 100644
index 0000000..c4a36d0
--- /dev/null
+++ b/matrix/synapse/homeserver.yaml
@@ -0,0 +1,54 @@
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+#
+# For more information on how to configure Synapse, including a complete accounting of
+# each option, go to docs/usage/configuration/config_documentation.md or
+# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
+server_name: "matrix.fffka.de"
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8008
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+database:
+  name: sqlite3
+  args:
+    database: /data/homeserver.db
+log_config: "/data/matrix.fffka.de.log.config"
+media_store_path: /data/media_store
+registration_shared_secret: "<redacted>"
+report_stats: false
+macaroon_secret_key: "<redacted>"
+form_secret: "<redacted>"
+signing_key_path: "/data/matrix.fffka.de.signing.key"
+trusted_key_servers:
+  - server_name: "matrix.org"
+
+# Nextcloud login
+oidc_providers:
+  - idp_id: nextcloud
+    idp_name: Nextcloud
+    issuer: "https://cloud.fffka.de/.well-known/openid-configuration"
+    client_id: "<redacted>"
+    client_secret: "<redacted>"
+    client_auth_method: "client_secret_post"
+    scopes: ["openid", "profile", "email", "roles"]
+    authorization_endpoint: "https://cloud.fffka.de/index.php/apps/oidc/authorize"
+    token_endpoint: "https://cloud.fffka.de/index.php/apps/oidc/token"
+    userinfo_endpoint: "https://cloud.fffka.de/index.php/apps/oidc/userinfo"
+
+    user_mapping_provider:
+      config:
+        localpart_template: "{{ user.name }}"
+        display_name_template: "{{ user.name }}"
+
+# vim:ft=yaml
\ No newline at end of file