container/matrix-synapse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'k3s'

Browse Source
This commit is contained in:
Sebastian Hugentobler 2022-02-16 08:51:43 +01:00
commit 8634a7e11f
14 changed files with 761 additions and 716 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.editorconfig
View File

@ -1,9 +0,0 @@
root = true
[*]
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
indent_style = space
indent_size = 4

4
Dockerfile
View File

@ -1,6 +1,6 @@
FROM alpine:3.14 AS builder
FROM alpine:3.15 AS builder
ENV VERSION=v1.49.0
ENV VERSION=v1.52.0
RUN apk add --no-cache \
alpine-sdk \

45
README.md
View File

@ -1,4 +1,9 @@
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network.
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network with keycloak auth.
# Database
```
CREATE DATABASE matrix_synapse WITH TEMPLATE 'template0' LC_COLLATE 'C' LC_CTYPE 'C' OWNER 'synapse';
```
# Volumes
- `/var/lib/matrix-synapse/media_store/`
@ -67,50 +72,20 @@ Whether to generate new thumbnails on the fly to precisely match the resolution
Semi colon seperated list of registration files to load.
## OIDC_ENABLED
- default: false
Whether to enable authorization against an OpenID Connect server.
## OIDC_DISCOVER
- default: true
Whether to use the OIDC discovery mechanism to discover endpoints.
## OIDC_NAME
Name of the oidc provider as shown to users.
## OIDC_ISSUER
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.
For example `https://auth.example.com/auth/realms/master"`.
## OIDC_CLIENT_ID
oauth2 client id.
## OIDC_CLIENT_SECRET
oauth2 client secret.
## OIDC_SCOPES
- default: "\"openid\""
Comma separated list of scopes to request.
## OIDC_AUTH_ENDPOINT
oauth2 authorization endpoint. Required if provider discovery is disabled.
## OIDC_TOKEN_ENDPOINT
oauth2 token endpoint. Required if provider discovery is disabled.
## OIDC_USERINFO_ENDPOINT
OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope
is not requested.
## OIDC_JWKS_URI
URI where to fetch the JWKS. Required if discovery is disabled and the "openid"
scope is used.
## OIDC_MAPPING_PROVIDER
- default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider
Python module for mapping attributes returned from a OIDC provider onto a matrix
user.
## OIDC_ALLOW_EXISTING_USER
- default: false

2
rootfs/etc/cont-init.d/synapse-keys → rootfs/bin/synapse-keys Normal file → Executable file
View File

@ -1,4 +1,4 @@
#!/usr/bin/with-contenv sh
#!/bin/sh
if [ ! -f /var/lib/matrix-synapse/signing/signing.key ]; then
s6-setuidgid matrix-synapse python3 -B -m synapse.app.homeserver -c /var/lib/matrix-synapse/server.yaml --generate-config -H $SERVER_NAME --report-stats=no

1313
rootfs/etc/confd/templates/server.yaml.tmpl
View File

File diff suppressed because it is too large Load Diff

2
rootfs/etc/fix-attrs.d/01-synapse
View File

@ -1,2 +0,0 @@
/var/lib/matrix-synapse/signing/ true matrix-synapse 0640 0750
/var/lib/matrix-synapse/media_store/ true matrix-synapse 0640 0750

2
rootfs/etc/s6-overlay/s6-rc.d/matrix-synapse/dependencies Normal file
View File

@ -0,0 +1,2 @@
confd
synapse-keys

2
rootfs/etc/services.d/synapse/run → rootfs/etc/s6-overlay/s6-rc.d/matrix-synapse/run
View File

@ -1,4 +1,4 @@
#!/usr/bin/with-contenv sh
#!/bin/sh
cd /var/lib/matrix-synapse
s6-setuidgid matrix-synapse python3 -B -m synapse.app.homeserver -c server.yaml

1
rootfs/etc/s6-overlay/s6-rc.d/matrix-synapse/type Normal file
View File

@ -0,0 +1 @@
longrun

1
rootfs/etc/s6-overlay/s6-rc.d/synapse-keys/dependencies Normal file
View File

@ -0,0 +1 @@
confd

1
rootfs/etc/s6-overlay/s6-rc.d/synapse-keys/type Normal file
View File

@ -0,0 +1 @@
oneshot

1
rootfs/etc/s6-overlay/s6-rc.d/synapse-keys/up Normal file
View File

@ -0,0 +1 @@
synapse-keys

0
rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/matrix-synapse Normal file
View File

22
rootfs/py-pkgs/nextcloud_oicd_mapping_provider.py
View File

@ -1,22 +0,0 @@
from synapse.handlers.oidc import OidcMappingProvider
class NextcloudOidcMappingProvider(OidcMappingProvider):
def __init__(self, config):
self._config = config
@staticmethod
def parse_config(config):
return {}
def get_remote_user_id(self, userinfo):
return userinfo["ocs"]["data"]["id"]
async def map_user_attributes(self, userinfo, token):
localpart = userinfo["ocs"]["data"]["id"]
display_name = userinfo["ocs"]["data"]["display-name"]
return {"localpart": localpart, "display_name": display_name}
async def get_extra_attributes(self, userinfo, token):
extras = {}
return extras