Generate shared secrets if not defined in the environment
parent
6d1e28a842
commit
f2bf0cda02
|
@ -5,10 +5,11 @@ import os
|
||||||
import sys
|
import sys
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ))
|
convert = lambda src, dst, environ: open(dst, "w").write(jinja2.Template(open(src).read()).render(**environ))
|
||||||
mode = sys.argv[1] if len(sys.argv) > 1 else None
|
mode = sys.argv[1] if len(sys.argv) > 1 else None
|
||||||
|
environ = os.environ.copy()
|
||||||
|
|
||||||
if "SYNAPSE_SERVER_NAME" not in os.environ:
|
if "SYNAPSE_SERVER_NAME" not in environ:
|
||||||
print("Environment variable SYNAPSE_SERVER_NAME is mandatory, exiting.")
|
print("Environment variable SYNAPSE_SERVER_NAME is mandatory, exiting.")
|
||||||
sys.exit(2)
|
sys.exit(2)
|
||||||
|
|
||||||
|
@ -17,10 +18,16 @@ args = ["python", "-m", "synapse.app.homeserver",
|
||||||
"--report-stats", os.environ.get("SYNAPSE_REPORT_STATS", "no"),
|
"--report-stats", os.environ.get("SYNAPSE_REPORT_STATS", "no"),
|
||||||
"--config-path", os.environ.get("SYNAPSE_CONFIG_PATH", "/compiled/homeserver.yaml")]
|
"--config-path", os.environ.get("SYNAPSE_CONFIG_PATH", "/compiled/homeserver.yaml")]
|
||||||
|
|
||||||
|
# Generate any missing shared secret
|
||||||
|
for secret in ("SYNAPSE_REGISTRATION_SHARED_SECRET", "SYNAPSE_MACAROON_SECRET_KEY"):
|
||||||
|
if secret not in environ:
|
||||||
|
print("Generating a random secret for {}".format(secret))
|
||||||
|
environ[secret] = os.urandom(32).encode("hex")
|
||||||
|
|
||||||
# Parse the configuration file
|
# Parse the configuration file
|
||||||
if not os.path.exists("/compiled"): os.mkdir("/compiled")
|
if not os.path.exists("/compiled"): os.mkdir("/compiled")
|
||||||
convert("/conf/homeserver.yaml", "/compiled/homeserver.yaml")
|
convert("/conf/homeserver.yaml", "/compiled/homeserver.yaml", environ)
|
||||||
convert("/conf/log.config", "/compiled/%s.log.config" % os.environ.get("SYNAPSE_SERVER_NAME"))
|
convert("/conf/log.config", "/compiled/%s.log.config" % environ.get("SYNAPSE_SERVER_NAME"), environ)
|
||||||
|
|
||||||
# In generate mode, generate a configuration, missing keys, then exit
|
# In generate mode, generate a configuration, missing keys, then exit
|
||||||
if mode == "generate":
|
if mode == "generate":
|
||||||
|
|
Loading…
Reference in New Issue