Package Details: mx-puppet-discord-git v0.1.1.r5.gfd44022-3

Git Clone URL: https://aur.archlinux.org/mx-puppet-discord-git.git (read-only, click to copy)
Package Base: mx-puppet-discord-git
Description: This is a Matrix bridge for Discord
Upstream URL: https://gitlab.com/mx-puppet/discord/mx-puppet-discord.git
Licenses: Apache
Conflicts: mx-puppet-discord
Provides: mx-puppet-discord
Submitter: BrainDamage
Maintainer: None
Last Packager: BrainDamage
Votes: 2
Popularity: 0.000000
First Submitted: 2020-11-06 09:15 (UTC)
Last Updated: 2022-11-04 15:49 (UTC)

Latest Comments

« First ‹ Previous 1 2 3

BrainDamage commented on 2021-03-02 00:06 (UTC)

I guess upstream changed behaviour since I did manage to get it to work in the past ...

I'll remove the file from the package and update the post-install instructions

re: working directory

WorkingDirectory=
   Takes a directory path relative to the service's root directory specified by RootDirectory=, or the special value "~". Sets the working directory for executed processes. If set to "~", the home
   directory of the user specified in User= is used. If not set, defaults to the root directory when systemd is running as a system instance and the respective user's home directory if run as user.

podiki commented on 2021-03-01 23:50 (UTC)

Thanks for the speedy response, much appreciated. I know I was mucking around a bit so may have made a little mess. I was doing this before the post install command message was fixed, and so may have changed something before fixing the typo. Not excluding anything below is just due to something I did, but figured I'd report back.

  1. Makes sense, figured that was the case, but

  2. I did indeed run with sudo and it won't overwrite. I just did it now with same permissions on a blank (touch only) file as included in the package (0644 root:mx-puppet-bridge) and gave an error (below). For some reason I didn't think to add synapse to the group, whoops!

  3. This doesn't happen for me, I need to explicitly set the working directory in the service file. I'm not seeing documentation where ~ expands to /var/lib/$USER or something similar, but I know little of systemd. I can try reinstalling this package or looking around, not sure why that happens for me (on ARM for what's that worth).

Mar-1 18:24:07.672 [PuppetBridge] info: Generating registration file...
Mar-1 18:24:07.677 [PuppetBridge] error: Registration file already exists!
Couldn't generate registration file: Error: Registration file already exists!
    at PuppetBridge.generateRegistration (/usr/lib/node_modules/mx-puppet-discord/node_modules/mx-puppet-bridge/lib/src/puppetbridge.js:226:19)
    at Object.<anonymous> (/usr/lib/node_modules/mx-puppet-discord/build/index.js:81:16)
    at Module._compile (internal/modules/cjs/loader.js:999:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1027:10)
    at Module.load (internal/modules/cjs/loader.js:863:32)
    at Function.Module._load (internal/modules/cjs/loader.js:708:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:60:12)
    at internal/main/run_main_module.js:17:47

BrainDamage commented on 2021-03-01 23:14 (UTC) (edited on 2021-03-01 23:23 (UTC) by BrainDamage)

1)

the included empty registration file is so that it has the correct ownership and permissions from the installation, if you just create it on the fly it ends up world-readable by default, which leads us to

2)

yes, there's a very good reason, the registration.yaml contains shared secrets between synapse and the bridge, so it's best if no other users can read it

the file is g+r by default, readable by members of mx-puppet-discord group (which includes its own user), so all it's necessary for the synapse user ro access it is to add it to the mx-puppet-discord group:

# usermod -aG mx-puppet-discord synapse

this of course is only valid if synapse runs on the same machine as the bridge, if it's not the file has to be copied over or made accessible through network mounts

the reason why the file is g-w and owned by another user (root) is in the case of a bug in the software itself it cannot overwrite the config, neither accidentally nor in the case of a software vulnerability (and it doesn't need to in order to run), also valid for synapse since it'd use the group membership to read it (but not write)

the daemon editing its own config doesn't apply to all cases, e.g. mautrix-telegram tries to auto-update its own config, so it does need to write permissions and be owned by the daemon's user, but mx-puppet-discord doesn't, so it's uneccessary to give it

3)

WorkingDirectory=~ is expanded by systemd to the user's home dir as specified by man 5 systemd.exec, so what you did is redundant

ReadWritePaths is unnecessary as well, since the daemon only needs to read the config, not write it

Lastly: did you run the registration command as root? The # is standard slang for root executed commands (as opposed to $), which would've given the command the right permission to write the file's contents; having yourself deleted and re-created the file, now it has different permissions and ownership from the package so all my discourse about access may or may not apply depending on what you did

podiki commented on 2021-03-01 22:43 (UTC)

Thanks for the package! A few questions/comments/suggestions:

  1. Besides what marcool04 noted, I also had to remove the included (empty) registration.yaml as it would not overwrite the existing file. Is there a reason to include it? Is it because the user will generate and want to note that it is a user modified file? (Sorry, don't know much about packaging.)

  2. Permissions on registration.yaml? It needs to be readable by synapse user, not sure what the protocol here is as I've seen different bridges do different things. Is there a good reason it shouldn't be world readable? I've also seen the user:group for both config and registration be root:<bridge-user> (Oddly enough everything worked as is at first, but not on a later restart.)

  3. I had to change the systemd service to have WorkingDirectory=/var/lib/mx-puppet-discord. (I also updated ReadWritePaths for /etc/mx-puppet-discord and its node directory, but maybe I didn't need that as it was because of #2?)

BrainDamage commented on 2021-02-27 22:51 (UTC)

fixed, thanks sorry for the typos, I forgot to test the command myself

marcool04 commented on 2021-02-27 21:26 (UTC)

Could probably use this to fix the message that is printed after installation regarding registration file generation (not that it's hard for users to figure out the mistakes but hey…):

diff --git a/mx-puppet-discord.install b/mx-puppet-discord.install
index 017ab50..6c7d8ee 100644
--- a/mx-puppet-discord.install
+++ b/mx-puppet-discord.install
@@ -1,6 +1,6 @@
 post_install() {
        cat <<- 'EOF'
                after editing /etc/mx-puppet-discord/config.yaml, generate a registration file using:
-               # node /usr/lib/node_modules/mx-puppet-discord/build/index.js-c /etc/mx-puppet-discord/config.yaml -r -f /etc/mx-puppet-discord/registration.yaml -r
+               # node /usr/lib/node_modules/mx-puppet-discord/build/index.js -c /etc/mx-puppet-discord/config.yaml -r -f /etc/mx-puppet-discord/registration.yaml
        EOF
 }

Thanks for the package btw! Regards, Mark.

« First ‹ Previous 1 2 3