start.sh 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160
  1. #!/usr/bin/env bash
  2. DIR="$( cd "$( dirname "$0" )" && pwd )"
  3. CWD=$(pwd)
  4. cd "$DIR/.." || exit
  5. # Do not override PYTHONPATH if we are in a virtual env
  6. if [ "$VIRTUAL_ENV" = "" ]; then
  7. PYTHONPATH=$(readlink -f "$(pwd)")
  8. export PYTHONPATH
  9. echo "$PYTHONPATH"
  10. fi
  11. # Create servers which listen on HTTP at 808x and HTTPS at 848x.
  12. for port in 8080 8081 8082; do
  13. echo "Starting server on port $port... "
  14. https_port=$((port + 400))
  15. mkdir -p demo/$port
  16. pushd demo/$port || exit
  17. # Generate the configuration for the homeserver at localhost:848x, note that
  18. # the homeserver name needs to match the HTTPS listening port for federation
  19. # to properly work..
  20. python3 -m synapse.app.homeserver \
  21. --generate-config \
  22. --server-name "localhost:$https_port" \
  23. --config-path "$port.config" \
  24. --report-stats no
  25. if ! grep -F "Customisation made by demo/start.sh" -q "$port.config"; then
  26. # Generate TLS keys.
  27. openssl req -x509 -newkey rsa:4096 \
  28. -keyout "localhost:$port.tls.key" \
  29. -out "localhost:$port.tls.crt" \
  30. -days 365 -nodes -subj "/O=matrix"
  31. # Add customisations to the configuration.
  32. {
  33. printf '\n\n# Customisation made by demo/start.sh\n\n'
  34. echo "public_baseurl: http://localhost:$port/"
  35. echo 'enable_registration: true'
  36. echo 'enable_registration_without_verification: true'
  37. echo ''
  38. # Warning, this heredoc depends on the interaction of tabs and spaces.
  39. # Please don't accidentally bork me with your fancy settings.
  40. listeners=$(cat <<-PORTLISTENERS
  41. # Configure server to listen on both $https_port and $port
  42. # This overides some of the default settings above
  43. listeners:
  44. - port: $https_port
  45. type: http
  46. tls: true
  47. resources:
  48. - names: [client, federation]
  49. - port: $port
  50. tls: false
  51. bind_addresses: ['::1', '127.0.0.1']
  52. type: http
  53. x_forwarded: true
  54. resources:
  55. - names: [client, federation]
  56. compress: false
  57. PORTLISTENERS
  58. )
  59. echo "${listeners}"
  60. # Disable TLS for the servers
  61. printf '\n\n# Disable TLS for the servers.'
  62. echo '# DO NOT USE IN PRODUCTION'
  63. echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true'
  64. echo 'federation_verify_certificates: false'
  65. # Set paths for the TLS certificates.
  66. echo "tls_certificate_path: \"$DIR/$port/localhost:$port.tls.crt\""
  67. echo "tls_private_key_path: \"$DIR/$port/localhost:$port.tls.key\""
  68. # Request keys directly from servers contacted over federation
  69. echo 'trusted_key_servers: []'
  70. # Allow the servers to communicate over localhost.
  71. allow_list=$(cat <<-ALLOW_LIST
  72. # Allow the servers to communicate over localhost.
  73. ip_range_whitelist:
  74. - '127.0.0.1/8'
  75. - '::1/128'
  76. ALLOW_LIST
  77. )
  78. echo "${allow_list}"
  79. } >> "$port.config"
  80. fi
  81. # Check script parameters
  82. if [ $# -eq 1 ]; then
  83. if [ "$1" = "--no-rate-limit" ]; then
  84. # Disable any rate limiting
  85. ratelimiting=$(cat <<-RC
  86. rc_message:
  87. per_second: 1000
  88. burst_count: 1000
  89. rc_registration:
  90. per_second: 1000
  91. burst_count: 1000
  92. rc_login:
  93. address:
  94. per_second: 1000
  95. burst_count: 1000
  96. account:
  97. per_second: 1000
  98. burst_count: 1000
  99. failed_attempts:
  100. per_second: 1000
  101. burst_count: 1000
  102. rc_admin_redaction:
  103. per_second: 1000
  104. burst_count: 1000
  105. rc_joins:
  106. local:
  107. per_second: 1000
  108. burst_count: 1000
  109. remote:
  110. per_second: 1000
  111. burst_count: 1000
  112. rc_3pid_validation:
  113. per_second: 1000
  114. burst_count: 1000
  115. rc_invites:
  116. per_room:
  117. per_second: 1000
  118. burst_count: 1000
  119. per_user:
  120. per_second: 1000
  121. burst_count: 1000
  122. RC
  123. )
  124. echo "${ratelimiting}" >> "$port.config"
  125. fi
  126. fi
  127. # Always disable reporting of stats if the option is not there.
  128. if ! grep -F "report_stats" -q "$port.config" ; then
  129. echo "report_stats: false" >> "$port.config"
  130. fi
  131. # Run the homeserver in the background.
  132. python3 -m synapse.app.homeserver \
  133. --config-path "$port.config" \
  134. -D \
  135. popd || exit
  136. done
  137. cd "$CWD" || exit