Upgrade config panel to v1.0

[tituspijean]

Describe the bug

Config panel (currently an experimental feature, which will be upgraded in YunoHost v4.3), changes files (homeserver.yaml and log.yaml, namely) but leaves them belonging to root user. The Synapse service can then fail and cannot restart itself.

Context

• Hardware: VPS, presumably affecting all hardware.
• YunoHost version: 4.2.8.3
• I have access to my server: SSH, webadmin
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
• Using, or trying to install package version/branch: 1.38.0~ynh1

Steps to reproduce

Run any command in the config panel, or even just hit "save".

Expected behavior

Files ownership is not changed by config panel.

Logs

 ⚡ la /etc/matrix-synapse
total 92K
drwxr-x---+ 2 matrix-synapse matrix-synapse 4.0K Mar 13  2021 app-service
drwxr-x---+ 2 matrix-synapse matrix-synapse 4.0K Mar 13  2021 conf.d
-rw-r-----+ 1 matrix-synapse matrix-synapse  598 Aug 12 12:07 coturn.conf
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 homeserver.signing.key
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 homeserver.signing.key_bak
-rw-r-----+ 1 matrix-synapse matrix-synapse  54K Sep 21 00:23 homeserver.yaml
-rw-r-----+ 1 matrix-synapse matrix-synapse  625 Sep 21 00:23 log.yaml
-rw-r-----+ 1 matrix-synapse matrix-synapse 2.6K Mar 13  2021 DOMAIN.log.config
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 DOMAIN.signing.key
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 DOMAIN.signing.key_bak
# Running config panel from the webadmin
 ⚡ la /etc/matrix-synapse
total 92K
drwxr-x---+ 2 matrix-synapse matrix-synapse 4.0K Mar 13  2021 app-service
drwxr-x---+ 2 matrix-synapse matrix-synapse 4.0K Mar 13  2021 conf.d
-rw-r-----+ 1 matrix-synapse matrix-synapse  598 Aug 12 12:07 coturn.conf
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 homeserver.signing.key
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 homeserver.signing.key_bak
-rw-r-----+ 1 root           root            54K Sep 22 16:16 homeserver.yaml
-rw-r-----+ 1 root           root            625 Sep 22 16:16 log.yaml
-rw-r-----+ 1 matrix-synapse matrix-synapse 2.6K Mar 13  2021 DOMAIN.log.config
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 DOMAIN.signing.key
-rw-r-----+ 1 matrix-synapse matrix-synapse   59 Mar 13  2021 DOMAIN.signing.key_bak

⚡ systemctl restart matrix-synapse.service
⚡ journalctl -xe --unit matrix-synapse.service
Sep 22 16:10:52            python[16360]: This server is configured to use 'matrix.org' as its trusted key server via the
Sep 22 16:10:52            python[16360]: 'trusted_key_servers' config option. 'matrix.org' is a good choice for a key
Sep 22 16:10:52            python[16360]: server since it is long-lived, stable and trusted. However, some admins may
Sep 22 16:10:52            python[16360]: wish to use another server for this purpose.
Sep 22 16:10:52            python[16360]: To suppress this warning and continue using 'matrix.org', admins should set
Sep 22 16:10:52            python[16360]: 'suppress_key_server_warning' to 'true' in homeserver.yaml.
Sep 22 16:10:52            python[16360]: --------------------------------------------------------------------------------
Sep 22 16:10:52            python[16360]: Traceback (most recent call last):
Sep 22 16:10:52            python[16360]:   File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
Sep 22 16:10:52            python[16360]:     "__main__", mod_spec)
Sep 22 16:10:52            python[16360]:   File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
Sep 22 16:10:52            python[16360]:     exec(code, run_globals)
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/app/homeserver.py", line 465, in <module>
Sep 22 16:10:52            python[16360]:     main()
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/app/homeserver.py", line 455, in main
Sep 22 16:10:52            python[16360]:     hs = setup(sys.argv[1:])
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/app/homeserver.py", line 358, in setup
Sep 22 16:10:52            python[16360]:     synapse.config.logger.setup_logging(hs, config, use_worker_options=False)
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/config/logger.py", line 316, in setup_logging
Sep 22 16:10:52            python[16360]:     _setup_stdlib_logging(config, log_config_path, logBeginner=logBeginner)
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/config/logger.py", line 204, in _setup_stdlib_logging
Sep 22 16:10:52            python[16360]:     _load_logging_config(log_config_path)
Sep 22 16:10:52            python[16360]:   File "/opt/yunohost/matrix-synapse/lib/python3.7/site-packages/synapse/config/logger.py", line 269, in _load_logging_config
Sep 22 16:10:52            python[16360]:     with open(log_config_path, "rb") as f:
Sep 22 16:10:52            python[16360]: PermissionError: [Errno 13] Permission denied: '/etc/matrix-synapse/log.yaml'
Sep 22 16:10:52            systemd[1]: matrix-synapse.service: Main process exited, code=exited, status=1/FAILURE

(same error with PermissionError: [Errno 13] Permission denied: '/etc/matrix-synapse/homeserver.yaml')

[zamentur]

In 4.3 the current config panel need to be upgraded in 1.0 version, so this bug should be fixed by the new toml...

[Gredin67]

@tituspijean this issue should be renamed "Upgrade config panel to v1.0"

[Gredin67]

see also https://github.com/YunoHost-Apps/mautrix_signal_ynh/issues/24

[Gredin67]

Now that element has a config panel, would be nice to have one for synapse too https://github.com/YunoHost-Apps/element_ynh/pull/79 See also the WIP on the bridges side https://github.com/YunoHost-Apps/mautrix_whatsapp_ynh/pull/74 @Josue-T @thardev @ericgaspar :D