diff --git a/scripts/generate_config b/scripts/generate_config
new file mode 100755
index 0000000000..61c5f049e8
--- /dev/null
+++ b/scripts/generate_config
@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+
+import argparse
+import sys
+
+from synapse.config.homeserver import HomeServerConfig
+
+if __name__ == "__main__":
+ parser = argparse.ArgumentParser()
+ parser.add_argument(
+ "--config-dir",
+ default="CONFDIR",
+
+ help="The path where the config files are kept. Used to create filenames for "
+ "things like the log config and the signing key. Default: %(default)s",
+ )
+
+ parser.add_argument(
+ "--data-dir",
+ default="DATADIR",
+ help="The path where the data files are kept. Used to create filenames for "
+ "things like the database and media store. Default: %(default)s",
+ )
+
+ parser.add_argument(
+ "--server-name",
+ default="SERVERNAME",
+ help="The server name. Used to initialise the server_name config param, but also "
+ "used in the names of some of the config files. Default: %(default)s",
+ )
+
+ parser.add_argument(
+ "--report-stats",
+ action="store",
+ help="Whether the generated config reports anonymized usage statistics",
+ choices=["yes", "no"],
+ )
+
+ parser.add_argument(
+ "--generate-secrets",
+ action="store_true",
+ help="Enable generation of new secrets for things like the macaroon_secret_key."
+ "By default, these parameters will be left unset."
+ )
+
+ parser.add_argument(
+ "-o", "--output-file",
+ type=argparse.FileType('w'),
+ default=sys.stdout,
+ help="File to write the configuration to. Default: stdout",
+ )
+
+ args = parser.parse_args()
+
+ report_stats = args.report_stats
+ if report_stats is not None:
+ report_stats = report_stats == "yes"
+
+ conf = HomeServerConfig().generate_config(
+ config_dir_path=args.config_dir,
+ data_dir_path=args.data_dir,
+ server_name=args.server_name,
+ generate_secrets=args.generate_secrets,
+ report_stats=report_stats,
+ )
+
+ args.output_file.write(conf)
diff --git a/scripts/hash_password b/scripts/hash_password
index a62bb5aa83..a1eb0769da 100755
--- a/scripts/hash_password
+++ b/scripts/hash_password
@@ -3,13 +3,15 @@
import argparse
import getpass
import sys
+import unicodedata
import bcrypt
import yaml
-bcrypt_rounds=12
+bcrypt_rounds = 12
password_pepper = ""
+
def prompt_for_pass():
password = getpass.getpass("Password: ")
@@ -23,19 +25,27 @@ def prompt_for_pass():
return password
+
if __name__ == "__main__":
parser = argparse.ArgumentParser(
- description="Calculate the hash of a new password, so that passwords"
- " can be reset")
+ description=(
+ "Calculate the hash of a new password, so that passwords can be reset"
+ )
+ )
parser.add_argument(
- "-p", "--password",
+ "-p",
+ "--password",
default=None,
help="New password for user. Will prompt if omitted.",
)
parser.add_argument(
- "-c", "--config",
+ "-c",
+ "--config",
type=argparse.FileType('r'),
- help="Path to server config file. Used to read in bcrypt_rounds and password_pepper.",
+ help=(
+ "Path to server config file. "
+ "Used to read in bcrypt_rounds and password_pepper."
+ ),
)
args = parser.parse_args()
@@ -49,4 +59,21 @@ if __name__ == "__main__":
if not password:
password = prompt_for_pass()
- print bcrypt.hashpw(password + password_pepper, bcrypt.gensalt(bcrypt_rounds))
+ # On Python 2, make sure we decode it to Unicode before we normalise it
+ if isinstance(password, bytes):
+ try:
+ password = password.decode(sys.stdin.encoding)
+ except UnicodeDecodeError:
+ print(
+ "ERROR! Your password is not decodable using your terminal encoding (%s)."
+ % (sys.stdin.encoding,)
+ )
+
+ pw = unicodedata.normalize("NFKC", password)
+
+ hashed = bcrypt.hashpw(
+ pw.encode('utf8') + password_pepper.encode("utf8"),
+ bcrypt.gensalt(bcrypt_rounds),
+ ).decode('ascii')
+
+ print(hashed)
diff --git a/scripts/synapse_port_db b/scripts/synapse_port_db
index 3c7b606323..2fa01d1a18 100755
--- a/scripts/synapse_port_db
+++ b/scripts/synapse_port_db
@@ -53,6 +53,7 @@ BOOLEAN_COLUMNS = {
"group_summary_users": ["is_public"],
"group_roles": ["is_public"],
"local_group_membership": ["is_publicised", "is_admin"],
+ "e2e_room_keys": ["is_verified"],
}
|
