Maubot 해보기
설치
웹서버 준비
도메인 준비 @namecheap
A record 추가 : xxxx.ururu.cloud
xxxx => 도메인 이름은 비밀!
nginx reverse proxy
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
if ($host = xxxx.ururu.cloud) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name xxxx.ururu.cloud;
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name xxxx.ururu.cloud;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_certificate /etc/letsencrypt/live/xxxx.ururu.cloud/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xxxx.ururu.cloud/privkey.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000" always;
location /_matrix/maubot/v1/logs {
proxy_pass http://localhost:29316;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $remote_addr;
}
location /_matrix/maubot {
proxy_pass http://localhost:29316;
proxy_set_header X-Forwarded-For $remote_addr;
}
access_log /var/log/nginx/xxxx.ururu.cloud-access.log;
error_log /var/log/nginx/xxxx.ururu.cloud-error.log;
}
인증서 설치
sudo certbot certonly -d xxxx.ururu.cloudmaubot 설치 및 실행
전용 폴더를 하나 만들어주기
mkdir maubot
cd maubot전용 python 환경 만들어주기
pyenv virtualenv 3.12.5 maubot
pyenv local maubot설치
pip install --upgrade maubot추가로 필요한 폴더 만들어줌
mkdir plugins trash logs설정파일 만들기
요거를 수정해서 사용
도메인 이름과 admin 계정 추가
# The full URI to the database. SQLite and Postgres are fully supported.
# Format examples:
# SQLite: sqlite:filename.db
# Postgres: postgresql://username:password@hostname/dbname
database: sqlite:maubot.db
# Separate database URL for the crypto database. "default" means use the same database as above.
crypto_database: default
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
database_opts:
min_size: 1
max_size: 10
plugin_directories:
# The directory where uploaded new plugins should be stored.
upload: ./plugins
# The directories from which plugins should be loaded.
# Duplicate plugin IDs will be moved to the trash.
load:
- ./plugins
trash: ./trash
# Configuration for storing plugin databases
plugin_databases:
# The directory where SQLite plugin databases should be stored.
sqlite: ./plugins
# The connection URL for plugin databases. If null, all plugins will get SQLite databases.
# If set, plugins using the new asyncpg interface will get a Postgres connection instead.
# Plugins using the legacy SQLAlchemy interface will always get a SQLite connection.
#
# To use the same connection pool as the default database, set to "default"
# (the default database above must be postgres to do this).
#
# When enabled, maubot will create separate Postgres schemas in the database for each plugin.
# To view schemas in psql, use `\dn`. To view enter and interact with a specific schema,
# use `SET search_path = name` (where `name` is the name found with `\dn`) and then use normal
# SQL queries/psql commands.
postgres:
# Maximum number of connections per plugin instance.
postgres_max_conns_per_plugin: 3
# Overrides for the default database_opts when using a non-"default" postgres connection string.
postgres_opts: {}
server:
# The IP and port to listen to.
hostname: 0.0.0.0
port: 29316
# Public base URL where the server is visible.
public_url: https://xxxx.ururu.cloud
# The base path for the UI.
ui_base_path: /_matrix/maubot
# The base path for plugin endpoints. The instance ID will be appended directly.
plugin_base_path: /_matrix/maubot/plugin/
# Override path from where to load UI resources.
# Set to false to using pkg_resources to find the path.
override_resource_path: false
# The shared secret to sign API access tokens.
# Set to "generate" to generate and save a new token at startup.
unshared_secret: generate
# Known homeservers. This is required for the `mbc auth` command and also allows
# more convenient access from the management UI. This is not required to create
# clients in the management UI, since you can also just type the homeserver URL
# into the box there.
homeservers:
matrix.org:
# Client-server API URL
url: https://matrix.ururu.cloud
# registration_shared_secret from synapse config
# You can leave this empty if you don't have access to the homeserver.
# When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will.
secret:
admins:
root: ''
admin: 'MYPASSWORD'
api_features:
login: true
plugin: true
plugin_upload: true
instance: true
instance_database: true
client: true
client_proxy: true
client_auth: true
dev_open: true
log: true
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): maubot.lib.color_log.ColorFormatter
format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s'
normal:
format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s'
handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: ./maubot.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
maubot:
level: DEBUG
mau:
level: DEBUG
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [file, console]
admin 에 비번은 그냥 읽을 수 있는 상태로 붙여넣고 'MYPASSWORD' 를 바꾸어서.. maubot이 일단 시작되면, 암호화 해버린다고 함. 즉, 다른 곳에 비번 잘 기억.
pm2 에 등록하기 위해 start.sh 만듬
#!/bin/sh
pyenv shell maubot
python3 -m maubot실행권한 추가
chmod +x start.shpm2에 등록해서 실행하고, 잘되는지 log 확인하고 pm2 save로 확정.
pm2 --name maubot start ./start.sh
pm2 log 27
pm2 save