flfeders/FEDEO
2
1
Fork 0
Code Issues 95 Pull Requests Actions Packages Projects 22 Releases Wiki Activity

Compare commits

base: flfeders:526ad966c4aa01385511c145bdaa7ef63064e2c4
Branches Tags
flfeders:main flfeders:dev flfeders:uichange
...
compare: flfeders:ad74825781f3b35c56233aa6f74367bd3d868a2e
Branches Tags
flfeders:dev flfeders:uichange flfeders:main

2 Commits
526ad966c4 ... ad74825781

Author SHA1 Message Date
florianfederspiel
ad74825781 KI-AGENT: Matrix-Kommunikation im Selfhost-Bootstrap provisionieren
All checks were successful
Build and Push Docker Images / build-backend (push) Successful in 19s
Details
Build and Push Docker Images / build-frontend (push) Successful in 10s
Details
Build and Push Docker Images / build-website (push) Successful in 11s
Details
Build and Push Docker Images / build-docs (push) Successful in 11s
Details
2026-06-03 10:22:30 +02:00
florianfederspiel
f1e0f36cca KI-AGENT: Datenbank-URL im Selfhost-Setup absichern 2026-06-03 10:09:43 +02:00
4 changed files with 29 additions and 2 deletions
Expand all files Collapse all files

1
.env.example
View File

@@ -117,6 +117,7 @@ FEDEO_BOOTSTRAP_ADMIN_FIRST_NAME=Admin
FEDEO_BOOTSTRAP_ADMIN_LAST_NAME=Benutzer FEDEO_BOOTSTRAP_ADMIN_LAST_NAME=Benutzer
FEDEO_BOOTSTRAP_TENANT_NAME=Mein Unternehmen FEDEO_BOOTSTRAP_TENANT_NAME=Mein Unternehmen
FEDEO_BOOTSTRAP_TENANT_SHORT=MEIN FEDEO_BOOTSTRAP_TENANT_SHORT=MEIN
FEDEO_BOOTSTRAP_MATRIX=true
# FEDEO Matrix-Kommunikation # FEDEO Matrix-Kommunikation
# #

16
backend/src/modules/bootstrap.service.ts
View File

@@ -21,6 +21,7 @@ import {
texttemplates, texttemplates,
units, units,
} from "../../db/schema" } from "../../db/schema"
import { matrixService } from "./matrix.service"
const adminPermissions = [ const adminPermissions = [
"mcp.tokens.write", "mcp.tokens.write",
@@ -487,4 +488,19 @@ export async function runBootstrap(server: FastifyInstance) {
await ensureTenantBaseData(server, tenant.id, adminUser.id) await ensureTenantBaseData(server, tenant.id, adminUser.id)
console.log("✅ Bootstrap-Grunddaten geprüft") console.log("✅ Bootstrap-Grunddaten geprüft")
if (process.env.FEDEO_BOOTSTRAP_MATRIX === "true") {
try {
const matrix = matrixService(server)
await matrix.provisionTenantRoom(adminUser.id, tenant.id, {
key: "allgemein",
name: "Allgemeiner Chat",
type: "general",
})
console.log("✅ Bootstrap-Matrix-Kommunikation geprüft")
} catch (err) {
console.error("❌ Bootstrap-Matrix-Kommunikation fehlgeschlagen:", err)
throw err
}
}
} }

11
docker-compose.selfhost.yml
View File

@@ -91,6 +91,8 @@ services:
condition: service_healthy condition: service_healthy
createbuckets: createbuckets:
condition: service_completed_successfully condition: service_completed_successfully
matrix-synapse:
condition: service_healthy
environment: environment:
NODE_ENV: production NODE_ENV: production
FEDEO_RUN_MIGRATIONS: ${FEDEO_RUN_MIGRATIONS:-true} FEDEO_RUN_MIGRATIONS: ${FEDEO_RUN_MIGRATIONS:-true}
@@ -99,7 +101,7 @@ services:
COOKIE_SECRET: ${COOKIE_SECRET} COOKIE_SECRET: ${COOKIE_SECRET}
JWT_SECRET: ${JWT_SECRET} JWT_SECRET: ${JWT_SECRET}
ENCRYPTION_KEY: ${ENCRYPTION_KEY} ENCRYPTION_KEY: ${ENCRYPTION_KEY}
DATABASE_URL: ${DATABASE_URL} DATABASE_URL: ${DATABASE_URL:-postgres://${DB_USER}:${DB_PASSWORD}@db:5432/${DB_NAME}}
MAILER_SMTP_HOST: ${MAILER_SMTP_HOST} MAILER_SMTP_HOST: ${MAILER_SMTP_HOST}
MAILER_SMTP_PORT: ${MAILER_SMTP_PORT} MAILER_SMTP_PORT: ${MAILER_SMTP_PORT}
MAILER_SMTP_SSL: ${MAILER_SMTP_SSL} MAILER_SMTP_SSL: ${MAILER_SMTP_SSL}
@@ -134,6 +136,7 @@ services:
FEDEO_BOOTSTRAP_ADMIN_LAST_NAME: ${FEDEO_BOOTSTRAP_ADMIN_LAST_NAME:-Benutzer} FEDEO_BOOTSTRAP_ADMIN_LAST_NAME: ${FEDEO_BOOTSTRAP_ADMIN_LAST_NAME:-Benutzer}
FEDEO_BOOTSTRAP_TENANT_NAME: ${FEDEO_BOOTSTRAP_TENANT_NAME:-FEDEO} FEDEO_BOOTSTRAP_TENANT_NAME: ${FEDEO_BOOTSTRAP_TENANT_NAME:-FEDEO}
FEDEO_BOOTSTRAP_TENANT_SHORT: ${FEDEO_BOOTSTRAP_TENANT_SHORT:-FEDEO} FEDEO_BOOTSTRAP_TENANT_SHORT: ${FEDEO_BOOTSTRAP_TENANT_SHORT:-FEDEO}
FEDEO_BOOTSTRAP_MATRIX: ${FEDEO_BOOTSTRAP_MATRIX:-true}
MATRIX_HOMESERVER_URL: ${MATRIX_HOMESERVER_URL:-http://matrix-synapse:8008} MATRIX_HOMESERVER_URL: ${MATRIX_HOMESERVER_URL:-http://matrix-synapse:8008}
MATRIX_SERVER_NAME: ${MATRIX_SERVER_NAME:-${DOMAIN}} MATRIX_SERVER_NAME: ${MATRIX_SERVER_NAME:-${DOMAIN}}
MATRIX_RTC_HOST: ${MATRIX_RTC_HOST:-${DOMAIN}} MATRIX_RTC_HOST: ${MATRIX_RTC_HOST:-${DOMAIN}}
@@ -301,6 +304,12 @@ services:
exec /start.py exec /start.py
volumes: volumes:
- ./matrix/synapse:/data - ./matrix/synapse:/data
healthcheck:
test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://localhost:8008/_matrix/client/versions', timeout=2)\""]
interval: 10s
timeout: 5s
retries: 30
start_period: 20s
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.fedeo-matrix.rule=Host(`${DOMAIN}`) && PathPrefix(`/_matrix`) - traefik.http.routers.fedeo-matrix.rule=Host(`${DOMAIN}`) && PathPrefix(`/_matrix`)

3
scripts/selfhost-setup.sh
View File

@@ -370,6 +370,7 @@ FEDEO_BOOTSTRAP_ADMIN_FIRST_NAME=$(env_quote "$admin_first_name")
FEDEO_BOOTSTRAP_ADMIN_LAST_NAME=$(env_quote "$admin_last_name") FEDEO_BOOTSTRAP_ADMIN_LAST_NAME=$(env_quote "$admin_last_name")
FEDEO_BOOTSTRAP_TENANT_NAME=$(env_quote "$tenant_name") FEDEO_BOOTSTRAP_TENANT_NAME=$(env_quote "$tenant_name")
FEDEO_BOOTSTRAP_TENANT_SHORT=$(env_quote "$tenant_short") FEDEO_BOOTSTRAP_TENANT_SHORT=$(env_quote "$tenant_short")
FEDEO_BOOTSTRAP_MATRIX=$(env_quote "true")
MATRIX_SERVER_NAME=$(env_quote "$domain") MATRIX_SERVER_NAME=$(env_quote "$domain")
MATRIX_POSTGRES_DB=$(env_quote "synapse") MATRIX_POSTGRES_DB=$(env_quote "synapse")
@@ -506,7 +507,7 @@ main() {
echo "Secrets werden automatisch erzeugt." echo "Secrets werden automatisch erzeugt."
local db_password minio_password cookie_secret jwt_secret encryption_key m2m_key local db_password minio_password cookie_secret jwt_secret encryption_key m2m_key
local matrix_db_password matrix_turn_secret matrix_registration_secret livekit_secret local matrix_db_password matrix_turn_secret matrix_registration_secret livekit_secret
db_password="$(random_secret)" db_password="$(random_hex_secret)"
minio_password="$(random_secret)" minio_password="$(random_secret)"
cookie_secret="$(random_secret)" cookie_secret="$(random_secret)"
jwt_secret="$(random_secret)" jwt_secret="$(random_secret)"