Start to build backend base

README.md

@@ -6,10 +6,9 @@ Project that expose a simple API to make use of Matrix API. It acts as a Matrix
 **Known limitations**:
 
 - Supports only a limited subset of Matrix API
-- Does not support E2E encryption
 - Does not support spaces
 
-Project written in Rust. Releases are published on Docker Hub.
+Project written in Rust and TypeScript. Releases are published on Docker Hub.
 
 ## Docker image options
 ```bash
@@ -17,7 +16,10 @@ docker run --rm -it docker.io/pierre42100/matrix_gateway --help
 ```
 
 ## Setup dev environment
+
+### Dependencies
 ```
+cd matrixgw_backend
 mkdir -p storage/maspostgres storage/synapse storage/minio
 docker compose up
 ```
@@ -42,3 +44,15 @@ Auto-created Matrix accounts:
 
 Minio administration credentials: `minioadmin` : `minioadmin`
 
+### Backend
+```bash
+cd matrixgw_backend
+cargo fmt && cargo clippy && cargo run --
+```
+
+### Frontend
+```bash
+cd matrixgw_frontend
+npm install
+npm run dev
+```

matrixgw_backend/Cargo.toml

@@ -4,3 +4,13 @@ version = "0.1.0"
 edition = "2024"
 
 [dependencies]
+env_logger = "0.11.8"
+log = "0.4.28"
+clap = { version = "4.5.51", features = ["derive", "env"] }
+lazy_static = "1.5.0"
+anyhow = "1.0.100"
+serde = { version = "1.0.228", features = ["derive"] }
+rust-s3 = { version = "0.37.0", features = ["tokio"] }
+tokio = { version = "1.48.0", features = ["full"] }
+actix-web = "4.11.0"
+actix-session = { version = "0.11.0", features = ["redis-session"] }

matrixgw_backend/docker-compose.yml

@@ -80,10 +80,18 @@ services:
   element:
     image: docker.io/vectorim/element-web
     ports:
-      - 8080:80/tcp
+      - "8080:80/tcp"
     volumes:
       - ./docker/element/config.json:/app/config.json:ro
 
+  oidc:
+    image: dexidp/dex
+    ports:
+      - "9001:9001"
+    volumes:
+      - ./docker/dex:/conf:ro
+    command: [ "dex", "serve", "/conf/dex.config.yaml" ]
+
   minio:
     image: quay.io/minio/minio
     command: minio server --console-address ":9002" /data
@@ -101,7 +109,7 @@ services:
     image: redis:alpine
     command: redis-server --requirepass ${REDIS_PASS:-secretredis}
     ports:
-      - 6379:6379
+      - "6379:6379"
     volumes:
       - ./storage/redis-data:/data
       - ./storage/redis-conf:/usr/local/etc/redis/redis.conf

matrixgw_backend/docker/dex/dex.config.yaml

@@ -0,0 +1,26 @@
+issuer: http://127.0.0.1:9001/dex
+
+storage:
+  type: memory
+
+web:
+  http: 0.0.0.0:9001
+
+oauth2:
+  # Automate some clicking
+  # Note: this might actually make some tests pass that otherwise wouldn't.
+  skipApprovalScreen: false
+
+connectors:
+  # Note: this might actually make some tests pass that otherwise wouldn't.
+  - type: mockCallback
+    id: mock
+    name: Example
+
+# Basic OP test suite requires two clients.
+staticClients:
+  - id: foo
+    secret: bar
+    redirectURIs:
+      - http://localhost:8000/oidc_cb
+    name: Project

matrixgw_backend/src/app_config.rs

@@ -0,0 +1,187 @@
+use clap::Parser;
+use s3::creds::Credentials;
+use s3::{Bucket, Region};
+
+/// Matrix gateway backend API
+#[derive(Parser, Debug, Clone)]
+#[clap(author, version, about, long_about = None)]
+pub struct AppConfig {
+    /// Listen address
+    #[clap(short, long, env, default_value = "0.0.0.0:8000")]
+    pub listen_address: String,
+
+    /// Website origin
+    #[clap(short, long, env, default_value = "http://localhost:8000")]
+    pub website_origin: String,
+
+    /// Proxy IP, might end with a star "*"
+    #[clap(short, long, env)]
+    pub proxy_ip: Option<String>,
+
+    /// Secret key, used to secure some resources. Must be randomly generated
+    #[clap(short = 'S', long, env, default_value = "")]
+    secret: String,
+
+    /// Matrix homeserver origin
+    #[clap(short, long, env, default_value = "http://127.0.0.1:8448")]
+    pub matrix_homeserver: String,
+
+    /// Redis connection hostname
+    #[clap(long, env, default_value = "localhost")]
+    redis_hostname: String,
+
+    /// Redis connection port
+    #[clap(long, env, default_value_t = 6379)]
+    redis_port: u16,
+
+    /// Redis database number
+    #[clap(long, env, default_value_t = 0)]
+    redis_db_number: i64,
+
+    /// Redis username
+    #[clap(long, env)]
+    redis_username: Option<String>,
+
+    /// Redis password
+    #[clap(long, env, default_value = "secretredis")]
+    redis_password: String,
+
+    /// URL where the OpenID configuration can be found
+    #[arg(
+        long,
+        env,
+        default_value = "http://localhost:9001/dex/.well-known/openid-configuration"
+    )]
+    pub oidc_configuration_url: String,
+
+    /// OpenID client ID
+    #[arg(long, env, default_value = "foo")]
+    pub oidc_client_id: String,
+
+    /// OpenID client secret
+    #[arg(long, env, default_value = "bar")]
+    pub oidc_client_secret: String,
+
+    /// OpenID login redirect URL
+    #[arg(long, env, default_value = "APP_ORIGIN/oidc_cb")]
+    oidc_redirect_url: String,
+
+    /// S3 Bucket name
+    #[arg(long, env, default_value = "matrix-gw")]
+    s3_bucket_name: String,
+
+    /// S3 region (if not using Minio)
+    #[arg(long, env, default_value = "eu-central-1")]
+    s3_region: String,
+
+    /// S3 API endpoint
+    #[arg(long, env, default_value = "http://localhost:9000")]
+    s3_endpoint: String,
+
+    /// S3 access key
+    #[arg(long, env, default_value = "minioadmin")]
+    s3_access_key: String,
+
+    /// S3 secret key
+    #[arg(long, env, default_value = "minioadmin")]
+    s3_secret_key: String,
+
+    /// S3 skip auto create bucket if not existing
+    #[arg(long, env)]
+    pub s3_skip_auto_create_bucket: bool,
+}
+
+lazy_static::lazy_static! {
+    static ref ARGS: AppConfig = {
+        AppConfig::parse()
+    };
+}
+
+impl AppConfig {
+    /// Get parsed command line arguments
+    pub fn get() -> &'static AppConfig {
+        &ARGS
+    }
+
+    /// Get app secret
+    pub fn secret(&self) -> &str {
+        let mut secret = self.secret.as_str();
+
+        if cfg!(debug_assertions) && secret.is_empty() {
+            secret = "DEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEY";
+        }
+
+        if secret.is_empty() {
+            panic!("SECRET is undefined or too short (min 64 chars)!")
+        }
+
+        secret
+    }
+
+    /// Get Redis connection configuration
+    pub fn redis_connection_string(&self) -> String {
+        format!(
+            "redis://{}:{}@{}:{}/{}",
+            self.redis_username.as_deref().unwrap_or(""),
+            self.redis_password,
+            self.redis_hostname,
+            self.redis_port,
+            self.redis_db_number
+        )
+    }
+
+    /// Get OpenID providers configuration
+    pub fn openid_provider(&self) -> OIDCProvider<'_> {
+        OIDCProvider {
+            client_id: self.oidc_client_id.as_str(),
+            client_secret: self.oidc_client_secret.as_str(),
+            configuration_url: self.oidc_configuration_url.as_str(),
+            redirect_url: self
+                .oidc_redirect_url
+                .replace("APP_ORIGIN", &self.website_origin),
+        }
+    }
+
+    /// Get s3 bucket credentials
+    pub fn s3_credentials(&self) -> anyhow::Result<Credentials> {
+        Ok(Credentials::new(
+            Some(&self.s3_access_key),
+            Some(&self.s3_secret_key),
+            None,
+            None,
+            None,
+        )?)
+    }
+
+    /// Get S3 bucket
+    pub fn s3_bucket(&self) -> anyhow::Result<Box<Bucket>> {
+        Ok(Bucket::new(
+            &self.s3_bucket_name,
+            Region::Custom {
+                region: self.s3_region.to_string(),
+                endpoint: self.s3_endpoint.to_string(),
+            },
+            self.s3_credentials()?,
+        )?
+        .with_path_style())
+    }
+}
+
+#[derive(Debug, Clone, serde::Serialize)]
+pub struct OIDCProvider<'a> {
+    pub client_id: &'a str,
+    pub client_secret: &'a str,
+    pub configuration_url: &'a str,
+    pub redirect_url: String,
+}
+
+#[cfg(test)]
+mod test {
+    use crate::app_config::AppConfig;
+
+    #[test]
+    fn verify_cli() {
+        use clap::CommandFactory;
+        AppConfig::command().debug_assert()
+    }
+}

matrixgw_backend/src/lib.rs

@@ -0,0 +1 @@
+pub mod app_config;

matrixgw_backend/src/main.rs

@@ -1,3 +1,27 @@
-fn main() {
+use actix_session::storage::RedisSessionStore;
-    println!("Hello, world!");
+use actix_web::cookie::Key;
+use actix_web::{App, HttpServer};
+use matrixgw_backend::app_config::AppConfig;
+
+#[tokio::main]
+async fn main() -> std::io::Result<()> {
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or("info"));
+
+    let secret_key = Key::from(AppConfig::get().secret().as_bytes());
+
+    let redis_store = RedisSessionStore::new(AppConfig::get().redis_connection_string())
+        .await
+        .expect("Failed to connect to Redis!");
+
+    log::info!(
+        "Starting to listen on {} for {}",
+        AppConfig::get().listen_address,
+        AppConfig::get().website_origin
+    );
+
+    HttpServer::new(move || App::new())
+        .workers(4)
+        .bind(&AppConfig::get().listen_address)?
+        .run()
+        .await
 }