Matrix Admin-Api-Calls through abra? #45

New Issue

lambdabundesverband · 2025-02-26T09:45:44Z

2025-02-26 09:45:44 +00:00

I thought of making it possible to make calls to the admin-api through abra.

They are already possible like this:

abra app run <APP_NAME> app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1/background_updates/start_job \
-H "Authorization: Bearer <<TOKEN>>" \
-H "Content-Type: application/json" \
-d '{
"job_name": "regenerate_directory"
}'

or more generalized

abra app run <APP_NAME> app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1<MATRIX_ENDPOINT> \
-X <METHOD> \
-H "Authorization: Bearer <ADMIN_TOKEN>" \
-H "Content-Type: application/json" \
-d '<PAYLOAD>'

My idea would it to realize it more or less like this

in abra.sh

admin_api_call() {
    abra app run $DOMAIN app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1/$1 \
    -X $2 \
    -H "Authorization: Bearer $(cat /run/secrets/admin_token)" \
    -H "Content-Type: application/json" \
    -d '$3'
}

(with some validations....)

so that in the end API-Calls would be possible like this, without worrying for Admin-Token, Hostname or curl-Syntax

abra cmd $DOMAIN app admin_api_call /background_updates/start_job POST '{ "job_name": "regenerate_directory" }'

and additionally we could easily make some more pre-defined commands for recurring admin tasks in the future.

Main questions:

what do you think of the idea in general?
how would i access the <CONTAINER_NAME> in the abra.sh-Script?
would you consider storing an admin-token as additional secret admin_token good idea?
3.1 if so, where would we get the admin-token from automatically?
is it possible to call one abra.sh function in another?

Thanks for discussions or ideas on any of the questions

I thought of making it possible to make calls to the admin-api through abra. They are already possible like this: ``` abra app run <APP_NAME> app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1/background_updates/start_job \ -H "Authorization: Bearer <<TOKEN>>" \ -H "Content-Type: application/json" \ -d '{ "job_name": "regenerate_directory" }' ``` or more generalized ``` abra app run <APP_NAME> app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1<MATRIX_ENDPOINT> \ -X <METHOD> \ -H "Authorization: Bearer <ADMIN_TOKEN>" \ -H "Content-Type: application/json" \ -d '<PAYLOAD>' ``` My idea would it to realize it more or less like this in `abra.sh` ``` admin_api_call() { abra app run $DOMAIN app curl http://<CONTAINER_NAME>:8008/\_synapse/admin/v1/$1 \ -X $2 \ -H "Authorization: Bearer $(cat /run/secrets/admin_token)" \ -H "Content-Type: application/json" \ -d '$3' } ``` (with some validations....) so that in the end API-Calls would be possible like this, without worrying for Admin-Token, Hostname or curl-Syntax `abra cmd $DOMAIN app admin_api_call /background_updates/start_job POST '{ "job_name": "regenerate_directory" }'` and additionally we could easily make some more pre-defined commands for recurring admin tasks in the future. **Main questions:** 1. what do you think of the idea in general? 2. how would i access the `<CONTAINER_NAME>` in the `abra.sh`-Script? 3. would you consider storing an admin-token as additional secret `admin_token` good idea? 3.1 if so, where would we get the admin-token from automatically? 4. is it possible to call one `abra.sh` function in another? Thanks for discussions or ideas on any of the questions

3wordchant commented

2025-03-21 09:28:44 +00:00

what do you think of the idea in general?

Seems great!

how would i access the <CONTAINER_NAME> in the abra.sh-Script?

I think $STACK_NAME_app should do it.

would you consider storing an admin-token as additional secret admin_token good idea?

Good question. I think "yes", although I wonder how the initial set-up would work – I guess this token wouldn't be available until the account is created, and I don't know if it's possible to pre-initialise one. Maybe we can look at how synadmin is generating admin users & tokens? https://codeberg.org/ahab/synadm#getting-an-admin-token

is it possible to call one abra.sh function in another?

Yes, abra.sh functions are bash functions, so they should be callable from each other as normal; e.g. we're using this functionality in the hometown recipe: https://git.coopcloud.tech/coop-cloud/hometown/src/branch/main/abra.sh#L39

> 1. what do you think of the idea in general? Seems great! > 2. how would i access the <CONTAINER_NAME> in the abra.sh-Script? I think `$STACK_NAME_app` should do it. > 3. would you consider storing an admin-token as additional secret admin_token good idea? Good question. I think "yes", although I wonder how the initial set-up would work – I guess this token wouldn't be available until the account is created, and I don't know if it's possible to pre-initialise one. Maybe we can look at how `synadmin` is generating admin users & tokens? https://codeberg.org/ahab/synadm#getting-an-admin-token > 4. is it possible to call one abra.sh function in another? Yes, `abra.sh` functions are bash functions, so they should be callable from each other as normal; e.g. we're using this functionality in the `hometown` recipe: https://git.coopcloud.tech/coop-cloud/hometown/src/branch/main/abra.sh#L39

Sign in to join this conversation.

2 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/matrix-synapse#45