Merge pull request #1709 from kyrias/bind_addresses

Add support for specifying multiple bind addresses
This commit is contained in:
Matthew Hodgson 2016-12-19 23:49:34 +00:00 committed by GitHub
commit da2c8f3c94
10 changed files with 304 additions and 176 deletions

View File

@ -658,7 +658,7 @@ configuration might look like::
} }
} }
You will also want to set ``bind_address: 127.0.0.1`` and ``x_forwarded: true`` You will also want to set ``bind_addresses: ['127.0.0.1']`` and ``x_forwarded: true``
for port 8008 in ``homeserver.yaml`` to ensure that client IP addresses are for port 8008 in ``homeserver.yaml`` to ensure that client IP addresses are
recorded correctly. recorded correctly.

View File

@ -76,7 +76,8 @@ class AppserviceServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -85,16 +86,22 @@ class AppserviceServer(HomeServer):
resources[METRICS_PREFIX] = MetricsResource(self) resources[METRICS_PREFIX] = MetricsResource(self)
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse appservice now listening on port %d", port) logger.info("Synapse appservice now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -102,15 +109,22 @@ class AppserviceServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -90,7 +90,8 @@ class ClientReaderServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -108,16 +109,22 @@ class ClientReaderServer(HomeServer):
}) })
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse client reader now listening on port %d", port) logger.info("Synapse client reader now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -125,15 +132,22 @@ class ClientReaderServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -86,7 +86,8 @@ class FederationReaderServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -99,16 +100,22 @@ class FederationReaderServer(HomeServer):
}) })
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse federation reader now listening on port %d", port) logger.info("Synapse federation reader now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -116,15 +123,22 @@ class FederationReaderServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -82,7 +82,8 @@ class FederationSenderServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -91,16 +92,22 @@ class FederationSenderServer(HomeServer):
resources[METRICS_PREFIX] = MetricsResource(self) resources[METRICS_PREFIX] = MetricsResource(self)
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse federation_sender now listening on port %d", port) logger.info("Synapse federation_sender now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -108,15 +115,22 @@ class FederationSenderServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -107,7 +107,8 @@ def build_resource_for_web_client(hs):
class SynapseHomeServer(HomeServer): class SynapseHomeServer(HomeServer):
def _listener_http(self, config, listener_config): def _listener_http(self, config, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
tls = listener_config.get("tls", False) tls = listener_config.get("tls", False)
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
@ -173,29 +174,35 @@ class SynapseHomeServer(HomeServer):
root_resource = Resource() root_resource = Resource()
root_resource = create_resource_tree(resources, root_resource) root_resource = create_resource_tree(resources, root_resource)
if bind_address:
bind_addresses.append(bind_address)
if tls: if tls:
reactor.listenSSL( for address in bind_addresses:
port, reactor.listenSSL(
SynapseSite( port,
"synapse.access.https.%s" % (site_tag,), SynapseSite(
site_tag, "synapse.access.https.%s" % (site_tag,),
listener_config, site_tag,
root_resource, listener_config,
), root_resource,
self.tls_server_context_factory, ),
interface=bind_address self.tls_server_context_factory,
) interface=address
)
else: else:
reactor.listenTCP( for address in bind_addresses:
port, reactor.listenTCP(
SynapseSite( port,
"synapse.access.http.%s" % (site_tag,), SynapseSite(
site_tag, "synapse.access.http.%s" % (site_tag,),
listener_config, site_tag,
root_resource, listener_config,
), root_resource,
interface=bind_address ),
) interface=address
)
logger.info("Synapse now listening on port %d", port) logger.info("Synapse now listening on port %d", port)
def start_listening(self): def start_listening(self):
@ -205,15 +212,22 @@ class SynapseHomeServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listener_http(config, listener) self._listener_http(config, listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -87,7 +87,8 @@ class MediaRepositoryServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -105,16 +106,22 @@ class MediaRepositoryServer(HomeServer):
}) })
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse media repository now listening on port %d", port) logger.info("Synapse media repository now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -122,15 +129,22 @@ class MediaRepositoryServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -121,7 +121,8 @@ class PusherServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -130,16 +131,33 @@ class PusherServer(HomeServer):
resources[METRICS_PREFIX] = MetricsResource(self) resources[METRICS_PREFIX] = MetricsResource(self)
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
else:
reactor.listenTCP(
port,
SynapseSite(
"synapse.access.http.%s" % (site_tag,),
site_tag,
listener_config,
root_resource,
),
interface=bind_address
)
logger.info("Synapse pusher now listening on port %d", port) logger.info("Synapse pusher now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -147,15 +165,22 @@ class PusherServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -289,7 +289,8 @@ class SynchrotronServer(HomeServer):
def _listen_http(self, listener_config): def _listen_http(self, listener_config):
port = listener_config["port"] port = listener_config["port"]
bind_address = listener_config.get("bind_address", "") bind_address = listener_config.get("bind_address", None)
bind_addresses = listener_config.get("bind_addresses", [])
site_tag = listener_config.get("tag", port) site_tag = listener_config.get("tag", port)
resources = {} resources = {}
for res in listener_config["resources"]: for res in listener_config["resources"]:
@ -310,16 +311,22 @@ class SynchrotronServer(HomeServer):
}) })
root_resource = create_resource_tree(resources, Resource()) root_resource = create_resource_tree(resources, Resource())
reactor.listenTCP(
port, if bind_address:
SynapseSite( bind_addresses.append(bind_address)
"synapse.access.http.%s" % (site_tag,),
site_tag, for address in bind_addresses:
listener_config, reactor.listenTCP(
root_resource, port,
), SynapseSite(
interface=bind_address "synapse.access.http.%s" % (site_tag,),
) site_tag,
listener_config,
root_resource,
),
interface=address
)
logger.info("Synapse synchrotron now listening on port %d", port) logger.info("Synapse synchrotron now listening on port %d", port)
def start_listening(self, listeners): def start_listening(self, listeners):
@ -327,15 +334,22 @@ class SynchrotronServer(HomeServer):
if listener["type"] == "http": if listener["type"] == "http":
self._listen_http(listener) self._listen_http(listener)
elif listener["type"] == "manhole": elif listener["type"] == "manhole":
reactor.listenTCP( bind_address = listener.get("bind_address", None)
listener["port"], bind_addresses = listener.get("bind_addresses", [])
manhole(
username="matrix", if bind_address:
password="rabbithole", bind_addresses.append(bind_address)
globals={"hs": self},
), for address in bind_addresses:
interface=listener.get("bind_address", '127.0.0.1') reactor.listenTCP(
) listener["port"],
manhole(
username="matrix",
password="rabbithole",
globals={"hs": self},
),
interface=address
)
else: else:
logger.warn("Unrecognized listener type: %s", listener["type"]) logger.warn("Unrecognized listener type: %s", listener["type"])

View File

@ -155,9 +155,14 @@ class ServerConfig(Config):
# The port to listen for HTTPS requests on. # The port to listen for HTTPS requests on.
port: %(bind_port)s port: %(bind_port)s
# Local interface to listen on. # Local addresses to listen on.
# The empty string will cause synapse to listen on all interfaces. # This will listen on all IPv4 addresses by default.
bind_address: '' bind_addresses:
- '0.0.0.0'
# Uncomment to listen on all IPv6 interfaces
# N.B: On at least Linux this will also listen on all IPv4
# addresses, so you will need to comment out the line above.
# - '::'
# This is a 'http' listener, allows us to specify 'resources'. # This is a 'http' listener, allows us to specify 'resources'.
type: http type: http
@ -188,7 +193,7 @@ class ServerConfig(Config):
# For when matrix traffic passes through loadbalancer that unwraps TLS. # For when matrix traffic passes through loadbalancer that unwraps TLS.
- port: %(unsecure_port)s - port: %(unsecure_port)s
tls: false tls: false
bind_address: '' bind_addresses: ['0.0.0.0']
type: http type: http
x_forwarded: false x_forwarded: false