Commit Graph

268 Commits

Author SHA1 Message Date
Erik Johnston b201149c7e
Merge pull request #4420 from matrix-org/jaywink/openid-listener
New listener resource for the federation API "openid/userinfo" endpoint
2019-02-11 09:44:00 +00:00
Travis Ralston 6901ac7e9d
Don't recommend :8448 to people on public_baseurl 2019-01-28 12:15:22 -07:00
Neil Johnson 10b89d5c2e
Merge pull request #4435 from matrix-org/neilj/fix_threepid_auth_check
Neilj/fix threepid auth check
2019-01-24 13:02:50 +00:00
David Baker 92d8a068ad Clarify docs for public_baseurl
This is leading to problems with people upgrading to clients that
support MSC1730 because people have this misconfigured, so try
to make the docs completely unambiguous.
2019-01-24 10:52:06 +00:00
Jason Robinson 6f680241bd Fix flake8 issues
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:53:48 +02:00
Jason Robinson 0516dc4d85 Remove openid resource from default config
Instead document it commented out.

Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:32:41 +02:00
Jason Robinson 82e13662c0 Split federation OpenID userinfo endpoint out of the federation resource
This allows the OpenID userinfo endpoint to be active even if the
federation resource is not active. The OpenID userinfo endpoint
is called by integration managers to verify user actions using the
client API OpenID access token. Without this verification, the
integration manager cannot know that the access token is valid.

The OpenID userinfo endpoint will be loaded in the case that either
"federation" or "openid" resource is defined. The new "openid"
resource is defaulted to active in default configuration.

Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:32:41 +02:00
Neil Johnson c99c2d58d7 move guard out of is_threepid_reserved and into register.py 2019-01-22 17:47:00 +00:00
Neil Johnson d619b113ed Fix None guard in config.server.is_threepid_reserved 2019-01-22 16:52:29 +00:00
Richard van der Hoff b7c0218812
Check jinja version for consent resource (#4327)
* Raise a ConfigError if an invalid resource is specified

* Require Jinja 2.9 for the consent resource

* changelog
2019-01-07 10:14:31 +00:00
Richard van der Hoff 9c2af7b2c5 Add a script to generate a clean config file (#4315) 2018-12-22 02:04:57 +11:00
Richard van der Hoff f3561f8d86 Fix indentation in default config (#4313)
These settings are not supposed to be under 'listeners'.
2018-12-22 02:01:43 +11:00
Richard van der Hoff df96177ca7 Stop installing Matrix Console by default
This is based on the work done by @krombel in #2601.
2018-12-11 13:20:33 +00:00
Travis Ralston 158ffb92f1 Add an option to disable search for homeservers which may not be interested in it (#4230)
This is useful for homeservers not intended for users, such as bot-only homeservers or ones that only process IoT data.
2018-12-04 12:01:02 +01:00
Travis Ralston 835779f7fb Add option to track MAU stats (but not limit people) (#3830) 2018-11-15 18:08:27 +00:00
Neil Johnson 0b01281e77 move threepid checker to config, add missing yields 2018-08-31 17:11:11 +01:00
Erik Johnston 05077e06fa Change admin_uri to admin_contact in config and errors 2018-08-24 16:51:27 +01:00
Erik Johnston cd77270a66 Implement trail users 2018-08-23 19:17:19 +01:00
Amber Brown c334ca67bb
Integrate presence from hotfixes (#3694) 2018-08-18 01:08:45 +10:00
Neil Johnson 0195dfbf52 server limits config docs 2018-08-17 13:58:25 +01:00
Neil Johnson 13ad9930c8 add new error type ResourceLimit 2018-08-16 18:02:02 +01:00
Neil Johnson 55afba0fc5 update admin email to uri 2018-08-15 11:41:18 +01:00
Neil Johnson ab035bdeac replace admin_email with admin_uri for greater flexibility 2018-08-15 10:16:41 +01:00
Neil Johnson f4b49152e2 support admin_email config and pass through into blocking errors, return AuthError in all cases 2018-08-13 21:09:47 +01:00
Neil Johnson ce7de9ae6b Revert "support admin_email config and pass through into blocking errors, return AuthError in all cases"
This reverts commit 0d43f991a1.
2018-08-13 18:06:18 +01:00
Neil Johnson 0d43f991a1 support admin_email config and pass through into blocking errors, return AuthError in all cases 2018-08-13 18:00:23 +01:00
Neil Johnson d2f3ef98ac
Merge branch 'develop' into neilj/disable_hs 2018-08-08 15:55:47 +00:00
Neil Johnson e8eba2b4e3 implement reserved users for mau limits 2018-08-07 17:49:43 +01:00
Neil Johnson 7daa8a78c5 load mau limit threepids 2018-08-06 22:55:05 +01:00
Neil Johnson 42c6823827 disable HS from config 2018-08-04 22:07:04 +01:00
Neil Johnson 5593ff6773 fix (lots of) py3 test failures 2018-08-03 14:59:17 +01:00
Richard van der Hoff 704c3e6239 Merge branch 'master' into develop 2018-08-02 15:43:30 +01:00
Neil Johnson 2c54f1c225 remove need to plot limit_usage_by_mau 2018-08-01 11:46:59 +01:00
Neil Johnson df2235e7fa coding style 2018-07-31 13:16:20 +01:00
Neil Johnson 251e6c1210 limit register and sign in on number of monthly users 2018-07-30 15:55:57 +01:00
Richard van der Hoff 5f3658baf5
Merge pull request #3377 from Valodim/note-affinity
document that the affinity package is required for the cpu_affinity setting
2018-07-19 14:35:06 +01:00
Amber Brown 49af402019 run isort 2018-07-09 16:09:20 +10:00
Richard van der Hoff 546bc9e28b More server_name validation
We need to do a bit more validation when we get a server name, but don't want
to be re-doing it all over the shop, so factor out a separate
parse_and_validate_server_name, and do the extra validation.

Also, use it to verify the server name in the config file.
2018-07-04 18:59:51 +01:00
Vincent Breitmoser b800834351 add note that the affinity package is required for the cpu_affinity setting 2018-06-09 22:50:29 +02:00
Amber Brown febe0ec8fd
Run Prometheus on a different port, optionally. (#3274) 2018-05-31 19:04:50 +10:00
Matthew Hodgson ab9f844aaf
Add federation_domain_whitelist option (#2820)
Add federation_domain_whitelist

gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
2018-01-22 19:11:18 +01:00
Silke Hofstra 37d1a90025 Allow binds to both :: and 0.0.0.0
Binding on 0.0.0.0 when :: is specified in the bind_addresses is now allowed.
This causes a warning explaining the behaviour.
Configuration changed to match.

See #2232

Signed-off-by: Silke Hofstra <silke@slxh.eu>
2017-12-17 13:10:31 +01:00
Willem Mulder 3e59143ba8 Adapt the default config to bind on IPv6.
Most deployments are on Linux (or Mac OS), so this would actually bind
on both IPv4 and IPv6.

Resolves #1886.

Signed-off-by: Willem Mulder <willemmaster@hotmail.com>
2017-12-17 13:07:37 +01:00
Richard van der Hoff 68ca864141 Add config option to disable media_repo on main synapse
... to stop us doing the cache cleanup jobs on the master.
2017-11-22 16:20:27 +00:00
Richard van der Hoff fcdfc911ee Add a hook for custom rest endpoints
Let the user specify custom modules which can be used for implementing extra
endpoints.
2017-11-02 14:36:55 +00:00
Richard van der Hoff eaaabc6c4f replace 'except:' with 'except Exception:'
what could possibly go wrong
2017-10-23 15:52:32 +01:00
Richard van der Hoff aa620d09a0 Add a config option to block all room invites (#2457)
- allows sysadmins the ability to lock down their servers so that people can't
send their users room invites.
2017-09-19 16:08:14 +01:00
Richard van der Hoff d2352347cf Fix process startup
escape the % that got added in 92168cb so that the process starts up ok.
2017-08-16 14:57:35 +01:00
Matthew Hodgson 92168cbbc5 explain why CPU affinity is a good idea 2017-08-15 18:27:42 +01:00
Richard van der Hoff 10d8b701a1 Allow configuration of CPU affinity
Make it possible to set the CPU affinity in the config file, so that we don't
need to remember to do it manually every time.
2017-08-15 17:08:28 +01:00
Erik Johnston 6aa5bc8635 Initial worker impl 2017-06-16 11:47:11 +01:00
Pablo Saavedra 9da4316ca5 Configurable maximum number of events requested by /sync and /messages (#2220)
Set the limit on the returned events in the timeline in the get and sync
operations. The default value is -1, means no upper limit.

For example, using `filter_timeline_limit: 5000`:

POST /_matrix/client/r0/user/user:id/filter
{
room: {
    timeline: {
      limit: 1000000000000000000
    }
}
}

GET /_matrix/client/r0/user/user:id/filter/filter:id

{
room: {
    timeline: {
      limit: 5000
    }
}
}

The server cuts down the room.timeline.limit.
2017-05-13 18:17:54 +02:00
Matthew Wolff 8e780b113d
web_server_root documentation fix
Signed-off-by: Matthew Wolff <matthewjwolff@gmail.com>
2017-04-17 00:49:11 -05:00
Erik Johnston b1dfd20292 Pop bind_address 2017-01-10 17:23:18 +00:00
Erik Johnston edd6cdfc9a Restore default bind address 2017-01-10 17:21:41 +00:00
Johannes Löthberg f5cd5ebd7b Add IPv6 comment to default config
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 23:14:32 +01:00
Johannes Löthberg c95e9fff99 Make default homeserver config use bind_addresses
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 21:51:56 +01:00
Erik Johnston ed787cf09e Hook up the send queue and create a federation sender worker 2016-11-16 17:34:44 +00:00
Erik Johnston 4131381123 Remove support for aggregate room lists 2016-09-15 09:28:15 +01:00
Matthew Hodgson 63bb8f0df9 remove vector.im from default secondary DS list 2016-06-27 13:13:33 +04:00
Mark Haines 13e334506c Remove the legacy v0 content upload API.
The existing content can still be downloaded. The last upload to the
matrix.org server was in January 2015, so it is probably safe to remove
the upload API.
2016-06-21 11:47:39 +01:00
Erik Johnston 3e41de05cc Turn use_frozen_events off by default 2016-06-17 15:11:22 +01:00
Mark Haines 885ee861f7 Inline the synchrotron and pusher configs into the main config 2016-06-16 11:06:12 +01:00
Erik Johnston dded389ac1 Allow setting of gc.set_thresholds 2016-06-07 15:45:56 +01:00
David Baker 6ca4d3ae9a Add vector.im to default secondary_directory_servers and add comment explaining it's not a permanent solution 2016-05-31 17:24:50 +01:00
David Baker e1625d62a8 Add federation room list servlet 2016-05-31 11:55:57 +01:00
David Baker 4b0c3a3270 Correct public_baseurl default 2016-04-29 14:30:15 +01:00
David Baker acded821c4 Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs 2016-04-29 10:05:20 +01:00
David Baker fa12209c1b Hopefully all remaining bits for email notifs
Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails
2016-04-27 15:09:55 +01:00
Mark Haines a3ac837599 Optionally split out the pushers into a separate process 2016-04-21 17:22:37 +01:00
Erik Johnston 5727922106 Merge pull request #473 from matrix-org/erikj/ssh_manhole
Change manhole to use ssh
2016-01-07 14:36:16 +00:00
Erik Johnston 5dc5e29b9c s/telnet/ssh/ 2016-01-07 14:02:57 +00:00
Matthew Hodgson 6c28ac260c copyrights 2016-01-07 04:26:29 +00:00
Mads R. Christensen 6863466653 Added a single line to explain what the server_name is used for 2015-12-02 00:37:55 +01:00
Daniel Wagner-Hall b28c7da0a4 Preserve version string in user agent 2015-10-05 20:49:39 -05:00
Daniel Wagner-Hall 8fc52bc56a Allow synapse's useragent to be customized
This will allow me to write tests which verify which server made HTTP
requests in a federation context.
2015-10-02 17:13:51 -05:00
Daniel Wagner-Hall 7213588083 Implement configurable stats reporting
SYN-287

This requires that HS owners either opt in or out of stats reporting.

When --generate-config is passed, --report-stats must be specified
If an already-generated config is used, and doesn't have the
report_stats key, it is requested to be set.
2015-09-22 12:57:40 +01:00
Erik Johnston 86cef6a91b Allow specifying a directory to host a web client from 2015-08-25 12:01:23 +01:00
Paul "LeoNerd" Evans efe60d5e8c Only print the pidfile path on startup if requested by a commandline flag 2015-08-07 16:36:42 +01:00
Erik Johnston 9d0326baa6 Remove redundant newline 2015-06-15 11:27:29 +01:00
Erik Johnston 186f61a3ac Document listener config. Remove deprecated config options 2015-06-15 11:25:53 +01:00
Erik Johnston a005b7269a Add backwards compat support for metrics, manhole and webclient config options 2015-06-12 17:44:23 +01:00
Erik Johnston 9c5fc81c2d Correctly handle x_forwaded listener option 2015-06-12 17:13:23 +01:00
Erik Johnston fd2c07bfed Use config.listeners 2015-06-12 15:33:07 +01:00
Erik Johnston f7f07dc517 Begin changing the config format 2015-06-11 15:48:52 +01:00
Erik Johnston 522f285f9b Add config option to disable compression of http responses 2015-06-01 13:36:30 +01:00
Erik Johnston a7b65bdedf Add config option to turn off freezing events. Use new encode_json api and ujson.loads 2015-05-29 12:17:33 +01:00
Mark Haines 3bcdf3664c Use the daemonize key from the config if it exists 2015-05-01 14:34:55 +01:00
Mark Haines 50c87b8eed Allow "manhole" to be ommited from the config 2015-04-30 18:11:47 +01:00
Mark Haines 345995fcde Remove the ~, comment the lines instead 2015-04-30 18:10:19 +01:00
Mark Haines d624e2a638 Manually generate the default config yaml, remove most of the commandline arguments for synapse anticipating that people will use the yaml instead. Simpify implementing config options by not requiring the classes to hit the super class 2015-04-30 04:24:44 +01:00
Mark Haines c8c710eca7 Move the key related config parser into a separate file 2015-04-24 10:22:22 +01:00
Mark Haines 149ed9f151 Better help for the old-signing-key option 2015-04-24 10:07:55 +01:00
Mark Haines f30d47c876 Implement remote key lookup api 2015-04-22 14:21:08 +01:00
Mark Haines d488463fa3 Add a version 2 of the key server api 2015-04-14 16:04:52 +01:00
David Baker 7564dac8cb Wire up the webclient option
It existed but was hardcoded to True.
Give it an underscore for consistency.
Also don't pull in syweb unless we're actually using the web client.
2015-03-17 12:45:37 +01:00
Erik Johnston 3ce8540484 Don't look for an TLS private key if we have set --no-tls 2015-03-06 11:34:06 +00:00
Erik Johnston 7c56210f20 By default set soft limit to hard limit 2015-02-20 16:09:44 +00:00
Erik Johnston c3eb7dd9c5 Add config option to set the soft fd limit on start 2015-02-19 11:50:49 +00:00
Erik Johnston 379a653ae3 Add better help message for --server-name config option. 2015-01-08 14:32:53 +00:00
Mark Haines adb04b1e57 Update copyright notices 2015-01-06 13:21:39 +00:00
Mark Haines 7993e3d10d SYN-187: Set a more sensible default for the content_addr 2014-12-02 17:20:02 +00:00
Erik Johnston af7ae048f8 Add option to not bind to HTTPS port. This is useful if running behind an ssl load balancer 2014-11-03 15:06:40 +00:00
Mark Haines 7d709542ca Fix pep8 warnings 2014-10-30 11:10:17 +00:00
Mark Haines d56e389a95 Fix pyflakes warnings 2014-10-27 10:33:17 +00:00
Mark Haines 9c0826592c Fix auto generating signing_keys 2014-10-18 16:56:44 +01:00
Mark Haines c6a8e7d9b9 Read signing keys using methods from syutil. convert keys that are in the wrong format 2014-09-23 18:43:34 +01:00
Paul "LeoNerd" Evans 4081413876 Default PID file should be 'homeserver.pid' to match the other 'homeserver.*' naming convention 2014-09-03 17:34:07 +01:00
Matthew Hodgson 8a7c1d6a00 fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org hasn't been incorporated in time for launch. 2014-09-03 17:31:57 +01:00
Erik Johnston bc21350298 Add option to change content repo location 2014-09-03 11:57:23 +01:00
Mark Haines cf890e9d43 Remove option for disabling webclient because it was confusing 2014-09-02 11:09:41 +01:00
Erik Johnston 08d2f902dd Default HTTP and HTTPS ports to 8008 and 8448 2014-09-02 10:58:33 +01:00
Mark Haines d45f89c95b More helpful error messages for missing config 2014-09-02 10:49:11 +01:00
Mark Haines 399e004884 Add unsecure listener port to homeserver 2014-09-01 22:38:52 +01:00
Matthew Hodgson 61e28cdb6f specify metavars in argparse 2014-09-01 22:11:08 +01:00
Mark Haines ef6a8e4f32 Listen using SSL 2014-09-01 16:30:43 +01:00
Mark Haines 9ea1de432d Fix homeserver config parsing 2014-09-01 15:51:15 +01:00
Mark Haines d9ebe531ed Add config tree to synapse. Add support for reading config from a file 2014-08-31 16:06:39 +01:00