Erik Johnston
bee1982d17
Synapse 1.7.0 (2019-12-13)
...
==========================
This release changes the default settings so that only local authenticated users can query the server's room directory. See the [upgrade notes](UPGRADE.rst#upgrading-to-v170) for details.
Support for SQLite versions before 3.11 is now deprecated. A future release will refuse to start if used with an SQLite version before 3.11.
Administrators are reminded that SQLite should not be used for production instances. Instructions for migrating to Postgres are available [here](docs/postgres.md). A future release of synapse will, by default, disable federation for servers using SQLite.
No significant changes since 1.7.0rc2.
Synapse 1.7.0rc2 (2019-12-11)
=============================
Bugfixes
--------
- Fix incorrect error message for invalid requests when setting user's avatar URL. ([\#6497](https://github.com/matrix-org/synapse/issues/6497 ))
- Fix support for SQLite 3.7. ([\#6499](https://github.com/matrix-org/synapse/issues/6499 ))
- Fix regression where sending email push would not work when using a pusher worker. ([\#6507](https://github.com/matrix-org/synapse/issues/6507 ), [\#6509](https://github.com/matrix-org/synapse/issues/6509 ))
Synapse 1.7.0rc1 (2019-12-09)
=============================
Features
--------
- Implement per-room message retention policies. ([\#5815](https://github.com/matrix-org/synapse/issues/5815 ), [\#6436](https://github.com/matrix-org/synapse/issues/6436 ))
- Add etag and count fields to key backup endpoints to help clients guess if there are new keys. ([\#5858](https://github.com/matrix-org/synapse/issues/5858 ))
- Add `/admin/v2/users` endpoint with pagination. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925 ))
- Require User-Interactive Authentication for `/account/3pid/add`, meaning the user's password will be required to add a third-party ID to their account. ([\#6119](https://github.com/matrix-org/synapse/issues/6119 ))
- Implement the `/_matrix/federation/unstable/net.atleastfornow/state/<context>` API as drafted in MSC2314. ([\#6176](https://github.com/matrix-org/synapse/issues/6176 ))
- Configure privacy-preserving settings by default for the room directory. ([\#6355](https://github.com/matrix-org/synapse/issues/6355 ))
- Add ephemeral messages support by partially implementing [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228 ). ([\#6409](https://github.com/matrix-org/synapse/issues/6409 ))
- Add support for [MSC 2367](https://github.com/matrix-org/matrix-doc/pull/2367 ), which allows specifying a reason on all membership events. ([\#6434](https://github.com/matrix-org/synapse/issues/6434 ))
Bugfixes
--------
- Transfer non-standard power levels on room upgrade. ([\#6237](https://github.com/matrix-org/synapse/issues/6237 ))
- Fix error from the Pillow library when uploading RGBA images. ([\#6241](https://github.com/matrix-org/synapse/issues/6241 ))
- Correctly apply the event filter to the `state`, `events_before` and `events_after` fields in the response to `/context` requests. ([\#6329](https://github.com/matrix-org/synapse/issues/6329 ))
- Fix caching devices for remote users when using workers, so that we don't attempt to refetch (and potentially fail) each time a user requests devices. ([\#6332](https://github.com/matrix-org/synapse/issues/6332 ))
- Prevent account data syncs getting lost across TCP replication. ([\#6333](https://github.com/matrix-org/synapse/issues/6333 ))
- Fix bug: TypeError in `register_user()` while using LDAP auth module. ([\#6406](https://github.com/matrix-org/synapse/issues/6406 ))
- Fix an intermittent exception when handling read-receipts. ([\#6408](https://github.com/matrix-org/synapse/issues/6408 ))
- Fix broken guest registration when there are existing blocks of numeric user IDs. ([\#6420](https://github.com/matrix-org/synapse/issues/6420 ))
- Fix startup error when http proxy is defined. ([\#6421](https://github.com/matrix-org/synapse/issues/6421 ))
- Fix error when using synapse_port_db on a vanilla synapse db. ([\#6449](https://github.com/matrix-org/synapse/issues/6449 ))
- Fix uploading multiple cross signing signatures for the same user. ([\#6451](https://github.com/matrix-org/synapse/issues/6451 ))
- Fix bug which lead to exceptions being thrown in a loop when a cross-signed device is deleted. ([\#6462](https://github.com/matrix-org/synapse/issues/6462 ))
- Fix `synapse_port_db` not exiting with a 0 code if something went wrong during the port process. ([\#6470](https://github.com/matrix-org/synapse/issues/6470 ))
- Improve sanity-checking when receiving events over federation. ([\#6472](https://github.com/matrix-org/synapse/issues/6472 ))
- Fix inaccurate per-block Prometheus metrics. ([\#6491](https://github.com/matrix-org/synapse/issues/6491 ))
- Fix small performance regression for sending invites. ([\#6493](https://github.com/matrix-org/synapse/issues/6493 ))
- Back out cross-signing code added in Synapse 1.5.0, which caused a performance regression. ([\#6494](https://github.com/matrix-org/synapse/issues/6494 ))
Improved Documentation
----------------------
- Update documentation and variables in user contributed systemd reference file. ([\#6369](https://github.com/matrix-org/synapse/issues/6369 ), [\#6490](https://github.com/matrix-org/synapse/issues/6490 ))
- Fix link in the user directory documentation. ([\#6388](https://github.com/matrix-org/synapse/issues/6388 ))
- Add build instructions to the docker readme. ([\#6390](https://github.com/matrix-org/synapse/issues/6390 ))
- Switch Ubuntu package install recommendation to use python3 packages in INSTALL.md. ([\#6443](https://github.com/matrix-org/synapse/issues/6443 ))
- Write some docs for the quarantine_media api. ([\#6458](https://github.com/matrix-org/synapse/issues/6458 ))
- Convert CONTRIBUTING.rst to markdown (among other small fixes). ([\#6461](https://github.com/matrix-org/synapse/issues/6461 ))
Deprecations and Removals
-------------------------
- Remove admin/v1/users_paginate endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925 ))
- Remove fallback for federation with old servers which lack the /federation/v1/state_ids API. ([\#6488](https://github.com/matrix-org/synapse/issues/6488 ))
Internal Changes
----------------
- Add benchmarks for structured logging and improve output performance. ([\#6266](https://github.com/matrix-org/synapse/issues/6266 ))
- Improve the performance of outputting structured logging. ([\#6322](https://github.com/matrix-org/synapse/issues/6322 ))
- Refactor some code in the event authentication path for clarity. ([\#6343](https://github.com/matrix-org/synapse/issues/6343 ), [\#6468](https://github.com/matrix-org/synapse/issues/6468 ), [\#6480](https://github.com/matrix-org/synapse/issues/6480 ))
- Clean up some unnecessary quotation marks around the codebase. ([\#6362](https://github.com/matrix-org/synapse/issues/6362 ))
- Complain on startup instead of 500'ing during runtime when `public_baseurl` isn't set when necessary. ([\#6379](https://github.com/matrix-org/synapse/issues/6379 ))
- Add a test scenario to make sure room history purges don't break `/messages` in the future. ([\#6392](https://github.com/matrix-org/synapse/issues/6392 ))
- Clarifications for the email configuration settings. ([\#6423](https://github.com/matrix-org/synapse/issues/6423 ))
- Add more tests to the blacklist when running in worker mode. ([\#6429](https://github.com/matrix-org/synapse/issues/6429 ))
- Refactor data store layer to support multiple databases in the future. ([\#6454](https://github.com/matrix-org/synapse/issues/6454 ), [\#6464](https://github.com/matrix-org/synapse/issues/6464 ), [\#6469](https://github.com/matrix-org/synapse/issues/6469 ), [\#6487](https://github.com/matrix-org/synapse/issues/6487 ))
- Port synapse.rest.client.v1 to async/await. ([\#6482](https://github.com/matrix-org/synapse/issues/6482 ))
- Port synapse.rest.client.v2_alpha to async/await. ([\#6483](https://github.com/matrix-org/synapse/issues/6483 ))
- Port SyncHandler to async/await. ([\#6484](https://github.com/matrix-org/synapse/issues/6484 ))
-----BEGIN PGP SIGNATURE-----
iQJEBAABCgAuFiEEumuwyPtYLL2OMhYdOtoG7cdT0R4FAl3zbaUQHGVyaWtAbWF0
cml4Lm9yZwAKCRA62gbtx1PRHqxED/9Ldjx5pxRm99Rkfhpv6qaw79GaQsAERW+i
rPzdC0u59PRDLyfB2MRGU+q4oTTmBN3APPuW79mhY4CRisKfUvw6tuaJM5avvRsF
vlY6m4ObewPXvK9dumlKD4ORqks45Sv0VGLHoZH4MLvWu/3Z+ycUn0qf+KNy0JrV
TNNnNfsEeo3FXrkLU/12TiEBqNTVCU2vi/nZaHoGlHtZGVoykyFk4z2i9hLKENH4
ScwaN4zeFRTIWYMiEb+kI/6QQLTASvar5FstwXPpM2F+aZhrMc5M7YsEe16jx+bQ
jOM1L67hMetcWWmE9QrgP030clIDg30xhNbVxFSD4WoGgEPFkf/zE91v0CF5ZMRJ
u83hlhe8tHoO8DOfVl2DNw3x6Evx4Vb5P8bvszNwKAyVDanvkSe0GvYm84B0Tat6
2UCyPR5mbU3fyiwpouaNYun8MppyMRQ/fCnNElvZwwoj9EQQcJ8QOnMK0pFv1AXV
n4wwXqRb+WvvbhnKPxTsiTK0DPBbIiGqo1TIONSbhPF+wySR3YV80HCWofd+qlRT
V+GbZihk4SCcmamgqYLeQYneOrIu6UWGP348t3scCz/RCUp7hmxaJhJ3GAC3hOmU
alN6tDJn7Lo0CwY2frX8xPS6S31sq9IZyDhHkaL0chsEa1rgWJMOK3FRp/b+c8yU
b3CEJObIjw==
=RQVG
-----END PGP SIGNATURE-----
Merge tag 'v1.7.0'
Synapse 1.7.0 (2019-12-13)
==========================
This release changes the default settings so that only local authenticated users can query the server's room directory. See the [upgrade notes](UPGRADE.rst#upgrading-to-v170) for details.
Support for SQLite versions before 3.11 is now deprecated. A future release will refuse to start if used with an SQLite version before 3.11.
Administrators are reminded that SQLite should not be used for production instances. Instructions for migrating to Postgres are available [here](docs/postgres.md). A future release of synapse will, by default, disable federation for servers using SQLite.
No significant changes since 1.7.0rc2.
Synapse 1.7.0rc2 (2019-12-11)
=============================
Bugfixes
--------
- Fix incorrect error message for invalid requests when setting user's avatar URL. ([\#6497](https://github.com/matrix-org/synapse/issues/6497 ))
- Fix support for SQLite 3.7. ([\#6499](https://github.com/matrix-org/synapse/issues/6499 ))
- Fix regression where sending email push would not work when using a pusher worker. ([\#6507](https://github.com/matrix-org/synapse/issues/6507 ), [\#6509](https://github.com/matrix-org/synapse/issues/6509 ))
Synapse 1.7.0rc1 (2019-12-09)
=============================
Features
--------
- Implement per-room message retention policies. ([\#5815](https://github.com/matrix-org/synapse/issues/5815 ), [\#6436](https://github.com/matrix-org/synapse/issues/6436 ))
- Add etag and count fields to key backup endpoints to help clients guess if there are new keys. ([\#5858](https://github.com/matrix-org/synapse/issues/5858 ))
- Add `/admin/v2/users` endpoint with pagination. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925 ))
- Require User-Interactive Authentication for `/account/3pid/add`, meaning the user's password will be required to add a third-party ID to their account. ([\#6119](https://github.com/matrix-org/synapse/issues/6119 ))
- Implement the `/_matrix/federation/unstable/net.atleastfornow/state/<context>` API as drafted in MSC2314. ([\#6176](https://github.com/matrix-org/synapse/issues/6176 ))
- Configure privacy-preserving settings by default for the room directory. ([\#6355](https://github.com/matrix-org/synapse/issues/6355 ))
- Add ephemeral messages support by partially implementing [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228 ). ([\#6409](https://github.com/matrix-org/synapse/issues/6409 ))
- Add support for [MSC 2367](https://github.com/matrix-org/matrix-doc/pull/2367 ), which allows specifying a reason on all membership events. ([\#6434](https://github.com/matrix-org/synapse/issues/6434 ))
Bugfixes
--------
- Transfer non-standard power levels on room upgrade. ([\#6237](https://github.com/matrix-org/synapse/issues/6237 ))
- Fix error from the Pillow library when uploading RGBA images. ([\#6241](https://github.com/matrix-org/synapse/issues/6241 ))
- Correctly apply the event filter to the `state`, `events_before` and `events_after` fields in the response to `/context` requests. ([\#6329](https://github.com/matrix-org/synapse/issues/6329 ))
- Fix caching devices for remote users when using workers, so that we don't attempt to refetch (and potentially fail) each time a user requests devices. ([\#6332](https://github.com/matrix-org/synapse/issues/6332 ))
- Prevent account data syncs getting lost across TCP replication. ([\#6333](https://github.com/matrix-org/synapse/issues/6333 ))
- Fix bug: TypeError in `register_user()` while using LDAP auth module. ([\#6406](https://github.com/matrix-org/synapse/issues/6406 ))
- Fix an intermittent exception when handling read-receipts. ([\#6408](https://github.com/matrix-org/synapse/issues/6408 ))
- Fix broken guest registration when there are existing blocks of numeric user IDs. ([\#6420](https://github.com/matrix-org/synapse/issues/6420 ))
- Fix startup error when http proxy is defined. ([\#6421](https://github.com/matrix-org/synapse/issues/6421 ))
- Fix error when using synapse_port_db on a vanilla synapse db. ([\#6449](https://github.com/matrix-org/synapse/issues/6449 ))
- Fix uploading multiple cross signing signatures for the same user. ([\#6451](https://github.com/matrix-org/synapse/issues/6451 ))
- Fix bug which lead to exceptions being thrown in a loop when a cross-signed device is deleted. ([\#6462](https://github.com/matrix-org/synapse/issues/6462 ))
- Fix `synapse_port_db` not exiting with a 0 code if something went wrong during the port process. ([\#6470](https://github.com/matrix-org/synapse/issues/6470 ))
- Improve sanity-checking when receiving events over federation. ([\#6472](https://github.com/matrix-org/synapse/issues/6472 ))
- Fix inaccurate per-block Prometheus metrics. ([\#6491](https://github.com/matrix-org/synapse/issues/6491 ))
- Fix small performance regression for sending invites. ([\#6493](https://github.com/matrix-org/synapse/issues/6493 ))
- Back out cross-signing code added in Synapse 1.5.0, which caused a performance regression. ([\#6494](https://github.com/matrix-org/synapse/issues/6494 ))
Improved Documentation
----------------------
- Update documentation and variables in user contributed systemd reference file. ([\#6369](https://github.com/matrix-org/synapse/issues/6369 ), [\#6490](https://github.com/matrix-org/synapse/issues/6490 ))
- Fix link in the user directory documentation. ([\#6388](https://github.com/matrix-org/synapse/issues/6388 ))
- Add build instructions to the docker readme. ([\#6390](https://github.com/matrix-org/synapse/issues/6390 ))
- Switch Ubuntu package install recommendation to use python3 packages in INSTALL.md. ([\#6443](https://github.com/matrix-org/synapse/issues/6443 ))
- Write some docs for the quarantine_media api. ([\#6458](https://github.com/matrix-org/synapse/issues/6458 ))
- Convert CONTRIBUTING.rst to markdown (among other small fixes). ([\#6461](https://github.com/matrix-org/synapse/issues/6461 ))
Deprecations and Removals
-------------------------
- Remove admin/v1/users_paginate endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. ([\#5925](https://github.com/matrix-org/synapse/issues/5925 ))
- Remove fallback for federation with old servers which lack the /federation/v1/state_ids API. ([\#6488](https://github.com/matrix-org/synapse/issues/6488 ))
Internal Changes
----------------
- Add benchmarks for structured logging and improve output performance. ([\#6266](https://github.com/matrix-org/synapse/issues/6266 ))
- Improve the performance of outputting structured logging. ([\#6322](https://github.com/matrix-org/synapse/issues/6322 ))
- Refactor some code in the event authentication path for clarity. ([\#6343](https://github.com/matrix-org/synapse/issues/6343 ), [\#6468](https://github.com/matrix-org/synapse/issues/6468 ), [\#6480](https://github.com/matrix-org/synapse/issues/6480 ))
- Clean up some unnecessary quotation marks around the codebase. ([\#6362](https://github.com/matrix-org/synapse/issues/6362 ))
- Complain on startup instead of 500'ing during runtime when `public_baseurl` isn't set when necessary. ([\#6379](https://github.com/matrix-org/synapse/issues/6379 ))
- Add a test scenario to make sure room history purges don't break `/messages` in the future. ([\#6392](https://github.com/matrix-org/synapse/issues/6392 ))
- Clarifications for the email configuration settings. ([\#6423](https://github.com/matrix-org/synapse/issues/6423 ))
- Add more tests to the blacklist when running in worker mode. ([\#6429](https://github.com/matrix-org/synapse/issues/6429 ))
- Refactor data store layer to support multiple databases in the future. ([\#6454](https://github.com/matrix-org/synapse/issues/6454 ), [\#6464](https://github.com/matrix-org/synapse/issues/6464 ), [\#6469](https://github.com/matrix-org/synapse/issues/6469 ), [\#6487](https://github.com/matrix-org/synapse/issues/6487 ))
- Port synapse.rest.client.v1 to async/await. ([\#6482](https://github.com/matrix-org/synapse/issues/6482 ))
- Port synapse.rest.client.v2_alpha to async/await. ([\#6483](https://github.com/matrix-org/synapse/issues/6483 ))
- Port SyncHandler to async/await. ([\#6484](https://github.com/matrix-org/synapse/issues/6484 ))
2019-12-13 10:55:33 +00:00
Mark Nowiasz
58fdcbdfe7
Update workers.md to make media_repository work (again) ( #6519 )
2019-12-11 16:23:38 +00:00
Andrew Morgan
4947de5a14
Allow SAML username provider plugins ( #6411 )
2019-12-10 17:30:16 +00:00
Manuel Stahl
649b6bc088
Replace /admin/v1/users_paginate endpoint with /admin/v2/users ( #5925 )
2019-12-05 18:12:23 +00:00
Neil Johnson
cb0aeb147e
privacy by default for room dir ( #6355 )
...
Ensure that the the default settings for the room directory are that the it is hidden from public view by default.
2019-12-04 09:46:16 +00:00
Richard van der Hoff
620f98b65b
write some docs for the quarantine_media api ( #6458 )
2019-12-03 18:20:39 +00:00
Richard van der Hoff
c48ea98007
Clarifications for the email configuration settings. ( #6423 )
...
Cf #6422
2019-11-28 09:29:18 +00:00
Brendan Abolivier
9e937c28ee
Merge branch 'develop' into babolivier/message_retention
2019-11-26 17:53:57 +00:00
Aaron Raimist
24cc31ee96
Fix link to user_dir_populate.sql in the user directory docs ( #6388 )
2019-11-21 17:38:14 +00:00
Andrew Morgan
473acedcdd
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/homeserver_copy
...
* 'develop' of github.com:matrix-org/synapse:
Blacklist PurgeRoomTestCase (#6361 )
Set room version default to 5
2019-11-14 10:26:27 +00:00
Brendan Abolivier
a42567e4a8
Merge pull request #6220 from matrix-org/neilj/set_room_version_default_to_5
...
Set room version default to 5
2019-11-14 10:21:00 +00:00
Andrew Morgan
e1648dc576
sample config
2019-11-12 13:15:59 +00:00
Brendan Abolivier
09957ce0e4
Implement per-room message retention policies
2019-11-04 17:09:22 +00:00
Richard van der Hoff
cc6243b4c0
document the REPLICATE command a bit better ( #6305 )
...
since I found myself wonder how it works
2019-11-04 12:40:18 +00:00
Yash Jipkate
9677613e9c
Modify doc to update Google ReCaptcha terms ( #6257 )
2019-10-30 12:30:20 +00:00
Andrew Morgan
46c12918ad
Fix typo in domain name in account_threepid_delegates config option ( #6273 )
2019-10-30 11:07:42 +00:00
Neil Johnson
2794b79052
Option to suppress resource exceeded alerting ( #6173 )
...
The expected use case is to suppress MAU limiting on small instances
2019-10-24 11:48:46 +01:00
Andrew Morgan
409c62b27b
Add config linting script that checks for bool casing ( #6203 )
...
Add a linting script that enforces all boolean values in the default config be lowercase.
This has annoyed me for a while so I decided to fix it.
2019-10-23 13:22:54 +01:00
Adrien Luxey
0327a00a37
Update postgres.md ( #6234 )
...
Added database owner authentication with `sudo` when `su` does not work
2019-10-22 13:48:02 +02:00
Neil Johnson
82c8799ec7
Set room version default to 5
2019-10-19 09:06:15 +01:00
Valérian Rousset
be9b55e0d2
cas: support setting display name ( #6114 )
...
Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
2019-10-11 12:33:12 +01:00
Brendan Abolivier
baf12bc02a
Merge branch 'master' into develop
2019-10-02 14:41:02 +01:00
Erik Johnston
3423633d50
Fix 'redaction_retention_period' sampel config to match guidelines
2019-09-26 16:43:52 +01:00
Neil Johnson
8b8f8c7b3c
Explicitly log when a homeserver does not have a trusted key server configured ( #6090 )
2019-09-26 12:57:01 +01:00
Erik Johnston
4fb3c129aa
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/cleanup_user_ips_2
2019-09-25 17:53:13 +01:00
Erik Johnston
39b50ad42a
Review comments
2019-09-25 17:22:33 +01:00
Erik Johnston
242017db8b
Prune rows in user_ips older than configured period
...
Defaults to pruning everything older than 28d.
2019-09-24 15:53:17 +01:00
Richard van der Hoff
ed8b92f0d2
Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_work
2019-09-24 12:57:32 +01:00
Andrew Morgan
50776261e1
Add submit_url response parameter to msisdn /requestToken ( #6079 )
...
Second part of solving #6076
Fixes #6076
We return a submit_url parameter on calls to POST */msisdn/requestToken so that clients know where to submit token information to.
2019-09-23 21:21:03 +01:00
Richard van der Hoff
78e8ec368e
Merge pull request #6064 from matrix-org/rav/saml_config_cleanup
...
Make the sample saml config closer to our standards
2019-09-23 20:36:51 +01:00
Andrew Morgan
e08ea43463
Use the federation blacklist for requests to untrusted Identity Servers ( #6000 )
...
Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses.
Fixes #5935
2019-09-23 20:23:20 +01:00
Andrew Morgan
df3401a71d
Allow HS to send emails when adding an email to the HS ( #6042 )
2019-09-20 15:21:30 +01:00
Richard van der Hoff
b65327ff66
Merge branch 'develop' into rav/saml_mapping_work
2019-09-19 18:13:31 +01:00
Richard van der Hoff
b789c7eb03
Merge branch 'develop' into rav/saml_config_cleanup
2019-09-19 15:05:31 +01:00
Jorik Schellekens
38fd1f8e3f
Fix typo in account_threepid_delegates config ( #6028 )
2019-09-18 22:30:44 +01:00
Richard van der Hoff
7100b5cc9d
fix sample config
...
this was apparently broken by #6040 .
2019-09-18 10:16:00 +01:00
dstipp
379d2a8c39
( #5849 ) Convert rst to markdown ( #6040 )
...
Converting some of the rst documentation to markdown. Attempted to
preserve whitespace and line breaks to minimize cosmetic change.
2019-09-17 12:55:29 +01:00
Richard van der Hoff
a8ac40445c
Record mappings from saml users in an external table
...
We want to assign unique mxids to saml users based on an incrementing
suffix. For that to work, we need to record the allocated mxid in a separate
table.
2019-09-13 16:01:46 +01:00
Richard van der Hoff
785cbd3999
Make the sample saml config closer to our standards
...
It' still not great, thanks to the nested dictionaries, but it's better.
2019-09-13 12:07:03 +01:00
Travis Ralston
c755955f33
Add developer docs for using SAML without a server ( #6032 )
2019-09-13 08:58:18 +01:00
axel simon
1c7df13e7b
add explanations on how to actually include an access_token ( #6031 )
2019-09-13 08:50:17 +01:00
Sorunome
dd2e5b0038
add report_stats_endpoint config option ( #6012 )
...
This PR adds the optional `report_stats_endpoint` to configure where stats are reported to, if enabled.
2019-09-12 11:24:57 +01:00
Erik Johnston
66ace43546
Update sample config
2019-09-11 14:50:40 +01:00
Erik Johnston
8df88b5ff3
Update sample config
2019-09-11 10:58:26 +01:00
Erik Johnston
470dc621ae
Merge pull request #5934 from matrix-org/erikj/censor_redactions
...
Censor redactions in DB after a month
2019-09-09 15:29:39 +01:00
Erik Johnston
8b9ade8c78
Default to censoring redactions after seven days
2019-09-09 13:55:28 +01:00
Amber Brown
55d5b3af88
Servers-known-about statistic ( #5981 )
2019-09-07 01:45:51 +10:00
Andrew Morgan
0c0b82b6d1
Allow Synapse to send registration emails + choose Synapse or an external server to handle 3pid validation ( #5987 )
...
This is a combination of a few different PRs, finally all being merged into `develop`:
* #5875
* #5876
* #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](891afb57cb (diff-e591d42d30690ffb79f63bb726200891)
) in #5969 . What's left is just giving /versions access to the config file, which could be useful in the future)
* #5835
* #5969
* #5940
Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged.
UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
2019-09-06 11:35:28 +01:00
Erik Johnston
591d82f06b
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/censor_redactions
2019-09-05 17:27:46 +01:00
Erik Johnston
3ff0422d2d
Make redaction retention period configurable
2019-09-05 17:16:45 +01:00
Erik Johnston
6e834e94fc
Fix and refactor room and user stats ( #5971 )
...
Previously the stats were not being correctly populated.
2019-09-04 13:04:27 +01:00
Jorik Schellekens
92c1550f4a
Add a link to python's logging config schema ( #5926 )
2019-08-28 19:08:32 +01:00
Jorik Schellekens
6d97843793
Config templating ( #5900 )
...
Template config files
* Imagine a system composed entirely of x, y, z etc and the basic operations..
Wait George, why XOR? Why not just neq?
George: Eh, I didn't think of that..
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-08-28 13:12:22 +01:00
Amber Brown
7dc398586c
Implement a structured logging output system. ( #5680 )
2019-08-28 21:18:53 +10:00
reivilibre
a3f0635686
Merge pull request #5914 from matrix-org/rei/admin_getadmin
...
Add GET method to admin API /users/@user:dom/admin
2019-08-28 09:44:22 +01:00
Olivier Wilkinson (reivilibre)
1b959b6977
Document GET method for retrieving admin bit of user in admin API
...
Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
2019-08-27 13:19:19 +01:00
Erik Johnston
f5b50d0871
Merge pull request #5895 from matrix-org/erikj/notary_key
...
Add config option to sign remote key query responses with a separate key.
2019-08-27 11:51:37 +01:00
reivilibre
1a7e6eb633
Add Admin API capability to set adminship of a user ( #5878 )
...
Admin API: Set adminship of a user
2019-08-27 10:14:00 +01:00
Erik Johnston
7af5a63063
Fixup review comments
2019-08-23 15:36:28 +01:00
Jorik Schellekens
8767b63a82
Propagate opentracing contexts through EDUs ( #5852 )
...
Propagate opentracing contexts through EDUs
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2019-08-22 18:21:10 +01:00
Richard van der Hoff
119aa31b10
Servlet to purge old rooms ( #5845 )
2019-08-22 10:42:59 +01:00
Erik Johnston
5906be8589
Add config option for keys to use to sign keys
...
This allows servers to separate keys that are used to sign remote keys
when acting as a notary server.
2019-08-21 10:44:58 +01:00
Amber Brown
0b6fbb28a8
Don't load the media repo when configured to use an external media repo ( #5754 )
2019-08-13 21:49:28 +10:00
Brendan Abolivier
f25f638c35
Lint
2019-08-01 12:19:08 +02:00
Brendan Abolivier
3ff3dfe5a3
Sample config
2019-08-01 12:08:25 +02:00
Richard van der Hoff
8c97f6414c
Remove non-functional 'expire_access_token' setting ( #5782 )
...
The `expire_access_token` didn't do what it sounded like it should do. What it
actually did was make Synapse enforce the 'time' caveat on macaroons used as
access tokens, but since our access token macaroons never contained such a
caveat, it was always a no-op.
(The code to add 'time' caveats was removed back in v0.18.5, in #1656 )
2019-07-30 08:25:02 +01:00
Amber Brown
865077f1d1
Room Complexity Client Implementation ( #5783 )
2019-07-30 02:47:27 +10:00
Jorik Schellekens
3641784e8c
Make Jaeger fully configurable ( #5694 )
...
* Allow Jaeger to be configured
* Update sample config
2019-07-23 15:46:04 +01:00
Amber Brown
4806651744
Replace returnValue with return ( #5736 )
2019-07-23 23:00:55 +10:00
Jorik Schellekens
0fd171770a
Merge branch 'release-v1.2.0' into develop
2019-07-22 11:18:50 +01:00
Jorik Schellekens
826e6ec3bd
Opentracing Documentation ( #5703 )
...
* Opentracing survival guide
* Update decorator names in doc
* Doc cleanup
These are all alterations as a result of comments in #5703 , it
includes mostly typos and clarifications. The most interesting
changes are:
- Split developer and user docs into two sections
- Add a high level description of OpenTracing
* newsfile
* Move contributer specific info to docstring.
* Sample config.
* Trailing whitespace.
* Update 5703.misc
* Apply suggestions from code review
Mostly just rewording parts of the docs for clarity.
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2019-07-22 11:15:21 +01:00
Richard van der Hoff
b73ce4ba81
Update the coding style doc ( #5719 )
...
A few fixes and removal of duplicated stuff, but mostly a bunch of the words on the config file.
2019-07-19 11:55:14 +01:00
Richard van der Hoff
82345bc09a
Clean up opentracing configuration options ( #5712 )
...
Clean up config settings and dead code.
This is mostly about cleaning up the config format, to bring it into line with our conventions. In particular:
* There should be a blank line after `## Section ##' headings
* There should be a blank line between each config setting
* There should be a `#`-only line between a comment and the setting it describes
* We don't really do the `# #` style commenting-out of whole sections if we can help it
* rename `tracer_enabled` to `enabled`
While we're here, do more config parsing upfront, which makes it easier to use
later on.
Also removes redundant code from LogContextScopeManager.
Also changes the changelog fragment to a `feature` - it's exciting!
2019-07-18 15:06:54 +01:00
Amber Brown
7ad1d76356
Support Prometheus_client 0.4.0+ ( #5636 )
2019-07-18 23:57:15 +10:00
Richard van der Hoff
1def298119
Improve `Depends` specs in debian package. ( #5675 )
...
This is basically a contrived way of adding a `Recommends` on `libpq5`, to fix #5653 .
The way this is supposed to happen in debhelper is to run
`dh_shlibdeps`, which in turn runs `dpkg-shlibdeps`, which spits things out
into `debian/<package>.substvars` whence they can later be included by
`control`.
Previously, we had disabled `dh_shlibdeps`, mostly because `dpkg-shlibdeps`
gets confused about PIL's interdependent objects, but that's not really the
right thing to do and there is another way to work around that.
Since we don't always use postgres, we don't necessarily want a hard Depends on
libpq5, so I've actually ended up adding an explicit invocation of
`dpkg-shlibdeps` for `psycopg2`.
I've also updated the build-depends list for the package, which was missing a
couple of entries.
2019-07-17 17:47:07 +01:00
Richard van der Hoff
5f158ec039
Implement access token expiry ( #5660 )
...
Record how long an access token is valid for, and raise a soft-logout once it
expires.
2019-07-12 17:26:02 +01:00
Ulrik Günther
d445b3ae57
Update reverse_proxy.rst ( #5397 )
...
Updates reverse_proxy.rst with information about nginx' URI normalisation.
2019-07-12 11:46:18 +01:00
Lrizika
39e9839a04
Improved docs on setting up Postgresql ( #5661 )
...
Added that synapse_user needs a database to access before it can auth
Noted you'll need to enable password auth, linked to pg_hba.conf docs
2019-07-11 14:31:36 +01:00
Jorik Schellekens
38a6d3eea7
Add basic opentracing support ( #5544 )
...
* Configure and initialise tracer
Includes config options for the tracer and sets up JaegerClient.
* Scope manager using LogContexts
We piggy-back our tracer scopes by using log context.
The current log context gives us the current scope. If new scope is
created we create a stack of scopes in the context.
* jaeger is a dependency now
* Carrier inject and extraction for Twisted Headers
* Trace federation requests on the way in and out.
The span is created in _started_processing and closed in
_finished_processing because we need a meaningful log context.
* Create logcontext for new scope.
Instead of having a stack of scopes in a logcontext we create a new
context for a new scope if the current logcontext already has a scope.
* Remove scope from logcontext if logcontext is top level
* Disable tracer if not configured
* typo
* Remove dependence on jaeger internals
* bools
* Set service name
* :Explicitely state that the tracer is disabled
* Black is the new black
* Newsfile
* Code style
* Use the new config setup.
* Generate config.
* Copyright
* Rename config to opentracing
* Remove user whitelisting
* Empty whitelist by default
* User ConfigError instead of RuntimeError
* Use isinstance
* Use tag constants for opentracing.
* Remove debug comment and no need to explicitely record error
* Two errors a "s(c)entry"
* Docstrings!
* Remove debugging brainslip
* Homeserver Whitlisting
* Better opentracing config comment
* linting
* Inclue worker name in service_name
* Make opentracing an optional dependency
* Neater config retreival
* Clean up dummy tags
* Instantiate tracing as object instead of global class
* Inlcude opentracing as a homeserver member.
* Thread opentracing to the request level
* Reference opetnracing through hs
* Instantiate dummy opentracin g for tests.
* About to revert, just keeping the unfinished changes just in case
* Revert back to global state, commit number:
9ce4a3d9067bf9889b86c360c05ac88618b85c4f
* Use class level methods in tracerutils
* Start and stop requests spans in a place where we
have access to the authenticated entity
* Seen it, isort it
* Make sure to close the active span.
* I'm getting black and blue from this.
* Logger formatting
Co-Authored-By: Erik Johnston <erik@matrix.org>
* Outdated comment
* Import opentracing at the top
* Return a contextmanager
* Start tracing client requests from the servlet
* Return noop context manager if not tracing
* Explicitely say that these are federation requests
* Include servlet name in client requests
* Use context manager
* Move opentracing to logging/
* Seen it, isort it again!
* Ignore twisted return exceptions on context exit
* Escape the scope
* Scopes should be entered to make them useful.
* Nicer decorator names
* Just one init, init?
* Don't need to close something that isn't open
* Docs make you smarter
2019-07-11 10:36:03 +01:00
Amber Brown
463b072b12
Move logging utilities out of the side drawer of util/ and into logging/ ( #5606 )
2019-07-04 00:07:04 +10:00
Richard van der Hoff
b4fd86a9b4
Merge branch 'develop' into rav/saml2_client
2019-07-01 14:21:03 +01:00
Amber Brown
be3b901ccd
Update the TLS cipher string and provide configurability for TLS on outgoing federation ( #5550 )
2019-06-28 18:19:09 +10:00
Daniel Hoffend
9646a593ac
Added possibilty to disable local password authentication ( #5092 )
...
Signed-off-by: Daniel Hoffend <dh@dotlan.net>
2019-06-27 18:37:29 +01:00
Andrew Morgan
c548dbc4b1
Make it clearer that the template dir is relative to synapse's root dir ( #5543 )
...
Helps address #5444
2019-06-27 18:20:17 +01:00
Richard van der Hoff
47fa836abb
Merge pull request #5313 from twrist/patch-1
...
Update HAProxy example rules
2019-06-27 00:53:48 +01:00
Richard van der Hoff
dde4118341
update sample config
2019-06-27 00:41:04 +01:00
Richard van der Hoff
a0acfcc73e
update sample config
2019-06-26 23:56:28 +01:00
Andrew Morgan
3eb8c7b0eb
Merge branch 'master' into develop
...
* master:
Fix broken link in MSC1711 FAQ
Update changelog to better expain password reset change (#5545 )
2019-06-25 18:08:56 +01:00
Richard van der Hoff
c8cb186260
Fix broken link in MSC1711 FAQ
2019-06-25 12:27:56 +01:00
Andrew Morgan
28604ab03d
Add info about black to code_style.rst ( #5537 )
...
Fixes #5533
Adds information about how to install and run black on the codebase.
2019-06-24 17:48:05 +01:00
Richard van der Hoff
4ac7ef4b67
Merge pull request #5524 from matrix-org/rav/new_cmdline_options
...
Add --data-dir and --open-private-ports options.
2019-06-24 17:25:57 +01:00
Brendan Abolivier
deb4fe6ef3
Merge pull request #5534 from matrix-org/babolivier/federation-publicrooms
...
Split public rooms directory auth config in two
2019-06-24 16:08:02 +01:00
Brendan Abolivier
bfe84e051e
Split public rooms directory auth config in two
2019-06-24 15:42:31 +01:00
Richard van der Hoff
3f8a252dd8
Add "--open-private-ports" cmdline option
...
This is helpful when generating a config file for running synapse under docker.
2019-06-24 14:15:34 +01:00
Richard van der Hoff
edea4bb5be
Allow configuration of the path used for ACME account keys.
...
Because sticking it in the same place as the config isn't necessarily the right
thing to do.
2019-06-24 13:51:22 +01:00
Richard van der Hoff
6cda36777b
Drop support for cpu_affinity ( #5525 )
...
This has no useful purpose on python3, and is generally a source of confusion.
2019-06-22 11:01:55 +10:00
Erik Johnston
60b912cf0d
Update docs/workers.rst
...
E_TOO_MANY_NEGATIVES
Co-Authored-By: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2019-06-21 11:54:03 +01:00
Erik Johnston
f3ab533374
Support pagination API in client_reader worker
2019-06-21 10:43:12 +01:00
Amber Brown
32e7c9e7f2
Run Black. ( #5482 )
2019-06-20 19:32:02 +10:00
Amber Brown
eba7caf09f
Remove Postgres 9.4 support ( #5448 )
2019-06-18 00:59:00 +10:00
Brendan Abolivier
f12e1f029c
Merge pull request #5440 from matrix-org/babolivier/third_party_event_rules
...
Allow server admins to define implementations of extra rules for allowing or denying incoming events
2019-06-14 19:37:59 +01:00
Brendan Abolivier
f874b16b2e
Add plugin APIs for implementations of custom event rules.
2019-06-14 18:16:03 +01:00
Neil Johnson
426218323b
Neilj/improve federation docs ( #5419 )
...
Add FAQ questions to federate.md. Add a health warning making it clear that the 1711 upgrade FAQ is now out of date.
2019-06-11 12:17:43 +01:00
Neil Johnson
a11865016e
Set default room version to v4. ( #5379 )
...
Set default room version to v4.
2019-06-06 20:13:47 +01:00
Andrew Morgan
3719680ee4
Add ability to perform password reset via email without trusting the identity server ( #5377 )
...
Sends password reset emails from the homeserver instead of proxying to the identity server. This is now the default behaviour for security reasons. If you wish to continue proxying password reset requests to the identity server you must now enable the email.trust_identity_server_for_password_resets option.
This PR is a culmination of 3 smaller PRs which have each been separately reviewed:
* #5308
* #5345
* #5368
2019-06-06 17:34:07 +01:00
Richard van der Hoff
9fbb20a531
Stop hardcoding trust of old matrix.org key ( #5374 )
...
There are a few changes going on here:
* We make checking the signature on a key server response optional: if no
verify_keys are specified, we trust to TLS to validate the connection.
* We change the default config so that it does not require responses to be
signed by the old key.
* We replace the old 'perspectives' config with 'trusted_key_servers', which
is also formatted slightly differently.
* We emit a warning to the logs every time we trust a key server response
signed by the old key.
2019-06-06 17:33:11 +01:00
Neil Johnson
833c406b9b
Neilj/1.0 upgrade notes ( #5371 )
...
1.0 upgrade/install notes
2019-06-06 17:23:02 +01:00
Richard van der Hoff
7603a706eb
Merge branch 'rav/fix_custom_ca' into rav/enable_tls_verification
2019-06-05 16:32:35 +01:00
Richard van der Hoff
b4f1cd31f4
Update sample config
2019-06-05 15:30:10 +01:00
Richard van der Hoff
95ab2eb4a1
Fix notes about well-known and acme ( #5357 )
...
fixes #4951
2019-06-05 15:12:33 +01:00
Neil Johnson
26713515de
Neilj/mau tracking config explainer ( #5284 )
...
Improve documentation of monthly active user blocking and mau_trial_days
2019-06-05 13:16:23 +01:00
Ike Johnson
145f57897d
Update HAProxy example rules
...
These new rules allow a user to instead route only matrix traffic, allowing them to run matrix on the domain without affecting their existing websites
2019-06-02 23:10:27 +08:00
Erik Johnston
58cce39f3a
Merge pull request #5276 from matrix-org/babolivier/account_validity_job_delta
...
Allow configuring a range for the account validity startup job
2019-05-31 12:11:56 +01:00
Brendan Abolivier
e975b15101
Sample config
2019-05-31 11:14:21 +01:00
Brendan Abolivier
6bfc5ad3a1
Sample config
2019-05-31 09:56:57 +01:00
Travis Ralston
3e1af5109c
Clarify that the admin change password endpoint logs them out ( #5303 )
2019-05-31 09:45:46 +01:00
Erik Johnston
8541db741a
Merge pull request #5283 from aaronraimist/captcha-docs
...
Specify the type of reCAPTCHA key to use (#5013 )
2019-05-29 19:02:27 +01:00
Amber Brown
0729ef01f8
regenerate sample config
2019-05-29 16:41:25 +10:00
Aaron Raimist
f795595e95
Specify the type of reCAPTCHA key to use ( #5013 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-28 22:04:27 -05:00
Aaron Raimist
9b6f72663e
Fix docs on resetting the user directory ( #5036 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-05-28 20:54:01 -05:00
Brendan Abolivier
4aba561c65
Config and changelog
2019-05-28 16:55:10 +01:00
Richard van der Hoff
dba9152d15
Add missing blank line in config ( #5249 )
2019-05-24 14:12:38 +01:00
Andrew Morgan
6368150a74
Add config option for setting homeserver's default room version ( #5223 )
...
Replaces DEFAULT_ROOM_VERSION constant with a method that first checks the config, then returns a hardcoded value if the option is not present.
That hardcoded value is now located in the server.py config file.
2019-05-23 15:00:20 +01:00
Amber Brown
4a30e4acb4
Room Statistics ( #4338 )
2019-05-21 11:36:50 -05:00
Brendan Abolivier
6a5a70edf0
Merge pull request #5204 from matrix-org/babolivier/account_validity_expiration_date
...
Add startup background job for account validity
2019-05-21 14:55:15 +01:00
Brendan Abolivier
384122efa8
Doc
2019-05-21 14:39:36 +01:00
Richard van der Hoff
da5ef0bb42
Merge remote-tracking branch 'origin/master' into develop
2019-05-17 12:39:48 +01:00
Richard van der Hoff
7ce1f97a13
Stop telling people to install the optional dependencies. ( #5197 )
...
* Stop telling people to install the optional dependencies.
They're optional.
Also update the postgres docs a bit for clarity(?)
2019-05-17 12:38:03 +01:00
Brendan Abolivier
a5fe16c5a7
Changelog + sample config
2019-05-16 15:11:37 +01:00
Amber Brown
f1e5b41388
Make all the rate limiting options more consistent ( #5181 )
2019-05-15 12:06:04 -05:00
Andrew Morgan
5a4b328f52
Add ability to blacklist ip ranges for federation traffic ( #5043 )
2019-05-13 19:05:06 +01:00
Gergely Polonkai
cd3f30014a
Make Prometheus snippet less confusing on the metrics collection doc ( #4288 )
...
Signed-off-by: Gergely Polonkai <gergely@polonkai.eu>
2019-05-10 09:15:08 +01:00
colonelkrud
d9a02d1201
Add AllowEncodedSlashes to apache ( #5068 )
...
* Add AllowEncodedSlashes to apache
Add `AllowEncodedSlashes On` to apache config to support encoding for v3 rooms. "The AllowEncodedSlashes setting is not inherited by virtual hosts, and virtual hosts are used in many default Apache configurations, such as the one in Ubuntu. The workaround is to add the AllowEncodedSlashes setting inside a <VirtualHost> container (/etc/apache2/sites-available/default in Ubuntu)." Source: https://stackoverflow.com/questions/4390436/need-to-allow-encoded-slashes-on-apache
* change allowencodedslashes to nodecode
2019-05-09 23:27:04 +01:00
Matthew Hodgson
c0e0740bef
add options to require an access_token to GET /profile and /publicRooms on CS API ( #5083 )
...
This commit adds two config options:
* `restrict_public_rooms_to_local_users`
Requires auth to fetch the public rooms directory through the CS API and disables fetching it through the federation API.
* `require_auth_for_profile_requests`
When set to `true`, requires that requests to `/profile` over the CS API are authenticated, and only returns the user's profile if the requester shares a room with the profile's owner, as per MSC1301.
MSC1301 also specifies a behaviour for federation (only returning the profile if the server asking for it shares a room with the profile's owner), but that's currently really non-trivial to do in a not too expensive way. Next step is writing down a MSC that allows a HS to specify which user sent the profile query. In this implementation, Synapse won't send a profile query over federation if it doesn't believe it already shares a room with the profile's owner, though.
Groups have been intentionally omitted from this commit.
2019-05-08 18:26:56 +01:00
Richard van der Hoff
59e2d2694d
Remove the requirement to authenticate for /admin/server_version. ( #5122 )
...
This endpoint isn't much use for its intended purpose if you first need to get
yourself an admin's auth token.
I've restricted it to the `/_synapse/admin` path to make it a bit easier to
lock down for those concerned about exposing this information. I don't imagine
anyone is using it in anger currently.
2019-05-07 09:29:30 +01:00
Travis Ralston
3fdff14207
Fix spelling in server notices admin API docs ( #5142 )
2019-05-06 22:15:02 +01:00
Richard van der Hoff
4804206dbe
Fix sample config
...
... after it got broken in 1565ebec2c
.
2019-05-06 22:13:35 +01:00
Richard van der Hoff
836d3adcce
Merge branch 'master' into develop
2019-05-03 19:25:01 +01:00
Richard van der Hoff
1565ebec2c
more config comment updates
2019-05-03 15:50:59 +01:00
Richard van der Hoff
1a7104fde3
Blacklist 0.0.0.0 and :: by default for URL previews
2019-05-03 15:35:49 +01:00
Richard van der Hoff
12f9d51e82
Add admin api for sending server_notices ( #5121 )
2019-05-02 11:59:16 +01:00
Brendan Abolivier
c193b39134
Merge pull request #5124 from matrix-org/babolivier/aliases
...
Add some limitations to alias creation
2019-05-02 11:22:40 +01:00
Brendan Abolivier
84196cb231
Add some limitations to alias creation
2019-05-02 11:05:11 +01:00
Richard van der Hoff
cc4bd762df
Fix sample config
2019-05-01 16:48:23 +01:00
Richard van der Hoff
8e9ca83537
Move admin API to a new prefix
2019-05-01 15:44:30 +01:00
Brendan Abolivier
c1799b0f85
Merge pull request #5116 from matrix-org/babolivier/account_expiration
...
Fix path in account validity admin route's doc
2019-05-01 11:59:56 +01:00
Brendan Abolivier
031919dafb
Fix whole path for admin route
2019-05-01 11:38:27 +01:00
Brendan Abolivier
d8e357b7cf
Fix typo in account validity admin route
2019-05-01 11:34:22 +01:00
Andrew Morgan
6824ddd93d
Config option for verifying federation certificates (MSC 1711) ( #4967 )
2019-04-25 14:22:49 +01:00
Erik Johnston
ca90336a69
Merge branch 'develop' of github.com:matrix-org/synapse into babolivier/account_expiration
2019-04-17 19:44:40 +01:00
Brendan Abolivier
eaf41a943b
Add management endpoints for account validity
2019-04-17 19:34:45 +01:00
Brendan Abolivier
91934025b9
Merge pull request #5047 from matrix-org/babolivier/account_expiration
...
Send out emails with links to extend an account's validity period
2019-04-17 14:57:39 +01:00
Brendan Abolivier
20f0617e87
Send out emails with links to extend an account's validity period
2019-04-17 14:42:20 +01:00
Erik Johnston
6e27a8620f
Merge pull request #5063 from matrix-org/erikj/move_endpoints
...
Move some rest endpoints to client reader
2019-04-15 18:55:01 +01:00
Erik Johnston
ec638a1602
Only handle GET requests for /push_rules
2019-04-15 18:51:48 +01:00
Erik Johnston
d5adf297e6
Move some rest endpoints to client reader
2019-04-15 17:21:03 +01:00
Brendan Abolivier
bfc8fdf1fc
Merge pull request #5027 from matrix-org/babolivier/account_expiration
...
Add time-based account expiration
2019-04-09 17:02:41 +01:00
Brendan Abolivier
747aa9f8ca
Add account expiration feature
2019-04-09 16:46:04 +01:00
Neil Johnson
b25e387c0d
add context to phonehome stats ( #5020 )
...
add context to phonehome stats
2019-04-08 15:47:39 +01:00
Brendan Abolivier
8e85493b0c
Add config option to block users from looking up 3PIDs ( #5010 )
2019-04-04 17:25:47 +01:00
Erik Johnston
c192bf8970
Add admin API for group deletion
2019-04-03 16:29:52 +01:00
Andrew Morgan
bbd244c7b2
Support 3PID login in password providers ( #4931 )
...
Adds a new method, check_3pid_auth, which gives password providers
the chance to allow authentication with third-party identifiers such
as email or msisdn.
2019-03-26 17:48:30 +00:00
Richard van der Hoff
7105057cf2
Fix nginx example in ACME doc. ( #4923 )
2019-03-25 09:59:36 +00:00
Colin W
ab4e4c6c2f
Update Apache Setup To Remove Location Syntax ( #4870 )
...
This one should close #4841 . Many thanks to @dev4223 for bringing it up and finding a solution.
Signed-off-by: Colin White
2019-03-21 14:05:56 +00:00
Erik Johnston
09f991a63d
Merge pull request #4896 from matrix-org/erikj/disable_room_directory
...
Add option to disable search room lists
2019-03-21 10:16:54 +00:00
Erik Johnston
263f2c9ce1
Merge pull request #4895 from matrix-org/erikj/disable_user_search
...
Add option to disable searching in the user dir
2019-03-20 16:47:15 +00:00
Richard van der Hoff
a902d13180
Batch up outgoing read-receipts to reduce federation traffic. ( #4890 )
...
Rate-limit outgoing read-receipts as per #4730 .
2019-03-20 16:02:25 +00:00
Erik Johnston
cd8c5b91ad
Fix up sample config
2019-03-20 14:35:41 +00:00
Erik Johnston
926f29ea6d
Fix up config comments
2019-03-20 14:24:53 +00:00
Erik Johnston
213c98c00a
Add option to disable search room lists
...
This disables both local and remote room list searching.
2019-03-19 17:10:52 +00:00
Erik Johnston
855bf4658d
Update sample config
2019-03-19 16:47:04 +00:00
Erik Johnston
b616a8717b
Add note on tuning postgres
2019-03-19 16:05:32 +00:00
Richard van der Hoff
d2a537ea60
Merge remote-tracking branch 'origin/master' into develop
2019-03-19 10:37:50 +00:00
Michael Kaye
9482a84c0a
Repoint docs for federation ( #4881 )
2019-03-19 10:37:18 +00:00
Richard van der Hoff
fd463b4f5d
Comment out most options in the generated config. ( #4863 )
...
Make it so that most options in the config are optional, and commented out in
the generated config.
The reasons this is a good thing are as follows:
* If we decide that we should change the default for an option, we can do so,
and only those admins that have deliberately chosen to override that option
will be stuck on the old setting.
* It moves us towards a point where we can get rid of the super-surprising
feature of synapse where the default settings for the config come from the
generated yaml.
* It makes setting up a test config for unit testing an order of magnitude
easier (see forthcoming PR).
* It makes the generated config more consistent, and hopefully easier for users
to understand.
2019-03-19 10:06:40 +00:00
Brendan Abolivier
651ad8bc96
Add ratelimiting on failed login attempts ( #4865 )
2019-03-18 12:57:20 +00:00
Brendan Abolivier
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
Richard van der Hoff
9ffadcdbad
fix some typos in federate.md
2019-03-15 09:43:24 +00:00
Andrew Morgan
7998ca3a66
Document using a certificate with a full chain ( #4849 )
2019-03-13 15:26:29 +00:00
Neil Johnson
332b60ec68
Merge branch 'master' of github.com:matrix-org/synapse into develop
2019-03-12 17:15:21 +00:00
Neil Johnson
83193a9362
fix orphaned sentence
2019-03-12 16:57:17 +00:00
Neil Johnson
8b692bf7c2
Neilj/improved delegation doc 2 ( #4832 )
...
Improved federation configuration docs. Specifically detailing .well-known and SRV based delegation methods.
Inspiration Valentin Lab <valentin.lab@kalysto.org> for https://github.com/matrix-org/synapse/pull/4781
2019-03-12 14:23:28 +00:00
Aaron Raimist
8ea1b41a0e
Clarify what registration_shared_secret allows for ( #2885 ) ( #4844 )
...
* Clarify what registration_shared_secret allows for (#2885 )
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Add changelog
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-03-11 18:21:52 +00:00
Matthew Hodgson
8f4b9f5210
Reword the sample config header to be less scary ( #4801 )
2019-03-07 07:09:01 +00:00
Brendan Abolivier
c23e8c3333
Update sample config
2019-03-05 18:03:48 +00:00
Erik Johnston
16c8b4ecbd
Merge pull request #4772 from jbweston/jbweston/server-version-api
...
Add 'server_version' endpoint to admin API
2019-03-05 16:31:00 +00:00
Brendan Abolivier
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
Erik Johnston
c3c542bb4a
Merge pull request #4796 from matrix-org/erikj/factor_out_e2e_keys
...
Allow /keys/{changes,query} API to run on worker
2019-03-05 09:06:25 +00:00
Erik Johnston
bfa7d46a10
Allow /keys/{changes,query} API to run on worker
2019-03-04 18:30:01 +00:00
Richard van der Hoff
8e28bc5eee
Include a default configuration file in the 'docs' directory. ( #4791 )
2019-03-04 17:14:58 +00:00
Seebi
aba5eeabd5
Fix v4v6 option in HAProxy example config ( #4790 )
...
The v4v6 option only has a usage one ipv6 socket: https://serverfault.com/q/747895
Signed-off-by: Flakebi <flakebi@t-online.de>
2019-03-04 13:19:41 +00:00
Joseph Weston
144cbfd650
add API documentation
...
Signed-off-by: Joseph Weston <joseph@weston.cloud>
2019-03-02 03:07:04 +01:00
Erik Johnston
76550c58d2
Merge pull request #4759 from matrix-org/erikj/3pid_client_reader
...
Move /account/3pid to client_reader
2019-02-27 16:11:21 +00:00
Erik Johnston
54f9ce11a7
Move /account/3pid to client_reader
2019-02-27 14:26:08 +00:00
Erik Johnston
4cff9376f7
Move server key queries to federation reader
2019-02-27 13:43:53 +00:00
Erik Johnston
7590e9fa28
Merge pull request #4749 from matrix-org/erikj/replication_connection_backoff
...
Fix tightloop over connecting to replication server
2019-02-27 11:00:59 +00:00
Paul Tötterman
4bc7483518
Fix apache reverse proxy example ( #4742 )
...
So that it actually works. See https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass
Signed-off-by: Paul Tötterman <paul.totterman@iki.fi>
2019-02-26 18:01:45 +00:00
Erik Johnston
313987187e
Fix tightloop over connecting to replication server
...
If the client failed to process incoming commands during the initial set
up of the replication connection it would immediately disconnect and
reconnect, resulting in a tightloop.
This can happen, for example, when subscribing to a stream that has a
row that is too long in the backlog.
The fix here is to not consider the connection successfully set up until
the client has succesfully subscribed and caught up with the streams.
This ensures that the retry logic timers aren't reset until then,
meaning that if an error does happen during start up the client will
continue backing off before retrying again.
2019-02-26 15:05:41 +00:00
Richard van der Hoff
fcd6f01dc7
Minor tweaks to acme docs ( #4689 )
2019-02-22 10:56:42 +00:00
Benoît S
16e0680498
Added HAProxy example ( #4660 )
...
* Added HAProxy example
Proposal of an example with HAProxy. Asked by #4541 .
Signed-off-by: Benoît S. (“Benpro”) <gitlab@benpro.fr>
* Following suggestions of @richvdh
2019-02-21 17:44:10 +00:00