Patrick Cloke
71cccf1593
Additional configuration options for auto-join rooms ( #7763 )
2020-06-30 15:41:36 -04:00
Richard van der Hoff
e452973fd2
fix broken link in sample config ( #7712 )
2020-06-16 19:50:16 +01:00
Patrick Cloke
b9df7f70bb
Increase the default SAML session expirary time to 15 minutes. ( #7664 )
2020-06-11 07:55:45 -04:00
wondratsch
c746889bb0
fix typo in sample_config.yaml ( #7652 )
...
Just a simple typo fix.
Signed-off-by: wondratsch 28294257+wondratsch@users.noreply.github.com
2020-06-11 11:51:10 +01:00
Andrew Morgan
fcd6961441
Add option to enable encryption by default for new rooms ( #7639 )
...
Fixes https://github.com/matrix-org/synapse/issues/2431
Adds config option `encryption_enabled_by_default_for_room_type`, which determines whether encryption should be enabled with the default encryption algorithm in private or public rooms upon creation. Whether the room is private or public is decided based upon the room creation preset that is used.
Part of this PR is also pulling out all of the individual instances of `m.megolm.v1.aes-sha2` into a constant variable to eliminate typos ala https://github.com/matrix-org/synapse/pull/7637
Based on #7637
2020-06-10 17:44:34 +01:00
Travis Ralston
09099313e6
Add an option to disable autojoin for guest accounts ( #6637 )
...
Fixes https://github.com/matrix-org/synapse/issues/3177
2020-06-05 18:18:15 +01:00
Richard van der Hoff
11de843626
Cleanups to the OpenID Connect integration ( #7628 )
...
docs, default configs, comments. Nothing very significant.
2020-06-03 21:13:17 +01:00
Richard van der Hoff
1bbc9e2df6
Clean up exception handling in SAML2ResponseResource ( #7614 )
...
* Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string
* Clean up exception handling in SAML2ResponseResource
* use the existing code in `return_html_error` instead of re-implementing it
(giving it a jinja2 template rather than inventing a new form of template)
* do the exception-catching in the REST layer rather than in the handler
layer, to make sure we catch all exceptions.
2020-06-03 10:41:12 +01:00
Jason Robinson
4be968d05d
Fix sample config docs error ( #7581 )
...
'client_auth_method' commented out value was erronously 'client_auth_basic',
when code and docstring says it should be 'client_secret_basic'.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-05-27 13:52:18 +01:00
Erik Johnston
d7d8a2e7ee
Fix up comments
2020-05-27 13:34:46 +01:00
Erik Johnston
4ba55559ac
Fix specifying cache factors via env vars with * in name. ( #7580 )
...
This mostly applise to `*stateGroupCache*` and co.
Broke in #6391 .
2020-05-27 13:17:01 +01:00
Richard van der Hoff
66a564c859
Fix some DETECTED VIOLATIONS in the config file ( #7550 )
...
consistency ftw
2020-05-22 10:11:50 +01:00
Amber Brown
7cb8b4bc67
Allow configuration of Synapse's cache without using synctl or environment variables ( #6391 )
2020-05-11 18:45:23 +01:00
Andrew Morgan
67feea8044
Extend spam checker to allow for multiple modules ( #7435 )
2020-05-08 19:25:48 +01:00
Quentin Gliech
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00
Brendan Abolivier
d9b8d27494
Add a configuration setting for the dummy event threshold ( #7422 )
...
Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
2020-05-07 10:35:23 +01:00
Patrick Cloke
7bfe0902ce
Add documentation to the sample config about the templates for SSO. ( #7343 )
2020-04-24 15:03:49 -04:00
Brendan Abolivier
2e3b9a0fcb
Revert "Revert "Merge pull request #7315 from matrix-org/babolivier/request_token""
...
This reverts commit 1adf6a5587
.
2020-04-23 11:23:53 +02:00
Lars Franke
13917232d5
Fix indention in generated config file ( #7300 )
...
Also adjust sample_config.yaml
Signed-off-by: Lars Franke <frcl@mailbox.org>
2020-04-20 16:51:27 +01:00
Tristan Lins
c07fca9e2f
Clarify the comments for media_storage_providers options ( #7272 )
2020-04-17 07:09:33 -04:00
Andrew Morgan
a48138784e
Allow specifying the value of Accept-Language header for URL previews ( #7265 )
2020-04-15 13:35:29 +01:00
Andrew Morgan
29b7e22b93
Add documentation to password_providers config option ( #7238 )
2020-04-08 00:46:50 +01:00
Martin Milata
b0db928c63
Extend web_client_location to handle absolute URLs ( #7006 )
...
Log warning when filesystem path is used.
Signed-off-by: Martin Milata <martin@martinmilata.cz>
2020-04-03 11:57:34 -04:00
Andrew Morgan
d9f29f8dae
Fix a small typo in the `metrics_flags` config option. ( #7171 )
2020-03-30 17:38:21 +01:00
Richard van der Hoff
b7da598a61
Always whitelist the login fallback for SSO ( #7153 )
...
That fallback sets the redirect URL to itself (so it can process the login
token then return gracefully to the client). This would make it pointless to
ask the user for confirmation, since the URL the confirmation page would be
showing wouldn't be the client's.
2020-03-27 20:24:52 +00:00
Dirk Klimpel
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
Aaron Raimist
6ca5e56fd1
Remove unused captcha_bypass_secret option ( #7137 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2020-03-25 17:49:34 +00:00
Richard van der Hoff
c165c1233b
Improve database configuration docs ( #6988 )
...
Attempts to clarify the sample config for databases, and add some stuff about
tcp keepalives to `postgres.md`.
2020-03-20 15:24:22 +00:00
Richard van der Hoff
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b
, reversing
changes made to 6640460d05
.
2020-03-17 11:25:01 +00:00
Brendan Abolivier
f9e98176bf
Put the file in the templates directory
2020-03-11 20:31:42 +00:00
Brendan Abolivier
900bca9707
Update wording and config
2020-03-11 19:40:30 +00:00
Brendan Abolivier
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
Dirk Klimpel
751d51dd12
Update sample_config.yaml
2020-03-10 21:41:25 +01:00
Brendan Abolivier
51c094c4ac
Update sample config
2020-03-10 14:00:29 +00:00
dklimpel
885134529f
updates after review
2020-03-09 22:09:29 +01:00
dklimpel
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
dklimpel
20545a2199
lint2
2020-03-08 15:28:00 +01:00
dklimpel
fb078f921b
changelog
2020-03-08 15:19:07 +01:00
Brendan Abolivier
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
Richard van der Hoff
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
Brendan Abolivier
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
Richard van der Hoff
4c2ed3f20e
Fix minor issues with email config ( #6962 )
...
* Give `notif_template_html`, `notif_template_text` default values (fixes #6960 )
* Don't complain if `smtp_host` and `smtp_port` are unset, since they have sensible defaults (fixes #6961 )
* Set the example for `enable_notifs` to `True`, for consistency and because it's more useful
* Raise errors as ConfigError rather than RuntimeError for nicer formatting
2020-02-24 15:18:38 +00:00
Brendan Abolivier
d484126bf7
Merge pull request #6907 from matrix-org/babolivier/acme-config
...
Add mention and warning about ACME v1 deprecation to the TLS config
2020-02-18 16:11:31 +00:00
Richard van der Hoff
97a42bbc3a
Add a warning about indentation to generated config ( #6920 )
...
Fixes #6916 .
2020-02-14 16:22:30 +00:00
Brendan Abolivier
5820ed905f
Add mention and warning about ACME v1 deprecation to the Synapse config
2020-02-13 14:20:08 +00:00
Richard van der Hoff
5ce0b17e38
Clarify the `account_validity` and `email` sections of the sample configuration. ( #6685 )
...
Generally try to make this more comprehensible, and make it match the
conventions.
I've removed the documentation for all the settings which allow you to change
the names of the template files, because I can't really see why they are
useful.
2020-01-17 10:04:15 +00:00
Brendan Abolivier
2b6b7f482a
Merge pull request #6621 from matrix-org/babolivier/purge_job_config_typo
...
Fix a typo in the purge jobs configuration example
2020-01-07 16:17:40 +01:00
Brendan Abolivier
391fb47791
Reword
2020-01-07 14:54:32 +00:00
Brendan Abolivier
3a86477162
Change the example from 5min to 12h
...
Have a purge job running every 5min is probably not something we want to advise admins to do as a sort-of default.
2020-01-07 14:53:07 +00:00
Richard van der Hoff
98247c4a0e
Remove unused, undocumented "content repo" resource ( #6628 )
...
This looks like it got half-killed back in #888 .
Fixes #6567 .
2020-01-03 17:10:52 +00:00
Brendan Abolivier
dd2954f78d
Update sample config
2020-01-03 12:58:12 +01:00
Richard van der Hoff
b95b762560
Add an export_signing_key script ( #6546 )
...
I want to do some key rotation, and it is silly that we don't have a way to do
this.
2019-12-19 11:11:14 +00:00
Will Hunt
bfb95654c9
Add option to allow profile queries without sharing a room ( #6523 )
2019-12-16 16:11:55 +00:00
Andrew Morgan
4947de5a14
Allow SAML username provider plugins ( #6411 )
2019-12-10 17:30:16 +00:00
Neil Johnson
cb0aeb147e
privacy by default for room dir ( #6355 )
...
Ensure that the the default settings for the room directory are that the it is hidden from public view by default.
2019-12-04 09:46:16 +00:00
Richard van der Hoff
c48ea98007
Clarifications for the email configuration settings. ( #6423 )
...
Cf #6422
2019-11-28 09:29:18 +00:00
Brendan Abolivier
9e937c28ee
Merge branch 'develop' into babolivier/message_retention
2019-11-26 17:53:57 +00:00
Andrew Morgan
473acedcdd
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/homeserver_copy
...
* 'develop' of github.com:matrix-org/synapse:
Blacklist PurgeRoomTestCase (#6361 )
Set room version default to 5
2019-11-14 10:26:27 +00:00
Brendan Abolivier
a42567e4a8
Merge pull request #6220 from matrix-org/neilj/set_room_version_default_to_5
...
Set room version default to 5
2019-11-14 10:21:00 +00:00
Andrew Morgan
e1648dc576
sample config
2019-11-12 13:15:59 +00:00
Brendan Abolivier
09957ce0e4
Implement per-room message retention policies
2019-11-04 17:09:22 +00:00
Andrew Morgan
46c12918ad
Fix typo in domain name in account_threepid_delegates config option ( #6273 )
2019-10-30 11:07:42 +00:00
Neil Johnson
2794b79052
Option to suppress resource exceeded alerting ( #6173 )
...
The expected use case is to suppress MAU limiting on small instances
2019-10-24 11:48:46 +01:00
Andrew Morgan
409c62b27b
Add config linting script that checks for bool casing ( #6203 )
...
Add a linting script that enforces all boolean values in the default config be lowercase.
This has annoyed me for a while so I decided to fix it.
2019-10-23 13:22:54 +01:00
Neil Johnson
82c8799ec7
Set room version default to 5
2019-10-19 09:06:15 +01:00
Valérian Rousset
be9b55e0d2
cas: support setting display name ( #6114 )
...
Now, the CAS server can return an attribute stating what's the desired displayname, instead of using the username directly.
2019-10-11 12:33:12 +01:00
Erik Johnston
3423633d50
Fix 'redaction_retention_period' sampel config to match guidelines
2019-09-26 16:43:52 +01:00
Neil Johnson
8b8f8c7b3c
Explicitly log when a homeserver does not have a trusted key server configured ( #6090 )
2019-09-26 12:57:01 +01:00
Erik Johnston
4fb3c129aa
Merge branch 'develop' of github.com:matrix-org/synapse into erikj/cleanup_user_ips_2
2019-09-25 17:53:13 +01:00
Erik Johnston
39b50ad42a
Review comments
2019-09-25 17:22:33 +01:00
Erik Johnston
242017db8b
Prune rows in user_ips older than configured period
...
Defaults to pruning everything older than 28d.
2019-09-24 15:53:17 +01:00
Richard van der Hoff
ed8b92f0d2
Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_work
2019-09-24 12:57:32 +01:00
Andrew Morgan
50776261e1
Add submit_url response parameter to msisdn /requestToken ( #6079 )
...
Second part of solving #6076
Fixes #6076
We return a submit_url parameter on calls to POST */msisdn/requestToken so that clients know where to submit token information to.
2019-09-23 21:21:03 +01:00
Richard van der Hoff
78e8ec368e
Merge pull request #6064 from matrix-org/rav/saml_config_cleanup
...
Make the sample saml config closer to our standards
2019-09-23 20:36:51 +01:00
Andrew Morgan
e08ea43463
Use the federation blacklist for requests to untrusted Identity Servers ( #6000 )
...
Uses a SimpleHttpClient instance equipped with the federation_ip_range_blacklist list for requests to identity servers provided by user input. Does not use a blacklist when contacting identity servers specified by account_threepid_delegates. The homeserver trusts the latter and we don't want to prevent homeserver admins from specifying delegates that are on internal IP addresses.
Fixes #5935
2019-09-23 20:23:20 +01:00
Andrew Morgan
df3401a71d
Allow HS to send emails when adding an email to the HS ( #6042 )
2019-09-20 15:21:30 +01:00
Richard van der Hoff
b65327ff66
Merge branch 'develop' into rav/saml_mapping_work
2019-09-19 18:13:31 +01:00
Richard van der Hoff
b789c7eb03
Merge branch 'develop' into rav/saml_config_cleanup
2019-09-19 15:05:31 +01:00
Jorik Schellekens
38fd1f8e3f
Fix typo in account_threepid_delegates config ( #6028 )
2019-09-18 22:30:44 +01:00
Richard van der Hoff
7100b5cc9d
fix sample config
...
this was apparently broken by #6040 .
2019-09-18 10:16:00 +01:00
dstipp
379d2a8c39
( #5849 ) Convert rst to markdown ( #6040 )
...
Converting some of the rst documentation to markdown. Attempted to
preserve whitespace and line breaks to minimize cosmetic change.
2019-09-17 12:55:29 +01:00
Richard van der Hoff
a8ac40445c
Record mappings from saml users in an external table
...
We want to assign unique mxids to saml users based on an incrementing
suffix. For that to work, we need to record the allocated mxid in a separate
table.
2019-09-13 16:01:46 +01:00
Richard van der Hoff
785cbd3999
Make the sample saml config closer to our standards
...
It' still not great, thanks to the nested dictionaries, but it's better.
2019-09-13 12:07:03 +01:00
Sorunome
dd2e5b0038
add report_stats_endpoint config option ( #6012 )
...
This PR adds the optional `report_stats_endpoint` to configure where stats are reported to, if enabled.
2019-09-12 11:24:57 +01:00
Erik Johnston
66ace43546
Update sample config
2019-09-11 14:50:40 +01:00
Erik Johnston
8df88b5ff3
Update sample config
2019-09-11 10:58:26 +01:00
Erik Johnston
470dc621ae
Merge pull request #5934 from matrix-org/erikj/censor_redactions
...
Censor redactions in DB after a month
2019-09-09 15:29:39 +01:00
Erik Johnston
8b9ade8c78
Default to censoring redactions after seven days
2019-09-09 13:55:28 +01:00
Amber Brown
55d5b3af88
Servers-known-about statistic ( #5981 )
2019-09-07 01:45:51 +10:00
Andrew Morgan
0c0b82b6d1
Allow Synapse to send registration emails + choose Synapse or an external server to handle 3pid validation ( #5987 )
...
This is a combination of a few different PRs, finally all being merged into `develop`:
* #5875
* #5876
* #5868 (This one added the `/versions` flag but the flag itself was actually [backed out](891afb57cb (diff-e591d42d30690ffb79f63bb726200891)
) in #5969 . What's left is just giving /versions access to the config file, which could be useful in the future)
* #5835
* #5969
* #5940
Clients should not actually use the new registration functionality until https://github.com/matrix-org/synapse/pull/5972 is merged.
UPGRADE.rst, changelog entries and config file changes should all be reviewed closely before this PR is merged.
2019-09-06 11:35:28 +01:00
Erik Johnston
3ff0422d2d
Make redaction retention period configurable
2019-09-05 17:16:45 +01:00
Jorik Schellekens
92c1550f4a
Add a link to python's logging config schema ( #5926 )
2019-08-28 19:08:32 +01:00
Jorik Schellekens
6d97843793
Config templating ( #5900 )
...
Template config files
* Imagine a system composed entirely of x, y, z etc and the basic operations..
Wait George, why XOR? Why not just neq?
George: Eh, I didn't think of that..
Co-Authored-By: Erik Johnston <erik@matrix.org>
2019-08-28 13:12:22 +01:00
Erik Johnston
7af5a63063
Fixup review comments
2019-08-23 15:36:28 +01:00
Erik Johnston
5906be8589
Add config option for keys to use to sign keys
...
This allows servers to separate keys that are used to sign remote keys
when acting as a notary server.
2019-08-21 10:44:58 +01:00
Amber Brown
0b6fbb28a8
Don't load the media repo when configured to use an external media repo ( #5754 )
2019-08-13 21:49:28 +10:00
Brendan Abolivier
f25f638c35
Lint
2019-08-01 12:19:08 +02:00
Brendan Abolivier
3ff3dfe5a3
Sample config
2019-08-01 12:08:25 +02:00
Richard van der Hoff
8c97f6414c
Remove non-functional 'expire_access_token' setting ( #5782 )
...
The `expire_access_token` didn't do what it sounded like it should do. What it
actually did was make Synapse enforce the 'time' caveat on macaroons used as
access tokens, but since our access token macaroons never contained such a
caveat, it was always a no-op.
(The code to add 'time' caveats was removed back in v0.18.5, in #1656 )
2019-07-30 08:25:02 +01:00