2014-08-31 17:06:39 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
2015-01-06 14:21:39 +01:00
|
|
|
# Copyright 2014, 2015 OpenMarket Ltd
|
2014-08-31 17:06:39 +02:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
|
|
|
import os
|
2014-09-23 17:18:21 +02:00
|
|
|
from ._base import Config, ConfigError
|
|
|
|
import syutil.crypto.signing_key
|
2014-08-31 17:06:39 +02:00
|
|
|
|
|
|
|
|
|
|
|
class ServerConfig(Config):
|
|
|
|
def __init__(self, args):
|
|
|
|
super(ServerConfig, self).__init__(args)
|
|
|
|
self.server_name = args.server_name
|
|
|
|
self.signing_key = self.read_signing_key(args.signing_key_path)
|
|
|
|
self.bind_port = args.bind_port
|
|
|
|
self.bind_host = args.bind_host
|
2014-09-01 23:38:52 +02:00
|
|
|
self.unsecure_port = args.unsecure_port
|
2014-08-31 17:06:39 +02:00
|
|
|
self.daemonize = args.daemonize
|
2014-09-01 16:51:15 +02:00
|
|
|
self.pid_file = self.abspath(args.pid_file)
|
2014-09-02 12:09:33 +02:00
|
|
|
self.webclient = True
|
2014-09-01 16:51:15 +02:00
|
|
|
self.manhole = args.manhole
|
2014-11-03 16:06:40 +01:00
|
|
|
self.no_tls = args.no_tls
|
2015-02-19 12:50:49 +01:00
|
|
|
self.soft_file_limit = args.soft_file_limit
|
2014-08-31 17:06:39 +02:00
|
|
|
|
2014-09-03 12:57:23 +02:00
|
|
|
if not args.content_addr:
|
|
|
|
host = args.server_name
|
|
|
|
if ':' not in host:
|
2014-12-02 18:20:02 +01:00
|
|
|
host = "%s:%d" % (host, args.unsecure_port)
|
|
|
|
else:
|
|
|
|
host = host.split(':')[0]
|
|
|
|
host = "%s:%d" % (host, args.unsecure_port)
|
|
|
|
args.content_addr = "http://%s" % (host,)
|
2014-09-03 12:57:23 +02:00
|
|
|
|
|
|
|
self.content_addr = args.content_addr
|
|
|
|
|
2014-08-31 17:06:39 +02:00
|
|
|
@classmethod
|
|
|
|
def add_arguments(cls, parser):
|
|
|
|
super(ServerConfig, cls).add_arguments(parser)
|
|
|
|
server_group = parser.add_argument_group("server")
|
2015-01-08 15:32:53 +01:00
|
|
|
server_group.add_argument(
|
|
|
|
"-H", "--server-name", default="localhost",
|
|
|
|
help="The domain name of the server, with optional explicit port. "
|
|
|
|
"This is used by remote servers to connect to this server, "
|
|
|
|
"e.g. matrix.org, localhost:8080, etc."
|
|
|
|
)
|
2014-08-31 17:06:39 +02:00
|
|
|
server_group.add_argument("--signing-key-path",
|
|
|
|
help="The signing key to sign messages with")
|
2014-09-01 23:38:52 +02:00
|
|
|
server_group.add_argument("-p", "--bind-port", metavar="PORT",
|
2014-09-02 11:52:20 +02:00
|
|
|
type=int, help="https port to listen on",
|
|
|
|
default=8448)
|
2014-09-01 23:38:52 +02:00
|
|
|
server_group.add_argument("--unsecure-port", metavar="PORT",
|
2014-09-02 11:52:20 +02:00
|
|
|
type=int, help="http port to listen on",
|
|
|
|
default=8008)
|
2014-08-31 17:06:39 +02:00
|
|
|
server_group.add_argument("--bind-host", default="",
|
|
|
|
help="Local interface to listen on")
|
|
|
|
server_group.add_argument("-D", "--daemonize", action='store_true',
|
|
|
|
help="Daemonize the home server")
|
2014-09-03 18:32:31 +02:00
|
|
|
server_group.add_argument('--pid-file', default="homeserver.pid",
|
2014-08-31 17:06:39 +02:00
|
|
|
help="When running as a daemon, the file to"
|
|
|
|
" store the pid in")
|
2014-09-01 23:11:08 +02:00
|
|
|
server_group.add_argument("--manhole", metavar="PORT", dest="manhole",
|
|
|
|
type=int,
|
2014-08-31 17:06:39 +02:00
|
|
|
help="Turn on the twisted telnet manhole"
|
|
|
|
" service on the given port.")
|
2014-09-03 12:57:23 +02:00
|
|
|
server_group.add_argument("--content-addr", default=None,
|
|
|
|
help="The host and scheme to use for the "
|
|
|
|
"content repository")
|
2014-11-03 16:06:40 +01:00
|
|
|
server_group.add_argument("--no-tls", action='store_true',
|
|
|
|
help="Don't bind to the https port.")
|
2015-02-19 12:50:49 +01:00
|
|
|
server_group.add_argument("--soft-file-limit", type=int, default=0,
|
2015-02-20 17:09:44 +01:00
|
|
|
help="Set the soft limit on the number of "
|
|
|
|
"file descriptors synapse can use. "
|
|
|
|
"Zero is used to indicate synapse "
|
|
|
|
"should set the soft limit to the hard"
|
|
|
|
"limit.")
|
2014-08-31 17:06:39 +02:00
|
|
|
|
|
|
|
def read_signing_key(self, signing_key_path):
|
2014-09-23 17:18:21 +02:00
|
|
|
signing_keys = self.read_file(signing_key_path, "signing_key")
|
|
|
|
try:
|
|
|
|
return syutil.crypto.signing_key.read_signing_keys(
|
|
|
|
signing_keys.splitlines(True)
|
|
|
|
)
|
2014-10-27 11:33:17 +01:00
|
|
|
except Exception:
|
2014-09-23 17:18:21 +02:00
|
|
|
raise ConfigError(
|
|
|
|
"Error reading signing_key."
|
|
|
|
" Try running again with --generate-config"
|
|
|
|
)
|
2014-08-31 17:06:39 +02:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def generate_config(cls, args, config_dir_path):
|
|
|
|
super(ServerConfig, cls).generate_config(args, config_dir_path)
|
|
|
|
base_key_name = os.path.join(config_dir_path, args.server_name)
|
|
|
|
|
|
|
|
args.pid_file = os.path.abspath(args.pid_file)
|
|
|
|
|
|
|
|
if not args.signing_key_path:
|
|
|
|
args.signing_key_path = base_key_name + ".signing.key"
|
|
|
|
|
|
|
|
if not os.path.exists(args.signing_key_path):
|
|
|
|
with open(args.signing_key_path, "w") as signing_key_file:
|
2014-09-23 17:18:21 +02:00
|
|
|
syutil.crypto.signing_key.write_signing_keys(
|
|
|
|
signing_key_file,
|
2014-10-18 17:56:44 +02:00
|
|
|
(syutil.crypto.signing_key.generate_singing_key("auto"),),
|
2014-09-23 17:18:21 +02:00
|
|
|
)
|
|
|
|
else:
|
|
|
|
signing_keys = cls.read_file(args.signing_key_path, "signing_key")
|
|
|
|
if len(signing_keys.split("\n")[0].split()) == 1:
|
|
|
|
# handle keys in the old format.
|
|
|
|
key = syutil.crypto.signing_key.decode_signing_key_base64(
|
|
|
|
syutil.crypto.signing_key.NACL_ED25519,
|
|
|
|
"auto",
|
|
|
|
signing_keys.split("\n")[0]
|
|
|
|
)
|
|
|
|
with open(args.signing_key_path, "w") as signing_key_file:
|
|
|
|
syutil.crypto.signing_key.write_signing_keys(
|
|
|
|
signing_key_file,
|
|
|
|
(key,),
|
|
|
|
)
|