4fddf8fc77
Infer no_tls from presence of TLS listeners
...
Rather than have to specify `no_tls` explicitly, infer whether we need to load
the TLS keys etc from whether we have any TLS-enabled listeners.
2019-02-11 21:39:14 +00:00
2129dd1a02
Fail cleanly if listener config lacks a 'port'
...
... otherwise we would fail with a mysterious KeyError or something later.
2019-02-11 21:15:01 +00:00
24b7f3916d
Clean up default listener configuration ( #4586 )
...
Rearrange the comments to try to clarify them, and expand on what some of it
means.
Use a sensible default 'bind_addresses' setting.
For the insecure port, only bind to localhost, and enable x_forwarded, since
apparently it's for use behind a load-balancer.
2019-02-11 12:50:30 +00:00
b201149c7e
Merge pull request #4420 from matrix-org/jaywink/openid-listener
...
New listener resource for the federation API "openid/userinfo" endpoint
2019-02-11 09:44:00 +00:00
6901ac7e9d
Don't recommend :8448 to people on public_baseurl
2019-01-28 12:15:22 -07:00
10b89d5c2e
Merge pull request #4435 from matrix-org/neilj/fix_threepid_auth_check
...
Neilj/fix threepid auth check
2019-01-24 13:02:50 +00:00
92d8a068ad
Clarify docs for public_baseurl
...
This is leading to problems with people upgrading to clients that
support MSC1730 because people have this misconfigured, so try
to make the docs completely unambiguous.
2019-01-24 10:52:06 +00:00
6f680241bd
Fix flake8 issues
...
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:53:48 +02:00
0516dc4d85
Remove openid resource from default config
...
Instead document it commented out.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:32:41 +02:00
82e13662c0
Split federation OpenID userinfo endpoint out of the federation resource
...
This allows the OpenID userinfo endpoint to be active even if the
federation resource is not active. The OpenID userinfo endpoint
is called by integration managers to verify user actions using the
client API OpenID access token. Without this verification, the
integration manager cannot know that the access token is valid.
The OpenID userinfo endpoint will be loaded in the case that either
"federation" or "openid" resource is defined. The new "openid"
resource is defaulted to active in default configuration.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2019-01-23 10:32:41 +02:00
c99c2d58d7
move guard out of is_threepid_reserved and into register.py
2019-01-22 17:47:00 +00:00
d619b113ed
Fix None guard in config.server.is_threepid_reserved
2019-01-22 16:52:29 +00:00
b7c0218812
Check jinja version for consent resource ( #4327 )
...
* Raise a ConfigError if an invalid resource is specified
* Require Jinja 2.9 for the consent resource
* changelog
2019-01-07 10:14:31 +00:00
9c2af7b2c5
Add a script to generate a clean config file ( #4315 )
2018-12-22 02:04:57 +11:00
f3561f8d86
Fix indentation in default config ( #4313 )
...
These settings are not supposed to be under 'listeners'.
2018-12-22 02:01:43 +11:00
df96177ca7
Stop installing Matrix Console by default
...
This is based on the work done by @krombel in #2601 .
2018-12-11 13:20:33 +00:00
158ffb92f1
Add an option to disable search for homeservers which may not be interested in it ( #4230 )
...
This is useful for homeservers not intended for users, such as bot-only homeservers or ones that only process IoT data.
2018-12-04 12:01:02 +01:00
835779f7fb
Add option to track MAU stats (but not limit people) ( #3830 )
2018-11-15 18:08:27 +00:00
0b01281e77
move threepid checker to config, add missing yields
2018-08-31 17:11:11 +01:00
05077e06fa
Change admin_uri to admin_contact in config and errors
2018-08-24 16:51:27 +01:00
cd77270a66
Implement trail users
2018-08-23 19:17:19 +01:00
c334ca67bb
Integrate presence from hotfixes ( #3694 )
2018-08-18 01:08:45 +10:00
0195dfbf52
server limits config docs
2018-08-17 13:58:25 +01:00
13ad9930c8
add new error type ResourceLimit
2018-08-16 18:02:02 +01:00
55afba0fc5
update admin email to uri
2018-08-15 11:41:18 +01:00
ab035bdeac
replace admin_email with admin_uri for greater flexibility
2018-08-15 10:16:41 +01:00
f4b49152e2
support admin_email config and pass through into blocking errors, return AuthError in all cases
2018-08-13 21:09:47 +01:00
ce7de9ae6b
Revert "support admin_email config and pass through into blocking errors, return AuthError in all cases"
...
This reverts commit 0d43f991a1
2018-08-13 18:06:18 +01:00
0d43f991a1
support admin_email config and pass through into blocking errors, return AuthError in all cases
2018-08-13 18:00:23 +01:00
d2f3ef98ac
Merge branch 'develop' into neilj/disable_hs
2018-08-08 15:55:47 +00:00
e8eba2b4e3
implement reserved users for mau limits
2018-08-07 17:49:43 +01:00
7daa8a78c5
load mau limit threepids
2018-08-06 22:55:05 +01:00
42c6823827
disable HS from config
2018-08-04 22:07:04 +01:00
5593ff6773
fix (lots of) py3 test failures
2018-08-03 14:59:17 +01:00
704c3e6239
Merge branch 'master' into develop
2018-08-02 15:43:30 +01:00
2c54f1c225
remove need to plot limit_usage_by_mau
2018-08-01 11:46:59 +01:00
df2235e7fa
coding style
2018-07-31 13:16:20 +01:00
251e6c1210
limit register and sign in on number of monthly users
2018-07-30 15:55:57 +01:00
5f3658baf5
Merge pull request #3377 from Valodim/note-affinity
...
document that the affinity package is required for the cpu_affinity setting
2018-07-19 14:35:06 +01:00
49af402019
run isort
2018-07-09 16:09:20 +10:00
546bc9e28b
More server_name validation
...
We need to do a bit more validation when we get a server name, but don't want
to be re-doing it all over the shop, so factor out a separate
parse_and_validate_server_name, and do the extra validation.
Also, use it to verify the server name in the config file.
2018-07-04 18:59:51 +01:00
b800834351
add note that the affinity package is required for the cpu_affinity setting
2018-06-09 22:50:29 +02:00
febe0ec8fd
Run Prometheus on a different port, optionally. ( #3274 )
2018-05-31 19:04:50 +10:00
ab9f844aaf
Add federation_domain_whitelist option ( #2820 )
...
Add federation_domain_whitelist
gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
2018-01-22 19:11:18 +01:00
37d1a90025
Allow binds to both :: and 0.0.0.0
...
Binding on 0.0.0.0 when :: is specified in the bind_addresses is now allowed.
This causes a warning explaining the behaviour.
Configuration changed to match.
See #2232
Signed-off-by: Silke Hofstra <silke@slxh.eu>
2017-12-17 13:10:31 +01:00
3e59143ba8
Adapt the default config to bind on IPv6.
...
Most deployments are on Linux (or Mac OS), so this would actually bind
on both IPv4 and IPv6.
Resolves #1886 .
Signed-off-by: Willem Mulder <willemmaster@hotmail.com>
2017-12-17 13:07:37 +01:00
68ca864141
Add config option to disable media_repo on main synapse
...
... to stop us doing the cache cleanup jobs on the master.
2017-11-22 16:20:27 +00:00
fcdfc911ee
Add a hook for custom rest endpoints
...
Let the user specify custom modules which can be used for implementing extra
endpoints.
2017-11-02 14:36:55 +00:00
eaaabc6c4f
replace 'except:' with 'except Exception:'
...
what could possibly go wrong
2017-10-23 15:52:32 +01:00
aa620d09a0
Add a config option to block all room invites ( #2457 )
...
- allows sysadmins the ability to lock down their servers so that people can't
send their users room invites.
2017-09-19 16:08:14 +01:00
Richard van der Hoff