Commit Graph

932 Commits (37eaf9c27271197320d4bedcceaf58d746935e53)

Author SHA1 Message Date
Neil Johnson 752b7b32ed Changes in synapse v0.31.0 (2018-06-06)
======================================
 
 Most notable change from v0.30.0 is to switch to python prometheus library to improve system
 stats reporting. WARNING this changes a number of prometheus metrics in a
 backwards-incompatible manner. For more details, see
 `docs/metrics-howto.rst <docs/metrics-howto.rst#removal-of-deprecated-metrics--time-based-counters-becoming-histograms-in-0310>`_.
 
 Bug Fixes:
 
 * Fix metric documentation tables (PR #3341)
 * Fix LaterGuage error handling (694968f)
 * Fix replication metrics (b7e7fd2)
 
 Changes in synapse v0.31.0-rc1 (2018-06-04)
 ==========================================
 
 Features:
 
 * Switch to the Python Prometheus library (PR #3256, #3274)
 * Let users leave the server notice room after joining (PR #3287)
 
 Changes:
 
 * daily user type phone home stats (PR #3264)
 * Use iter* methods for _filter_events_for_server (PR #3267)
 * Docs on consent bits (PR #3268)
 * Remove users from user directory on deactivate (PR #3277)
 * Avoid sending consent notice to guest users (PR #3288)
 * disable CPUMetrics if no /proc/self/stat (PR #3299)
 * Add local and loopback IPv6 addresses to url_preview_ip_range_blacklist (PR #3312) Thanks to @thegcat!
 * Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy (PR #3307)
 * Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat!
 * Reduce stuck read-receipts: ignore depth when updating (PR #3318)
 * Put python's logs into Trial when running unit tests (PR #3319)
 
 Changes, python 3 migration:
 
 * Replace some more comparisons with six (PR #3243) Thanks to @NotAFile!
 * replace some iteritems with six (PR #3244) Thanks to @NotAFile!
 * Add batch_iter to utils (PR #3245) Thanks to @NotAFile!
 * use repr, not str (PR #3246) Thanks to @NotAFile!
 * Misc Python3 fixes (PR #3247) Thanks to @NotAFile!
 * Py3 storage/_base.py (PR #3278) Thanks to @NotAFile!
 * more six iteritems (PR #3279) Thanks to @NotAFile!
 * More Misc. py3 fixes (PR #3280) Thanks to @NotAFile!
 * remaining isintance fixes (PR #3281) Thanks to @NotAFile!
 * py3-ize state.py (PR #3283) Thanks to @NotAFile!
 * extend tox testing for py3 to avoid regressions (PR #3302) Thanks to @krombel!
 * use memoryview in py3 (PR #3303) Thanks to @NotAFile!
 
 Bugs:
 
 * Fix federation backfill bugs (PR #3261)
 * federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx!
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEETQ1YthIGLQRddG54CTxDAAxPS/QFAlsXxJAACgkQCTxDAAxP
 S/SJTg//Wtr+Qop9LJh2/leAYXpyqW6P7Ftak0w3aJ3KL3+tYg32yYNoRADCqbp3
 LkrHu8MwbZagHjRUyEWNfDk4jbfq5fwh0JVGmYuUKhG9aF0HYyytKkbW79YzuhdQ
 dfHj9x0xSBOUvgt/husloZSDy0VHC6uyQSAFgFDyHS2y7RPAiGstqLGByv0ciZOk
 pO7TdjkUQcx4Ps7Wgip31NuHy3GY2int6f540pUXoZHLXs7RkfqS2cpF9Z/sTXJ4
 xDLiY7uYNsTcCblwqaiijY5c90xwRB2vLs5CJdKFgyB6PNgg/2wHJqP/WHHEj+F8
 BoSm3Ts7NXQf23pP9CXICe7vXX3J+ruOnC7FOSRobr6KGjn6DUrIZxo1ZepTwpp9
 DIq+1eOFKKjwLQM3Jdi8WBCP63LhYXrTZxreke3jpwdcD7oIO9v6/e9J1gU5xHWa
 Izg+YnWn1JLfq/X8T7YTZddUXGGPkH5i6LZKKkyY8u7LkJ4WR7syuAceUzkOOIAq
 UWO0uEV7IiLnZzZGTtNIlEqtuklmVQTm6bvAgTPabai2JQyngFpH5M/5mPpVSiLV
 QRLwaM56c+5GGZJWef8vxdGeYn+8rFI/UUniJ7358kLJF2IHsxlZu8J0ZZO2HWI2
 ze5Kz0AWRzXLhWzq62Qb2dsiGySrZ7hng1tDxLak2IiusY+9SjM=
 =Mz9U
 -----END PGP SIGNATURE-----

Merge tag 'v0.31.0'

Changes in synapse v0.31.0 (2018-06-06)
======================================

Most notable change from v0.30.0 is to switch to python prometheus library to improve system
stats reporting. WARNING this changes a number of prometheus metrics in a
backwards-incompatible manner. For more details, see
`docs/metrics-howto.rst <docs/metrics-howto.rst#removal-of-deprecated-metrics--time-based-counters-becoming-histograms-in-0310>`_.

Bug Fixes:

* Fix metric documentation tables (PR #3341)
* Fix LaterGuage error handling (694968f)
* Fix replication metrics (b7e7fd2)

Changes in synapse v0.31.0-rc1 (2018-06-04)
==========================================

Features:

* Switch to the Python Prometheus library (PR #3256, #3274)
* Let users leave the server notice room after joining (PR #3287)

Changes:

* daily user type phone home stats (PR #3264)
* Use iter* methods for _filter_events_for_server (PR #3267)
* Docs on consent bits (PR #3268)
* Remove users from user directory on deactivate (PR #3277)
* Avoid sending consent notice to guest users (PR #3288)
* disable CPUMetrics if no /proc/self/stat (PR #3299)
* Add local and loopback IPv6 addresses to url_preview_ip_range_blacklist (PR #3312) Thanks to @thegcat!
* Consistently use six's iteritems and wrap lazy keys/values in list() if they're not meant to be lazy (PR #3307)
* Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat!
* Reduce stuck read-receipts: ignore depth when updating (PR #3318)
* Put python's logs into Trial when running unit tests (PR #3319)

Changes, python 3 migration:

* Replace some more comparisons with six (PR #3243) Thanks to @NotAFile!
* replace some iteritems with six (PR #3244) Thanks to @NotAFile!
* Add batch_iter to utils (PR #3245) Thanks to @NotAFile!
* use repr, not str (PR #3246) Thanks to @NotAFile!
* Misc Python3 fixes (PR #3247) Thanks to @NotAFile!
* Py3 storage/_base.py (PR #3278) Thanks to @NotAFile!
* more six iteritems (PR #3279) Thanks to @NotAFile!
* More Misc. py3 fixes (PR #3280) Thanks to @NotAFile!
* remaining isintance fixes (PR #3281) Thanks to @NotAFile!
* py3-ize state.py (PR #3283) Thanks to @NotAFile!
* extend tox testing for py3 to avoid regressions (PR #3302) Thanks to @krombel!
* use memoryview in py3 (PR #3303) Thanks to @NotAFile!

Bugs:

* Fix federation backfill bugs (PR #3261)
* federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx!
2018-06-06 12:27:33 +01:00
Richard van der Hoff 522bd3c8a3 Merge remote-tracking branch 'origin/master' into develop 2018-06-05 17:42:49 +01:00
Felix Schäfer 4ef76f3ac4 Add private IPv6 addresses to preview blacklist #3312
The added addresses are expected to be local or loopback addresses and
shouldn't be spidered for previews.

Signed-off-by: Felix Schäfer <felix@thegcat.net>
2018-06-01 12:18:35 +02:00
Amber Brown febe0ec8fd
Run Prometheus on a different port, optionally. (#3274) 2018-05-31 19:04:50 +10:00
Richard van der Hoff 219c2a322b
remove trailing whitespace 2018-05-30 19:42:19 +01:00
Richard van der Hoff 2e4be8bfd9
fix english and wrap comment 2018-05-30 19:24:12 +01:00
Ruben Barkow 08ea5fe635
add link to thorough instruction how to configure consent 2018-05-25 23:19:55 +02:00
Richard van der Hoff 66bdae986f Fix default for send_server_notice_to_guests
bool("False") == True...
2018-05-25 11:42:05 +01:00
Richard van der Hoff ba1b163590 Avoid sending consent notice to guest users
we think it makes sense not to send the notices to guest users.
2018-05-25 11:36:43 +01:00
Richard van der Hoff 9bf4b2bda3 Allow overriding the server_notices user's avatar
probably should have done this in the first place, like @turt2live suggested.
2018-05-23 17:43:30 +01:00
Richard van der Hoff 82191b08f6 Support for putting %(consent_uri)s in messages
Make it possible to put the URI in the error message and the server notice that
get sent by the server
2018-05-23 15:24:31 +01:00
Richard van der Hoff a5e2941aad Reject attempts to send event before privacy consent is given
Returns an M_CONSENT_NOT_GIVEN error (cf
https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet
given.
2018-05-22 12:00:47 +01:00
Richard van der Hoff d5dca9a04f Move consent config parsing into ConsentConfig
turns out we need to reuse this, so it's better in the config class.
2018-05-22 11:54:51 +01:00
Richard van der Hoff 9ea219c514 Send users a server notice about consent
When a user first syncs, we will send them a server notice asking them to
consent to the privacy policy if they have not already done so.
2018-05-22 11:54:51 +01:00
Richard van der Hoff d14d7b8fdc Rename 'version' param on user consent config
we're going to use it for the version we require too.
2018-05-22 11:54:51 +01:00
Richard van der Hoff d10707c810 Replace inline docstrings with "Attributes" in class docstring 2018-05-18 11:00:55 +01:00
Richard van der Hoff fed62e21ad Infrastructure for a server notices room
Server Notices use a special room which the user can't dismiss. They are
created on demand when some other bit of the code calls send_notice.

(This doesn't actually do much yet becuse we don't call send_notice anywhere)
2018-05-17 17:58:25 +01:00
Richard van der Hoff 47815edcfa ConsentResource to gather policy consent from users
Hopefully there are enough comments and docs in this that it makes sense on its
own.
2018-05-15 15:11:59 +01:00
Richard van der Hoff 2fd96727b1
Merge pull request #3085 from NotAFile/py3-config-text-mode
Open config file in non-bytes mode
2018-04-30 01:00:23 +01:00
Richard van der Hoff b8ee12b978
Merge pull request #3084 from NotAFile/py3-certs-byte-mode
Open certificate files as bytes
2018-04-30 01:00:05 +01:00
Adrian Tschira a376d8f761 open log_config in text mode too
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-28 13:34:13 +02:00
Adrian Tschira 2a3c33ff03 Use six.moves.urlparse
The imports were shuffled around a bunch in py3

Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-15 21:22:43 +02:00
Adrian Tschira a3f9ddbede Open certificate files as bytes
That's what pyOpenSSL expects on python3

Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-10 17:36:29 +02:00
Adrian Tschira 7f8eebc8ee Open config file in non-bytes mode
Nothing written into it is encoded, so it makes little sense, but it
does break in python3 the way it was before.

The variable names were adjusted to be less misleading.

Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-10 17:32:40 +02:00
Richard van der Hoff 0e9aa1d091
Merge pull request #3074 from NotAFile/fix-py3-prints
use python3-compatible prints
2018-04-09 23:44:41 +01:00
Adrian Tschira e54c202b81 Replace some type checks with six type checks
Signed-off-by: Adrian Tschira <nota@notafile.com>
2018-04-07 01:02:32 +02:00
Adrian Tschira b0500d3774 use python3-compatible prints 2018-04-06 23:35:27 +02:00
Matthew Hodgson 38f952b9bc spell out not to massively increase bcrypt rounds 2018-03-19 09:27:36 +00:00
Erik Johnston 24dd73028a Add replication http endpoint for event sending 2018-02-07 10:32:32 +00:00
Matthew Hodgson ab9f844aaf
Add federation_domain_whitelist option (#2820)
Add federation_domain_whitelist

gives a way to restrict which domains your HS is allowed to federate with.
useful mainly for gracefully preventing a private but internet-connected HS from trying to federate to the wider public Matrix network
2018-01-22 19:11:18 +01:00
Matthew Hodgson d84f65255e
Merge pull request #2813 from matrix-org/matthew/registrations_require_3pid
add registrations_require_3pid and allow_local_3pids
2018-01-22 13:57:22 +00:00
Matthew Hodgson 447f4f0d5f rewrite based on PR feedback:
* [ ] split config options into allowed_local_3pids and registrations_require_3pid
 * [ ] simplify and comment logic for picking registration flows
 * [ ] fix docstring and move check_3pid_allowed into a new util module
 * [ ] use check_3pid_allowed everywhere

@erikjohnston PTAL
2018-01-19 15:33:55 +00:00
Matthew Hodgson 28a6ccb49c add registrations_require_3pid
lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails
2018-01-19 00:19:58 +00:00
Erik Johnston d69768348f Fix passing wrong config to provider constructor 2018-01-18 17:14:05 +00:00
Erik Johnston 8e85220373 Remove duplicate directory test 2018-01-18 17:12:35 +00:00
Erik Johnston aae77da73f Fixup comments 2018-01-18 17:11:29 +00:00
Erik Johnston 0af5dc63a8 Make storage providers more configurable 2018-01-18 14:07:21 +00:00
Matthew Hodgson 5e97ca7ee6 fix typo 2018-01-16 16:52:35 +00:00
Erik Johnston f4d93ae424 Actually make it work 2018-01-12 10:39:27 +00:00
Richard van der Hoff cb66a2d387
Merge pull request #2763 from matrix-org/rav/fix_config_uts
Fix broken config UTs
2018-01-09 12:08:08 +00:00
Richard van der Hoff 0211464ba2 Fix broken config UTs
https://github.com/matrix-org/synapse/pull/2755 broke log-config generation,
which in turn broke the unit tests.
2018-01-09 11:28:33 +00:00
Richard van der Hoff 3a556f1ea0 Make indentation of generated log config consistent
(we had a mix of 2- and 4-space indents)
2018-01-09 11:27:19 +00:00
Richard van der Hoff 840f72356e
Remove 'verbosity'/'log_file' from generated cfg
... because these only really exist to confuse people nowadays.

Also bring log config more into line with the generated log config, by making `level_for_storage`
apply to the `synapse.storage.SQL` logger rather than `synapse.storage`.
2018-01-05 12:30:28 +00:00
Richard van der Hoff 3f9f1c50f3
Merge pull request #2683 from seckrv/fix_pwd_auth_prov_typo
synapse/config/password_auth_providers: Fixed bracket typo
2017-12-18 22:37:21 +00:00
Silke Hofstra 37d1a90025 Allow binds to both :: and 0.0.0.0
Binding on 0.0.0.0 when :: is specified in the bind_addresses is now allowed.
This causes a warning explaining the behaviour.
Configuration changed to match.

See #2232

Signed-off-by: Silke Hofstra <silke@slxh.eu>
2017-12-17 13:10:31 +01:00
Willem Mulder 3e59143ba8 Adapt the default config to bind on IPv6.
Most deployments are on Linux (or Mac OS), so this would actually bind
on both IPv4 and IPv6.

Resolves #1886.

Signed-off-by: Willem Mulder <willemmaster@hotmail.com>
2017-12-17 13:07:37 +01:00
Matthew Hodgson b11dca2025 better doc 2017-12-04 17:51:33 +00:00
Matthew Hodgson 1bd40ca73e switch to a simpler 'search_all_users' button as per review feedback 2017-12-04 14:58:39 +00:00
Matthew Hodgson f397153dfc Merge branch 'develop' into matthew/search-all-local-users 2017-11-30 01:51:38 +00:00
Matthew Hodgson 5406392f8b specify default user_directory_include_pattern 2017-11-30 01:45:34 +00:00
Matthew Hodgson 3241c7aac3 untested WIP but might actually work 2017-11-29 18:27:05 +00:00
Matthew Hodgson 47d99a20d5 Add user_directory_include_pattern config param to expand search results to additional users
Initial commit; this doesn't work yet - the LIKE filtering seems too aggressive.
It also needs _do_initial_spam to be aware of prepopulating the whole user_directory_search table with all users...
...and it needs a handle_user_signup() or something to be added so that new signups get incrementally added to the table too.

Committing it here as a WIP
2017-11-29 16:46:45 +00:00
Richard van der Hoff 68ca864141 Add config option to disable media_repo on main synapse
... to stop us doing the cache cleanup jobs on the master.
2017-11-22 16:20:27 +00:00
Luke Barnard b1edf26051 Check group_id belongs to this domain 2017-11-16 17:54:27 +00:00
Richard von Seck 6f05de0e5e synapse/config/password_auth_providers: Fixed bracket typo
Signed-off-by: Richard von Seck <richard.von-seck@gmx.net>
2017-11-16 15:59:38 +01:00
David Baker 45ab288e07 Print instead of logging
because we had to wait until the logger was set up
2017-11-13 18:32:08 +00:00
David Baker b2a788e902 Make the commented config have the default 2017-11-09 10:11:42 +00:00
David Baker ad408beb66 better comments 2017-11-08 11:50:08 +00:00
David Baker 1b870937ae Log if any of the old config flags are set 2017-11-08 11:46:24 +00:00
David Baker 2a98ba0ed3 Rename redact_content option to include_content
The redact_content option never worked because it read the wrong config
section. The PR introducing it
(https://github.com/matrix-org/synapse/pull/2301) had feedback suggesting the
name be changed to not re-use the term 'redact' but this wasn't
incorporated.

This reanmes the option to give it a less confusing name, and also
means that people who've set the redact_content option won't suddenly
see a behaviour change when upgrading synapse, but instead can set
include_content if they want to.

This PR also updates the wording of the config comment to clarify
that this has no effect on event_id_only push.

Includes https://github.com/matrix-org/synapse/pull/2422
2017-11-08 10:35:30 +00:00
Richard van der Hoff fcdfc911ee Add a hook for custom rest endpoints
Let the user specify custom modules which can be used for implementing extra
endpoints.
2017-11-02 14:36:55 +00:00
Richard van der Hoff ffc574a6f9 Clean up backwards-compat hacks for ldap
try to make the backwards-compat flows follow the same code paths as the modern
impl.

This commit should be non-functional.
2017-10-31 10:47:02 +00:00
Matthew Hodgson 208a6647f1 fix typo 2017-10-29 20:54:20 +00:00
Richard van der Hoff f7f90e0c8d Fix error when running synapse with no logfile
Fixes 'UnboundLocalError: local variable 'sighup' referenced before assignment'
2017-10-26 16:45:20 +01:00
Matthew Hodgson efd0f5a3c5 tip for generating tls_fingerprints 2017-10-24 18:49:49 +01:00
Richard van der Hoff eaaabc6c4f replace 'except:' with 'except Exception:'
what could possibly go wrong
2017-10-23 15:52:32 +01:00
Erik Johnston c7d46510d7 Flake8 2017-10-19 13:36:06 +01:00
Erik Johnston ffd3f1a783 Add missing file... 2017-10-19 12:17:30 +01:00
Erik Johnston 29bafe2f7e Add config to enable group creation 2017-10-19 12:13:44 +01:00
Richard van der Hoff 7216c76654 Improve error handling for missing files (#2551)
`os.path.exists` doesn't allow us to distinguish between permissions errors and
the path actually not existing, which repeatedly confuses people. It also means
that we try to overwrite existing key files, which is super-confusing. (cf
issues #2455, #2379). Use os.stat instead.

Also, don't recomemnd the the use of --generate-config, which screws everything
up if you're using debian (cf #2455).
2017-10-17 14:46:17 +01:00
David Baker a9c2e930ac pep8 2017-10-17 10:13:13 +01:00
David Baker c05e6015cc Add config option to auto-join new users to rooms
New users who register on the server will be dumped into all rooms in
auto_join_rooms in the config.
2017-10-16 17:57:27 +01:00
Erik Johnston e283b555b1 Copy everything to backup 2017-10-12 17:31:24 +01:00
Erik Johnston bf4fb1fb40 Basic implementation of backup media store 2017-10-12 15:20:59 +01:00
David Baker 1786b0e768 Forgot the new file again :( 2017-09-27 10:22:54 +01:00
David Baker 6cd5fcd536 Make the spam checker a module 2017-09-26 19:20:23 +01:00
David Baker 4824a33c31 Factor out module loading to a separate place
So it can be reused
2017-09-26 17:51:26 +01:00
Richard van der Hoff aa620d09a0 Add a config option to block all room invites (#2457)
- allows sysadmins the ability to lock down their servers so that people can't
send their users room invites.
2017-09-19 16:08:14 +01:00
Richard van der Hoff d2352347cf Fix process startup
escape the % that got added in 92168cb so that the process starts up ok.
2017-08-16 14:57:35 +01:00
Matthew Hodgson 92168cbbc5 explain why CPU affinity is a good idea 2017-08-15 18:27:42 +01:00
Richard van der Hoff 10d8b701a1 Allow configuration of CPU affinity
Make it possible to set the CPU affinity in the config file, so that we don't
need to remember to do it manually every time.
2017-08-15 17:08:28 +01:00
Erik Johnston 1fc4a962e4 Add a frontend proxy 2017-07-07 18:19:46 +01:00
Caleb James DeLisle 27bd0b9a91 Change the config file generator to more descriptive explanation of push.redact_content 2017-06-24 10:32:12 +02:00
Caleb James DeLisle bce144595c Fix TravisCI tests for PR #2301 - Fat finger mistake 2017-06-23 15:26:09 +02:00
Caleb James DeLisle 75eba3b07d Fix TravisCI tests for PR #2301 2017-06-23 15:15:18 +02:00
Caleb James DeLisle 1591eddaea Add configuration parameter to allow redaction of content from push messages for google/apple devices 2017-06-23 13:01:04 +02:00
Erik Johnston 6aa5bc8635 Initial worker impl 2017-06-16 11:47:11 +01:00
Pablo Saavedra 9da4316ca5 Configurable maximum number of events requested by /sync and /messages (#2220)
Set the limit on the returned events in the timeline in the get and sync
operations. The default value is -1, means no upper limit.

For example, using `filter_timeline_limit: 5000`:

POST /_matrix/client/r0/user/user:id/filter
{
room: {
    timeline: {
      limit: 1000000000000000000
    }
}
}

GET /_matrix/client/r0/user/user:id/filter/filter:id

{
room: {
    timeline: {
      limit: 5000
    }
}
}

The server cuts down the room.timeline.limit.
2017-05-13 18:17:54 +02:00
Matthew Wolff 8e780b113d
web_server_root documentation fix
Signed-off-by: Matthew Wolff <matthewjwolff@gmail.com>
2017-04-17 00:49:11 -05:00
Matthew Hodgson 7c551ec445 trust a hypothetical future riot.im IS 2017-04-10 17:58:36 +01:00
David Baker 405ba4178a Merge pull request #2102 from DanielDent/add-auth-email
Support authenticated SMTP
2017-04-10 15:42:16 +01:00
Daniel Dent 5058292537 Support authenticated SMTP
Closes (SYN-714) #1385

Signed-off-by: Daniel Dent <matrixcontrib@contactdaniel.net>
2017-04-05 21:01:08 -07:00
Erik Johnston a5c401bd12 Merge pull request #2097 from matrix-org/erikj/repl_tcp_client
Move to using TCP replication
2017-04-05 09:36:21 +01:00
Erik Johnston d1605794ad Remove unused worker config option 2017-04-04 11:17:00 +01:00
Erik Johnston 36c28bc467 Update all the workers and master to use TCP replication 2017-04-03 15:35:52 +01:00
Matthew Hodgson 0970e0307e typo 2017-03-15 12:40:42 +00:00
Matthew Hodgson 5aa42d4292 set default for turn_allow_guests correctly 2017-03-15 12:40:13 +00:00
Matthew Hodgson e0ff66251f add setting (on by default) to support TURN for guests 2017-03-15 12:22:18 +00:00
Richard van der Hoff 6037a9804c Add helpful texts to logger config options 2017-03-13 12:33:35 +00:00
Richard van der Hoff 6bfe8e32b5 Merge pull request #1983 from matrix-org/rav/no_redirect_stdio
Add an option to disable stdio redirect
2017-03-13 12:20:07 +00:00
Richard van der Hoff bcfa5cd00c Add an option to disable stdio redirect
This makes it tractable to run synapse under pdb.
2017-03-10 15:38:29 +00:00
Richard van der Hoff d84bd51e95 Refactor logger config for workers
- to make it easier to add more config options.
2017-03-10 15:34:01 +00:00
Richard van der Hoff 9072a8c627 Reread log config on SIGHUP
When we are using a log_config file, reread it on SIGHUP.
2017-03-10 15:29:55 +00:00
Tyler Smith df4407d665 Fix typo in config comments.
Signed-off-by: Tyler Smith <tylersmith.me@gmail.com>
2017-02-11 23:02:57 -08:00
Erik Johnston 86063d4321 Merge pull request #1835 from matrix-org/erikj/fix_workers
Make worker listener config backwards compat
2017-01-20 11:55:56 +00:00
Erik Johnston 97efe99ae9 Make worker listener config backwards compat 2017-01-20 11:45:29 +00:00
Marvin Steadfast 86e6165687 Added default config for turn username and password 2017-01-19 14:35:55 +01:00
Marvin Steadfast 1e38be3a7a Added username and password for turn server
It makes it possible to use a turn server that needs a username and
password instead of a token.
2017-01-19 14:08:20 +01:00
Adrian Perez de Castro a3e4a198e3
Allow configuring the Riot URL used in notification emails
The URLs used for notification emails were hardcoded to use either matrix.to
or vector.im; but for self-hosted setups where Riot is also self-hosted it
may be desirable to allow configuring an alternative Riot URL.

Fixes #1809.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
2017-01-13 17:12:04 +02:00
Erik Johnston 641ccdbb14 Merge pull request #1795 from matrix-org/erikj/port_defaults
Restore default bind address
2017-01-13 13:02:59 +00:00
Erik Johnston bf5c9706d9 Remove full_twisted_stacktraces option
The debug 'full_twisted_stacktraces' flag caused synapse to rewrite
twisted deferreds to always fire the callback on the next reactor tick.
This was to force the deferred to always store the stacktraces on
exceptions, and thus be more likely to have a full stacktrace when it
reaches the final error handlers and gets printed to the logs.

Dynamically rewriting things is generally bad, and in particular this
change violates assumptions of various bits of Twisted. This wouldn't
necessarily be so bad, but it turns out this option has been turned on
on some production servers.

Turning the option can cause e.g. #1778.

For now, lets just entirely nuke this option.
2017-01-12 10:32:52 +00:00
Erik Johnston b1dfd20292 Pop bind_address 2017-01-10 17:23:18 +00:00
Erik Johnston edd6cdfc9a Restore default bind address 2017-01-10 17:21:41 +00:00
Mark Haines f576c34594 Merge remote-tracking branch 'origin/release-v0.18.6' into develop 2016-12-30 15:13:49 +00:00
Mark Haines 822cb39dfa Use the new twisted logging framework.
Hopefully adding an observer to the new framework will avoid a memory
leak https://twistedmatrix.com/trac/ticket/8164
2016-12-30 11:09:24 +00:00
Johannes Löthberg f5cd5ebd7b Add IPv6 comment to default config
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 23:14:32 +01:00
Johannes Löthberg c95e9fff99 Make default homeserver config use bind_addresses
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 21:51:56 +01:00
pik c46e7a9c9b Bugfix: Console logging handler missing default filter 2016-12-03 20:14:58 -03:00
Richard van der Hoff 1c4f05db41 Stop putting a time caveat on access tokens
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.

Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
Erik Johnston ed787cf09e Hook up the send queue and create a federation sender worker 2016-11-16 17:34:44 +00:00
Erik Johnston d56c39cf24 Use external ldap auth pacakge 2016-11-15 13:03:19 +00:00
Erik Johnston 0964005d84 Merge pull request #1625 from DanielDent/patch-1
Add support for durations in minutes
2016-11-12 11:20:46 +00:00
Daniel Dent 1c93cd9f9f Add support for durations in minutes 2016-11-12 00:10:23 -08:00
Erik Johnston ac507e7ab8 Don't assume providers raise ConfigError's 2016-11-08 17:23:28 +00:00
Euan Kemp c6bbad109b default config: blacklist more internal ips 2016-11-06 17:02:25 -08:00
Luke Barnard 5b54d51d1e Allow Configurable Rate Limiting Per AS
This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240.
2016-10-18 17:04:09 +01:00
Mark Haines 9e18e0b1cb Merge pull request #1167 from matrix-org/markjh/fingerprints
Add config option for adding additional TLS fingerprints
2016-10-12 15:27:44 +01:00
Mark Haines c61ddeedac Explain how long the servers can cache the TLS fingerprints for 2016-10-12 14:48:24 +01:00
Mark Haines 0af6213019 Improve comment formatting 2016-10-12 14:45:13 +01:00
Mark Haines 6e9f3ab415 Add config option for adding additional TLS fingerprints 2016-10-11 19:14:46 +01:00
Erik Johnston 850b103b36 Implement pluggable password auth
Allows delegating the password auth to an external module. This also
moves the LDAP auth to using this system, allowing it to be removed from
the synapse tree entirely in the future.
2016-10-03 10:36:40 +01:00
Erik Johnston 4131381123 Remove support for aggregate room lists 2016-09-15 09:28:15 +01:00
Kegan Dougal c882783535 flake8 2016-08-30 17:20:31 +01:00
Kegan Dougal 572acde483 Use None instead of the empty string
Change how we validate the 'url' field as a result.
2016-08-30 17:16:00 +01:00
Kegan Dougal 16b652f0a3 Flake8 2016-08-30 16:30:12 +01:00
Kegan Dougal e82247f990 Allow application services to have an optional 'url'
If 'url' is not specified, they will not be pushed for events or queries. This
is useful for bots who simply wish to reserve large chunks of user/alias
namespace, and don't care about being pushed for events.
2016-08-30 16:21:16 +01:00
Paul Evans 5674ea3e6c Merge pull request #1026 from matrix-org/paul/thirdpartylookup
3rd party entity lookup
2016-08-18 20:52:50 +01:00
Erik Johnston 07229bbdae Add appservice worker 2016-08-18 14:59:55 +01:00
Paul "LeoNerd" Evans 434bbf2cb5 Filter 3PU lookups by only ASes that declare knowledge of that protocol 2016-08-18 14:56:02 +01:00
Kent Shikama 8d9a884cee
Update password config comment
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-06 12:18:19 +09:00
Kent Shikama 252ee2d979
Remove default password pepper string 2016-07-05 19:15:51 +09:00
Kent Shikama 14362bf359
Fix password config 2016-07-05 19:12:53 +09:00
Kent Shikama 1ee2584307
Fix pep8 2016-07-05 19:01:00 +09:00
Kent Shikama 507b8bb091
Add comment to prompt changing of pepper 2016-07-05 18:42:35 +09:00
Kent Shikama 8bdaf5f7af
Add pepper to password hashing
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-05 02:13:52 +09:00
Matthew Hodgson 63bb8f0df9 remove vector.im from default secondary DS list 2016-06-27 13:13:33 +04:00
Mark Haines 05f1a4596a Merge branch 'master' into develop 2016-06-23 11:17:48 +01:00
Martin Weinelt 0a32208e5d Rework ldap integration with ldap3
Use the pure-python ldap3 library, which eliminates the need for a
system dependency.

Offer both a `search` and `simple_bind` mode, for more sophisticated
ldap scenarios.
- `search` tries to find a matching DN within the `user_base` while
  employing the `user_filter`, then tries the bind when a single
  matching DN was found.
- `simple_bind` tries the bind against a specific DN by combining the
  localpart and `user_base`

Offer support for STARTTLS on a plain connection.

The configuration was changed to reflect these new possibilities.

Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
2016-06-22 17:51:59 +02:00
Mark Haines 13e334506c Remove the legacy v0 content upload API.
The existing content can still be downloaded. The last upload to the
matrix.org server was in January 2015, so it is probably safe to remove
the upload API.
2016-06-21 11:47:39 +01:00
Erik Johnston bc72d381b2 Merge branch 'release-v0.16.1' of github.com:matrix-org/synapse 2016-06-20 14:18:04 +01:00
Erik Johnston 3e41de05cc Turn use_frozen_events off by default 2016-06-17 15:11:22 +01:00
Mark Haines a352b68acf Use worker_ prefixes for worker config, use existing support for multiple config files 2016-06-16 17:29:50 +01:00
Mark Haines 364d616792 Access the event_cache_size directly from the server object.
This means that the workers can override the event_cache_size
directly without clobbering the value in the main synapse config.
2016-06-16 12:53:15 +01:00
Mark Haines bde13833cb Access replication_url from the worker config directly 2016-06-16 12:44:40 +01:00
Mark Haines 80a1bc7db5 Comment on what's going on in clobber_with_worker_config 2016-06-16 11:29:45 +01:00
Mark Haines dbb5a39b64 Add worker config module 2016-06-16 11:09:15 +01:00
Mark Haines 885ee861f7 Inline the synchrotron and pusher configs into the main config 2016-06-16 11:06:12 +01:00
Matthew Hodgson 33546b58aa point to the CAPTCHA docs 2016-06-12 23:11:29 +01:00
Mark Haines 7dbb473339 Add function to load config without generating it
Renames ``load_config`` to ``load_or_generate_config``
Adds a method called ``load_config`` that just loads the
config.

The main synapse.app.homeserver will continue to use
``load_or_generate_config`` to retain backwards compat.
However new worker processes can use ``load_config`` to
load the config avoiding some of the cruft needed to generate
the config.

As the new ``load_config`` method is expected to be used by new
configs it removes support for the legacy commandline overrides
that ``load_or_generate_config`` supports
2016-06-09 18:50:38 +01:00
Erik Johnston dded389ac1 Allow setting of gc.set_thresholds 2016-06-07 15:45:56 +01:00
Matthew Hodgson 79d1f072f4 brand the email from header 2016-06-02 21:34:40 +01:00
David Baker 6ca4d3ae9a Add vector.im to default secondary_directory_servers and add comment explaining it's not a permanent solution 2016-05-31 17:24:50 +01:00
David Baker e1625d62a8 Add federation room list servlet 2016-05-31 11:55:57 +01:00
Mark Haines 6a30a0bfd3 Move the functions for parsing app service config 2016-05-17 11:28:58 +01:00
Mark Haines eb79110beb Clean up the blacklist/whitelist handling.
Always set the config key with an empty list, even if a list isn't specified.
This means that the codepaths are the same for both the empty list and
for a missing key. Since the behaviour is the same for both cases this
makes the code somewhat easier to reason about.
2016-05-16 13:03:59 +01:00
Mark Haines dd95eb4cb5 Merge branch 'develop' into matthew/preview_url_ip_whitelist 2016-05-16 12:59:41 +01:00
Negi Fazeli 40aa6e8349 Create user with expiry
- Add unittests for client, api and handler

Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
David Baker c00b484eff More consistent config naming 2016-05-10 14:39:16 +02:00
David Baker 94040b0798 Add config option to not send email notifs for new users 2016-05-10 14:34:53 +02:00
Matthew Hodgson 81c2176cba fix layout; handle app naming in synapse, not jinja 2016-05-05 15:54:29 +01:00
Matthew Hodgson 17cbf773b9 fix assorted typos in default config 2016-05-04 11:38:01 +01:00
Matthew Hodgson 792def4928 add a url_preview_ip_range_whitelist config param so we can whitelist the matrix.org IP space 2016-05-01 12:44:24 +01:00
David Baker 83618d719a Try imports in config 2016-04-29 19:13:52 +01:00
David Baker 765f2b8446 Default enable email notifs to False 2016-04-29 14:46:18 +01:00
David Baker 4b0c3a3270 Correct public_baseurl default 2016-04-29 14:30:15 +01:00
David Baker 5048455965 Nicer get() shorthand 2016-04-29 14:27:40 +01:00
David Baker 6c8957be7f Remove redundant docstring 2016-04-29 14:25:28 +01:00
David Baker 18ce88bd2d Correct default template and add text template 2016-04-29 14:24:25 +01:00
David Baker 40d40e470d Send mail notifs with a plaintext part too 2016-04-29 13:56:21 +01:00
David Baker acded821c4 Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs 2016-04-29 10:05:20 +01:00
David Baker 60f86fc876 pep8 2016-04-28 15:16:30 +01:00
David Baker fa12209c1b Hopefully all remaining bits for email notifs
Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails
2016-04-27 15:09:55 +01:00
Erik Johnston 52ecbc2843 Make pyjwt dependency optional 2016-04-25 14:30:15 +01:00
Mark Haines 2022ae0fb9 Merge pull request #746 from matrix-org/markjh/split_out_pusher
Optionally split out the pushers into a separate process
2016-04-22 11:34:08 +01:00
Erik Johnston b9675ef6e6 Merge pull request #687 from nikriek/jwt-fix
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
Mark Haines a3ac837599 Optionally split out the pushers into a separate process 2016-04-21 17:22:37 +01:00
Niklas Riekenbrauck 565c2edb0a Fix issues with JWT login 2016-04-21 18:10:48 +02:00
David Baker 2ed0adb075 Generate mails from a template 2016-04-20 18:35:29 +01:00
David Baker f63bd4ff47 Send a rather basic email notif
Also pep8 fixes
2016-04-20 13:02:01 +01:00
Erik Johnston f338bf9257 Give install requirements 2016-04-13 14:33:48 +01:00
Erik Johnston bfe586843f Add back in helpful description for missing url_preview_ip_range_blacklist 2016-04-13 13:52:57 +01:00
Erik Johnston d0633e6dbe Sanitize the optional dependencies for spider API 2016-04-13 13:38:09 +01:00
Matthew Hodgson 4bd3d25218 Merge pull request #688 from matrix-org/matthew/preview_urls
URL previewing support
2016-04-11 10:40:29 +01:00
Matthew Hodgson af582b66bb fix typo 2016-04-08 19:08:47 +01:00
Matthew Hodgson dafef5a688 Add url_preview_enabled config option to turn on/off preview_url endpoint. defaults to off.
Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered.
Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered.
Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist
Add commentary and generally address PR feedback
2016-04-08 18:37:15 +01:00
Christoph Witzany 92767dd703 add tls property 2016-04-06 18:23:45 +02:00
Christoph Witzany 3d95405e5f Introduce LDAP authentication 2016-04-06 18:23:45 +02:00
Matthew Hodgson 9f7dc2bef7 Merge branch 'develop' into matthew/preview_urls 2016-04-04 00:38:21 +01:00
Niklas Riekenbrauck 3f9948a069 Add JWT support 2016-03-29 14:36:36 +02:00
Matthew Hodgson d9d48aad2d Merge branch 'develop' into matthew/preview_urls 2016-03-27 22:54:42 +01:00
Erik Johnston 590fbbef03 Add config to create guest account on 3pid invite
Currently, when a 3pid invite request is sent to an identity server, it
includes a provisioned guest access token. This allows the link in the,
say, invite email to include the guest access token ensuring that the
same account is used each time the link is clicked.

This flow has a number of flaws, including when using different servers
or servers that have guest access disabled.

For now, we keep this implementation but hide it behind a config option
until a better flow is implemented.
2016-03-14 15:50:40 +00:00
Mark Haines 239badea9b Use syntax that works on both py2.7 and py3 2016-03-07 20:13:10 +00:00
Patrik Oldsberg 5fc59f009c config,handlers/_base: added homeserver config for what state is included in a room invite
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-03-04 10:43:17 +01:00
Matthew Hodgson 47c361d2f8 add 800x600 thumbnails to make vector look prettier (and anyone else who likes big thumbnails) 2016-03-02 15:57:54 +00:00
Erik Johnston f078ecbc8f Derive macaroon_secret_key from signing key.
Unfortunately, there are people that are running synapse without a
`macaroon_sercret_key` set. Mandating they set one is a good solution,
except that breaking auto upgrades is annoying.
2016-02-08 16:35:44 +00:00
Daniel Wagner-Hall 6a9f1209df Error if macaroon key is missing from config
Currently we store all access tokens in the DB, and fall back to that
check if we can't validate the macaroon, so our fallback works here, but
for guests, their macaroons don't get persisted, so we don't get to
find them in the database. Each restart, we generate a new ephemeral
key, so guests lose access after each server restart.

I tried to fix up the config stuff to be less insane, but gave up, so
instead I bolt on yet another piece of custom one-off insanity.

Also, add some basic tests for config generation and loading.
2016-02-05 01:58:23 +00:00
Daniel Wagner-Hall 5054806ec1 Rename config field to reflect yaml name 2016-02-03 14:42:01 +00:00
Mark Haines 0fcafbece8 Add config option for setting the trusted id servers, disabling checking the ID server in integration tests 2016-01-29 14:12:26 +00:00
Matthew Hodgson 7dd0c1730a initial WIP of a tentative preview_url endpoint - incomplete, untested, experimental, etc. just putting it here for safekeeping for now 2016-01-24 18:47:27 -05:00
Erik Johnston 5727922106 Merge pull request #473 from matrix-org/erikj/ssh_manhole
Change manhole to use ssh
2016-01-07 14:36:16 +00:00
Erik Johnston 5dc5e29b9c s/telnet/ssh/ 2016-01-07 14:02:57 +00:00
Matthew Hodgson 6c28ac260c copyrights 2016-01-07 04:26:29 +00:00
Robin Lambertz 4106477e7f Config Comment mixup in captcha public/private key 2016-01-06 23:19:33 +01:00
Mads R. Christensen 6863466653 Added a single line to explain what the server_name is used for 2015-12-02 00:37:55 +01:00
Erik Johnston 06f74068f4 Comment 2015-11-19 13:05:51 +00:00
Erik Johnston 037ce4c68f Split out text for missing config options.
This allows packages to more easily override the default messages to
include package specific options.
2015-11-18 18:37:05 +00:00
Steven Hammerton f5e25c5f35 Merge branch 'develop' into sh-cas-auth-via-homeserver 2015-11-17 10:55:41 +00:00
Daniel Wagner-Hall 6a9c4cfd0b Fix race creating directories 2015-11-12 11:58:48 +00:00
Steven Hammerton 414a4a71b4 Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response 2015-11-05 14:06:48 +00:00
Steven Hammerton 45f1827fb7 Add service URL to CAS config 2015-11-04 23:32:30 +00:00
Daniel Wagner-Hall f522f50a08 Allow guests to register and call /events?room_id=
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
Erik Johnston 259d10f0e4 Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop 2015-10-23 11:11:56 +01:00
Erik Johnston 5025ba959f Add config option to disable password login 2015-10-22 10:37:04 +01:00
Mark Haines f2f031fd57 Add config for how many bcrypt rounds to use for password hashes
By default we leave it at the default value of 12. But now we can reduce
it for preparing users for loadtests or running integration tests.
2015-10-16 14:52:08 +01:00
Mark Haines 9020860479 Only turn on the twisted deferred debugging if full_twisted_stacktraces is set in the config 2015-10-13 17:50:44 +01:00
Steven Hammerton ab7f9bb861 Default cas_required_attributes to empty dictionary 2015-10-12 14:58:59 +01:00
Steven Hammerton 01a5f1991c Support multiple required attributes in CAS response, and in a nicer config format too 2015-10-12 14:43:17 +01:00
Steven Hammerton 76421c496d Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal 2015-10-12 11:11:49 +01:00
Steven Hammerton c33f5c1a24 Provide ability to login using CAS 2015-10-10 10:49:42 +01:00
Daniel Wagner-Hall b28c7da0a4 Preserve version string in user agent 2015-10-05 20:49:39 -05:00
Daniel Wagner-Hall 8fc52bc56a Allow synapse's useragent to be customized
This will allow me to write tests which verify which server made HTTP
requests in a federation context.
2015-10-02 17:13:51 -05:00
Daniel Wagner-Hall 6d7f291b93 Front-load spaces 2015-09-22 13:13:07 +01:00
Daniel Wagner-Hall 7213588083 Implement configurable stats reporting
SYN-287

This requires that HS owners either opt in or out of stats reporting.

When --generate-config is passed, --report-stats must be specified
If an already-generated config is used, and doesn't have the
report_stats key, it is requested to be set.
2015-09-22 12:57:40 +01:00
Daniel Wagner-Hall 2c8f16257a Merge pull request #272 from matrix-org/daniel/insecureclient
Allow configuration to ignore invalid SSL certs
2015-09-15 16:52:38 +01:00
Daniel Wagner-Hall d4af08a167 Use shorter config key name 2015-09-15 15:50:13 +01:00
Paul "LeoNerd" Evans 9cd5b9a802 Hacky attempt at catching SIGHUP and rotating the logfile around 2015-09-14 19:03:53 +01:00
Daniel Wagner-Hall 2c746382e0 Merge branch 'daniel/insecureclient' into develop 2015-09-09 14:27:30 +01:00
Daniel Wagner-Hall ddfe30ba83 Better document the intent of the insecure SSL setting 2015-09-09 13:26:23 +01:00
Daniel Wagner-Hall 81a93ddcc8 Allow configuration to ignore invalid SSL certs
This will be useful for sytest, and sytest only, hence the aggressive
config key name.
2015-09-09 12:02:07 +01:00
Mark Haines 73e4ad4b8b Merge branch 'master' into develop
Conflicts:
	setup.py
2015-09-07 15:06:46 +01:00
Erik Johnston fd0a919af3 Lists use 'append' 2015-09-02 17:27:59 +01:00
Erik Johnston b62c1395d6 Merge branch 'release-v0.10.0' of github.com:matrix-org/synapse into develop 2015-09-01 13:11:55 +01:00
Mark Haines a7122692d9 Merge branch 'release-v0.10.0' into develop
Conflicts:
	synapse/handlers/auth.py
	synapse/python_dependencies.py
	synapse/rest/client/v1/login.py
2015-08-28 11:15:27 +01:00
Erik Johnston b442217d91 Actually add config path 2015-08-28 10:37:17 +01:00
Erik Johnston 0de2aad061 Merge pull request #250 from matrix-org/erikj/generated_directory
Add config option to specify where generated files should be dumped
2015-08-25 17:40:19 +01:00
Erik Johnston 3f6f74686a Update config doc 2015-08-25 17:37:21 +01:00
Erik Johnston 82145912c3 s/--generated-directory/--keys-directory/ 2015-08-25 17:31:22 +01:00
Erik Johnston 3e1029fe80 Warn if we encounter unexpected files in config directories 2015-08-25 17:08:23 +01:00
Erik Johnston af7c1397d1 Add config option to specify where generated files should be dumped 2015-08-25 16:58:01 +01:00
Erik Johnston bfb66773a4 Allow specifying directories as config files 2015-08-25 16:25:54 +01:00
Erik Johnston 747535f20f Merge pull request #245 from matrix-org/erikj/configurable_client_location
Allow specifying a directory to host a web client from
2015-08-25 15:50:25 +01:00
Erik Johnston 1d1c303b9b Fix typo when using sys.stderr.write 2015-08-25 15:39:16 +01:00
Erik Johnston f63208a1c0 Add utility to parse config and print out a key
Usage:

```
$ python -m synapse.config read server_name -c homeserver.yaml
localhost
```
2015-08-25 15:16:31 +01:00
Erik Johnston 86cef6a91b Allow specifying a directory to host a web client from 2015-08-25 12:01:23 +01:00
Mark Haines cf8c04948f Fix typo in module imports and package dependencies 2015-08-25 10:42:59 +01:00
Mark Haines 78323ccdb3 Remove syutil dependency in favour of smaller single-purpose libraries 2015-08-24 16:17:38 +01:00
Daniel Wagner-Hall ce2a7ed6e4 Merge branch 'develop' into auth 2015-08-20 16:28:36 +01:00
Daniel Wagner-Hall 2d3462714e Issue macaroons as opaque auth tokens
This just replaces random bytes with macaroons. The macaroons are not
inspected by the client or server.

In particular, they claim to have an expiry time, but nothing verifies
that they have not expired.

Follow-up commits will actually enforce the expiration, and allow for
token refresh.

See https://bit.ly/matrix-auth for more information
2015-08-18 14:22:02 +01:00
Mark Haines 95b0f5449d Fix flake8 warning 2015-08-13 17:34:22 +01:00
Mark Haines b16cd18a86 Merge remote-tracking branch 'origin/develop' into erikj/generate_presice_thumbnails 2015-08-13 17:23:39 +01:00
Mark Haines de3b7b55d6 Doc-string for config ultility function 2015-08-12 14:29:17 +01:00
Mark Haines 7bbaab9432 Fix the --generate-keys option. Make it do the same thing as --generate-config does when the config file exists, but without printing a warning 2015-08-12 11:57:37 +01:00
Mark Haines fdb724cb70 Add config option for setting the list of thumbnail sizes to precalculate 2015-08-12 10:55:27 +01:00
Mark Haines 7e3d1c7d92 Make a config option for whether to generate new thumbnail sizes dynamically 2015-08-12 10:54:38 +01:00
Paul "LeoNerd" Evans e3c8e2c13c Add a --generate-keys option 2015-08-07 16:42:27 +01:00
Paul "LeoNerd" Evans efe60d5e8c Only print the pidfile path on startup if requested by a commandline flag 2015-08-07 16:36:42 +01:00
Erik Johnston 90dbd71c13 Merge branch 'master' of github.com:matrix-org/synapse into develop 2015-07-21 09:25:30 +01:00
David Baker 62b4b72fe4 Close, but no cigar. 2015-07-14 10:33:25 +01:00
Erik Johnston f3049d0b81 Small tweaks to SAML2 configuration.
- Add saml2 config docs to default config.
- Use existence of saml2 config to indicate if saml2 should be enabled.
2015-07-10 10:50:14 +01:00
Erik Johnston 9158ad1abb Merge pull request #201 from EricssonResearch/msba/saml2-develop
Integrate SAML2 basic authentication - uses pysaml2
2015-07-10 10:25:56 +01:00
Erik Johnston 294dbd712f We don't want semicolons. 2015-07-09 11:47:24 +01:00
Muthu Subramanian 8cd34dfe95 Make SAML2 optional and add some references/comments 2015-07-09 13:34:47 +05:30
Matthew Hodgson fb8d2862c1 remove the tls_certificate_chain_path param and simply support tls_certificate_path pointing to a file containing a chain of certificates 2015-07-09 00:45:41 +01:00
Matthew Hodgson 8ad2d2d1cb document tls_certificate_chain_path more clearly 2015-07-09 00:06:01 +01:00
Matthew Hodgson f26a3df1bf oops, context.tls_certificate_chain_file() expects a file, not a certificate. 2015-07-08 21:33:02 +01:00
Matthew Hodgson 465acb0c6a *cough* 2015-07-08 18:30:59 +01:00
Matthew Hodgson 64afbe6ccd add new optional config for tls_certificate_chain_path for folks with intermediary SSL certs 2015-07-08 18:20:02 +01:00
Matthew Hodgson 04192ee05b typo 2015-07-08 17:49:15 +01:00
Muthu Subramanian f53bae0c19 code beautify 2015-07-08 16:05:46 +05:30
Muthu Subramanian 81682d0f82 Integrate SAML2 basic authentication - uses pysaml2 2015-07-08 15:36:54 +05:30
Eric Myhre 9e5a353663 Make upload dir a configurable path.
Fixes SYN-425.

Signed-off-by: Eric Myhre <hash@exultant.us>
2015-06-18 23:38:20 -05:00
Paul "LeoNerd" Evans 9a3cd1c00d Correct -H SERVER_NAME in config-missing complaint message 2015-06-16 16:03:35 +01:00
Erik Johnston 9d0326baa6 Remove redundant newline 2015-06-15 11:27:29 +01:00
Erik Johnston 186f61a3ac Document listener config. Remove deprecated config options 2015-06-15 11:25:53 +01:00
Erik Johnston a005b7269a Add backwards compat support for metrics, manhole and webclient config options 2015-06-12 17:44:23 +01:00
Erik Johnston 9c5fc81c2d Correctly handle x_forwaded listener option 2015-06-12 17:13:23 +01:00
Erik Johnston fd2c07bfed Use config.listeners 2015-06-12 15:33:07 +01:00
Erik Johnston f7f07dc517 Begin changing the config format 2015-06-11 15:48:52 +01:00
Erik Johnston 522f285f9b Add config option to disable compression of http responses 2015-06-01 13:36:30 +01:00
Mark Haines d70c847b4f Merge pull request #170 from matrix-org/markjh/SYT-8-recaptcha
Allow endpoint for verifying recaptcha to be configured
2015-05-29 15:32:54 +01:00
Mark Haines 784aaa53df Merge branch 'develop' into markjh/SYT-8-recaptcha
Conflicts:
	synapse/handlers/auth.py
2015-05-29 13:49:44 +01:00
Erik Johnston a7b65bdedf Add config option to turn off freezing events. Use new encode_json api and ujson.loads 2015-05-29 12:17:33 +01:00
Mark Haines d94590ed48 Add config for setting the recaptcha verify api endpoint, so we can test it in sytest 2015-05-29 12:11:40 +01:00
Erik Johnston 36b3b75b21 Registration should be disabled by default 2015-05-28 11:01:34 +01:00
Erik Johnston 1ce1509989 s/metric_interface/metric_bind_host/ 2015-05-22 14:51:22 +01:00
Erik Johnston 59a0682f3e Enable changing the interface the metrics listener binds to 2015-05-22 13:13:07 +01:00
David Baker 97a64f3ebe Merge branch 'develop' of github.com:matrix-org/synapse into develop 2015-05-07 09:33:42 +01:00
David Baker b850c9fa04 Typo 2015-05-07 09:33:30 +01:00
Mark Haines e45b05647e Fix the --help option for synapse 2015-05-05 17:39:59 +01:00
Mark Haines 3bcdf3664c Use the daemonize key from the config if it exists 2015-05-01 14:34:55 +01:00
Mark Haines 46a65c282f Allow generate-config to run against an existing config file to generate default keys 2015-05-01 13:54:38 +01:00
Mark Haines 50c87b8eed Allow "manhole" to be ommited from the config 2015-04-30 18:11:47 +01:00
Mark Haines 345995fcde Remove the ~, comment the lines instead 2015-04-30 18:10:19 +01:00
Mark Haines 62cebee8ee Update key.py 2015-04-30 17:54:01 +01:00
Mark Haines 95cbfee8ae Update metrics.py 2015-04-30 17:52:20 +01:00
Mark Haines 2d4d2bbae4 Merge branch 'develop' into markjh/config_cleanup
Conflicts:
	synapse/config/captcha.py
2015-04-30 16:54:55 +01:00
Mark Haines 2f1348f339 Write a default log_config when generating config 2015-04-30 16:52:57 +01:00
David Baker 5b02f33451 Undo changes to logger config, ie. remove the access_log_file option: decision is to support this through log_config rather tan adding an option. 2015-04-30 16:21:39 +01:00
David Baker 054aa0d58c Do access log using python's logging stuff, just under a separate logger name 2015-04-30 16:21:38 +01:00
Mark Haines 74aaacf82a Don't break when sizes or durations are given as integers 2015-04-30 16:04:02 +01:00
Mark Haines c28f1d16f0 Add a random string to the auto generated key id 2015-04-30 15:13:14 +01:00
Mark Haines 265f30bd3f Allow --enable-registration to be passed on the commandline 2015-04-30 15:04:06 +01:00
Mark Haines c9e62927f2 Use disable_registration keys if they are present 2015-04-30 14:34:09 +01:00
David Baker d89a9f7283 Add an access_log
SYN-161 #resolve
2015-04-30 13:58:13 +01:00
Mark Haines 1aa11cf7ce Allow multiple config files, set up a default config before applying the config files 2015-04-30 13:48:15 +01:00
Mark Haines 6b69ddd17a remove duplicate parse_size method 2015-04-30 04:26:29 +01:00
Mark Haines d624e2a638 Manually generate the default config yaml, remove most of the commandline arguments for synapse anticipating that people will use the yaml instead. Simpify implementing config options by not requiring the classes to hit the super class 2015-04-30 04:24:44 +01:00
Mark Haines 4ad8b45155 Merge branch 'develop' into key_distribution
Conflicts:
	synapse/config/homeserver.py
2015-04-29 13:15:14 +01:00
Mark Haines f4c9ebbc34 Delete ugly commented out log line. 2015-04-29 11:07:13 +01:00
Matthew Hodgson 68c0603946 comment out ugly test logline 2015-04-29 00:14:44 +01:00
Erik Johnston 327ca883ec Merge branch 'develop' of github.com:matrix-org/synapse into postgres 2015-04-28 13:39:42 +01:00
Mark Haines 9182f87664 Merge pull request #126 from matrix-org/csauth
Client / Server Auth Refactor
2015-04-28 11:00:27 +01:00
Mark Haines 0bc71103e1 Output vim style mode markers into the yaml config file 2015-04-28 10:17:10 +01:00
Erik Johnston 1ef66cc3bd Move database configuration into config module 2015-04-27 15:57:43 +01:00
Erik Johnston 6f8e2d517e Merge branch 'develop' of github.com:matrix-org/synapse into postgres 2015-04-27 14:41:40 +01:00
Mark Haines 288702170d Add config for setting the perspective servers 2015-04-24 17:01:34 +01:00
Mark Haines c253b14f6e Merge branch 'develop' into key_distribution 2015-04-24 11:29:46 +01:00
Mark Haines bdcb23ca25 Fix spelling 2015-04-24 11:29:19 +01:00
Mark Haines b2c2dc8940 Merge branch 'develop' into key_distribution 2015-04-24 11:28:10 +01:00
Mark Haines 869dc94cbb Call the super classes when generating config 2015-04-24 11:27:56 +01:00
Mark Haines b1e68add19 Add a config file for perspective servers 2015-04-24 11:26:19 +01:00
Mark Haines c8c710eca7 Move the key related config parser into a separate file 2015-04-24 10:22:22 +01:00
Mark Haines 149ed9f151 Better help for the old-signing-key option 2015-04-24 10:07:55 +01:00
David Baker 2e0d9219b9 Remove now-redundant email config 2015-04-23 11:45:29 +01:00
Mark Haines f30d47c876 Implement remote key lookup api 2015-04-22 14:21:08 +01:00
Erik Johnston 5e7a90316d Update --database-path metavar to SQLITE_DATABASE_PATH 2015-04-17 16:08:18 +01:00
David Baker cb03fafdf1 Merge branch 'develop' into csauth 2015-04-17 13:51:10 +01:00
Erik Johnston 6606f7c659 Merge branch 'develop' of github.com:matrix-org/synapse into postgres 2015-04-15 10:27:20 +01:00
Mark Haines 88cb06e996 Update syutil version to 0.0.4 2015-04-14 16:18:17 +01:00
Mark Haines d488463fa3 Add a version 2 of the key server api 2015-04-14 16:04:52 +01:00
Erik Johnston d5e7e6b9b6 Merge branch 'develop' of github.com:matrix-org/synapse into mysql 2015-04-07 18:17:22 +01:00
Erik Johnston 0775c62469 Fix --enable-registration flag to work if you don't give a value 2015-04-07 18:16:23 +01:00
Erik Johnston 4fe95094d1 Merge branch 'develop' of github.com:matrix-org/synapse into mysql 2015-04-07 18:05:39 +01:00
Kegan Dougal af853a4cdb Add AppServiceConfig 2015-03-31 09:22:31 +01:00
David Baker 59bf16eddc New registration for C/S API v2. Only ReCAPTCHA working currently. 2015-03-30 18:13:10 +01:00
Matthew Hodgson 8366fde82f turn --disable-registration into --enable-registration, given the default is for registration to be disabled by default now. this is backwards incompatible by removing the old --disable-registration arg, but makes for a much more intuitive arg 2015-03-30 12:01:09 -04:00
Erik Johnston f6583796fe Merge branch 'develop' of github.com:matrix-org/synapse into mysql 2015-03-20 16:31:48 +00:00
Erik Johnston 455579ca90 Make database selection configurable 2015-03-20 10:55:55 +00:00
Erik Johnston ed4d44d833 Merge pull request #109 from matrix-org/default_registration
Disable registration by default. Add script to register new users.
2015-03-18 11:38:52 +00:00
David Baker 7564dac8cb Wire up the webclient option
It existed but was hardcoded to True.
Give it an underscore for consistency.
Also don't pull in syweb unless we're actually using the web client.
2015-03-17 12:45:37 +01:00
Erik Johnston 8bad40701b Comment. 2015-03-16 13:13:07 +00:00
Erik Johnston 98a3825614 Allow enabling of registration with --disable-registration false 2015-03-13 16:49:18 +00:00
Erik Johnston 9266cb0a22 PEP8 2015-03-13 15:26:00 +00:00
Erik Johnston 69135f59aa Implement registering with shared secret. 2015-03-13 15:23:37 +00:00
Erik Johnston 58367a9da2 Disable registration by default 2015-03-13 12:59:45 +00:00
Paul "LeoNerd" Evans b98b4c135d Option to serve metrics from their own localhost-only TCP port instead of muxed on the main listener 2015-03-12 16:24:51 +00:00
Paul "LeoNerd" Evans 5b6e11d560 Commandline option to enable metrics system 2015-03-12 16:24:50 +00:00
Erik Johnston e49d6b1568 Unused import 2015-03-06 11:37:24 +00:00
Erik Johnston 3ce8540484 Don't look for an TLS private key if we have set --no-tls 2015-03-06 11:34:06 +00:00
Erik Johnston 3fce185c77 Merge pull request #83 from matrix-org/nofile_limit_config
Add config option to set the soft fd limit on start
2015-03-02 13:52:16 +00:00
Erik Johnston 9d9b230501 Make the federation server ratelimiting configurable. 2015-03-02 11:33:45 +00:00
David Baker 255f989c7b turns uris config options should append since it's a list 2015-02-24 20:57:58 +00:00
Erik Johnston 7c56210f20 By default set soft limit to hard limit 2015-02-20 16:09:44 +00:00
Erik Johnston 81163f822e Add config option to disable registration. 2015-02-19 14:16:53 +00:00
Erik Johnston c3eb7dd9c5 Add config option to set the soft fd limit on start 2015-02-19 11:50:49 +00:00
Mark Haines f5a70e0d2e Add a cache for get_event 2015-02-11 15:01:15 +00:00
Erik Johnston f91345bdb5 yaml.load expects strings to be a yaml rather than file 2015-02-10 13:57:31 +00:00
Erik Johnston 30595b466f Use yaml logging config format because it is much nicer 2015-02-10 13:50:33 +00:00
Mark Haines 8ce100c7b4 Convert directory paths to absolute paths before daemonizing 2015-02-09 18:30:00 +00:00
Mark Haines 3e85e52b3f Allow ':memory:' as the database path for sqlite3 2015-01-19 15:26:19 +00:00
Kegan Dougal 9d0dcf2e3c SYN-142: Rotate logs if logging to file. Fixed to a 4 file rotate with 100MB/file for now. 2015-01-08 15:31:29 +00:00
Erik Johnston 379a653ae3 Add better help message for --server-name config option. 2015-01-08 14:32:53 +00:00
Mark Haines b9f77d1ae1 Increase default maximum attachment size to 10M 2015-01-06 14:04:58 +00:00
Mark Haines adb04b1e57 Update copyright notices 2015-01-06 13:21:39 +00:00
Kegan Dougal 4dcad143dd SYN-142: Use a default log file 'homeserver.log' so people get logging by default. 2014-12-16 17:24:49 +00:00
Erik Johnston 3983c7fb0f Merge branch 'hotfixes-v0.5.4' of github.com:matrix-org/synapse into develop 2014-12-13 18:16:12 +00:00
Erik Johnston 6380ead2ee Fix bug while generating the error message when a file path specified in the config doesn't exist 2014-12-13 18:03:01 +00:00
Mark Haines d80d505b1f Limit the size of images that are thumbnailed serverside. Limit the size of file that a server will download from a remote server 2014-12-11 14:19:32 +00:00
Mark Haines 61fc37e467 Merge branch 'develop' into media_repository 2014-12-10 16:14:17 +00:00
Paul "LeoNerd" Evans 66b0596b7a Don't log synapse.storage at DEBUG level when under -v; require -v -v for that 2014-12-02 22:28:18 +00:00
Mark Haines 5da65085d1 Get uploads working with new media repo 2014-12-02 19:51:47 +00:00
Mark Haines 7993e3d10d SYN-187: Set a more sensible default for the content_addr 2014-12-02 17:20:02 +00:00
David Baker fe3401e037 Be more helpful and tell the user how to generate a config too. 2014-11-14 13:30:06 +00:00
David Baker 933ce76057 Adding --generate-config will not help if the user has not specified a config file. 2014-11-14 13:24:12 +00:00
Mark Haines e903c941cb Merge branch 'develop' into request_logging
Conflicts:
	setup.py
	synapse/storage/_base.py
	synapse/util/async.py
2014-11-14 11:16:50 +00:00
Erik Johnston af7ae048f8 Add option to not bind to HTTPS port. This is useful if running behind an ssl load balancer 2014-11-03 15:06:40 +00:00
Mark Haines 7c06399512 Merge branch 'develop' into request_logging
Conflicts:
	synapse/config/logger.py
2014-10-30 11:13:58 +00:00
Mark Haines 7d709542ca Fix pep8 warnings 2014-10-30 11:10:17 +00:00
Mark Haines fa955cc2a4 Pep8 and a few doc strings 2014-10-30 10:13:46 +00:00
Mark Haines b29517bd01 Add a request-id to each log line 2014-10-30 01:21:33 +00:00
Mark Haines d56e389a95 Fix pyflakes warnings 2014-10-27 10:33:17 +00:00
Mark Haines 9c0826592c Fix auto generating signing_keys 2014-10-18 16:56:44 +01:00
Mark Haines 984e207b59 Merge branch develop into server2server_signing
Conflicts:
	synapse/app/homeserver.py
2014-10-13 10:58:50 +01:00
David Baker 9435830351 Merge branch 'master' into develop 2014-10-02 14:11:17 +01:00
David Baker d694619a95 Fix ncorrect ports in documentation and add notes on how generate-config also generates certs bound to whatever hostname you give with --generate-config.
SYN-87 #resolved
2014-10-02 14:09:27 +01:00
Mark Haines 099083ea6b Merge remote-tracking branch 'origin/master' into develop 2014-10-02 10:46:41 +01:00
David Baker 7a322b6326 Update README setup instructions to be correct. Make synapse spit out explanatory note when generating config to tell people to look at it and customise it. 2014-10-02 10:43:22 +01:00
Mark Haines 9605593d11 Merge branch 'develop' into server2server_signing
Conflicts:
	synapse/storage/__init__.py
	tests/rest/test_presence.py
2014-09-30 17:55:06 +01:00
Erik Johnston fbf6320614 pyflakes cleanup 2014-09-30 12:38:38 +01:00
David Baker ec5fb77a66 Just use a yaml list for turn servers 2014-09-25 19:18:32 +02:00
David Baker c58eb0d5a3 Merge branch 'turn' into develop 2014-09-25 13:09:56 +01:00
David Baker a31bf77776 Make turn server endpoint return an empty object if no turn servers to
match the normal response. Don't break if the turn_uris option isn't
present.
2014-09-25 11:24:49 +02:00
David Baker 5383ba5587 rename endpoint to better reflect what it is and allow specifying multiple uris 2014-09-24 16:01:36 +01:00
Mark Haines c6a8e7d9b9 Read signing keys using methods from syutil. convert keys that are in the wrong format 2014-09-23 18:43:34 +01:00
David Baker 14ed6799d7 Add support for TURN servers as per the TURN REST API (http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00) 2014-09-23 17:16:13 +01:00
Paul "LeoNerd" Evans 3a8a94448a Allow a (hidden undocumented) key to m.login.recaptcha to specify a shared secret to allow bots to bypass the ReCAPTCHA test (SYN-60) 2014-09-23 14:29:08 +01:00
Kegan Dougal 3fa01be9e4 formatting 2014-09-19 12:04:26 +01:00
Kegan Dougal cc83b06cd1 Added support for the HS to send emails. Use it to send password resets. Added email_smtp_server and email_from_address config args. Added emailutils. 2014-09-16 12:36:39 +01:00
Kegan Dougal 37e53513b6 Add config opion for XFF headers when performing ReCaptcha auth. 2014-09-05 22:51:11 -07:00
Kegan Dougal 0b9e1e7b56 Added a captcha config to the HS, to enable registration captcha checking and for the recaptcha private key. 2014-09-05 17:58:06 -07:00
Paul "LeoNerd" Evans 4c3512a45c Added a TODO note about YAML modeline for editors 2014-09-03 19:30:48 +01:00
Paul "LeoNerd" Evans 4081413876 Default PID file should be 'homeserver.pid' to match the other 'homeserver.*' naming convention 2014-09-03 17:34:07 +01:00
Matthew Hodgson 8a7c1d6a00 fix the copyright holder from matrix.org to OpenMarket Ltd, as matrix.org hasn't been incorporated in time for launch. 2014-09-03 17:31:57 +01:00
Mark Haines ee2bcdec65 Limit the size of uploads 2014-09-03 17:04:16 +01:00
Erik Johnston bc21350298 Add option to change content repo location 2014-09-03 11:57:23 +01:00
Mark Haines c6eafdfbaf Add copyright notices and fix pyflakes errors 2014-09-03 09:43:11 +01:00
Mark Haines 780548b577 rate limiting for message sending 2014-09-02 18:22:15 +01:00
Mark Haines 0a1260b03a Add ratelimiting config 2014-09-02 18:00:15 +01:00
Mark Haines c7a7cdf734 Add ratelimiting function to basehandler 2014-09-02 17:57:04 +01:00
Mark Haines cf890e9d43 Remove option for disabling webclient because it was confusing 2014-09-02 11:09:41 +01:00
Erik Johnston 08d2f902dd Default HTTP and HTTPS ports to 8008 and 8448 2014-09-02 10:58:33 +01:00
Mark Haines 45570e4695 os.makedirs is almost but not entirely unlike mkdir -p 2014-09-02 10:58:05 +01:00
Mark Haines 64b341cc10 Fix typo when reading TLS config 2014-09-02 10:54:56 +01:00
Mark Haines 30572e28c2 Make the config directory if the directory doesn't exisit when generating config 2014-09-02 10:52:25 +01:00
Mark Haines d45f89c95b More helpful error messages for missing config 2014-09-02 10:49:11 +01:00
Mark Haines 399e004884 Add unsecure listener port to homeserver 2014-09-01 22:38:52 +01:00
Matthew Hodgson 61e28cdb6f specify metavars in argparse 2014-09-01 22:11:08 +01:00
Mark Haines 6fd730c96b Use yaml for config file 2014-09-01 20:44:51 +01:00
Mark Haines 8b69468e5f Use pregenerated DH params when generating config 2014-09-01 20:35:18 +01:00
Mark Haines ef6a8e4f32 Listen using SSL 2014-09-01 16:30:43 +01:00
Mark Haines 9ea1de432d Fix homeserver config parsing 2014-09-01 15:51:15 +01:00
Mark Haines d9ebe531ed Add config tree to synapse. Add support for reading config from a file 2014-08-31 16:06:39 +01:00