5aa42d4292
set default for turn_allow_guests correctly
2017-03-15 12:40:13 +00:00
e0ff66251f
add setting (on by default) to support TURN for guests
2017-03-15 12:22:18 +00:00
6037a9804c
Add helpful texts to logger config options
2017-03-13 12:33:35 +00:00
6bfe8e32b5
Merge pull request #1983 from matrix-org/rav/no_redirect_stdio
...
Add an option to disable stdio redirect
2017-03-13 12:20:07 +00:00
bcfa5cd00c
Add an option to disable stdio redirect
...
This makes it tractable to run synapse under pdb.
2017-03-10 15:38:29 +00:00
d84bd51e95
Refactor logger config for workers
...
- to make it easier to add more config options.
2017-03-10 15:34:01 +00:00
9072a8c627
Reread log config on SIGHUP
...
When we are using a log_config file, reread it on SIGHUP.
2017-03-10 15:29:55 +00:00
df4407d665
Fix typo in config comments.
...
Signed-off-by: Tyler Smith <tylersmith.me@gmail.com>
2017-02-11 23:02:57 -08:00
86063d4321
Merge pull request #1835 from matrix-org/erikj/fix_workers
...
Make worker listener config backwards compat
2017-01-20 11:55:56 +00:00
97efe99ae9
Make worker listener config backwards compat
2017-01-20 11:45:29 +00:00
86e6165687
Added default config for turn username and password
2017-01-19 14:35:55 +01:00
1e38be3a7a
Added username and password for turn server
...
It makes it possible to use a turn server that needs a username and
password instead of a token.
2017-01-19 14:08:20 +01:00
a3e4a198e3
Allow configuring the Riot URL used in notification emails
...
The URLs used for notification emails were hardcoded to use either matrix.to
or vector.im; but for self-hosted setups where Riot is also self-hosted it
may be desirable to allow configuring an alternative Riot URL.
Fixes #1809 .
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
2017-01-13 17:12:04 +02:00
641ccdbb14
Merge pull request #1795 from matrix-org/erikj/port_defaults
...
Restore default bind address
2017-01-13 13:02:59 +00:00
bf5c9706d9
Remove full_twisted_stacktraces option
...
The debug 'full_twisted_stacktraces' flag caused synapse to rewrite
twisted deferreds to always fire the callback on the next reactor tick.
This was to force the deferred to always store the stacktraces on
exceptions, and thus be more likely to have a full stacktrace when it
reaches the final error handlers and gets printed to the logs.
Dynamically rewriting things is generally bad, and in particular this
change violates assumptions of various bits of Twisted. This wouldn't
necessarily be so bad, but it turns out this option has been turned on
on some production servers.
Turning the option can cause e.g. #1778 .
For now, lets just entirely nuke this option.
2017-01-12 10:32:52 +00:00
b1dfd20292
Pop bind_address
2017-01-10 17:23:18 +00:00
edd6cdfc9a
Restore default bind address
2017-01-10 17:21:41 +00:00
f576c34594
Merge remote-tracking branch 'origin/release-v0.18.6' into develop
2016-12-30 15:13:49 +00:00
822cb39dfa
Use the new twisted logging framework.
...
Hopefully adding an observer to the new framework will avoid a memory
leak https://twistedmatrix.com/trac/ticket/8164
2016-12-30 11:09:24 +00:00
f5cd5ebd7b
Add IPv6 comment to default config
...
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 23:14:32 +01:00
c95e9fff99
Make default homeserver config use bind_addresses
...
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2016-12-18 21:51:56 +01:00
c46e7a9c9b
Bugfix: Console logging handler missing default filter
2016-12-03 20:14:58 -03:00
1c4f05db41
Stop putting a time caveat on access tokens
...
The 'time' caveat on the access tokens was something of a lie, since we weren't
enforcing it; more pertinently its presence stops us ever adding useful time
caveats.
Let's move in the right direction by not lying in our caveats.
2016-11-29 16:49:41 +00:00
ed787cf09e
Hook up the send queue and create a federation sender worker
2016-11-16 17:34:44 +00:00
d56c39cf24
Use external ldap auth pacakge
2016-11-15 13:03:19 +00:00
0964005d84
Merge pull request #1625 from DanielDent/patch-1
...
Add support for durations in minutes
2016-11-12 11:20:46 +00:00
1c93cd9f9f
Add support for durations in minutes
2016-11-12 00:10:23 -08:00
ac507e7ab8
Don't assume providers raise ConfigError's
2016-11-08 17:23:28 +00:00
c6bbad109b
default config: blacklist more internal ips
2016-11-06 17:02:25 -08:00
5b54d51d1e
Allow Configurable Rate Limiting Per AS
...
This adds a flag loaded from the registration file of an AS that will determine whether or not its users are rate limited (by ratelimit in _base.py). Needed for IRC bridge reasons - see https://github.com/matrix-org/matrix-appservice-irc/issues/240 .
2016-10-18 17:04:09 +01:00
9e18e0b1cb
Merge pull request #1167 from matrix-org/markjh/fingerprints
...
Add config option for adding additional TLS fingerprints
2016-10-12 15:27:44 +01:00
c61ddeedac
Explain how long the servers can cache the TLS fingerprints for
2016-10-12 14:48:24 +01:00
0af6213019
Improve comment formatting
2016-10-12 14:45:13 +01:00
6e9f3ab415
Add config option for adding additional TLS fingerprints
2016-10-11 19:14:46 +01:00
850b103b36
Implement pluggable password auth
...
Allows delegating the password auth to an external module. This also
moves the LDAP auth to using this system, allowing it to be removed from
the synapse tree entirely in the future.
2016-10-03 10:36:40 +01:00
4131381123
Remove support for aggregate room lists
2016-09-15 09:28:15 +01:00
c882783535
flake8
2016-08-30 17:20:31 +01:00
572acde483
Use None instead of the empty string
...
Change how we validate the 'url' field as a result.
2016-08-30 17:16:00 +01:00
16b652f0a3
Flake8
2016-08-30 16:30:12 +01:00
e82247f990
Allow application services to have an optional 'url'
...
If 'url' is not specified, they will not be pushed for events or queries. This
is useful for bots who simply wish to reserve large chunks of user/alias
namespace, and don't care about being pushed for events.
2016-08-30 16:21:16 +01:00
5674ea3e6c
Merge pull request #1026 from matrix-org/paul/thirdpartylookup
...
3rd party entity lookup
2016-08-18 20:52:50 +01:00
07229bbdae
Add appservice worker
2016-08-18 14:59:55 +01:00
434bbf2cb5
Filter 3PU lookups by only ASes that declare knowledge of that protocol
2016-08-18 14:56:02 +01:00
8d9a884cee
Update password config comment
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-06 12:18:19 +09:00
252ee2d979
Remove default password pepper string
2016-07-05 19:15:51 +09:00
14362bf359
Fix password config
2016-07-05 19:12:53 +09:00
1ee2584307
Fix pep8
2016-07-05 19:01:00 +09:00
507b8bb091
Add comment to prompt changing of pepper
2016-07-05 18:42:35 +09:00
8bdaf5f7af
Add pepper to password hashing
...
Signed-off-by: Kent Shikama <kent@kentshikama.com>
2016-07-05 02:13:52 +09:00
63bb8f0df9
remove vector.im from default secondary DS list
2016-06-27 13:13:33 +04:00
05f1a4596a
Merge branch 'master' into develop
2016-06-23 11:17:48 +01:00
0a32208e5d
Rework ldap integration with ldap3
...
Use the pure-python ldap3 library, which eliminates the need for a
system dependency.
Offer both a `search` and `simple_bind` mode, for more sophisticated
ldap scenarios.
- `search` tries to find a matching DN within the `user_base` while
employing the `user_filter`, then tries the bind when a single
matching DN was found.
- `simple_bind` tries the bind against a specific DN by combining the
localpart and `user_base`
Offer support for STARTTLS on a plain connection.
The configuration was changed to reflect these new possibilities.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
2016-06-22 17:51:59 +02:00
13e334506c
Remove the legacy v0 content upload API.
...
The existing content can still be downloaded. The last upload to the
matrix.org server was in January 2015, so it is probably safe to remove
the upload API.
2016-06-21 11:47:39 +01:00
bc72d381b2
Merge branch 'release-v0.16.1' of github.com:matrix-org/synapse
2016-06-20 14:18:04 +01:00
3e41de05cc
Turn use_frozen_events off by default
2016-06-17 15:11:22 +01:00
a352b68acf
Use worker_ prefixes for worker config, use existing support for multiple config files
2016-06-16 17:29:50 +01:00
364d616792
Access the event_cache_size directly from the server object.
...
This means that the workers can override the event_cache_size
directly without clobbering the value in the main synapse config.
2016-06-16 12:53:15 +01:00
bde13833cb
Access replication_url from the worker config directly
2016-06-16 12:44:40 +01:00
80a1bc7db5
Comment on what's going on in clobber_with_worker_config
2016-06-16 11:29:45 +01:00
dbb5a39b64
Add worker config module
2016-06-16 11:09:15 +01:00
885ee861f7
Inline the synchrotron and pusher configs into the main config
2016-06-16 11:06:12 +01:00
33546b58aa
point to the CAPTCHA docs
2016-06-12 23:11:29 +01:00
7dbb473339
Add function to load config without generating it
...
Renames ``load_config`` to ``load_or_generate_config``
Adds a method called ``load_config`` that just loads the
config.
The main synapse.app.homeserver will continue to use
``load_or_generate_config`` to retain backwards compat.
However new worker processes can use ``load_config`` to
load the config avoiding some of the cruft needed to generate
the config.
As the new ``load_config`` method is expected to be used by new
configs it removes support for the legacy commandline overrides
that ``load_or_generate_config`` supports
2016-06-09 18:50:38 +01:00
dded389ac1
Allow setting of gc.set_thresholds
2016-06-07 15:45:56 +01:00
79d1f072f4
brand the email from header
2016-06-02 21:34:40 +01:00
6ca4d3ae9a
Add vector.im to default secondary_directory_servers and add comment explaining it's not a permanent solution
2016-05-31 17:24:50 +01:00
e1625d62a8
Add federation room list servlet
2016-05-31 11:55:57 +01:00
6a30a0bfd3
Move the functions for parsing app service config
2016-05-17 11:28:58 +01:00
eb79110beb
Clean up the blacklist/whitelist handling.
...
Always set the config key with an empty list, even if a list isn't specified.
This means that the codepaths are the same for both the empty list and
for a missing key. Since the behaviour is the same for both cases this
makes the code somewhat easier to reason about.
2016-05-16 13:03:59 +01:00
dd95eb4cb5
Merge branch 'develop' into matthew/preview_url_ip_whitelist
2016-05-16 12:59:41 +01:00
40aa6e8349
Create user with expiry
...
- Add unittests for client, api and handler
Signed-off-by: Negar Fazeli <negar.fazeli@ericsson.com>
2016-05-13 15:34:15 +02:00
c00b484eff
More consistent config naming
2016-05-10 14:39:16 +02:00
94040b0798
Add config option to not send email notifs for new users
2016-05-10 14:34:53 +02:00
81c2176cba
fix layout; handle app naming in synapse, not jinja
2016-05-05 15:54:29 +01:00
17cbf773b9
fix assorted typos in default config
2016-05-04 11:38:01 +01:00
792def4928
add a url_preview_ip_range_whitelist config param so we can whitelist the matrix.org IP space
2016-05-01 12:44:24 +01:00
83618d719a
Try imports in config
2016-04-29 19:13:52 +01:00
765f2b8446
Default enable email notifs to False
2016-04-29 14:46:18 +01:00
4b0c3a3270
Correct public_baseurl default
2016-04-29 14:30:15 +01:00
5048455965
Nicer get() shorthand
2016-04-29 14:27:40 +01:00
6c8957be7f
Remove redundant docstring
2016-04-29 14:25:28 +01:00
18ce88bd2d
Correct default template and add text template
2016-04-29 14:24:25 +01:00
40d40e470d
Send mail notifs with a plaintext part too
2016-04-29 13:56:21 +01:00
acded821c4
Merge remote-tracking branch 'origin/develop' into dbkr/email_notifs
2016-04-29 10:05:20 +01:00
60f86fc876
pep8
2016-04-28 15:16:30 +01:00
fa12209c1b
Hopefully all remaining bits for email notifs
...
Add public facing base url to the server so synapse knows what URL to use when converting mxc to http urls for use in emails
2016-04-27 15:09:55 +01:00
52ecbc2843
Make pyjwt dependency optional
2016-04-25 14:30:15 +01:00
2022ae0fb9
Merge pull request #746 from matrix-org/markjh/split_out_pusher
...
Optionally split out the pushers into a separate process
2016-04-22 11:34:08 +01:00
b9675ef6e6
Merge pull request #687 from nikriek/jwt-fix
...
Fix issues with JWT login
2016-04-21 17:42:25 +01:00
a3ac837599
Optionally split out the pushers into a separate process
2016-04-21 17:22:37 +01:00
565c2edb0a
Fix issues with JWT login
2016-04-21 18:10:48 +02:00
2ed0adb075
Generate mails from a template
2016-04-20 18:35:29 +01:00
f63bd4ff47
Send a rather basic email notif
...
Also pep8 fixes
2016-04-20 13:02:01 +01:00
f338bf9257
Give install requirements
2016-04-13 14:33:48 +01:00
bfe586843f
Add back in helpful description for missing url_preview_ip_range_blacklist
2016-04-13 13:52:57 +01:00
d0633e6dbe
Sanitize the optional dependencies for spider API
2016-04-13 13:38:09 +01:00
4bd3d25218
Merge pull request #688 from matrix-org/matthew/preview_urls
...
URL previewing support
2016-04-11 10:40:29 +01:00
af582b66bb
fix typo
2016-04-08 19:08:47 +01:00
dafef5a688
Add url_preview_enabled config option to turn on/off preview_url endpoint. defaults to off.
...
Add url_preview_ip_range_blacklist to let admins specify internal IP ranges that must not be spidered.
Add url_preview_url_blacklist to let admins specify URL patterns that must not be spidered.
Implement a custom SpiderEndpoint and associated support classes to implement url_preview_ip_range_blacklist
Add commentary and generally address PR feedback
2016-04-08 18:37:15 +01:00
92767dd703
add tls property
2016-04-06 18:23:45 +02:00
3d95405e5f
Introduce LDAP authentication
2016-04-06 18:23:45 +02:00
9f7dc2bef7
Merge branch 'develop' into matthew/preview_urls
2016-04-04 00:38:21 +01:00
3f9948a069
Add JWT support
2016-03-29 14:36:36 +02:00
d9d48aad2d
Merge branch 'develop' into matthew/preview_urls
2016-03-27 22:54:42 +01:00
590fbbef03
Add config to create guest account on 3pid invite
...
Currently, when a 3pid invite request is sent to an identity server, it
includes a provisioned guest access token. This allows the link in the,
say, invite email to include the guest access token ensuring that the
same account is used each time the link is clicked.
This flow has a number of flaws, including when using different servers
or servers that have guest access disabled.
For now, we keep this implementation but hide it behind a config option
until a better flow is implemented.
2016-03-14 15:50:40 +00:00
239badea9b
Use syntax that works on both py2.7 and py3
2016-03-07 20:13:10 +00:00
5fc59f009c
config,handlers/_base: added homeserver config for what state is included in a room invite
...
Signed-off-by: Patrik Oldsberg <patrik.oldsberg@ericsson.com>
2016-03-04 10:43:17 +01:00
47c361d2f8
add 800x600 thumbnails to make vector look prettier (and anyone else who likes big thumbnails)
2016-03-02 15:57:54 +00:00
f078ecbc8f
Derive macaroon_secret_key from signing key.
...
Unfortunately, there are people that are running synapse without a
`macaroon_sercret_key` set. Mandating they set one is a good solution,
except that breaking auto upgrades is annoying.
2016-02-08 16:35:44 +00:00
6a9f1209df
Error if macaroon key is missing from config
...
Currently we store all access tokens in the DB, and fall back to that
check if we can't validate the macaroon, so our fallback works here, but
for guests, their macaroons don't get persisted, so we don't get to
find them in the database. Each restart, we generate a new ephemeral
key, so guests lose access after each server restart.
I tried to fix up the config stuff to be less insane, but gave up, so
instead I bolt on yet another piece of custom one-off insanity.
Also, add some basic tests for config generation and loading.
2016-02-05 01:58:23 +00:00
5054806ec1
Rename config field to reflect yaml name
2016-02-03 14:42:01 +00:00
0fcafbece8
Add config option for setting the trusted id servers, disabling checking the ID server in integration tests
2016-01-29 14:12:26 +00:00
7dd0c1730a
initial WIP of a tentative preview_url endpoint - incomplete, untested, experimental, etc. just putting it here for safekeeping for now
2016-01-24 18:47:27 -05:00
5727922106
Merge pull request #473 from matrix-org/erikj/ssh_manhole
...
Change manhole to use ssh
2016-01-07 14:36:16 +00:00
5dc5e29b9c
s/telnet/ssh/
2016-01-07 14:02:57 +00:00
6c28ac260c
copyrights
2016-01-07 04:26:29 +00:00
4106477e7f
Config Comment mixup in captcha public/private key
2016-01-06 23:19:33 +01:00
6863466653
Added a single line to explain what the server_name is used for
2015-12-02 00:37:55 +01:00
06f74068f4
Comment
2015-11-19 13:05:51 +00:00
037ce4c68f
Split out text for missing config options.
...
This allows packages to more easily override the default messages to
include package specific options.
2015-11-18 18:37:05 +00:00
f5e25c5f35
Merge branch 'develop' into sh-cas-auth-via-homeserver
2015-11-17 10:55:41 +00:00
6a9c4cfd0b
Fix race creating directories
2015-11-12 11:58:48 +00:00
414a4a71b4
Allow hs to do CAS login completely and issue the client with a login token that can be redeemed for the usual successful login response
2015-11-05 14:06:48 +00:00
45f1827fb7
Add service URL to CAS config
2015-11-04 23:32:30 +00:00
f522f50a08
Allow guests to register and call /events?room_id=
...
This follows the same flows-based flow as regular registration, but as
the only implemented flow has no requirements, it auto-succeeds. In the
future, other flows (e.g. captcha) may be required, so clients should
treat this like the regular registration flow choices.
2015-11-04 17:29:07 +00:00
259d10f0e4
Merge branch 'release-v0.10.1' of github.com:matrix-org/synapse into develop
2015-10-23 11:11:56 +01:00
5025ba959f
Add config option to disable password login
2015-10-22 10:37:04 +01:00
f2f031fd57
Add config for how many bcrypt rounds to use for password hashes
...
By default we leave it at the default value of 12. But now we can reduce
it for preparing users for loadtests or running integration tests.
2015-10-16 14:52:08 +01:00
9020860479
Only turn on the twisted deferred debugging if full_twisted_stacktraces is set in the config
2015-10-13 17:50:44 +01:00
ab7f9bb861
Default cas_required_attributes to empty dictionary
2015-10-12 14:58:59 +01:00
01a5f1991c
Support multiple required attributes in CAS response, and in a nicer config format too
2015-10-12 14:43:17 +01:00
76421c496d
Allow optional config params for a required attribute and it's value, if specified any CAS user must have the given attribute and the value must equal
2015-10-12 11:11:49 +01:00
c33f5c1a24
Provide ability to login using CAS
2015-10-10 10:49:42 +01:00
b28c7da0a4
Preserve version string in user agent
2015-10-05 20:49:39 -05:00
8fc52bc56a
Allow synapse's useragent to be customized
...
This will allow me to write tests which verify which server made HTTP
requests in a federation context.
2015-10-02 17:13:51 -05:00
6d7f291b93
Front-load spaces
2015-09-22 13:13:07 +01:00
7213588083
Implement configurable stats reporting
...
SYN-287
This requires that HS owners either opt in or out of stats reporting.
When --generate-config is passed, --report-stats must be specified
If an already-generated config is used, and doesn't have the
report_stats key, it is requested to be set.
2015-09-22 12:57:40 +01:00
2c8f16257a
Merge pull request #272 from matrix-org/daniel/insecureclient
...
Allow configuration to ignore invalid SSL certs
2015-09-15 16:52:38 +01:00
d4af08a167
Use shorter config key name
2015-09-15 15:50:13 +01:00
9cd5b9a802
Hacky attempt at catching SIGHUP and rotating the logfile around
2015-09-14 19:03:53 +01:00
2c746382e0
Merge branch 'daniel/insecureclient' into develop
2015-09-09 14:27:30 +01:00
ddfe30ba83
Better document the intent of the insecure SSL setting
2015-09-09 13:26:23 +01:00
81a93ddcc8
Allow configuration to ignore invalid SSL certs
...
This will be useful for sytest, and sytest only, hence the aggressive
config key name.
2015-09-09 12:02:07 +01:00
73e4ad4b8b
Merge branch 'master' into develop
...
Conflicts:
setup.py
2015-09-07 15:06:46 +01:00
fd0a919af3
Lists use 'append'
2015-09-02 17:27:59 +01:00
b62c1395d6
Merge branch 'release-v0.10.0' of github.com:matrix-org/synapse into develop
2015-09-01 13:11:55 +01:00
a7122692d9
Merge branch 'release-v0.10.0' into develop
...
Conflicts:
synapse/handlers/auth.py
synapse/python_dependencies.py
synapse/rest/client/v1/login.py
2015-08-28 11:15:27 +01:00
b442217d91
Actually add config path
2015-08-28 10:37:17 +01:00
0de2aad061
Merge pull request #250 from matrix-org/erikj/generated_directory
...
Add config option to specify where generated files should be dumped
2015-08-25 17:40:19 +01:00
3f6f74686a
Update config doc
2015-08-25 17:37:21 +01:00
Matthew Hodgson