Commit Graph

1466 Commits (7b642167e6c5cdebb46dc97915b8937e899c2b53)

Author SHA1 Message Date
Patrick Cloke 44b476b26e
Document how to use Twitter as an OAuth 2.0 provider. (#14778)
This also alphabetizes the documentation for the various OpenID providers.
2023-01-04 15:00:27 -05:00
Patrick Cloke 630d0aeaf6
Support RFC7636 PKCE in the OAuth 2.0 flow. (#14750)
PKCE can protect against certain attacks and is enabled by default. Support
can be controlled manually by setting the pkce_method of each oidc_providers
entry to 'auto' (default), 'always', or 'never'.

This is required by Twitter OAuth 2.0 support.
2023-01-04 14:58:08 -05:00
Patrick Cloke 906dfaa2cf
Support non-OpenID compliant user info endpoints (#14753)
OpenID specifies the format of the user info endpoint and some
OAuth 2.0 IdPs do not follow it, e.g. NextCloud and Twitter.

This adds subject_template and picture_template options to the
default mapping provider for more flexibility in matching those user
info responses.
2023-01-04 08:26:10 -05:00
Vertux 8d20b1ba1e
Broken link "request_id_header" (#14740)
* Broken link "request_id_header"

The link above leads to an ERROR 404

* Update docs/reverse_proxy.md

Co-authored-by: reivilibre <olivier@librepush.net>
2022-12-28 15:45:28 +00:00
Dirk Klimpel 2fb4071c1f
Move `email` to Server section in config file documentation (#14730)
* Move `email` to server in config file documentation

* changelog
2022-12-28 12:17:51 +00:00
Patrick Cloke 14abf22dd6 Update docs about ruff vs. flake8. 2022-12-21 13:08:20 -05:00
Sean Quah 43c54ba753 Merge branch 'master' into develop 2022-12-20 18:09:30 +00:00
Mathieu Velten eb2defc2f7
Add release note and update doc regarding ICU (#14712)
Fixes #14704.

Signed-off-by: Mathieu Velten <mathieuv@matrix.org>
2022-12-20 16:06:26 +00:00
Jeremy Kescher 046320b9b6
Fix missing word in autotune sub-option description (#14674)
Fix `target_memory_usage` being used in the description for the actual `cache_autotune` sub-option `target_cache_memory_usage`.

Signed-off-by: Jeremy Kescher <jeremy@kescher.at>

Signed-off-by: Jeremy Kescher <jeremy@kescher.at>
2022-12-14 20:03:13 -08:00
David Robertson d567a8265f
Declare support for Python 3.11 (#14673)
* Declare support for Python 3.11

* Changelog
2022-12-13 15:36:27 +00:00
David Robertson e2a1adbf5d
Allow selecting "prejoin" events by state keys (#14642)
* Declare new config

* Parse new config

* Read new config

* Don't use trial/our TestCase where it's not needed

Before:

```
$ time trial tests/events/test_utils.py > /dev/null

real	0m2.277s
user	0m2.186s
sys	0m0.083s
```

After:
```
$ time trial tests/events/test_utils.py > /dev/null

real	0m0.566s
user	0m0.508s
sys	0m0.056s
```

* Helper to upsert to event fields

without exceeding size limits.

* Use helper when adding invite/knock state

Now that we allow admins to include events in prejoin room state with
arbitrary state keys, be a good Matrix citizen and ensure they don't
accidentally create an oversized event.

* Changelog

* Move StateFilter tests

should have done this in #14668

* Add extra methods to StateFilter

* Use StateFilter

* Ensure test file enforces typed defs; alphabetise

* Workaround surprising get_current_state_ids

* Whoops, fix mypy
2022-12-13 00:54:46 +00:00
Richard van der Hoff dfe8febe47
Update admin_faq.md 2022-12-07 22:02:20 +00:00
villepeh d69bf3b24c
Add Mastodon SSO setup instructions to docs (#14594)
Fixes https://github.com/matrix-org/synapse/issues/14147
2022-12-07 11:44:53 +00:00
villepeh 9a9568168a
Change `turn_allow_guests` example value to lowercase `true` (#14634)
* Set `turn_allow_guests` example value to lowercase

* Create 14634.doc
2022-12-07 11:33:24 +00:00
Andrew Morgan 66d47b44cd
docs: Replace old note about Postgres 10+ being required with link to our deprecation policy (#14590) 2022-12-06 14:36:04 +00:00
Will Hunt e1779bc69f
Fix push.enabled config documentation (#14619)
* Fix push.enabled config documentation

* Create 14619.doc

* Update 14619.doc
2022-12-05 12:47:45 +00:00
realtyem 6acb6d772a
Update worker docs to update preferred settings for pusher and federation_sender (#14493)
* Fix one typo on line 3700(and apparently do something to other lines, no idea)

* Update config_documentation.md with more information about how federation_senders and pushers settings can be handled.

Specifically, that the instance map style of config does not require the special other variables that enable and disable functionality and that a single worker CAN be added to the map not only just two or more.

* Extra line here for consistency and appearance.

* Add link to sygnal repo.

* Add deprecation notice to workers.md and point to the newer alternative method of defining this functionality.

* Changelog

* Correct version number of Synapse the deprecation is happening in.

* Update quiet deprecation with simple notice and suggestion.
2022-12-02 11:38:01 +00:00
Will Hunt 71f3e53ad0
Add `push.enabled` option to disable push notification calculation (#14551)
* Add initial option

* changelog

* Some more linting
2022-12-01 13:46:24 +00:00
David Robertson 7aefc7e9fc
Cite launchpad bug that says ubuntu's pkgs are old (#14517)
* Cite launchpad bug that says ubuntu's pkgs are old

* Add some cross-references while I'm here

* Changelog
2022-11-30 18:33:35 +00:00
Eric Eastwood 8f10c8b054
Move MSC3030 `/timestamp_to_event` endpoint to stable v1 location (#14471)
Fix https://github.com/matrix-org/synapse/issues/14390

 - Client API: `/_matrix/client/unstable/org.matrix.msc3030/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction>` -> `/_matrix/client/v1/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction>`
 - Federation API: `/_matrix/federation/unstable/org.matrix.msc3030/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction>` -> `/_matrix/federation/v1/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction>`

Complement test changes: https://github.com/matrix-org/complement/pull/559
2022-11-28 15:54:18 -06:00
Ashish Kumar 09de2aecb0
Add support for handling avatar with SSO login (#13917)
This commit adds support for handling a provided avatar picture URL
when logging in via SSO.

Signed-off-by: Ashish Kumar <ashfame@users.noreply.github.com>

Fixes #9357.
2022-11-25 15:16:50 +00:00
reivilibre 9af2be192a
Remove legacy Prometheus metrics names. They were deprecated in Synapse v1.69.0 and disabled by default in Synapse v1.71.0. (#14538) 2022-11-24 09:09:17 +00:00
Brennan Chapman 640cb3c81c
Fix broken admin API request recommendation link (#14499)
Signed-off-by: Brennan Chapman <brennan@chapmanb.com>
2022-11-21 12:40:25 +01:00
David Robertson 01a0527892
Fix version that `worker_main_http_uri` is redundant from (#14476)
* Fix version that `worker_main_http_uri` is redundant from

* Changelog
2022-11-17 16:11:08 +00:00
realtyem c15e9a0edb
Remove need for `worker_main_http_uri` setting to use /keys/upload. (#14400) 2022-11-16 22:16:25 +00:00
Tuomas Ojamies b5ab2c428a
Support using SSL on worker endpoints. (#14128)
* Fix missing SSL support in worker endpoints.

* Add changelog

* SSL for Replication endpoint

* Remove unit test change

* Refactor listener creation to reduce duplicated code

* Fix the logger message

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Add config documentation for new TLS option

Co-authored-by: Tuomas Ojamies <tojamies@palantir.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2022-11-15 12:55:00 +00:00
sando38 64dd8a9c6e
Include additional TURN server example into documentation (#14293)
* Include eturnal TURN server configuration example

and moving specific configuration examples into sub folders.

* Update docs/turn-howto.md

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>

* Update docs/setup/turn/coturn.md

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>

* Update docs/setup/turn/eturnal.md

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>

* Fix TURN relaying public IP address hint

* lint eturnal installation commands

* Adjust synapse setup to link to existing documentation

..avoid redundant information.

* remove redundant text

* include alpine linux package link

* Create 14293.doc

* Update 14293.doc

add missing dot

* Update docs/setup/turn/eturnal.md

Co-authored-by: reivilibre <olivier@librepush.net>

* Update docs/setup/turn/eturnal.md

Co-authored-by: reivilibre <olivier@librepush.net>

* Update docs/setup/turn/coturn.md

Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>

* Update docs/setup/turn/coturn.md

Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>

* Update docs/setup/turn/coturn.md

Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>

* Update docs/setup/turn/eturnal.md

Co-authored-by: reivilibre <olivier@librepush.net>

* Update docs/setup/turn/coturn.md

Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>

* Update docs/setup/turn/coturn.md

Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>

* Update eturnal.md to link to official documentation

... and to simplify some aspects

* Adjust coturn to link to default prefix

* Mention eturnalctl location

* Update docs/turn-howto.md

Co-authored-by: Saarko <sandomir@tutanotal.com>
Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>
Co-authored-by: reivilibre <olivier@librepush.net>
Co-authored-by: Moritz Dietz <moritzdietz@users.noreply.github.com>
2022-11-14 17:55:10 +00:00
Brad Jones 334a8324d3
Update sample Nginx configuration to HTTP 1.1 (#14414)
Signed-off-by: Brad Jones <brad@kinksters.dating>
2022-11-11 17:28:05 +00:00
Ashish Kumar a3623af74e
Add an Admin API endpoint for looking up users based on 3PID (#14405) 2022-11-11 15:38:17 +00:00
Sean Quah a5fcdea090
Remove support for PostgreSQL 10 (#14392)
Signed-off-by: Sean Quah <seanq@matrix.org>
2022-11-08 17:17:13 +00:00
realtyem 69814eb282
Allow override for requesting specific worker types for Complement on command line. (#14324)
* Expose getting SYNAPSE_WORKER_TYPES from external, allowing override of workers requested.

* Add WORKER_TYPES variable option to complement.sh script that passes requested workers into start_for_complement.sh entrypoint.

* Update docs to reflect this new ability.

* Changelog

* Don't rely on soft wrapping to format long strings

Good idea dklimpel. Thanks for catching that.

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>

* Small nits just noticed in docs.

* Fixup new line in docs.

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>
2022-11-08 12:34:09 +00:00
aceArt-GmbH 42f9d414c2
Add example on how to load balance /sync requests (#14297)
Signed-off-by: lukas <lukas.walter@aceart.de>

Signed-off-by: lukas <lukas.walter@aceart.de>
2022-11-07 13:51:53 +00:00
David Robertson 78909f5028
Include monthly active user metrics in the list of legacy metrics names (#14360) 2022-11-04 10:45:01 +00:00
Will Hunt b1379a7ca8
Update legacy `synapse_admin_mau:` metric names in docs (#14358)
* Rename legacy metrics in MAU docs

* changelog
2022-11-03 20:47:20 +00:00
reivilibre 6546308c1e
Disable legacy Prometheus metric names by default. They can still be re-enabled for now, but they will be removed altogether in Synapse 1.73.0. (#14353) 2022-11-02 17:33:45 +00:00
Quentin Gliech cc3a52b33d
Support OIDC backchannel logouts (#11414)
If configured an OIDC IdP can log a user's session out of
Synapse when they log out of the identity provider.

The IdP sends a request directly to Synapse (and must be
configured with an endpoint) when a user logs out.
2022-10-31 13:07:30 -04:00
Dirk Klimpel 44f0d573cf
Add docs for an empty `trusted_key_servers` config option (#13999)
* Add docs for an empty `trusted_key_servers` config option

* small rewording

* Tweak changelog
2022-10-28 13:55:03 +01:00
Eric Eastwood aa70556699
Check appservice user interest against the local users instead of all users (`get_users_in_room` mis-use) (#13958) 2022-10-27 18:29:23 +00:00
Dirk Klimpel 1357ae869f
Add workers settings to configuration manual (#14086)
* Add workers settings to configuration manual
* Update `pusher_instances`
* update url to python logger
* update headlines
* update links after headline change
* remove link from `daemon process`

There is no docs in Synapse for this

* extend example for `federation_sender_instances` and `pusher_instances`
* more infos about stream writers
* add link to DAG
* update `pusher_instances`
* update `worker_listeners`
* update `stream_writers`
* Update `worker_name`

Co-authored-by: David Robertson <davidr@element.io>
2022-10-27 14:39:47 +01:00
Quentin Gliech 8756d5c87e
Save login tokens in database (#13844)
* Save login tokens in database

Signed-off-by: Quentin Gliech <quenting@element.io>

* Add upgrade notes

* Track login token reuse in a Prometheus metric

Signed-off-by: Quentin Gliech <quenting@element.io>
2022-10-26 11:45:41 +01:00
Tadeusz Sośnierz 1433b5d5b6
Show erasure status when listing users in the Admin API (#14205)
* Show erasure status when listing users in the Admin API

* Use USING when joining erased_users

* Add changelog entry

* Revert "Use USING when joining erased_users"

This reverts commit 30bd2bf106.

* Make the erased check work on postgres

* Add a testcase for showing erased user status

* Appease the style linter

* Explicitly convert `erased` to bool to make SQLite consistent with Postgres

This also adds us an easy way in to fix the other accidentally integered columns.

* Move erasure status test to UsersListTestCase

* Include user erased status when fetching user info via the admin API

* Document the erase status in user_admin_api

* Appease the linter and mypy

* Signpost comments in tests

Co-authored-by: Tadeusz Sośnierz <tadeusz@sosnierz.com>
Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
2022-10-21 13:52:44 +01:00
Matthew Hodgson 695a85d1bc
Document encryption_enabled_by_default_for_room_type under the right name (#14110)
* document encryption_enabled_by_default_for_room_type under the right name

* add changelog

* Update changelog.d/14110.doc
2022-10-19 20:17:37 +01:00
David Robertson cd01a1d3b5
Fix dead link to admin registration API (#14189)
* Fix dead link to admin registration API

* Changelog
2022-10-17 12:10:01 +01:00
Patrick Cloke c3e4edb4d6
Stabilize the threads API. (#14175)
Stabilize the threads API (MSC3856) by supporting (only) the v1
path for the endpoint.

This also marks the API as safe for workers since it is a read-only
API.
2022-10-14 07:16:50 -04:00
Patrick Cloke c604d2c218
Mark /relations endpoint as usable on workers. (#14028)
Co-authored-by: Eric Eastwood <erice@element.io>
2022-10-12 06:46:13 -04:00
David Robertson 6a92944854
Handle `gottestfmt` repository move (#14144) 2022-10-11 17:54:06 +00:00
Andrew Morgan e580f03e02
Fix name of "alias_creation_rules" option in config manual (#14124) 2022-10-10 20:01:05 +00:00
Paul Tötterman 8074430d25
Document Google OpenID Connect email attribute (#14081) 2022-10-07 14:22:25 +00:00
Dirk Klimpel c0e868e423
Improve the listener example on the metrics documentation (#14078)
Signed-off-by: Dirk Klimpel <dirk@klimpel.org>
2022-10-07 14:54:01 +01:00
Dirk Klimpel 0adeccafc6
Add sample worker files for `pusher` and `federation_sender` (#14077)
Signed-off-by: Dirk Klimpel <dirk@klimpel.org>
2022-10-07 14:25:28 +01:00