OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity
13,383 Commits
842 Branches
671 Tags
284 MiB
Commit Graph

561 Commits (a06614bd2aba5d751e002433c88e8ba1ba02c50b)

Author SHA1 Message Date
Richard van der Hoff 5f9bdf90fe Attempt to make default config more consistent 
The general idea here is that config examples should just have a hash and no
extraneous whitespace, both to make it easier for people who don't understand
yaml, and to make the examples stand out from the comments.
 2019-02-19 13:54:29 +00:00
Brendan Abolivier a288bdf0b1
Merge pull request #4652 from matrix-org/babolivier/acme-delegated 
Support .well-known delegation when issuing certificates through ACME
 2019-02-19 11:15:38 +00:00
Brendan Abolivier 5a707a2f9a Improve config documentation 2019-02-19 10:59:26 +00:00
Erik Johnston d154f5a055
Merge pull request #4632 from matrix-org/erikj/basic_sentry 
Add basic optional sentry.io integration
 2019-02-18 17:22:45 +00:00
Erik Johnston d328a93b51 Fixup error handling and message 2019-02-18 16:53:56 +00:00
Brendan Abolivier 45bb55c6de Use a configuration parameter to give the domain to generate a certificate for 2019-02-18 15:46:23 +00:00
Erik Johnston dc5efc92a8 Fixup 2019-02-18 13:52:49 +00:00
Juuso "Linda" Lapinlampi 68d2869c8d config: Remove a repeated word from a logger warning 
The warning for missing macaroon_secret_key was "missing missing".
 2019-02-15 22:24:53 -07:00
Erik Johnston bd4505f765
Merge pull request #4647 from matrix-org/erikj/add_room_publishing_rules 
Add configurable room list publishing rules
 2019-02-15 22:11:01 +00:00
Erik Johnston b99c532c1c Move defaults up into code 2019-02-15 10:53:39 +00:00
Erik Johnston 02c729d6b0 Hoist up checks to reduce overall work 2019-02-15 10:20:02 +00:00
Erik Johnston 02c46acc6a Fixup comments 2019-02-15 10:17:13 +00:00
Erik Johnston 8e32f26cb8 Clarify comments 2019-02-14 18:21:24 +00:00
Erik Johnston cb12a37708 Clarify and fix behaviour when there are multiple aliases 2019-02-14 18:16:32 +00:00
Erik Johnston f666fe36d7 Fixup comments 2019-02-14 18:07:24 +00:00
Richard van der Hoff f311018823
Fix errors in acme provisioning (#4648) 
* Better logging for errors on startup

* Fix "TypeError: '>' not supported" when starting without an existing
  certificate
* Fix a bug where an existing certificate would be reprovisoned every day
 2019-02-14 17:10:36 +00:00
Erik Johnston eaf4d11af9 Add configurable room list publishing rules 
This allows specifying who and what is allowed to be published onto the
public room list
 2019-02-14 16:02:23 +00:00
Erik Johnston 6cb415b63f Fixup comments and add warning 2019-02-13 16:15:11 +00:00
Richard van der Hoff e3a0300431 Special-case the default bind_addresses for metrics listener 
turns out it doesn't really support ipv6, so let's hack around that by only
listening on ipv4 by default.
 2019-02-13 11:48:56 +00:00
Erik Johnston 6a8f902edb Raise an appropriate error message if sentry_sdk missing 2019-02-12 16:01:41 +00:00
Erik Johnston ef2228c890 Basic sentry integration 2019-02-12 13:55:58 +00:00
Erik Johnston 3c03c37883
Merge pull request #4625 from matrix-org/rav/fix_generate_config_warnings 
fix self-signed cert notice from generate-config
 2019-02-12 11:24:45 +00:00
Richard van der Hoff a4ce91396b
Disable TLS by default (#4614) 2019-02-12 10:52:08 +00:00
Richard van der Hoff 32b781bfe2
Fix error when loading cert if tls is disabled (#4618) 
If TLS is disabled, it should not be an error if no cert is given.

Fixes #4554.
 2019-02-12 10:51:31 +00:00
Richard van der Hoff dfc846a316 fix self-signed cert notice from generate-config 
fixes #4620
 2019-02-12 10:37:59 +00:00
Richard van der Hoff 0ca2908653 fix tests 2019-02-11 22:01:27 +00:00
Richard van der Hoff 4fddf8fc77 Infer no_tls from presence of TLS listeners 
Rather than have to specify `no_tls` explicitly, infer whether we need to load
the TLS keys etc from whether we have any TLS-enabled listeners.
 2019-02-11 21:39:14 +00:00
Richard van der Hoff be794c7cf7 Merge branch 'rav/tls_config_logging_fixes' into rav/tls_cert/work 2019-02-11 21:16:00 +00:00
Richard van der Hoff 2129dd1a02 Fail cleanly if listener config lacks a 'port' 
... otherwise we would fail with a mysterious KeyError or something later.
 2019-02-11 21:15:01 +00:00
Richard van der Hoff 086f6f27d4 Logging improvements around TLS certs 
Log which file we're reading keys and certs from, and refactor the code a bit
in preparation for other work
 2019-02-11 21:02:06 +00:00
Richard van der Hoff 24b7f3916d
Clean up default listener configuration (#4586) 
Rearrange the comments to try to clarify them, and expand on what some of it
means.

Use a sensible default 'bind_addresses' setting.

For the insecure port, only bind to localhost, and enable x_forwarded, since
apparently it's for use behind a load-balancer.
 2019-02-11 12:50:30 +00:00
Amber Brown 6e2a5aa050 ACME Reprovisioning (#4522) 2019-02-11 10:36:26 +00:00
Amber Brown 4ffd10f46d Be tolerant of blank TLS fingerprints config (#4589) 2019-02-11 10:04:27 +00:00
Erik Johnston b201149c7e
Merge pull request #4420 from matrix-org/jaywink/openid-listener 
New listener resource for the federation API "openid/userinfo" endpoint
 2019-02-11 09:44:00 +00:00
Amber Brown 9cd33d2f4b
Deduplicate some code in synapse.app (#4567) 2019-02-08 17:25:57 +00:00
Richard van der Hoff 2475434080 Merge branch 'master' into develop 2019-02-05 18:44:49 +00:00
Richard van der Hoff bf1e4d96ad
Fix default ACME config for py2 (#4564) 
Fixes #4559
 2019-02-05 11:37:33 +00:00
Richard van der Hoff d7e27a1f08
fix typo in config comments (#4557) 2019-02-05 11:32:45 +00:00
Matthew Hodgson ad7ac8853c by default include m.room.encryption on invites (#3902) 
* by default include m.room.encryption on invites

* fix constant

* changelog
 2019-01-30 16:26:13 +00:00
Richard van der Hoff 7615a8ced1 ACME config cleanups (#4525) 
* Handle listening for ACME requests on IPv6 addresses

the weird url-but-not-actually-a-url-string doesn't handle IPv6 addresses
without extra quoting. Building a string which you are about to parse again
seems like a weird choice. Let's just use listenTCP, which is consistent with
what we do elsewhere.

* Clean up the default ACME config

make it look a bit more consistent with everything else, and tweak the defaults
to listen on port 80.

* newsfile
 2019-01-30 14:17:55 +00:00
Amber Brown f6813919e8
SIGHUP for TLS cert reloading (#4495) 2019-01-30 11:00:02 +00:00
Andrew Morgan 03b086647f
Merge pull request #4512 from matrix-org/anoa/consent_dir 
Check consent dir path on startup
 2019-01-29 20:08:18 +00:00
Travis Ralston d02c5ccb11
Merge pull request #4498 from matrix-org/travis/fix-docs-public_baseurl 
Don't recommend :8448 to people on public_baseurl
 2019-01-29 09:06:16 -07:00
Andrew Morgan e65a17b26f Check consent dir path on startup 2019-01-29 15:30:33 +00:00
Amber Brown 6bd4374636
Do not generate self-signed TLS certificates by default. (#4509) 2019-01-29 14:09:10 +00:00
Travis Ralston 6901ac7e9d
Don't recommend :8448 to people on public_baseurl 2019-01-28 12:15:22 -07:00
Richard van der Hoff 4a3f138832
Fix quoting for allowed_local_3pids example config (#4476) 
If you use double-quotes here, you have to escape your backslashes. It's much
easier with single-quotes.

(Note that the existing double-backslashes are already interpreted by python's
""" parsing.)
 2019-01-25 13:57:52 +00:00
Neil Johnson 10b89d5c2e
Merge pull request #4435 from matrix-org/neilj/fix_threepid_auth_check 
Neilj/fix threepid auth check
 2019-01-24 13:02:50 +00:00
David Baker 92d8a068ad Clarify docs for public_baseurl 
This is leading to problems with people upgrading to clients that
support MSC1730 because people have this misconfigured, so try
to make the docs completely unambiguous.
 2019-01-24 10:52:06 +00:00
Jason Robinson 6f680241bd Fix flake8 issues 
Signed-off-by: Jason Robinson <jasonr@matrix.org>
 2019-01-23 10:53:48 +02:00