forked from MirrorHub/synapse
Merge branch 'uhoreg/e2e_cross-signing_merged' into cross-signing_keys
This commit is contained in:
commit
e3d3fbf63f
207 changed files with 4990 additions and 1521 deletions
|
@ -6,6 +6,7 @@ services:
|
||||||
image: postgres:9.5
|
image: postgres:9.5
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.5
|
image: python:3.5
|
||||||
|
|
|
@ -6,6 +6,7 @@ services:
|
||||||
image: postgres:11
|
image: postgres:11
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.7
|
image: python:3.7
|
||||||
|
|
|
@ -6,6 +6,7 @@ services:
|
||||||
image: postgres:9.5
|
image: postgres:9.5
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.7
|
image: python:3.7
|
||||||
|
|
|
@ -45,8 +45,15 @@ steps:
|
||||||
- docker#v3.0.1:
|
- docker#v3.0.1:
|
||||||
image: "python:3.6"
|
image: "python:3.6"
|
||||||
|
|
||||||
- wait
|
- command:
|
||||||
|
- "python -m pip install tox"
|
||||||
|
- "tox -e mypy"
|
||||||
|
label: ":mypy: mypy"
|
||||||
|
plugins:
|
||||||
|
- docker#v3.0.1:
|
||||||
|
image: "python:3.5"
|
||||||
|
|
||||||
|
- wait
|
||||||
|
|
||||||
- command:
|
- command:
|
||||||
- "apt-get update && apt-get install -y python3.5 python3.5-dev python3-pip libxml2-dev libxslt-dev zlib1g-dev"
|
- "apt-get update && apt-get install -y python3.5 python3.5-dev python3-pip libxml2-dev libxslt-dev zlib1g-dev"
|
||||||
|
@ -55,6 +62,7 @@ steps:
|
||||||
label: ":python: 3.5 / SQLite / Old Deps"
|
label: ":python: 3.5 / SQLite / Old Deps"
|
||||||
env:
|
env:
|
||||||
TRIAL_FLAGS: "-j 2"
|
TRIAL_FLAGS: "-j 2"
|
||||||
|
LANG: "C.UTF-8"
|
||||||
plugins:
|
plugins:
|
||||||
- docker#v3.0.1:
|
- docker#v3.0.1:
|
||||||
image: "ubuntu:xenial" # We use xenail to get an old sqlite and python
|
image: "ubuntu:xenial" # We use xenail to get an old sqlite and python
|
||||||
|
|
|
@ -3,10 +3,6 @@
|
||||||
|
|
||||||
Message history can be paginated
|
Message history can be paginated
|
||||||
|
|
||||||
m.room.history_visibility == "world_readable" allows/forbids appropriately for Guest users
|
|
||||||
|
|
||||||
m.room.history_visibility == "world_readable" allows/forbids appropriately for Real users
|
|
||||||
|
|
||||||
Can re-join room if re-invited
|
Can re-join room if re-invited
|
||||||
|
|
||||||
/upgrade creates a new room
|
/upgrade creates a new room
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
comment:
|
comment: off
|
||||||
layout: "diff"
|
|
||||||
|
|
||||||
coverage:
|
coverage:
|
||||||
status:
|
status:
|
||||||
|
|
6
.gitignore
vendored
6
.gitignore
vendored
|
@ -16,9 +16,11 @@ _trial_temp*/
|
||||||
/*.log
|
/*.log
|
||||||
/*.log.config
|
/*.log.config
|
||||||
/*.pid
|
/*.pid
|
||||||
|
/.python-version
|
||||||
/*.signing.key
|
/*.signing.key
|
||||||
/env/
|
/env/
|
||||||
/homeserver*.yaml
|
/homeserver*.yaml
|
||||||
|
/logs
|
||||||
/media_store/
|
/media_store/
|
||||||
/uploads
|
/uploads
|
||||||
|
|
||||||
|
@ -28,8 +30,9 @@ _trial_temp*/
|
||||||
/.vscode/
|
/.vscode/
|
||||||
|
|
||||||
# build products
|
# build products
|
||||||
/.coverage*
|
|
||||||
!/.coveragerc
|
!/.coveragerc
|
||||||
|
/.coverage*
|
||||||
|
/.mypy_cache/
|
||||||
/.tox
|
/.tox
|
||||||
/build/
|
/build/
|
||||||
/coverage.*
|
/coverage.*
|
||||||
|
@ -37,4 +40,3 @@ _trial_temp*/
|
||||||
/docs/build/
|
/docs/build/
|
||||||
/htmlcov
|
/htmlcov
|
||||||
/pip-wheel-metadata/
|
/pip-wheel-metadata/
|
||||||
|
|
||||||
|
|
99
CHANGES.md
99
CHANGES.md
|
@ -1,3 +1,102 @@
|
||||||
|
Synapse 1.3.1 (2019-08-17)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
Features
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Drop hard dependency on `sdnotify` python package. ([\#5871](https://github.com/matrix-org/synapse/issues/5871))
|
||||||
|
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Fix startup issue (hang on ACME provisioning) due to ordering of Twisted reactor startup. Thanks to @chrismoos for supplying the fix. ([\#5867](https://github.com/matrix-org/synapse/issues/5867))
|
||||||
|
|
||||||
|
|
||||||
|
Synapse 1.3.0 (2019-08-15)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Fix 500 Internal Server Error on `publicRooms` when the public room list was
|
||||||
|
cached. ([\#5851](https://github.com/matrix-org/synapse/issues/5851))
|
||||||
|
|
||||||
|
|
||||||
|
Synapse 1.3.0rc1 (2019-08-13)
|
||||||
|
==========================
|
||||||
|
|
||||||
|
Features
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Use `M_USER_DEACTIVATED` instead of `M_UNKNOWN` for errcode when a deactivated user attempts to login. ([\#5686](https://github.com/matrix-org/synapse/issues/5686))
|
||||||
|
- Add sd_notify hooks to ease systemd integration and allows usage of Type=Notify. ([\#5732](https://github.com/matrix-org/synapse/issues/5732))
|
||||||
|
- Synapse will no longer serve any media repo admin endpoints when `enable_media_repo` is set to False in the configuration. If a media repo worker is used, the admin APIs relating to the media repo will be served from it instead. ([\#5754](https://github.com/matrix-org/synapse/issues/5754), [\#5848](https://github.com/matrix-org/synapse/issues/5848))
|
||||||
|
- Synapse can now be configured to not join remote rooms of a given "complexity" (currently, state events) over federation. This option can be used to prevent adverse performance on resource-constrained homeservers. ([\#5783](https://github.com/matrix-org/synapse/issues/5783))
|
||||||
|
- Allow defining HTML templates to serve the user on account renewal attempt when using the account validity feature. ([\#5807](https://github.com/matrix-org/synapse/issues/5807))
|
||||||
|
|
||||||
|
|
||||||
|
Bugfixes
|
||||||
|
--------
|
||||||
|
|
||||||
|
- Fix UISIs during homeserver outage. ([\#5693](https://github.com/matrix-org/synapse/issues/5693), [\#5789](https://github.com/matrix-org/synapse/issues/5789))
|
||||||
|
- Fix stack overflow in server key lookup code. ([\#5724](https://github.com/matrix-org/synapse/issues/5724))
|
||||||
|
- start.sh no longer uses deprecated cli option. ([\#5725](https://github.com/matrix-org/synapse/issues/5725))
|
||||||
|
- Log when we receive an event receipt from an unexpected origin. ([\#5743](https://github.com/matrix-org/synapse/issues/5743))
|
||||||
|
- Fix debian packaging scripts to correctly build sid packages. ([\#5775](https://github.com/matrix-org/synapse/issues/5775))
|
||||||
|
- Correctly handle redactions of redactions. ([\#5788](https://github.com/matrix-org/synapse/issues/5788))
|
||||||
|
- Return 404 instead of 403 when accessing /rooms/{roomId}/event/{eventId} for an event without the appropriate permissions. ([\#5798](https://github.com/matrix-org/synapse/issues/5798))
|
||||||
|
- Fix check that tombstone is a state event in push rules. ([\#5804](https://github.com/matrix-org/synapse/issues/5804))
|
||||||
|
- Fix error when trying to login as a deactivated user when using a worker to handle login. ([\#5806](https://github.com/matrix-org/synapse/issues/5806))
|
||||||
|
- Fix bug where user `/sync` stream could get wedged in rare circumstances. ([\#5825](https://github.com/matrix-org/synapse/issues/5825))
|
||||||
|
- The purge_remote_media.sh script was fixed. ([\#5839](https://github.com/matrix-org/synapse/issues/5839))
|
||||||
|
|
||||||
|
|
||||||
|
Deprecations and Removals
|
||||||
|
-------------------------
|
||||||
|
|
||||||
|
- Synapse now no longer accepts the `-v`/`--verbose`, `-f`/`--log-file`, or `--log-config` command line flags, and removes the deprecated `verbose` and `log_file` configuration file options. Users of these options should migrate their options into the dedicated log configuration. ([\#5678](https://github.com/matrix-org/synapse/issues/5678), [\#5729](https://github.com/matrix-org/synapse/issues/5729))
|
||||||
|
- Remove non-functional 'expire_access_token' setting. ([\#5782](https://github.com/matrix-org/synapse/issues/5782))
|
||||||
|
|
||||||
|
|
||||||
|
Internal Changes
|
||||||
|
----------------
|
||||||
|
|
||||||
|
- Make Jaeger fully configurable. ([\#5694](https://github.com/matrix-org/synapse/issues/5694))
|
||||||
|
- Add precautionary measures to prevent future abuse of `window.opener` in default welcome page. ([\#5695](https://github.com/matrix-org/synapse/issues/5695))
|
||||||
|
- Reduce database IO usage by optimising queries for current membership. ([\#5706](https://github.com/matrix-org/synapse/issues/5706), [\#5738](https://github.com/matrix-org/synapse/issues/5738), [\#5746](https://github.com/matrix-org/synapse/issues/5746), [\#5752](https://github.com/matrix-org/synapse/issues/5752), [\#5770](https://github.com/matrix-org/synapse/issues/5770), [\#5774](https://github.com/matrix-org/synapse/issues/5774), [\#5792](https://github.com/matrix-org/synapse/issues/5792), [\#5793](https://github.com/matrix-org/synapse/issues/5793))
|
||||||
|
- Improve caching when fetching `get_filtered_current_state_ids`. ([\#5713](https://github.com/matrix-org/synapse/issues/5713))
|
||||||
|
- Don't accept opentracing data from clients. ([\#5715](https://github.com/matrix-org/synapse/issues/5715))
|
||||||
|
- Speed up PostgreSQL unit tests in CI. ([\#5717](https://github.com/matrix-org/synapse/issues/5717))
|
||||||
|
- Update the coding style document. ([\#5719](https://github.com/matrix-org/synapse/issues/5719))
|
||||||
|
- Improve database query performance when recording retry intervals for remote hosts. ([\#5720](https://github.com/matrix-org/synapse/issues/5720))
|
||||||
|
- Add a set of opentracing utils. ([\#5722](https://github.com/matrix-org/synapse/issues/5722))
|
||||||
|
- Cache result of get_version_string to reduce overhead of `/version` federation requests. ([\#5730](https://github.com/matrix-org/synapse/issues/5730))
|
||||||
|
- Return 'user_type' in admin API user endpoints results. ([\#5731](https://github.com/matrix-org/synapse/issues/5731))
|
||||||
|
- Don't package the sytest test blacklist file. ([\#5733](https://github.com/matrix-org/synapse/issues/5733))
|
||||||
|
- Replace uses of returnValue with plain return, as returnValue is not needed on Python 3. ([\#5736](https://github.com/matrix-org/synapse/issues/5736))
|
||||||
|
- Blacklist some flakey tests in worker mode. ([\#5740](https://github.com/matrix-org/synapse/issues/5740))
|
||||||
|
- Fix some error cases in the caching layer. ([\#5749](https://github.com/matrix-org/synapse/issues/5749))
|
||||||
|
- Add a prometheus metric for pending cache lookups. ([\#5750](https://github.com/matrix-org/synapse/issues/5750))
|
||||||
|
- Stop trying to fetch events with event_id=None. ([\#5753](https://github.com/matrix-org/synapse/issues/5753))
|
||||||
|
- Convert RedactionTestCase to modern test style. ([\#5768](https://github.com/matrix-org/synapse/issues/5768))
|
||||||
|
- Allow looping calls to be given arguments. ([\#5780](https://github.com/matrix-org/synapse/issues/5780))
|
||||||
|
- Set the logs emitted when checking typing and presence timeouts to DEBUG level, not INFO. ([\#5785](https://github.com/matrix-org/synapse/issues/5785))
|
||||||
|
- Remove DelayedCall debugging from the test suite, as it is no longer required in the vast majority of Synapse's tests. ([\#5787](https://github.com/matrix-org/synapse/issues/5787))
|
||||||
|
- Remove some spurious exceptions from the logs where we failed to talk to a remote server. ([\#5790](https://github.com/matrix-org/synapse/issues/5790))
|
||||||
|
- Improve performance when making `.well-known` requests by sharing the SSL options between requests. ([\#5794](https://github.com/matrix-org/synapse/issues/5794))
|
||||||
|
- Disable codecov GitHub comments on PRs. ([\#5796](https://github.com/matrix-org/synapse/issues/5796))
|
||||||
|
- Don't allow clients to send tombstone events that reference the room it's sent in. ([\#5801](https://github.com/matrix-org/synapse/issues/5801))
|
||||||
|
- Deny redactions of events sent in a different room. ([\#5802](https://github.com/matrix-org/synapse/issues/5802))
|
||||||
|
- Deny sending well known state types as non-state events. ([\#5805](https://github.com/matrix-org/synapse/issues/5805))
|
||||||
|
- Handle incorrectly encoded query params correctly by returning a 400. ([\#5808](https://github.com/matrix-org/synapse/issues/5808))
|
||||||
|
- Handle pusher being deleted during processing rather than logging an exception. ([\#5809](https://github.com/matrix-org/synapse/issues/5809))
|
||||||
|
- Return 502 not 500 when failing to reach any remote server. ([\#5810](https://github.com/matrix-org/synapse/issues/5810))
|
||||||
|
- Reduce global pauses in the events stream caused by expensive state resolution during persistence. ([\#5826](https://github.com/matrix-org/synapse/issues/5826))
|
||||||
|
- Add a lower bound to well-known lookup cache time to avoid repeated lookups. ([\#5836](https://github.com/matrix-org/synapse/issues/5836))
|
||||||
|
- Whitelist history visbility sytests in worker mode tests. ([\#5843](https://github.com/matrix-org/synapse/issues/5843))
|
||||||
|
|
||||||
|
|
||||||
Synapse 1.2.1 (2019-07-26)
|
Synapse 1.2.1 (2019-07-26)
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
|
|
|
@ -419,12 +419,11 @@ If Synapse is not configured with an SMTP server, password reset via email will
|
||||||
|
|
||||||
## Registering a user
|
## Registering a user
|
||||||
|
|
||||||
You will need at least one user on your server in order to use a Matrix
|
The easiest way to create a new user is to do so from a client like [Riot](https://riot.im).
|
||||||
client. Users can be registered either via a Matrix client, or via a
|
|
||||||
commandline script.
|
|
||||||
|
|
||||||
To get started, it is easiest to use the command line to register new
|
Alternatively you can do so from the command line if you have installed via pip.
|
||||||
users. This can be done as follows:
|
|
||||||
|
This can be done as follows:
|
||||||
|
|
||||||
```
|
```
|
||||||
$ source ~/synapse/env/bin/activate
|
$ source ~/synapse/env/bin/activate
|
||||||
|
|
1
changelog.d/5633.bugfix
Normal file
1
changelog.d/5633.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Don't create broken room when power_level_content_override.users does not contain creator_id.
|
|
@ -1 +0,0 @@
|
||||||
Synapse now no longer accepts the `-v`/`--verbose`, `-f`/`--log-file`, or `--log-config` command line flags, and removes the deprecated `verbose` and `log_file` configuration file options. Users of these options should migrate their options into the dedicated log configuration.
|
|
1
changelog.d/5680.misc
Normal file
1
changelog.d/5680.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Lay the groundwork for structured logging output.
|
|
@ -1 +0,0 @@
|
||||||
Fix UISIs during homeserver outage.
|
|
|
@ -1 +0,0 @@
|
||||||
Make Jaeger fully configurable.
|
|
|
@ -1 +0,0 @@
|
||||||
Add precautionary measures to prevent future abuse of `window.opener` in default welcome page.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Improve caching when fetching `get_filtered_current_state_ids`.
|
|
|
@ -1 +0,0 @@
|
||||||
Don't accept opentracing data from clients.
|
|
|
@ -1 +0,0 @@
|
||||||
Speed up PostgreSQL unit tests in CI.
|
|
|
@ -1 +0,0 @@
|
||||||
Update the coding style document.
|
|
|
@ -1 +0,0 @@
|
||||||
Improve database query performance when recording retry intervals for remote hosts.
|
|
|
@ -1 +0,0 @@
|
||||||
Add a set of opentracing utils.
|
|
|
@ -1 +0,0 @@
|
||||||
Fix stack overflow in server key lookup code.
|
|
|
@ -1 +0,0 @@
|
||||||
start.sh no longer uses deprecated cli option.
|
|
|
@ -1 +0,0 @@
|
||||||
Synapse now no longer accepts the `-v`/`--verbose`, `-f`/`--log-file`, or `--log-config` command line flags, and removes the deprecated `verbose` and `log_file` configuration file options. Users of these options should migrate their options into the dedicated log configuration.
|
|
|
@ -1 +0,0 @@
|
||||||
Cache result of get_version_string to reduce overhead of `/version` federation requests.
|
|
|
@ -1 +0,0 @@
|
||||||
Return 'user_type' in admin API user endpoints results.
|
|
|
@ -1 +0,0 @@
|
||||||
Add sd_notify hooks to ease systemd integration and allows usage of Type=Notify.
|
|
|
@ -1 +0,0 @@
|
||||||
Don't package the sytest test blacklist file.
|
|
|
@ -1 +0,0 @@
|
||||||
Replace uses of returnValue with plain return, as returnValue is not needed on Python 3.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Blacklist some flakey tests in worker mode.
|
|
|
@ -1 +0,0 @@
|
||||||
Log when we receive an event receipt from an unexpected origin.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Fix some error cases in the caching layer.
|
|
|
@ -1 +0,0 @@
|
||||||
Add a prometheus metric for pending cache lookups.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Stop trying to fetch events with event_id=None.
|
|
|
@ -1 +0,0 @@
|
||||||
Convert RedactionTestCase to modern test style.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
1
changelog.d/5771.feature
Normal file
1
changelog.d/5771.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Make Opentracing work in worker mode.
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Fix debian packaging scripts to correctly build sid packages.
|
|
1
changelog.d/5776.misc
Normal file
1
changelog.d/5776.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Update opentracing docs to use the unified `trace` method.
|
|
@ -1 +0,0 @@
|
||||||
Allow looping calls to be given arguments.
|
|
|
@ -1 +0,0 @@
|
||||||
Remove non-functional 'expire_access_token' setting.
|
|
|
@ -1 +0,0 @@
|
||||||
Synapse can now be configured to not join remote rooms of a given "complexity" (currently, state events) over federation. This option can be used to prevent adverse performance on resource-constrained homeservers.
|
|
|
@ -1 +0,0 @@
|
||||||
Set the logs emitted when checking typing and presence timeouts to DEBUG level, not INFO.
|
|
|
@ -1 +0,0 @@
|
||||||
Fix UISIs during homeserver outage.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
|
@ -1 +0,0 @@
|
||||||
Reduce database IO usage by optimising queries for current membership.
|
|
1
changelog.d/5844.misc
Normal file
1
changelog.d/5844.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Retry well-known lookup before the cache expires, giving a grace period where the remote well-known can be down but we still use the old result.
|
1
changelog.d/5845.feature
Normal file
1
changelog.d/5845.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add an admin API to purge old rooms from the database.
|
1
changelog.d/5850.feature
Normal file
1
changelog.d/5850.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add retry to well-known lookups if we have recently seen a valid well-known record for the server.
|
1
changelog.d/5852.feature
Normal file
1
changelog.d/5852.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Pass opentracing contexts between servers when transmitting EDUs.
|
1
changelog.d/5855.misc
Normal file
1
changelog.d/5855.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Opentracing for room and e2e keys.
|
1
changelog.d/5856.feature
Normal file
1
changelog.d/5856.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add a tag recording a request's authenticated entity and corresponding servlet in opentracing.
|
1
changelog.d/5857.bugfix
Normal file
1
changelog.d/5857.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix database index so that different backup versions can have the same sessions.
|
1
changelog.d/5859.feature
Normal file
1
changelog.d/5859.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add unstable support for MSC2197 (filtered search requests over federation), in order to allow upcoming room directory query performance improvements.
|
1
changelog.d/5860.misc
Normal file
1
changelog.d/5860.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Remove log line for debugging issue #5407.
|
1
changelog.d/5863.bugfix
Normal file
1
changelog.d/5863.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix Synapse looking for config options `password_reset_failure_template` and `password_reset_success_template`, when they are actually `password_reset_template_failure_html`, `password_reset_template_success_html`.
|
1
changelog.d/5864.feature
Normal file
1
changelog.d/5864.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Correctly retry all hosts returned from SRV when we fail to connect.
|
1
changelog.d/5877.removal
Normal file
1
changelog.d/5877.removal
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Remove shared secret registration from client/r0/register endpoint. Contributed by Awesome Technologies Innovationslabor GmbH.
|
1
changelog.d/5878.feature
Normal file
1
changelog.d/5878.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add admin API endpoint for setting whether or not a user is a server administrator.
|
1
changelog.d/5885.bugfix
Normal file
1
changelog.d/5885.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix stack overflow when recovering an appservice which had an outage.
|
1
changelog.d/5886.misc
Normal file
1
changelog.d/5886.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Refactor the Appservice scheduler code.
|
1
changelog.d/5893.misc
Normal file
1
changelog.d/5893.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Drop some unused tables.
|
1
changelog.d/5894.misc
Normal file
1
changelog.d/5894.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add missing index on users_in_public_rooms to improve the performance of directory queries.
|
1
changelog.d/5895.feature
Normal file
1
changelog.d/5895.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add config option to sign remote key query responses with a separate key.
|
1
changelog.d/5896.misc
Normal file
1
changelog.d/5896.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Improve the logging when we have an error when fetching signing keys.
|
1
changelog.d/5897.feature
Normal file
1
changelog.d/5897.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Switch to the v2 lookup API for 3PID invites.
|
1
changelog.d/5900.feature
Normal file
1
changelog.d/5900.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add support for config templating.
|
1
changelog.d/5902.feature
Normal file
1
changelog.d/5902.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Users with the type of "support" or "bot" are no longer required to consent.
|
1
changelog.d/5904.feature
Normal file
1
changelog.d/5904.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Let synctl accept a directory of config files.
|
1
changelog.d/5906.feature
Normal file
1
changelog.d/5906.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Increase max display name size to 256.
|
1
changelog.d/5909.misc
Normal file
1
changelog.d/5909.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix error message which referred to public_base_url instead of public_baseurl. Thanks to @aaronraimist for the fix!
|
1
changelog.d/5911.misc
Normal file
1
changelog.d/5911.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add support for database engine-specific schema deltas, based on file extension.
|
1
changelog.d/5914.feature
Normal file
1
changelog.d/5914.feature
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add admin API endpoint for getting whether or not a user is a server administrator.
|
1
changelog.d/5920.bugfix
Normal file
1
changelog.d/5920.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix a cache-invalidation bug for worker-based deployments.
|
1
changelog.d/5926.misc
Normal file
1
changelog.d/5926.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Add link in sample config to the logging config schema.
|
|
@ -51,4 +51,4 @@ TOKEN=$(sql "SELECT token FROM access_tokens WHERE user_id='$ADMIN' ORDER BY id
|
||||||
# finally start pruning media:
|
# finally start pruning media:
|
||||||
###############################################################################
|
###############################################################################
|
||||||
set -x # for debugging the generated string
|
set -x # for debugging the generated string
|
||||||
curl --header "Authorization: Bearer $TOKEN" -v POST "$API_URL/admin/purge_media_cache/?before_ts=$UNIX_TIMESTAMP"
|
curl --header "Authorization: Bearer $TOKEN" -X POST "$API_URL/admin/purge_media_cache/?before_ts=$UNIX_TIMESTAMP"
|
||||||
|
|
16
debian/changelog
vendored
16
debian/changelog
vendored
|
@ -1,8 +1,18 @@
|
||||||
matrix-synapse-py3 (1.2.1) stable; urgency=medium
|
matrix-synapse-py3 (1.3.1) stable; urgency=medium
|
||||||
|
|
||||||
* New synapse release 1.2.1.
|
* New synapse release 1.3.1.
|
||||||
|
|
||||||
-- Synapse Packaging team <packages@matrix.org> Fri, 26 Jul 2019 11:32:47 +0100
|
-- Synapse Packaging team <packages@matrix.org> Sat, 17 Aug 2019 09:15:49 +0100
|
||||||
|
|
||||||
|
matrix-synapse-py3 (1.3.0) stable; urgency=medium
|
||||||
|
|
||||||
|
[ Andrew Morgan ]
|
||||||
|
* Remove libsqlite3-dev from required build dependencies.
|
||||||
|
|
||||||
|
[ Synapse Packaging team ]
|
||||||
|
* New synapse release 1.3.0.
|
||||||
|
|
||||||
|
-- Synapse Packaging team <packages@matrix.org> Thu, 15 Aug 2019 12:04:23 +0100
|
||||||
|
|
||||||
matrix-synapse-py3 (1.2.0) stable; urgency=medium
|
matrix-synapse-py3 (1.2.0) stable; urgency=medium
|
||||||
|
|
||||||
|
|
1
debian/control
vendored
1
debian/control
vendored
|
@ -15,7 +15,6 @@ Build-Depends:
|
||||||
python3-setuptools,
|
python3-setuptools,
|
||||||
python3-pip,
|
python3-pip,
|
||||||
python3-venv,
|
python3-venv,
|
||||||
libsqlite3-dev,
|
|
||||||
tar,
|
tar,
|
||||||
Standards-Version: 3.9.8
|
Standards-Version: 3.9.8
|
||||||
Homepage: https://github.com/matrix-org/synapse
|
Homepage: https://github.com/matrix-org/synapse
|
||||||
|
|
|
@ -17,7 +17,7 @@ By default, the image expects a single volume, located at ``/data``, that will h
|
||||||
* the appservices configuration.
|
* the appservices configuration.
|
||||||
|
|
||||||
You are free to use separate volumes depending on storage endpoints at your
|
You are free to use separate volumes depending on storage endpoints at your
|
||||||
disposal. For instance, ``/data/media`` coud be stored on a large but low
|
disposal. For instance, ``/data/media`` could be stored on a large but low
|
||||||
performance hdd storage while other files could be stored on high performance
|
performance hdd storage while other files could be stored on high performance
|
||||||
endpoints.
|
endpoints.
|
||||||
|
|
||||||
|
@ -27,8 +27,8 @@ configuration file there. Multiple application services are supported.
|
||||||
|
|
||||||
## Generating a configuration file
|
## Generating a configuration file
|
||||||
|
|
||||||
The first step is to genearte a valid config file. To do this, you can run the
|
The first step is to generate a valid config file. To do this, you can run the
|
||||||
image with the `generate` commandline option.
|
image with the `generate` command line option.
|
||||||
|
|
||||||
You will need to specify values for the `SYNAPSE_SERVER_NAME` and
|
You will need to specify values for the `SYNAPSE_SERVER_NAME` and
|
||||||
`SYNAPSE_REPORT_STATS` environment variable, and mount a docker volume to store
|
`SYNAPSE_REPORT_STATS` environment variable, and mount a docker volume to store
|
||||||
|
@ -59,7 +59,7 @@ The following environment variables are supported in `generate` mode:
|
||||||
* `SYNAPSE_CONFIG_PATH`: path to the file to be generated. Defaults to
|
* `SYNAPSE_CONFIG_PATH`: path to the file to be generated. Defaults to
|
||||||
`<SYNAPSE_CONFIG_DIR>/homeserver.yaml`.
|
`<SYNAPSE_CONFIG_DIR>/homeserver.yaml`.
|
||||||
* `SYNAPSE_DATA_DIR`: where the generated config will put persistent data
|
* `SYNAPSE_DATA_DIR`: where the generated config will put persistent data
|
||||||
such as the datatase and media store. Defaults to `/data`.
|
such as the database and media store. Defaults to `/data`.
|
||||||
* `UID`, `GID`: the user id and group id to use for creating the data
|
* `UID`, `GID`: the user id and group id to use for creating the data
|
||||||
directories. Defaults to `991`, `991`.
|
directories. Defaults to `991`, `991`.
|
||||||
|
|
||||||
|
@ -115,7 +115,7 @@ not given).
|
||||||
|
|
||||||
To migrate from a dynamic configuration file to a static one, run the docker
|
To migrate from a dynamic configuration file to a static one, run the docker
|
||||||
container once with the environment variables set, and `migrate_config`
|
container once with the environment variables set, and `migrate_config`
|
||||||
commandline option. For example:
|
command line option. For example:
|
||||||
|
|
||||||
```
|
```
|
||||||
docker run -it --rm \
|
docker run -it --rm \
|
||||||
|
|
18
docs/admin_api/purge_room.md
Normal file
18
docs/admin_api/purge_room.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
Purge room API
|
||||||
|
==============
|
||||||
|
|
||||||
|
This API will remove all trace of a room from your database.
|
||||||
|
|
||||||
|
All local users must have left the room before it can be removed.
|
||||||
|
|
||||||
|
The API is:
|
||||||
|
|
||||||
|
```
|
||||||
|
POST /_synapse/admin/v1/purge_room
|
||||||
|
|
||||||
|
{
|
||||||
|
"room_id": "!room:id"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
You must authenticate using the access token of an admin user.
|
|
@ -84,3 +84,42 @@ with a body of:
|
||||||
}
|
}
|
||||||
|
|
||||||
including an ``access_token`` of a server admin.
|
including an ``access_token`` of a server admin.
|
||||||
|
|
||||||
|
|
||||||
|
Get whether a user is a server administrator or not
|
||||||
|
===================================================
|
||||||
|
|
||||||
|
|
||||||
|
The api is::
|
||||||
|
|
||||||
|
GET /_synapse/admin/v1/users/<user_id>/admin
|
||||||
|
|
||||||
|
including an ``access_token`` of a server admin.
|
||||||
|
|
||||||
|
A response body like the following is returned:
|
||||||
|
|
||||||
|
.. code:: json
|
||||||
|
|
||||||
|
{
|
||||||
|
"admin": true
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Change whether a user is a server administrator or not
|
||||||
|
======================================================
|
||||||
|
|
||||||
|
Note that you cannot demote yourself.
|
||||||
|
|
||||||
|
The api is::
|
||||||
|
|
||||||
|
PUT /_synapse/admin/v1/users/<user_id>/admin
|
||||||
|
|
||||||
|
with a body of:
|
||||||
|
|
||||||
|
.. code:: json
|
||||||
|
|
||||||
|
{
|
||||||
|
"admin": true
|
||||||
|
}
|
||||||
|
|
||||||
|
including an ``access_token`` of a server admin.
|
||||||
|
|
|
@ -32,7 +32,7 @@ It is up to the remote server to decide what it does with the spans
|
||||||
it creates. This is called the sampling policy and it can be configured
|
it creates. This is called the sampling policy and it can be configured
|
||||||
through Jaeger's settings.
|
through Jaeger's settings.
|
||||||
|
|
||||||
For OpenTracing concepts see
|
For OpenTracing concepts see
|
||||||
https://opentracing.io/docs/overview/what-is-tracing/.
|
https://opentracing.io/docs/overview/what-is-tracing/.
|
||||||
|
|
||||||
For more information about Jaeger's implementation see
|
For more information about Jaeger's implementation see
|
||||||
|
@ -79,7 +79,7 @@ Homeserver whitelisting
|
||||||
|
|
||||||
The homeserver whitelist is configured using regular expressions. A list of regular
|
The homeserver whitelist is configured using regular expressions. A list of regular
|
||||||
expressions can be given and their union will be compared when propagating any
|
expressions can be given and their union will be compared when propagating any
|
||||||
spans contexts to another homeserver.
|
spans contexts to another homeserver.
|
||||||
|
|
||||||
Though it's mostly safe to send and receive span contexts to and from
|
Though it's mostly safe to send and receive span contexts to and from
|
||||||
untrusted users since span contexts are usually opaque ids it can lead to
|
untrusted users since span contexts are usually opaque ids it can lead to
|
||||||
|
@ -92,6 +92,29 @@ two problems, namely:
|
||||||
but that doesn't prevent another server sending you baggage which will be logged
|
but that doesn't prevent another server sending you baggage which will be logged
|
||||||
to OpenTracing's logs.
|
to OpenTracing's logs.
|
||||||
|
|
||||||
|
==========
|
||||||
|
EDU FORMAT
|
||||||
|
==========
|
||||||
|
|
||||||
|
EDUs can contain tracing data in their content. This is not specced but
|
||||||
|
it could be of interest for other homeservers.
|
||||||
|
|
||||||
|
EDU format (if you're using jaeger):
|
||||||
|
|
||||||
|
.. code-block:: json
|
||||||
|
|
||||||
|
{
|
||||||
|
"edu_type": "type",
|
||||||
|
"content": {
|
||||||
|
"org.matrix.opentracing_context": {
|
||||||
|
"uber-trace-id": "fe57cf3e65083289"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Though you don't have to use jaeger you must inject the span context into
|
||||||
|
`org.matrix.opentracing_context` using the opentracing `Format.TEXT_MAP` inject method.
|
||||||
|
|
||||||
==================
|
==================
|
||||||
Configuring Jaeger
|
Configuring Jaeger
|
||||||
==================
|
==================
|
||||||
|
|
|
@ -205,9 +205,9 @@ listeners:
|
||||||
#
|
#
|
||||||
- port: 8008
|
- port: 8008
|
||||||
tls: false
|
tls: false
|
||||||
bind_addresses: ['::1', '127.0.0.1']
|
|
||||||
type: http
|
type: http
|
||||||
x_forwarded: true
|
x_forwarded: true
|
||||||
|
bind_addresses: ['::1', '127.0.0.1']
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
- names: [client, federation]
|
- names: [client, federation]
|
||||||
|
@ -392,10 +392,10 @@ listeners:
|
||||||
# permission to listen on port 80.
|
# permission to listen on port 80.
|
||||||
#
|
#
|
||||||
acme:
|
acme:
|
||||||
# ACME support is disabled by default. Uncomment the following line
|
# ACME support is disabled by default. Set this to `true` and uncomment
|
||||||
# (and tls_certificate_path and tls_private_key_path above) to enable it.
|
# tls_certificate_path and tls_private_key_path above to enable it.
|
||||||
#
|
#
|
||||||
#enabled: true
|
enabled: False
|
||||||
|
|
||||||
# Endpoint to use to request certificates. If you only want to test,
|
# Endpoint to use to request certificates. If you only want to test,
|
||||||
# use Let's Encrypt's staging url:
|
# use Let's Encrypt's staging url:
|
||||||
|
@ -406,17 +406,17 @@ acme:
|
||||||
# Port number to listen on for the HTTP-01 challenge. Change this if
|
# Port number to listen on for the HTTP-01 challenge. Change this if
|
||||||
# you are forwarding connections through Apache/Nginx/etc.
|
# you are forwarding connections through Apache/Nginx/etc.
|
||||||
#
|
#
|
||||||
#port: 80
|
port: 80
|
||||||
|
|
||||||
# Local addresses to listen on for incoming connections.
|
# Local addresses to listen on for incoming connections.
|
||||||
# Again, you may want to change this if you are forwarding connections
|
# Again, you may want to change this if you are forwarding connections
|
||||||
# through Apache/Nginx/etc.
|
# through Apache/Nginx/etc.
|
||||||
#
|
#
|
||||||
#bind_addresses: ['::', '0.0.0.0']
|
bind_addresses: ['::', '0.0.0.0']
|
||||||
|
|
||||||
# How many days remaining on a certificate before it is renewed.
|
# How many days remaining on a certificate before it is renewed.
|
||||||
#
|
#
|
||||||
#reprovision_threshold: 30
|
reprovision_threshold: 30
|
||||||
|
|
||||||
# The domain that the certificate should be for. Normally this
|
# The domain that the certificate should be for. Normally this
|
||||||
# should be the same as your Matrix domain (i.e., 'server_name'), but,
|
# should be the same as your Matrix domain (i.e., 'server_name'), but,
|
||||||
|
@ -430,7 +430,7 @@ acme:
|
||||||
#
|
#
|
||||||
# If not set, defaults to your 'server_name'.
|
# If not set, defaults to your 'server_name'.
|
||||||
#
|
#
|
||||||
#domain: matrix.example.com
|
domain: matrix.example.com
|
||||||
|
|
||||||
# file to use for the account key. This will be generated if it doesn't
|
# file to use for the account key. This will be generated if it doesn't
|
||||||
# exist.
|
# exist.
|
||||||
|
@ -485,7 +485,8 @@ database:
|
||||||
|
|
||||||
## Logging ##
|
## Logging ##
|
||||||
|
|
||||||
# A yaml python logging config file
|
# A yaml python logging config file as described by
|
||||||
|
# https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema
|
||||||
#
|
#
|
||||||
log_config: "CONFDIR/SERVERNAME.log.config"
|
log_config: "CONFDIR/SERVERNAME.log.config"
|
||||||
|
|
||||||
|
@ -565,6 +566,13 @@ log_config: "CONFDIR/SERVERNAME.log.config"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Media Store ##
|
||||||
|
|
||||||
|
# Enable the media store service in the Synapse master. Uncomment the
|
||||||
|
# following if you are using a separate media store worker.
|
||||||
|
#
|
||||||
|
#enable_media_repo: false
|
||||||
|
|
||||||
# Directory where uploaded images and attachments are stored.
|
# Directory where uploaded images and attachments are stored.
|
||||||
#
|
#
|
||||||
media_store_path: "DATADIR/media_store"
|
media_store_path: "DATADIR/media_store"
|
||||||
|
@ -802,6 +810,16 @@ uploads_path: "DATADIR/uploads"
|
||||||
# period: 6w
|
# period: 6w
|
||||||
# renew_at: 1w
|
# renew_at: 1w
|
||||||
# renew_email_subject: "Renew your %(app)s account"
|
# renew_email_subject: "Renew your %(app)s account"
|
||||||
|
# # Directory in which Synapse will try to find the HTML files to serve to the
|
||||||
|
# # user when trying to renew an account. Optional, defaults to
|
||||||
|
# # synapse/res/templates.
|
||||||
|
# template_dir: "res/templates"
|
||||||
|
# # HTML to be displayed to the user after they successfully renewed their
|
||||||
|
# # account. Optional.
|
||||||
|
# account_renewed_html_path: "account_renewed.html"
|
||||||
|
# # HTML to be displayed when the user tries to renew an account with an invalid
|
||||||
|
# # renewal token. Optional.
|
||||||
|
# invalid_token_html_path: "invalid_token.html"
|
||||||
|
|
||||||
# Time that a user's session remains valid for, after they log in.
|
# Time that a user's session remains valid for, after they log in.
|
||||||
#
|
#
|
||||||
|
@ -1010,6 +1028,14 @@ signing_key_path: "CONFDIR/SERVERNAME.signing.key"
|
||||||
#
|
#
|
||||||
#trusted_key_servers:
|
#trusted_key_servers:
|
||||||
# - server_name: "matrix.org"
|
# - server_name: "matrix.org"
|
||||||
|
#
|
||||||
|
|
||||||
|
# The signing keys to use when acting as a trusted key server. If not specified
|
||||||
|
# defaults to the server signing key.
|
||||||
|
#
|
||||||
|
# Can contain multiple keys, one per line.
|
||||||
|
#
|
||||||
|
#key_server_signing_keys_path: "key_server_signing_keys.key"
|
||||||
|
|
||||||
|
|
||||||
# Enable SAML2 for registration and login. Uses pysaml2.
|
# Enable SAML2 for registration and login. Uses pysaml2.
|
||||||
|
|
83
docs/structured_logging.md
Normal file
83
docs/structured_logging.md
Normal file
|
@ -0,0 +1,83 @@
|
||||||
|
# Structured Logging
|
||||||
|
|
||||||
|
A structured logging system can be useful when your logs are destined for a machine to parse and process. By maintaining its machine-readable characteristics, it enables more efficient searching and aggregations when consumed by software such as the "ELK stack".
|
||||||
|
|
||||||
|
Synapse's structured logging system is configured via the file that Synapse's `log_config` config option points to. The file must be YAML and contain `structured: true`. It must contain a list of "drains" (places where logs go to).
|
||||||
|
|
||||||
|
A structured logging configuration looks similar to the following:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
structured: true
|
||||||
|
|
||||||
|
loggers:
|
||||||
|
synapse:
|
||||||
|
level: INFO
|
||||||
|
synapse.storage.SQL:
|
||||||
|
level: WARNING
|
||||||
|
|
||||||
|
drains:
|
||||||
|
console:
|
||||||
|
type: console
|
||||||
|
location: stdout
|
||||||
|
file:
|
||||||
|
type: file_json
|
||||||
|
location: homeserver.log
|
||||||
|
```
|
||||||
|
|
||||||
|
The above logging config will set Synapse as 'INFO' logging level by default, with the SQL layer at 'WARNING', and will have two logging drains (to the console and to a file, stored as JSON).
|
||||||
|
|
||||||
|
## Drain Types
|
||||||
|
|
||||||
|
Drain types can be specified by the `type` key.
|
||||||
|
|
||||||
|
### `console`
|
||||||
|
|
||||||
|
Outputs human-readable logs to the console.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `location`: Either `stdout` or `stderr`.
|
||||||
|
|
||||||
|
### `console_json`
|
||||||
|
|
||||||
|
Outputs machine-readable JSON logs to the console.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `location`: Either `stdout` or `stderr`.
|
||||||
|
|
||||||
|
### `console_json_terse`
|
||||||
|
|
||||||
|
Outputs machine-readable JSON logs to the console, separated by newlines. This
|
||||||
|
format is not designed to be read and re-formatted into human-readable text, but
|
||||||
|
is optimal for a logging aggregation system.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `location`: Either `stdout` or `stderr`.
|
||||||
|
|
||||||
|
### `file`
|
||||||
|
|
||||||
|
Outputs human-readable logs to a file.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `location`: An absolute path to the file to log to.
|
||||||
|
|
||||||
|
### `file_json`
|
||||||
|
|
||||||
|
Outputs machine-readable logs to a file.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `location`: An absolute path to the file to log to.
|
||||||
|
|
||||||
|
### `network_json_terse`
|
||||||
|
|
||||||
|
Delivers machine-readable JSON logs to a log aggregator over TCP. This is
|
||||||
|
compatible with LogStash's TCP input with the codec set to `json_lines`.
|
||||||
|
|
||||||
|
Arguments:
|
||||||
|
|
||||||
|
- `host`: Hostname or IP address of the log aggregator.
|
||||||
|
- `port`: Numerical port to contact on the host.
|
|
@ -206,6 +206,13 @@ Handles the media repository. It can handle all endpoints starting with::
|
||||||
|
|
||||||
/_matrix/media/
|
/_matrix/media/
|
||||||
|
|
||||||
|
And the following regular expressions matching media-specific administration
|
||||||
|
APIs::
|
||||||
|
|
||||||
|
^/_synapse/admin/v1/purge_media_cache$
|
||||||
|
^/_synapse/admin/v1/room/.*/media$
|
||||||
|
^/_synapse/admin/v1/quarantine_media/.*$
|
||||||
|
|
||||||
You should also set ``enable_media_repo: False`` in the shared configuration
|
You should also set ``enable_media_repo: False`` in the shared configuration
|
||||||
file to stop the main synapse running background jobs related to managing the
|
file to stop the main synapse running background jobs related to managing the
|
||||||
media repository.
|
media repository.
|
||||||
|
|
|
@ -35,4 +35,4 @@ try:
|
||||||
except ImportError:
|
except ImportError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
__version__ = "1.2.1"
|
__version__ = "1.3.1"
|
||||||
|
|
|
@ -22,6 +22,7 @@ from netaddr import IPAddress
|
||||||
|
|
||||||
from twisted.internet import defer
|
from twisted.internet import defer
|
||||||
|
|
||||||
|
import synapse.logging.opentracing as opentracing
|
||||||
import synapse.types
|
import synapse.types
|
||||||
from synapse import event_auth
|
from synapse import event_auth
|
||||||
from synapse.api.constants import EventTypes, JoinRules, Membership
|
from synapse.api.constants import EventTypes, JoinRules, Membership
|
||||||
|
@ -178,6 +179,7 @@ class Auth(object):
|
||||||
def get_public_keys(self, invite_event):
|
def get_public_keys(self, invite_event):
|
||||||
return event_auth.get_public_keys(invite_event)
|
return event_auth.get_public_keys(invite_event)
|
||||||
|
|
||||||
|
@opentracing.trace
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def get_user_by_req(
|
def get_user_by_req(
|
||||||
self, request, allow_guest=False, rights="access", allow_expired=False
|
self, request, allow_guest=False, rights="access", allow_expired=False
|
||||||
|
@ -209,6 +211,7 @@ class Auth(object):
|
||||||
user_id, app_service = yield self._get_appservice_user_id(request)
|
user_id, app_service = yield self._get_appservice_user_id(request)
|
||||||
if user_id:
|
if user_id:
|
||||||
request.authenticated_entity = user_id
|
request.authenticated_entity = user_id
|
||||||
|
opentracing.set_tag("authenticated_entity", user_id)
|
||||||
|
|
||||||
if ip_addr and self.hs.config.track_appservice_user_ips:
|
if ip_addr and self.hs.config.track_appservice_user_ips:
|
||||||
yield self.store.insert_client_ip(
|
yield self.store.insert_client_ip(
|
||||||
|
@ -259,6 +262,7 @@ class Auth(object):
|
||||||
)
|
)
|
||||||
|
|
||||||
request.authenticated_entity = user.to_string()
|
request.authenticated_entity = user.to_string()
|
||||||
|
opentracing.set_tag("authenticated_entity", user.to_string())
|
||||||
|
|
||||||
return synapse.types.create_requester(
|
return synapse.types.create_requester(
|
||||||
user, token_id, is_guest, device_id, app_service=app_service
|
user, token_id, is_guest, device_id, app_service=app_service
|
||||||
|
|
|
@ -122,7 +122,8 @@ class UserTypes(object):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
SUPPORT = "support"
|
SUPPORT = "support"
|
||||||
ALL_USER_TYPES = (SUPPORT,)
|
BOT = "bot"
|
||||||
|
ALL_USER_TYPES = (SUPPORT, BOT)
|
||||||
|
|
||||||
|
|
||||||
class RelationTypes(object):
|
class RelationTypes(object):
|
||||||
|
|
|
@ -62,6 +62,7 @@ class Codes(object):
|
||||||
WRONG_ROOM_KEYS_VERSION = "M_WRONG_ROOM_KEYS_VERSION"
|
WRONG_ROOM_KEYS_VERSION = "M_WRONG_ROOM_KEYS_VERSION"
|
||||||
EXPIRED_ACCOUNT = "ORG_MATRIX_EXPIRED_ACCOUNT"
|
EXPIRED_ACCOUNT = "ORG_MATRIX_EXPIRED_ACCOUNT"
|
||||||
INVALID_SIGNATURE = "M_INVALID_SIGNATURE"
|
INVALID_SIGNATURE = "M_INVALID_SIGNATURE"
|
||||||
|
USER_DEACTIVATED = "M_USER_DEACTIVATED"
|
||||||
|
|
||||||
|
|
||||||
class CodeMessageException(RuntimeError):
|
class CodeMessageException(RuntimeError):
|
||||||
|
@ -152,7 +153,7 @@ class UserDeactivatedError(SynapseError):
|
||||||
msg (str): The human-readable error message
|
msg (str): The human-readable error message
|
||||||
"""
|
"""
|
||||||
super(UserDeactivatedError, self).__init__(
|
super(UserDeactivatedError, self).__init__(
|
||||||
code=http_client.FORBIDDEN, msg=msg, errcode=Codes.UNKNOWN
|
code=http_client.FORBIDDEN, msg=msg, errcode=Codes.USER_DEACTIVATED
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -17,10 +17,10 @@ import gc
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
import signal
|
import signal
|
||||||
|
import socket
|
||||||
import sys
|
import sys
|
||||||
import traceback
|
import traceback
|
||||||
|
|
||||||
import sdnotify
|
|
||||||
from daemonize import Daemonize
|
from daemonize import Daemonize
|
||||||
|
|
||||||
from twisted.internet import defer, error, reactor
|
from twisted.internet import defer, error, reactor
|
||||||
|
@ -36,18 +36,20 @@ from synapse.util.versionstring import get_version_string
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
# list of tuples of function, args list, kwargs dict
|
||||||
_sighup_callbacks = []
|
_sighup_callbacks = []
|
||||||
|
|
||||||
|
|
||||||
def register_sighup(func):
|
def register_sighup(func, *args, **kwargs):
|
||||||
"""
|
"""
|
||||||
Register a function to be called when a SIGHUP occurs.
|
Register a function to be called when a SIGHUP occurs.
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
func (function): Function to be called when sent a SIGHUP signal.
|
func (function): Function to be called when sent a SIGHUP signal.
|
||||||
Will be called with a single argument, the homeserver.
|
Will be called with a single default argument, the homeserver.
|
||||||
|
*args, **kwargs: args and kwargs to be passed to the target function.
|
||||||
"""
|
"""
|
||||||
_sighup_callbacks.append(func)
|
_sighup_callbacks.append((func, args, kwargs))
|
||||||
|
|
||||||
|
|
||||||
def start_worker_reactor(appname, config, run_command=reactor.run):
|
def start_worker_reactor(appname, config, run_command=reactor.run):
|
||||||
|
@ -246,13 +248,12 @@ def start(hs, listeners=None):
|
||||||
def handle_sighup(*args, **kwargs):
|
def handle_sighup(*args, **kwargs):
|
||||||
# Tell systemd our state, if we're using it. This will silently fail if
|
# Tell systemd our state, if we're using it. This will silently fail if
|
||||||
# we're not using systemd.
|
# we're not using systemd.
|
||||||
sd_channel = sdnotify.SystemdNotifier()
|
sdnotify(b"RELOADING=1")
|
||||||
sd_channel.notify("RELOADING=1")
|
|
||||||
|
|
||||||
for i in _sighup_callbacks:
|
for i, args, kwargs in _sighup_callbacks:
|
||||||
i(hs)
|
i(hs, *args, **kwargs)
|
||||||
|
|
||||||
sd_channel.notify("READY=1")
|
sdnotify(b"READY=1")
|
||||||
|
|
||||||
signal.signal(signal.SIGHUP, handle_sighup)
|
signal.signal(signal.SIGHUP, handle_sighup)
|
||||||
|
|
||||||
|
@ -308,16 +309,12 @@ def setup_sdnotify(hs):
|
||||||
|
|
||||||
# Tell systemd our state, if we're using it. This will silently fail if
|
# Tell systemd our state, if we're using it. This will silently fail if
|
||||||
# we're not using systemd.
|
# we're not using systemd.
|
||||||
sd_channel = sdnotify.SystemdNotifier()
|
|
||||||
|
|
||||||
hs.get_reactor().addSystemEventTrigger(
|
hs.get_reactor().addSystemEventTrigger(
|
||||||
"after",
|
"after", "startup", sdnotify, b"READY=1\nMAINPID=%i" % (os.getpid(),)
|
||||||
"startup",
|
|
||||||
lambda: sd_channel.notify("READY=1\nMAINPID=%s" % (os.getpid())),
|
|
||||||
)
|
)
|
||||||
|
|
||||||
hs.get_reactor().addSystemEventTrigger(
|
hs.get_reactor().addSystemEventTrigger(
|
||||||
"before", "shutdown", lambda: sd_channel.notify("STOPPING=1")
|
"before", "shutdown", sdnotify, b"STOPPING=1"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -414,3 +411,35 @@ class _DeferredResolutionReceiver(object):
|
||||||
def resolutionComplete(self):
|
def resolutionComplete(self):
|
||||||
self._deferred.callback(())
|
self._deferred.callback(())
|
||||||
self._receiver.resolutionComplete()
|
self._receiver.resolutionComplete()
|
||||||
|
|
||||||
|
|
||||||
|
sdnotify_sockaddr = os.getenv("NOTIFY_SOCKET")
|
||||||
|
|
||||||
|
|
||||||
|
def sdnotify(state):
|
||||||
|
"""
|
||||||
|
Send a notification to systemd, if the NOTIFY_SOCKET env var is set.
|
||||||
|
|
||||||
|
This function is based on the sdnotify python package, but since it's only a few
|
||||||
|
lines of code, it's easier to duplicate it here than to add a dependency on a
|
||||||
|
package which many OSes don't include as a matter of principle.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
state (bytes): notification to send
|
||||||
|
"""
|
||||||
|
if not isinstance(state, bytes):
|
||||||
|
raise TypeError("sdnotify should be called with a bytes")
|
||||||
|
if not sdnotify_sockaddr:
|
||||||
|
return
|
||||||
|
addr = sdnotify_sockaddr
|
||||||
|
if addr[0] == "@":
|
||||||
|
addr = "\0" + addr[1:]
|
||||||
|
|
||||||
|
try:
|
||||||
|
with socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) as sock:
|
||||||
|
sock.connect(addr)
|
||||||
|
sock.sendall(state)
|
||||||
|
except Exception as e:
|
||||||
|
# this is a bit surprising, since we don't expect to have a NOTIFY_SOCKET
|
||||||
|
# unless systemd is expecting us to notify it.
|
||||||
|
logger.warning("Unable to send notification to systemd: %s", e)
|
||||||
|
|
|
@ -227,8 +227,6 @@ def start(config_options):
|
||||||
config.start_pushers = False
|
config.start_pushers = False
|
||||||
config.send_federation = False
|
config.send_federation = False
|
||||||
|
|
||||||
setup_logging(config, use_worker_options=True)
|
|
||||||
|
|
||||||
synapse.events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
synapse.events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
||||||
|
|
||||||
database_engine = create_engine(config.database_config)
|
database_engine = create_engine(config.database_config)
|
||||||
|
@ -241,6 +239,8 @@ def start(config_options):
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
setup_logging(ss, config, use_worker_options=True)
|
||||||
|
|
||||||
ss.setup()
|
ss.setup()
|
||||||
|
|
||||||
# We use task.react as the basic run command as it correctly handles tearing
|
# We use task.react as the basic run command as it correctly handles tearing
|
||||||
|
|
|
@ -141,8 +141,6 @@ def start(config_options):
|
||||||
|
|
||||||
assert config.worker_app == "synapse.app.appservice"
|
assert config.worker_app == "synapse.app.appservice"
|
||||||
|
|
||||||
setup_logging(config, use_worker_options=True)
|
|
||||||
|
|
||||||
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
||||||
|
|
||||||
database_engine = create_engine(config.database_config)
|
database_engine = create_engine(config.database_config)
|
||||||
|
@ -167,6 +165,8 @@ def start(config_options):
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
setup_logging(ps, config, use_worker_options=True)
|
||||||
|
|
||||||
ps.setup()
|
ps.setup()
|
||||||
reactor.addSystemEventTrigger(
|
reactor.addSystemEventTrigger(
|
||||||
"before", "startup", _base.start, ps, config.worker_listeners
|
"before", "startup", _base.start, ps, config.worker_listeners
|
||||||
|
|
|
@ -179,8 +179,6 @@ def start(config_options):
|
||||||
|
|
||||||
assert config.worker_app == "synapse.app.client_reader"
|
assert config.worker_app == "synapse.app.client_reader"
|
||||||
|
|
||||||
setup_logging(config, use_worker_options=True)
|
|
||||||
|
|
||||||
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
||||||
|
|
||||||
database_engine = create_engine(config.database_config)
|
database_engine = create_engine(config.database_config)
|
||||||
|
@ -193,6 +191,8 @@ def start(config_options):
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
setup_logging(ss, config, use_worker_options=True)
|
||||||
|
|
||||||
ss.setup()
|
ss.setup()
|
||||||
reactor.addSystemEventTrigger(
|
reactor.addSystemEventTrigger(
|
||||||
"before", "startup", _base.start, ss, config.worker_listeners
|
"before", "startup", _base.start, ss, config.worker_listeners
|
||||||
|
|
|
@ -175,8 +175,6 @@ def start(config_options):
|
||||||
|
|
||||||
assert config.worker_replication_http_port is not None
|
assert config.worker_replication_http_port is not None
|
||||||
|
|
||||||
setup_logging(config, use_worker_options=True)
|
|
||||||
|
|
||||||
# This should only be done on the user directory worker or the master
|
# This should only be done on the user directory worker or the master
|
||||||
config.update_user_directory = False
|
config.update_user_directory = False
|
||||||
|
|
||||||
|
@ -192,6 +190,8 @@ def start(config_options):
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
setup_logging(ss, config, use_worker_options=True)
|
||||||
|
|
||||||
ss.setup()
|
ss.setup()
|
||||||
reactor.addSystemEventTrigger(
|
reactor.addSystemEventTrigger(
|
||||||
"before", "startup", _base.start, ss, config.worker_listeners
|
"before", "startup", _base.start, ss, config.worker_listeners
|
||||||
|
|
|
@ -160,8 +160,6 @@ def start(config_options):
|
||||||
|
|
||||||
assert config.worker_app == "synapse.app.federation_reader"
|
assert config.worker_app == "synapse.app.federation_reader"
|
||||||
|
|
||||||
setup_logging(config, use_worker_options=True)
|
|
||||||
|
|
||||||
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
events.USE_FROZEN_DICTS = config.use_frozen_dicts
|
||||||
|
|
||||||
database_engine = create_engine(config.database_config)
|
database_engine = create_engine(config.database_config)
|
||||||
|
@ -174,6 +172,8 @@ def start(config_options):
|
||||||
database_engine=database_engine,
|
database_engine=database_engine,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
setup_logging(ss, config, use_worker_options=True)
|
||||||
|
|
||||||
ss.setup()
|
ss.setup()
|
||||||
reactor.addSystemEventTrigger(
|
reactor.addSystemEventTrigger(
|
||||||
"before", "startup", _base.start, ss, config.worker_listeners
|
"before", "startup", _base.start, ss, config.worker_listeners
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue