magmaus3/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Hot-Reloading Refactor

Browse source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk 2024-05-09 15:59:08 -07:00 committed by June 🍓🦴
parent ae1a4fd283
commit 6c1434c165
212 changed files with 5679 additions and 4206 deletions
Download patch file Download diff file Expand all files Collapse all files

253
src/service/globals/mod.rs
View file

@ -3,16 +3,13 @@ use std::{
fs,
future::Future,
path::PathBuf,
sync::{
atomic::{self, AtomicBool},
Arc,
},
time::{Instant, SystemTime},
sync::Arc,
time::Instant,
};
use argon2::Argon2;
use base64::{engine::general_purpose, Engine as _};
pub(crate) use data::Data;
pub use data::Data;
use hickory_resolver::TokioAsyncResolver;
use ipaddress::IPAddress;
use regex::RegexSet;
@ -25,42 +22,46 @@ use ruma::{
DeviceId, OwnedEventId, OwnedRoomId, OwnedServerName, OwnedServerSigningKeyId, OwnedUserId, RoomVersionId,
ServerName, UserId,
};
use tokio::sync::{broadcast, Mutex, RwLock};
use tracing::{error, info, trace};
use tokio::{
sync::{broadcast, Mutex, RwLock},
task::JoinHandle,
};
use tracing::{error, trace};
use url::Url;
use crate::{services, Config, LogLevelReloadHandles, Result};
use crate::{services, Config, Result};
mod client;
mod data;
pub mod data;
pub(crate) mod emerg_access;
pub(crate) mod migrations;
mod resolver;
pub(crate) mod updates;
type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries
pub(crate) struct Service<'a> {
pub(crate) db: &'static dyn Data,
pub struct Service {
pub db: Arc<dyn Data>,
pub(crate) tracing_reload_handle: LogLevelReloadHandles,
pub(crate) config: Config,
pub(crate) cidr_range_denylist: Vec<IPAddress>,
pub config: Config,
pub cidr_range_denylist: Vec<IPAddress>,
keypair: Arc<ruma::signatures::Ed25519KeyPair>,
jwt_decoding_key: Option<jsonwebtoken::DecodingKey>,
pub(crate) resolver: Arc<resolver::Resolver>,
pub(crate) client: client::Client,
pub(crate) stable_room_versions: Vec<RoomVersionId>,
pub(crate) unstable_room_versions: Vec<RoomVersionId>,
pub(crate) bad_event_ratelimiter: Arc<RwLock<HashMap<OwnedEventId, RateLimitState>>>,
pub(crate) bad_signature_ratelimiter: Arc<RwLock<HashMap<Vec<String>, RateLimitState>>>,
pub(crate) bad_query_ratelimiter: Arc<RwLock<HashMap<OwnedServerName, RateLimitState>>>,
pub(crate) roomid_mutex_insert: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>,
pub(crate) roomid_mutex_state: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>,
pub(crate) roomid_mutex_federation: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>, // this lock will be held longer
pub(crate) roomid_federationhandletime: RwLock<HashMap<OwnedRoomId, (OwnedEventId, Instant)>>,
pub(crate) stateres_mutex: Arc<Mutex<()>>,
pub(crate) rotate: RotationHandler,
pub(crate) started: SystemTime,
pub(crate) shutdown: AtomicBool,
pub(crate) argon: Argon2<'a>,
pub resolver: Arc<resolver::Resolver>,
pub client: client::Client,
pub stable_room_versions: Vec<RoomVersionId>,
pub unstable_room_versions: Vec<RoomVersionId>,
pub bad_event_ratelimiter: Arc<RwLock<HashMap<OwnedEventId, RateLimitState>>>,
pub bad_signature_ratelimiter: Arc<RwLock<HashMap<Vec<String>, RateLimitState>>>,
pub bad_query_ratelimiter: Arc<RwLock<HashMap<OwnedServerName, RateLimitState>>>,
pub roomid_mutex_insert: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>,
pub roomid_mutex_state: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>,
pub roomid_mutex_federation: RwLock<HashMap<OwnedRoomId, Arc<Mutex<()>>>>, // this lock will be held longer
pub roomid_federationhandletime: RwLock<HashMap<OwnedRoomId, (OwnedEventId, Instant)>>,
pub updates_handle: Mutex<Option<JoinHandle<()>>>,
pub stateres_mutex: Arc<Mutex<()>>,
pub rotate: RotationHandler,
pub argon: Argon2<'static>,
}
/// Handles "rotation" of long-polling requests. "Rotation" in this context is
@ -68,7 +69,7 @@ pub(crate) struct Service<'a> {
///
/// This is utilized to have sync workers return early and release read locks on
/// the database.
pub(crate) struct RotationHandler(broadcast::Sender<()>, ());
pub struct RotationHandler(broadcast::Sender<()>, ());
impl RotationHandler {
fn new() -> Self {
@ -76,25 +77,22 @@ impl RotationHandler {
Self(s, ())
}
pub(crate) fn watch(&self) -> impl Future<Output = ()> {
pub fn watch(&self) -> impl Future<Output = ()> {
let mut r = self.0.subscribe();
async move {
_ = r.recv().await;
}
}
fn fire(&self) { _ = self.0.send(()); }
pub fn fire(&self) { _ = self.0.send(()); }
}
impl Default for RotationHandler {
fn default() -> Self { Self::new() }
}
impl Service<'_> {
pub(crate) fn load(
db: &'static dyn Data, config: &Config, tracing_reload_handle: LogLevelReloadHandles,
) -> Result<Self> {
impl Service {
pub fn load(db: Arc<dyn Data>, config: &Config) -> Result<Self> {
let keypair = db.load_keypair();
let keypair = match keypair {
@ -140,7 +138,6 @@ impl Service<'_> {
}
let mut s = Self {
tracing_reload_handle,
db,
config: config.clone(),
cidr_range_denylist,
@ -157,10 +154,9 @@ impl Service<'_> {
roomid_mutex_insert: RwLock::new(HashMap::new()),
roomid_mutex_federation: RwLock::new(HashMap::new()),
roomid_federationhandletime: RwLock::new(HashMap::new()),
updates_handle: Mutex::new(None),
stateres_mutex: Arc::new(Mutex::new(())),
rotate: RotationHandler::new(),
started: SystemTime::now(),
shutdown: AtomicBool::new(false),
argon,
};
@ -178,145 +174,141 @@ impl Service<'_> {
}
/// Returns this server's keypair.
pub(crate) fn keypair(&self) -> &ruma::signatures::Ed25519KeyPair { &self.keypair }
pub fn keypair(&self) -> &ruma::signatures::Ed25519KeyPair { &self.keypair }
#[tracing::instrument(skip(self))]
pub(crate) fn next_count(&self) -> Result<u64> { self.db.next_count() }
pub fn next_count(&self) -> Result<u64> { self.db.next_count() }
#[tracing::instrument(skip(self))]
pub(crate) fn current_count(&self) -> Result<u64> { self.db.current_count() }
pub fn current_count(&self) -> Result<u64> { self.db.current_count() }
#[tracing::instrument(skip(self))]
pub(crate) fn last_check_for_updates_id(&self) -> Result<u64> { self.db.last_check_for_updates_id() }
pub fn last_check_for_updates_id(&self) -> Result<u64> { self.db.last_check_for_updates_id() }
#[tracing::instrument(skip(self))]
pub(crate) fn update_check_for_updates_id(&self, id: u64) -> Result<()> { self.db.update_check_for_updates_id(id) }
pub fn update_check_for_updates_id(&self, id: u64) -> Result<()> { self.db.update_check_for_updates_id(id) }
pub(crate) async fn watch(&self, user_id: &UserId, device_id: &DeviceId) -> Result<()> {
pub async fn watch(&self, user_id: &UserId, device_id: &DeviceId) -> Result<()> {
self.db.watch(user_id, device_id).await
}
pub(crate) fn cleanup(&self) -> Result<()> { self.db.cleanup() }
pub fn cleanup(&self) -> Result<()> { self.db.cleanup() }
/// TODO: use this?
#[allow(dead_code)]
pub(crate) fn flush(&self) -> Result<()> { self.db.flush() }
pub fn flush(&self) -> Result<()> { self.db.flush() }
pub(crate) fn server_name(&self) -> &ServerName { self.config.server_name.as_ref() }
pub fn server_name(&self) -> &ServerName { self.config.server_name.as_ref() }
pub(crate) fn max_request_size(&self) -> u32 { self.config.max_request_size }
pub fn max_request_size(&self) -> u32 { self.config.max_request_size }
pub(crate) fn max_fetch_prev_events(&self) -> u16 { self.config.max_fetch_prev_events }
pub fn max_fetch_prev_events(&self) -> u16 { self.config.max_fetch_prev_events }
pub(crate) fn allow_registration(&self) -> bool { self.config.allow_registration }
pub fn allow_registration(&self) -> bool { self.config.allow_registration }
pub(crate) fn allow_guest_registration(&self) -> bool { self.config.allow_guest_registration }
pub fn allow_guest_registration(&self) -> bool { self.config.allow_guest_registration }
pub(crate) fn allow_guests_auto_join_rooms(&self) -> bool { self.config.allow_guests_auto_join_rooms }
pub fn allow_guests_auto_join_rooms(&self) -> bool { self.config.allow_guests_auto_join_rooms }
pub(crate) fn log_guest_registrations(&self) -> bool { self.config.log_guest_registrations }
pub fn log_guest_registrations(&self) -> bool { self.config.log_guest_registrations }
pub(crate) fn allow_encryption(&self) -> bool { self.config.allow_encryption }
pub fn allow_encryption(&self) -> bool { self.config.allow_encryption }
pub(crate) fn allow_federation(&self) -> bool { self.config.allow_federation }
pub fn allow_federation(&self) -> bool { self.config.allow_federation }
pub(crate) fn allow_public_room_directory_over_federation(&self) -> bool {
pub fn allow_public_room_directory_over_federation(&self) -> bool {
self.config.allow_public_room_directory_over_federation
}
pub(crate) fn allow_device_name_federation(&self) -> bool { self.config.allow_device_name_federation }
pub fn allow_device_name_federation(&self) -> bool { self.config.allow_device_name_federation }
pub(crate) fn allow_room_creation(&self) -> bool { self.config.allow_room_creation }
pub fn allow_room_creation(&self) -> bool { self.config.allow_room_creation }
pub(crate) fn allow_unstable_room_versions(&self) -> bool { self.config.allow_unstable_room_versions }
pub fn allow_unstable_room_versions(&self) -> bool { self.config.allow_unstable_room_versions }
pub(crate) fn default_room_version(&self) -> RoomVersionId { self.config.default_room_version.clone() }
pub fn default_room_version(&self) -> RoomVersionId { self.config.default_room_version.clone() }
pub(crate) fn new_user_displayname_suffix(&self) -> &String { &self.config.new_user_displayname_suffix }
pub fn new_user_displayname_suffix(&self) -> &String { &self.config.new_user_displayname_suffix }
pub(crate) fn allow_check_for_updates(&self) -> bool { self.config.allow_check_for_updates }
pub fn allow_check_for_updates(&self) -> bool { self.config.allow_check_for_updates }
pub(crate) fn trusted_servers(&self) -> &[OwnedServerName] { &self.config.trusted_servers }
pub fn trusted_servers(&self) -> &[OwnedServerName] { &self.config.trusted_servers }
pub(crate) fn query_trusted_key_servers_first(&self) -> bool { self.config.query_trusted_key_servers_first }
pub fn query_trusted_key_servers_first(&self) -> bool { self.config.query_trusted_key_servers_first }
pub(crate) fn dns_resolver(&self) -> &TokioAsyncResolver { &self.resolver.resolver }
pub fn dns_resolver(&self) -> &TokioAsyncResolver { &self.resolver.resolver }
pub(crate) fn actual_destinations(&self) -> &Arc<RwLock<resolver::WellKnownMap>> { &self.resolver.destinations }
pub fn actual_destinations(&self) -> &Arc<RwLock<resolver::WellKnownMap>> { &self.resolver.destinations }
pub(crate) fn jwt_decoding_key(&self) -> Option<&jsonwebtoken::DecodingKey> { self.jwt_decoding_key.as_ref() }
pub fn jwt_decoding_key(&self) -> Option<&jsonwebtoken::DecodingKey> { self.jwt_decoding_key.as_ref() }
pub(crate) fn turn_password(&self) -> &String { &self.config.turn_password }
pub fn turn_password(&self) -> &String { &self.config.turn_password }
pub(crate) fn turn_ttl(&self) -> u64 { self.config.turn_ttl }
pub fn turn_ttl(&self) -> u64 { self.config.turn_ttl }
pub(crate) fn turn_uris(&self) -> &[String] { &self.config.turn_uris }
pub fn turn_uris(&self) -> &[String] { &self.config.turn_uris }
pub(crate) fn turn_username(&self) -> &String { &self.config.turn_username }
pub fn turn_username(&self) -> &String { &self.config.turn_username }
pub(crate) fn turn_secret(&self) -> &String { &self.config.turn_secret }
pub fn turn_secret(&self) -> &String { &self.config.turn_secret }
pub(crate) fn allow_profile_lookup_federation_requests(&self) -> bool {
pub fn allow_profile_lookup_federation_requests(&self) -> bool {
self.config.allow_profile_lookup_federation_requests
}
pub(crate) fn notification_push_path(&self) -> &String { &self.config.notification_push_path }
pub fn notification_push_path(&self) -> &String { &self.config.notification_push_path }
pub(crate) fn emergency_password(&self) -> &Option<String> { &self.config.emergency_password }
pub fn emergency_password(&self) -> &Option<String> { &self.config.emergency_password }
pub(crate) fn url_preview_domain_contains_allowlist(&self) -> &Vec<String> {
pub fn url_preview_domain_contains_allowlist(&self) -> &Vec<String> {
&self.config.url_preview_domain_contains_allowlist
}
pub(crate) fn url_preview_domain_explicit_allowlist(&self) -> &Vec<String> {
pub fn url_preview_domain_explicit_allowlist(&self) -> &Vec<String> {
&self.config.url_preview_domain_explicit_allowlist
}
pub(crate) fn url_preview_domain_explicit_denylist(&self) -> &Vec<String> {
pub fn url_preview_domain_explicit_denylist(&self) -> &Vec<String> {
&self.config.url_preview_domain_explicit_denylist
}
pub(crate) fn url_preview_url_contains_allowlist(&self) -> &Vec<String> {
&self.config.url_preview_url_contains_allowlist
}
pub fn url_preview_url_contains_allowlist(&self) -> &Vec<String> { &self.config.url_preview_url_contains_allowlist }
pub(crate) fn url_preview_max_spider_size(&self) -> usize { self.config.url_preview_max_spider_size }
pub fn url_preview_max_spider_size(&self) -> usize { self.config.url_preview_max_spider_size }
pub(crate) fn url_preview_check_root_domain(&self) -> bool { self.config.url_preview_check_root_domain }
pub fn url_preview_check_root_domain(&self) -> bool { self.config.url_preview_check_root_domain }
pub(crate) fn forbidden_alias_names(&self) -> &RegexSet { &self.config.forbidden_alias_names }
pub fn forbidden_alias_names(&self) -> &RegexSet { &self.config.forbidden_alias_names }
pub(crate) fn forbidden_usernames(&self) -> &RegexSet { &self.config.forbidden_usernames }
pub fn forbidden_usernames(&self) -> &RegexSet { &self.config.forbidden_usernames }
pub(crate) fn allow_local_presence(&self) -> bool { self.config.allow_local_presence }
pub fn allow_local_presence(&self) -> bool { self.config.allow_local_presence }
pub(crate) fn allow_incoming_presence(&self) -> bool { self.config.allow_incoming_presence }
pub fn allow_incoming_presence(&self) -> bool { self.config.allow_incoming_presence }
pub(crate) fn allow_outgoing_presence(&self) -> bool { self.config.allow_outgoing_presence }
pub fn allow_outgoing_presence(&self) -> bool { self.config.allow_outgoing_presence }
pub(crate) fn allow_incoming_read_receipts(&self) -> bool { self.config.allow_incoming_read_receipts }
pub fn allow_incoming_read_receipts(&self) -> bool { self.config.allow_incoming_read_receipts }
pub(crate) fn allow_outgoing_read_receipts(&self) -> bool { self.config.allow_outgoing_read_receipts }
pub fn allow_outgoing_read_receipts(&self) -> bool { self.config.allow_outgoing_read_receipts }
pub(crate) fn prevent_media_downloads_from(&self) -> &[OwnedServerName] {
&self.config.prevent_media_downloads_from
}
pub fn prevent_media_downloads_from(&self) -> &[OwnedServerName] { &self.config.prevent_media_downloads_from }
pub(crate) fn forbidden_remote_room_directory_server_names(&self) -> &[OwnedServerName] {
pub fn forbidden_remote_room_directory_server_names(&self) -> &[OwnedServerName] {
&self.config.forbidden_remote_room_directory_server_names
}
pub(crate) fn well_known_support_page(&self) -> &Option<Url> { &self.config.well_known.support_page }
pub fn well_known_support_page(&self) -> &Option<Url> { &self.config.well_known.support_page }
pub(crate) fn well_known_support_role(&self) -> &Option<ContactRole> { &self.config.well_known.support_role }
pub fn well_known_support_role(&self) -> &Option<ContactRole> { &self.config.well_known.support_role }
pub(crate) fn well_known_support_email(&self) -> &Option<String> { &self.config.well_known.support_email }
pub fn well_known_support_email(&self) -> &Option<String> { &self.config.well_known.support_email }
pub(crate) fn well_known_support_mxid(&self) -> &Option<OwnedUserId> { &self.config.well_known.support_mxid }
pub fn well_known_support_mxid(&self) -> &Option<OwnedUserId> { &self.config.well_known.support_mxid }
pub(crate) fn block_non_admin_invites(&self) -> bool { self.config.block_non_admin_invites }
pub fn block_non_admin_invites(&self) -> bool { self.config.block_non_admin_invites }
pub(crate) fn supported_room_versions(&self) -> Vec<RoomVersionId> {
pub fn supported_room_versions(&self) -> Vec<RoomVersionId> {
let mut room_versions: Vec<RoomVersionId> = vec![];
room_versions.extend(self.stable_room_versions.clone());
if self.allow_unstable_room_versions() {
@ -332,7 +324,7 @@ impl Service<'_> {
///
/// This doesn't actually check that the keys provided are newer than the
/// old set.
pub(crate) fn add_signing_key(
pub fn add_signing_key(
&self, origin: &ServerName, new_keys: ServerSigningKeys,
) -> Result<BTreeMap<OwnedServerSigningKeyId, VerifyKey>> {
self.db.add_signing_key(origin, new_keys)
@ -340,7 +332,7 @@ impl Service<'_> {
/// This returns an empty `Ok(BTreeMap<..>)` when there are no keys found
/// for the server.
pub(crate) fn signing_keys_for(&self, origin: &ServerName) -> Result<BTreeMap<OwnedServerSigningKeyId, VerifyKey>> {
pub fn signing_keys_for(&self, origin: &ServerName) -> Result<BTreeMap<OwnedServerSigningKeyId, VerifyKey>> {
let mut keys = self.db.signing_keys_for(origin)?;
if origin == self.server_name() {
keys.insert(
@ -356,13 +348,11 @@ impl Service<'_> {
Ok(keys)
}
pub(crate) fn database_version(&self) -> Result<u64> { self.db.database_version() }
pub fn database_version(&self) -> Result<u64> { self.db.database_version() }
pub(crate) fn bump_database_version(&self, new_version: u64) -> Result<()> {
self.db.bump_database_version(new_version)
}
pub fn bump_database_version(&self, new_version: u64) -> Result<()> { self.db.bump_database_version(new_version) }
pub(crate) fn get_media_folder(&self) -> PathBuf {
pub fn get_media_folder(&self) -> PathBuf {
let mut r = PathBuf::new();
r.push(self.config.database_path.clone());
r.push("media");
@ -373,7 +363,7 @@ impl Service<'_> {
/// flag enabled and database migrated uses SHA256 hash of the base64 key as
/// the file name
#[cfg(feature = "sha256_media")]
pub(crate) fn get_media_file_new(&self, key: &[u8]) -> PathBuf {
pub fn get_media_file_new(&self, key: &[u8]) -> PathBuf {
let mut r = PathBuf::new();
r.push(self.config.database_path.clone());
r.push("media");
@ -387,7 +377,7 @@ impl Service<'_> {
/// old base64 file name media function
/// This is the old version of `get_media_file` that uses the full base64
/// key as the filename.
pub(crate) fn get_media_file(&self, key: &[u8]) -> PathBuf {
pub fn get_media_file(&self, key: &[u8]) -> PathBuf {
let mut r = PathBuf::new();
r.push(self.config.database_path.clone());
r.push("media");
@ -395,13 +385,13 @@ impl Service<'_> {
r
}
pub(crate) fn well_known_client(&self) -> &Option<Url> { &self.config.well_known.client }
pub fn well_known_client(&self) -> &Option<Url> { &self.config.well_known.client }
pub(crate) fn well_known_server(&self) -> &Option<OwnedServerName> { &self.config.well_known.server }
pub fn well_known_server(&self) -> &Option<OwnedServerName> { &self.config.well_known.server }
pub(crate) fn unix_socket_path(&self) -> &Option<PathBuf> { &self.config.unix_socket_path }
pub fn unix_socket_path(&self) -> &Option<PathBuf> { &self.config.unix_socket_path }
pub(crate) fn valid_cidr_range(&self, ip: &IPAddress) -> bool {
pub fn valid_cidr_range(&self, ip: &IPAddress) -> bool {
for cidr in &self.cidr_range_denylist {
if cidr.includes(ip) {
return false;
@ -410,24 +400,13 @@ impl Service<'_> {
true
}
pub(crate) fn shutdown(&self) {
self.shutdown.store(true, atomic::Ordering::Relaxed);
// On shutdown
if self.unix_socket_path().is_some() {
match &self.unix_socket_path() {
Some(path) => {
fs::remove_file(path).unwrap();
},
None => error!(
"Unable to remove socket file at {:?} during shutdown.",
&self.unix_socket_path()
),
};
};
info!(target: "shutdown-sync", "Received shutdown notification, notifying sync helpers...");
services().globals.rotate.fire();
}
}
#[inline]
#[must_use]
pub fn server_is_ours(server_name: &ServerName) -> bool { server_name == services().globals.config.server_name }
/// checks if `user_id` is local to us via server_name comparison
#[inline]
#[must_use]
pub fn user_is_local(user_id: &UserId) -> bool { server_is_ours(user_id.server_name()) }