from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347
with the following changes (so far):
- remove hardcoded list of allowed hosts (strongly disagree with this,
even if it is desired, it should not be harcoded)
- add more allow config options for granularity via URL contains,
host contains, and domain is (explicit match) for security
- warn if a user is allowing all URLs to be previewed for security reasons
- replace an expect with proper error handling
- bump webpage to 2.0
- improved code style a tad
Co-authored-by: rooot <hey@rooot.gay>
Signed-off-by: rooot <hey@rooot.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
Honestly not sure why it wasn't done like this before. This code is much
less awkward to follow and more compartmentalized.
These changes were mainly motivated by a clippy lint triggering on the
original code, which then made me wonder if I could get rid of some of
the `Box`ing. Turns out I could, and this is the result of that.
Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.
i may find a better way to do this in the future, but this should cover
most areas anyways.
Signed-off-by: strawberry <strawberry@puppygock.gay>
amazing that this wasn't done in the first place. a lack of a UA is
suspicious and some providers may block our requests just for the sake
of no UA.
Signed-off-by: strawberry <strawberry@puppygock.gay>
the last endpoint is a non-standard health check endpoint used by at
least Element Web as a weird way to determine if syncv3 is available
there can also be some valid use-cases for serving well-knowns from the
application itself
Signed-off-by: strawberry <strawberry@puppygock.gay>
* feat: replaced flaky argon2 with better argon2 crate
* fix: applied cargo fmt nightly
* docs: added comment specifying what the settings for Argon2 mean
* fix: made hashing error a bit more descriptive
* fix: fixed incorrect value for Kib
split out the spinning disk focused options into a configurable option, current
conduwuit users are NVMe/SSDs anyways so those options are just hindering performance.
rocksdb logging builds up overtime with no cleanup or anything, adds support for
configuring the amount of logging, size of files, log rotate, etc.
fixes https://gitlab.com/girlbossceo/conduwuit/-/issues/1
misc conduit logging improvements for help debugging issues and maybe a future feature
experimental Room V11 support from https://gitlab.com/famedly/conduit/-/merge_requests/562
Signed-off-by: strawberry <strawberry@puppygock.gay>
this project's codebase is so horrendous, im shocked that no one has ran
clippy at all. it had ~200 total lint warnings, some with performance
issues and unsoundness, and the rest just very ugly codebase. i have sat
down and fixed as many of these as possible and i am exhausted.
i haven't fixed some extremely complex ones, but i brought it down from
~200 to ~30.
i have also removed io_uring as a default feature due to it falling
under the same category as linux eBPF: major kernel attack surface for
minimal performance gains. this also makes it impossible to cross-compile
from macOS to Linux because io_uring does not exist in Darwin land.
there are far better ways to achieve better performance than io_uring on
the codebase level.
Signed-off-by: strawberry <june@girlboss.ceo>
Initial implementation done in https://gitlab.com/famedly/conduit/-/merge_requests/507,
*substantially* reworked, corrected, improved by infamous <ehuff007@gmail.com>,
and few parts done by me.
Co-authored-by: infamous <ehuff007@gmail.com>
Signed-off-by: girlbossceo <june@girlboss.ceo>
even though these rooms would be quite broken as they typically would be
super super old rooms, people seem to still complain about conduit not
"supporting" room versions 1 and 2. to make them happy, just make them
as unstable so they can at least join it.
Signed-off-by: girlbossceo <june@girlboss.ceo>
