Compare commits
17 commits
alpine-pac
...
illegal-ca
| Author | SHA1 | Date | |
|---|---|---|---|
|
6250b07f6a | ||
|
94f2792d99 | ||
|
737f9b9788 | ||
|
|
942308ea57 | ||
|
|
8ccdec6516 | ||
|
|
80da18a325 | ||
|
531170594d | ||
|
|
1aafd1163d | ||
|
|
a9d9580aa4 | ||
|
|
1518ce0878 | ||
|
|
2e8abe1071 | ||
|
|
0c09c3651b | ||
|
|
0c5e4fdc20 | ||
|
|
2c043cfabf | ||
|
ebfbca59a7 | ||
|
|
78c2a07524 | ||
|
|
1c8ca527db |
16 changed files with 317 additions and 142 deletions
|
|
@ -57,17 +57,17 @@ jobs:
|
|||
run: npm install --save-dev wrangler@latest
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Production)
|
||||
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
|
||||
if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./public --branch=main --commit-dirty=true --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
command: pages deploy ./public --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Preview)
|
||||
if: ${{ github.event_name != 'push' || github.ref != 'refs/heads/main' }}
|
||||
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./public --branch=${{ github.head_ref }} --commit-dirty=true --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
command: pages deploy ./public --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
|
|
|
|||
127
.forgejo/workflows/element.yml
Normal file
127
.forgejo/workflows/element.yml
Normal file
|
|
@ -0,0 +1,127 @@
|
|||
name: Deploy Element Web
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency:
|
||||
group: "element-${{ github.ref }}"
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
name: Build and Deploy Element Web
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Setup Node.js
|
||||
uses: https://code.forgejo.org/actions/setup-node@v4
|
||||
with:
|
||||
node-version: "20"
|
||||
|
||||
- name: Clone, setup, and build Element Web
|
||||
run: |
|
||||
echo "Cloning Element Web..."
|
||||
git clone https://github.com/maunium/element-web
|
||||
cd element-web
|
||||
git checkout develop
|
||||
git pull
|
||||
|
||||
echo "Cloning matrix-js-sdk..."
|
||||
git clone https://github.com/matrix-org/matrix-js-sdk.git
|
||||
|
||||
echo "Installing Yarn..."
|
||||
npm install -g yarn
|
||||
|
||||
echo "Installing dependencies..."
|
||||
yarn install
|
||||
|
||||
echo "Preparing build environment..."
|
||||
mkdir -p .home
|
||||
|
||||
echo "Cleaning up specific node_modules paths..."
|
||||
rm -rf node_modules/@types/eslint-scope/ matrix-*-sdk/node_modules/@types/eslint-scope || echo "Cleanup paths not found, continuing."
|
||||
|
||||
echo "Getting matrix-js-sdk commit hash..."
|
||||
cd matrix-js-sdk
|
||||
jsver=$(git rev-parse HEAD)
|
||||
jsver=${jsver:0:12}
|
||||
cd ..
|
||||
echo "matrix-js-sdk version hash: $jsver"
|
||||
|
||||
echo "Getting element-web commit hash..."
|
||||
ver=$(git rev-parse HEAD)
|
||||
ver=${ver:0:12}
|
||||
echo "element-web version hash: $ver"
|
||||
|
||||
chmod +x ./build-sh
|
||||
|
||||
export VERSION="$ver-js-$jsver"
|
||||
echo "Building Element Web version: $VERSION"
|
||||
./build-sh
|
||||
|
||||
echo "Checking for build output..."
|
||||
ls -la webapp/
|
||||
|
||||
- name: Create config.json
|
||||
run: |
|
||||
cat <<EOF > ./element-web/webapp/config.json
|
||||
{
|
||||
"default_server_name": "continuwuity.org",
|
||||
"default_server_config": {
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.continuwuity.org"
|
||||
}
|
||||
},
|
||||
"default_country_code": "GB",
|
||||
"default_theme": "dark",
|
||||
"mobile_guide_toast": false,
|
||||
"show_labs_settings": true,
|
||||
"room_directory": [
|
||||
"continuwuity.org",
|
||||
"matrixrooms.info"
|
||||
],
|
||||
"settings_defaults": {
|
||||
"UIFeature.urlPreviews": true,
|
||||
"UIFeature.feedback": false,
|
||||
"UIFeature.voip": false,
|
||||
"UIFeature.shareQrCode": false,
|
||||
"UIFeature.shareSocial": false,
|
||||
"UIFeature.locationSharing": false,
|
||||
"enableSyntaxHighlightLanguageDetection": true
|
||||
},
|
||||
"features": {
|
||||
"feature_pinning": true,
|
||||
"feature_custom_themes": true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
echo "Created ./element-web/webapp/config.json"
|
||||
cat ./element-web/webapp/config.json
|
||||
|
||||
- name: Upload Artifact
|
||||
uses: https://code.forgejo.org/actions/upload-artifact@v3
|
||||
with:
|
||||
name: element-web
|
||||
path: ./element-web/webapp/
|
||||
retention-days: 14
|
||||
|
||||
- name: Install Wrangler
|
||||
run: npm install --save-dev wrangler@latest
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Production)
|
||||
if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./element-web/webapp --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Preview)
|
||||
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./element-web/webapp --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
|
||||
|
|
@ -1,24 +1,25 @@
|
|||
name: Release Docker Image
|
||||
concurrency:
|
||||
concurrency:
|
||||
group: "release-image-${{ github.ref }}"
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
paths-ignore:
|
||||
- '.gitlab-ci.yml'
|
||||
- '.gitignore'
|
||||
- 'renovate.json'
|
||||
- 'debian/**'
|
||||
- 'docker/**'
|
||||
- 'docs/**'
|
||||
- "*.md"
|
||||
- "**/*.md"
|
||||
- ".gitlab-ci.yml"
|
||||
- ".gitignore"
|
||||
- "renovate.json"
|
||||
- "debian/**"
|
||||
- "docker/**"
|
||||
- "docs/**"
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
BUILTIN_REGISTRY: forgejo.ellis.link
|
||||
BUILTIN_REGISTRY_ENABLED: "${{ ((vars.BUILTIN_REGISTRY_USER && secrets.BUILTIN_REGISTRY_PASSWORD) || (github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false)) && 'true' || 'false' }}"
|
||||
|
||||
BUILTIN_REGISTRY: forgejo.ellis.link
|
||||
BUILTIN_REGISTRY_ENABLED: "${{ ((vars.BUILTIN_REGISTRY_USER && secrets.BUILTIN_REGISTRY_PASSWORD) || (github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false)) && 'true' || 'false' }}"
|
||||
|
||||
jobs:
|
||||
define-variables:
|
||||
|
|
@ -37,7 +38,7 @@ jobs:
|
|||
script: |
|
||||
const githubRepo = '${{ github.repository }}'.toLowerCase()
|
||||
const repoId = githubRepo.split('/')[1]
|
||||
|
||||
|
||||
core.setOutput('github_repository', githubRepo)
|
||||
const builtinImage = '${{ env.BUILTIN_REGISTRY }}/' + githubRepo
|
||||
let images = []
|
||||
|
|
@ -48,7 +49,7 @@ jobs:
|
|||
core.setOutput('images_list', images.join(","))
|
||||
const platforms = ['linux/amd64', 'linux/arm64']
|
||||
core.setOutput('build_matrix', JSON.stringify({
|
||||
platform: platforms,
|
||||
platform: platforms,
|
||||
include: platforms.map(platform => { return {
|
||||
platform,
|
||||
slug: platform.replace('/', '-')
|
||||
|
|
@ -65,22 +66,15 @@ jobs:
|
|||
attestations: write
|
||||
id-token: write
|
||||
strategy:
|
||||
matrix: {
|
||||
"include": [
|
||||
{
|
||||
"platform": "linux/amd64",
|
||||
"slug": "linux-amd64"
|
||||
},
|
||||
{
|
||||
"platform": "linux/arm64",
|
||||
"slug": "linux-arm64"
|
||||
}
|
||||
],
|
||||
"platform": [
|
||||
"linux/amd64",
|
||||
"linux/arm64"
|
||||
]
|
||||
}
|
||||
matrix:
|
||||
{
|
||||
"include":
|
||||
[
|
||||
{ "platform": "linux/amd64", "slug": "linux-amd64" },
|
||||
{ "platform": "linux/arm64", "slug": "linux-arm64" },
|
||||
],
|
||||
"platform": ["linux/amd64", "linux/arm64"],
|
||||
}
|
||||
steps:
|
||||
- name: Echo strategy
|
||||
run: echo '${{ toJSON(fromJSON(needs.define-variables.outputs.build_matrix)) }}'
|
||||
|
|
@ -105,9 +99,9 @@ jobs:
|
|||
- name: Login to builtin registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
|
||||
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
|
||||
- name: Extract metadata (labels, annotations) for Docker
|
||||
|
|
@ -165,7 +159,7 @@ jobs:
|
|||
run: |
|
||||
mkdir -p /tmp/digests
|
||||
digest="${{ steps.build.outputs.digest }}"
|
||||
touch "/tmp/digests/${digest#sha256:}"
|
||||
touch "/tmp/digests/${digest#sha256:}"
|
||||
|
||||
- name: Upload digest
|
||||
uses: forgejo/upload-artifact@v4
|
||||
|
|
@ -174,7 +168,7 @@ jobs:
|
|||
path: /tmp/digests/*
|
||||
if-no-files-found: error
|
||||
retention-days: 1
|
||||
|
||||
|
||||
merge:
|
||||
runs-on: dind
|
||||
container: ghcr.io/catthehacker/ubuntu:act-latest
|
||||
|
|
@ -190,9 +184,9 @@ jobs:
|
|||
- name: Login to builtin registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
|
@ -211,7 +205,7 @@ jobs:
|
|||
images: ${{needs.define-variables.outputs.images}}
|
||||
# default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
|
||||
env:
|
||||
DOCKER_METADATA_ANNOTATIONS_LEVELS: index
|
||||
DOCKER_METADATA_ANNOTATIONS_LEVELS: index
|
||||
|
||||
- name: Create manifest list and push
|
||||
working-directory: /tmp/digests
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
# Contributor Covenant Code of Conduct
|
||||
|
||||
## Our Pledge
|
||||
|
|
@ -60,8 +59,7 @@ representative at an online or offline event.
|
|||
## Enforcement
|
||||
|
||||
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
||||
reported to the community leaders responsible for enforcement over email at
|
||||
<strawberry@puppygock.gay> or over Matrix at @strawberry:puppygock.gay.
|
||||
reported to the community leaders responsible for enforcement over Matrix at [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org) or email at <tom@tcpip.uk>, <jade@continuwuity.org> and <nex@continuwuity.org> respectively.
|
||||
All complaints will be reviewed and investigated promptly and fairly.
|
||||
|
||||
All community leaders are obligated to respect the privacy and security of the
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ This page is for about contributing to conduwuit. The
|
|||
[development](./development.md) page may be of interest for you as well.
|
||||
|
||||
If you would like to work on an [issue][issues] that is not assigned, preferably
|
||||
ask in the Matrix room first at [#conduwuit:puppygock.gay][conduwuit-matrix],
|
||||
ask in the Matrix room first at [#continuwuity:continuwuity.org][continuwuity-matrix],
|
||||
and comment on it.
|
||||
|
||||
### Linting and Formatting
|
||||
|
|
@ -23,9 +23,9 @@ suggestion, allow the lint and mention that in a comment.
|
|||
|
||||
### Running CI tests locally
|
||||
|
||||
conduwuit's CI for tests, linting, formatting, audit, etc use
|
||||
continuwuity's CI for tests, linting, formatting, audit, etc use
|
||||
[`engage`][engage]. engage can be installed from nixpkgs or `cargo install
|
||||
engage`. conduwuit's Nix flake devshell has the nixpkgs engage with `direnv`.
|
||||
engage`. continuwuity's Nix flake devshell has the nixpkgs engage with `direnv`.
|
||||
Use `engage --help` for more usage details.
|
||||
|
||||
To test, format, lint, etc that CI would do, install engage, allow the `.envrc`
|
||||
|
|
@ -111,33 +111,28 @@ applies here.
|
|||
|
||||
### Creating pull requests
|
||||
|
||||
Please try to keep contributions to the GitHub. While the mirrors of conduwuit
|
||||
allow for pull/merge requests, there is no guarantee I will see them in a timely
|
||||
Please try to keep contributions to the Forgejo Instance. While the mirrors of continuwuity
|
||||
allow for pull/merge requests, there is no guarantee the maintainers will see them in a timely
|
||||
manner. Additionally, please mark WIP or unfinished or incomplete PRs as drafts.
|
||||
This prevents me from having to ping once in a while to double check the status
|
||||
This prevents us from having to ping once in a while to double check the status
|
||||
of it, especially when the CI completed successfully and everything so it
|
||||
*looks* done.
|
||||
|
||||
If you open a pull request on one of the mirrors, it is your responsibility to
|
||||
inform me about its existence. In the future I may try to solve this with more
|
||||
repo bots in the conduwuit Matrix room. There is no mailing list or email-patch
|
||||
support on the sr.ht mirror, but if you'd like to email me a git patch you can
|
||||
do so at `strawberry@puppygock.gay`.
|
||||
|
||||
Direct all PRs/MRs to the `main` branch.
|
||||
|
||||
By sending a pull request or patch, you are agreeing that your changes are
|
||||
allowed to be licenced under the Apache-2.0 licence and all of your conduct is
|
||||
in line with the Contributor's Covenant, and conduwuit's Code of Conduct.
|
||||
in line with the Contributor's Covenant, and continuwuity's Code of Conduct.
|
||||
|
||||
Contribution by users who violate either of these code of conducts will not have
|
||||
their contributions accepted. This includes users who have been banned from
|
||||
conduwuit Matrix rooms for Code of Conduct violations.
|
||||
continuwuityMatrix rooms for Code of Conduct violations.
|
||||
|
||||
[issues]: https://github.com/girlbossceo/conduwuit/issues
|
||||
[conduwuit-matrix]: https://matrix.to/#/#conduwuit:puppygock.gay
|
||||
[issues]: https://forgejo.ellis.link/continuwuation/continuwuity/issues
|
||||
[continuwuity-matrix]: https://matrix.to/#/#continuwuity:continuwuity.org
|
||||
[complement]: https://github.com/matrix-org/complement/
|
||||
[engage.toml]: https://github.com/girlbossceo/conduwuit/blob/main/engage.toml
|
||||
[engage.toml]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/engage.toml
|
||||
[engage]: https://charles.page.computer.surgery/engage/
|
||||
[sytest]: https://github.com/matrix-org/sytest/
|
||||
[cargo-deb]: https://github.com/kornelski/cargo-deb
|
||||
|
|
@ -146,4 +141,4 @@ conduwuit Matrix rooms for Code of Conduct violations.
|
|||
[cargo-audit]: https://github.com/RustSec/rustsec/tree/main/cargo-audit
|
||||
[direnv]: https://direnv.net/
|
||||
[mdbook]: https://rust-lang.github.io/mdBook/
|
||||
[documentation.yml]: https://github.com/girlbossceo/conduwuit/blob/main/.github/workflows/documentation.yml
|
||||
[documentation.yml]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/.forgejo/workflows/documentation.yml
|
||||
|
|
|
|||
22
Cargo.lock
generated
22
Cargo.lock
generated
|
|
@ -3652,7 +3652,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma"
|
||||
version = "0.10.1"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"assign",
|
||||
"js_int",
|
||||
|
|
@ -3672,7 +3672,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-appservice-api"
|
||||
version = "0.10.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"js_int",
|
||||
"ruma-common",
|
||||
|
|
@ -3684,7 +3684,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-client-api"
|
||||
version = "0.18.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"as_variant",
|
||||
"assign",
|
||||
|
|
@ -3707,7 +3707,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-common"
|
||||
version = "0.13.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"as_variant",
|
||||
"base64 0.22.1",
|
||||
|
|
@ -3739,7 +3739,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-events"
|
||||
version = "0.28.1"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"as_variant",
|
||||
"indexmap 2.8.0",
|
||||
|
|
@ -3764,7 +3764,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-federation-api"
|
||||
version = "0.9.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"bytes",
|
||||
"headers",
|
||||
|
|
@ -3786,7 +3786,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-identifiers-validation"
|
||||
version = "0.9.5"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"js_int",
|
||||
"thiserror 2.0.12",
|
||||
|
|
@ -3795,7 +3795,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-identity-service-api"
|
||||
version = "0.9.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"js_int",
|
||||
"ruma-common",
|
||||
|
|
@ -3805,7 +3805,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-macros"
|
||||
version = "0.13.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
"proc-macro-crate",
|
||||
|
|
@ -3820,7 +3820,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-push-gateway-api"
|
||||
version = "0.9.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"js_int",
|
||||
"ruma-common",
|
||||
|
|
@ -3832,7 +3832,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "ruma-signatures"
|
||||
version = "0.15.0"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=652cc4864203ab7ca60cf9c47b931c0385304cc7#652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d6870a7fb7f6cccff63f7fd0ff6c581bad80e983#d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
dependencies = [
|
||||
"base64 0.22.1",
|
||||
"ed25519-dalek",
|
||||
|
|
|
|||
|
|
@ -350,7 +350,7 @@ version = "0.1.2"
|
|||
[workspace.dependencies.ruma]
|
||||
git = "https://forgejo.ellis.link/continuwuation/ruwuma"
|
||||
#branch = "conduwuit-changes"
|
||||
rev = "652cc4864203ab7ca60cf9c47b931c0385304cc7"
|
||||
rev = "d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
features = [
|
||||
"compat",
|
||||
"rand",
|
||||
|
|
|
|||
|
|
@ -1182,23 +1182,13 @@
|
|||
#
|
||||
#prune_missing_media = false
|
||||
|
||||
# Vector list of regex patterns of server names that conduwuit will refuse
|
||||
# to download remote media from.
|
||||
#
|
||||
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
#
|
||||
#prevent_media_downloads_from = []
|
||||
|
||||
# List of forbidden server names via regex patterns that we will block
|
||||
# incoming AND outgoing federation with, and block client room joins /
|
||||
# remote user invites.
|
||||
#
|
||||
# Additionally, it will hide messages from these servers for all users
|
||||
# on this server.
|
||||
#
|
||||
# Note that your messages can still make it to forbidden servers through
|
||||
# backfilling. Events we receive from forbidden servers via backfill will
|
||||
# be stored in the database, but will not be sent to the client.
|
||||
# backfilling. Events we receive from forbidden servers via backfill
|
||||
# from servers we *do* federate with will be stored in the database.
|
||||
#
|
||||
# This check is applied on the room ID, room alias, sender server name,
|
||||
# sender user's server name, inbound federation X-Matrix origin, and
|
||||
|
|
@ -1220,6 +1210,13 @@
|
|||
#
|
||||
#allowed_remote_server_names = []
|
||||
|
||||
# Vector list of regex patterns of server names that conduwuit will refuse
|
||||
# to download remote media from.
|
||||
#
|
||||
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
#
|
||||
#prevent_media_downloads_from = []
|
||||
|
||||
# List of forbidden server names via regex patterns that we will block all
|
||||
# outgoing federated room directory requests for. Useful for preventing
|
||||
# our users from wandering into bad servers or spaces.
|
||||
|
|
@ -1228,6 +1225,29 @@
|
|||
#
|
||||
#forbidden_remote_room_directory_server_names = []
|
||||
|
||||
# Vector list of regex patterns of server names that conduwuit will not
|
||||
# send messages to the client from.
|
||||
#
|
||||
# Note that there is no way for clients to receive messages once a server
|
||||
# has become unignored without doing a full sync. This is a protocol
|
||||
# limitation with the current sync protocols. This means this is somewhat
|
||||
# of a nuclear option.
|
||||
#
|
||||
# example: ["reallybadserver\.tld$", "reallybadphrase",
|
||||
# "69dollarfortnitecards"]
|
||||
#
|
||||
#ignore_messages_from_server_names = []
|
||||
|
||||
# Send messages from users that the user has ignored to the client.
|
||||
#
|
||||
# There is no way for clients to receive messages sent while a user was
|
||||
# ignored without doing a full sync. This is a protocol limitation with
|
||||
# the current sync protocols. Disabling this option will move
|
||||
# responsibility of ignoring messages to the client, which can avoid this
|
||||
# limitation.
|
||||
#
|
||||
#send_messages_from_ignored_users_to_client = false
|
||||
|
||||
# Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
||||
# do not want conduwuit to send outbound requests to. Defaults to
|
||||
# RFC1918, unroutable, loopback, multicast, and testnet addresses for
|
||||
|
|
|
|||
2
debian/conduwuit.service
vendored
2
debian/conduwuit.service
vendored
|
|
@ -3,7 +3,7 @@ Description=conduwuit Matrix homeserver
|
|||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
Alias=matrix-conduwuit.service
|
||||
Documentation=https://conduwuit.puppyirl.gay/
|
||||
Documentation=https://continuwuity.org/
|
||||
|
||||
[Service]
|
||||
DynamicUser=yes
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
use core::panic;
|
||||
|
||||
use axum::extract::State;
|
||||
use conduwuit::{
|
||||
Err, Result, at,
|
||||
|
|
@ -132,8 +134,6 @@ pub(crate) async fn get_message_events_route(
|
|||
.take(limit)
|
||||
.collect()
|
||||
.await;
|
||||
// let appservice_id = body.appservice_info.map(|appservice|
|
||||
// appservice.registration.id);
|
||||
|
||||
let lazy_loading_context = lazy_loading::Context {
|
||||
user_id: sender_user,
|
||||
|
|
@ -143,7 +143,7 @@ pub(crate) async fn get_message_events_route(
|
|||
if let Some(registration) = body.appservice_info.as_ref() {
|
||||
<&DeviceId>::from(registration.registration.id.as_str())
|
||||
} else {
|
||||
<&DeviceId>::from("")
|
||||
panic!("No device_id provided and no appservice registration found, this should be unreachable");
|
||||
},
|
||||
},
|
||||
room_id,
|
||||
|
|
@ -275,10 +275,12 @@ pub(crate) async fn is_ignored_pdu(
|
|||
|
||||
let ignored_server = services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(pdu.sender().server_name());
|
||||
.is_remote_server_ignored(pdu.sender().server_name());
|
||||
|
||||
if ignored_type
|
||||
&& (ignored_server || services.users.user_is_ignored(&pdu.sender, user_id).await)
|
||||
&& (ignored_server
|
||||
|| (!services.config.send_messages_from_ignored_users_to_client
|
||||
&& services.users.user_is_ignored(&pdu.sender, user_id).await))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -121,7 +121,9 @@ where
|
|||
.map(|(key, val)| (key, val.collect()))
|
||||
.collect();
|
||||
|
||||
if !populate {
|
||||
if populate {
|
||||
rooms.push(summary_to_chunk(summary.clone()));
|
||||
} else {
|
||||
children = children
|
||||
.iter()
|
||||
.rev()
|
||||
|
|
@ -144,10 +146,8 @@ where
|
|||
.collect();
|
||||
}
|
||||
|
||||
if populate {
|
||||
rooms.push(summary_to_chunk(summary.clone()));
|
||||
} else if queue.is_empty() && children.is_empty() {
|
||||
return Err!(Request(InvalidParam("Room IDs in token were not found.")));
|
||||
if !populate && queue.is_empty() && children.is_empty() {
|
||||
break;
|
||||
}
|
||||
|
||||
parents.insert(current_room.clone());
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ pub struct Config {
|
|||
/// If enabled, conduwuit will send a simple GET request periodically to
|
||||
/// `https://continuwuity.org/.well-known/continuwuity/announcements` for any new
|
||||
/// announcements or major updates. This is not an update check endpoint.
|
||||
///
|
||||
///
|
||||
/// default: true
|
||||
#[serde(alias = "allow_check_for_updates", default = "true_fn")]
|
||||
pub allow_announcements_check: bool,
|
||||
|
|
@ -1359,25 +1359,13 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub prune_missing_media: bool,
|
||||
|
||||
/// Vector list of regex patterns of server names that conduwuit will refuse
|
||||
/// to download remote media from.
|
||||
///
|
||||
/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub prevent_media_downloads_from: RegexSet,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block
|
||||
/// incoming AND outgoing federation with, and block client room joins /
|
||||
/// remote user invites.
|
||||
///
|
||||
/// Additionally, it will hide messages from these servers for all users
|
||||
/// on this server.
|
||||
///
|
||||
/// Note that your messages can still make it to forbidden servers through
|
||||
/// backfilling. Events we receive from forbidden servers via backfill will
|
||||
/// be stored in the database, but will not be sent to the client.
|
||||
/// backfilling. Events we receive from forbidden servers via backfill
|
||||
/// from servers we *do* federate with will be stored in the database.
|
||||
///
|
||||
/// This check is applied on the room ID, room alias, sender server name,
|
||||
/// sender user's server name, inbound federation X-Matrix origin, and
|
||||
|
|
@ -1403,6 +1391,15 @@ pub struct Config {
|
|||
#[serde(default, with = "serde_regex")]
|
||||
pub allowed_remote_server_names: RegexSet,
|
||||
|
||||
/// Vector list of regex patterns of server names that conduwuit will refuse
|
||||
/// to download remote media from.
|
||||
///
|
||||
/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub prevent_media_downloads_from: RegexSet,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block all
|
||||
/// outgoing federated room directory requests for. Useful for preventing
|
||||
/// our users from wandering into bad servers or spaces.
|
||||
|
|
@ -1413,6 +1410,31 @@ pub struct Config {
|
|||
#[serde(default, with = "serde_regex")]
|
||||
pub forbidden_remote_room_directory_server_names: RegexSet,
|
||||
|
||||
/// Vector list of regex patterns of server names that conduwuit will not
|
||||
/// send messages to the client from.
|
||||
///
|
||||
/// Note that there is no way for clients to receive messages once a server
|
||||
/// has become unignored without doing a full sync. This is a protocol
|
||||
/// limitation with the current sync protocols. This means this is somewhat
|
||||
/// of a nuclear option.
|
||||
///
|
||||
/// example: ["reallybadserver\.tld$", "reallybadphrase",
|
||||
/// "69dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub ignore_messages_from_server_names: RegexSet,
|
||||
|
||||
/// Send messages from users that the user has ignored to the client.
|
||||
///
|
||||
/// There is no way for clients to receive messages sent while a user was
|
||||
/// ignored without doing a full sync. This is a protocol limitation with
|
||||
/// the current sync protocols. Disabling this option will move
|
||||
/// responsibility of ignoring messages to the client, which can avoid this
|
||||
/// limitation.
|
||||
#[serde(default)]
|
||||
pub send_messages_from_ignored_users_to_client: bool,
|
||||
|
||||
/// Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
||||
/// do not want conduwuit to send outbound requests to. Defaults to
|
||||
/// RFC1918, unroutable, loopback, multicast, and testnet addresses for
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ struct GetMembership {
|
|||
membership: MembershipState,
|
||||
}
|
||||
|
||||
#[derive(Deserialize)]
|
||||
#[derive(Deserialize, Debug)]
|
||||
struct RoomMemberContentFields {
|
||||
membership: Option<Raw<MembershipState>>,
|
||||
join_authorised_via_users_server: Option<Raw<OwnedUserId>>,
|
||||
|
|
@ -149,9 +149,9 @@ where
|
|||
Incoming: Event + Send + Sync,
|
||||
{
|
||||
debug!(
|
||||
"auth_check beginning for {} ({})",
|
||||
incoming_event.event_id(),
|
||||
incoming_event.event_type()
|
||||
event_id = format!("{}", incoming_event.event_id()),
|
||||
event_type = format!("{}", incoming_event.event_type()),
|
||||
"auth_check beginning"
|
||||
);
|
||||
|
||||
// [synapse] check that all the events are in the same room as `incoming_event`
|
||||
|
|
@ -383,10 +383,15 @@ where
|
|||
|
||||
let sender_membership_event_content: RoomMemberContentFields =
|
||||
from_json_str(sender_member_event.content().get())?;
|
||||
let membership_state = sender_membership_event_content
|
||||
.membership
|
||||
.expect("we should test before that this field exists")
|
||||
.deserialize()?;
|
||||
let Some(membership_state) = sender_membership_event_content.membership else {
|
||||
warn!(
|
||||
sender_membership_event_content = format!("{sender_membership_event_content:?}"),
|
||||
event_id = format!("{}", incoming_event.event_id()),
|
||||
"Sender membership event content missing membership field"
|
||||
);
|
||||
return Err(Error::InvalidPdu("Missing membership field".to_owned()));
|
||||
};
|
||||
let membership_state = membership_state.deserialize()?;
|
||||
|
||||
if !matches!(membership_state, MembershipState::Join) {
|
||||
warn!("sender's membership is not join");
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ assets = [
|
|||
|
||||
[features]
|
||||
default = [
|
||||
"blurhashing",
|
||||
"brotli_compression",
|
||||
"element_hacks",
|
||||
"gzip_compression",
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
use std::sync::Arc;
|
||||
|
||||
use conduwuit::{Result, Server, implement};
|
||||
use conduwuit::{Result, implement};
|
||||
use ruma::ServerName;
|
||||
|
||||
use crate::{Dep, config};
|
||||
|
|
@ -10,7 +10,7 @@ pub struct Service {
|
|||
}
|
||||
|
||||
struct Services {
|
||||
pub server: Arc<Server>,
|
||||
// pub server: Arc<Server>,
|
||||
pub config: Dep<config::Service>,
|
||||
}
|
||||
|
||||
|
|
@ -18,7 +18,7 @@ impl crate::Service for Service {
|
|||
fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
|
||||
Ok(Arc::new(Self {
|
||||
services: Services {
|
||||
server: args.server.clone(),
|
||||
// server: args.server.clone(),
|
||||
config: args.depend::<config::Service>("config"),
|
||||
},
|
||||
}))
|
||||
|
|
@ -27,6 +27,20 @@ impl crate::Service for Service {
|
|||
fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }
|
||||
}
|
||||
|
||||
#[implement(Service)]
|
||||
#[must_use]
|
||||
pub fn is_remote_server_ignored(&self, server_name: &ServerName) -> bool {
|
||||
// We must never block federating with ourselves
|
||||
if server_name == self.services.config.server_name {
|
||||
return false;
|
||||
}
|
||||
|
||||
self.services
|
||||
.config
|
||||
.ignore_messages_from_server_names
|
||||
.is_match(server_name.host())
|
||||
}
|
||||
|
||||
#[implement(Service)]
|
||||
#[must_use]
|
||||
pub fn is_remote_server_forbidden(&self, server_name: &ServerName) -> bool {
|
||||
|
|
|
|||
|
|
@ -306,28 +306,25 @@ impl super::Service {
|
|||
|
||||
#[tracing::instrument(name = "srv", level = "debug", skip(self))]
|
||||
async fn query_srv_record(&self, hostname: &'_ str) -> Result<Option<FedDest>> {
|
||||
let hostnames =
|
||||
[format!("_matrix-fed._tcp.{hostname}."), format!("_matrix._tcp.{hostname}.")];
|
||||
self.services.server.check_running()?;
|
||||
|
||||
for hostname in hostnames {
|
||||
self.services.server.check_running()?;
|
||||
debug!("querying SRV for {hostname:?}");
|
||||
|
||||
debug!("querying SRV for {hostname:?}");
|
||||
let hostname = hostname.trim_end_matches('.');
|
||||
match self.resolver.resolver.srv_lookup(hostname).await {
|
||||
| Err(e) => Self::handle_resolve_error(&e, hostname)?,
|
||||
| Ok(result) => {
|
||||
return Ok(result.iter().next().map(|result| {
|
||||
FedDest::Named(
|
||||
result.target().to_string().trim_end_matches('.').to_owned(),
|
||||
format!(":{}", result.port())
|
||||
.as_str()
|
||||
.try_into()
|
||||
.unwrap_or_else(|_| FedDest::default_port()),
|
||||
)
|
||||
}));
|
||||
},
|
||||
}
|
||||
let hostname_suffix = format!("_matrix-fed._tcp.{hostname}.");
|
||||
let hostname = hostname_suffix.trim_end_matches('.');
|
||||
match self.resolver.resolver.srv_lookup(hostname).await {
|
||||
| Err(e) => Self::handle_resolve_error(&e, hostname)?,
|
||||
| Ok(result) => {
|
||||
return Ok(result.iter().next().map(|result| {
|
||||
FedDest::Named(
|
||||
result.target().to_string().trim_end_matches('.').to_owned(),
|
||||
format!(":{}", result.port())
|
||||
.as_str()
|
||||
.try_into()
|
||||
.unwrap_or_else(|_| FedDest::default_port()),
|
||||
)
|
||||
}));
|
||||
},
|
||||
}
|
||||
|
||||
Ok(None)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue