Compare commits
19 commits
alpine-pac
...
jade/tuwun
Author | SHA1 | Date | |
---|---|---|---|
|
b3679f4eeb | ||
|
1c2b32cdc8 | ||
|
a5aed9f43d | ||
|
de6d961535 | ||
|
6c7845c8af | ||
|
3639b93658 | ||
|
200df676e9 | ||
|
56cc9318de | ||
|
f86d7236ac | ||
|
460cf27a03 | ||
|
3af241b947 | ||
|
79ae57b671 | ||
|
11270c2d9d | ||
|
43ce46ff7e | ||
|
95f92f131b | ||
|
dbb7560fa5 | ||
|
208b81a18f | ||
|
0bee87b693 | ||
|
173c0b35ad |
131 changed files with 1678 additions and 3141 deletions
|
@ -11,11 +11,10 @@ docker/
|
|||
*.iml
|
||||
|
||||
# Git folder
|
||||
# .git
|
||||
.git
|
||||
.gitea
|
||||
.gitlab
|
||||
.github
|
||||
.forgejo
|
||||
|
||||
# Dot files
|
||||
.env
|
||||
|
|
|
@ -22,7 +22,3 @@ indent_size = 2
|
|||
[*.rs]
|
||||
indent_style = tab
|
||||
max_line_length = 98
|
||||
|
||||
[{.forgejo/**/*.yml,.github/**/*.yml}]
|
||||
indent_size = 2
|
||||
indent_style = space
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
name: rust-toolchain
|
||||
description: |
|
||||
Install a Rust toolchain using rustup.
|
||||
See https://rust-lang.github.io/rustup/concepts/toolchains.html#toolchain-specification
|
||||
for more information about toolchains.
|
||||
inputs:
|
||||
toolchain:
|
||||
description: |
|
||||
Rust toolchain name.
|
||||
See https://rust-lang.github.io/rustup/concepts/toolchains.html#toolchain-specification
|
||||
required: false
|
||||
target:
|
||||
description: Target triple to install for this toolchain
|
||||
required: false
|
||||
components:
|
||||
description: Space-separated list of components to be additionally installed for a new toolchain
|
||||
required: false
|
||||
outputs:
|
||||
rustc_version:
|
||||
description: The rustc version installed
|
||||
value: ${{ steps.rustc-version.outputs.version }}
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- name: Cache rustup toolchains
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
~/.rustup
|
||||
!~/.rustup/tmp
|
||||
!~/.rustup/downloads
|
||||
# Requires repo to be cloned if toolchain is not specified
|
||||
key: ${{ runner.os }}-rustup-${{ inputs.toolchain || hashFiles('**/rust-toolchain.toml') }}
|
||||
- name: Install Rust toolchain
|
||||
shell: bash
|
||||
run: |
|
||||
if ! command -v rustup &> /dev/null ; then
|
||||
curl --proto '=https' --tlsv1.2 --retry 10 --retry-connrefused -fsSL "https://sh.rustup.rs" | sh -s -- --default-toolchain none -y
|
||||
echo "${CARGO_HOME:-$HOME/.cargo}/bin" >> $GITHUB_PATH
|
||||
fi
|
||||
- shell: bash
|
||||
run: |
|
||||
set -x
|
||||
${{ inputs.toolchain && format('rustup override set {0}', inputs.toolchain) }}
|
||||
${{ inputs.target && format('rustup target add {0}', inputs.target) }}
|
||||
${{ inputs.components && format('rustup component add {0}', inputs.components) }}
|
||||
cargo --version
|
||||
rustc --version
|
||||
- id: rustc-version
|
||||
shell: bash
|
||||
run: |
|
||||
echo "version=$(rustc --version)" >> $GITHUB_OUTPUT
|
|
@ -1,29 +0,0 @@
|
|||
name: sccache
|
||||
description: |
|
||||
Install sccache for caching builds in GitHub Actions.
|
||||
|
||||
inputs:
|
||||
token:
|
||||
description: 'A Github PAT'
|
||||
required: false
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- name: Install sccache
|
||||
uses: https://github.com/mozilla-actions/sccache-action@v0.0.9
|
||||
with:
|
||||
token: ${{ inputs.token }}
|
||||
- name: Configure sccache
|
||||
uses: https://github.com/actions/github-script@v7
|
||||
with:
|
||||
script: |
|
||||
core.exportVariable('ACTIONS_RESULTS_URL', process.env.ACTIONS_RESULTS_URL || '');
|
||||
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
|
||||
- shell: bash
|
||||
run: |
|
||||
echo "SCCACHE_GHA_ENABLED=true" >> $GITHUB_ENV
|
||||
echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV
|
||||
echo "CMAKE_C_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
|
||||
echo "CMAKE_CXX_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
|
||||
echo "CMAKE_CUDA_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
|
|
@ -1,46 +0,0 @@
|
|||
name: timelord
|
||||
description: |
|
||||
Use timelord to set file timestamps
|
||||
inputs:
|
||||
key:
|
||||
description: |
|
||||
The key to use for caching the timelord data.
|
||||
This should be unique to the repository and the runner.
|
||||
required: true
|
||||
default: timelord-v0
|
||||
path:
|
||||
description: |
|
||||
The path to the directory to be timestamped.
|
||||
This should be the root of the repository.
|
||||
required: true
|
||||
default: .
|
||||
|
||||
runs:
|
||||
using: composite
|
||||
steps:
|
||||
- name: Cache timelord-cli installation
|
||||
id: cache-timelord-bin
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: ~/.cargo/bin/timelord
|
||||
key: timelord-cli-v3.0.1
|
||||
- name: Install timelord-cli
|
||||
uses: https://github.com/cargo-bins/cargo-binstall@main
|
||||
if: steps.cache-timelord-bin.outputs.cache-hit != 'true'
|
||||
- run: cargo binstall timelord-cli@3.0.1
|
||||
shell: bash
|
||||
if: steps.cache-timelord-bin.outputs.cache-hit != 'true'
|
||||
|
||||
- name: Load timelord files
|
||||
uses: actions/cache/restore@v3
|
||||
with:
|
||||
path: /timelord/
|
||||
key: ${{ inputs.key }}
|
||||
- name: Run timelord to set timestamps
|
||||
shell: bash
|
||||
run: timelord sync --source-dir ${{ inputs.path }} --cache-dir /timelord/
|
||||
- name: Save timelord
|
||||
uses: actions/cache/save@v3
|
||||
with:
|
||||
path: /timelord/
|
||||
key: ${{ inputs.key }}
|
|
@ -1,49 +0,0 @@
|
|||
on:
|
||||
- workflow-dispatch
|
||||
- push
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: alpine:edge
|
||||
|
||||
steps:
|
||||
- name: set up dependencies
|
||||
run: |
|
||||
apk update
|
||||
apk upgrade
|
||||
apk add nodejs git alpine-sdk
|
||||
- uses: actions/checkout@v4
|
||||
name: checkout the alpine dir
|
||||
with:
|
||||
sparse-checkout: "alpine/"
|
||||
|
||||
# - uses: actions/checkout@v4
|
||||
# name: checkout the rest in the alpine dir
|
||||
# with:
|
||||
# path: 'alpine/continuwuity'
|
||||
- name: set up user
|
||||
run: adduser -DG abuild ci
|
||||
|
||||
- name: set up keys
|
||||
run: |
|
||||
pwd
|
||||
mkdir ~/.abuild
|
||||
echo "${{ secrets.abuild_privkey }}" > ~/.abuild/ci@continuwuity.rsa
|
||||
echo "${{ secrets.abuild_pubkey }}" > ~/.abuild/ci@continuwuity.rsa.pub
|
||||
echo $HOME
|
||||
echo 'PACKAGER_PRIVKEY="/root/.abuild/ci@continuwuity.rsa"' > ~/.abuild/abuild.conf
|
||||
ls ~/.abuild
|
||||
|
||||
- name: go go gadget abuild
|
||||
run: |
|
||||
cd alpine
|
||||
# modify the APKBUILD to use the current branch instead of the release
|
||||
# note that it seems to require the repo to be public (as you'll get
|
||||
# a 404 even if the token is provided)
|
||||
export ARCHIVE_URL="${{ github.server_url }}/${{ github.repository }}/archive/${{ github.ref_name }}.tar.gz"
|
||||
echo $ARCHIVE_URL
|
||||
sed -i '/^source=/c\source="'"$ARCHIVE_URL" APKBUILD
|
||||
abuild -F checksum
|
||||
abuild -Fr
|
|
@ -16,7 +16,7 @@ concurrency:
|
|||
jobs:
|
||||
docs:
|
||||
name: Build and Deploy Documentation
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: not-nexy
|
||||
|
||||
steps:
|
||||
- name: Sync repository
|
||||
|
@ -36,14 +36,9 @@ jobs:
|
|||
- name: Prepare static files for deployment
|
||||
run: |
|
||||
mkdir -p ./public/.well-known/matrix
|
||||
mkdir -p ./public/.well-known/continuwuity
|
||||
mkdir -p ./public/schema
|
||||
# Copy the Matrix .well-known files
|
||||
cp ./docs/static/server ./public/.well-known/matrix/server
|
||||
cp ./docs/static/client ./public/.well-known/matrix/client
|
||||
cp ./docs/static/client ./public/.well-known/matrix/support
|
||||
cp ./docs/static/announcements.json ./public/.well-known/continuwuity/announcements
|
||||
cp ./docs/static/announcements.schema.json ./public/schema/announcements.schema.json
|
||||
# Copy the custom headers file
|
||||
cp ./docs/static/_headers ./public/_headers
|
||||
echo "Copied .well-known files and _headers to ./public"
|
||||
|
@ -57,17 +52,17 @@ jobs:
|
|||
run: npm install --save-dev wrangler@latest
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Production)
|
||||
if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./public --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
command: pages deploy ./public --branch=main --commit-dirty=true --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Preview)
|
||||
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
if: ${{ github.event_name != 'push' || github.ref != 'refs/heads/main' }}
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./public --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
command: pages deploy ./public --branch=${{ github.head_ref }} --commit-dirty=true --project-name=${{ vars.CLOUDFLARE_PROJECT_NAME }}"
|
||||
|
|
|
@ -1,127 +0,0 @@
|
|||
name: Deploy Element Web
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency:
|
||||
group: "element-${{ github.ref }}"
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
name: Build and Deploy Element Web
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Setup Node.js
|
||||
uses: https://code.forgejo.org/actions/setup-node@v4
|
||||
with:
|
||||
node-version: "20"
|
||||
|
||||
- name: Clone, setup, and build Element Web
|
||||
run: |
|
||||
echo "Cloning Element Web..."
|
||||
git clone https://github.com/maunium/element-web
|
||||
cd element-web
|
||||
git checkout develop
|
||||
git pull
|
||||
|
||||
echo "Cloning matrix-js-sdk..."
|
||||
git clone https://github.com/matrix-org/matrix-js-sdk.git
|
||||
|
||||
echo "Installing Yarn..."
|
||||
npm install -g yarn
|
||||
|
||||
echo "Installing dependencies..."
|
||||
yarn install
|
||||
|
||||
echo "Preparing build environment..."
|
||||
mkdir -p .home
|
||||
|
||||
echo "Cleaning up specific node_modules paths..."
|
||||
rm -rf node_modules/@types/eslint-scope/ matrix-*-sdk/node_modules/@types/eslint-scope || echo "Cleanup paths not found, continuing."
|
||||
|
||||
echo "Getting matrix-js-sdk commit hash..."
|
||||
cd matrix-js-sdk
|
||||
jsver=$(git rev-parse HEAD)
|
||||
jsver=${jsver:0:12}
|
||||
cd ..
|
||||
echo "matrix-js-sdk version hash: $jsver"
|
||||
|
||||
echo "Getting element-web commit hash..."
|
||||
ver=$(git rev-parse HEAD)
|
||||
ver=${ver:0:12}
|
||||
echo "element-web version hash: $ver"
|
||||
|
||||
chmod +x ./build-sh
|
||||
|
||||
export VERSION="$ver-js-$jsver"
|
||||
echo "Building Element Web version: $VERSION"
|
||||
./build-sh
|
||||
|
||||
echo "Checking for build output..."
|
||||
ls -la webapp/
|
||||
|
||||
- name: Create config.json
|
||||
run: |
|
||||
cat <<EOF > ./element-web/webapp/config.json
|
||||
{
|
||||
"default_server_name": "continuwuity.org",
|
||||
"default_server_config": {
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.continuwuity.org"
|
||||
}
|
||||
},
|
||||
"default_country_code": "GB",
|
||||
"default_theme": "dark",
|
||||
"mobile_guide_toast": false,
|
||||
"show_labs_settings": true,
|
||||
"room_directory": [
|
||||
"continuwuity.org",
|
||||
"matrixrooms.info"
|
||||
],
|
||||
"settings_defaults": {
|
||||
"UIFeature.urlPreviews": true,
|
||||
"UIFeature.feedback": false,
|
||||
"UIFeature.voip": false,
|
||||
"UIFeature.shareQrCode": false,
|
||||
"UIFeature.shareSocial": false,
|
||||
"UIFeature.locationSharing": false,
|
||||
"enableSyntaxHighlightLanguageDetection": true
|
||||
},
|
||||
"features": {
|
||||
"feature_pinning": true,
|
||||
"feature_custom_themes": true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
echo "Created ./element-web/webapp/config.json"
|
||||
cat ./element-web/webapp/config.json
|
||||
|
||||
- name: Upload Artifact
|
||||
uses: https://code.forgejo.org/actions/upload-artifact@v3
|
||||
with:
|
||||
name: element-web
|
||||
path: ./element-web/webapp/
|
||||
retention-days: 14
|
||||
|
||||
- name: Install Wrangler
|
||||
run: npm install --save-dev wrangler@latest
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Production)
|
||||
if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./element-web/webapp --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
|
||||
|
||||
- name: Deploy to Cloudflare Pages (Preview)
|
||||
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
|
||||
uses: https://github.com/cloudflare/wrangler-action@v3
|
||||
with:
|
||||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
command: pages deploy ./element-web/webapp --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
|
|
@ -1,24 +1,23 @@
|
|||
name: Release Docker Image
|
||||
concurrency:
|
||||
concurrency:
|
||||
group: "release-image-${{ github.ref }}"
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
paths-ignore:
|
||||
- "*.md"
|
||||
- "**/*.md"
|
||||
- ".gitlab-ci.yml"
|
||||
- ".gitignore"
|
||||
- "renovate.json"
|
||||
- "debian/**"
|
||||
- "docker/**"
|
||||
- "docs/**"
|
||||
- '.gitlab-ci.yml'
|
||||
- '.gitignore'
|
||||
- 'renovate.json'
|
||||
- 'debian/**'
|
||||
- 'docker/**'
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
BUILTIN_REGISTRY: forgejo.ellis.link
|
||||
BUILTIN_REGISTRY_ENABLED: "${{ ((vars.BUILTIN_REGISTRY_USER && secrets.BUILTIN_REGISTRY_PASSWORD) || (github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false)) && 'true' || 'false' }}"
|
||||
BUILTIN_REGISTRY: forgejo.ellis.link
|
||||
BUILTIN_REGISTRY_ENABLED: "${{ ((vars.BUILTIN_REGISTRY_USER && secrets.BUILTIN_REGISTRY_PASSWORD) || (github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false)) && 'true' || 'false' }}"
|
||||
|
||||
|
||||
jobs:
|
||||
define-variables:
|
||||
|
@ -37,7 +36,7 @@ jobs:
|
|||
script: |
|
||||
const githubRepo = '${{ github.repository }}'.toLowerCase()
|
||||
const repoId = githubRepo.split('/')[1]
|
||||
|
||||
|
||||
core.setOutput('github_repository', githubRepo)
|
||||
const builtinImage = '${{ env.BUILTIN_REGISTRY }}/' + githubRepo
|
||||
let images = []
|
||||
|
@ -48,7 +47,7 @@ jobs:
|
|||
core.setOutput('images_list', images.join(","))
|
||||
const platforms = ['linux/amd64', 'linux/arm64']
|
||||
core.setOutput('build_matrix', JSON.stringify({
|
||||
platform: platforms,
|
||||
platform: platforms,
|
||||
include: platforms.map(platform => { return {
|
||||
platform,
|
||||
slug: platform.replace('/', '-')
|
||||
|
@ -56,7 +55,7 @@ jobs:
|
|||
}))
|
||||
|
||||
build-image:
|
||||
runs-on: dind
|
||||
runs-on: docker
|
||||
container: ghcr.io/catthehacker/ubuntu:act-latest
|
||||
needs: define-variables
|
||||
permissions:
|
||||
|
@ -65,29 +64,38 @@ jobs:
|
|||
attestations: write
|
||||
id-token: write
|
||||
strategy:
|
||||
matrix:
|
||||
{
|
||||
"include":
|
||||
[
|
||||
{ "platform": "linux/amd64", "slug": "linux-amd64" },
|
||||
{ "platform": "linux/arm64", "slug": "linux-arm64" },
|
||||
],
|
||||
"platform": ["linux/amd64", "linux/arm64"],
|
||||
}
|
||||
matrix: {
|
||||
"include": [
|
||||
{
|
||||
"platform": "linux/amd64",
|
||||
"slug": "linux-amd64"
|
||||
},
|
||||
{
|
||||
"platform": "linux/arm64",
|
||||
"slug": "linux-arm64"
|
||||
}
|
||||
],
|
||||
"platform": [
|
||||
"linux/amd64",
|
||||
"linux/arm64"
|
||||
]
|
||||
}
|
||||
steps:
|
||||
- name: Echo strategy
|
||||
run: echo '${{ toJSON(fromJSON(needs.define-variables.outputs.build_matrix)) }}'
|
||||
- name: Echo matrix
|
||||
run: echo '${{ toJSON(matrix) }}'
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Install rust
|
||||
id: rust-toolchain
|
||||
uses: ./.forgejo/actions/rust-toolchain
|
||||
|
||||
- run: |
|
||||
if ! command -v rustup &> /dev/null ; then
|
||||
curl --proto '=https' --tlsv1.2 --retry 10 --retry-connrefused -fsSL "https://sh.rustup.rs" | sh -s -- --default-toolchain none -y
|
||||
echo "${CARGO_HOME:-$HOME/.cargo}/bin" >> $GITHUB_PATH
|
||||
fi
|
||||
- uses: https://github.com/cargo-bins/cargo-binstall@main
|
||||
- run: cargo binstall timelord-cli@3.0.1
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
- name: Set up QEMU
|
||||
|
@ -96,9 +104,9 @@ jobs:
|
|||
- name: Login to builtin registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
|
||||
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
|
||||
- name: Extract metadata (labels, annotations) for Docker
|
||||
|
@ -121,58 +129,18 @@ jobs:
|
|||
echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
|
||||
- name: Get Git commit timestamps
|
||||
run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
|
||||
|
||||
- uses: ./.forgejo/actions/timelord
|
||||
- name: Set up timelord
|
||||
uses: actions/cache/restore@v3
|
||||
with:
|
||||
path: /timelord/
|
||||
key: timelord-v0 # Cache is already split per runner
|
||||
- name: Run timelord to set timestamps
|
||||
run: timelord sync --source-dir . --cache-dir /timelord/
|
||||
- name: Save timelord
|
||||
uses: actions/cache/save@v3
|
||||
with:
|
||||
path: /timelord/
|
||||
key: timelord-v0
|
||||
path: .
|
||||
|
||||
- name: Cache Rust registry
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
.cargo/git
|
||||
.cargo/git/checkouts
|
||||
.cargo/registry
|
||||
.cargo/registry/src
|
||||
key: rust-registry-image-${{hashFiles('**/Cargo.lock') }}
|
||||
- name: Cache cargo target
|
||||
id: cache-cargo-target
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
cargo-target-${{ matrix.slug }}
|
||||
key: cargo-target-${{ matrix.slug }}-${{hashFiles('**/Cargo.lock') }}-${{steps.rust-toolchain.outputs.rustc_version}}
|
||||
- name: Cache apt cache
|
||||
id: cache-apt
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
var-cache-apt-${{ matrix.slug }}
|
||||
key: var-cache-apt-${{ matrix.slug }}
|
||||
- name: Cache apt lib
|
||||
id: cache-apt-lib
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
var-lib-apt-${{ matrix.slug }}
|
||||
key: var-lib-apt-${{ matrix.slug }}
|
||||
- name: inject cache into docker
|
||||
uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.1.0
|
||||
with:
|
||||
cache-map: |
|
||||
{
|
||||
".cargo/registry": "/usr/local/cargo/registry",
|
||||
".cargo/git/db": "/usr/local/cargo/git/db",
|
||||
"cargo-target-${{ matrix.slug }}": {
|
||||
"target": "/app/target",
|
||||
"id": "cargo-target-${{ matrix.platform }}"
|
||||
},
|
||||
"var-cache-apt-${{ matrix.slug }}": "/var/cache/apt",
|
||||
"var-lib-apt-${{ matrix.slug }}": "/var/lib/apt"
|
||||
}
|
||||
skip-extraction: ${{ steps.cache.outputs.cache-hit }}
|
||||
|
||||
- name: Build and push Docker image by digest
|
||||
id: build
|
||||
uses: docker/build-push-action@v6
|
||||
|
@ -180,15 +148,12 @@ jobs:
|
|||
context: .
|
||||
file: "docker/Dockerfile"
|
||||
build-args: |
|
||||
GIT_COMMIT_HASH=${{ github.sha }})
|
||||
GIT_COMMIT_HASH_SHORT=${{ env.COMMIT_SHORT_SHA }})
|
||||
GIT_REMOTE_URL=${{github.event.repository.html_url }}
|
||||
GIT_REMOTE_COMMIT_URL=${{github.event.head_commit.url }}
|
||||
CONDUWUIT_VERSION_EXTRA=${{ env.COMMIT_SHORT_SHA }}
|
||||
platforms: ${{ matrix.platform }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
annotations: ${{ steps.meta.outputs.annotations }}
|
||||
cache-from: type=gha
|
||||
cache-to: type=gha,mode=max
|
||||
# cache-from: type=gha
|
||||
# cache-to: type=gha,mode=max
|
||||
sbom: true
|
||||
outputs: type=image,"name=${{ needs.define-variables.outputs.images_list }}",push-by-digest=true,name-canonical=true,push=true
|
||||
env:
|
||||
|
@ -199,7 +164,7 @@ jobs:
|
|||
run: |
|
||||
mkdir -p /tmp/digests
|
||||
digest="${{ steps.build.outputs.digest }}"
|
||||
touch "/tmp/digests/${digest#sha256:}"
|
||||
touch "/tmp/digests/${digest#sha256:}"
|
||||
|
||||
- name: Upload digest
|
||||
uses: forgejo/upload-artifact@v4
|
||||
|
@ -208,9 +173,9 @@ jobs:
|
|||
path: /tmp/digests/*
|
||||
if-no-files-found: error
|
||||
retention-days: 1
|
||||
|
||||
|
||||
merge:
|
||||
runs-on: dind
|
||||
runs-on: docker
|
||||
container: ghcr.io/catthehacker/ubuntu:act-latest
|
||||
needs: [define-variables, build-image]
|
||||
steps:
|
||||
|
@ -224,9 +189,9 @@ jobs:
|
|||
- name: Login to builtin registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
registry: ${{ env.BUILTIN_REGISTRY }}
|
||||
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
|
||||
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
@ -239,13 +204,13 @@ jobs:
|
|||
type=semver,pattern=v{{version}}
|
||||
type=semver,pattern=v{{major}}.{{minor}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.0.') }}
|
||||
type=semver,pattern=v{{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
|
||||
type=ref,event=branch,prefix=${{ format('refs/heads/{0}', github.event.repository.default_branch) != github.ref && 'branch-' || '' }}
|
||||
type=ref,event=branch,prefix=${{ format('refs/heads/{0}', github.event.repository.default_branch) 1= github.ref && 'branch-' || '' }}
|
||||
type=ref,event=pr
|
||||
type=sha,format=long
|
||||
images: ${{needs.define-variables.outputs.images}}
|
||||
# default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
|
||||
env:
|
||||
DOCKER_METADATA_ANNOTATIONS_LEVELS: index
|
||||
DOCKER_METADATA_ANNOTATIONS_LEVELS: index
|
||||
|
||||
- name: Create manifest list and push
|
||||
working-directory: /tmp/digests
|
||||
|
|
|
@ -1,142 +0,0 @@
|
|||
name: Rust Checks
|
||||
|
||||
on:
|
||||
push:
|
||||
|
||||
jobs:
|
||||
format:
|
||||
name: Format
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Install rust
|
||||
uses: ./.forgejo/actions/rust-toolchain
|
||||
with:
|
||||
toolchain: "nightly"
|
||||
components: "rustfmt"
|
||||
|
||||
- name: Check formatting
|
||||
run: |
|
||||
cargo +nightly fmt --all -- --check
|
||||
|
||||
clippy:
|
||||
name: Clippy
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Install rust
|
||||
uses: ./.forgejo/actions/rust-toolchain
|
||||
|
||||
- uses: https://github.com/actions/create-github-app-token@v2
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.GH_APP_ID }}
|
||||
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
||||
github-api-url: https://api.github.com
|
||||
owner: ${{ vars.GH_APP_OWNER }}
|
||||
repositories: ""
|
||||
- name: Install sccache
|
||||
uses: ./.forgejo/actions/sccache
|
||||
with:
|
||||
token: ${{ steps.app-token.outputs.token }}
|
||||
- run: sudo apt-get update
|
||||
- name: Install system dependencies
|
||||
uses: https://github.com/awalsh128/cache-apt-pkgs-action@v1
|
||||
with:
|
||||
packages: clang liburing-dev
|
||||
version: 1
|
||||
- name: Cache Rust registry
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/git
|
||||
!~/.cargo/git/checkouts
|
||||
~/.cargo/registry
|
||||
!~/.cargo/registry/src
|
||||
key: rust-registry-${{hashFiles('**/Cargo.lock') }}
|
||||
- name: Timelord
|
||||
uses: ./.forgejo/actions/timelord
|
||||
with:
|
||||
key: sccache-v0
|
||||
path: .
|
||||
- name: Clippy
|
||||
run: |
|
||||
cargo clippy \
|
||||
--workspace \
|
||||
--locked \
|
||||
--no-deps \
|
||||
--profile test \
|
||||
-- \
|
||||
-D warnings
|
||||
|
||||
- name: Show sccache stats
|
||||
if: always()
|
||||
run: sccache --show-stats
|
||||
|
||||
cargo-test:
|
||||
name: Cargo Test
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Install rust
|
||||
uses: ./.forgejo/actions/rust-toolchain
|
||||
|
||||
- uses: https://github.com/actions/create-github-app-token@v2
|
||||
id: app-token
|
||||
with:
|
||||
app-id: ${{ vars.GH_APP_ID }}
|
||||
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
||||
github-api-url: https://api.github.com
|
||||
owner: ${{ vars.GH_APP_OWNER }}
|
||||
repositories: ""
|
||||
- name: Install sccache
|
||||
uses: ./.forgejo/actions/sccache
|
||||
with:
|
||||
token: ${{ steps.app-token.outputs.token }}
|
||||
- run: sudo apt-get update
|
||||
- name: Install system dependencies
|
||||
uses: https://github.com/awalsh128/cache-apt-pkgs-action@v1
|
||||
with:
|
||||
packages: clang liburing-dev
|
||||
version: 1
|
||||
- name: Cache Rust registry
|
||||
uses: actions/cache@v3
|
||||
with:
|
||||
path: |
|
||||
~/.cargo/git
|
||||
!~/.cargo/git/checkouts
|
||||
~/.cargo/registry
|
||||
!~/.cargo/registry/src
|
||||
key: rust-registry-${{hashFiles('**/Cargo.lock') }}
|
||||
- name: Timelord
|
||||
uses: ./.forgejo/actions/timelord
|
||||
with:
|
||||
key: sccache-v0
|
||||
path: .
|
||||
- name: Cargo Test
|
||||
run: |
|
||||
cargo test \
|
||||
--workspace \
|
||||
--locked \
|
||||
--profile test \
|
||||
--all-targets \
|
||||
--no-fail-fast
|
||||
|
||||
- name: Show sccache stats
|
||||
if: always()
|
||||
run: sccache --show-stats
|
|
@ -1,9 +0,0 @@
|
|||
[files]
|
||||
extend-exclude = ["*.csr"]
|
||||
|
||||
[default.extend-words]
|
||||
"allocatedp" = "allocatedp"
|
||||
"conduwuit" = "conduwuit"
|
||||
"continuwuity" = "continuwuity"
|
||||
"continuwity" = "continuwuity"
|
||||
"execuse" = "execuse"
|
|
@ -1,3 +1,4 @@
|
|||
|
||||
# Contributor Covenant Code of Conduct
|
||||
|
||||
## Our Pledge
|
||||
|
@ -59,7 +60,8 @@ representative at an online or offline event.
|
|||
## Enforcement
|
||||
|
||||
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
||||
reported to the community leaders responsible for enforcement over Matrix at [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org) or email at <tom@tcpip.uk>, <jade@continuwuity.org> and <nex@continuwuity.org> respectively.
|
||||
reported to the community leaders responsible for enforcement over email at
|
||||
<strawberry@puppygock.gay> or over Matrix at @strawberry:puppygock.gay.
|
||||
All complaints will be reviewed and investigated promptly and fairly.
|
||||
|
||||
All community leaders are obligated to respect the privacy and security of the
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# Contributing guide
|
||||
|
||||
This page is for about contributing to Continuwuity. The
|
||||
This page is for about contributing to conduwuit. The
|
||||
[development](./development.md) page may be of interest for you as well.
|
||||
|
||||
If you would like to work on an [issue][issues] that is not assigned, preferably
|
||||
ask in the Matrix room first at [#continuwuity:continuwuity.org][continuwuity-matrix],
|
||||
ask in the Matrix room first at [#conduwuit:puppygock.gay][conduwuit-matrix],
|
||||
and comment on it.
|
||||
|
||||
### Linting and Formatting
|
||||
|
@ -23,9 +23,9 @@ suggestion, allow the lint and mention that in a comment.
|
|||
|
||||
### Running CI tests locally
|
||||
|
||||
continuwuity's CI for tests, linting, formatting, audit, etc use
|
||||
conduwuit's CI for tests, linting, formatting, audit, etc use
|
||||
[`engage`][engage]. engage can be installed from nixpkgs or `cargo install
|
||||
engage`. continuwuity's Nix flake devshell has the nixpkgs engage with `direnv`.
|
||||
engage`. conduwuit's Nix flake devshell has the nixpkgs engage with `direnv`.
|
||||
Use `engage --help` for more usage details.
|
||||
|
||||
To test, format, lint, etc that CI would do, install engage, allow the `.envrc`
|
||||
|
@ -73,7 +73,7 @@ If you'd like to run Complement locally using Nix, see the
|
|||
|
||||
### Writing documentation
|
||||
|
||||
Continuwuity's website uses [`mdbook`][mdbook] and deployed via CI using GitHub
|
||||
conduwuit's website uses [`mdbook`][mdbook] and deployed via CI using GitHub
|
||||
Pages in the [`documentation.yml`][documentation.yml] workflow file with Nix's
|
||||
mdbook in the devshell. All documentation is in the `docs/` directory at the top
|
||||
level. The compiled mdbook website is also uploaded as an artifact.
|
||||
|
@ -111,28 +111,33 @@ applies here.
|
|||
|
||||
### Creating pull requests
|
||||
|
||||
Please try to keep contributions to the Forgejo Instance. While the mirrors of continuwuity
|
||||
allow for pull/merge requests, there is no guarantee the maintainers will see them in a timely
|
||||
Please try to keep contributions to the GitHub. While the mirrors of conduwuit
|
||||
allow for pull/merge requests, there is no guarantee I will see them in a timely
|
||||
manner. Additionally, please mark WIP or unfinished or incomplete PRs as drafts.
|
||||
This prevents us from having to ping once in a while to double check the status
|
||||
This prevents me from having to ping once in a while to double check the status
|
||||
of it, especially when the CI completed successfully and everything so it
|
||||
*looks* done.
|
||||
|
||||
If you open a pull request on one of the mirrors, it is your responsibility to
|
||||
inform me about its existence. In the future I may try to solve this with more
|
||||
repo bots in the conduwuit Matrix room. There is no mailing list or email-patch
|
||||
support on the sr.ht mirror, but if you'd like to email me a git patch you can
|
||||
do so at `strawberry@puppygock.gay`.
|
||||
|
||||
Direct all PRs/MRs to the `main` branch.
|
||||
|
||||
By sending a pull request or patch, you are agreeing that your changes are
|
||||
allowed to be licenced under the Apache-2.0 licence and all of your conduct is
|
||||
in line with the Contributor's Covenant, and continuwuity's Code of Conduct.
|
||||
in line with the Contributor's Covenant, and conduwuit's Code of Conduct.
|
||||
|
||||
Contribution by users who violate either of these code of conducts will not have
|
||||
their contributions accepted. This includes users who have been banned from
|
||||
continuwuityMatrix rooms for Code of Conduct violations.
|
||||
conduwuit Matrix rooms for Code of Conduct violations.
|
||||
|
||||
[issues]: https://forgejo.ellis.link/continuwuation/continuwuity/issues
|
||||
[continuwuity-matrix]: https://matrix.to/#/#continuwuity:continuwuity.org
|
||||
[issues]: https://github.com/girlbossceo/conduwuit/issues
|
||||
[conduwuit-matrix]: https://matrix.to/#/#conduwuit:puppygock.gay
|
||||
[complement]: https://github.com/matrix-org/complement/
|
||||
[engage.toml]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/engage.toml
|
||||
[engage.toml]: https://github.com/girlbossceo/conduwuit/blob/main/engage.toml
|
||||
[engage]: https://charles.page.computer.surgery/engage/
|
||||
[sytest]: https://github.com/matrix-org/sytest/
|
||||
[cargo-deb]: https://github.com/kornelski/cargo-deb
|
||||
|
@ -141,4 +146,4 @@ continuwuityMatrix rooms for Code of Conduct violations.
|
|||
[cargo-audit]: https://github.com/RustSec/rustsec/tree/main/cargo-audit
|
||||
[direnv]: https://direnv.net/
|
||||
[mdbook]: https://rust-lang.github.io/mdBook/
|
||||
[documentation.yml]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/.forgejo/workflows/documentation.yml
|
||||
[documentation.yml]: https://github.com/girlbossceo/conduwuit/blob/main/.github/workflows/documentation.yml
|
||||
|
|
553
Cargo.lock
generated
553
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
24
Cargo.toml
24
Cargo.toml
|
@ -21,7 +21,7 @@ license = "Apache-2.0"
|
|||
readme = "README.md"
|
||||
repository = "https://forgejo.ellis.link/continuwuation/continuwuity"
|
||||
rust-version = "1.86.0"
|
||||
version = "0.5.0-rc.5"
|
||||
version = "0.5.0"
|
||||
|
||||
[workspace.metadata.crane]
|
||||
name = "conduwuit"
|
||||
|
@ -298,7 +298,7 @@ version = "1.15.0"
|
|||
default-features = false
|
||||
features = ["serde"]
|
||||
|
||||
# Used for reading the configuration from continuwuity.toml & environment variables
|
||||
# Used for reading the configuration from conduwuit.toml & environment variables
|
||||
[workspace.dependencies.figment]
|
||||
version = "0.10.19"
|
||||
default-features = false
|
||||
|
@ -350,7 +350,7 @@ version = "0.1.2"
|
|||
[workspace.dependencies.ruma]
|
||||
git = "https://forgejo.ellis.link/continuwuation/ruwuma"
|
||||
#branch = "conduwuit-changes"
|
||||
rev = "d6870a7fb7f6cccff63f7fd0ff6c581bad80e983"
|
||||
rev = "920148dca1076454ca0ca5d43b5ce1aa708381d4"
|
||||
features = [
|
||||
"compat",
|
||||
"rand",
|
||||
|
@ -626,17 +626,6 @@ package = "conduwuit_macros"
|
|||
path = "src/macros"
|
||||
default-features = false
|
||||
|
||||
[workspace.dependencies.conduwuit-web]
|
||||
package = "conduwuit_web"
|
||||
path = "src/web"
|
||||
default-features = false
|
||||
|
||||
|
||||
[workspace.dependencies.conduwuit-build-metadata]
|
||||
package = "conduwuit_build_metadata"
|
||||
path = "src/build_metadata"
|
||||
default-features = false
|
||||
|
||||
###############################################################################
|
||||
#
|
||||
# Release profiles
|
||||
|
@ -745,6 +734,7 @@ incremental = true
|
|||
|
||||
[profile.dev.package.conduwuit_core]
|
||||
inherits = "dev"
|
||||
incremental = false
|
||||
#rustflags = [
|
||||
# '--cfg', 'conduwuit_mods',
|
||||
# '-Ztime-passes',
|
||||
|
@ -784,6 +774,7 @@ inherits = "dev"
|
|||
[profile.dev.package.'*']
|
||||
inherits = "dev"
|
||||
debug = 'limited'
|
||||
incremental = false
|
||||
codegen-units = 1
|
||||
opt-level = 'z'
|
||||
#rustflags = [
|
||||
|
@ -805,6 +796,7 @@ inherits = "dev"
|
|||
strip = false
|
||||
opt-level = 0
|
||||
codegen-units = 16
|
||||
incremental = false
|
||||
|
||||
[profile.test.package.'*']
|
||||
inherits = "dev"
|
||||
|
@ -812,6 +804,7 @@ debug = 0
|
|||
strip = false
|
||||
opt-level = 0
|
||||
codegen-units = 16
|
||||
incremental = false
|
||||
|
||||
###############################################################################
|
||||
#
|
||||
|
@ -988,6 +981,3 @@ let_underscore_future = { level = "allow", priority = 1 }
|
|||
|
||||
# rust doesnt understand conduwuit's custom log macros
|
||||
literal_string_with_formatting_args = { level = "allow", priority = 1 }
|
||||
|
||||
|
||||
needless_raw_string_hashes = "allow"
|
||||
|
|
14
README.md
14
README.md
|
@ -7,21 +7,16 @@
|
|||
<!-- ANCHOR_END: catchphrase -->
|
||||
|
||||
[continuwuity] is a Matrix homeserver written in Rust.
|
||||
It's a community continuation of the [conduwuit](https://github.com/girlbossceo/conduwuit) homeserver.
|
||||
It's a community continuation of the [conduwuit](https://github.com/girlbossceo/conduwuit) homeserver.
|
||||
|
||||
<!-- ANCHOR: body -->
|
||||
|
||||
[](https://forgejo.ellis.link/continuwuation/continuwuity)  [](https://forgejo.ellis.link/continuwuation/continuwuity/issues?state=open) [](https://forgejo.ellis.link/continuwuation/continuwuity/pulls?state=open)
|
||||
|
||||
[](https://github.com/continuwuity/continuwuity) 
|
||||
|
||||
[](https://codeberg.org/nexy7574/continuwuity) 
|
||||
|
||||
### Why does this exist?
|
||||
|
||||
The original conduwuit project has been archived and is no longer maintained. Rather than letting this Rust-based Matrix homeserver disappear, a group of community contributors have forked the project to continue its development, fix outstanding issues, and add new features.
|
||||
|
||||
We aim to provide a stable, well-maintained alternative for current conduwuit users and welcome newcomers seeking a lightweight, efficient Matrix homeserver.
|
||||
We aim to provide a stable, well-maintained alternative for current Conduit users and welcome newcomers seeking a lightweight, efficient Matrix homeserver.
|
||||
|
||||
### Who are we?
|
||||
|
||||
|
@ -51,9 +46,8 @@ Continuwuity aims to:
|
|||
|
||||
### Can I try it out?
|
||||
|
||||
Check out the [documentation](introduction) for installation instructions.
|
||||
Not right now. We've still got work to do!
|
||||
|
||||
There are currently no open registration Continuwuity instances available.
|
||||
|
||||
### What are we working on?
|
||||
|
||||
|
@ -111,7 +105,7 @@ When incorporating code from other forks:
|
|||
|
||||
#### Contact
|
||||
|
||||
Join our [Matrix room](https://matrix.to/#/#continuwuity:continuwuity.org) and [space](https://matrix.to/#/#space:continuwuity.org) to chat with us about the project!
|
||||
<!-- TODO: contact details -->
|
||||
|
||||
<!-- ANCHOR_END: footer -->
|
||||
|
||||
|
|
63
SECURITY.md
63
SECURITY.md
|
@ -1,63 +0,0 @@
|
|||
# Security Policy for Continuwuity
|
||||
|
||||
This document outlines the security policy for Continuwuity. Our goal is to maintain a secure platform for all users, and we take security matters seriously.
|
||||
|
||||
## Supported Versions
|
||||
|
||||
We provide security updates for the following versions of Continuwuity:
|
||||
|
||||
| Version | Supported |
|
||||
| -------------- |:----------------:|
|
||||
| Latest release | ✅ |
|
||||
| Main branch | ✅ |
|
||||
| Older releases | ❌ |
|
||||
|
||||
We may backport fixes to the previous release at our discretion, but we don't guarantee this.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
### Responsible Disclosure
|
||||
|
||||
We appreciate the efforts of security researchers and the community in identifying and reporting vulnerabilities. To ensure that potential vulnerabilities are addressed properly, please follow these guidelines:
|
||||
|
||||
1. Contact members of the team over E2EE private message.
|
||||
- [@jade:ellis.link](https://matrix.to/#/@jade:ellis.link)
|
||||
- [@nex:nexy7574.co.uk](https://matrix.to/#/@nex:nexy7574.co.uk) <!-- ? -->
|
||||
2. **Email the security team** directly at [security@continuwuity.org](mailto:security@continuwuity.org). This is not E2EE, so don't include sensitive details.
|
||||
3. **Do not disclose the vulnerability publicly** until it has been addressed
|
||||
4. **Provide detailed information** about the vulnerability, including:
|
||||
- A clear description of the issue
|
||||
- Steps to reproduce
|
||||
- Potential impact
|
||||
- Any possible mitigations
|
||||
- Version(s) affected, including specific commits if possible
|
||||
|
||||
If you have any doubts about a potential security vulnerability, contact us via private channels first! We'd prefer that you bother us, instead of having a vulnerability disclosed without a fix.
|
||||
|
||||
### What to Expect
|
||||
|
||||
When you report a security vulnerability:
|
||||
|
||||
1. **Acknowledgment**: We will acknowledge receipt of your report.
|
||||
2. **Assessment**: We will assess the vulnerability and determine its impact on our users
|
||||
3. **Updates**: We will provide updates on our progress in addressing the vulnerability, and may request you help test mitigations
|
||||
4. **Resolution**: Once resolved, we will notify you and discuss coordinated disclosure
|
||||
5. **Credit**: We will recognize your contribution (unless you prefer to remain anonymous)
|
||||
|
||||
## Security Update Process
|
||||
|
||||
When security vulnerabilities are identified:
|
||||
|
||||
1. We will develop and test fixes in a private branch
|
||||
2. Security updates will be released as soon as possible
|
||||
3. Release notes will include information about the vulnerabilities, avoiding details that could facilitate exploitation where possible
|
||||
4. Critical security updates may be backported to the previous stable release
|
||||
|
||||
## Additional Resources
|
||||
|
||||
- [Matrix Security Disclosure Policy](https://matrix.org/security-disclosure-policy/)
|
||||
- [Continuwuity Documentation](https://continuwuity.org/introduction)
|
||||
|
||||
---
|
||||
|
||||
This security policy was last updated on May 25, 2025.
|
|
@ -1,70 +0,0 @@
|
|||
# Contributor: magmaus3 <maia@magmaus3.eu.org>
|
||||
# Maintainer: magmaus3 <maia@magmaus3.eu.org>
|
||||
pkgname=continuwuity
|
||||
|
||||
# abuild doesn't like the format of v0.5.0-rc.5, so i had to change it
|
||||
# see https://wiki.alpinelinux.org/wiki/Package_policies
|
||||
pkgver=0.5.0_rc5
|
||||
pkgrel=0
|
||||
pkgdesc="a continuwuation of a very cool, featureful fork of conduit"
|
||||
url="https://continuwuity.org/"
|
||||
arch="all"
|
||||
license="Apache-2.0"
|
||||
depends="liburing"
|
||||
|
||||
# cargo version on alpine v3.21 is too old to use the 2024 edition
|
||||
# i recommend either building everything on edge, or adding
|
||||
# the edge repo as a tag
|
||||
makedepends="cargo liburing-dev clang-dev linux-headers"
|
||||
checkdepends=""
|
||||
install="$pkgname.pre-install"
|
||||
subpackages="$pkgname-openrc"
|
||||
source="https://forgejo.ellis.link/continuwuation/continuwuity/archive/v0.5.0-rc.5.tar.gz
|
||||
continuwuity.initd
|
||||
continuwuity.confd
|
||||
"
|
||||
_giturl="https://forgejo.ellis.link/continuwuation/continuwuity"
|
||||
_gitbranch="main"
|
||||
builddir="$srcdir/continuwuity"
|
||||
options="net !check"
|
||||
|
||||
#snapshot() {
|
||||
# # used for building from git
|
||||
# git clone --depth=1 $_giturl -b $_gitbranch
|
||||
#}
|
||||
|
||||
prepare() {
|
||||
default_prepare
|
||||
cd $srcdir/continuwuity
|
||||
|
||||
# add the default database path to the config (commented out)
|
||||
cat conduwuit-example.toml \
|
||||
| sed '/#database_path/ s:$: "/var/lib/continuwuity":' \
|
||||
> "$srcdir"/continuwuity.toml
|
||||
|
||||
cargo fetch --target="$CTARGET" --locked
|
||||
}
|
||||
|
||||
build() {
|
||||
cargo build --frozen --release --all-features
|
||||
}
|
||||
|
||||
check() {
|
||||
# TODO: make sure the tests work
|
||||
#cargo test --frozen
|
||||
return
|
||||
}
|
||||
|
||||
package() {
|
||||
cd $srcdir
|
||||
install -Dm755 continuwuity/target/release/conduwuit "$pkgdir"/usr/bin/continuwuity
|
||||
install -Dm644 "$srcdir"/continuwuity.toml -t "$pkgdir"/etc/continuwuity
|
||||
install -Dm755 "$srcdir"/continuwuity.initd "$pkgdir"/etc/init.d/continuwuity
|
||||
install -Dm644 "$srcdir"/continuwuity.confd "$pkgdir"/etc/conf.d/continuwuity
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
66f6da5e98b6f7bb8c1082500101d5c87b1b79955c139b44c6ef5123919fb05feb0dffc669a3af1bc8d571ddb9f3576660f08dc10a6b19eab6db9e391175436a v0.5.0-rc.5.tar.gz
|
||||
0482674be24740496d70da256d4121c5a5e3b749f2445d2bbe0e8991f1449de052724f8427da21a6f55574bc53eac9ca1e47e5012b4c13049b2b39044734d80d continuwuity.initd
|
||||
38e2576278b450d16ba804dd8f4a128f18cd793e6c3ce55aedee1e186905755b31ee23baaa6586b1ab0e25a1f29bf1ea86bfaae4185b0cb1a29203726a199426 continuwuity.confd
|
||||
"
|
|
@ -1,7 +0,0 @@
|
|||
# building
|
||||
|
||||
1. [set up your build
|
||||
environment](https://wiki.alpinelinux.org/wiki/Include:Setup_your_system_and_account_for_building_packages)
|
||||
|
||||
2. run `abuild` (or `abuild -K` if you want to keep the source directory to make
|
||||
rebuilding faster)
|
|
@ -1,3 +0,0 @@
|
|||
supervisor=supervise-daemon
|
||||
export CONTINUWUITY_CONFIG=/etc/continuwuity/continuwuity.toml
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
#!/sbin/openrc-run
|
||||
|
||||
command="/usr/bin/continuwuity"
|
||||
command_user="continuwuity:continuwuity"
|
||||
command_args="--config ${CONTINUWUITY_CONFIG=/etc/continuwuity/continuwuity.toml}"
|
||||
command_background=true
|
||||
pidfile="/run/$RC_SVCNAME.pid"
|
||||
|
||||
output_log="/var/log/continuwuity.log"
|
||||
error_log="/var/log/continuwuity.log"
|
||||
|
||||
depend() {
|
||||
need net
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
checkpath -d -m 0755 -o "$command_user" /var/lib/continuwuity
|
||||
checkpath -f -m 0644 -o "$command_user" "$output_log"
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/sh
|
||||
addgroup -S continuwuity 2>/dev/null
|
||||
adduser -S -D -H -h /var/lib/continuwuity -s /sbin/nologin -G continuwuity -g continuwuity continuwuity 2>/dev/null
|
||||
exit 0
|
|
@ -1,11 +1,11 @@
|
|||
[Unit]
|
||||
|
||||
Description=Continuwuity - Matrix homeserver
|
||||
Description=conduwuit Matrix homeserver
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
Documentation=https://continuwuity.org/
|
||||
Documentation=https://conduwuit.puppyirl.gay/
|
||||
RequiresMountsFor=/var/lib/private/conduwuit
|
||||
Alias=matrix-conduwuit.service
|
||||
|
||||
[Service]
|
||||
DynamicUser=yes
|
||||
Type=notify-reload
|
||||
|
@ -59,7 +59,7 @@ StateDirectory=conduwuit
|
|||
RuntimeDirectory=conduwuit
|
||||
RuntimeDirectoryMode=0750
|
||||
|
||||
Environment="CONTINUWUITY_CONFIG=/etc/conduwuit/conduwuit.toml"
|
||||
Environment="CONDUWUIT_CONFIG=/etc/conduwuit/conduwuit.toml"
|
||||
BindPaths=/var/lib/private/conduwuit:/var/lib/matrix-conduit
|
||||
BindPaths=/var/lib/private/conduwuit:/var/lib/private/matrix-conduit
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
### continuwuity Configuration
|
||||
### conduwuit Configuration
|
||||
###
|
||||
### THIS FILE IS GENERATED. CHANGES/CONTRIBUTIONS IN THE REPO WILL BE
|
||||
### OVERWRITTEN!
|
||||
|
@ -13,7 +13,7 @@
|
|||
### that say "YOU NEED TO EDIT THIS".
|
||||
###
|
||||
### For more information, see:
|
||||
### https://continuwuity.org/configuration.html
|
||||
### https://conduwuit.puppyirl.gay/configuration.html
|
||||
|
||||
[global]
|
||||
|
||||
|
@ -21,7 +21,7 @@
|
|||
# suffix for user and room IDs/aliases.
|
||||
#
|
||||
# See the docs for reverse proxying and delegation:
|
||||
# https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
# https://conduwuit.puppyirl.gay/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
#
|
||||
# Also see the `[global.well_known]` config section at the very bottom.
|
||||
#
|
||||
|
@ -32,11 +32,11 @@
|
|||
# YOU NEED TO EDIT THIS. THIS CANNOT BE CHANGED AFTER WITHOUT A DATABASE
|
||||
# WIPE.
|
||||
#
|
||||
# example: "continuwuity.org"
|
||||
# example: "conduwuit.woof"
|
||||
#
|
||||
#server_name =
|
||||
|
||||
# The default address (IPv4 or IPv6) continuwuity will listen on.
|
||||
# The default address (IPv4 or IPv6) conduwuit will listen on.
|
||||
#
|
||||
# If you are using Docker or a container NAT networking setup, this must
|
||||
# be "0.0.0.0".
|
||||
|
@ -46,10 +46,10 @@
|
|||
#
|
||||
#address = ["127.0.0.1", "::1"]
|
||||
|
||||
# The port(s) continuwuity will listen on.
|
||||
# The port(s) conduwuit will listen on.
|
||||
#
|
||||
# For reverse proxying, see:
|
||||
# https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
# https://conduwuit.puppyirl.gay/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
#
|
||||
# If you are using Docker, don't change this, you'll need to map an
|
||||
# external port to this.
|
||||
|
@ -58,17 +58,16 @@
|
|||
#
|
||||
#port = 8008
|
||||
|
||||
# The UNIX socket continuwuity will listen on.
|
||||
# The UNIX socket conduwuit will listen on.
|
||||
#
|
||||
# continuwuity cannot listen on both an IP address and a UNIX socket. If
|
||||
# conduwuit cannot listen on both an IP address and a UNIX socket. If
|
||||
# listening on a UNIX socket, you MUST remove/comment the `address` key.
|
||||
#
|
||||
# Remember to make sure that your reverse proxy has access to this socket
|
||||
# file, either by adding your reverse proxy to the appropriate user group
|
||||
# or granting world R/W permissions with `unix_socket_perms` (666
|
||||
# minimum).
|
||||
# file, either by adding your reverse proxy to the 'conduwuit' group or
|
||||
# granting world R/W permissions with `unix_socket_perms` (666 minimum).
|
||||
#
|
||||
# example: "/run/continuwuity/continuwuity.sock"
|
||||
# example: "/run/conduwuit/conduwuit.sock"
|
||||
#
|
||||
#unix_socket_path =
|
||||
|
||||
|
@ -76,23 +75,23 @@
|
|||
#
|
||||
#unix_socket_perms = 660
|
||||
|
||||
# This is the only directory where continuwuity will save its data,
|
||||
# including media. Note: this was previously "/var/lib/matrix-conduit".
|
||||
# This is the only directory where conduwuit will save its data, including
|
||||
# media. Note: this was previously "/var/lib/matrix-conduit".
|
||||
#
|
||||
# YOU NEED TO EDIT THIS.
|
||||
#
|
||||
# example: "/var/lib/continuwuity"
|
||||
# example: "/var/lib/conduwuit"
|
||||
#
|
||||
#database_path =
|
||||
|
||||
# continuwuity supports online database backups using RocksDB's Backup
|
||||
# engine API. To use this, set a database backup path that continuwuity
|
||||
# can write to.
|
||||
# conduwuit supports online database backups using RocksDB's Backup engine
|
||||
# API. To use this, set a database backup path that conduwuit can write
|
||||
# to.
|
||||
#
|
||||
# For more information, see:
|
||||
# https://continuwuity.org/maintenance.html#backups
|
||||
# https://conduwuit.puppyirl.gay/maintenance.html#backups
|
||||
#
|
||||
# example: "/opt/continuwuity-db-backups"
|
||||
# example: "/opt/conduwuit-db-backups"
|
||||
#
|
||||
#database_backup_path =
|
||||
|
||||
|
@ -113,14 +112,18 @@
|
|||
#
|
||||
#new_user_displayname_suffix = "🏳️⚧️"
|
||||
|
||||
# If enabled, continuwuity will send a simple GET request periodically to
|
||||
# `https://continuwuity.org/.well-known/continuwuity/announcements` for any new
|
||||
# announcements or major updates. This is not an update check endpoint.
|
||||
# If enabled, conduwuit will send a simple GET request periodically to
|
||||
# `https://pupbrain.dev/check-for-updates/stable` for any new
|
||||
# announcements made. Despite the name, this is not an update check
|
||||
# endpoint, it is simply an announcement check endpoint.
|
||||
#
|
||||
#allow_announcements_check = true
|
||||
# This is disabled by default as this is rarely used except for security
|
||||
# updates or major updates.
|
||||
#
|
||||
#allow_check_for_updates = false
|
||||
|
||||
# Set this to any float value to multiply continuwuity's in-memory LRU
|
||||
# caches with such as "auth_chain_cache_capacity".
|
||||
# Set this to any float value to multiply conduwuit's in-memory LRU caches
|
||||
# with such as "auth_chain_cache_capacity".
|
||||
#
|
||||
# May be useful if you have significant memory to spare to increase
|
||||
# performance.
|
||||
|
@ -132,7 +135,7 @@
|
|||
#
|
||||
#cache_capacity_modifier = 1.0
|
||||
|
||||
# Set this to any float value in megabytes for continuwuity to tell the
|
||||
# Set this to any float value in megabytes for conduwuit to tell the
|
||||
# database engine that this much memory is available for database read
|
||||
# caches.
|
||||
#
|
||||
|
@ -146,7 +149,7 @@
|
|||
#
|
||||
#db_cache_capacity_mb = varies by system
|
||||
|
||||
# Set this to any float value in megabytes for continuwuity to tell the
|
||||
# Set this to any float value in megabytes for conduwuit to tell the
|
||||
# database engine that this much memory is available for database write
|
||||
# caches.
|
||||
#
|
||||
|
@ -251,9 +254,9 @@
|
|||
# Enable using *only* TCP for querying your specified nameservers instead
|
||||
# of UDP.
|
||||
#
|
||||
# If you are running continuwuity in a container environment, this config
|
||||
# If you are running conduwuit in a container environment, this config
|
||||
# option may need to be enabled. For more details, see:
|
||||
# https://continuwuity.org/troubleshooting.html#potential-dns-issues-when-using-docker
|
||||
# https://conduwuit.puppyirl.gay/troubleshooting.html#potential-dns-issues-when-using-docker
|
||||
#
|
||||
#query_over_tcp_only = false
|
||||
|
||||
|
@ -419,9 +422,9 @@
|
|||
# tokens. Multiple tokens can be added if you separate them with
|
||||
# whitespace
|
||||
#
|
||||
# continuwuity must be able to access the file, and it must not be empty
|
||||
# conduwuit must be able to access the file, and it must not be empty
|
||||
#
|
||||
# example: "/etc/continuwuity/.reg_token"
|
||||
# example: "/etc/conduwuit/.reg_token"
|
||||
#
|
||||
#registration_token_file =
|
||||
|
||||
|
@ -513,16 +516,16 @@
|
|||
#allow_room_creation = true
|
||||
|
||||
# Set to false to disable users from joining or creating room versions
|
||||
# that aren't officially supported by continuwuity.
|
||||
# that aren't officially supported by conduwuit.
|
||||
#
|
||||
# continuwuity officially supports room versions 6 - 11.
|
||||
# conduwuit officially supports room versions 6 - 11.
|
||||
#
|
||||
# continuwuity has slightly experimental (though works fine in practice)
|
||||
# conduwuit has slightly experimental (though works fine in practice)
|
||||
# support for versions 3 - 5.
|
||||
#
|
||||
#allow_unstable_room_versions = true
|
||||
|
||||
# Default room version continuwuity will create rooms with.
|
||||
# Default room version conduwuit will create rooms with.
|
||||
#
|
||||
# Per spec, room version 11 is the default.
|
||||
#
|
||||
|
@ -588,7 +591,7 @@
|
|||
# Servers listed here will be used to gather public keys of other servers
|
||||
# (notary trusted key servers).
|
||||
#
|
||||
# Currently, continuwuity doesn't support inbound batched key requests, so
|
||||
# Currently, conduwuit doesn't support inbound batched key requests, so
|
||||
# this list should only contain other Synapse servers.
|
||||
#
|
||||
# example: ["matrix.org", "tchncs.de"]
|
||||
|
@ -629,7 +632,7 @@
|
|||
#
|
||||
#trusted_server_batch_size = 1024
|
||||
|
||||
# Max log level for continuwuity. Allows debug, info, warn, or error.
|
||||
# Max log level for conduwuit. Allows debug, info, warn, or error.
|
||||
#
|
||||
# See also:
|
||||
# https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives
|
||||
|
@ -650,9 +653,8 @@
|
|||
#
|
||||
#log_span_events = "none"
|
||||
|
||||
# Configures whether CONTINUWUITY_LOG EnvFilter matches values using
|
||||
# regular expressions. See the tracing_subscriber documentation on
|
||||
# Directives.
|
||||
# Configures whether CONDUWUIT_LOG EnvFilter matches values using regular
|
||||
# expressions. See the tracing_subscriber documentation on Directives.
|
||||
#
|
||||
#log_filter_regex = true
|
||||
|
||||
|
@ -720,7 +722,7 @@
|
|||
# This takes priority over "turn_secret" first, and falls back to
|
||||
# "turn_secret" if invalid or failed to open.
|
||||
#
|
||||
# example: "/etc/continuwuity/.turn_secret"
|
||||
# example: "/etc/conduwuit/.turn_secret"
|
||||
#
|
||||
#turn_secret_file =
|
||||
|
||||
|
@ -728,12 +730,12 @@
|
|||
#
|
||||
#turn_ttl = 86400
|
||||
|
||||
# List/vector of room IDs or room aliases that continuwuity will make
|
||||
# newly registered users join. The rooms specified must be rooms that you
|
||||
# have joined at least once on the server, and must be public.
|
||||
# List/vector of room IDs or room aliases that conduwuit will make newly
|
||||
# registered users join. The rooms specified must be rooms that you have
|
||||
# joined at least once on the server, and must be public.
|
||||
#
|
||||
# example: ["#continuwuity:continuwuity.org",
|
||||
# "!main-1:continuwuity.org"]
|
||||
# example: ["#conduwuit:puppygock.gay",
|
||||
# "!eoIzvAvVwY23LPDay8:puppygock.gay"]
|
||||
#
|
||||
#auto_join_rooms = []
|
||||
|
||||
|
@ -756,10 +758,10 @@
|
|||
#
|
||||
#auto_deactivate_banned_room_attempts = false
|
||||
|
||||
# RocksDB log level. This is not the same as continuwuity's log level.
|
||||
# This is the log level for the RocksDB engine/library which show up in
|
||||
# your database folder/path as `LOG` files. continuwuity will log RocksDB
|
||||
# errors as normal through tracing or panics if severe for safety.
|
||||
# RocksDB log level. This is not the same as conduwuit's log level. This
|
||||
# is the log level for the RocksDB engine/library which show up in your
|
||||
# database folder/path as `LOG` files. conduwuit will log RocksDB errors
|
||||
# as normal through tracing or panics if severe for safety.
|
||||
#
|
||||
#rocksdb_log_level = "error"
|
||||
|
||||
|
@ -779,7 +781,7 @@
|
|||
# Set this to true to use RocksDB config options that are tailored to HDDs
|
||||
# (slower device storage).
|
||||
#
|
||||
# It is worth noting that by default, continuwuity will use RocksDB with
|
||||
# It is worth noting that by default, conduwuit will use RocksDB with
|
||||
# Direct IO enabled. *Generally* speaking this improves performance as it
|
||||
# bypasses buffered I/O (system page cache). However there is a potential
|
||||
# chance that Direct IO may cause issues with database operations if your
|
||||
|
@ -787,7 +789,7 @@
|
|||
# possibly ZFS filesystem. RocksDB generally deals/corrects these issues
|
||||
# but it cannot account for all setups. If you experience any weird
|
||||
# RocksDB issues, try enabling this option as it turns off Direct IO and
|
||||
# feel free to report in the continuwuity Matrix room if this option fixes
|
||||
# feel free to report in the conduwuit Matrix room if this option fixes
|
||||
# your DB issues.
|
||||
#
|
||||
# For more information, see:
|
||||
|
@ -842,7 +844,7 @@
|
|||
# as they all differ. See their `kDefaultCompressionLevel`.
|
||||
#
|
||||
# Note when using the default value we may override it with a setting
|
||||
# tailored specifically for continuwuity.
|
||||
# tailored specifically conduwuit.
|
||||
#
|
||||
#rocksdb_compression_level = 32767
|
||||
|
||||
|
@ -858,7 +860,7 @@
|
|||
# algorithm.
|
||||
#
|
||||
# Note when using the default value we may override it with a setting
|
||||
# tailored specifically for continuwuity.
|
||||
# tailored specifically conduwuit.
|
||||
#
|
||||
#rocksdb_bottommost_compression_level = 32767
|
||||
|
||||
|
@ -898,13 +900,13 @@
|
|||
# 0 = AbsoluteConsistency
|
||||
# 1 = TolerateCorruptedTailRecords (default)
|
||||
# 2 = PointInTime (use me if trying to recover)
|
||||
# 3 = SkipAnyCorruptedRecord (you now voided your Continuwuity warranty)
|
||||
# 3 = SkipAnyCorruptedRecord (you now voided your Conduwuit warranty)
|
||||
#
|
||||
# For more information on these modes, see:
|
||||
# https://github.com/facebook/rocksdb/wiki/WAL-Recovery-Modes
|
||||
#
|
||||
# For more details on recovering a corrupt database, see:
|
||||
# https://continuwuity.org/troubleshooting.html#database-corruption
|
||||
# https://conduwuit.puppyirl.gay/troubleshooting.html#database-corruption
|
||||
#
|
||||
#rocksdb_recovery_mode = 1
|
||||
|
||||
|
@ -944,7 +946,7 @@
|
|||
# - Disabling repair mode and restarting the server is recommended after
|
||||
# running the repair.
|
||||
#
|
||||
# See https://continuwuity.org/troubleshooting.html#database-corruption for more details on recovering a corrupt database.
|
||||
# See https://conduwuit.puppyirl.gay/troubleshooting.html#database-corruption for more details on recovering a corrupt database.
|
||||
#
|
||||
#rocksdb_repair = false
|
||||
|
||||
|
@ -968,10 +970,10 @@
|
|||
#
|
||||
#rocksdb_compaction_ioprio_idle = true
|
||||
|
||||
# Enables RocksDB compaction. You should never ever have to set this
|
||||
# option to false. If you for some reason find yourself needing to use
|
||||
# this option as part of troubleshooting or a bug, please reach out to us
|
||||
# in the continuwuity Matrix room with information and details.
|
||||
# Disables RocksDB compaction. You should never ever have to set this
|
||||
# option to true. If you for some reason find yourself needing to use this
|
||||
# option as part of troubleshooting or a bug, please reach out to us in
|
||||
# the conduwuit Matrix room with information and details.
|
||||
#
|
||||
# Disabling compaction will lead to a significantly bloated and
|
||||
# explosively large database, gradually poor performance, unnecessarily
|
||||
|
@ -997,7 +999,7 @@
|
|||
# purposes such as recovering/recreating your admin room, or inviting
|
||||
# yourself back.
|
||||
#
|
||||
# See https://continuwuity.org/troubleshooting.html#lost-access-to-admin-room for other ways to get back into your admin room.
|
||||
# See https://conduwuit.puppyirl.gay/troubleshooting.html#lost-access-to-admin-room for other ways to get back into your admin room.
|
||||
#
|
||||
# Once this password is unset, all sessions will be logged out for
|
||||
# security purposes.
|
||||
|
@ -1012,8 +1014,8 @@
|
|||
|
||||
# Allow local (your server only) presence updates/requests.
|
||||
#
|
||||
# Note that presence on continuwuity is very fast unlike Synapse's. If
|
||||
# using outgoing presence, this MUST be enabled.
|
||||
# Note that presence on conduwuit is very fast unlike Synapse's. If using
|
||||
# outgoing presence, this MUST be enabled.
|
||||
#
|
||||
#allow_local_presence = true
|
||||
|
||||
|
@ -1021,7 +1023,7 @@
|
|||
#
|
||||
# This option receives presence updates from other servers, but does not
|
||||
# send any unless `allow_outgoing_presence` is true. Note that presence on
|
||||
# continuwuity is very fast unlike Synapse's.
|
||||
# conduwuit is very fast unlike Synapse's.
|
||||
#
|
||||
#allow_incoming_presence = true
|
||||
|
||||
|
@ -1029,8 +1031,8 @@
|
|||
#
|
||||
# This option sends presence updates to other servers, but does not
|
||||
# receive any unless `allow_incoming_presence` is true. Note that presence
|
||||
# on continuwuity is very fast unlike Synapse's. If using outgoing
|
||||
# presence, you MUST enable `allow_local_presence` as well.
|
||||
# on conduwuit is very fast unlike Synapse's. If using outgoing presence,
|
||||
# you MUST enable `allow_local_presence` as well.
|
||||
#
|
||||
#allow_outgoing_presence = true
|
||||
|
||||
|
@ -1083,8 +1085,8 @@
|
|||
#
|
||||
#typing_client_timeout_max_s = 45
|
||||
|
||||
# Set this to true for continuwuity to compress HTTP response bodies using
|
||||
# zstd. This option does nothing if continuwuity was not built with
|
||||
# Set this to true for conduwuit to compress HTTP response bodies using
|
||||
# zstd. This option does nothing if conduwuit was not built with
|
||||
# `zstd_compression` feature. Please be aware that enabling HTTP
|
||||
# compression may weaken TLS. Most users should not need to enable this.
|
||||
# See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH
|
||||
|
@ -1092,8 +1094,8 @@
|
|||
#
|
||||
#zstd_compression = false
|
||||
|
||||
# Set this to true for continuwuity to compress HTTP response bodies using
|
||||
# gzip. This option does nothing if continuwuity was not built with
|
||||
# Set this to true for conduwuit to compress HTTP response bodies using
|
||||
# gzip. This option does nothing if conduwuit was not built with
|
||||
# `gzip_compression` feature. Please be aware that enabling HTTP
|
||||
# compression may weaken TLS. Most users should not need to enable this.
|
||||
# See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH before
|
||||
|
@ -1104,8 +1106,8 @@
|
|||
#
|
||||
#gzip_compression = false
|
||||
|
||||
# Set this to true for continuwuity to compress HTTP response bodies using
|
||||
# brotli. This option does nothing if continuwuity was not built with
|
||||
# Set this to true for conduwuit to compress HTTP response bodies using
|
||||
# brotli. This option does nothing if conduwuit was not built with
|
||||
# `brotli_compression` feature. Please be aware that enabling HTTP
|
||||
# compression may weaken TLS. Most users should not need to enable this.
|
||||
# See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH
|
||||
|
@ -1167,7 +1169,7 @@
|
|||
# Otherwise setting this to false reduces filesystem clutter and overhead
|
||||
# for managing these symlinks in the directory. This is now disabled by
|
||||
# default. You may still return to upstream Conduit but you have to run
|
||||
# continuwuity at least once with this set to true and allow the
|
||||
# conduwuit at least once with this set to true and allow the
|
||||
# media_startup_check to take place before shutting down to return to
|
||||
# Conduit.
|
||||
#
|
||||
|
@ -1184,40 +1186,26 @@
|
|||
#
|
||||
#prune_missing_media = false
|
||||
|
||||
# Vector list of regex patterns of server names that conduwuit will refuse
|
||||
# to download remote media from.
|
||||
#
|
||||
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
#
|
||||
#prevent_media_downloads_from = []
|
||||
|
||||
# List of forbidden server names via regex patterns that we will block
|
||||
# incoming AND outgoing federation with, and block client room joins /
|
||||
# remote user invites.
|
||||
#
|
||||
# Note that your messages can still make it to forbidden servers through
|
||||
# backfilling. Events we receive from forbidden servers via backfill
|
||||
# from servers we *do* federate with will be stored in the database.
|
||||
#
|
||||
# This check is applied on the room ID, room alias, sender server name,
|
||||
# sender user's server name, inbound federation X-Matrix origin, and
|
||||
# outbound federation handler.
|
||||
#
|
||||
# You can set this to ["*"] to block all servers by default, and then
|
||||
# use `allowed_remote_server_names` to allow only specific servers.
|
||||
#
|
||||
# example: ["badserver\\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
#
|
||||
#forbidden_remote_server_names = []
|
||||
|
||||
# List of allowed server names via regex patterns that we will allow,
|
||||
# regardless of if they match `forbidden_remote_server_names`.
|
||||
#
|
||||
# This option has no effect if `forbidden_remote_server_names` is empty.
|
||||
#
|
||||
# example: ["goodserver\\.tld$", "goodphrase"]
|
||||
#
|
||||
#allowed_remote_server_names = []
|
||||
|
||||
# Vector list of regex patterns of server names that continuwuity will
|
||||
# refuse to download remote media from.
|
||||
# Basically "global" ACLs.
|
||||
#
|
||||
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
#
|
||||
#prevent_media_downloads_from = []
|
||||
#forbidden_remote_server_names = []
|
||||
|
||||
# List of forbidden server names via regex patterns that we will block all
|
||||
# outgoing federated room directory requests for. Useful for preventing
|
||||
|
@ -1227,31 +1215,8 @@
|
|||
#
|
||||
#forbidden_remote_room_directory_server_names = []
|
||||
|
||||
# Vector list of regex patterns of server names that continuwuity will not
|
||||
# send messages to the client from.
|
||||
#
|
||||
# Note that there is no way for clients to receive messages once a server
|
||||
# has become unignored without doing a full sync. This is a protocol
|
||||
# limitation with the current sync protocols. This means this is somewhat
|
||||
# of a nuclear option.
|
||||
#
|
||||
# example: ["reallybadserver\.tld$", "reallybadphrase",
|
||||
# "69dollarfortnitecards"]
|
||||
#
|
||||
#ignore_messages_from_server_names = []
|
||||
|
||||
# Send messages from users that the user has ignored to the client.
|
||||
#
|
||||
# There is no way for clients to receive messages sent while a user was
|
||||
# ignored without doing a full sync. This is a protocol limitation with
|
||||
# the current sync protocols. Disabling this option will move
|
||||
# responsibility of ignoring messages to the client, which can avoid this
|
||||
# limitation.
|
||||
#
|
||||
#send_messages_from_ignored_users_to_client = false
|
||||
|
||||
# Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
||||
# do not want continuwuity to send outbound requests to. Defaults to
|
||||
# do not want conduwuit to send outbound requests to. Defaults to
|
||||
# RFC1918, unroutable, loopback, multicast, and testnet addresses for
|
||||
# security.
|
||||
#
|
||||
|
@ -1401,26 +1366,26 @@
|
|||
|
||||
# Allow admins to enter commands in rooms other than "#admins" (admin
|
||||
# room) by prefixing your message with "\!admin" or "\\!admin" followed up
|
||||
# a normal continuwuity admin command. The reply will be publicly visible
|
||||
# to the room, originating from the sender.
|
||||
# a normal conduwuit admin command. The reply will be publicly visible to
|
||||
# the room, originating from the sender.
|
||||
#
|
||||
# example: \\!admin debug ping puppygock.gay
|
||||
#
|
||||
#admin_escape_commands = true
|
||||
|
||||
# Automatically activate the continuwuity admin room console / CLI on
|
||||
# startup. This option can also be enabled with `--console` continuwuity
|
||||
# Automatically activate the conduwuit admin room console / CLI on
|
||||
# startup. This option can also be enabled with `--console` conduwuit
|
||||
# argument.
|
||||
#
|
||||
#admin_console_automatic = false
|
||||
|
||||
# List of admin commands to execute on startup.
|
||||
#
|
||||
# This option can also be configured with the `--execute` continuwuity
|
||||
# This option can also be configured with the `--execute` conduwuit
|
||||
# argument and can take standard shell commands and environment variables
|
||||
#
|
||||
# For example: `./continuwuity --execute "server admin-notice continuwuity
|
||||
# has started up at $(date)"`
|
||||
# For example: `./conduwuit --execute "server admin-notice conduwuit has
|
||||
# started up at $(date)"`
|
||||
#
|
||||
# example: admin_execute = ["debug ping puppygock.gay", "debug echo hi"]`
|
||||
#
|
||||
|
@ -1428,7 +1393,7 @@
|
|||
|
||||
# Ignore errors in startup commands.
|
||||
#
|
||||
# If false, continuwuity will error and fail to start if an admin execute
|
||||
# If false, conduwuit will error and fail to start if an admin execute
|
||||
# command (`--execute` / `admin_execute`) fails.
|
||||
#
|
||||
#admin_execute_errors_ignore = false
|
||||
|
@ -1449,14 +1414,15 @@
|
|||
# The default room tag to apply on the admin room.
|
||||
#
|
||||
# On some clients like Element, the room tag "m.server_notice" is a
|
||||
# special pinned room at the very bottom of your room list. The
|
||||
# continuwuity admin room can be pinned here so you always have an
|
||||
# easy-to-access shortcut dedicated to your admin room.
|
||||
# special pinned room at the very bottom of your room list. The conduwuit
|
||||
# admin room can be pinned here so you always have an easy-to-access
|
||||
# shortcut dedicated to your admin room.
|
||||
#
|
||||
#admin_room_tag = "m.server_notice"
|
||||
|
||||
# Sentry.io crash/panic reporting, performance monitoring/metrics, etc.
|
||||
# This is NOT enabled by default.
|
||||
# This is NOT enabled by default. conduwuit's default Sentry reporting
|
||||
# endpoint domain is `o4506996327251968.ingest.us.sentry.io`.
|
||||
#
|
||||
#sentry = false
|
||||
|
||||
|
@ -1464,7 +1430,7 @@
|
|||
#
|
||||
#sentry_endpoint = ""
|
||||
|
||||
# Report your continuwuity server_name in Sentry.io crash reports and
|
||||
# Report your conduwuit server_name in Sentry.io crash reports and
|
||||
# metrics.
|
||||
#
|
||||
#sentry_send_server_name = false
|
||||
|
@ -1501,7 +1467,7 @@
|
|||
# Enable the tokio-console. This option is only relevant to developers.
|
||||
#
|
||||
# For more information, see:
|
||||
# https://continuwuity.org/development.html#debugging-with-tokio-console
|
||||
# https://conduwuit.puppyirl.gay/development.html#debugging-with-tokio-console
|
||||
#
|
||||
#tokio_console = false
|
||||
|
||||
|
@ -1641,29 +1607,19 @@
|
|||
#
|
||||
#server =
|
||||
|
||||
# URL to a support page for the server, which will be served as part of
|
||||
# the MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||
# Will be included alongside any contact information
|
||||
# This item is undocumented. Please contribute documentation for it.
|
||||
#
|
||||
#support_page =
|
||||
|
||||
# Role string for server support contacts, to be served as part of the
|
||||
# MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||
# This item is undocumented. Please contribute documentation for it.
|
||||
#
|
||||
#support_role = "m.role.admin"
|
||||
#support_role =
|
||||
|
||||
# Email address for server support contacts, to be served as part of the
|
||||
# MSC1929 server support endpoint.
|
||||
# This will be used along with support_mxid if specified.
|
||||
# This item is undocumented. Please contribute documentation for it.
|
||||
#
|
||||
#support_email =
|
||||
|
||||
# Matrix ID for server support contacts, to be served as part of the
|
||||
# MSC1929 server support endpoint.
|
||||
# This will be used along with support_email if specified.
|
||||
#
|
||||
# If no email or mxid is specified, all of the server's admins will be
|
||||
# listed.
|
||||
# This item is undocumented. Please contribute documentation for it.
|
||||
#
|
||||
#support_mxid =
|
||||
|
||||
|
|
4
debian/README.md
vendored
4
debian/README.md
vendored
|
@ -1,4 +1,4 @@
|
|||
# Continuwuity for Debian
|
||||
# conduwuit for Debian
|
||||
|
||||
Information about downloading and deploying the Debian package. This may also be
|
||||
referenced for other `apt`-based distros such as Ubuntu.
|
||||
|
@ -22,7 +22,7 @@ options in `/etc/conduwuit/conduwuit.toml`.
|
|||
|
||||
### Running
|
||||
|
||||
The package uses the [`conduwuit.service`](../configuration/examples.md#example-systemd-unit-file) systemd unit file to start and stop Continuwuity. The binary is installed at `/usr/sbin/conduwuit`.
|
||||
The package uses the [`conduwuit.service`](../configuration/examples.md#example-systemd-unit-file) systemd unit file to start and stop conduwuit. The binary is installed at `/usr/sbin/conduwuit`.
|
||||
|
||||
This package assumes by default that conduwuit will be placed behind a reverse proxy. The default config options apply (listening on `localhost` and TCP port `6167`). Matrix federation requires a valid domain name and TLS, so you will need to set up TLS certificates and renewal for it to work properly if you intend to federate.
|
||||
|
||||
|
|
7
debian/conduwuit.service
vendored
7
debian/conduwuit.service
vendored
|
@ -1,10 +1,9 @@
|
|||
[Unit]
|
||||
|
||||
Description=Continuwuity - Matrix homeserver
|
||||
Description=conduwuit Matrix homeserver
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
Documentation=https://continuwuity.org/
|
||||
Alias=matrix-conduwuit.service
|
||||
Documentation=https://conduwuit.puppyirl.gay/
|
||||
|
||||
[Service]
|
||||
DynamicUser=yes
|
||||
|
@ -12,7 +11,7 @@ User=conduwuit
|
|||
Group=conduwuit
|
||||
Type=notify
|
||||
|
||||
Environment="CONTINUWUITY_CONFIG=/etc/conduwuit/conduwuit.toml"
|
||||
Environment="CONDUWUIT_CONFIG=/etc/conduwuit/conduwuit.toml"
|
||||
|
||||
ExecStart=/usr/sbin/conduwuit
|
||||
|
||||
|
|
|
@ -18,14 +18,13 @@ ARG LLVM_VERSION=19
|
|||
# Line three: for xx-verify
|
||||
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
||||
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
||||
apt-get update && apt-get install -y \
|
||||
apt-get update && apt-get install -y \
|
||||
clang-${LLVM_VERSION} lld-${LLVM_VERSION} pkg-config make jq \
|
||||
curl git \
|
||||
file
|
||||
|
||||
# Create symlinks for LLVM tools
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
# clang
|
||||
ln -s /usr/bin/clang-${LLVM_VERSION} /usr/bin/clang
|
||||
ln -s "/usr/bin/clang++-${LLVM_VERSION}" "/usr/bin/clang++"
|
||||
|
@ -47,7 +46,6 @@ ENV LDDTREE_VERSION=0.3.7
|
|||
|
||||
# Install unpackaged tools
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
curl --retry 5 -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
|
||||
cargo binstall --no-confirm cargo-sbom --version $CARGO_SBOM_VERSION
|
||||
cargo binstall --no-confirm lddtree --version $LDDTREE_VERSION
|
||||
|
@ -61,7 +59,7 @@ ARG TARGETPLATFORM
|
|||
# xx-* are xx-specific meta-packages
|
||||
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
||||
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
||||
xx-apt-get install -y \
|
||||
xx-apt-get install -y \
|
||||
xx-c-essentials xx-cxx-essentials pkg-config \
|
||||
liburing-dev
|
||||
|
||||
|
@ -77,7 +75,6 @@ RUN echo "CARGO_INCREMENTAL=0" >> /etc/environment
|
|||
|
||||
# Configure pkg-config
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
echo "PKG_CONFIG_LIBDIR=/usr/lib/$(xx-info)/pkgconfig" >> /etc/environment
|
||||
echo "PKG_CONFIG=/usr/bin/$(xx-info)-pkg-config" >> /etc/environment
|
||||
echo "PKG_CONFIG_ALLOW_CROSS=true" >> /etc/environment
|
||||
|
@ -85,14 +82,12 @@ EOF
|
|||
|
||||
# Configure cc to use clang version
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
echo "CC=clang" >> /etc/environment
|
||||
echo "CXX=clang++" >> /etc/environment
|
||||
EOF
|
||||
|
||||
# Cross-language LTO
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
echo "CFLAGS=-flto" >> /etc/environment
|
||||
echo "CXXFLAGS=-flto" >> /etc/environment
|
||||
# Linker is set to target-compatible clang by xx
|
||||
|
@ -103,7 +98,6 @@ EOF
|
|||
ARG TARGET_CPU=
|
||||
RUN <<EOF
|
||||
set -o allexport
|
||||
set -o xtrace
|
||||
. /etc/environment
|
||||
if [ -n "${TARGET_CPU}" ]; then
|
||||
echo "CFLAGS='${CFLAGS} -march=${TARGET_CPU}'" >> /etc/environment
|
||||
|
@ -117,37 +111,31 @@ RUN mkdir /out
|
|||
|
||||
FROM toolchain AS builder
|
||||
|
||||
|
||||
# Get source
|
||||
COPY . .
|
||||
# Conduwuit version info
|
||||
ARG COMMIT_SHA=
|
||||
ARG CONDUWUIT_VERSION_EXTRA=
|
||||
ENV CONDUWUIT_VERSION_EXTRA=$CONDUWUIT_VERSION_EXTRA
|
||||
RUN <<EOF
|
||||
if [ -z "${CONDUWUIT_VERSION_EXTRA}" ]; then
|
||||
echo "CONDUWUIT_VERSION_EXTRA='$(set -e; git rev-parse --short ${COMMIT_SHA:-HEAD} || echo unknown revision)'" >> /etc/environment
|
||||
fi
|
||||
EOF
|
||||
|
||||
ARG TARGETPLATFORM
|
||||
|
||||
# Verify environment configuration
|
||||
RUN cat /etc/environment
|
||||
RUN xx-cargo --print-target-triple
|
||||
|
||||
# Conduwuit version info
|
||||
ARG GIT_COMMIT_HASH=
|
||||
ARG GIT_COMMIT_HASH_SHORT=
|
||||
ARG GIT_REMOTE_URL=
|
||||
ARG GIT_REMOTE_COMMIT_URL=
|
||||
ARG CONDUWUIT_VERSION_EXTRA=
|
||||
ARG CONTINUWUITY_VERSION_EXTRA=
|
||||
ENV GIT_COMMIT_HASH=$GIT_COMMIT_HASH
|
||||
ENV GIT_COMMIT_HASH_SHORT=$GIT_COMMIT_HASH_SHORT
|
||||
ENV GIT_REMOTE_URL=$GIT_REMOTE_URL
|
||||
ENV GIT_REMOTE_COMMIT_URL=$GIT_REMOTE_COMMIT_URL
|
||||
ENV CONDUWUIT_VERSION_EXTRA=$CONDUWUIT_VERSION_EXTRA
|
||||
ENV CONTINUWUITY_VERSION_EXTRA=$CONTINUWUITY_VERSION_EXTRA
|
||||
|
||||
# Get source
|
||||
COPY . .
|
||||
|
||||
# Build the binary
|
||||
RUN --mount=type=cache,target=/usr/local/cargo/registry \
|
||||
--mount=type=cache,target=/usr/local/cargo/git/db \
|
||||
--mount=type=cache,target=/app/target,id=cargo-target-${TARGETPLATFORM} \
|
||||
--mount=type=cache,target=/app/target \
|
||||
bash <<'EOF'
|
||||
set -o allexport
|
||||
set -o xtrace
|
||||
. /etc/environment
|
||||
TARGET_DIR=($(cargo metadata --no-deps --format-version 1 | \
|
||||
jq -r ".target_directory"))
|
||||
|
@ -168,7 +156,6 @@ EOF
|
|||
RUN --mount=type=cache,target=/usr/local/cargo/registry \
|
||||
--mount=type=cache,target=/usr/local/cargo/git/db \
|
||||
bash <<'EOF'
|
||||
set -o xtrace
|
||||
mkdir /out/sbom
|
||||
typeset -A PACKAGES
|
||||
for BINARY in /out/sbin/*; do
|
||||
|
@ -187,7 +174,6 @@ EOF
|
|||
|
||||
# Extract dynamically linked dependencies
|
||||
RUN <<EOF
|
||||
set -o xtrace
|
||||
mkdir /out/libs
|
||||
mkdir /out/libs-root
|
||||
for BINARY in /out/sbin/*; do
|
||||
|
|
|
@ -19,5 +19,4 @@
|
|||
- [Contributing](contributing.md)
|
||||
- [Testing](development/testing.md)
|
||||
- [Hot Reloading ("Live" Development)](development/hot_reload.md)
|
||||
- [Community (and Guidelines)](community.md)
|
||||
- [Security](security.md)
|
||||
- [conduwuit Community Code of Conduct](conduwuit_coc.md)
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
## Getting help
|
||||
|
||||
If you run into any problems while setting up an Appservice: ask us in
|
||||
[#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org) or
|
||||
[open an issue on Forgejo](https://forgejo.ellis.link/continuwuation/continuwuity/issues/new).
|
||||
[#conduwuit:puppygock.gay](https://matrix.to/#/#conduwuit:puppygock.gay) or
|
||||
[open an issue on GitHub](https://github.com/girlbossceo/conduwuit/issues/new).
|
||||
|
||||
## Set up the appservice - general instructions
|
||||
|
||||
|
@ -14,7 +14,7 @@ later starting it.
|
|||
|
||||
At some point the appservice guide should ask you to add a registration yaml
|
||||
file to the homeserver. In Synapse you would do this by adding the path to the
|
||||
homeserver.yaml, but in Continuwuity you can do this from within Matrix:
|
||||
homeserver.yaml, but in conduwuit you can do this from within Matrix:
|
||||
|
||||
First, go into the `#admins` room of your homeserver. The first person that
|
||||
registered on the homeserver automatically joins it. Then send a message into
|
||||
|
@ -37,9 +37,9 @@ You can confirm it worked by sending a message like this:
|
|||
|
||||
The server bot should answer with `Appservices (1): your-bridge`
|
||||
|
||||
Then you are done. Continuwuity will send messages to the appservices and the
|
||||
Then you are done. conduwuit will send messages to the appservices and the
|
||||
appservice can send requests to the homeserver. You don't need to restart
|
||||
Continuwuity, but if it doesn't work, restarting while the appservice is running
|
||||
conduwuit, but if it doesn't work, restarting while the appservice is running
|
||||
could help.
|
||||
|
||||
## Appservice-specific instructions
|
||||
|
|
|
@ -1,139 +0,0 @@
|
|||
# Continuwuity Community Guidelines
|
||||
|
||||
Welcome to the Continuwuity commuwunity! We're excited to have you here. Continuwuity is a
|
||||
continuation of the conduwuit homeserver, which in turn is a hard-fork of the Conduit homeserver,
|
||||
aimed at making Matrix more accessible and inclusive for everyone.
|
||||
|
||||
This space is dedicated to fostering a positive, supportive, and welcoming environment for everyone.
|
||||
These guidelines apply to all Continuwuity spaces, including our Matrix rooms and any other
|
||||
community channels that reference them. We've written these guidelines to help us all create an
|
||||
environment where everyone feels safe and respected.
|
||||
|
||||
For code and contribution guidelines, please refer to the
|
||||
[Contributor's Covenant](https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CODE_OF_CONDUCT.md).
|
||||
Below are additional guidelines specific to the Continuwuity community.
|
||||
|
||||
## Our Values and Expected Behaviors
|
||||
|
||||
We strive to create a community based on mutual respect, collaboration, and inclusivity. We expect
|
||||
all members to:
|
||||
|
||||
1. **Be Respectful and Inclusive**: Treat everyone with respect. We're committed to a community
|
||||
where everyone feels safe, regardless of background, identity, or experience. Discrimination,
|
||||
harassment, or hate speech won't be tolerated. Remember that each person experiences the world
|
||||
differently; share your own perspective and be open to learning about others'.
|
||||
|
||||
2. **Be Positive and Constructive**: Engage in discussions constructively and support each other.
|
||||
If you feel angry or frustrated, take a break before participating. Approach disagreements with
|
||||
the goal of understanding, not winning. Focus on the issue, not the person.
|
||||
|
||||
3. **Communicate Clearly and Kindly**: Our community includes neurodivergent individuals and those
|
||||
who may not appreciate sarcasm or subtlety. Communicate clearly and kindly. Avoid ambiguity and
|
||||
ensure your messages can be easily understood by all. Avoid placing the burden of education on
|
||||
marginalized groups; please make an effort to look into your questions before asking others for
|
||||
detailed explanations.
|
||||
|
||||
4. **Be Open to Improving Inclusivity**: Actively participate in making our community more inclusive.
|
||||
Report behaviour that contradicts these guidelines (see Reporting and Enforcement below) and be
|
||||
open to constructive feedback aimed at improving our community. Understand that discussing
|
||||
negative experiences can be emotionally taxing; focus on the message, not the tone.
|
||||
|
||||
5. **Commit to Our Values**: Building an inclusive community requires ongoing effort from everyone.
|
||||
Recognise that addressing bias and discrimination is a continuous process that needs commitment
|
||||
and action from all members.
|
||||
|
||||
## Unacceptable Behaviors
|
||||
|
||||
To ensure everyone feels safe and welcome, the following behaviors are considered unacceptable
|
||||
within the Continuwuity community:
|
||||
|
||||
* **Harassment and Discrimination**: Avoid offensive comments related to background, family status,
|
||||
gender, gender identity or expression, marital status, sex, sexual orientation, native language,
|
||||
age, ability, race and/or ethnicity, caste, national origin, socioeconomic status, religion,
|
||||
geographic location, or any other dimension of diversity. Don't deliberately misgender someone or
|
||||
question the legitimacy of their gender identity.
|
||||
|
||||
* **Violence and Threats**: Do not engage in any form of violence or threats, including inciting
|
||||
violence towards anyone or encouraging self-harm. Posting or threatening to post someone else's
|
||||
personally identifying information ("doxxing") is also forbidden.
|
||||
|
||||
* **Personal Attacks**: Disagreements happen, but they should never turn into personal attacks.
|
||||
Don't insult, demean, or belittle others.
|
||||
|
||||
* **Unwelcome Attention or Contact**: Avoid unwelcome sexual attention, inappropriate physical
|
||||
contact (or simulation thereof), sexualized comments, jokes, or imagery.
|
||||
|
||||
* **Disruption**: Do not engage in sustained disruption of discussions, events, or other
|
||||
community activities.
|
||||
|
||||
* **Bad Faith Actions**: Do not intentionally make false reports or otherwise abuse the reporting
|
||||
process.
|
||||
|
||||
This is not an exhaustive list. Any behaviour that makes others feel unsafe or unwelcome may be
|
||||
subject to enforcement action.
|
||||
|
||||
## Matrix Community
|
||||
|
||||
These Community Guidelines apply to the entire
|
||||
[Continuwuity Matrix Space](https://matrix.to/#/#space:continuwuity.org) and its rooms, including:
|
||||
|
||||
### [#continuwuity:continuwuity.org](https://matrix.to/#/#continuwuity:continuwuity.org)
|
||||
|
||||
This room is for support and discussions about Continuwuity. Ask questions, share insights, and help
|
||||
each other out while adhering to these guidelines.
|
||||
|
||||
We ask that this room remain focused on the Continuwuity software specifically: the team are
|
||||
typically happy to engage in conversations about related subjects in the off-topic room.
|
||||
|
||||
### [#offtopic:continuwuity.org](https://matrix.to/#/#offtopic:continuwuity.org)
|
||||
|
||||
For off-topic community conversations about any subject. While this room allows for a wide range of
|
||||
topics, the same guidelines apply. Please keep discussions respectful and inclusive, and avoid
|
||||
divisive or stressful subjects like specific country/world politics unless handled with exceptional
|
||||
care and respect for diverse viewpoints.
|
||||
|
||||
General topics, such as world events, are welcome as long as they follow the guidelines. If a member
|
||||
of the team asks for the conversation to end, please respect their decision.
|
||||
|
||||
### [#dev:continuwuity.org](https://matrix.to/#/#dev:continuwuity.org)
|
||||
|
||||
This room is dedicated to discussing active development of Continuwuity, including ongoing issues or
|
||||
code development. Collaboration here must follow these guidelines, and please consider raising
|
||||
[an issue](https://forgejo.ellis.link/continuwuation/continuwuity/issues) on the repository to help
|
||||
track progress.
|
||||
|
||||
## Reporting and Enforcement
|
||||
|
||||
We take these Community Guidelines seriously to protect our community members. If you witness or
|
||||
experience unacceptable behaviour, or have any other concerns, please report it.
|
||||
|
||||
**How to Report:**
|
||||
|
||||
* **Alert Moderators in the Room:** If you feel comfortable doing so, you can address the issue
|
||||
publicly in the relevant room by mentioning the moderation bot, `@rock:continuwuity.org`, which
|
||||
will immediately alert all available moderators.
|
||||
* **Direct Message:** If you're not comfortable raising the issue publicly, please send a direct
|
||||
message (DM) to one of the room moderators.
|
||||
|
||||
Reports will be handled with discretion. We will investigate promptly and thoroughly.
|
||||
|
||||
**Enforcement Actions:**
|
||||
|
||||
Anyone asked to stop unacceptable behaviour is expected to comply immediately. Failure to do so, or
|
||||
engaging in prohibited behaviour, may result in enforcement action. Moderators may take actions they
|
||||
deem appropriate, including but not limited to:
|
||||
|
||||
1. **Warning**: A direct message or public warning identifying the violation and requesting
|
||||
corrective action.
|
||||
2. **Temporary Mute**: Temporary restriction from participating in discussions for a specified
|
||||
period.
|
||||
3. **Kick or Ban**: Removal from a room (kick) or the entire community space (ban). Egregious or
|
||||
repeated violations may result in an immediate ban. Bans are typically permanent and reviewed
|
||||
only in exceptional circumstances.
|
||||
|
||||
Retaliation against those who report concerns in good faith will not be tolerated and will be
|
||||
subject to the same enforcement actions.
|
||||
|
||||
Together, let's build and maintain a community where everyone feels valued, safe, and respected.
|
||||
|
||||
— The Continuwuity Moderation Team
|
93
docs/conduwuit_coc.md
Normal file
93
docs/conduwuit_coc.md
Normal file
|
@ -0,0 +1,93 @@
|
|||
# conduwuit Community Code of Conduct
|
||||
|
||||
Welcome to the conduwuit community! We’re excited to have you here. conduwuit is
|
||||
a hard-fork of the Conduit homeserver, aimed at making Matrix more accessible
|
||||
and inclusive for everyone.
|
||||
|
||||
This space is dedicated to fostering a positive, supportive, and inclusive
|
||||
environment for everyone. This Code of Conduct applies to all conduwuit spaces,
|
||||
including any further community rooms that reference this CoC. Here are our
|
||||
guidelines to help maintain the welcoming atmosphere that sets conduwuit apart.
|
||||
|
||||
For the general foundational rules, please refer to the [Contributor's
|
||||
Covenant](https://github.com/girlbossceo/conduwuit/blob/main/CODE_OF_CONDUCT.md).
|
||||
Below are additional guidelines specific to the conduwuit community.
|
||||
|
||||
## Our Values and Guidelines
|
||||
|
||||
1. **Respect and Inclusivity**: We are committed to maintaining a community
|
||||
where everyone feels safe and respected. Discrimination, harassment, or hate
|
||||
speech of any kind will not be tolerated. Recognise that each community member
|
||||
experiences the world differently based on their past experiences, background,
|
||||
and identity. Share your own experiences and be open to learning about others'
|
||||
diverse perspectives.
|
||||
|
||||
2. **Positivity and Constructiveness**: Engage in constructive discussions and
|
||||
support each other. If you feel angry, negative, or aggressive, take a break
|
||||
until you can participate in a positive and constructive manner. Process intense
|
||||
feelings with a friend or in a private setting before engaging in community
|
||||
conversations to help maintain a supportive and focused environment.
|
||||
|
||||
3. **Clarity and Understanding**: Our community includes neurodivergent
|
||||
individuals and those who may not appreciate sarcasm or subtlety. Communicate
|
||||
clearly and kindly, avoiding sarcasm and ensuring your messages are easily
|
||||
understood by all. Additionally, avoid putting the burden of education on
|
||||
marginalized groups by doing your own research before asking for explanations.
|
||||
|
||||
4. **Be Open to Inclusivity**: Actively engage in conversations about making our
|
||||
community more inclusive. Report discriminatory behavior to the moderators
|
||||
and be open to constructive feedback that aims to improve our community.
|
||||
Understand that discussing discrimination and negative experiences can be
|
||||
emotionally taxing, so focus on the message rather than critiquing the tone
|
||||
used.
|
||||
|
||||
5. **Commit to Inclusivity**: Building an inclusive community requires time,
|
||||
energy, and resources. Recognise that addressing discrimination and bias is
|
||||
an ongoing process that necessitates commitment and action from all community
|
||||
members.
|
||||
|
||||
## Matrix Community
|
||||
|
||||
This Code of Conduct applies to the entire [conduwuit Matrix
|
||||
Space](https://matrix.to/#/#conduwuit-space:puppygock.gay) and its rooms,
|
||||
including:
|
||||
|
||||
### [#conduwuit:puppygock.gay](https://matrix.to/#/#conduwuit:puppygock.gay)
|
||||
|
||||
This room is for support and discussions about conduwuit. Ask questions, share
|
||||
insights, and help each other out.
|
||||
|
||||
### [#conduwuit-offtopic:girlboss.ceo](https://matrix.to/#/#conduwuit-offtopic:girlboss.ceo)
|
||||
|
||||
For off-topic community conversations about any subject. While this room allows
|
||||
for a wide range of topics, the same CoC applies. Keep discussions respectful
|
||||
and inclusive, and avoid divisive subjects like country/world politics. General
|
||||
topics, such as world events, are welcome as long as they follow the CoC.
|
||||
|
||||
### [#conduwuit-dev:puppygock.gay](https://matrix.to/#/#conduwuit-dev:puppygock.gay)
|
||||
|
||||
This room is dedicated to discussing active development of conduwuit. Posting
|
||||
requires an elevated power level, which can be requested in one of the other
|
||||
rooms. Use this space to collaborate and innovate.
|
||||
|
||||
## Enforcement
|
||||
|
||||
We have a zero-tolerance policy for violations of this Code of Conduct. If
|
||||
someone’s behavior makes you uncomfortable, please report it to the moderators.
|
||||
Actions we may take include:
|
||||
|
||||
1. **Warning**: A warning given directly in the room or via a private message
|
||||
from the moderators, identifying the violation and requesting corrective
|
||||
action.
|
||||
2. **Temporary Mute**: Temporary restriction from participating in discussions
|
||||
for a specified period to allow for reflection and cooling off.
|
||||
3. **Kick or Ban**: Egregious behavior may result in an immediate kick or ban to
|
||||
protect other community members. Bans are considered permanent and will only
|
||||
be reversed in exceptional circumstances after proven good behavior.
|
||||
|
||||
Please highlight issues directly in rooms when possible, but if you don't feel
|
||||
comfortable doing that, then please send a DM to one of the moderators directly.
|
||||
|
||||
Together, let’s build a community where everyone feels valued and respected.
|
||||
|
||||
— The conduwuit Moderation Team
|
|
@ -1,10 +1,10 @@
|
|||
# Configuration
|
||||
|
||||
This chapter describes various ways to configure Continuwuity.
|
||||
This chapter describes various ways to configure conduwuit.
|
||||
|
||||
## Basics
|
||||
|
||||
Continuwuity uses a config file for the majority of the settings, but also supports
|
||||
conduwuit uses a config file for the majority of the settings, but also supports
|
||||
setting individual config options via commandline.
|
||||
|
||||
Please refer to the [example config
|
||||
|
@ -12,13 +12,13 @@ file](./configuration/examples.md#example-configuration) for all of those
|
|||
settings.
|
||||
|
||||
The config file to use can be specified on the commandline when running
|
||||
Continuwuity by specifying the `-c`, `--config` flag. Alternatively, you can use
|
||||
conduwuit by specifying the `-c`, `--config` flag. Alternatively, you can use
|
||||
the environment variable `CONDUWUIT_CONFIG` to specify the config file to used.
|
||||
Conduit's environment variables are supported for backwards compatibility.
|
||||
|
||||
## Option commandline flag
|
||||
|
||||
Continuwuity supports setting individual config options in TOML format from the
|
||||
conduwuit supports setting individual config options in TOML format from the
|
||||
`-O` / `--option` flag. For example, you can set your server name via `-O
|
||||
server_name=\"example.com\"`.
|
||||
|
||||
|
@ -33,7 +33,7 @@ string. This does not apply to options that take booleans or numbers:
|
|||
|
||||
## Execute commandline flag
|
||||
|
||||
Continuwuity supports running admin commands on startup using the commandline
|
||||
conduwuit supports running admin commands on startup using the commandline
|
||||
argument `--execute`. The most notable use for this is to create an admin user
|
||||
on first startup.
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
# Deploying
|
||||
|
||||
This chapter describes various ways to deploy Continuwuity.
|
||||
This chapter describes various ways to deploy conduwuit.
|
||||
|
|
|
@ -1,3 +1,15 @@
|
|||
# Continuwuity for Arch Linux
|
||||
# conduwuit for Arch Linux
|
||||
|
||||
Continuwuity does not have any Arch Linux packages at this time.
|
||||
Currently conduwuit is only on the Arch User Repository (AUR).
|
||||
|
||||
The conduwuit AUR packages are community maintained and are not maintained by
|
||||
conduwuit development team, but the AUR package maintainers are in the Matrix
|
||||
room. Please attempt to verify your AUR package's PKGBUILD file looks fine
|
||||
before asking for support.
|
||||
|
||||
- [conduwuit](https://aur.archlinux.org/packages/conduwuit) - latest tagged
|
||||
conduwuit
|
||||
- [conduwuit-git](https://aur.archlinux.org/packages/conduwuit-git) - latest git
|
||||
conduwuit from `main` branch
|
||||
- [conduwuit-bin](https://aur.archlinux.org/packages/conduwuit-bin) - latest
|
||||
tagged conduwuit static binary
|
||||
|
|
|
@ -1,49 +1,48 @@
|
|||
# Continuwuity - Behind Traefik Reverse Proxy
|
||||
# conduwuit - Behind Traefik Reverse Proxy
|
||||
|
||||
services:
|
||||
homeserver:
|
||||
### If you already built the conduduwit image with 'docker build' or want to use the Docker Hub image,
|
||||
### then you are ready to go.
|
||||
image: forgejo.ellis.link/continuwuation/continuwuity:latest
|
||||
image: girlbossceo/conduwuit:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- db:/var/lib/continuwuity
|
||||
- /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's.
|
||||
#- ./continuwuity.toml:/etc/continuwuity.toml
|
||||
- db:/var/lib/conduwuit
|
||||
#- ./conduwuit.toml:/etc/conduwuit.toml
|
||||
networks:
|
||||
- proxy
|
||||
environment:
|
||||
CONTINUWUITY_SERVER_NAME: your.server.name.example # EDIT THIS
|
||||
CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
|
||||
CONTINUWUITY_PORT: 6167 # should match the loadbalancer traefik label
|
||||
CONTINUWUITY_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONTINUWUITY_ALLOW_REGISTRATION: 'true'
|
||||
CONTINUWUITY_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONTINUWUITY_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONTINUWUITY_ALLOW_FEDERATION: 'true'
|
||||
CONTINUWUITY_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONTINUWUITY_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONTINUWUITY_LOG: warn,state_res=warn
|
||||
CONTINUWUITY_ADDRESS: 0.0.0.0
|
||||
#CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above
|
||||
CONDUWUIT_SERVER_NAME: your.server.name.example # EDIT THIS
|
||||
CONDUWUIT_DATABASE_PATH: /var/lib/conduwuit
|
||||
CONDUWUIT_PORT: 6167 # should match the loadbalancer traefik label
|
||||
CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONDUWUIT_ALLOW_REGISTRATION: 'true'
|
||||
CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONDUWUIT_ALLOW_FEDERATION: 'true'
|
||||
CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONDUWUIT_LOG: warn,state_res=warn
|
||||
CONDUWUIT_ADDRESS: 0.0.0.0
|
||||
#CONDUWUIT_CONFIG: '/etc/conduwuit.toml' # Uncomment if you mapped config toml above
|
||||
|
||||
# We need some way to serve the client and server .well-known json. The simplest way is via the CONTINUWUITY_WELL_KNOWN
|
||||
# variable / config option, there are multiple ways to do this, e.g. in the continuwuity.toml file, and in a separate
|
||||
# We need some way to serve the client and server .well-known json. The simplest way is via the CONDUWUIT_WELL_KNOWN
|
||||
# variable / config option, there are multiple ways to do this, e.g. in the conduwuit.toml file, and in a seperate
|
||||
# see the override file for more information about delegation
|
||||
CONTINUWUITY_WELL_KNOWN: |
|
||||
CONDUWUIT_WELL_KNOWN: |
|
||||
{
|
||||
client=https://your.server.name.example,
|
||||
server=your.server.name.example:443
|
||||
}
|
||||
#cpuset: "0-4" # Uncomment to limit to specific CPU cores
|
||||
ulimits: # Continuwuity uses quite a few file descriptors, and on some systems it defaults to 1024, so you can tell docker to increase it
|
||||
ulimits: # conduwuit uses quite a few file descriptors, and on some systems it defaults to 1024, so you can tell docker to increase it
|
||||
nofile:
|
||||
soft: 1048567
|
||||
hard: 1048567
|
||||
|
||||
### Uncomment if you want to use your own Element-Web App.
|
||||
### Note: You need to provide a config.json for Element and you also need a second
|
||||
### Domain or Subdomain for the communication between Element and Continuwuity
|
||||
### Domain or Subdomain for the communication between Element and conduwuit
|
||||
### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
|
||||
# element-web:
|
||||
# image: vectorim/element-web:latest
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Continuwuity - Traefik Reverse Proxy Labels
|
||||
# conduwuit - Traefik Reverse Proxy Labels
|
||||
|
||||
services:
|
||||
homeserver:
|
||||
|
@ -6,17 +6,17 @@ services:
|
|||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy" # Change this to the name of your Traefik docker proxy network
|
||||
|
||||
- "traefik.http.routers.to-continuwuity.rule=Host(`<SUBDOMAIN>.<DOMAIN>`)" # Change to the address on which Continuwuity is hosted
|
||||
- "traefik.http.routers.to-continuwuity.tls=true"
|
||||
- "traefik.http.routers.to-continuwuity.tls.certresolver=letsencrypt"
|
||||
- "traefik.http.routers.to-continuwuity.middlewares=cors-headers@docker"
|
||||
- "traefik.http.services.to_continuwuity.loadbalancer.server.port=6167"
|
||||
- "traefik.http.routers.to-conduwuit.rule=Host(`<SUBDOMAIN>.<DOMAIN>`)" # Change to the address on which conduwuit is hosted
|
||||
- "traefik.http.routers.to-conduwuit.tls=true"
|
||||
- "traefik.http.routers.to-conduwuit.tls.certresolver=letsencrypt"
|
||||
- "traefik.http.routers.to-conduwuit.middlewares=cors-headers@docker"
|
||||
- "traefik.http.services.to_conduwuit.loadbalancer.server.port=6167"
|
||||
|
||||
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
|
||||
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
|
||||
|
||||
# If you want to have your account on <DOMAIN>, but host Continuwuity on a subdomain,
|
||||
# If you want to have your account on <DOMAIN>, but host conduwuit on a subdomain,
|
||||
# you can let it only handle the well known file on that domain instead
|
||||
#- "traefik.http.routers.to-matrix-wellknown.rule=Host(`<DOMAIN>`) && PathPrefix(`/.well-known/matrix`)"
|
||||
#- "traefik.http.routers.to-matrix-wellknown.tls=true"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
services:
|
||||
caddy:
|
||||
# This compose file uses caddy-docker-proxy as the reverse proxy for Continuwuity!
|
||||
# This compose file uses caddy-docker-proxy as the reverse proxy for conduwuit!
|
||||
# For more info, visit https://github.com/lucaslorentz/caddy-docker-proxy
|
||||
image: lucaslorentz/caddy-docker-proxy:ci-alpine
|
||||
ports:
|
||||
|
@ -20,28 +20,27 @@ services:
|
|||
caddy.1_respond: /.well-known/matrix/client {"m.server":{"base_url":"https://matrix.example.com"},"m.homeserver":{"base_url":"https://matrix.example.com"},"org.matrix.msc3575.proxy":{"url":"https://matrix.example.com"}}
|
||||
|
||||
homeserver:
|
||||
### If you already built the Continuwuity image with 'docker build' or want to use a registry image,
|
||||
### If you already built the conduwuit image with 'docker build' or want to use a registry image,
|
||||
### then you are ready to go.
|
||||
image: forgejo.ellis.link/continuwuation/continuwuity:latest
|
||||
image: girlbossceo/conduwuit:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- db:/var/lib/continuwuity
|
||||
- /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's.
|
||||
#- ./continuwuity.toml:/etc/continuwuity.toml
|
||||
- db:/var/lib/conduwuit
|
||||
#- ./conduwuit.toml:/etc/conduwuit.toml
|
||||
environment:
|
||||
CONTINUWUITY_SERVER_NAME: example.com # EDIT THIS
|
||||
CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
|
||||
CONTINUWUITY_PORT: 6167
|
||||
CONTINUWUITY_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONTINUWUITY_ALLOW_REGISTRATION: 'true'
|
||||
CONTINUWUITY_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONTINUWUITY_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONTINUWUITY_ALLOW_FEDERATION: 'true'
|
||||
CONTINUWUITY_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONTINUWUITY_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONTINUWUITY_LOG: warn,state_res=warn
|
||||
CONTINUWUITY_ADDRESS: 0.0.0.0
|
||||
#CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above
|
||||
CONDUWUIT_SERVER_NAME: example.com # EDIT THIS
|
||||
CONDUWUIT_DATABASE_PATH: /var/lib/conduwuit
|
||||
CONDUWUIT_PORT: 6167
|
||||
CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONDUWUIT_ALLOW_REGISTRATION: 'true'
|
||||
CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONDUWUIT_ALLOW_FEDERATION: 'true'
|
||||
CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONDUWUIT_LOG: warn,state_res=warn
|
||||
CONDUWUIT_ADDRESS: 0.0.0.0
|
||||
#CONDUWUIT_CONFIG: '/etc/conduwuit.toml' # Uncomment if you mapped config toml above
|
||||
networks:
|
||||
- caddy
|
||||
labels:
|
||||
|
|
|
@ -1,57 +1,56 @@
|
|||
# Continuwuity - Behind Traefik Reverse Proxy
|
||||
# conduwuit - Behind Traefik Reverse Proxy
|
||||
|
||||
services:
|
||||
homeserver:
|
||||
### If you already built the Continuwuity image with 'docker build' or want to use the Docker Hub image,
|
||||
### If you already built the conduwuit image with 'docker build' or want to use the Docker Hub image,
|
||||
### then you are ready to go.
|
||||
image: forgejo.ellis.link/continuwuation/continuwuity:latest
|
||||
image: girlbossceo/conduwuit:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- db:/var/lib/continuwuity
|
||||
- /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's.
|
||||
#- ./continuwuity.toml:/etc/continuwuity.toml
|
||||
- db:/var/lib/conduwuit
|
||||
#- ./conduwuit.toml:/etc/conduwuit.toml
|
||||
networks:
|
||||
- proxy
|
||||
environment:
|
||||
CONTINUWUITY_SERVER_NAME: your.server.name.example # EDIT THIS
|
||||
CONTINUWUITY_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
CONTINUWUITY_ALLOW_REGISTRATION: 'false' # After setting a secure registration token, you can enable this
|
||||
CONTINUWUITY_REGISTRATION_TOKEN: "" # This is a token you can use to register on the server
|
||||
#CONTINUWUITY_REGISTRATION_TOKEN_FILE: "" # Alternatively you can configure a path to a token file to read
|
||||
CONTINUWUITY_ADDRESS: 0.0.0.0
|
||||
CONTINUWUITY_PORT: 6167 # you need to match this with the traefik load balancer label if you're want to change it
|
||||
CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
|
||||
#CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above
|
||||
### Uncomment and change values as desired, note that Continuwuity has plenty of config options, so you should check out the example example config too
|
||||
CONDUWUIT_SERVER_NAME: your.server.name.example # EDIT THIS
|
||||
CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
CONDUWUIT_ALLOW_REGISTRATION: 'false' # After setting a secure registration token, you can enable this
|
||||
CONDUWUIT_REGISTRATION_TOKEN: "" # This is a token you can use to register on the server
|
||||
#CONDUWUIT_REGISTRATION_TOKEN_FILE: "" # Alternatively you can configure a path to a token file to read
|
||||
CONDUWUIT_ADDRESS: 0.0.0.0
|
||||
CONDUWUIT_PORT: 6167 # you need to match this with the traefik load balancer label if you're want to change it
|
||||
CONDUWUIT_DATABASE_PATH: /var/lib/conduwuit
|
||||
#CONDUWUIT_CONFIG: '/etc/conduit.toml' # Uncomment if you mapped config toml above
|
||||
### Uncomment and change values as desired, note that conduwuit has plenty of config options, so you should check out the example example config too
|
||||
# Available levels are: error, warn, info, debug, trace - more info at: https://docs.rs/env_logger/*/env_logger/#enabling-logging
|
||||
# CONTINUWUITY_LOG: info # default is: "warn,state_res=warn"
|
||||
# CONTINUWUITY_ALLOW_ENCRYPTION: 'true'
|
||||
# CONTINUWUITY_ALLOW_FEDERATION: 'true'
|
||||
# CONTINUWUITY_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
# CONTINUWUITY_ALLOW_INCOMING_PRESENCE: true
|
||||
# CONTINUWUITY_ALLOW_OUTGOING_PRESENCE: true
|
||||
# CONTINUWUITY_ALLOW_LOCAL_PRESENCE: true
|
||||
# CONTINUWUITY_WORKERS: 10
|
||||
# CONTINUWUITY_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
# CONTINUWUITY_NEW_USER_DISPLAYNAME_SUFFIX = "🏳<200d>⚧"
|
||||
# CONDUWUIT_LOG: info # default is: "warn,state_res=warn"
|
||||
# CONDUWUIT_ALLOW_ENCRYPTION: 'true'
|
||||
# CONDUWUIT_ALLOW_FEDERATION: 'true'
|
||||
# CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
# CONDUWUIT_ALLOW_INCOMING_PRESENCE: true
|
||||
# CONDUWUIT_ALLOW_OUTGOING_PRESENCE: true
|
||||
# CONDUWUIT_ALLOW_LOCAL_PRESENCE: true
|
||||
# CONDUWUIT_WORKERS: 10
|
||||
# CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
# CONDUWUIT_NEW_USER_DISPLAYNAME_SUFFIX = "🏳<200d>⚧"
|
||||
|
||||
# We need some way to serve the client and server .well-known json. The simplest way is via the CONTINUWUITY_WELL_KNOWN
|
||||
# variable / config option, there are multiple ways to do this, e.g. in the continuwuity.toml file, and in a separate
|
||||
# We need some way to serve the client and server .well-known json. The simplest way is via the CONDUWUIT_WELL_KNOWN
|
||||
# variable / config option, there are multiple ways to do this, e.g. in the conduwuit.toml file, and in a seperate
|
||||
# reverse proxy, but since you do not have a reverse proxy and following this guide, this example is included
|
||||
CONTINUWUITY_WELL_KNOWN: |
|
||||
CONDUWUIT_WELL_KNOWN: |
|
||||
{
|
||||
client=https://your.server.name.example,
|
||||
server=your.server.name.example:443
|
||||
}
|
||||
#cpuset: "0-4" # Uncomment to limit to specific CPU cores
|
||||
ulimits: # Continuwuity uses quite a few file descriptors, and on some systems it defaults to 1024, so you can tell docker to increase it
|
||||
ulimits: # conduwuit uses quite a few file descriptors, and on some systems it defaults to 1024, so you can tell docker to increase it
|
||||
nofile:
|
||||
soft: 1048567
|
||||
hard: 1048567
|
||||
|
||||
### Uncomment if you want to use your own Element-Web App.
|
||||
### Note: You need to provide a config.json for Element and you also need a second
|
||||
### Domain or Subdomain for the communication between Element and Continuwuity
|
||||
### Domain or Subdomain for the communication between Element and conduwuit
|
||||
### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
|
||||
# element-web:
|
||||
# image: vectorim/element-web:latest
|
||||
|
|
|
@ -1,34 +1,34 @@
|
|||
# Continuwuity
|
||||
# conduwuit
|
||||
|
||||
services:
|
||||
homeserver:
|
||||
### If you already built the Continuwuity image with 'docker build' or want to use a registry image,
|
||||
### If you already built the conduwuit image with 'docker build' or want to use a registry image,
|
||||
### then you are ready to go.
|
||||
image: forgejo.ellis.link/continuwuation/continuwuity:latest
|
||||
image: girlbossceo/conduwuit:latest
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 8448:6167
|
||||
volumes:
|
||||
- db:/var/lib/continuwuity
|
||||
#- ./continuwuity.toml:/etc/continuwuity.toml
|
||||
- db:/var/lib/conduwuit
|
||||
#- ./conduwuit.toml:/etc/conduwuit.toml
|
||||
environment:
|
||||
CONTINUWUITY_SERVER_NAME: your.server.name # EDIT THIS
|
||||
CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
|
||||
CONTINUWUITY_PORT: 6167
|
||||
CONTINUWUITY_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONTINUWUITY_ALLOW_REGISTRATION: 'true'
|
||||
CONTINUWUITY_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONTINUWUITY_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONTINUWUITY_ALLOW_FEDERATION: 'true'
|
||||
CONTINUWUITY_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONTINUWUITY_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONTINUWUITY_LOG: warn,state_res=warn
|
||||
CONTINUWUITY_ADDRESS: 0.0.0.0
|
||||
#CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above
|
||||
CONDUWUIT_SERVER_NAME: your.server.name # EDIT THIS
|
||||
CONDUWUIT_DATABASE_PATH: /var/lib/conduwuit
|
||||
CONDUWUIT_PORT: 6167
|
||||
CONDUWUIT_MAX_REQUEST_SIZE: 20000000 # in bytes, ~20 MB
|
||||
CONDUWUIT_ALLOW_REGISTRATION: 'true'
|
||||
CONDUWUIT_REGISTRATION_TOKEN: 'YOUR_TOKEN' # A registration token is required when registration is allowed.
|
||||
#CONDUWUIT_YES_I_AM_VERY_VERY_SURE_I_WANT_AN_OPEN_REGISTRATION_SERVER_PRONE_TO_ABUSE: 'true'
|
||||
CONDUWUIT_ALLOW_FEDERATION: 'true'
|
||||
CONDUWUIT_ALLOW_CHECK_FOR_UPDATES: 'true'
|
||||
CONDUWUIT_TRUSTED_SERVERS: '["matrix.org"]'
|
||||
#CONDUWUIT_LOG: warn,state_res=warn
|
||||
CONDUWUIT_ADDRESS: 0.0.0.0
|
||||
#CONDUWUIT_CONFIG: '/etc/conduwuit.toml' # Uncomment if you mapped config toml above
|
||||
#
|
||||
### Uncomment if you want to use your own Element-Web App.
|
||||
### Note: You need to provide a config.json for Element and you also need a second
|
||||
### Domain or Subdomain for the communication between Element and Continuwuity
|
||||
### Domain or Subdomain for the communication between Element and conduwuit
|
||||
### Config-Docs: https://github.com/vector-im/element-web/blob/develop/docs/config.md
|
||||
# element-web:
|
||||
# image: vectorim/element-web:latest
|
||||
|
|
|
@ -1,20 +1,31 @@
|
|||
# Continuwuity for Docker
|
||||
# conduwuit for Docker
|
||||
|
||||
## Docker
|
||||
|
||||
To run Continuwuity with Docker you can either build the image yourself or pull it
|
||||
To run conduwuit with Docker you can either build the image yourself or pull it
|
||||
from a registry.
|
||||
|
||||
### Use a registry
|
||||
|
||||
OCI images for Continuwuity are available in the registries listed below.
|
||||
OCI images for conduwuit are available in the registries listed below.
|
||||
|
||||
| Registry | Image | Notes |
|
||||
| --------------- | --------------------------------------------------------------- | -----------------------|
|
||||
| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest][fj] | Latest tagged image. |
|
||||
| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main][fj] | Main branch image. |
|
||||
| Registry | Image | Size | Notes |
|
||||
| --------------- | --------------------------------------------------------------- | ----------------------------- | ---------------------- |
|
||||
| GitHub Registry | [ghcr.io/girlbossceo/conduwuit:latest][gh] | ![Image Size][shield-latest] | Stable latest tagged image. |
|
||||
| GitLab Registry | [registry.gitlab.com/conduwuit/conduwuit:latest][gl] | ![Image Size][shield-latest] | Stable latest tagged image. |
|
||||
| Docker Hub | [docker.io/girlbossceo/conduwuit:latest][dh] | ![Image Size][shield-latest] | Stable latest tagged image. |
|
||||
| GitHub Registry | [ghcr.io/girlbossceo/conduwuit:main][gh] | ![Image Size][shield-main] | Stable main branch. |
|
||||
| GitLab Registry | [registry.gitlab.com/conduwuit/conduwuit:main][gl] | ![Image Size][shield-main] | Stable main branch. |
|
||||
| Docker Hub | [docker.io/girlbossceo/conduwuit:main][dh] | ![Image Size][shield-main] | Stable main branch. |
|
||||
|
||||
[fj]: https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity
|
||||
[dh]: https://hub.docker.com/r/girlbossceo/conduwuit
|
||||
[gh]: https://github.com/girlbossceo/conduwuit/pkgs/container/conduwuit
|
||||
[gl]: https://gitlab.com/conduwuit/conduwuit/container_registry/6369729
|
||||
[shield-latest]: https://img.shields.io/docker/image-size/girlbossceo/conduwuit/latest
|
||||
[shield-main]: https://img.shields.io/docker/image-size/girlbossceo/conduwuit/main
|
||||
|
||||
OCI image `.tar.gz` files are also hosted directly at when uploaded by CI with a
|
||||
commit hash/revision or a tagged release: <https://pup.systems/~strawberry/conduwuit/>
|
||||
|
||||
Use
|
||||
|
||||
|
@ -30,22 +41,22 @@ When you have the image you can simply run it with
|
|||
|
||||
```bash
|
||||
docker run -d -p 8448:6167 \
|
||||
-v db:/var/lib/continuwuity/ \
|
||||
-e CONTINUWUITY_SERVER_NAME="your.server.name" \
|
||||
-e CONTINUWUITY_ALLOW_REGISTRATION=false \
|
||||
--name continuwuity $LINK
|
||||
-v db:/var/lib/conduwuit/ \
|
||||
-e CONDUWUIT_SERVER_NAME="your.server.name" \
|
||||
-e CONDUWUIT_ALLOW_REGISTRATION=false \
|
||||
--name conduwuit $LINK
|
||||
```
|
||||
|
||||
or you can use [docker compose](#docker-compose).
|
||||
|
||||
The `-d` flag lets the container run in detached mode. You may supply an
|
||||
optional `continuwuity.toml` config file, the example config can be found
|
||||
optional `conduwuit.toml` config file, the example config can be found
|
||||
[here](../configuration/examples.md). You can pass in different env vars to
|
||||
change config values on the fly. You can even configure Continuwuity completely by
|
||||
change config values on the fly. You can even configure conduwuit completely by
|
||||
using env vars. For an overview of possible values, please take a look at the
|
||||
[`docker-compose.yml`](docker-compose.yml) file.
|
||||
|
||||
If you just want to test Continuwuity for a short time, you can use the `--rm`
|
||||
If you just want to test conduwuit for a short time, you can use the `--rm`
|
||||
flag, which will clean up everything related to your container after you stop
|
||||
it.
|
||||
|
||||
|
@ -80,32 +91,32 @@ docker network create caddy
|
|||
After that, you can rename it so it matches `docker-compose.yml` and spin up the
|
||||
containers!
|
||||
|
||||
Additional info about deploying Continuwuity can be found [here](generic.md).
|
||||
Additional info about deploying conduwuit can be found [here](generic.md).
|
||||
|
||||
### Build
|
||||
|
||||
Official Continuwuity images are built using **Docker Buildx** and the Dockerfile found at [`docker/Dockerfile`][dockerfile-path]. This approach uses common Docker tooling and enables multi-platform builds efficiently.
|
||||
Official conduwuit images are built using Nix's
|
||||
[`buildLayeredImage`][nix-buildlayeredimage]. This ensures all OCI images are
|
||||
repeatable and reproducible by anyone, keeps the images lightweight, and can be
|
||||
built offline.
|
||||
|
||||
The resulting images are broadly compatible with Docker and other container runtimes like Podman or containerd.
|
||||
This also ensures portability of our images because `buildLayeredImage` builds
|
||||
OCI images, not Docker images, and works with other container software.
|
||||
|
||||
The images *do not contain a shell*. They contain only the Continuwuity binary, required libraries, TLS certificates and metadata. Please refer to the [`docker/Dockerfile`][dockerfile-path] for the specific details of the image composition.
|
||||
The OCI images are OS-less with only a very minimal environment of the `tini`
|
||||
init system, CA certificates, and the conduwuit binary. This does mean there is
|
||||
not a shell, but in theory you can get a shell by adding the necessary layers
|
||||
to the layered image. However it's very unlikely you will need a shell for any
|
||||
real troubleshooting.
|
||||
|
||||
To build an image locally using Docker Buildx, you can typically run a command like:
|
||||
The flake file for the OCI image definition is at [`nix/pkgs/oci-image/default.nix`][oci-image-def].
|
||||
|
||||
```bash
|
||||
# Build for the current platform and load into the local Docker daemon
|
||||
docker buildx build --load --tag continuwuity:latest -f docker/Dockerfile .
|
||||
|
||||
# Example: Build for specific platforms and push to a registry.
|
||||
# docker buildx build --platform linux/amd64,linux/arm64 --tag registry.io/org/continuwuity:latest -f docker/Dockerfile . --push
|
||||
|
||||
# Example: Build binary optimized for the current CPU
|
||||
# docker buildx build --load --tag continuwuity:latest --build-arg TARGET_CPU=native -f docker/Dockerfile .
|
||||
```
|
||||
|
||||
Refer to the Docker Buildx documentation for more advanced build options.
|
||||
|
||||
[dockerfile-path]: ../../docker/Dockerfile
|
||||
To build an OCI image using Nix, the following outputs can be built:
|
||||
- `nix build -L .#oci-image` (default features, x86_64 glibc)
|
||||
- `nix build -L .#oci-image-x86_64-linux-musl` (default features, x86_64 musl)
|
||||
- `nix build -L .#oci-image-aarch64-linux-musl` (default features, aarch64 musl)
|
||||
- `nix build -L .#oci-image-x86_64-linux-musl-all-features` (all features, x86_64 musl)
|
||||
- `nix build -L .#oci-image-aarch64-linux-musl-all-features` (all features, aarch64 musl)
|
||||
|
||||
### Run
|
||||
|
||||
|
@ -127,10 +138,10 @@ web. With the two provided files,
|
|||
[`docker-compose.for-traefik.yml`](docker-compose.for-traefik.yml) (or
|
||||
[`docker-compose.with-traefik.yml`](docker-compose.with-traefik.yml)) and
|
||||
[`docker-compose.override.yml`](docker-compose.override.yml), it is equally easy
|
||||
to deploy and use Continuwuity, with a little caveat. If you already took a look at
|
||||
to deploy and use conduwuit, with a little caveat. If you already took a look at
|
||||
the files, then you should have seen the `well-known` service, and that is the
|
||||
little caveat. Traefik is simply a proxy and loadbalancer and is not able to
|
||||
serve any kind of content, but for Continuwuity to federate, we need to either
|
||||
serve any kind of content, but for conduwuit to federate, we need to either
|
||||
expose ports `443` and `8448` or serve two endpoints `.well-known/matrix/client`
|
||||
and `.well-known/matrix/server`.
|
||||
|
||||
|
@ -142,3 +153,4 @@ those two files.
|
|||
See the [TURN](../turn.md) page.
|
||||
|
||||
[nix-buildlayeredimage]: https://ryantm.github.io/nixpkgs/builders/images/dockertools/#ssec-pkgs-dockerTools-buildLayeredImage
|
||||
[oci-image-def]: https://github.com/girlbossceo/conduwuit/blob/main/nix/pkgs/oci-image/default.nix
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# Continuwuity for FreeBSD
|
||||
# conduwuit for FreeBSD
|
||||
|
||||
Continuwuity at the moment does not provide FreeBSD builds or have FreeBSD packaging, however Continuwuity does build and work on FreeBSD using the system-provided RocksDB.
|
||||
conduwuit at the moment does not provide FreeBSD builds or have FreeBSD packaging, however conduwuit does build and work on FreeBSD using the system-provided RocksDB.
|
||||
|
||||
Contributions for getting Continuwuity packaged are welcome.
|
||||
Contributions for getting conduwuit packaged are welcome.
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
> ### Getting help
|
||||
>
|
||||
> If you run into any problems while setting up Continuwuity, ask us in
|
||||
> `#continuwuity:continuwuity.org` or [open an issue on
|
||||
> Forgejo](https://forgejo.ellis.link/continuwuation/continuwuity/issues/new).
|
||||
> If you run into any problems while setting up conduwuit, ask us in
|
||||
> `#conduwuit:puppygock.gay` or [open an issue on
|
||||
> GitHub](https://github.com/girlbossceo/conduwuit/issues/new).
|
||||
|
||||
## Installing Continuwuity
|
||||
## Installing conduwuit
|
||||
|
||||
### Static prebuilt binary
|
||||
|
||||
|
@ -14,10 +14,12 @@ You may simply download the binary that fits your machine architecture (x86_64
|
|||
or aarch64). Run `uname -m` to see what you need.
|
||||
|
||||
Prebuilt fully static musl binaries can be downloaded from the latest tagged
|
||||
release [here](https://forgejo.ellis.link/continuwuation/continuwuity/releases/latest) or
|
||||
release [here](https://github.com/girlbossceo/conduwuit/releases/latest) or
|
||||
`main` CI branch workflow artifact output. These also include Debian/Ubuntu
|
||||
packages.
|
||||
|
||||
Binaries are also available on my website directly at: <https://pup.systems/~strawberry/conduwuit/>
|
||||
|
||||
These can be curl'd directly from. `ci-bins` are CI workflow binaries by commit
|
||||
hash/revision, and `releases` are tagged releases. Sort by descending last
|
||||
modified for the latest.
|
||||
|
@ -35,7 +37,7 @@ for performance.
|
|||
### Compiling
|
||||
|
||||
Alternatively, you may compile the binary yourself. We recommend using
|
||||
Nix (or [Lix](https://lix.systems)) to build Continuwuity as this has the most
|
||||
Nix (or [Lix](https://lix.systems)) to build conduwuit as this has the most
|
||||
guaranteed reproducibiltiy and easiest to get a build environment and output
|
||||
going. This also allows easy cross-compilation.
|
||||
|
||||
|
@ -49,35 +51,35 @@ If wanting to build using standard Rust toolchains, make sure you install:
|
|||
- `liburing-dev` on the compiling machine, and `liburing` on the target host
|
||||
- LLVM and libclang for RocksDB
|
||||
|
||||
You can build Continuwuity using `cargo build --release --all-features`
|
||||
You can build conduwuit using `cargo build --release --all-features`
|
||||
|
||||
## Adding a Continuwuity user
|
||||
## Adding a conduwuit user
|
||||
|
||||
While Continuwuity can run as any user it is better to use dedicated users for
|
||||
While conduwuit can run as any user it is better to use dedicated users for
|
||||
different services. This also allows you to make sure that the file permissions
|
||||
are correctly set up.
|
||||
|
||||
In Debian, you can use this command to create a Continuwuity user:
|
||||
In Debian, you can use this command to create a conduwuit user:
|
||||
|
||||
```bash
|
||||
sudo adduser --system continuwuity --group --disabled-login --no-create-home
|
||||
sudo adduser --system conduwuit --group --disabled-login --no-create-home
|
||||
```
|
||||
|
||||
For distros without `adduser` (or where it's a symlink to `useradd`):
|
||||
|
||||
```bash
|
||||
sudo useradd -r --shell /usr/bin/nologin --no-create-home continuwuity
|
||||
sudo useradd -r --shell /usr/bin/nologin --no-create-home conduwuit
|
||||
```
|
||||
|
||||
## Forwarding ports in the firewall or the router
|
||||
|
||||
Matrix's default federation port is port 8448, and clients must be using port 443.
|
||||
If you would like to use only port 443, or a different port, you will need to setup
|
||||
delegation. Continuwuity has config options for doing delegation, or you can configure
|
||||
delegation. conduwuit has config options for doing delegation, or you can configure
|
||||
your reverse proxy to manually serve the necessary JSON files to do delegation
|
||||
(see the `[global.well_known]` config section).
|
||||
|
||||
If Continuwuity runs behind a router or in a container and has a different public
|
||||
If conduwuit runs behind a router or in a container and has a different public
|
||||
IP address than the host system these public ports need to be forwarded directly
|
||||
or indirectly to the port mentioned in the config.
|
||||
|
||||
|
@ -92,9 +94,9 @@ on the network level, consider something like NextDNS or Pi-Hole.
|
|||
|
||||
## Setting up a systemd service
|
||||
|
||||
Two example systemd units for Continuwuity can be found
|
||||
Two example systemd units for conduwuit can be found
|
||||
[on the configuration page](../configuration/examples.md#debian-systemd-unit-file).
|
||||
You may need to change the `ExecStart=` path to where you placed the Continuwuity
|
||||
You may need to change the `ExecStart=` path to where you placed the conduwuit
|
||||
binary if it is not `/usr/bin/conduwuit`.
|
||||
|
||||
On systems where rsyslog is used alongside journald (i.e. Red Hat-based distros
|
||||
|
@ -112,10 +114,10 @@ and entering the following:
|
|||
ReadWritePaths=/path/to/custom/database/path
|
||||
```
|
||||
|
||||
## Creating the Continuwuity configuration file
|
||||
## Creating the conduwuit configuration file
|
||||
|
||||
Now we need to create the Continuwuity's config file in
|
||||
`/etc/continuwuity/continuwuity.toml`. The example config can be found at
|
||||
Now we need to create the conduwuit's config file in
|
||||
`/etc/conduwuit/conduwuit.toml`. The example config can be found at
|
||||
[conduwuit-example.toml](../configuration/examples.md).
|
||||
|
||||
**Please take a moment to read the config. You need to change at least the
|
||||
|
@ -125,7 +127,7 @@ RocksDB is the only supported database backend.
|
|||
|
||||
## Setting the correct file permissions
|
||||
|
||||
If you are using a dedicated user for Continuwuity, you will need to allow it to
|
||||
If you are using a dedicated user for conduwuit, you will need to allow it to
|
||||
read the config. To do that you can run this:
|
||||
|
||||
```bash
|
||||
|
@ -137,7 +139,7 @@ If you use the default database path you also need to run this:
|
|||
|
||||
```bash
|
||||
sudo mkdir -p /var/lib/conduwuit/
|
||||
sudo chown -R continuwuity:continuwuity /var/lib/conduwuit/
|
||||
sudo chown -R conduwuit:conduwuit /var/lib/conduwuit/
|
||||
sudo chmod 700 /var/lib/conduwuit/
|
||||
```
|
||||
|
||||
|
@ -172,13 +174,13 @@ As we would prefer our users to use Caddy, we will not provide configuration fil
|
|||
|
||||
You will need to reverse proxy everything under following routes:
|
||||
- `/_matrix/` - core Matrix C-S and S-S APIs
|
||||
- `/_conduwuit/` - ad-hoc Continuwuity routes such as `/local_user_count` and
|
||||
- `/_conduwuit/` - ad-hoc conduwuit routes such as `/local_user_count` and
|
||||
`/server_version`
|
||||
|
||||
You can optionally reverse proxy the following individual routes:
|
||||
- `/.well-known/matrix/client` and `/.well-known/matrix/server` if using
|
||||
Continuwuity to perform delegation (see the `[global.well_known]` config section)
|
||||
- `/.well-known/matrix/support` if using Continuwuity to send the homeserver admin
|
||||
conduwuit to perform delegation (see the `[global.well_known]` config section)
|
||||
- `/.well-known/matrix/support` if using conduwuit to send the homeserver admin
|
||||
contact and support page (formerly known as MSC1929)
|
||||
- `/` if you would like to see `hewwo from conduwuit woof!` at the root
|
||||
|
||||
|
@ -198,7 +200,7 @@ header, making federation non-functional. If a workaround is found, feel free to
|
|||
|
||||
If using Apache, you need to use `nocanon` in your `ProxyPass` directive to prevent httpd from messing with the `X-Matrix` header (note that Apache isn't very good as a general reverse proxy and we discourage the usage of it if you can).
|
||||
|
||||
If using Nginx, you need to give Continuwuity the request URI using `$request_uri`, or like so:
|
||||
If using Nginx, you need to give conduwuit the request URI using `$request_uri`, or like so:
|
||||
- `proxy_pass http://127.0.0.1:6167$request_uri;`
|
||||
- `proxy_pass http://127.0.0.1:6167;`
|
||||
|
||||
|
@ -207,7 +209,7 @@ Nginx users need to increase `client_max_body_size` (default is 1M) to match
|
|||
|
||||
## You're done
|
||||
|
||||
Now you can start Continuwuity with:
|
||||
Now you can start conduwuit with:
|
||||
|
||||
```bash
|
||||
sudo systemctl start conduwuit
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
# Continuwuity for Kubernetes
|
||||
# conduwuit for Kubernetes
|
||||
|
||||
Continuwuity doesn't support horizontal scalability or distributed loading
|
||||
conduwuit doesn't support horizontal scalability or distributed loading
|
||||
natively, however a community maintained Helm Chart is available here to run
|
||||
conduwuit on Kubernetes: <https://gitlab.cronce.io/charts/conduwuit>
|
||||
|
||||
This should be compatible with continuwuity, but you will need to change the image reference.
|
||||
|
||||
Should changes need to be made, please reach out to the maintainer as this is not maintained/controlled by the Continuwuity maintainers.
|
||||
Should changes need to be made, please reach out to the maintainer in our
|
||||
Matrix room as this is not maintained/controlled by the conduwuit maintainers.
|
||||
|
|
|
@ -1,33 +1,66 @@
|
|||
# Continuwuity for NixOS
|
||||
# conduwuit for NixOS
|
||||
|
||||
Continuwuity can be acquired by Nix (or [Lix][lix]) from various places:
|
||||
conduwuit can be acquired by Nix (or [Lix][lix]) from various places:
|
||||
|
||||
* The `flake.nix` at the root of the repo
|
||||
* The `default.nix` at the root of the repo
|
||||
* From Continuwuity's binary cache
|
||||
* From conduwuit's binary cache
|
||||
|
||||
A community maintained NixOS package is available at [`conduwuit`](https://search.nixos.org/packages?channel=unstable&show=conduwuit&from=0&size=50&sort=relevance&type=packages&query=conduwuit)
|
||||
|
||||
### Binary cache
|
||||
|
||||
A binary cache for conduwuit that the CI/CD publishes to is available at the
|
||||
following places (both are the same just different names):
|
||||
|
||||
```
|
||||
https://attic.kennel.juneis.dog/conduit
|
||||
conduit:eEKoUwlQGDdYmAI/Q/0slVlegqh/QmAvQd7HBSm21Wk=
|
||||
|
||||
https://attic.kennel.juneis.dog/conduwuit
|
||||
conduwuit:BbycGUgTISsltcmH0qNjFR9dbrQNYgdIAcmViSGoVTE=
|
||||
```
|
||||
|
||||
The binary caches were recreated some months ago due to attic issues. The old public
|
||||
keys were:
|
||||
|
||||
```
|
||||
conduit:Isq8FGyEC6FOXH6nD+BOeAA+bKp6X6UIbupSlGEPuOg=
|
||||
conduwuit:lYPVh7o1hLu1idH4Xt2QHaRa49WRGSAqzcfFd94aOTw=
|
||||
```
|
||||
|
||||
If needed, we have a binary cache on Cachix but it is only limited to 5GB:
|
||||
|
||||
```
|
||||
https://conduwuit.cachix.org
|
||||
conduwuit.cachix.org-1:MFRm6jcnfTf0jSAbmvLfhO3KBMt4px+1xaereWXp8Xg=
|
||||
```
|
||||
|
||||
If specifying a Git remote URL in your flake, you can use any remotes that
|
||||
are specified on the README (the mirrors), such as the GitHub: `github:girlbossceo/conduwuit`
|
||||
|
||||
### NixOS module
|
||||
|
||||
The `flake.nix` and `default.nix` do not currently provide a NixOS module (contributions
|
||||
welcome!), so [`services.matrix-conduit`][module] from Nixpkgs can be used to configure
|
||||
Continuwuity.
|
||||
conduwuit.
|
||||
|
||||
### Conduit NixOS Config Module and SQLite
|
||||
|
||||
Beware! The [`services.matrix-conduit`][module] module defaults to SQLite as a database backend.
|
||||
Continuwuity dropped SQLite support in favor of exclusively supporting the much faster RocksDB.
|
||||
Conduwuit dropped SQLite support in favor of exclusively supporting the much faster RocksDB.
|
||||
Make sure that you are using the RocksDB backend before migrating!
|
||||
|
||||
There is a [tool to migrate a Conduit SQLite database to
|
||||
RocksDB](https://github.com/ShadowJonathan/conduit_toolbox/).
|
||||
|
||||
If you want to run the latest code, you should get Continuwuity from the `flake.nix`
|
||||
If you want to run the latest code, you should get conduwuit from the `flake.nix`
|
||||
or `default.nix` and set [`services.matrix-conduit.package`][package]
|
||||
appropriately to use Continuwuity instead of Conduit.
|
||||
appropriately to use conduwuit instead of Conduit.
|
||||
|
||||
### UNIX sockets
|
||||
|
||||
Due to the lack of a Continuwuity NixOS module, when using the `services.matrix-conduit` module
|
||||
Due to the lack of a conduwuit NixOS module, when using the `services.matrix-conduit` module
|
||||
a workaround like the one below is necessary to use UNIX sockets. This is because the UNIX
|
||||
socket option does not exist in Conduit, and the module forcibly sets the `address` and
|
||||
`port` config options.
|
||||
|
@ -51,13 +84,13 @@ disallows the namespace from accessing or creating UNIX sockets and has to be en
|
|||
systemd.services.conduit.serviceConfig.RestrictAddressFamilies = [ "AF_UNIX" ];
|
||||
```
|
||||
|
||||
Even though those workarounds are feasible a Continuwuity NixOS configuration module, developed and
|
||||
Even though those workarounds are feasible a conduwuit NixOS configuration module, developed and
|
||||
published by the community, would be appreciated.
|
||||
|
||||
### jemalloc and hardened profile
|
||||
|
||||
Continuwuity uses jemalloc by default. This may interfere with the [`hardened.nix` profile][hardened.nix]
|
||||
due to them using `scudo` by default. You must either disable/hide `scudo` from Continuwuity, or
|
||||
conduwuit uses jemalloc by default. This may interfere with the [`hardened.nix` profile][hardened.nix]
|
||||
due to them using `scudo` by default. You must either disable/hide `scudo` from conduwuit, or
|
||||
disable jemalloc like so:
|
||||
|
||||
```nix
|
||||
|
|
|
@ -4,9 +4,9 @@ Information about developing the project. If you are only interested in using
|
|||
it, you can safely ignore this page. If you plan on contributing, see the
|
||||
[contributor's guide](./contributing.md).
|
||||
|
||||
## Continuwuity project layout
|
||||
## conduwuit project layout
|
||||
|
||||
Continuwuity uses a collection of sub-crates, packages, or workspace members
|
||||
conduwuit uses a collection of sub-crates, packages, or workspace members
|
||||
that indicate what each general area of code is for. All of the workspace
|
||||
members are under `src/`. The workspace definition is at the top level / root
|
||||
`Cargo.toml`.
|
||||
|
@ -14,11 +14,11 @@ members are under `src/`. The workspace definition is at the top level / root
|
|||
The crate names are generally self-explanatory:
|
||||
- `admin` is the admin room
|
||||
- `api` is the HTTP API, Matrix C-S and S-S endpoints, etc
|
||||
- `core` is core Continuwuity functionality like config loading, error definitions,
|
||||
- `core` is core conduwuit functionality like config loading, error definitions,
|
||||
global utilities, logging infrastructure, etc
|
||||
- `database` is RocksDB methods, helpers, RocksDB config, and general database definitions,
|
||||
utilities, or functions
|
||||
- `macros` are Continuwuity Rust [macros][macros] like general helper macros, logging
|
||||
- `macros` are conduwuit Rust [macros][macros] like general helper macros, logging
|
||||
and error handling macros, and [syn][syn] and [procedural macros][proc-macro]
|
||||
used for admin room commands and others
|
||||
- `main` is the "primary" sub-crate. This is where the `main()` function lives,
|
||||
|
@ -35,7 +35,7 @@ if you truly find yourself needing to, we recommend reaching out to us in
|
|||
the Matrix room for discussions about it beforehand.
|
||||
|
||||
The primary inspiration for this design was apart of hot reloadable development,
|
||||
to support "Continuwuity as a library" where specific parts can simply be swapped out.
|
||||
to support "conduwuit as a library" where specific parts can simply be swapped out.
|
||||
There is evidence Conduit wanted to go this route too as `axum` is technically an
|
||||
optional feature in Conduit, and can be compiled without the binary or axum library
|
||||
for handling inbound web requests; but it was never completed or worked.
|
||||
|
@ -68,10 +68,10 @@ do this if Rust supported workspace-level features to begin with.
|
|||
|
||||
## List of forked dependencies
|
||||
|
||||
During Continuwuity development, we have had to fork
|
||||
During conduwuit development, we have had to fork
|
||||
some dependencies to support our use-cases in some areas. This ranges from
|
||||
things said upstream project won't accept for any reason, faster-paced
|
||||
development (unresponsive or slow upstream), Continuwuity-specific usecases, or
|
||||
development (unresponsive or slow upstream), conduwuit-specific usecases, or
|
||||
lack of time to upstream some things.
|
||||
|
||||
- [ruma/ruma][1]: <https://github.com/girlbossceo/ruwuma> - various performance
|
||||
|
@ -84,7 +84,7 @@ builds seem to be broken on upstream, fixes some broken/suspicious code in
|
|||
places, additional safety measures, and support redzones for Valgrind
|
||||
- [zyansheep/rustyline-async][4]:
|
||||
<https://github.com/girlbossceo/rustyline-async> - tab completion callback and
|
||||
`CTRL+\` signal quit event for Continuwuity console CLI
|
||||
`CTRL+\` signal quit event for conduwuit console CLI
|
||||
- [rust-rocksdb/rust-rocksdb][5]:
|
||||
<https://github.com/girlbossceo/rust-rocksdb-zaidoon1> - [`@zaidoon1`][8]'s fork
|
||||
has quicker updates, more up to date dependencies, etc. Our fork fixes musl build
|
||||
|
@ -97,7 +97,7 @@ alongside other logging/metrics things
|
|||
## Debugging with `tokio-console`
|
||||
|
||||
[`tokio-console`][7] can be a useful tool for debugging and profiling. To make a
|
||||
`tokio-console`-enabled build of Continuwuity, enable the `tokio_console` feature,
|
||||
`tokio-console`-enabled build of conduwuit, enable the `tokio_console` feature,
|
||||
disable the default `release_max_log_level` feature, and set the `--cfg
|
||||
tokio_unstable` flag to enable experimental tokio APIs. A build might look like
|
||||
this:
|
||||
|
@ -109,7 +109,7 @@ RUSTFLAGS="--cfg tokio_unstable" cargo +nightly build \
|
|||
--features=systemd,element_hacks,gzip_compression,brotli_compression,zstd_compression,tokio_console
|
||||
```
|
||||
|
||||
You will also need to enable the `tokio_console` config option in Continuwuity when
|
||||
You will also need to enable the `tokio_console` config option in conduwuit when
|
||||
starting it. This was due to tokio-console causing gradual memory leak/usage
|
||||
if left enabled.
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ guaranteed to work at this time.
|
|||
|
||||
### Summary
|
||||
|
||||
When developing in debug-builds with the nightly toolchain, Continuwuity is modular
|
||||
When developing in debug-builds with the nightly toolchain, conduwuit is modular
|
||||
using dynamic libraries and various parts of the application are hot-reloadable
|
||||
while the server is running: http api handlers, admin commands, services,
|
||||
database, etc. These are all split up into individual workspace crates as seen
|
||||
|
@ -42,7 +42,7 @@ library, macOS, and likely other host architectures are not supported (if other
|
|||
architectures work, feel free to let us know and/or make a PR updating this).
|
||||
This should work on GNU ld and lld (rust-lld) and gcc/clang, however if you
|
||||
happen to have linker issues it's recommended to try using `mold` or `gold`
|
||||
linkers, and please let us know in the [Continuwuity Matrix room][7] the linker
|
||||
linkers, and please let us know in the [conduwuit Matrix room][7] the linker
|
||||
error and what linker solved this issue so we can figure out a solution. Ideally
|
||||
there should be minimal friction to using this, and in the future a build script
|
||||
(`build.rs`) may be suitable to making this easier to use if the capabilities
|
||||
|
@ -52,13 +52,13 @@ allow us.
|
|||
|
||||
As of 19 May 2024, the instructions for using this are:
|
||||
|
||||
0. Have patience. Don't hesitate to join the [Continuwuity Matrix room][7] to
|
||||
0. Have patience. Don't hesitate to join the [conduwuit Matrix room][7] to
|
||||
receive help using this. As indicated by the various rustflags used and some
|
||||
of the interesting issues linked at the bottom, this is definitely not something
|
||||
the Rust ecosystem or toolchain is used to doing.
|
||||
|
||||
1. Install the nightly toolchain using rustup. You may need to use `rustup
|
||||
override set nightly` in your local Continuwuity directory, or use `cargo
|
||||
override set nightly` in your local conduwuit directory, or use `cargo
|
||||
+nightly` for all actions.
|
||||
|
||||
2. Uncomment `cargo-features` at the top level / root Cargo.toml
|
||||
|
@ -85,14 +85,14 @@ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$HOME/.rustup/toolchains/nightly-x86_64-unknown
|
|||
Cargo should only rebuild what was changed / what's necessary, so it should
|
||||
not be rebuilding all the crates.
|
||||
|
||||
9. In your Continuwuity server terminal, hit/send `CTRL+C` signal. This will tell
|
||||
Continuwuity to find which libraries need to be reloaded, and reloads them as
|
||||
9. In your conduwuit server terminal, hit/send `CTRL+C` signal. This will tell
|
||||
conduwuit to find which libraries need to be reloaded, and reloads them as
|
||||
necessary.
|
||||
|
||||
10. If there were no errors, it will tell you it successfully reloaded `#`
|
||||
modules, and your changes should now be visible. Repeat 7 - 9 as needed.
|
||||
|
||||
To shutdown Continuwuity in this setup, hit/send `CTRL+\`. Normal builds still
|
||||
To shutdown conduwuit in this setup, hit/send `CTRL+\`. Normal builds still
|
||||
shutdown with `CTRL+C` as usual.
|
||||
|
||||
Steps 1 - 5 are the initial first-time steps for using this. To remove the hot
|
||||
|
@ -101,7 +101,7 @@ reload setup, revert/comment all the Cargo.toml changes.
|
|||
As mentioned in the requirements section, if you happen to have some linker
|
||||
issues, try using the `-fuse-ld=` rustflag and specify mold or gold in all the
|
||||
`rustflags` definitions in the top level Cargo.toml, and please let us know in
|
||||
the [Continuwuity Matrix room][7] the problem. mold can be installed typically
|
||||
the [conduwuit Matrix room][7] the problem. mold can be installed typically
|
||||
through your distro, and gold is provided by the binutils package.
|
||||
|
||||
It's possible a helper script can be made to do all of this, or most preferably
|
||||
|
@ -136,7 +136,7 @@ acyclic graph. The primary rule is simple and illustrated in the figure below:
|
|||
**no crate is allowed to call a function or use a variable from a crate below
|
||||
it.**
|
||||
|
||||

|
||||
|
||||
When a symbol is referenced between crates they become bound: **crates cannot be
|
||||
|
@ -147,7 +147,7 @@ by using an `RTLD_LOCAL` binding for just one link between the main executable
|
|||
and the first crate, freeing the executable from all modules as no global
|
||||
binding ever occurs between them.
|
||||
|
||||

|
||||
|
||||
Proper resource management is essential for reliable reloading to occur. This is
|
||||
|
@ -190,11 +190,11 @@ The initial implementation PR is available [here][1].
|
|||
- [Workspace-level metadata
|
||||
(cargo-deb)](https://github.com/kornelski/cargo-deb/issues/68)
|
||||
|
||||
[1]: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/387
|
||||
[1]: https://github.com/girlbossceo/conduwuit/pull/387
|
||||
[2]: https://wiki.musl-libc.org/functional-differences-from-glibc.html#Unloading-libraries
|
||||
[3]: https://github.com/rust-lang/rust/issues/28794
|
||||
[4]: https://github.com/rust-lang/rust/issues/28794#issuecomment-368693049
|
||||
[5]: https://github.com/rust-lang/cargo/issues/12746
|
||||
[6]: https://crates.io/crates/hot-lib-reloader/
|
||||
[7]: https://matrix.to/#/#continuwuity:continuwuity.org
|
||||
[7]: https://matrix.to/#/#conduwuit:puppygock.gay
|
||||
[8]: https://crates.io/crates/libloading
|
||||
|
|
|
@ -24,9 +24,8 @@ and run the script.
|
|||
If you're on macOS and need to build an image, run `nix build .#linux-complement`.
|
||||
|
||||
We have a Complement fork as some tests have needed to be fixed. This can be found
|
||||
at: <https://forgejo.ellis.link/continuwuation/complement>
|
||||
at: <https://github.com/girlbossceo/complement>
|
||||
|
||||
[ci-workflows]:
|
||||
https://forgejo.ellis.link/continuwuation/continuwuity/actions/?workflow=ci.yml&actor=0&status=1
|
||||
[ci-workflows]: https://github.com/girlbossceo/conduwuit/actions/workflows/ci.yml?query=event%3Apush+is%3Asuccess+actor%3Agirlbossceo
|
||||
[complement]: https://github.com/matrix-org/complement
|
||||
[direnv]: https://direnv.net/docs/hook.html
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Continuwuity
|
||||
# conduwuit
|
||||
|
||||
{{#include ../README.md:catchphrase}}
|
||||
|
||||
|
@ -8,7 +8,7 @@
|
|||
|
||||
- [Deployment options](deploying.md)
|
||||
|
||||
If you want to connect an appservice to Continuwuity, take a look at the
|
||||
If you want to connect an appservice to conduwuit, take a look at the
|
||||
[appservices documentation](appservices.md).
|
||||
|
||||
#### How can I contribute?
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
# Maintaining your Continuwuity setup
|
||||
# Maintaining your conduwuit setup
|
||||
|
||||
## Moderation
|
||||
|
||||
Continuwuity has moderation through admin room commands. "binary commands" (medium
|
||||
conduwuit has moderation through admin room commands. "binary commands" (medium
|
||||
priority) and an admin API (low priority) is planned. Some moderation-related
|
||||
config options are available in the example config such as "global ACLs" and
|
||||
blocking media requests to certain servers. See the example config for the
|
||||
moderation config options under the "Moderation / Privacy / Security" section.
|
||||
|
||||
Continuwuity has moderation admin commands for:
|
||||
conduwuit has moderation admin commands for:
|
||||
|
||||
- managing room aliases (`!admin rooms alias`)
|
||||
- managing room directory (`!admin rooms directory`)
|
||||
|
@ -36,7 +36,7 @@ each object being newline delimited. An example of doing this is:
|
|||
## Database (RocksDB)
|
||||
|
||||
Generally there is very little you need to do. [Compaction][rocksdb-compaction]
|
||||
is ran automatically based on various defined thresholds tuned for Continuwuity to
|
||||
is ran automatically based on various defined thresholds tuned for conduwuit to
|
||||
be high performance with the least I/O amplifcation or overhead. Manually
|
||||
running compaction is not recommended, or compaction via a timer, due to
|
||||
creating unnecessary I/O amplification. RocksDB is built with io_uring support
|
||||
|
@ -50,7 +50,7 @@ Some RocksDB settings can be adjusted such as the compression method chosen. See
|
|||
the RocksDB section in the [example config](configuration/examples.md).
|
||||
|
||||
btrfs users have reported that database compression does not need to be disabled
|
||||
on Continuwuity as the filesystem already does not attempt to compress. This can be
|
||||
on conduwuit as the filesystem already does not attempt to compress. This can be
|
||||
validated by using `filefrag -v` on a `.SST` file in your database, and ensure
|
||||
the `physical_offset` matches (no filesystem compression). It is very important
|
||||
to ensure no additional filesystem compression takes place as this can render
|
||||
|
@ -70,8 +70,8 @@ they're server logs or database logs, however they are critical RocksDB files
|
|||
related to WAL tracking.
|
||||
|
||||
The only safe files that can be deleted are the `LOG` files (all caps). These
|
||||
are the real RocksDB telemetry/log files, however Continuwuity has already
|
||||
configured to only store up to 3 RocksDB `LOG` files due to generally being
|
||||
are the real RocksDB telemetry/log files, however conduwuit has already
|
||||
configured to only store up to 3 RocksDB `LOG` files due to generall being
|
||||
useless for average users unless troubleshooting something low-level. If you
|
||||
would like to store nearly none at all, see the `rocksdb_max_log_files`
|
||||
config option.
|
||||
|
@ -88,7 +88,7 @@ still be joined together.
|
|||
|
||||
To restore a backup from an online RocksDB backup:
|
||||
|
||||
- shutdown Continuwuity
|
||||
- shutdown conduwuit
|
||||
- create a new directory for merging together the data
|
||||
- in the online backup created, copy all `.sst` files in
|
||||
`$DATABASE_BACKUP_PATH/shared_checksum` to your new directory
|
||||
|
@ -99,9 +99,9 @@ To restore a backup from an online RocksDB backup:
|
|||
if you have multiple) to your new directory
|
||||
- set your `database_path` config option to your new directory, or replace your
|
||||
old one with the new one you crafted
|
||||
- start up Continuwuity again and it should open as normal
|
||||
- start up conduwuit again and it should open as normal
|
||||
|
||||
If you'd like to do an offline backup, shutdown Continuwuity and copy your
|
||||
If you'd like to do an offline backup, shutdown conduwuit and copy your
|
||||
`database_path` directory elsewhere. This can be restored with no modifications
|
||||
needed.
|
||||
|
||||
|
@ -110,7 +110,7 @@ directory.
|
|||
|
||||
## Media
|
||||
|
||||
Media still needs various work, however Continuwuity implements media deletion via:
|
||||
Media still needs various work, however conduwuit implements media deletion via:
|
||||
|
||||
- MXC URI or Event ID (unencrypted and attempts to find the MXC URI in the
|
||||
event)
|
||||
|
@ -118,17 +118,17 @@ event)
|
|||
- Delete remote media in the past `N` seconds/minutes via filesystem metadata on
|
||||
the file created time (`btime`) or file modified time (`mtime`)
|
||||
|
||||
See the `!admin media` command for further information. All media in Continuwuity
|
||||
See the `!admin media` command for further information. All media in conduwuit
|
||||
is stored at `$DATABASE_DIR/media`. This will be configurable soon.
|
||||
|
||||
If you are finding yourself needing extensive granular control over media, we
|
||||
recommend looking into [Matrix Media
|
||||
Repo](https://github.com/t2bot/matrix-media-repo). Continuwuity intends to
|
||||
Repo](https://github.com/t2bot/matrix-media-repo). conduwuit intends to
|
||||
implement various utilities for media, but MMR is dedicated to extensive media
|
||||
management.
|
||||
|
||||
Built-in S3 support is also planned, but for now using a "S3 filesystem" on
|
||||
`media/` works. Continuwuity also sends a `Cache-Control` header of 1 year and
|
||||
`media/` works. conduwuit also sends a `Cache-Control` header of 1 year and
|
||||
immutable for all media requests (download and thumbnail) to reduce unnecessary
|
||||
media requests from browsers, reduce bandwidth usage, and reduce load.
|
||||
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
{{#include ../SECURITY.md}}
|
3
docs/static/_headers
vendored
3
docs/static/_headers
vendored
|
@ -1,6 +1,3 @@
|
|||
/.well-known/matrix/*
|
||||
Access-Control-Allow-Origin: *
|
||||
Content-Type: application/json
|
||||
/.well-known/continuwuity/*
|
||||
Access-Control-Allow-Origin: *
|
||||
Content-Type: application/json
|
9
docs/static/announcements.json
vendored
9
docs/static/announcements.json
vendored
|
@ -1,9 +0,0 @@
|
|||
{
|
||||
"$schema": "https://continuwuity.org/schema/announcements.schema.json",
|
||||
"announcements": [
|
||||
{
|
||||
"id": 1,
|
||||
"message": "Welcome to Continuwuity! Important announcements about the project will appear here."
|
||||
}
|
||||
]
|
||||
}
|
31
docs/static/announcements.schema.json
vendored
31
docs/static/announcements.schema.json
vendored
|
@ -1,31 +0,0 @@
|
|||
{
|
||||
"$schema": "http://json-schema.org/draft-04/schema#",
|
||||
"$id": "https://continwuity.org/schema/announcements.schema.json",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"updates": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"id": {
|
||||
"type": "integer"
|
||||
},
|
||||
"message": {
|
||||
"type": "string"
|
||||
},
|
||||
"date": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"id",
|
||||
"message"
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"updates"
|
||||
]
|
||||
}
|
24
docs/static/support
vendored
24
docs/static/support
vendored
|
@ -1,24 +0,0 @@
|
|||
{
|
||||
"contacts": [
|
||||
{
|
||||
"email_address": "security@continuwuity.org",
|
||||
"role": "m.role.security"
|
||||
},
|
||||
{
|
||||
"matrix_id": "@tom:continuwuity.org",
|
||||
"email_address": "tom@tcpip.uk",
|
||||
"role": "m.role.admin"
|
||||
},
|
||||
{
|
||||
"matrix_id": "@jade:continuwuity.org",
|
||||
"email_address": "jade@continuwuity.org",
|
||||
"role": "m.role.admin"
|
||||
},
|
||||
{
|
||||
"matrix_id": "@nex:continuwuity.org",
|
||||
"email_address": "nex@continuwuity.org",
|
||||
"role": "m.role.admin"
|
||||
}
|
||||
],
|
||||
"support_page": "https://continuwuity.org/introduction#contact"
|
||||
}
|
|
@ -1,48 +1,47 @@
|
|||
# Troubleshooting Continuwuity
|
||||
# Troubleshooting conduwuit
|
||||
|
||||
> **Docker users ⚠️**
|
||||
> ## Docker users ⚠️
|
||||
>
|
||||
> Docker can be difficult to use and debug. It's common for Docker
|
||||
> misconfigurations to cause issues, particularly with networking and permissions.
|
||||
> Please check that your issues are not due to problems with your Docker setup.
|
||||
> Docker is extremely UX unfriendly. Because of this, a ton of issues or support
|
||||
> is actually Docker support, not conduwuit support. We also cannot document the
|
||||
> ever-growing list of Docker issues here.
|
||||
>
|
||||
> If you intend on asking for support and you are using Docker, **PLEASE**
|
||||
> triple validate your issues are **NOT** because you have a misconfiguration in
|
||||
> your Docker setup.
|
||||
>
|
||||
> If there are things like Compose file issues or Dockerhub image issues, those
|
||||
> can still be mentioned as long as they're something we can fix.
|
||||
|
||||
## Continuwuity and Matrix issues
|
||||
## conduwuit and Matrix issues
|
||||
|
||||
### Lost access to admin room
|
||||
#### Lost access to admin room
|
||||
|
||||
You can reinvite yourself to the admin room through the following methods:
|
||||
|
||||
- Use the `--execute "users make_user_admin <username>"` Continuwuity binary
|
||||
- Use the `--execute "users make_user_admin <username>"` conduwuit binary
|
||||
argument once to invite yourslf to the admin room on startup
|
||||
- Use the Continuwuity console/CLI to run the `users make_user_admin` command
|
||||
- Use the conduwuit console/CLI to run the `users make_user_admin` command
|
||||
- Or specify the `emergency_password` config option to allow you to temporarily
|
||||
log into the server account (`@conduit`) from a web client
|
||||
|
||||
## General potential issues
|
||||
|
||||
### Potential DNS issues when using Docker
|
||||
#### Potential DNS issues when using Docker
|
||||
|
||||
Docker's DNS setup for containers in a non-default network intercepts queries to
|
||||
enable resolving of container hostnames to IP addresses. However, due to
|
||||
performance issues with Docker's built-in resolver, this can cause DNS queries
|
||||
to take a long time to resolve, resulting in federation issues.
|
||||
|
||||
This is particularly common with Docker Compose, as custom networks are easily
|
||||
created and configured.
|
||||
|
||||
Symptoms of this include excessively long room joins (30+ minutes) from very
|
||||
long DNS timeouts, log entries of "mismatching responding nameservers",
|
||||
Docker has issues with its default DNS setup that may cause DNS to not be
|
||||
properly functional when running conduwuit, resulting in federation issues. The
|
||||
symptoms of this have shown in excessively long room joins (30+ minutes) from
|
||||
very long DNS timeouts, log entries of "mismatching responding nameservers",
|
||||
and/or partial or non-functional inbound/outbound federation.
|
||||
|
||||
This is not a bug in continuwuity. Docker's default DNS resolver is not suitable
|
||||
for heavy DNS activity, which is normal for federated protocols like Matrix.
|
||||
|
||||
Workarounds:
|
||||
|
||||
This is **not** a conduwuit issue, and is purely a Docker issue. It is not
|
||||
sustainable for heavy DNS activity which is normal for Matrix federation. The
|
||||
workarounds for this are:
|
||||
- Use DNS over TCP via the config option `query_over_tcp_only = true`
|
||||
- Bypass Docker's default DNS setup and instead allow the container to use and communicate with your host's DNS servers. Typically, this can be done by mounting the host's `/etc/resolv.conf`.
|
||||
- Don't use Docker's default DNS setup and instead allow the container to use
|
||||
and communicate with your host's DNS servers (host's `/etc/resolv.conf`)
|
||||
|
||||
### DNS No connections available error message
|
||||
#### DNS No connections available error message
|
||||
|
||||
If you receive spurious amounts of error logs saying "DNS No connections
|
||||
available", this is due to your DNS server (servers from `/etc/resolv.conf`)
|
||||
|
@ -65,7 +64,7 @@ very computationally expensive, and is extremely susceptible to denial of
|
|||
service, especially on Matrix. Many servers also strangely have broken DNSSEC
|
||||
setups and will result in non-functional federation.
|
||||
|
||||
Continuwuity cannot provide a "works-for-everyone" Unbound DNS setup guide, but
|
||||
conduwuit cannot provide a "works-for-everyone" Unbound DNS setup guide, but
|
||||
the [official Unbound tuning guide][unbound-tuning] and the [Unbound Arch Linux wiki page][unbound-arch]
|
||||
may be of interest. Disabling DNSSEC on Unbound is commenting out trust-anchors
|
||||
config options and removing the `validator` module.
|
||||
|
@ -76,9 +75,9 @@ high load, and we have identified its DNS caching to not be very effective.
|
|||
dnsmasq can possibly work, but it does **not** support TCP fallback which can be
|
||||
problematic when receiving large DNS responses such as from large SRV records.
|
||||
If you still want to use dnsmasq, make sure you **disable** `dns_tcp_fallback`
|
||||
in Continuwuity config.
|
||||
in conduwuit config.
|
||||
|
||||
Raising `dns_cache_entries` in Continuwuity config from the default can also assist
|
||||
Raising `dns_cache_entries` in conduwuit config from the default can also assist
|
||||
in DNS caching, but a full-fledged external caching resolver is better and more
|
||||
reliable.
|
||||
|
||||
|
@ -92,13 +91,13 @@ reliability at a slight performance cost due to TCP overhead.
|
|||
|
||||
## RocksDB / database issues
|
||||
|
||||
### Database corruption
|
||||
#### Database corruption
|
||||
|
||||
If your database is corrupted *and* is failing to start (e.g. checksum
|
||||
mismatch), it may be recoverable but careful steps must be taken, and there is
|
||||
no guarantee it may be recoverable.
|
||||
|
||||
The first thing that can be done is launching Continuwuity with the
|
||||
The first thing that can be done is launching conduwuit with the
|
||||
`rocksdb_repair` config option set to true. This will tell RocksDB to attempt to
|
||||
repair itself at launch. If this does not work, disable the option and continue
|
||||
reading.
|
||||
|
@ -110,7 +109,7 @@ RocksDB has the following recovery modes:
|
|||
- `PointInTime`
|
||||
- `SkipAnyCorruptedRecord`
|
||||
|
||||
By default, Continuwuity uses `TolerateCorruptedTailRecords` as generally these may
|
||||
By default, conduwuit uses `TolerateCorruptedTailRecords` as generally these may
|
||||
be due to bad federation and we can re-fetch the correct data over federation.
|
||||
The RocksDB default is `PointInTime` which will attempt to restore a "snapshot"
|
||||
of the data when it was last known to be good. This data can be either a few
|
||||
|
@ -127,12 +126,12 @@ if `PointInTime` does not work as a last ditch effort.
|
|||
|
||||
With this in mind:
|
||||
|
||||
- First start Continuwuity with the `PointInTime` recovery method. See the [example
|
||||
- First start conduwuit with the `PointInTime` recovery method. See the [example
|
||||
config](configuration/examples.md) for how to do this using
|
||||
`rocksdb_recovery_mode`
|
||||
- If your database successfully opens, clients are recommended to clear their
|
||||
client cache to account for the rollback
|
||||
- Leave your Continuwuity running in `PointInTime` for at least 30-60 minutes so as
|
||||
- Leave your conduwuit running in `PointInTime` for at least 30-60 minutes so as
|
||||
much possible corruption is restored
|
||||
- If all goes will, you should be able to restore back to using
|
||||
`TolerateCorruptedTailRecords` and you have successfully recovered your database
|
||||
|
@ -143,16 +142,16 @@ Note that users should not really be debugging things. If you find yourself
|
|||
debugging and find the issue, please let us know and/or how we can fix it.
|
||||
Various debug commands can be found in `!admin debug`.
|
||||
|
||||
### Debug/Trace log level
|
||||
#### Debug/Trace log level
|
||||
|
||||
Continuwuity builds without debug or trace log levels at compile time by default
|
||||
conduwuit builds without debug or trace log levels at compile time by default
|
||||
for substantial performance gains in CPU usage and improved compile times. If
|
||||
you need to access debug/trace log levels, you will need to build without the
|
||||
`release_max_log_level` feature or use our provided static debug binaries.
|
||||
|
||||
### Changing log level dynamically
|
||||
#### Changing log level dynamically
|
||||
|
||||
Continuwuity supports changing the tracing log environment filter on-the-fly using
|
||||
conduwuit supports changing the tracing log environment filter on-the-fly using
|
||||
the admin command `!admin debug change-log-level <log env filter>`. This accepts
|
||||
a string **without quotes** the same format as the `log` config option.
|
||||
|
||||
|
@ -167,9 +166,9 @@ load, simply pass the `--reset` flag.
|
|||
|
||||
`!admin debug change-log-level --reset`
|
||||
|
||||
### Pinging servers
|
||||
#### Pinging servers
|
||||
|
||||
Continuwuity can ping other servers using `!admin debug ping <server>`. This takes
|
||||
conduwuit can ping other servers using `!admin debug ping <server>`. This takes
|
||||
a server name and goes through the server discovery process and queries
|
||||
`/_matrix/federation/v1/version`. Errors are outputted.
|
||||
|
||||
|
@ -178,15 +177,15 @@ server performance on either side as that endpoint is completely unauthenticated
|
|||
and simply fetches a string on a static JSON endpoint. It is very low cost both
|
||||
bandwidth and computationally.
|
||||
|
||||
### Allocator memory stats
|
||||
#### Allocator memory stats
|
||||
|
||||
When using jemalloc with jemallocator's `stats` feature (`--enable-stats`), you
|
||||
can see Continuwuity's high-level allocator stats by using
|
||||
can see conduwuit's high-level allocator stats by using
|
||||
`!admin server memory-usage` at the bottom.
|
||||
|
||||
If you are a developer, you can also view the raw jemalloc statistics with
|
||||
`!admin debug memory-stats`. Please note that this output is extremely large
|
||||
which may only be visible in the Continuwuity console CLI due to PDU size limits,
|
||||
which may only be visible in the conduwuit console CLI due to PDU size limits,
|
||||
and is not easy for non-developers to understand.
|
||||
|
||||
[unbound-tuning]: https://unbound.docs.nlnetlabs.nl/en/latest/topics/core/performance.html
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Setting up TURN/STURN
|
||||
|
||||
In order to make or receive calls, a TURN server is required. Continuwuity suggests
|
||||
In order to make or receive calls, a TURN server is required. conduwuit suggests
|
||||
using [Coturn](https://github.com/coturn/coturn) for this purpose, which is also
|
||||
available as a Docker image.
|
||||
|
||||
|
@ -17,9 +17,9 @@ realm=<your server domain>
|
|||
A common way to generate a suitable alphanumeric secret key is by using `pwgen
|
||||
-s 64 1`.
|
||||
|
||||
These same values need to be set in Continuwuity. See the [example
|
||||
These same values need to be set in conduwuit. See the [example
|
||||
config](configuration/examples.md) in the TURN section for configuring these and
|
||||
restart Continuwuity after.
|
||||
restart conduwuit after.
|
||||
|
||||
`turn_secret` or a path to `turn_secret_file` must have a value of your
|
||||
coturn `static-auth-secret`, or use `turn_username` and `turn_password`
|
||||
|
@ -34,7 +34,7 @@ If you are using TURN over TLS, you can replace `turn:` with `turns:` in the
|
|||
TURN over TLS. This is highly recommended.
|
||||
|
||||
If you need unauthenticated access to the TURN URIs, or some clients may be
|
||||
having trouble, you can enable `turn_guest_access` in Continuwuity which disables
|
||||
having trouble, you can enable `turn_guest_access` in conduwuit which disables
|
||||
authentication for the TURN URI endpoint `/_matrix/client/v3/voip/turnServer`
|
||||
|
||||
### Run
|
||||
|
|
|
@ -75,9 +75,9 @@ dockerTools.buildImage {
|
|||
else [];
|
||||
|
||||
Env = [
|
||||
"CONTINUWUITY_TLS__KEY=${./private_key.key}"
|
||||
"CONTINUWUITY_TLS__CERTS=${./certificate.crt}"
|
||||
"CONTINUWUITY_CONFIG=${./config.toml}"
|
||||
"CONDUWUIT_TLS__KEY=${./private_key.key}"
|
||||
"CONDUWUIT_TLS__CERTS=${./certificate.crt}"
|
||||
"CONDUWUIT_CONFIG=${./config.toml}"
|
||||
"RUST_BACKTRACE=full"
|
||||
];
|
||||
|
||||
|
|
|
@ -130,8 +130,7 @@ buildDepsOnlyEnv =
|
|||
});
|
||||
|
||||
buildPackageEnv = {
|
||||
GIT_COMMIT_HASH = inputs.self.rev or inputs.self.dirtyRev or "";
|
||||
GIT_COMMIT_HASH_SHORT = inputs.self.shortRev or inputs.self.dirtyShortRev or "";
|
||||
CONDUWUIT_VERSION_EXTRA = inputs.self.shortRev or inputs.self.dirtyShortRev or "";
|
||||
} // buildDepsOnlyEnv // {
|
||||
# Only needed in static stdenv because these are transitive dependencies of rocksdb
|
||||
CARGO_BUILD_RUSTFLAGS = buildDepsOnlyEnv.CARGO_BUILD_RUSTFLAGS
|
||||
|
|
|
@ -33,13 +33,13 @@ dockerTools.buildLayeredImage {
|
|||
<jason@zemos.net>";
|
||||
"org.opencontainers.image.created" ="@${toString inputs.self.lastModified}";
|
||||
"org.opencontainers.image.description" = "a very cool Matrix chat homeserver written in Rust";
|
||||
"org.opencontainers.image.documentation" = "https://continuwuity.org/";
|
||||
"org.opencontainers.image.documentation" = "https://conduwuit.puppyirl.gay/";
|
||||
"org.opencontainers.image.licenses" = "Apache-2.0";
|
||||
"org.opencontainers.image.revision" = inputs.self.rev or inputs.self.dirtyRev or "";
|
||||
"org.opencontainers.image.source" = "https://forgejo.ellis.link/continuwuation/continuwuity";
|
||||
"org.opencontainers.image.source" = "https://github.com/girlbossceo/conduwuit";
|
||||
"org.opencontainers.image.title" = main.pname;
|
||||
"org.opencontainers.image.url" = "https://continuwuity.org/";
|
||||
"org.opencontainers.image.vendor" = "continuwuation";
|
||||
"org.opencontainers.image.url" = "https://conduwuit.puppyirl.gay/";
|
||||
"org.opencontainers.image.vendor" = "girlbossceo";
|
||||
"org.opencontainers.image.version" = main.version;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -94,7 +94,7 @@ async fn process_command(services: Arc<Services>, input: &CommandInput) -> Proce
|
|||
#[allow(clippy::result_large_err)]
|
||||
fn handle_panic(error: &Error, command: &CommandInput) -> ProcessorResult {
|
||||
let link =
|
||||
"Please submit a [bug report](https://forgejo.ellis.link/continuwuation/continuwuity/issues/new). 🥺";
|
||||
"Please submit a [bug report](https://github.com/girlbossceo/conduwuit/issues/new). 🥺";
|
||||
let msg = format!("Panic occurred while processing command:\n```\n{error:#?}\n```\n{link}");
|
||||
let content = RoomMessageEventContent::notice_markdown(msg);
|
||||
error!("Panic while processing command: {error:?}");
|
||||
|
|
|
@ -11,7 +11,7 @@ pub(crate) enum GlobalsCommand {
|
|||
|
||||
CurrentCount,
|
||||
|
||||
LastCheckForAnnouncementsId,
|
||||
LastCheckForUpdatesId,
|
||||
|
||||
/// - This returns an empty `Ok(BTreeMap<..>)` when there are no keys found
|
||||
/// for the server.
|
||||
|
@ -39,12 +39,9 @@ pub(super) async fn process(subcommand: GlobalsCommand, context: &Context<'_>) -
|
|||
|
||||
write!(context, "Query completed in {query_time:?}:\n\n```rs\n{results:#?}\n```")
|
||||
},
|
||||
| GlobalsCommand::LastCheckForAnnouncementsId => {
|
||||
| GlobalsCommand::LastCheckForUpdatesId => {
|
||||
let timer = tokio::time::Instant::now();
|
||||
let results = services
|
||||
.announcements
|
||||
.last_check_for_announcements_id()
|
||||
.await;
|
||||
let results = services.updates.last_check_for_updates_id().await;
|
||||
let query_time = timer.elapsed();
|
||||
|
||||
write!(context, "Query completed in {query_time:?}:\n\n```rs\n{results:#?}\n```")
|
||||
|
|
|
@ -36,7 +36,7 @@ pub(super) enum ServerCommand {
|
|||
/// - Print database memory usage statistics
|
||||
MemoryUsage,
|
||||
|
||||
/// - Clears all of Continuwuity's caches
|
||||
/// - Clears all of Conduwuit's caches
|
||||
ClearCaches,
|
||||
|
||||
/// - Performs an online backup of the database (only available for RocksDB
|
||||
|
|
|
@ -15,7 +15,7 @@ use crate::Ruma;
|
|||
|
||||
/// # `GET /_matrix/client/v3/capabilities`
|
||||
///
|
||||
/// Get information on the supported feature set and other relevant capabilities
|
||||
/// Get information on the supported feature set and other relevent capabilities
|
||||
/// of this server.
|
||||
pub(crate) async fn get_capabilities_route(
|
||||
State(services): State<crate::State>,
|
||||
|
|
|
@ -52,8 +52,13 @@ pub(crate) async fn get_public_rooms_filtered_route(
|
|||
) -> Result<get_public_rooms_filtered::v3::Response> {
|
||||
if let Some(server) = &body.server {
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_room_directory_forbidden(server)
|
||||
.config
|
||||
.forbidden_remote_room_directory_server_names
|
||||
.is_match(server.host())
|
||||
|| services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
return Err!(Request(Forbidden("Server is banned on this homeserver.")));
|
||||
}
|
||||
|
@ -87,7 +92,15 @@ pub(crate) async fn get_public_rooms_route(
|
|||
body: Ruma<get_public_rooms::v3::Request>,
|
||||
) -> Result<get_public_rooms::v3::Response> {
|
||||
if let Some(server) = &body.server {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_room_directory_server_names
|
||||
.is_match(server.host())
|
||||
|| services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
return Err!(Request(Forbidden("Server is banned on this homeserver.")));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -83,8 +83,9 @@ async fn banned_room_check(
|
|||
if let Some(room_id) = room_id {
|
||||
if services.rooms.metadata.is_banned(room_id).await
|
||||
|| services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(room_id.server_name().expect("legacy room mxid"))
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(room_id.server_name().expect("legacy room mxid").host())
|
||||
{
|
||||
warn!(
|
||||
"User {user_id} who is not an admin attempted to send an invite for or \
|
||||
|
@ -1855,10 +1856,7 @@ pub async fn leave_room(
|
|||
|
||||
// Ask a remote server if we don't have this room and are not knocking on it
|
||||
if dont_have_room.and(not_knocked).await {
|
||||
if let Err(e) = remote_leave_room(services, user_id, room_id, reason.clone())
|
||||
.boxed()
|
||||
.await
|
||||
{
|
||||
if let Err(e) = remote_leave_room(services, user_id, room_id).boxed().await {
|
||||
warn!(%user_id, "Failed to leave room {room_id} remotely: {e}");
|
||||
// Don't tell the client about this error
|
||||
}
|
||||
|
@ -1943,7 +1941,6 @@ async fn remote_leave_room(
|
|||
services: &Services,
|
||||
user_id: &UserId,
|
||||
room_id: &RoomId,
|
||||
reason: Option<String>,
|
||||
) -> Result<()> {
|
||||
let mut make_leave_response_and_server =
|
||||
Err!(BadServerResponse("No remote server available to assist in leaving {room_id}."));
|
||||
|
@ -2060,12 +2057,6 @@ async fn remote_leave_room(
|
|||
.expect("Timestamp is valid js_int value"),
|
||||
),
|
||||
);
|
||||
// Inject the reason key into the event content dict if it exists
|
||||
if let Some(reason) = reason {
|
||||
if let Some(CanonicalJsonValue::Object(content)) = leave_event_stub.get_mut("content") {
|
||||
content.insert("reason".to_owned(), CanonicalJsonValue::String(reason));
|
||||
}
|
||||
}
|
||||
|
||||
// room v3 and above removed the "event_id" field from remote PDU format
|
||||
match room_version_id {
|
||||
|
@ -2162,109 +2153,6 @@ async fn knock_room_by_id_helper(
|
|||
}
|
||||
}
|
||||
|
||||
// For knock_restricted rooms, check if the user meets the restricted conditions
|
||||
// If they do, attempt to join instead of knock
|
||||
// This is not mentioned in the spec, but should be allowable (we're allowed to
|
||||
// auto-join invites to knocked rooms)
|
||||
let join_rule = services.rooms.state_accessor.get_join_rules(room_id).await;
|
||||
if let JoinRule::KnockRestricted(restricted) = &join_rule {
|
||||
let restriction_rooms: Vec<_> = restricted
|
||||
.allow
|
||||
.iter()
|
||||
.filter_map(|a| match a {
|
||||
| AllowRule::RoomMembership(r) => Some(&r.room_id),
|
||||
| _ => None,
|
||||
})
|
||||
.collect();
|
||||
|
||||
// Check if the user is in any of the allowed rooms
|
||||
let mut user_meets_restrictions = false;
|
||||
for restriction_room_id in &restriction_rooms {
|
||||
if services
|
||||
.rooms
|
||||
.state_cache
|
||||
.is_joined(sender_user, restriction_room_id)
|
||||
.await
|
||||
{
|
||||
user_meets_restrictions = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// If the user meets the restrictions, try joining instead
|
||||
if user_meets_restrictions {
|
||||
debug_info!(
|
||||
"{sender_user} meets the restricted criteria in knock_restricted room \
|
||||
{room_id}, attempting to join instead of knock"
|
||||
);
|
||||
// For this case, we need to drop the state lock and get a new one in
|
||||
// join_room_by_id_helper We need to release the lock here and let
|
||||
// join_room_by_id_helper acquire it again
|
||||
drop(state_lock);
|
||||
match join_room_by_id_helper(
|
||||
services,
|
||||
sender_user,
|
||||
room_id,
|
||||
reason.clone(),
|
||||
servers,
|
||||
None,
|
||||
&None,
|
||||
)
|
||||
.await
|
||||
{
|
||||
| Ok(_) => return Ok(knock_room::v3::Response::new(room_id.to_owned())),
|
||||
| Err(e) => {
|
||||
debug_warn!(
|
||||
"Failed to convert knock to join for {sender_user} in {room_id}: {e:?}"
|
||||
);
|
||||
// Get a new state lock for the remaining knock logic
|
||||
let new_state_lock = services.rooms.state.mutex.lock(room_id).await;
|
||||
|
||||
let server_in_room = services
|
||||
.rooms
|
||||
.state_cache
|
||||
.server_in_room(services.globals.server_name(), room_id)
|
||||
.await;
|
||||
|
||||
let local_knock = server_in_room
|
||||
|| servers.is_empty()
|
||||
|| (servers.len() == 1 && services.globals.server_is_ours(&servers[0]));
|
||||
|
||||
if local_knock {
|
||||
knock_room_helper_local(
|
||||
services,
|
||||
sender_user,
|
||||
room_id,
|
||||
reason,
|
||||
servers,
|
||||
new_state_lock,
|
||||
)
|
||||
.boxed()
|
||||
.await?;
|
||||
} else {
|
||||
knock_room_helper_remote(
|
||||
services,
|
||||
sender_user,
|
||||
room_id,
|
||||
reason,
|
||||
servers,
|
||||
new_state_lock,
|
||||
)
|
||||
.boxed()
|
||||
.await?;
|
||||
}
|
||||
|
||||
return Ok(knock_room::v3::Response::new(room_id.to_owned()));
|
||||
},
|
||||
}
|
||||
}
|
||||
} else if !matches!(join_rule, JoinRule::Knock | JoinRule::KnockRestricted(_)) {
|
||||
debug_warn!(
|
||||
"{sender_user} attempted to knock on room {room_id} but its join rule is \
|
||||
{join_rule:?}, not knock or knock_restricted"
|
||||
);
|
||||
}
|
||||
|
||||
let server_in_room = services
|
||||
.rooms
|
||||
.state_cache
|
||||
|
@ -2312,12 +2200,6 @@ async fn knock_room_helper_local(
|
|||
return Err!(Request(Forbidden("This room does not support knocking.")));
|
||||
}
|
||||
|
||||
// Verify that this room has a valid knock or knock_restricted join rule
|
||||
let join_rule = services.rooms.state_accessor.get_join_rules(room_id).await;
|
||||
if !matches!(join_rule, JoinRule::Knock | JoinRule::KnockRestricted(_)) {
|
||||
return Err!(Request(Forbidden("This room's join rule does not allow knocking.")));
|
||||
}
|
||||
|
||||
let content = RoomMemberEventContent {
|
||||
displayname: services.users.displayname(sender_user).await.ok(),
|
||||
avatar_url: services.users.avatar_url(sender_user).await.ok(),
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
use core::panic;
|
||||
|
||||
use axum::extract::State;
|
||||
use conduwuit::{
|
||||
Err, Result, at,
|
||||
|
@ -134,6 +132,8 @@ pub(crate) async fn get_message_events_route(
|
|||
.take(limit)
|
||||
.collect()
|
||||
.await;
|
||||
// let appservice_id = body.appservice_info.map(|appservice|
|
||||
// appservice.registration.id);
|
||||
|
||||
let lazy_loading_context = lazy_loading::Context {
|
||||
user_id: sender_user,
|
||||
|
@ -143,10 +143,7 @@ pub(crate) async fn get_message_events_route(
|
|||
if let Some(registration) = body.appservice_info.as_ref() {
|
||||
<&DeviceId>::from(registration.registration.id.as_str())
|
||||
} else {
|
||||
panic!(
|
||||
"No device_id provided and no appservice registration found, this \
|
||||
should be unreachable"
|
||||
);
|
||||
<&DeviceId>::from("")
|
||||
},
|
||||
},
|
||||
room_id,
|
||||
|
@ -277,13 +274,12 @@ pub(crate) async fn is_ignored_pdu(
|
|||
let ignored_type = IGNORED_MESSAGE_TYPES.binary_search(&pdu.kind).is_ok();
|
||||
|
||||
let ignored_server = services
|
||||
.moderation
|
||||
.is_remote_server_ignored(pdu.sender().server_name());
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(pdu.sender().server_name().host());
|
||||
|
||||
if ignored_type
|
||||
&& (ignored_server
|
||||
|| (!services.config.send_messages_from_ignored_users_to_client
|
||||
&& services.users.user_is_ignored(&pdu.sender, user_id).await))
|
||||
&& (ignored_server || services.users.user_is_ignored(&pdu.sender, user_id).await)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -107,6 +107,7 @@ pub(crate) async fn create_room_route(
|
|||
|
||||
return Err!(Request(Forbidden("Publishing rooms to the room directory is not allowed")));
|
||||
}
|
||||
|
||||
let _short_id = services
|
||||
.rooms
|
||||
.short
|
||||
|
@ -605,42 +606,24 @@ fn custom_room_id_check(services: &Services, custom_room_id: &str) -> Result<Own
|
|||
return Err(Error::BadRequest(ErrorKind::Unknown, "Custom room ID is forbidden."));
|
||||
}
|
||||
|
||||
let server_name = services.globals.server_name();
|
||||
let mut room_id = custom_room_id.to_owned();
|
||||
if custom_room_id.contains(':') {
|
||||
if !custom_room_id.starts_with('!') {
|
||||
return Err(Error::BadRequest(
|
||||
ErrorKind::InvalidParam,
|
||||
"Custom room ID contains an unexpected `:` which is not allowed.",
|
||||
));
|
||||
}
|
||||
} else if custom_room_id.starts_with('!') {
|
||||
return Err(Error::BadRequest(
|
||||
ErrorKind::InvalidParam,
|
||||
"Room ID is prefixed with !, but is not fully qualified. You likely did not want \
|
||||
this.",
|
||||
"Custom room ID contained `:` which is not allowed. Please note that this expects a \
|
||||
localpart, not the full room ID.",
|
||||
));
|
||||
} else if custom_room_id.contains(char::is_whitespace) {
|
||||
return Err(Error::BadRequest(
|
||||
ErrorKind::InvalidParam,
|
||||
"Custom room ID contained spaces which is not valid.",
|
||||
));
|
||||
} else {
|
||||
room_id = format!("!{custom_room_id}:{server_name}");
|
||||
}
|
||||
OwnedRoomId::parse(room_id)
|
||||
|
||||
let server_name = services.globals.server_name();
|
||||
let full_room_id = format!("!{custom_room_id}:{server_name}");
|
||||
|
||||
OwnedRoomId::parse(full_room_id)
|
||||
.map_err(Into::into)
|
||||
.and_then(|full_room_id| {
|
||||
if full_room_id
|
||||
.server_name()
|
||||
.expect("failed to extract server name from room ID")
|
||||
!= server_name
|
||||
{
|
||||
Err(Error::BadRequest(
|
||||
ErrorKind::InvalidParam,
|
||||
"Custom room ID must be on this server.",
|
||||
))
|
||||
} else {
|
||||
Ok(full_room_id)
|
||||
}
|
||||
})
|
||||
.inspect(|full_room_id| {
|
||||
debug_info!(?full_room_id, "Full custom room ID");
|
||||
})
|
||||
.inspect(|full_room_id| debug_info!(?full_room_id, "Full custom room ID"))
|
||||
.inspect_err(|e| warn!(?e, ?custom_room_id, "Failed to create room with custom room ID",))
|
||||
}
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
use axum::{Json, extract::State, response::IntoResponse};
|
||||
use conduwuit::{Error, Result};
|
||||
use futures::StreamExt;
|
||||
use ruma::api::client::{
|
||||
discovery::{
|
||||
discover_homeserver::{self, HomeserverInfo, SlidingSyncProxyInfo},
|
||||
|
@ -18,7 +17,7 @@ pub(crate) async fn well_known_client(
|
|||
State(services): State<crate::State>,
|
||||
_body: Ruma<discover_homeserver::Request>,
|
||||
) -> Result<discover_homeserver::Response> {
|
||||
let client_url = match services.config.well_known.client.as_ref() {
|
||||
let client_url = match services.server.config.well_known.client.as_ref() {
|
||||
| Some(url) => url.to_string(),
|
||||
| None => return Err(Error::BadRequest(ErrorKind::NotFound, "Not found.")),
|
||||
};
|
||||
|
@ -34,63 +33,44 @@ pub(crate) async fn well_known_client(
|
|||
/// # `GET /.well-known/matrix/support`
|
||||
///
|
||||
/// Server support contact and support page of a homeserver's domain.
|
||||
/// Implements MSC1929 for server discovery.
|
||||
/// If no configuration is set, uses admin users as contacts.
|
||||
pub(crate) async fn well_known_support(
|
||||
State(services): State<crate::State>,
|
||||
_body: Ruma<discover_support::Request>,
|
||||
) -> Result<discover_support::Response> {
|
||||
let support_page = services
|
||||
.server
|
||||
.config
|
||||
.well_known
|
||||
.support_page
|
||||
.as_ref()
|
||||
.map(ToString::to_string);
|
||||
|
||||
let email_address = services.config.well_known.support_email.clone();
|
||||
let matrix_id = services.config.well_known.support_mxid.clone();
|
||||
let role = services.server.config.well_known.support_role.clone();
|
||||
|
||||
// TODO: support defining multiple contacts in the config
|
||||
// support page or role must be either defined for this to be valid
|
||||
if support_page.is_none() && role.is_none() {
|
||||
return Err(Error::BadRequest(ErrorKind::NotFound, "Not found."));
|
||||
}
|
||||
|
||||
let email_address = services.server.config.well_known.support_email.clone();
|
||||
let matrix_id = services.server.config.well_known.support_mxid.clone();
|
||||
|
||||
// if a role is specified, an email address or matrix id is required
|
||||
if role.is_some() && (email_address.is_none() && matrix_id.is_none()) {
|
||||
return Err(Error::BadRequest(ErrorKind::NotFound, "Not found."));
|
||||
}
|
||||
|
||||
// TOOD: support defining multiple contacts in the config
|
||||
let mut contacts: Vec<Contact> = vec![];
|
||||
|
||||
let role_value = services
|
||||
.config
|
||||
.well_known
|
||||
.support_role
|
||||
.clone()
|
||||
.unwrap_or_else(|| "m.role.admin".to_owned().into());
|
||||
if let Some(role) = role {
|
||||
let contact = Contact { role, email_address, matrix_id };
|
||||
|
||||
// Add configured contact if at least one contact method is specified
|
||||
if email_address.is_some() || matrix_id.is_some() {
|
||||
contacts.push(Contact {
|
||||
role: role_value.clone(),
|
||||
email_address: email_address.clone(),
|
||||
matrix_id: matrix_id.clone(),
|
||||
});
|
||||
}
|
||||
|
||||
// Try to add admin users as contacts if no contacts are configured
|
||||
if contacts.is_empty() {
|
||||
if let Ok(admin_room) = services.admin.get_admin_room().await {
|
||||
let admin_users = services.rooms.state_cache.room_members(&admin_room);
|
||||
let mut stream = admin_users;
|
||||
|
||||
while let Some(user_id) = stream.next().await {
|
||||
// Skip server user
|
||||
if *user_id == services.globals.server_user {
|
||||
break;
|
||||
}
|
||||
contacts.push(Contact {
|
||||
role: role_value.clone(),
|
||||
email_address: None,
|
||||
matrix_id: Some(user_id.to_owned()),
|
||||
});
|
||||
}
|
||||
}
|
||||
contacts.push(contact);
|
||||
}
|
||||
|
||||
// support page or role+contacts must be either defined for this to be valid
|
||||
if contacts.is_empty() && support_page.is_none() {
|
||||
// No admin room, no configured contacts, and no support page
|
||||
return Err(Error::BadRequest(ErrorKind::NotFound, "Not found."));
|
||||
}
|
||||
|
||||
|
@ -104,9 +84,9 @@ pub(crate) async fn well_known_support(
|
|||
pub(crate) async fn syncv3_client_server_json(
|
||||
State(services): State<crate::State>,
|
||||
) -> Result<impl IntoResponse> {
|
||||
let server_url = match services.config.well_known.client.as_ref() {
|
||||
let server_url = match services.server.config.well_known.client.as_ref() {
|
||||
| Some(url) => url.to_string(),
|
||||
| None => match services.config.well_known.server.as_ref() {
|
||||
| None => match services.server.config.well_known.server.as_ref() {
|
||||
| Some(url) => url.to_string(),
|
||||
| None => return Err(Error::BadRequest(ErrorKind::NotFound, "Not found.")),
|
||||
},
|
||||
|
|
|
@ -3,6 +3,7 @@ mod auth;
|
|||
mod handler;
|
||||
mod request;
|
||||
mod response;
|
||||
pub mod state;
|
||||
|
||||
use std::str::FromStr;
|
||||
|
||||
|
@ -12,11 +13,10 @@ use axum::{
|
|||
routing::{any, get, post},
|
||||
};
|
||||
use conduwuit::{Server, err};
|
||||
pub(super) use conduwuit_service::state::State;
|
||||
use http::{Uri, uri};
|
||||
|
||||
use self::handler::RouterExt;
|
||||
pub(super) use self::{args::Args as Ruma, response::RumaResponse};
|
||||
pub(super) use self::{args::Args as Ruma, response::RumaResponse, state::State};
|
||||
use crate::{client, server};
|
||||
|
||||
pub fn build(router: Router<State>, server: &Server) -> Router<State> {
|
||||
|
|
|
@ -306,7 +306,7 @@ async fn auth_server(
|
|||
}
|
||||
|
||||
fn auth_server_checks(services: &Services, x_matrix: &XMatrix) -> Result<()> {
|
||||
if !services.config.allow_federation {
|
||||
if !services.server.config.allow_federation {
|
||||
return Err!(Config("allow_federation", "Federation is disabled."));
|
||||
}
|
||||
|
||||
|
@ -316,7 +316,11 @@ fn auth_server_checks(services: &Services, x_matrix: &XMatrix) -> Result<()> {
|
|||
}
|
||||
|
||||
let origin = &x_matrix.origin;
|
||||
if services.moderation.is_remote_server_forbidden(origin) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(origin.host())
|
||||
{
|
||||
return Err!(Request(Forbidden(debug_warn!(
|
||||
"Federation requests from {origin} denied."
|
||||
))));
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
use std::{ops::Deref, sync::Arc};
|
||||
|
||||
use crate::Services;
|
||||
use conduwuit_service::Services;
|
||||
|
||||
#[derive(Clone, Copy)]
|
||||
pub struct State {
|
|
@ -37,14 +37,19 @@ pub(crate) async fn create_invite_route(
|
|||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
return Err!(Request(Forbidden("Server is banned on this homeserver.")));
|
||||
}
|
||||
}
|
||||
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
warn!(
|
||||
"Received federated/remote invite from banned server {} for room ID {}. Rejecting.",
|
||||
|
|
|
@ -42,8 +42,9 @@ pub(crate) async fn create_join_event_template_route(
|
|||
.await?;
|
||||
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} for remote user {} tried joining room ID {} which has a server name that \
|
||||
|
@ -56,7 +57,11 @@ pub(crate) async fn create_join_event_template_route(
|
|||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
return Err!(Request(Forbidden(warn!(
|
||||
"Room ID server name {server} is banned on this homeserver."
|
||||
))));
|
||||
|
|
|
@ -33,8 +33,9 @@ pub(crate) async fn create_knock_event_template_route(
|
|||
.await?;
|
||||
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} for remote user {} tried knocking room ID {} which has a server name \
|
||||
|
@ -47,7 +48,11 @@ pub(crate) async fn create_knock_event_template_route(
|
|||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
return Err!(Request(Forbidden("Server is banned on this homeserver.")));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -268,8 +268,9 @@ pub(crate) async fn create_join_event_v1_route(
|
|||
body: Ruma<create_join_event::v1::Request>,
|
||||
) -> Result<create_join_event::v1::Response> {
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} tried joining room ID {} through us who has a server name that is \
|
||||
|
@ -281,7 +282,11 @@ pub(crate) async fn create_join_event_v1_route(
|
|||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} tried joining room ID {} through us which has a server name that is \
|
||||
globally forbidden. Rejecting.",
|
||||
|
@ -309,14 +314,19 @@ pub(crate) async fn create_join_event_v2_route(
|
|||
body: Ruma<create_join_event::v2::Request>,
|
||||
) -> Result<create_join_event::v2::Response> {
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
return Err!(Request(Forbidden("Server is banned on this homeserver.")));
|
||||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} tried joining room ID {} through us which has a server name that is \
|
||||
globally forbidden. Rejecting.",
|
||||
|
|
|
@ -26,8 +26,9 @@ pub(crate) async fn create_knock_event_v1_route(
|
|||
body: Ruma<send_knock::v1::Request>,
|
||||
) -> Result<send_knock::v1::Response> {
|
||||
if services
|
||||
.moderation
|
||||
.is_remote_server_forbidden(body.origin())
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(body.origin().host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} tried knocking room ID {} who has a server name that is globally \
|
||||
|
@ -39,7 +40,11 @@ pub(crate) async fn create_knock_event_v1_route(
|
|||
}
|
||||
|
||||
if let Some(server) = body.room_id.server_name() {
|
||||
if services.moderation.is_remote_server_forbidden(server) {
|
||||
if services
|
||||
.config
|
||||
.forbidden_remote_server_names
|
||||
.is_match(server.host())
|
||||
{
|
||||
warn!(
|
||||
"Server {} tried knocking room ID {} which has a server name that is globally \
|
||||
forbidden. Rejecting.",
|
||||
|
|
|
@ -1,34 +0,0 @@
|
|||
[package]
|
||||
name = "conduwuit_build_metadata"
|
||||
categories.workspace = true
|
||||
description.workspace = true
|
||||
edition.workspace = true
|
||||
keywords.workspace = true
|
||||
license.workspace = true
|
||||
readme.workspace = true
|
||||
repository.workspace = true
|
||||
version.workspace = true
|
||||
|
||||
|
||||
build = "build.rs"
|
||||
# [[bin]]
|
||||
# path = "main.rs"
|
||||
# name = "conduwuit_build_metadata"
|
||||
|
||||
[lib]
|
||||
path = "mod.rs"
|
||||
crate-type = [
|
||||
"rlib",
|
||||
# "dylib",
|
||||
]
|
||||
|
||||
[features]
|
||||
|
||||
|
||||
[dependencies]
|
||||
|
||||
[build-dependencies]
|
||||
built = { version = "0.8", features = [] }
|
||||
|
||||
[lints]
|
||||
workspace = true
|
|
@ -1,93 +0,0 @@
|
|||
use std::process::Command;
|
||||
|
||||
fn run_git_command(args: &[&str]) -> Option<String> {
|
||||
Command::new("git")
|
||||
.args(args)
|
||||
.output()
|
||||
.ok()
|
||||
.filter(|output| output.status.success())
|
||||
.and_then(|output| String::from_utf8(output.stdout).ok())
|
||||
.map(|s| s.trim().to_owned())
|
||||
.filter(|s| !s.is_empty())
|
||||
}
|
||||
fn get_env(env_var: &str) -> Option<String> {
|
||||
match std::env::var(env_var) {
|
||||
| Ok(val) if !val.is_empty() => Some(val),
|
||||
| _ => None,
|
||||
}
|
||||
}
|
||||
fn main() {
|
||||
// built gets the default crate from the workspace. Not sure if this is intended
|
||||
// behavior, but it's what we want.
|
||||
built::write_built_file().expect("Failed to acquire build-time information");
|
||||
|
||||
// --- Git Information ---
|
||||
let mut commit_hash = None;
|
||||
let mut commit_hash_short = None;
|
||||
let mut remote_url_web = None;
|
||||
|
||||
// Get full commit hash
|
||||
if let Some(hash) =
|
||||
get_env("GIT_COMMIT_HASH").or_else(|| run_git_command(&["rev-parse", "HEAD"]))
|
||||
{
|
||||
println!("cargo:rustc-env=GIT_COMMIT_HASH={hash}");
|
||||
commit_hash = Some(hash);
|
||||
}
|
||||
|
||||
// Get short commit hash
|
||||
if let Some(short_hash) = get_env("GIT_COMMIT_HASH_SHORT")
|
||||
.or_else(|| run_git_command(&["rev-parse", "--short", "HEAD"]))
|
||||
{
|
||||
println!("cargo:rustc-env=GIT_COMMIT_HASH_SHORT={short_hash}");
|
||||
commit_hash_short = Some(short_hash);
|
||||
}
|
||||
|
||||
// Get remote URL and convert to web URL
|
||||
if let Some(remote_url_raw) = get_env("GIT_REMOTE_URL")
|
||||
.or_else(|| run_git_command(&["config", "--get", "remote.origin.url"]))
|
||||
{
|
||||
println!("cargo:rustc-env=GIT_REMOTE_URL={remote_url_raw}");
|
||||
let web_url = if remote_url_raw.starts_with("https://") {
|
||||
remote_url_raw.trim_end_matches(".git").to_owned()
|
||||
} else if remote_url_raw.starts_with("git@") {
|
||||
remote_url_raw
|
||||
.trim_end_matches(".git")
|
||||
.replacen(':', "/", 1)
|
||||
.replacen("git@", "https://", 1)
|
||||
} else if remote_url_raw.starts_with("ssh://") {
|
||||
remote_url_raw
|
||||
.trim_end_matches(".git")
|
||||
.replacen("git@", "", 1)
|
||||
.replacen("ssh:", "https:", 1)
|
||||
} else {
|
||||
// Assume it's already a web URL or unknown format
|
||||
remote_url_raw
|
||||
};
|
||||
println!("cargo:rustc-env=GIT_REMOTE_WEB_URL={web_url}");
|
||||
remote_url_web = Some(web_url);
|
||||
}
|
||||
|
||||
// Construct remote commit URL
|
||||
if let Some(remote_commit_url) = get_env("GIT_REMOTE_COMMIT_URL") {
|
||||
println!("cargo:rustc-env=GIT_REMOTE_COMMIT_URL={remote_commit_url}");
|
||||
} else if let (Some(base_url), Some(hash)) =
|
||||
(&remote_url_web, commit_hash.as_ref().or(commit_hash_short.as_ref()))
|
||||
{
|
||||
let commit_page = format!("{base_url}/commit/{hash}");
|
||||
println!("cargo:rustc-env=GIT_REMOTE_COMMIT_URL={commit_page}");
|
||||
}
|
||||
|
||||
// --- Rerun Triggers ---
|
||||
// TODO: The git rerun triggers seem to always run
|
||||
// Rerun if the git HEAD changes
|
||||
println!("cargo:rerun-if-changed=.git/HEAD");
|
||||
// Rerun if the ref pointed to by HEAD changes (e.g., new commit on branch)
|
||||
if let Some(ref_path) = run_git_command(&["symbolic-ref", "--quiet", "HEAD"]) {
|
||||
println!("cargo:rerun-if-changed=.git/{ref_path}");
|
||||
}
|
||||
|
||||
println!("cargo:rerun-if-env-changed=GIT_COMMIT_HASH");
|
||||
println!("cargo:rerun-if-env-changed=GIT_COMMIT_HASH_SHORT");
|
||||
println!("cargo:rerun-if-env-changed=GIT_REMOTE_URL");
|
||||
println!("cargo:rerun-if-env-changed=GIT_REMOTE_COMMIT_URL");
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
pub mod built {
|
||||
include!(concat!(env!("OUT_DIR"), "/built.rs"));
|
||||
}
|
||||
|
||||
pub static GIT_COMMIT_HASH: Option<&str> = option_env!("GIT_COMMIT_HASH");
|
||||
|
||||
pub static GIT_COMMIT_HASH_SHORT: Option<&str> = option_env!("GIT_COMMIT_HASH_SHORT");
|
||||
|
||||
// this would be a lot better if Option::or was const.
|
||||
pub static VERSION_EXTRA: Option<&str> =
|
||||
if let v @ Some(_) = option_env!("CONTINUWUITY_VERSION_EXTRA") {
|
||||
v
|
||||
} else if let v @ Some(_) = option_env!("CONDUWUIT_VERSION_EXTRA") {
|
||||
v
|
||||
} else {
|
||||
option_env!("CONDUIT_VERSION_EXTRA")
|
||||
};
|
||||
|
||||
#[must_use]
|
||||
pub fn version_tag() -> Option<&'static str> {
|
||||
VERSION_EXTRA
|
||||
.filter(|s| !s.is_empty())
|
||||
.or(GIT_COMMIT_HASH_SHORT)
|
||||
}
|
||||
|
||||
pub static GIT_REMOTE_WEB_URL: Option<&str> = option_env!("GIT_REMOTE_WEB_URL");
|
||||
pub static GIT_REMOTE_COMMIT_URL: Option<&str> = option_env!("GIT_REMOTE_COMMIT_URL");
|
||||
|
||||
// TODO: Mark dirty builds within the version string
|
|
@ -67,7 +67,6 @@ checked_ops.workspace = true
|
|||
chrono.workspace = true
|
||||
clap.workspace = true
|
||||
conduwuit-macros.workspace = true
|
||||
conduwuit-build-metadata.workspace = true
|
||||
const-str.workspace = true
|
||||
core_affinity.workspace = true
|
||||
ctor.workspace = true
|
||||
|
|
|
@ -274,10 +274,6 @@ pub fn set_dirty_decay<I: Into<Option<usize>>>(arena: I, decay_ms: isize) -> Res
|
|||
}
|
||||
}
|
||||
|
||||
pub fn background_thread_enable(enable: bool) -> Result<bool> {
|
||||
set::<u8>(&mallctl!("background_thread"), enable.into()).map(is_nonzero!())
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn is_affine_arena() -> bool { is_percpu_arena() || is_phycpu_arena() }
|
||||
|
|
|
@ -118,7 +118,7 @@ pub fn check(config: &Config) -> Result {
|
|||
if cfg!(not(debug_assertions)) && config.server_name == "your.server.name" {
|
||||
return Err!(Config(
|
||||
"server_name",
|
||||
"You must specify a valid server name for production usage of continuwuity."
|
||||
"You must specify a valid server name for production usage of conduwuit."
|
||||
));
|
||||
}
|
||||
|
||||
|
@ -290,7 +290,7 @@ fn warn_deprecated(config: &Config) {
|
|||
|
||||
if was_deprecated {
|
||||
warn!(
|
||||
"Read continuwuity config documentation at https://continuwuity.org/configuration.html and check your \
|
||||
"Read conduwuit config documentation at https://conduwuit.puppyirl.gay/configuration.html and check your \
|
||||
configuration if any new configuration parameters should be adjusted"
|
||||
);
|
||||
}
|
||||
|
|
|
@ -27,7 +27,7 @@ use self::proxy::ProxyConfig;
|
|||
pub use self::{check::check, manager::Manager};
|
||||
use crate::{Result, err, error::Error, utils::sys};
|
||||
|
||||
/// All the config options for continuwuity.
|
||||
/// All the config options for conduwuit.
|
||||
#[allow(clippy::struct_excessive_bools)]
|
||||
#[allow(rustdoc::broken_intra_doc_links, rustdoc::bare_urls)]
|
||||
#[derive(Clone, Debug, Deserialize)]
|
||||
|
@ -35,7 +35,7 @@ use crate::{Result, err, error::Error, utils::sys};
|
|||
filename = "conduwuit-example.toml",
|
||||
section = "global",
|
||||
undocumented = "# This item is undocumented. Please contribute documentation for it.",
|
||||
header = r#"### continuwuity Configuration
|
||||
header = r#"### conduwuit Configuration
|
||||
###
|
||||
### THIS FILE IS GENERATED. CHANGES/CONTRIBUTIONS IN THE REPO WILL BE
|
||||
### OVERWRITTEN!
|
||||
|
@ -50,7 +50,7 @@ use crate::{Result, err, error::Error, utils::sys};
|
|||
### that say "YOU NEED TO EDIT THIS".
|
||||
###
|
||||
### For more information, see:
|
||||
### https://continuwuity.org/configuration.html
|
||||
### https://conduwuit.puppyirl.gay/configuration.html
|
||||
"#,
|
||||
ignore = "catchall well_known tls blurhashing allow_invalid_tls_certificates_yes_i_know_what_the_fuck_i_am_doing_with_this_and_i_know_this_is_insecure"
|
||||
)]
|
||||
|
@ -59,7 +59,7 @@ pub struct Config {
|
|||
/// suffix for user and room IDs/aliases.
|
||||
///
|
||||
/// See the docs for reverse proxying and delegation:
|
||||
/// https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
/// https://conduwuit.puppyirl.gay/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
///
|
||||
/// Also see the `[global.well_known]` config section at the very bottom.
|
||||
///
|
||||
|
@ -70,10 +70,10 @@ pub struct Config {
|
|||
/// YOU NEED TO EDIT THIS. THIS CANNOT BE CHANGED AFTER WITHOUT A DATABASE
|
||||
/// WIPE.
|
||||
///
|
||||
/// example: "continuwuity.org"
|
||||
/// example: "conduwuit.woof"
|
||||
pub server_name: OwnedServerName,
|
||||
|
||||
/// The default address (IPv4 or IPv6) continuwuity will listen on.
|
||||
/// The default address (IPv4 or IPv6) conduwuit will listen on.
|
||||
///
|
||||
/// If you are using Docker or a container NAT networking setup, this must
|
||||
/// be "0.0.0.0".
|
||||
|
@ -85,10 +85,10 @@ pub struct Config {
|
|||
#[serde(default = "default_address")]
|
||||
address: ListeningAddr,
|
||||
|
||||
/// The port(s) continuwuity will listen on.
|
||||
/// The port(s) conduwuit will listen on.
|
||||
///
|
||||
/// For reverse proxying, see:
|
||||
/// https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
/// https://conduwuit.puppyirl.gay/deploying/generic.html#setting-up-the-reverse-proxy
|
||||
///
|
||||
/// If you are using Docker, don't change this, you'll need to map an
|
||||
/// external port to this.
|
||||
|
@ -103,17 +103,16 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub tls: TlsConfig,
|
||||
|
||||
/// The UNIX socket continuwuity will listen on.
|
||||
/// The UNIX socket conduwuit will listen on.
|
||||
///
|
||||
/// continuwuity cannot listen on both an IP address and a UNIX socket. If
|
||||
/// conduwuit cannot listen on both an IP address and a UNIX socket. If
|
||||
/// listening on a UNIX socket, you MUST remove/comment the `address` key.
|
||||
///
|
||||
/// Remember to make sure that your reverse proxy has access to this socket
|
||||
/// file, either by adding your reverse proxy to the appropriate user group
|
||||
/// or granting world R/W permissions with `unix_socket_perms` (666
|
||||
/// minimum).
|
||||
/// file, either by adding your reverse proxy to the 'conduwuit' group or
|
||||
/// granting world R/W permissions with `unix_socket_perms` (666 minimum).
|
||||
///
|
||||
/// example: "/run/continuwuity/continuwuity.sock"
|
||||
/// example: "/run/conduwuit/conduwuit.sock"
|
||||
pub unix_socket_path: Option<PathBuf>,
|
||||
|
||||
/// The default permissions (in octal) to create the UNIX socket with.
|
||||
|
@ -122,22 +121,22 @@ pub struct Config {
|
|||
#[serde(default = "default_unix_socket_perms")]
|
||||
pub unix_socket_perms: u32,
|
||||
|
||||
/// This is the only directory where continuwuity will save its data,
|
||||
/// including media. Note: this was previously "/var/lib/matrix-conduit".
|
||||
/// This is the only directory where conduwuit will save its data, including
|
||||
/// media. Note: this was previously "/var/lib/matrix-conduit".
|
||||
///
|
||||
/// YOU NEED TO EDIT THIS.
|
||||
///
|
||||
/// example: "/var/lib/continuwuity"
|
||||
/// example: "/var/lib/conduwuit"
|
||||
pub database_path: PathBuf,
|
||||
|
||||
/// continuwuity supports online database backups using RocksDB's Backup
|
||||
/// engine API. To use this, set a database backup path that continuwuity
|
||||
/// can write to.
|
||||
/// conduwuit supports online database backups using RocksDB's Backup engine
|
||||
/// API. To use this, set a database backup path that conduwuit can write
|
||||
/// to.
|
||||
///
|
||||
/// For more information, see:
|
||||
/// https://continuwuity.org/maintenance.html#backups
|
||||
/// https://conduwuit.puppyirl.gay/maintenance.html#backups
|
||||
///
|
||||
/// example: "/opt/continuwuity-db-backups"
|
||||
/// example: "/opt/conduwuit-db-backups"
|
||||
pub database_backup_path: Option<PathBuf>,
|
||||
|
||||
/// The amount of online RocksDB database backups to keep/retain, if using
|
||||
|
@ -161,16 +160,18 @@ pub struct Config {
|
|||
#[serde(default = "default_new_user_displayname_suffix")]
|
||||
pub new_user_displayname_suffix: String,
|
||||
|
||||
/// If enabled, continuwuity will send a simple GET request periodically to
|
||||
/// `https://continuwuity.org/.well-known/continuwuity/announcements` for any new
|
||||
/// announcements or major updates. This is not an update check endpoint.
|
||||
/// If enabled, conduwuit will send a simple GET request periodically to
|
||||
/// `https://pupbrain.dev/check-for-updates/stable` for any new
|
||||
/// announcements made. Despite the name, this is not an update check
|
||||
/// endpoint, it is simply an announcement check endpoint.
|
||||
///
|
||||
/// default: true
|
||||
#[serde(alias = "allow_check_for_updates", default = "true_fn")]
|
||||
pub allow_announcements_check: bool,
|
||||
/// This is disabled by default as this is rarely used except for security
|
||||
/// updates or major updates.
|
||||
#[serde(default, alias = "allow_announcements_check")]
|
||||
pub allow_check_for_updates: bool,
|
||||
|
||||
/// Set this to any float value to multiply continuwuity's in-memory LRU
|
||||
/// caches with such as "auth_chain_cache_capacity".
|
||||
/// Set this to any float value to multiply conduwuit's in-memory LRU caches
|
||||
/// with such as "auth_chain_cache_capacity".
|
||||
///
|
||||
/// May be useful if you have significant memory to spare to increase
|
||||
/// performance.
|
||||
|
@ -187,7 +188,7 @@ pub struct Config {
|
|||
)]
|
||||
pub cache_capacity_modifier: f64,
|
||||
|
||||
/// Set this to any float value in megabytes for continuwuity to tell the
|
||||
/// Set this to any float value in megabytes for conduwuit to tell the
|
||||
/// database engine that this much memory is available for database read
|
||||
/// caches.
|
||||
///
|
||||
|
@ -203,7 +204,7 @@ pub struct Config {
|
|||
#[serde(default = "default_db_cache_capacity_mb")]
|
||||
pub db_cache_capacity_mb: f64,
|
||||
|
||||
/// Set this to any float value in megabytes for continuwuity to tell the
|
||||
/// Set this to any float value in megabytes for conduwuit to tell the
|
||||
/// database engine that this much memory is available for database write
|
||||
/// caches.
|
||||
///
|
||||
|
@ -320,9 +321,9 @@ pub struct Config {
|
|||
/// Enable using *only* TCP for querying your specified nameservers instead
|
||||
/// of UDP.
|
||||
///
|
||||
/// If you are running continuwuity in a container environment, this config
|
||||
/// If you are running conduwuit in a container environment, this config
|
||||
/// option may need to be enabled. For more details, see:
|
||||
/// https://continuwuity.org/troubleshooting.html#potential-dns-issues-when-using-docker
|
||||
/// https://conduwuit.puppyirl.gay/troubleshooting.html#potential-dns-issues-when-using-docker
|
||||
#[serde(default)]
|
||||
pub query_over_tcp_only: bool,
|
||||
|
||||
|
@ -535,9 +536,9 @@ pub struct Config {
|
|||
/// tokens. Multiple tokens can be added if you separate them with
|
||||
/// whitespace
|
||||
///
|
||||
/// continuwuity must be able to access the file, and it must not be empty
|
||||
/// conduwuit must be able to access the file, and it must not be empty
|
||||
///
|
||||
/// example: "/etc/continuwuity/.reg_token"
|
||||
/// example: "/etc/conduwuit/.reg_token"
|
||||
pub registration_token_file: Option<PathBuf>,
|
||||
|
||||
/// Controls whether encrypted rooms and events are allowed.
|
||||
|
@ -628,16 +629,16 @@ pub struct Config {
|
|||
pub allow_room_creation: bool,
|
||||
|
||||
/// Set to false to disable users from joining or creating room versions
|
||||
/// that aren't officially supported by continuwuity.
|
||||
/// that aren't officially supported by conduwuit.
|
||||
///
|
||||
/// continuwuity officially supports room versions 6 - 11.
|
||||
/// conduwuit officially supports room versions 6 - 11.
|
||||
///
|
||||
/// continuwuity has slightly experimental (though works fine in practice)
|
||||
/// conduwuit has slightly experimental (though works fine in practice)
|
||||
/// support for versions 3 - 5.
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_unstable_room_versions: bool,
|
||||
|
||||
/// Default room version continuwuity will create rooms with.
|
||||
/// Default room version conduwuit will create rooms with.
|
||||
///
|
||||
/// Per spec, room version 11 is the default.
|
||||
///
|
||||
|
@ -711,7 +712,7 @@ pub struct Config {
|
|||
/// Servers listed here will be used to gather public keys of other servers
|
||||
/// (notary trusted key servers).
|
||||
///
|
||||
/// Currently, continuwuity doesn't support inbound batched key requests, so
|
||||
/// Currently, conduwuit doesn't support inbound batched key requests, so
|
||||
/// this list should only contain other Synapse servers.
|
||||
///
|
||||
/// example: ["matrix.org", "tchncs.de"]
|
||||
|
@ -756,7 +757,7 @@ pub struct Config {
|
|||
#[serde(default = "default_trusted_server_batch_size")]
|
||||
pub trusted_server_batch_size: usize,
|
||||
|
||||
/// Max log level for continuwuity. Allows debug, info, warn, or error.
|
||||
/// Max log level for conduwuit. Allows debug, info, warn, or error.
|
||||
///
|
||||
/// See also:
|
||||
/// https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives
|
||||
|
@ -781,9 +782,8 @@ pub struct Config {
|
|||
#[serde(default = "default_log_span_events")]
|
||||
pub log_span_events: String,
|
||||
|
||||
/// Configures whether CONTINUWUITY_LOG EnvFilter matches values using
|
||||
/// regular expressions. See the tracing_subscriber documentation on
|
||||
/// Directives.
|
||||
/// Configures whether CONDUWUIT_LOG EnvFilter matches values using regular
|
||||
/// expressions. See the tracing_subscriber documentation on Directives.
|
||||
///
|
||||
/// default: true
|
||||
#[serde(default = "true_fn")]
|
||||
|
@ -865,7 +865,7 @@ pub struct Config {
|
|||
/// This takes priority over "turn_secret" first, and falls back to
|
||||
/// "turn_secret" if invalid or failed to open.
|
||||
///
|
||||
/// example: "/etc/continuwuity/.turn_secret"
|
||||
/// example: "/etc/conduwuit/.turn_secret"
|
||||
pub turn_secret_file: Option<PathBuf>,
|
||||
|
||||
/// TURN TTL, in seconds.
|
||||
|
@ -874,12 +874,12 @@ pub struct Config {
|
|||
#[serde(default = "default_turn_ttl")]
|
||||
pub turn_ttl: u64,
|
||||
|
||||
/// List/vector of room IDs or room aliases that continuwuity will make
|
||||
/// newly registered users join. The rooms specified must be rooms that you
|
||||
/// have joined at least once on the server, and must be public.
|
||||
/// List/vector of room IDs or room aliases that conduwuit will make newly
|
||||
/// registered users join. The rooms specified must be rooms that you have
|
||||
/// joined at least once on the server, and must be public.
|
||||
///
|
||||
/// example: ["#continuwuity:continuwuity.org",
|
||||
/// "!main-1:continuwuity.org"]
|
||||
/// example: ["#conduwuit:puppygock.gay",
|
||||
/// "!eoIzvAvVwY23LPDay8:puppygock.gay"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default = "Vec::new")]
|
||||
|
@ -904,10 +904,10 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub auto_deactivate_banned_room_attempts: bool,
|
||||
|
||||
/// RocksDB log level. This is not the same as continuwuity's log level.
|
||||
/// This is the log level for the RocksDB engine/library which show up in
|
||||
/// your database folder/path as `LOG` files. continuwuity will log RocksDB
|
||||
/// errors as normal through tracing or panics if severe for safety.
|
||||
/// RocksDB log level. This is not the same as conduwuit's log level. This
|
||||
/// is the log level for the RocksDB engine/library which show up in your
|
||||
/// database folder/path as `LOG` files. conduwuit will log RocksDB errors
|
||||
/// as normal through tracing or panics if severe for safety.
|
||||
///
|
||||
/// default: "error"
|
||||
#[serde(default = "default_rocksdb_log_level")]
|
||||
|
@ -932,7 +932,7 @@ pub struct Config {
|
|||
/// Set this to true to use RocksDB config options that are tailored to HDDs
|
||||
/// (slower device storage).
|
||||
///
|
||||
/// It is worth noting that by default, continuwuity will use RocksDB with
|
||||
/// It is worth noting that by default, conduwuit will use RocksDB with
|
||||
/// Direct IO enabled. *Generally* speaking this improves performance as it
|
||||
/// bypasses buffered I/O (system page cache). However there is a potential
|
||||
/// chance that Direct IO may cause issues with database operations if your
|
||||
|
@ -940,7 +940,7 @@ pub struct Config {
|
|||
/// possibly ZFS filesystem. RocksDB generally deals/corrects these issues
|
||||
/// but it cannot account for all setups. If you experience any weird
|
||||
/// RocksDB issues, try enabling this option as it turns off Direct IO and
|
||||
/// feel free to report in the continuwuity Matrix room if this option fixes
|
||||
/// feel free to report in the conduwuit Matrix room if this option fixes
|
||||
/// your DB issues.
|
||||
///
|
||||
/// For more information, see:
|
||||
|
@ -1001,7 +1001,7 @@ pub struct Config {
|
|||
/// as they all differ. See their `kDefaultCompressionLevel`.
|
||||
///
|
||||
/// Note when using the default value we may override it with a setting
|
||||
/// tailored specifically for continuwuity.
|
||||
/// tailored specifically conduwuit.
|
||||
///
|
||||
/// default: 32767
|
||||
#[serde(default = "default_rocksdb_compression_level")]
|
||||
|
@ -1019,7 +1019,7 @@ pub struct Config {
|
|||
/// algorithm.
|
||||
///
|
||||
/// Note when using the default value we may override it with a setting
|
||||
/// tailored specifically for continuwuity.
|
||||
/// tailored specifically conduwuit.
|
||||
///
|
||||
/// default: 32767
|
||||
#[serde(default = "default_rocksdb_bottommost_compression_level")]
|
||||
|
@ -1061,13 +1061,13 @@ pub struct Config {
|
|||
/// 0 = AbsoluteConsistency
|
||||
/// 1 = TolerateCorruptedTailRecords (default)
|
||||
/// 2 = PointInTime (use me if trying to recover)
|
||||
/// 3 = SkipAnyCorruptedRecord (you now voided your Continuwuity warranty)
|
||||
/// 3 = SkipAnyCorruptedRecord (you now voided your Conduwuit warranty)
|
||||
///
|
||||
/// For more information on these modes, see:
|
||||
/// https://github.com/facebook/rocksdb/wiki/WAL-Recovery-Modes
|
||||
///
|
||||
/// For more details on recovering a corrupt database, see:
|
||||
/// https://continuwuity.org/troubleshooting.html#database-corruption
|
||||
/// https://conduwuit.puppyirl.gay/troubleshooting.html#database-corruption
|
||||
///
|
||||
/// default: 1
|
||||
#[serde(default = "default_rocksdb_recovery_mode")]
|
||||
|
@ -1111,7 +1111,7 @@ pub struct Config {
|
|||
/// - Disabling repair mode and restarting the server is recommended after
|
||||
/// running the repair.
|
||||
///
|
||||
/// See https://continuwuity.org/troubleshooting.html#database-corruption for more details on recovering a corrupt database.
|
||||
/// See https://conduwuit.puppyirl.gay/troubleshooting.html#database-corruption for more details on recovering a corrupt database.
|
||||
#[serde(default)]
|
||||
pub rocksdb_repair: bool,
|
||||
|
||||
|
@ -1133,10 +1133,10 @@ pub struct Config {
|
|||
#[serde(default = "true_fn")]
|
||||
pub rocksdb_compaction_ioprio_idle: bool,
|
||||
|
||||
/// Enables RocksDB compaction. You should never ever have to set this
|
||||
/// option to false. If you for some reason find yourself needing to use
|
||||
/// this option as part of troubleshooting or a bug, please reach out to us
|
||||
/// in the continuwuity Matrix room with information and details.
|
||||
/// Disables RocksDB compaction. You should never ever have to set this
|
||||
/// option to true. If you for some reason find yourself needing to use this
|
||||
/// option as part of troubleshooting or a bug, please reach out to us in
|
||||
/// the conduwuit Matrix room with information and details.
|
||||
///
|
||||
/// Disabling compaction will lead to a significantly bloated and
|
||||
/// explosively large database, gradually poor performance, unnecessarily
|
||||
|
@ -1164,7 +1164,7 @@ pub struct Config {
|
|||
/// purposes such as recovering/recreating your admin room, or inviting
|
||||
/// yourself back.
|
||||
///
|
||||
/// See https://continuwuity.org/troubleshooting.html#lost-access-to-admin-room for other ways to get back into your admin room.
|
||||
/// See https://conduwuit.puppyirl.gay/troubleshooting.html#lost-access-to-admin-room for other ways to get back into your admin room.
|
||||
///
|
||||
/// Once this password is unset, all sessions will be logged out for
|
||||
/// security purposes.
|
||||
|
@ -1180,8 +1180,8 @@ pub struct Config {
|
|||
|
||||
/// Allow local (your server only) presence updates/requests.
|
||||
///
|
||||
/// Note that presence on continuwuity is very fast unlike Synapse's. If
|
||||
/// using outgoing presence, this MUST be enabled.
|
||||
/// Note that presence on conduwuit is very fast unlike Synapse's. If using
|
||||
/// outgoing presence, this MUST be enabled.
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_local_presence: bool,
|
||||
|
||||
|
@ -1189,7 +1189,7 @@ pub struct Config {
|
|||
///
|
||||
/// This option receives presence updates from other servers, but does not
|
||||
/// send any unless `allow_outgoing_presence` is true. Note that presence on
|
||||
/// continuwuity is very fast unlike Synapse's.
|
||||
/// conduwuit is very fast unlike Synapse's.
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_incoming_presence: bool,
|
||||
|
||||
|
@ -1197,8 +1197,8 @@ pub struct Config {
|
|||
///
|
||||
/// This option sends presence updates to other servers, but does not
|
||||
/// receive any unless `allow_incoming_presence` is true. Note that presence
|
||||
/// on continuwuity is very fast unlike Synapse's. If using outgoing
|
||||
/// presence, you MUST enable `allow_local_presence` as well.
|
||||
/// on conduwuit is very fast unlike Synapse's. If using outgoing presence,
|
||||
/// you MUST enable `allow_local_presence` as well.
|
||||
#[serde(default = "true_fn")]
|
||||
pub allow_outgoing_presence: bool,
|
||||
|
||||
|
@ -1261,8 +1261,8 @@ pub struct Config {
|
|||
#[serde(default = "default_typing_client_timeout_max_s")]
|
||||
pub typing_client_timeout_max_s: u64,
|
||||
|
||||
/// Set this to true for continuwuity to compress HTTP response bodies using
|
||||
/// zstd. This option does nothing if continuwuity was not built with
|
||||
/// Set this to true for conduwuit to compress HTTP response bodies using
|
||||
/// zstd. This option does nothing if conduwuit was not built with
|
||||
/// `zstd_compression` feature. Please be aware that enabling HTTP
|
||||
/// compression may weaken TLS. Most users should not need to enable this.
|
||||
/// See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH
|
||||
|
@ -1270,8 +1270,8 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub zstd_compression: bool,
|
||||
|
||||
/// Set this to true for continuwuity to compress HTTP response bodies using
|
||||
/// gzip. This option does nothing if continuwuity was not built with
|
||||
/// Set this to true for conduwuit to compress HTTP response bodies using
|
||||
/// gzip. This option does nothing if conduwuit was not built with
|
||||
/// `gzip_compression` feature. Please be aware that enabling HTTP
|
||||
/// compression may weaken TLS. Most users should not need to enable this.
|
||||
/// See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH before
|
||||
|
@ -1282,8 +1282,8 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub gzip_compression: bool,
|
||||
|
||||
/// Set this to true for continuwuity to compress HTTP response bodies using
|
||||
/// brotli. This option does nothing if continuwuity was not built with
|
||||
/// Set this to true for conduwuit to compress HTTP response bodies using
|
||||
/// brotli. This option does nothing if conduwuit was not built with
|
||||
/// `brotli_compression` feature. Please be aware that enabling HTTP
|
||||
/// compression may weaken TLS. Most users should not need to enable this.
|
||||
/// See https://breachattack.com/ and https://wikipedia.org/wiki/BREACH
|
||||
|
@ -1344,7 +1344,7 @@ pub struct Config {
|
|||
/// Otherwise setting this to false reduces filesystem clutter and overhead
|
||||
/// for managing these symlinks in the directory. This is now disabled by
|
||||
/// default. You may still return to upstream Conduit but you have to run
|
||||
/// continuwuity at least once with this set to true and allow the
|
||||
/// conduwuit at least once with this set to true and allow the
|
||||
/// media_startup_check to take place before shutting down to return to
|
||||
/// Conduit.
|
||||
#[serde(default)]
|
||||
|
@ -1361,40 +1361,8 @@ pub struct Config {
|
|||
#[serde(default)]
|
||||
pub prune_missing_media: bool,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block
|
||||
/// incoming AND outgoing federation with, and block client room joins /
|
||||
/// remote user invites.
|
||||
///
|
||||
/// Note that your messages can still make it to forbidden servers through
|
||||
/// backfilling. Events we receive from forbidden servers via backfill
|
||||
/// from servers we *do* federate with will be stored in the database.
|
||||
///
|
||||
/// This check is applied on the room ID, room alias, sender server name,
|
||||
/// sender user's server name, inbound federation X-Matrix origin, and
|
||||
/// outbound federation handler.
|
||||
///
|
||||
/// You can set this to ["*"] to block all servers by default, and then
|
||||
/// use `allowed_remote_server_names` to allow only specific servers.
|
||||
///
|
||||
/// example: ["badserver\\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub forbidden_remote_server_names: RegexSet,
|
||||
|
||||
/// List of allowed server names via regex patterns that we will allow,
|
||||
/// regardless of if they match `forbidden_remote_server_names`.
|
||||
///
|
||||
/// This option has no effect if `forbidden_remote_server_names` is empty.
|
||||
///
|
||||
/// example: ["goodserver\\.tld$", "goodphrase"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub allowed_remote_server_names: RegexSet,
|
||||
|
||||
/// Vector list of regex patterns of server names that continuwuity will
|
||||
/// refuse to download remote media from.
|
||||
/// Vector list of regex patterns of server names that conduwuit will refuse
|
||||
/// to download remote media from.
|
||||
///
|
||||
/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
|
@ -1402,6 +1370,22 @@ pub struct Config {
|
|||
#[serde(default, with = "serde_regex")]
|
||||
pub prevent_media_downloads_from: RegexSet,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block
|
||||
/// incoming AND outgoing federation with, and block client room joins /
|
||||
/// remote user invites.
|
||||
///
|
||||
/// This check is applied on the room ID, room alias, sender server name,
|
||||
/// sender user's server name, inbound federation X-Matrix origin, and
|
||||
/// outbound federation handler.
|
||||
///
|
||||
/// Basically "global" ACLs.
|
||||
///
|
||||
/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub forbidden_remote_server_names: RegexSet,
|
||||
|
||||
/// List of forbidden server names via regex patterns that we will block all
|
||||
/// outgoing federated room directory requests for. Useful for preventing
|
||||
/// our users from wandering into bad servers or spaces.
|
||||
|
@ -1412,33 +1396,8 @@ pub struct Config {
|
|||
#[serde(default, with = "serde_regex")]
|
||||
pub forbidden_remote_room_directory_server_names: RegexSet,
|
||||
|
||||
/// Vector list of regex patterns of server names that continuwuity will not
|
||||
/// send messages to the client from.
|
||||
///
|
||||
/// Note that there is no way for clients to receive messages once a server
|
||||
/// has become unignored without doing a full sync. This is a protocol
|
||||
/// limitation with the current sync protocols. This means this is somewhat
|
||||
/// of a nuclear option.
|
||||
///
|
||||
/// example: ["reallybadserver\.tld$", "reallybadphrase",
|
||||
/// "69dollarfortnitecards"]
|
||||
///
|
||||
/// default: []
|
||||
#[serde(default, with = "serde_regex")]
|
||||
pub ignore_messages_from_server_names: RegexSet,
|
||||
|
||||
/// Send messages from users that the user has ignored to the client.
|
||||
///
|
||||
/// There is no way for clients to receive messages sent while a user was
|
||||
/// ignored without doing a full sync. This is a protocol limitation with
|
||||
/// the current sync protocols. Disabling this option will move
|
||||
/// responsibility of ignoring messages to the client, which can avoid this
|
||||
/// limitation.
|
||||
#[serde(default)]
|
||||
pub send_messages_from_ignored_users_to_client: bool,
|
||||
|
||||
/// Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
||||
/// do not want continuwuity to send outbound requests to. Defaults to
|
||||
/// do not want conduwuit to send outbound requests to. Defaults to
|
||||
/// RFC1918, unroutable, loopback, multicast, and testnet addresses for
|
||||
/// security.
|
||||
///
|
||||
|
@ -1606,26 +1565,26 @@ pub struct Config {
|
|||
|
||||
/// Allow admins to enter commands in rooms other than "#admins" (admin
|
||||
/// room) by prefixing your message with "\!admin" or "\\!admin" followed up
|
||||
/// a normal continuwuity admin command. The reply will be publicly visible
|
||||
/// to the room, originating from the sender.
|
||||
/// a normal conduwuit admin command. The reply will be publicly visible to
|
||||
/// the room, originating from the sender.
|
||||
///
|
||||
/// example: \\!admin debug ping puppygock.gay
|
||||
#[serde(default = "true_fn")]
|
||||
pub admin_escape_commands: bool,
|
||||
|
||||
/// Automatically activate the continuwuity admin room console / CLI on
|
||||
/// startup. This option can also be enabled with `--console` continuwuity
|
||||
/// Automatically activate the conduwuit admin room console / CLI on
|
||||
/// startup. This option can also be enabled with `--console` conduwuit
|
||||
/// argument.
|
||||
#[serde(default)]
|
||||
pub admin_console_automatic: bool,
|
||||
|
||||
/// List of admin commands to execute on startup.
|
||||
///
|
||||
/// This option can also be configured with the `--execute` continuwuity
|
||||
/// This option can also be configured with the `--execute` conduwuit
|
||||
/// argument and can take standard shell commands and environment variables
|
||||
///
|
||||
/// For example: `./continuwuity --execute "server admin-notice continuwuity
|
||||
/// has started up at $(date)"`
|
||||
/// For example: `./conduwuit --execute "server admin-notice conduwuit has
|
||||
/// started up at $(date)"`
|
||||
///
|
||||
/// example: admin_execute = ["debug ping puppygock.gay", "debug echo hi"]`
|
||||
///
|
||||
|
@ -1635,7 +1594,7 @@ pub struct Config {
|
|||
|
||||
/// Ignore errors in startup commands.
|
||||
///
|
||||
/// If false, continuwuity will error and fail to start if an admin execute
|
||||
/// If false, conduwuit will error and fail to start if an admin execute
|
||||
/// command (`--execute` / `admin_execute`) fails.
|
||||
#[serde(default)]
|
||||
pub admin_execute_errors_ignore: bool,
|
||||
|
@ -1660,16 +1619,17 @@ pub struct Config {
|
|||
/// The default room tag to apply on the admin room.
|
||||
///
|
||||
/// On some clients like Element, the room tag "m.server_notice" is a
|
||||
/// special pinned room at the very bottom of your room list. The
|
||||
/// continuwuity admin room can be pinned here so you always have an
|
||||
/// easy-to-access shortcut dedicated to your admin room.
|
||||
/// special pinned room at the very bottom of your room list. The conduwuit
|
||||
/// admin room can be pinned here so you always have an easy-to-access
|
||||
/// shortcut dedicated to your admin room.
|
||||
///
|
||||
/// default: "m.server_notice"
|
||||
#[serde(default = "default_admin_room_tag")]
|
||||
pub admin_room_tag: String,
|
||||
|
||||
/// Sentry.io crash/panic reporting, performance monitoring/metrics, etc.
|
||||
/// This is NOT enabled by default.
|
||||
/// This is NOT enabled by default. conduwuit's default Sentry reporting
|
||||
/// endpoint domain is `o4506996327251968.ingest.us.sentry.io`.
|
||||
#[serde(default)]
|
||||
pub sentry: bool,
|
||||
|
||||
|
@ -1680,7 +1640,7 @@ pub struct Config {
|
|||
#[serde(default = "default_sentry_endpoint")]
|
||||
pub sentry_endpoint: Option<Url>,
|
||||
|
||||
/// Report your continuwuity server_name in Sentry.io crash reports and
|
||||
/// Report your conduwuit server_name in Sentry.io crash reports and
|
||||
/// metrics.
|
||||
#[serde(default)]
|
||||
pub sentry_send_server_name: bool,
|
||||
|
@ -1721,7 +1681,7 @@ pub struct Config {
|
|||
/// Enable the tokio-console. This option is only relevant to developers.
|
||||
///
|
||||
/// For more information, see:
|
||||
/// https://continuwuity.org/development.html#debugging-with-tokio-console
|
||||
/// https://conduwuit.puppyirl.gay/development.html#debugging-with-tokio-console
|
||||
#[serde(default)]
|
||||
pub tokio_console: bool,
|
||||
|
||||
|
@ -1897,28 +1857,12 @@ pub struct WellKnownConfig {
|
|||
/// example: "matrix.example.com:443"
|
||||
pub server: Option<OwnedServerName>,
|
||||
|
||||
/// URL to a support page for the server, which will be served as part of
|
||||
/// the MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||
/// Will be included alongside any contact information
|
||||
pub support_page: Option<Url>,
|
||||
|
||||
/// Role string for server support contacts, to be served as part of the
|
||||
/// MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||
///
|
||||
/// default: "m.role.admin"
|
||||
pub support_role: Option<ContactRole>,
|
||||
|
||||
/// Email address for server support contacts, to be served as part of the
|
||||
/// MSC1929 server support endpoint.
|
||||
/// This will be used along with support_mxid if specified.
|
||||
pub support_email: Option<String>,
|
||||
|
||||
/// Matrix ID for server support contacts, to be served as part of the
|
||||
/// MSC1929 server support endpoint.
|
||||
/// This will be used along with support_email if specified.
|
||||
///
|
||||
/// If no email or mxid is specified, all of the server's admins will be
|
||||
/// listed.
|
||||
pub support_mxid: Option<OwnedUserId>,
|
||||
}
|
||||
|
||||
|
@ -1979,11 +1923,7 @@ impl Config {
|
|||
where
|
||||
I: Iterator<Item = &'a Path>,
|
||||
{
|
||||
let envs = [
|
||||
Env::var("CONDUIT_CONFIG"),
|
||||
Env::var("CONDUWUIT_CONFIG"),
|
||||
Env::var("CONTINUWUITY_CONFIG"),
|
||||
];
|
||||
let envs = [Env::var("CONDUIT_CONFIG"), Env::var("CONDUWUIT_CONFIG")];
|
||||
|
||||
let config = envs
|
||||
.into_iter()
|
||||
|
@ -1992,8 +1932,7 @@ impl Config {
|
|||
.chain(paths.map(Toml::file))
|
||||
.fold(Figment::new(), |config, file| config.merge(file.nested()))
|
||||
.merge(Env::prefixed("CONDUIT_").global().split("__"))
|
||||
.merge(Env::prefixed("CONDUWUIT_").global().split("__"))
|
||||
.merge(Env::prefixed("CONTINUWUITY_").global().split("__"));
|
||||
.merge(Env::prefixed("CONDUWUIT_").global().split("__"));
|
||||
|
||||
Ok(config)
|
||||
}
|
||||
|
@ -2015,7 +1954,7 @@ impl Config {
|
|||
let mut addrs = Vec::with_capacity(
|
||||
self.get_bind_hosts()
|
||||
.len()
|
||||
.saturating_mul(self.get_bind_ports().len()),
|
||||
.saturating_add(self.get_bind_ports().len()),
|
||||
);
|
||||
for host in &self.get_bind_hosts() {
|
||||
for port in &self.get_bind_ports() {
|
||||
|
|
|
@ -36,7 +36,7 @@ const MAIN_MANIFEST: &'static str = ();
|
|||
/// For *enabled* features see the info::rustc module instead.
|
||||
static FEATURES: OnceLock<Vec<String>> = OnceLock::new();
|
||||
|
||||
/// Processed list of dependencies. This is generated from the data captured in
|
||||
/// Processed list of dependencies. This is generated from the datas captured in
|
||||
/// the MANIFEST.
|
||||
static DEPENDENCIES: OnceLock<DepsSet> = OnceLock::new();
|
||||
|
||||
|
|
|
@ -26,6 +26,13 @@ pub fn user_agent() -> &'static str { USER_AGENT.get_or_init(init_user_agent) }
|
|||
fn init_user_agent() -> String { format!("{}/{}", name(), version()) }
|
||||
|
||||
fn init_version() -> String {
|
||||
conduwuit_build_metadata::version_tag()
|
||||
.map_or(SEMANTIC.to_owned(), |extra| format!("{SEMANTIC} ({extra})"))
|
||||
option_env!("CONDUWUIT_VERSION_EXTRA")
|
||||
.or(option_env!("CONDUIT_VERSION_EXTRA"))
|
||||
.map_or(SEMANTIC.to_owned(), |extra| {
|
||||
if extra.is_empty() {
|
||||
SEMANTIC.to_owned()
|
||||
} else {
|
||||
format!("{SEMANTIC} ({extra})")
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
@ -16,9 +16,9 @@ use crate::{Result, error};
|
|||
/// pulling in a version of tracing that's incompatible with the rest of our
|
||||
/// deps.
|
||||
///
|
||||
/// To work around this, we define an trait without the S parameter that
|
||||
/// forwards to the reload::Handle::reload method, and then store the handle as
|
||||
/// a trait object.
|
||||
/// To work around this, we define an trait without the S paramter that forwards
|
||||
/// to the reload::Handle::reload method, and then store the handle as a trait
|
||||
/// object.
|
||||
///
|
||||
/// [1]: <https://github.com/tokio-rs/tracing/pull/1035/commits/8a87ea52425098d3ef8f56d92358c2f6c144a28f>
|
||||
pub trait ReloadHandle<L> {
|
||||
|
|
|
@ -1,10 +1,18 @@
|
|||
use std::{
|
||||
borrow::Borrow,
|
||||
fmt::{Debug, Display},
|
||||
hash::Hash,
|
||||
};
|
||||
|
||||
use ruma::{EventId, MilliSecondsSinceUnixEpoch, RoomId, UserId, events::TimelineEventType};
|
||||
use serde_json::value::RawValue as RawJsonValue;
|
||||
|
||||
/// Abstraction of a PDU so users can have their own PDU types.
|
||||
pub trait Event {
|
||||
type Id: Clone + Debug + Display + Eq + Ord + Hash + Send + Borrow<EventId>;
|
||||
|
||||
/// The `EventId` of this event.
|
||||
fn event_id(&self) -> &EventId;
|
||||
fn event_id(&self) -> &Self::Id;
|
||||
|
||||
/// The `RoomId` of this event.
|
||||
fn room_id(&self) -> &RoomId;
|
||||
|
@ -26,18 +34,20 @@ pub trait Event {
|
|||
|
||||
/// The events before this event.
|
||||
// Requires GATs to avoid boxing (and TAIT for making it convenient).
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_;
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_;
|
||||
|
||||
/// All the authenticating events for this event.
|
||||
// Requires GATs to avoid boxing (and TAIT for making it convenient).
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_;
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_;
|
||||
|
||||
/// If this event is a redaction event this is the event it redacts.
|
||||
fn redacts(&self) -> Option<&EventId>;
|
||||
fn redacts(&self) -> Option<&Self::Id>;
|
||||
}
|
||||
|
||||
impl<T: Event> Event for &T {
|
||||
fn event_id(&self) -> &EventId { (*self).event_id() }
|
||||
type Id = T::Id;
|
||||
|
||||
fn event_id(&self) -> &Self::Id { (*self).event_id() }
|
||||
|
||||
fn room_id(&self) -> &RoomId { (*self).room_id() }
|
||||
|
||||
|
@ -51,13 +61,13 @@ impl<T: Event> Event for &T {
|
|||
|
||||
fn state_key(&self) -> Option<&str> { (*self).state_key() }
|
||||
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_ {
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_ {
|
||||
(*self).prev_events()
|
||||
}
|
||||
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_ {
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_ {
|
||||
(*self).auth_events()
|
||||
}
|
||||
|
||||
fn redacts(&self) -> Option<&EventId> { (*self).redacts() }
|
||||
fn redacts(&self) -> Option<&Self::Id> { (*self).redacts() }
|
||||
}
|
||||
|
|
|
@ -79,7 +79,9 @@ impl Pdu {
|
|||
}
|
||||
|
||||
impl Event for Pdu {
|
||||
fn event_id(&self) -> &EventId { &self.event_id }
|
||||
type Id = OwnedEventId;
|
||||
|
||||
fn event_id(&self) -> &Self::Id { &self.event_id }
|
||||
|
||||
fn room_id(&self) -> &RoomId { &self.room_id }
|
||||
|
||||
|
@ -95,15 +97,15 @@ impl Event for Pdu {
|
|||
|
||||
fn state_key(&self) -> Option<&str> { self.state_key.as_deref() }
|
||||
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_ {
|
||||
self.prev_events.iter().map(AsRef::as_ref)
|
||||
fn prev_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_ {
|
||||
self.prev_events.iter()
|
||||
}
|
||||
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &EventId> + Send + '_ {
|
||||
self.auth_events.iter().map(AsRef::as_ref)
|
||||
fn auth_events(&self) -> impl DoubleEndedIterator<Item = &Self::Id> + Send + '_ {
|
||||
self.auth_events.iter()
|
||||
}
|
||||
|
||||
fn redacts(&self) -> Option<&EventId> { self.redacts.as_deref() }
|
||||
fn redacts(&self) -> Option<&Self::Id> { self.redacts.as_ref() }
|
||||
}
|
||||
|
||||
/// Prevent derived equality which wouldn't limit itself to event_id
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
use ruma::{
|
||||
events::{
|
||||
AnyMessageLikeEvent, AnyStateEvent, AnyStrippedStateEvent, AnySyncStateEvent,
|
||||
AnySyncTimelineEvent, AnyTimelineEvent, StateEvent, room::member::RoomMemberEventContent,
|
||||
space::child::HierarchySpaceChildEvent,
|
||||
AnyEphemeralRoomEvent, AnyMessageLikeEvent, AnyStateEvent, AnyStrippedStateEvent,
|
||||
AnySyncStateEvent, AnySyncTimelineEvent, AnyTimelineEvent, StateEvent,
|
||||
room::member::RoomMemberEventContent, space::child::HierarchySpaceChildEvent,
|
||||
},
|
||||
serde::Raw,
|
||||
};
|
||||
|
@ -10,6 +10,41 @@ use serde_json::{json, value::Value as JsonValue};
|
|||
|
||||
use crate::implement;
|
||||
|
||||
/// This only works for events that are also AnyRoomEvents.
|
||||
#[must_use]
|
||||
#[implement(super::Pdu)]
|
||||
pub fn into_any_event(self) -> Raw<AnyEphemeralRoomEvent> {
|
||||
serde_json::from_value(self.into_any_event_value()).expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
/// This only works for events that are also AnyRoomEvents.
|
||||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
#[inline]
|
||||
pub fn into_any_event_value(self) -> JsonValue {
|
||||
let (redacts, content) = self.copy_redacts();
|
||||
let mut json = json!({
|
||||
"content": content,
|
||||
"type": self.kind,
|
||||
"event_id": self.event_id,
|
||||
"sender": self.sender,
|
||||
"origin_server_ts": self.origin_server_ts,
|
||||
"room_id": self.room_id,
|
||||
});
|
||||
|
||||
if let Some(unsigned) = &self.unsigned {
|
||||
json["unsigned"] = json!(unsigned);
|
||||
}
|
||||
if let Some(state_key) = &self.state_key {
|
||||
json["state_key"] = json!(state_key);
|
||||
}
|
||||
if let Some(redacts) = &redacts {
|
||||
json["redacts"] = json!(redacts);
|
||||
}
|
||||
|
||||
json
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
#[inline]
|
||||
|
@ -18,8 +53,7 @@ pub fn into_room_event(self) -> Raw<AnyTimelineEvent> { self.to_room_event() }
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn to_room_event(&self) -> Raw<AnyTimelineEvent> {
|
||||
let value = self.to_room_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.to_room_event_value()).expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -57,8 +91,8 @@ pub fn into_message_like_event(self) -> Raw<AnyMessageLikeEvent> { self.to_messa
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn to_message_like_event(&self) -> Raw<AnyMessageLikeEvent> {
|
||||
let value = self.to_message_like_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.to_message_like_event_value())
|
||||
.expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -96,8 +130,7 @@ pub fn into_sync_room_event(self) -> Raw<AnySyncTimelineEvent> { self.to_sync_ro
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn to_sync_room_event(&self) -> Raw<AnySyncTimelineEvent> {
|
||||
let value = self.to_sync_room_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.to_sync_room_event_value()).expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -129,8 +162,7 @@ pub fn to_sync_room_event_value(&self) -> JsonValue {
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn into_state_event(self) -> Raw<AnyStateEvent> {
|
||||
let value = self.into_state_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.into_state_event_value()).expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -157,8 +189,8 @@ pub fn into_state_event_value(self) -> JsonValue {
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn into_sync_state_event(self) -> Raw<AnySyncStateEvent> {
|
||||
let value = self.into_sync_state_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.into_sync_state_event_value())
|
||||
.expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -191,8 +223,8 @@ pub fn into_stripped_state_event(self) -> Raw<AnyStrippedStateEvent> {
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn to_stripped_state_event(&self) -> Raw<AnyStrippedStateEvent> {
|
||||
let value = self.to_stripped_state_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.to_stripped_state_event_value())
|
||||
.expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -210,8 +242,8 @@ pub fn to_stripped_state_event_value(&self) -> JsonValue {
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn into_stripped_spacechild_state_event(self) -> Raw<HierarchySpaceChildEvent> {
|
||||
let value = self.into_stripped_spacechild_state_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.into_stripped_spacechild_state_event_value())
|
||||
.expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
@ -230,8 +262,7 @@ pub fn into_stripped_spacechild_state_event_value(self) -> JsonValue {
|
|||
#[implement(super::Pdu)]
|
||||
#[must_use]
|
||||
pub fn into_member_event(self) -> Raw<StateEvent<RoomMemberEventContent>> {
|
||||
let value = self.into_member_event_value();
|
||||
serde_json::from_value(value).expect("Failed to serialize Event value")
|
||||
serde_json::from_value(self.into_member_event_value()).expect("Raw::from_value always works")
|
||||
}
|
||||
|
||||
#[implement(super::Pdu)]
|
||||
|
|
|
@ -52,6 +52,7 @@ fn lexico_topo_sort(c: &mut test::Bencher) {
|
|||
#[cfg(conduwuit_bench)]
|
||||
#[cfg_attr(conduwuit_bench, bench)]
|
||||
fn resolution_shallow_auth_chain(c: &mut test::Bencher) {
|
||||
let parallel_fetches = 32;
|
||||
let mut store = TestStore(hashmap! {});
|
||||
|
||||
// build up the DAG
|
||||
|
@ -77,6 +78,7 @@ fn resolution_shallow_auth_chain(c: &mut test::Bencher) {
|
|||
&auth_chain_sets,
|
||||
&fetch,
|
||||
&exists,
|
||||
parallel_fetches,
|
||||
)
|
||||
.await
|
||||
{
|
||||
|
@ -89,6 +91,7 @@ fn resolution_shallow_auth_chain(c: &mut test::Bencher) {
|
|||
#[cfg(conduwuit_bench)]
|
||||
#[cfg_attr(conduwuit_bench, bench)]
|
||||
fn resolve_deeper_event_set(c: &mut test::Bencher) {
|
||||
let parallel_fetches = 32;
|
||||
let mut inner = INITIAL_EVENTS();
|
||||
let ban = BAN_STATE_SET();
|
||||
|
||||
|
@ -150,6 +153,7 @@ fn resolve_deeper_event_set(c: &mut test::Bencher) {
|
|||
&auth_chain_sets,
|
||||
&fetch,
|
||||
&exists,
|
||||
parallel_fetches,
|
||||
)
|
||||
.await
|
||||
{
|
||||
|
@ -186,11 +190,7 @@ impl<E: Event + Clone> TestStore<E> {
|
|||
}
|
||||
|
||||
/// Returns a Vec of the related auth events to the given `event`.
|
||||
fn auth_event_ids(
|
||||
&self,
|
||||
room_id: &RoomId,
|
||||
event_ids: Vec<OwnedEventId>,
|
||||
) -> Result<HashSet<OwnedEventId>> {
|
||||
fn auth_event_ids(&self, room_id: &RoomId, event_ids: Vec<E::Id>) -> Result<HashSet<E::Id>> {
|
||||
let mut result = HashSet::new();
|
||||
let mut stack = event_ids;
|
||||
|
||||
|
@ -216,8 +216,8 @@ impl<E: Event + Clone> TestStore<E> {
|
|||
fn auth_chain_diff(
|
||||
&self,
|
||||
room_id: &RoomId,
|
||||
event_ids: Vec<Vec<OwnedEventId>>,
|
||||
) -> Result<Vec<OwnedEventId>> {
|
||||
event_ids: Vec<Vec<E::Id>>,
|
||||
) -> Result<Vec<E::Id>> {
|
||||
let mut auth_chain_sets = vec![];
|
||||
for ids in event_ids {
|
||||
// TODO state store `auth_event_ids` returns self in the event ids list
|
||||
|
@ -238,7 +238,7 @@ impl<E: Event + Clone> TestStore<E> {
|
|||
Ok(auth_chain_sets
|
||||
.into_iter()
|
||||
.flatten()
|
||||
.filter(|id| !common.contains(id))
|
||||
.filter(|id| !common.contains(id.borrow()))
|
||||
.collect())
|
||||
} else {
|
||||
Ok(vec![])
|
||||
|
@ -565,7 +565,7 @@ impl EventTypeExt for &TimelineEventType {
|
|||
|
||||
mod event {
|
||||
use ruma::{
|
||||
EventId, MilliSecondsSinceUnixEpoch, OwnedEventId, RoomId, UserId,
|
||||
MilliSecondsSinceUnixEpoch, OwnedEventId, RoomId, UserId,
|
||||
events::{TimelineEventType, pdu::Pdu},
|
||||
};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
@ -574,7 +574,9 @@ mod event {
|
|||
use super::Event;
|
||||
|
||||
impl Event for PduEvent {
|
||||
fn event_id(&self) -> &EventId { &self.event_id }
|
||||
type Id = OwnedEventId;
|
||||
|
||||
fn event_id(&self) -> &Self::Id { &self.event_id }
|
||||
|
||||
fn room_id(&self) -> &RoomId {
|
||||
match &self.rest {
|
||||
|
@ -630,30 +632,28 @@ mod event {
|
|||
}
|
||||
}
|
||||
|
||||
fn prev_events(&self) -> Box<dyn DoubleEndedIterator<Item = &EventId> + Send + '_> {
|
||||
fn prev_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + Send + '_> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) =>
|
||||
Box::new(ev.prev_events.iter().map(|(id, _)| id.as_ref())),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.prev_events.iter().map(AsRef::as_ref)),
|
||||
| Pdu::RoomV1Pdu(ev) => Box::new(ev.prev_events.iter().map(|(id, _)| id)),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.prev_events.iter()),
|
||||
#[cfg(not(feature = "unstable-exhaustive-types"))]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
}
|
||||
|
||||
fn auth_events(&self) -> Box<dyn DoubleEndedIterator<Item = &EventId> + Send + '_> {
|
||||
fn auth_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + Send + '_> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) =>
|
||||
Box::new(ev.auth_events.iter().map(|(id, _)| id.as_ref())),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.auth_events.iter().map(AsRef::as_ref)),
|
||||
| Pdu::RoomV1Pdu(ev) => Box::new(ev.auth_events.iter().map(|(id, _)| id)),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.auth_events.iter()),
|
||||
#[cfg(not(feature = "unstable-exhaustive-types"))]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
}
|
||||
|
||||
fn redacts(&self) -> Option<&EventId> {
|
||||
fn redacts(&self) -> Option<&Self::Id> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) => ev.redacts.as_deref(),
|
||||
| Pdu::RoomV3Pdu(ev) => ev.redacts.as_deref(),
|
||||
| Pdu::RoomV1Pdu(ev) => ev.redacts.as_ref(),
|
||||
| Pdu::RoomV3Pdu(ev) => ev.redacts.as_ref(),
|
||||
#[cfg(not(feature = "unstable-exhaustive-types"))]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
|
|
|
@ -38,7 +38,7 @@ struct GetMembership {
|
|||
membership: MembershipState,
|
||||
}
|
||||
|
||||
#[derive(Deserialize, Debug)]
|
||||
#[derive(Deserialize)]
|
||||
struct RoomMemberContentFields {
|
||||
membership: Option<Raw<MembershipState>>,
|
||||
join_authorised_via_users_server: Option<Raw<OwnedUserId>>,
|
||||
|
@ -133,7 +133,7 @@ pub fn auth_types_for_event(
|
|||
level = "debug",
|
||||
skip_all,
|
||||
fields(
|
||||
event_id = incoming_event.event_id().as_str(),
|
||||
event_id = incoming_event.event_id().borrow().as_str()
|
||||
)
|
||||
)]
|
||||
pub async fn auth_check<F, Fut, Fetched, Incoming>(
|
||||
|
@ -149,9 +149,9 @@ where
|
|||
Incoming: Event + Send + Sync,
|
||||
{
|
||||
debug!(
|
||||
event_id = format!("{}", incoming_event.event_id()),
|
||||
event_type = format!("{}", incoming_event.event_type()),
|
||||
"auth_check beginning"
|
||||
"auth_check beginning for {} ({})",
|
||||
incoming_event.event_id(),
|
||||
incoming_event.event_type()
|
||||
);
|
||||
|
||||
// [synapse] check that all the events are in the same room as `incoming_event`
|
||||
|
@ -259,7 +259,7 @@ where
|
|||
// 3. If event does not have m.room.create in auth_events reject
|
||||
if !incoming_event
|
||||
.auth_events()
|
||||
.any(|id| id == room_create_event.event_id())
|
||||
.any(|id| id.borrow() == room_create_event.event_id().borrow())
|
||||
{
|
||||
warn!("no m.room.create event in auth events");
|
||||
return Ok(false);
|
||||
|
@ -383,15 +383,10 @@ where
|
|||
|
||||
let sender_membership_event_content: RoomMemberContentFields =
|
||||
from_json_str(sender_member_event.content().get())?;
|
||||
let Some(membership_state) = sender_membership_event_content.membership else {
|
||||
warn!(
|
||||
sender_membership_event_content = format!("{sender_membership_event_content:?}"),
|
||||
event_id = format!("{}", incoming_event.event_id()),
|
||||
"Sender membership event content missing membership field"
|
||||
);
|
||||
return Err(Error::InvalidPdu("Missing membership field".to_owned()));
|
||||
};
|
||||
let membership_state = membership_state.deserialize()?;
|
||||
let membership_state = sender_membership_event_content
|
||||
.membership
|
||||
.expect("we should test before that this field exists")
|
||||
.deserialize()?;
|
||||
|
||||
if !matches!(membership_state, MembershipState::Join) {
|
||||
warn!("sender's membership is not join");
|
||||
|
@ -638,7 +633,7 @@ fn valid_membership_change(
|
|||
warn!(?target_user_membership_event_id, "Banned user can't join");
|
||||
false
|
||||
} else if (join_rules == JoinRule::Invite
|
||||
|| room_version.allow_knocking && (join_rules == JoinRule::Knock || matches!(join_rules, JoinRule::KnockRestricted(_))))
|
||||
|| room_version.allow_knocking && join_rules == JoinRule::Knock)
|
||||
// If the join_rule is invite then allow if membership state is invite or join
|
||||
&& (target_user_current_membership == MembershipState::Join
|
||||
|| target_user_current_membership == MembershipState::Invite)
|
||||
|
@ -1021,11 +1016,11 @@ fn check_redaction(
|
|||
|
||||
// If the domain of the event_id of the event being redacted is the same as the
|
||||
// domain of the event_id of the m.room.redaction, allow
|
||||
if redaction_event.event_id().server_name()
|
||||
if redaction_event.event_id().borrow().server_name()
|
||||
== redaction_event
|
||||
.redacts()
|
||||
.as_ref()
|
||||
.and_then(|&id| id.server_name())
|
||||
.and_then(|&id| id.borrow().server_name())
|
||||
{
|
||||
debug!("redaction event allowed via room version 1 rules");
|
||||
return Ok(true);
|
||||
|
|
|
@ -20,7 +20,7 @@ use std::{
|
|||
|
||||
use futures::{Future, FutureExt, Stream, StreamExt, TryFutureExt, TryStreamExt, future};
|
||||
use ruma::{
|
||||
EventId, Int, MilliSecondsSinceUnixEpoch, OwnedEventId, RoomVersionId,
|
||||
EventId, Int, MilliSecondsSinceUnixEpoch, RoomVersionId,
|
||||
events::{
|
||||
StateEventType, TimelineEventType,
|
||||
room::member::{MembershipState, RoomMemberEventContent},
|
||||
|
@ -39,7 +39,9 @@ use crate::{
|
|||
debug, debug_error,
|
||||
matrix::{event::Event, pdu::StateKey},
|
||||
trace,
|
||||
utils::stream::{BroadbandExt, IterStream, ReadyExt, TryBroadbandExt, WidebandExt},
|
||||
utils::stream::{
|
||||
BroadbandExt, IterStream, ReadyExt, TryBroadbandExt, TryReadyExt, WidebandExt,
|
||||
},
|
||||
warn,
|
||||
};
|
||||
|
||||
|
@ -67,6 +69,9 @@ type Result<T, E = Error> = crate::Result<T, E>;
|
|||
/// * `event_fetch` - Any event not found in the `event_map` will defer to this
|
||||
/// closure to find the event.
|
||||
///
|
||||
/// * `parallel_fetches` - The number of asynchronous fetch requests in-flight
|
||||
/// for any given operation.
|
||||
///
|
||||
/// ## Invariants
|
||||
///
|
||||
/// The caller of `resolve` must ensure that all the events are from the same
|
||||
|
@ -77,19 +82,21 @@ type Result<T, E = Error> = crate::Result<T, E>;
|
|||
pub async fn resolve<'a, E, Sets, SetIter, Hasher, Fetch, FetchFut, Exists, ExistsFut>(
|
||||
room_version: &RoomVersionId,
|
||||
state_sets: Sets,
|
||||
auth_chain_sets: &'a [HashSet<OwnedEventId, Hasher>],
|
||||
auth_chain_sets: &'a [HashSet<E::Id, Hasher>],
|
||||
event_fetch: &Fetch,
|
||||
event_exists: &Exists,
|
||||
) -> Result<StateMap<OwnedEventId>>
|
||||
parallel_fetches: usize,
|
||||
) -> Result<StateMap<E::Id>>
|
||||
where
|
||||
Fetch: Fn(OwnedEventId) -> FetchFut + Sync,
|
||||
Fetch: Fn(E::Id) -> FetchFut + Sync,
|
||||
FetchFut: Future<Output = Option<E>> + Send,
|
||||
Exists: Fn(OwnedEventId) -> ExistsFut + Sync,
|
||||
Exists: Fn(E::Id) -> ExistsFut + Sync,
|
||||
ExistsFut: Future<Output = bool> + Send,
|
||||
Sets: IntoIterator<IntoIter = SetIter> + Send,
|
||||
SetIter: Iterator<Item = &'a StateMap<OwnedEventId>> + Clone + Send,
|
||||
SetIter: Iterator<Item = &'a StateMap<E::Id>> + Clone + Send,
|
||||
Hasher: BuildHasher + Send + Sync,
|
||||
E: Event + Clone + Send + Sync,
|
||||
E::Id: Borrow<EventId> + Send + Sync,
|
||||
for<'b> &'b E: Send,
|
||||
{
|
||||
debug!("State resolution starting");
|
||||
|
@ -140,8 +147,13 @@ where
|
|||
|
||||
// Sort the control events based on power_level/clock/event_id and
|
||||
// outgoing/incoming edges
|
||||
let sorted_control_levels =
|
||||
reverse_topological_power_sort(control_events, &all_conflicted, &event_fetch).await?;
|
||||
let sorted_control_levels = reverse_topological_power_sort(
|
||||
control_events,
|
||||
&all_conflicted,
|
||||
&event_fetch,
|
||||
parallel_fetches,
|
||||
)
|
||||
.await?;
|
||||
|
||||
debug!(count = sorted_control_levels.len(), "power events");
|
||||
trace!(list = ?sorted_control_levels, "sorted power events");
|
||||
|
@ -150,7 +162,7 @@ where
|
|||
// Sequentially auth check each control event.
|
||||
let resolved_control = iterative_auth_check(
|
||||
&room_version,
|
||||
sorted_control_levels.iter().stream().map(AsRef::as_ref),
|
||||
sorted_control_levels.iter().stream(),
|
||||
clean.clone(),
|
||||
&event_fetch,
|
||||
)
|
||||
|
@ -167,7 +179,7 @@ where
|
|||
// that failed auth
|
||||
let events_to_resolve: Vec<_> = all_conflicted
|
||||
.iter()
|
||||
.filter(|&id| !deduped_power_ev.contains(id))
|
||||
.filter(|&id| !deduped_power_ev.contains(id.borrow()))
|
||||
.cloned()
|
||||
.collect();
|
||||
|
||||
|
@ -187,7 +199,7 @@ where
|
|||
|
||||
let mut resolved_state = iterative_auth_check(
|
||||
&room_version,
|
||||
sorted_left_events.iter().stream().map(AsRef::as_ref),
|
||||
sorted_left_events.iter().stream(),
|
||||
resolved_control, // The control events are added to the final resolved state
|
||||
&event_fetch,
|
||||
)
|
||||
|
@ -280,14 +292,16 @@ where
|
|||
/// earlier (further back in time) origin server timestamp.
|
||||
#[tracing::instrument(level = "debug", skip_all)]
|
||||
async fn reverse_topological_power_sort<E, F, Fut>(
|
||||
events_to_sort: Vec<OwnedEventId>,
|
||||
auth_diff: &HashSet<OwnedEventId>,
|
||||
events_to_sort: Vec<E::Id>,
|
||||
auth_diff: &HashSet<E::Id>,
|
||||
fetch_event: &F,
|
||||
) -> Result<Vec<OwnedEventId>>
|
||||
parallel_fetches: usize,
|
||||
) -> Result<Vec<E::Id>>
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Send + Sync,
|
||||
E::Id: Borrow<EventId> + Send + Sync,
|
||||
{
|
||||
debug!("reverse topological sort of power events");
|
||||
|
||||
|
@ -297,36 +311,35 @@ where
|
|||
}
|
||||
|
||||
// This is used in the `key_fn` passed to the lexico_topo_sort fn
|
||||
let event_to_pl: HashMap<_, _> = graph
|
||||
let event_to_pl = graph
|
||||
.keys()
|
||||
.cloned()
|
||||
.stream()
|
||||
.broad_filter_map(async |event_id| {
|
||||
let pl = get_power_level_for_sender(&event_id, fetch_event)
|
||||
.await
|
||||
.ok()?;
|
||||
Some((event_id, pl))
|
||||
.map(|event_id| {
|
||||
get_power_level_for_sender(event_id.clone(), fetch_event)
|
||||
.map(move |res| res.map(|pl| (event_id, pl)))
|
||||
})
|
||||
.inspect(|(event_id, pl)| {
|
||||
.buffer_unordered(parallel_fetches)
|
||||
.ready_try_fold(HashMap::new(), |mut event_to_pl, (event_id, pl)| {
|
||||
debug!(
|
||||
event_id = event_id.as_str(),
|
||||
power_level = i64::from(*pl),
|
||||
event_id = event_id.borrow().as_str(),
|
||||
power_level = i64::from(pl),
|
||||
"found the power level of an event's sender",
|
||||
);
|
||||
|
||||
event_to_pl.insert(event_id.clone(), pl);
|
||||
Ok(event_to_pl)
|
||||
})
|
||||
.collect()
|
||||
.boxed()
|
||||
.await;
|
||||
.await?;
|
||||
|
||||
let fetcher = async |event_id: OwnedEventId| {
|
||||
let event_to_pl = &event_to_pl;
|
||||
let fetcher = |event_id: E::Id| async move {
|
||||
let pl = *event_to_pl
|
||||
.get(&event_id)
|
||||
.get(event_id.borrow())
|
||||
.ok_or_else(|| Error::NotFound(String::new()))?;
|
||||
|
||||
let ev = fetch_event(event_id)
|
||||
.await
|
||||
.ok_or_else(|| Error::NotFound(String::new()))?;
|
||||
|
||||
Ok((pl, ev.origin_server_ts()))
|
||||
};
|
||||
|
||||
|
@ -463,17 +476,18 @@ where
|
|||
/// the eventId at the eventId's generation (we walk backwards to `EventId`s
|
||||
/// most recent previous power level event).
|
||||
async fn get_power_level_for_sender<E, F, Fut>(
|
||||
event_id: &EventId,
|
||||
event_id: E::Id,
|
||||
fetch_event: &F,
|
||||
) -> serde_json::Result<Int>
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Send,
|
||||
E::Id: Borrow<EventId> + Send,
|
||||
{
|
||||
debug!("fetch event ({event_id}) senders power level");
|
||||
|
||||
let event = fetch_event(event_id.to_owned()).await;
|
||||
let event = fetch_event(event_id).await;
|
||||
|
||||
let auth_events = event.as_ref().map(Event::auth_events);
|
||||
|
||||
|
@ -481,7 +495,7 @@ where
|
|||
.into_iter()
|
||||
.flatten()
|
||||
.stream()
|
||||
.broadn_filter_map(5, |aid| fetch_event(aid.to_owned()))
|
||||
.broadn_filter_map(5, |aid| fetch_event(aid.clone()))
|
||||
.ready_find(|aev| is_type_and_key(aev, &TimelineEventType::RoomPowerLevels, ""))
|
||||
.await;
|
||||
|
||||
|
@ -514,13 +528,14 @@ where
|
|||
async fn iterative_auth_check<'a, E, F, Fut, S>(
|
||||
room_version: &RoomVersion,
|
||||
events_to_check: S,
|
||||
unconflicted_state: StateMap<OwnedEventId>,
|
||||
unconflicted_state: StateMap<E::Id>,
|
||||
fetch_event: &F,
|
||||
) -> Result<StateMap<OwnedEventId>>
|
||||
) -> Result<StateMap<E::Id>>
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
S: Stream<Item = &'a EventId> + Send + 'a,
|
||||
E::Id: Borrow<EventId> + Clone + Eq + Ord + Send + Sync + 'a,
|
||||
S: Stream<Item = &'a E::Id> + Send + 'a,
|
||||
E: Event + Clone + Send + Sync,
|
||||
{
|
||||
debug!("starting iterative auth check");
|
||||
|
@ -528,7 +543,7 @@ where
|
|||
let events_to_check: Vec<_> = events_to_check
|
||||
.map(Result::Ok)
|
||||
.broad_and_then(async |event_id| {
|
||||
fetch_event(event_id.to_owned())
|
||||
fetch_event(event_id.clone())
|
||||
.await
|
||||
.ok_or_else(|| Error::NotFound(format!("Failed to find {event_id}")))
|
||||
})
|
||||
|
@ -536,16 +551,16 @@ where
|
|||
.boxed()
|
||||
.await?;
|
||||
|
||||
let auth_event_ids: HashSet<OwnedEventId> = events_to_check
|
||||
let auth_event_ids: HashSet<E::Id> = events_to_check
|
||||
.iter()
|
||||
.flat_map(|event: &E| event.auth_events().map(ToOwned::to_owned))
|
||||
.flat_map(|event: &E| event.auth_events().map(Clone::clone))
|
||||
.collect();
|
||||
|
||||
let auth_events: HashMap<OwnedEventId, E> = auth_event_ids
|
||||
let auth_events: HashMap<E::Id, E> = auth_event_ids
|
||||
.into_iter()
|
||||
.stream()
|
||||
.broad_filter_map(fetch_event)
|
||||
.map(|auth_event| (auth_event.event_id().to_owned(), auth_event))
|
||||
.map(|auth_event| (auth_event.event_id().clone(), auth_event))
|
||||
.collect()
|
||||
.boxed()
|
||||
.await;
|
||||
|
@ -566,7 +581,7 @@ where
|
|||
|
||||
let mut auth_state = StateMap::new();
|
||||
for aid in event.auth_events() {
|
||||
if let Some(ev) = auth_events.get(aid) {
|
||||
if let Some(ev) = auth_events.get(aid.borrow()) {
|
||||
//TODO: synapse checks "rejected_reason" which is most likely related to
|
||||
// soft-failing
|
||||
auth_state.insert(
|
||||
|
@ -577,7 +592,7 @@ where
|
|||
ev.clone(),
|
||||
);
|
||||
} else {
|
||||
warn!(event_id = aid.as_str(), "missing auth event");
|
||||
warn!(event_id = aid.borrow().as_str(), "missing auth event");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -586,7 +601,7 @@ where
|
|||
.stream()
|
||||
.ready_filter_map(|key| Some((key, resolved_state.get(key)?)))
|
||||
.filter_map(|(key, ev_id)| async move {
|
||||
if let Some(event) = auth_events.get(ev_id) {
|
||||
if let Some(event) = auth_events.get(ev_id.borrow()) {
|
||||
Some((key, event.clone()))
|
||||
} else {
|
||||
Some((key, fetch_event(ev_id.clone()).await?))
|
||||
|
@ -618,7 +633,7 @@ where
|
|||
// add event to resolved state map
|
||||
resolved_state.insert(
|
||||
event.event_type().with_state_key(state_key),
|
||||
event.event_id().to_owned(),
|
||||
event.event_id().clone(),
|
||||
);
|
||||
},
|
||||
| Ok(false) => {
|
||||
|
@ -645,14 +660,15 @@ where
|
|||
/// level as a parent) will be marked as depth 1. depth 1 is "older" than depth
|
||||
/// 0.
|
||||
async fn mainline_sort<E, F, Fut>(
|
||||
to_sort: &[OwnedEventId],
|
||||
resolved_power_level: Option<OwnedEventId>,
|
||||
to_sort: &[E::Id],
|
||||
resolved_power_level: Option<E::Id>,
|
||||
fetch_event: &F,
|
||||
) -> Result<Vec<OwnedEventId>>
|
||||
) -> Result<Vec<E::Id>>
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Clone + Send + Sync,
|
||||
E::Id: Borrow<EventId> + Clone + Send + Sync,
|
||||
{
|
||||
debug!("mainline sort of events");
|
||||
|
||||
|
@ -672,7 +688,7 @@ where
|
|||
|
||||
pl = None;
|
||||
for aid in event.auth_events() {
|
||||
let ev = fetch_event(aid.to_owned())
|
||||
let ev = fetch_event(aid.clone())
|
||||
.await
|
||||
.ok_or_else(|| Error::NotFound(format!("Failed to find {aid}")))?;
|
||||
|
||||
|
@ -718,25 +734,26 @@ where
|
|||
/// that has an associated mainline depth.
|
||||
async fn get_mainline_depth<E, F, Fut>(
|
||||
mut event: Option<E>,
|
||||
mainline_map: &HashMap<OwnedEventId, usize>,
|
||||
mainline_map: &HashMap<E::Id, usize>,
|
||||
fetch_event: &F,
|
||||
) -> Result<usize>
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Send + Sync,
|
||||
E::Id: Borrow<EventId> + Send + Sync,
|
||||
{
|
||||
while let Some(sort_ev) = event {
|
||||
debug!(event_id = sort_ev.event_id().as_str(), "mainline");
|
||||
debug!(event_id = sort_ev.event_id().borrow().as_str(), "mainline");
|
||||
|
||||
let id = sort_ev.event_id();
|
||||
if let Some(depth) = mainline_map.get(id) {
|
||||
if let Some(depth) = mainline_map.get(id.borrow()) {
|
||||
return Ok(*depth);
|
||||
}
|
||||
|
||||
event = None;
|
||||
for aid in sort_ev.auth_events() {
|
||||
let aev = fetch_event(aid.to_owned())
|
||||
let aev = fetch_event(aid.clone())
|
||||
.await
|
||||
.ok_or_else(|| Error::NotFound(format!("Failed to find {aid}")))?;
|
||||
|
||||
|
@ -751,14 +768,15 @@ where
|
|||
}
|
||||
|
||||
async fn add_event_and_auth_chain_to_graph<E, F, Fut>(
|
||||
graph: &mut HashMap<OwnedEventId, HashSet<OwnedEventId>>,
|
||||
event_id: OwnedEventId,
|
||||
auth_diff: &HashSet<OwnedEventId>,
|
||||
graph: &mut HashMap<E::Id, HashSet<E::Id>>,
|
||||
event_id: E::Id,
|
||||
auth_diff: &HashSet<E::Id>,
|
||||
fetch_event: &F,
|
||||
) where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Send + Sync,
|
||||
E::Id: Borrow<EventId> + Clone + Send + Sync,
|
||||
{
|
||||
let mut state = vec![event_id];
|
||||
while let Some(eid) = state.pop() {
|
||||
|
@ -768,27 +786,26 @@ async fn add_event_and_auth_chain_to_graph<E, F, Fut>(
|
|||
|
||||
// Prefer the store to event as the store filters dedups the events
|
||||
for aid in auth_events {
|
||||
if auth_diff.contains(aid) {
|
||||
if !graph.contains_key(aid) {
|
||||
if auth_diff.contains(aid.borrow()) {
|
||||
if !graph.contains_key(aid.borrow()) {
|
||||
state.push(aid.to_owned());
|
||||
}
|
||||
|
||||
graph
|
||||
.get_mut(&eid)
|
||||
.expect("We just inserted this at the start of the while loop")
|
||||
.insert(aid.to_owned());
|
||||
// We just inserted this at the start of the while loop
|
||||
graph.get_mut(eid.borrow()).unwrap().insert(aid.to_owned());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
async fn is_power_event_id<E, F, Fut>(event_id: &EventId, fetch: &F) -> bool
|
||||
async fn is_power_event_id<E, F, Fut>(event_id: &E::Id, fetch: &F) -> bool
|
||||
where
|
||||
F: Fn(OwnedEventId) -> Fut + Sync,
|
||||
F: Fn(E::Id) -> Fut + Sync,
|
||||
Fut: Future<Output = Option<E>> + Send,
|
||||
E: Event + Send,
|
||||
E::Id: Borrow<EventId> + Send + Sync,
|
||||
{
|
||||
match fetch(event_id.to_owned()).await.as_ref() {
|
||||
match fetch(event_id.clone()).await.as_ref() {
|
||||
| Some(state) => is_power_event(state),
|
||||
| _ => false,
|
||||
}
|
||||
|
@ -892,13 +909,13 @@ mod tests {
|
|||
|
||||
let fetcher = |id| ready(events.get(&id).cloned());
|
||||
let sorted_power_events =
|
||||
super::reverse_topological_power_sort(power_events, &auth_chain, &fetcher)
|
||||
super::reverse_topological_power_sort(power_events, &auth_chain, &fetcher, 1)
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let resolved_power = super::iterative_auth_check(
|
||||
&RoomVersion::V6,
|
||||
sorted_power_events.iter().map(AsRef::as_ref).stream(),
|
||||
sorted_power_events.iter().stream(),
|
||||
HashMap::new(), // unconflicted events
|
||||
&fetcher,
|
||||
)
|
||||
|
@ -1283,7 +1300,7 @@ mod tests {
|
|||
let ev_map = store.0.clone();
|
||||
let fetcher = |id| ready(ev_map.get(&id).cloned());
|
||||
|
||||
let exists = |id: OwnedEventId| ready(ev_map.get(&*id).is_some());
|
||||
let exists = |id: <PduEvent as Event>::Id| ready(ev_map.get(&*id).is_some());
|
||||
|
||||
let state_sets = [state_at_bob, state_at_charlie];
|
||||
let auth_chain: Vec<_> = state_sets
|
||||
|
@ -1295,13 +1312,19 @@ mod tests {
|
|||
})
|
||||
.collect();
|
||||
|
||||
let resolved =
|
||||
match super::resolve(&RoomVersionId::V2, &state_sets, &auth_chain, &fetcher, &exists)
|
||||
.await
|
||||
{
|
||||
| Ok(state) => state,
|
||||
| Err(e) => panic!("{e}"),
|
||||
};
|
||||
let resolved = match super::resolve(
|
||||
&RoomVersionId::V2,
|
||||
&state_sets,
|
||||
&auth_chain,
|
||||
&fetcher,
|
||||
&exists,
|
||||
1,
|
||||
)
|
||||
.await
|
||||
{
|
||||
| Ok(state) => state,
|
||||
| Err(e) => panic!("{e}"),
|
||||
};
|
||||
|
||||
assert_eq!(expected, resolved);
|
||||
}
|
||||
|
@ -1406,15 +1429,21 @@ mod tests {
|
|||
})
|
||||
.collect();
|
||||
|
||||
let fetcher = |id: OwnedEventId| ready(ev_map.get(&id).cloned());
|
||||
let exists = |id: OwnedEventId| ready(ev_map.get(&id).is_some());
|
||||
let resolved =
|
||||
match super::resolve(&RoomVersionId::V6, &state_sets, &auth_chain, &fetcher, &exists)
|
||||
.await
|
||||
{
|
||||
| Ok(state) => state,
|
||||
| Err(e) => panic!("{e}"),
|
||||
};
|
||||
let fetcher = |id: <PduEvent as Event>::Id| ready(ev_map.get(&id).cloned());
|
||||
let exists = |id: <PduEvent as Event>::Id| ready(ev_map.get(&id).is_some());
|
||||
let resolved = match super::resolve(
|
||||
&RoomVersionId::V6,
|
||||
&state_sets,
|
||||
&auth_chain,
|
||||
&fetcher,
|
||||
&exists,
|
||||
1,
|
||||
)
|
||||
.await
|
||||
{
|
||||
| Ok(state) => state,
|
||||
| Err(e) => panic!("{e}"),
|
||||
};
|
||||
|
||||
debug!(
|
||||
resolved = ?resolved
|
||||
|
|
|
@ -133,11 +133,17 @@ pub(crate) async fn do_check(
|
|||
.collect();
|
||||
|
||||
let event_map = &event_map;
|
||||
let fetch = |id: OwnedEventId| ready(event_map.get(&id).cloned());
|
||||
let exists = |id: OwnedEventId| ready(event_map.get(&id).is_some());
|
||||
let resolved =
|
||||
super::resolve(&RoomVersionId::V6, state_sets, &auth_chain_sets, &fetch, &exists)
|
||||
.await;
|
||||
let fetch = |id: <PduEvent as Event>::Id| ready(event_map.get(&id).cloned());
|
||||
let exists = |id: <PduEvent as Event>::Id| ready(event_map.get(&id).is_some());
|
||||
let resolved = super::resolve(
|
||||
&RoomVersionId::V6,
|
||||
state_sets,
|
||||
&auth_chain_sets,
|
||||
&fetch,
|
||||
&exists,
|
||||
1,
|
||||
)
|
||||
.await;
|
||||
|
||||
match resolved {
|
||||
| Ok(state) => state,
|
||||
|
@ -241,8 +247,8 @@ impl<E: Event + Clone> TestStore<E> {
|
|||
pub(crate) fn auth_event_ids(
|
||||
&self,
|
||||
room_id: &RoomId,
|
||||
event_ids: Vec<OwnedEventId>,
|
||||
) -> Result<HashSet<OwnedEventId>> {
|
||||
event_ids: Vec<E::Id>,
|
||||
) -> Result<HashSet<E::Id>> {
|
||||
let mut result = HashSet::new();
|
||||
let mut stack = event_ids;
|
||||
|
||||
|
@ -578,7 +584,7 @@ pub(crate) fn INITIAL_EDGES() -> Vec<OwnedEventId> {
|
|||
|
||||
pub(crate) mod event {
|
||||
use ruma::{
|
||||
EventId, MilliSecondsSinceUnixEpoch, OwnedEventId, RoomId, UserId,
|
||||
MilliSecondsSinceUnixEpoch, OwnedEventId, RoomId, UserId,
|
||||
events::{TimelineEventType, pdu::Pdu},
|
||||
};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
@ -587,7 +593,9 @@ pub(crate) mod event {
|
|||
use crate::Event;
|
||||
|
||||
impl Event for PduEvent {
|
||||
fn event_id(&self) -> &EventId { &self.event_id }
|
||||
type Id = OwnedEventId;
|
||||
|
||||
fn event_id(&self) -> &Self::Id { &self.event_id }
|
||||
|
||||
fn room_id(&self) -> &RoomId {
|
||||
match &self.rest {
|
||||
|
@ -644,31 +652,29 @@ pub(crate) mod event {
|
|||
}
|
||||
|
||||
#[allow(refining_impl_trait)]
|
||||
fn prev_events(&self) -> Box<dyn DoubleEndedIterator<Item = &EventId> + Send + '_> {
|
||||
fn prev_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + Send + '_> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) =>
|
||||
Box::new(ev.prev_events.iter().map(|(id, _)| id.as_ref())),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.prev_events.iter().map(AsRef::as_ref)),
|
||||
| Pdu::RoomV1Pdu(ev) => Box::new(ev.prev_events.iter().map(|(id, _)| id)),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.prev_events.iter()),
|
||||
#[allow(unreachable_patterns)]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
}
|
||||
|
||||
#[allow(refining_impl_trait)]
|
||||
fn auth_events(&self) -> Box<dyn DoubleEndedIterator<Item = &EventId> + Send + '_> {
|
||||
fn auth_events(&self) -> Box<dyn DoubleEndedIterator<Item = &Self::Id> + Send + '_> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) =>
|
||||
Box::new(ev.auth_events.iter().map(|(id, _)| id.as_ref())),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.auth_events.iter().map(AsRef::as_ref)),
|
||||
| Pdu::RoomV1Pdu(ev) => Box::new(ev.auth_events.iter().map(|(id, _)| id)),
|
||||
| Pdu::RoomV3Pdu(ev) => Box::new(ev.auth_events.iter()),
|
||||
#[allow(unreachable_patterns)]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
}
|
||||
|
||||
fn redacts(&self) -> Option<&EventId> {
|
||||
fn redacts(&self) -> Option<&Self::Id> {
|
||||
match &self.rest {
|
||||
| Pdu::RoomV1Pdu(ev) => ev.redacts.as_deref(),
|
||||
| Pdu::RoomV3Pdu(ev) => ev.redacts.as_deref(),
|
||||
| Pdu::RoomV1Pdu(ev) => ev.redacts.as_ref(),
|
||||
| Pdu::RoomV3Pdu(ev) => ev.redacts.as_ref(),
|
||||
#[allow(unreachable_patterns)]
|
||||
| _ => unreachable!("new PDU version"),
|
||||
}
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
type Delim<'a> = (&'a str, &'a str);
|
||||
|
||||
/// Slice a string between a pair of delimiters.
|
||||
/// Slice a string between a pair of delimeters.
|
||||
pub trait Between<'a> {
|
||||
/// Extract a string between the delimiters. If the delimiters were not
|
||||
/// Extract a string between the delimeters. If the delimeters were not
|
||||
/// found None is returned, otherwise the first extraction is returned.
|
||||
fn between(&self, delim: Delim<'_>) -> Option<&'a str>;
|
||||
|
||||
/// Extract a string between the delimiters. If the delimiters were not
|
||||
/// Extract a string between the delimeters. If the delimeters were not
|
||||
/// found the original string is returned; take note of this behavior,
|
||||
/// if an empty slice is desired for this case use the fallible version and
|
||||
/// unwrap to EMPTY.
|
||||
|
|
|
@ -193,7 +193,7 @@ fn get_cache(ctx: &Context, desc: &Descriptor) -> Option<Cache> {
|
|||
return None;
|
||||
}
|
||||
|
||||
// Some cache capacities are overridden by server config in a strange but
|
||||
// Some cache capacities are overriden by server config in a strange but
|
||||
// legacy-compat way
|
||||
let config = &ctx.server.config;
|
||||
let cap = match desc.name {
|
||||
|
|
|
@ -36,7 +36,6 @@ assets = [
|
|||
|
||||
[features]
|
||||
default = [
|
||||
"blurhashing",
|
||||
"brotli_compression",
|
||||
"element_hacks",
|
||||
"gzip_compression",
|
||||
|
|
|
@ -74,30 +74,17 @@ pub(crate) struct Args {
|
|||
/// with the exception of the last bucket, try increasing this value to e.g.
|
||||
/// 50 or 100. Inversely, decrease to 10 etc if the histogram lacks
|
||||
/// resolution.
|
||||
#[arg(
|
||||
long,
|
||||
hide(true),
|
||||
env = "CONTINUWUITY_RUNTIME_HISTOGRAM_INTERVAL",
|
||||
env = "CONDUWUIT_RUNTIME_HISTOGRAM_INTERVAL",
|
||||
default_value = "25"
|
||||
)]
|
||||
#[arg(long, hide(true), env = "CONDUWUIT_RUNTIME_HISTOGRAM_INTERVAL", default_value = "25")]
|
||||
pub(crate) worker_histogram_interval: u64,
|
||||
|
||||
/// Set the histogram bucket count (tokio_unstable). Default is 20.
|
||||
#[arg(
|
||||
long,
|
||||
hide(true),
|
||||
env = "CONTINUWUITY_RUNTIME_HISTOGRAM_BUCKETS",
|
||||
env = "CONDUWUIT_RUNTIME_HISTOGRAM_BUCKETS",
|
||||
default_value = "20"
|
||||
)]
|
||||
#[arg(long, hide(true), env = "CONDUWUIT_RUNTIME_HISTOGRAM_BUCKETS", default_value = "20")]
|
||||
pub(crate) worker_histogram_buckets: usize,
|
||||
|
||||
/// Toggles worker affinity feature.
|
||||
#[arg(
|
||||
long,
|
||||
hide(true),
|
||||
env = "CONTINUWUITY_RUNTIME_WORKER_AFFINITY",
|
||||
env = "CONDUWUIT_RUNTIME_WORKER_AFFINITY",
|
||||
action = ArgAction::Set,
|
||||
num_args = 0..=1,
|
||||
|
@ -112,7 +99,6 @@ pub(crate) struct Args {
|
|||
#[arg(
|
||||
long,
|
||||
hide(true),
|
||||
env = "CONTINUWUITY_RUNTIME_GC_ON_PARK",
|
||||
env = "CONDUWUIT_RUNTIME_GC_ON_PARK",
|
||||
action = ArgAction::Set,
|
||||
num_args = 0..=1,
|
||||
|
|
|
@ -73,7 +73,7 @@ async fn async_main(server: &Arc<Server>) -> Result<(), Error> {
|
|||
.lock()
|
||||
.await
|
||||
.take()
|
||||
.expect("services initialized"),
|
||||
.expect("services initialied"),
|
||||
)
|
||||
.await
|
||||
{
|
||||
|
|
|
@ -13,8 +13,8 @@ pub(super) fn restart() -> ! {
|
|||
//
|
||||
// We can (and do) prevent that panic by checking the result of current_exe()
|
||||
// prior to committing to restart, returning an error to the user without any
|
||||
// unexpected shutdown. In a nutshell that is the excuse for this unsafety.
|
||||
// Nevertheless, we still want a way to override the restart presentation (i.e.
|
||||
// unexpected shutdown. In a nutshell that is the execuse for this unsafety.
|
||||
// Nevertheless, we still want a way to override the restart preventation (i.e.
|
||||
// admin server restart --force).
|
||||
let exe = unsafe { utils::sys::current_exe().expect("program path must be available") };
|
||||
let envs = env::vars();
|
||||
|
|
|
@ -98,7 +98,12 @@ pub(super) fn shutdown(server: &Arc<Server>, runtime: tokio::runtime::Runtime) {
|
|||
Level::INFO
|
||||
};
|
||||
|
||||
wait_shutdown(server, runtime);
|
||||
debug!(
|
||||
timeout = ?SHUTDOWN_TIMEOUT,
|
||||
"Waiting for runtime..."
|
||||
);
|
||||
|
||||
runtime.shutdown_timeout(SHUTDOWN_TIMEOUT);
|
||||
let runtime_metrics = server.server.metrics.runtime_interval().unwrap_or_default();
|
||||
|
||||
event!(LEVEL, ?runtime_metrics, "Final runtime metrics");
|
||||
|
@ -106,23 +111,13 @@ pub(super) fn shutdown(server: &Arc<Server>, runtime: tokio::runtime::Runtime) {
|
|||
|
||||
#[cfg(not(tokio_unstable))]
|
||||
#[tracing::instrument(name = "stop", level = "info", skip_all)]
|
||||
pub(super) fn shutdown(server: &Arc<Server>, runtime: tokio::runtime::Runtime) {
|
||||
wait_shutdown(server, runtime);
|
||||
}
|
||||
|
||||
fn wait_shutdown(_server: &Arc<Server>, runtime: tokio::runtime::Runtime) {
|
||||
pub(super) fn shutdown(_server: &Arc<Server>, runtime: tokio::runtime::Runtime) {
|
||||
debug!(
|
||||
timeout = ?SHUTDOWN_TIMEOUT,
|
||||
"Waiting for runtime..."
|
||||
);
|
||||
|
||||
runtime.shutdown_timeout(SHUTDOWN_TIMEOUT);
|
||||
|
||||
// Join any jemalloc threads so they don't appear in use at exit.
|
||||
#[cfg(all(not(target_env = "msvc"), feature = "jemalloc"))]
|
||||
conduwuit_core::alloc::je::background_thread_enable(false)
|
||||
.log_debug_err()
|
||||
.ok();
|
||||
}
|
||||
|
||||
#[tracing::instrument(
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue