Richard van der Hoff
1bbc9e2df6
Clean up exception handling in SAML2ResponseResource ( #7614 )
...
* Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string
* Clean up exception handling in SAML2ResponseResource
* use the existing code in `return_html_error` instead of re-implementing it
(giving it a jinja2 template rather than inventing a new form of template)
* do the exception-catching in the REST layer rather than in the handler
layer, to make sure we catch all exceptions.
2020-06-03 10:41:12 +01:00
Jason Robinson
4be968d05d
Fix sample config docs error ( #7581 )
...
'client_auth_method' commented out value was erronously 'client_auth_basic',
when code and docstring says it should be 'client_secret_basic'.
Signed-off-by: Jason Robinson <jasonr@matrix.org>
2020-05-27 13:52:18 +01:00
Erik Johnston
d7d8a2e7ee
Fix up comments
2020-05-27 13:34:46 +01:00
Erik Johnston
4ba55559ac
Fix specifying cache factors via env vars with * in name. ( #7580 )
...
This mostly applise to `*stateGroupCache*` and co.
Broke in #6391 .
2020-05-27 13:17:01 +01:00
Erik Johnston
e5c67d04db
Add option to move event persistence off master ( #7517 )
2020-05-22 16:11:35 +01:00
Richard van der Hoff
66a564c859
Fix some DETECTED VIOLATIONS in the config file ( #7550 )
...
consistency ftw
2020-05-22 10:11:50 +01:00
Erik Johnston
1de36407d1
Add instance_map
config and route replication calls ( #7495 )
2020-05-14 14:00:58 +01:00
Paul Tötterman
46cb2550bb
Fix copypasted comment ( #7477 )
...
Signed-off-by: Paul Tötterman <paul.totterman@iki.fi>
2020-05-13 16:55:43 +01:00
Erik Johnston
1a1da60ad2
Fix new flake8 errors ( #7470 )
2020-05-12 11:20:48 +01:00
Amber Brown
7cb8b4bc67
Allow configuration of Synapse's cache without using synctl or environment variables ( #6391 )
2020-05-11 18:45:23 +01:00
Andrew Morgan
5cf758cdd6
Merge branch 'release-v1.13.0' into develop
...
* release-v1.13.0:
Don't UPGRADE database rows
RST indenting
Put rollback instructions in upgrade notes
Fix changelog typo
Oh yeah, RST
Absolute URL it is then
Fix upgrade notes link
Provide summary of upgrade issues in changelog. Fix )
Move next version notes from changelog to upgrade notes
Changelog fixes
1.13.0rc1
Documentation on setting up redis (#7446 )
Rework UI Auth session validation for registration (#7455 )
Fix errors from malformed log line (#7454 )
Drop support for redis.dbid (#7450 )
2020-05-11 16:46:33 +01:00
Andrew Morgan
67feea8044
Extend spam checker to allow for multiple modules ( #7435 )
2020-05-08 19:25:48 +01:00
Quentin Gliech
616af44137
Implement OpenID Connect-based login ( #7256 )
2020-05-08 08:30:40 -04:00
Richard van der Hoff
da9b2db3af
Drop support for redis.dbid ( #7450 )
...
Since we only use pubsub, the dbid is irrelevant.
2020-05-07 16:46:15 +01:00
Brendan Abolivier
d9b8d27494
Add a configuration setting for the dummy event threshold ( #7422 )
...
Add dummy_events_threshold which allows configuring the number of forward extremities a room needs for Synapse to send forward extremities in it.
2020-05-07 10:35:23 +01:00
Andrew Morgan
eeef9633af
Fix fallback value for account_threepid_delegates.email ( #7316 )
2020-04-29 11:30:06 +01:00
Andrew Morgan
ce207aa0ff
Fix typo 'datbases' in ConfigError
2020-04-28 16:53:10 +01:00
Brendan Abolivier
cc9eceb00d
Don't crash when one of the configuration files is empty ( #7341 )
...
If the admin adds a `.yaml` file that's either empty or doesn't parse into a dict to a config directory (e.g. `conf.d` for debs installs), stuff like https://github.com/matrix-org/synapse/issues/7322 would happen. This PR checks that the file is correctly parsed into a dict, or ignores it with a warning if it parses into any other type (including `None` for empty files).
Fixes https://github.com/matrix-org/synapse/issues/7322
2020-04-27 15:01:03 +02:00
Patrick Cloke
7bfe0902ce
Add documentation to the sample config about the templates for SSO. ( #7343 )
2020-04-24 15:03:49 -04:00
Brendan Abolivier
2e3b9a0fcb
Revert "Revert "Merge pull request #7315 from matrix-org/babolivier/request_token""
...
This reverts commit 1adf6a5587
.
2020-04-23 11:23:53 +02:00
Erik Johnston
51f7eaf908
Add ability to run replication protocol over redis. ( #7040 )
...
This is configured via the `redis` config options.
2020-04-22 13:07:41 +01:00
Lars Franke
13917232d5
Fix indention in generated config file ( #7300 )
...
Also adjust sample_config.yaml
Signed-off-by: Lars Franke <frcl@mailbox.org>
2020-04-20 16:51:27 +01:00
Patrick Cloke
054c231e58
Use a template for the SSO success page to allow for customization. ( #7279 )
2020-04-17 13:34:55 -04:00
Tristan Lins
c07fca9e2f
Clarify the comments for media_storage_providers options ( #7272 )
2020-04-17 07:09:33 -04:00
Andrew Morgan
a48138784e
Allow specifying the value of Accept-Language header for URL previews ( #7265 )
2020-04-15 13:35:29 +01:00
Patrick Cloke
b85d7652ff
Do not allow a deactivated user to login via SSO. ( #7240 )
2020-04-09 13:28:13 -04:00
Richard van der Hoff
5a709630bf
Fix --help commandline argument ( #7249 )
...
I don't really remember why this was so complicated; I think it dates
back to the time when we had to instantiate the Config classes before
we could call `add_arguments` - ie before #5597 . In any case, I don't
think there's a good reason for it any more, and the impact of it
being complicated is that `--help` doesn't work correctly.
2020-04-09 12:44:37 +01:00
Andrew Morgan
29b7e22b93
Add documentation to password_providers config option ( #7238 )
2020-04-08 00:46:50 +01:00
Martin Milata
b0db928c63
Extend web_client_location to handle absolute URLs ( #7006 )
...
Log warning when filesystem path is used.
Signed-off-by: Martin Milata <martin@martinmilata.cz>
2020-04-03 11:57:34 -04:00
Andrew Morgan
d9f29f8dae
Fix a small typo in the metrics_flags
config option. ( #7171 )
2020-03-30 17:38:21 +01:00
Richard van der Hoff
b7da598a61
Always whitelist the login fallback for SSO ( #7153 )
...
That fallback sets the redirect URL to itself (so it can process the login
token then return gracefully to the client). This would make it pointless to
ask the user for confirmation, since the URL the confirmation page would be
showing wouldn't be the client's.
2020-03-27 20:24:52 +00:00
Dirk Klimpel
8327eb9280
Add options to prevent users from changing their profile. ( #7096 )
2020-03-27 19:15:23 +00:00
Nektarios Katakis
825fb5d0a5
Don't default to an invalid sqlite config if no database configuration is provided ( #6573 )
2020-03-26 17:13:14 +00:00
Dirk Klimpel
e8e2ddb60a
Allow server admins to define and enforce a password policy (MSC2000). ( #7118 )
2020-03-26 16:51:13 +00:00
Aaron Raimist
6ca5e56fd1
Remove unused captcha_bypass_secret option ( #7137 )
...
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2020-03-25 17:49:34 +00:00
Richard van der Hoff
c165c1233b
Improve database configuration docs ( #6988 )
...
Attempts to clarify the sample config for databases, and add some stuff about
tcp keepalives to `postgres.md`.
2020-03-20 15:24:22 +00:00
Richard van der Hoff
6a35046363
Revert "Add options to disable setting profile info for prevent changes. ( #7053 )"
...
This reverts commit 54dd28621b
, reversing
changes made to 6640460d05
.
2020-03-17 11:25:01 +00:00
Brendan Abolivier
0de9f9486a
Lint
2020-03-11 20:39:18 +00:00
Brendan Abolivier
f9e98176bf
Put the file in the templates directory
2020-03-11 20:31:42 +00:00
Brendan Abolivier
900bca9707
Update wording and config
2020-03-11 19:40:30 +00:00
Brendan Abolivier
b8cfe79ffc
Move the default SAML2 error HTML to a dedicated file
...
Also add some JS to it to process any error we might have in the URI
(see #6893 ).
2020-03-11 19:33:16 +00:00
Brendan Abolivier
54dd28621b
Add options to disable setting profile info for prevent changes. ( #7053 )
2020-03-10 22:23:01 +00:00
Dirk Klimpel
42ac4ca477
Update synapse/config/registration.py
...
Co-Authored-By: Brendan Abolivier <github@brendanabolivier.com>
2020-03-10 21:26:55 +01:00
Brendan Abolivier
8f826f98ac
Rephrase default message
2020-03-10 17:22:45 +00:00
Brendan Abolivier
5ec2077bf9
Lint
2020-03-10 14:04:20 +00:00
Brendan Abolivier
6b0efe73e2
SAML2: render a comprehensible error page if something goes wrong
...
If an error happened while processing a SAML AuthN response, or a client
ends up doing a `GET` request to `/authn_response`, then render a
customisable error page rather than a confusing error.
2020-03-10 13:59:22 +00:00
dklimpel
885134529f
updates after review
2020-03-09 22:09:29 +01:00
dklimpel
99bbe177b6
add disable_3pid_changes
2020-03-08 21:58:12 +01:00
dklimpel
20545a2199
lint2
2020-03-08 15:28:00 +01:00
dklimpel
fb078f921b
changelog
2020-03-08 15:19:07 +01:00
dklimpel
1f5f3ae8b1
Add options to disable setting profile info for prevent changes.
2020-03-08 14:49:33 +01:00
Brendan Abolivier
43f874055d
Merge branch 'master' into develop
2020-03-03 15:20:49 +00:00
Brendan Abolivier
65c73cdfec
Factor out complete_sso_login and expose it to the Module API
2020-03-03 10:54:44 +00:00
Richard van der Hoff
b68041df3d
Add a whitelist for the SSO confirmation step.
2020-03-02 17:05:09 +00:00
Brendan Abolivier
b2bd54a2e3
Add a confirmation step to the SSO login flow
2020-03-02 16:36:32 +00:00
Richard van der Hoff
4c2ed3f20e
Fix minor issues with email config ( #6962 )
...
* Give `notif_template_html`, `notif_template_text` default values (fixes #6960 )
* Don't complain if `smtp_host` and `smtp_port` are unset, since they have sensible defaults (fixes #6961 )
* Set the example for `enable_notifs` to `True`, for consistency and because it's more useful
* Raise errors as ConfigError rather than RuntimeError for nicer formatting
2020-02-24 15:18:38 +00:00
Patrick Cloke
509e381afa
Clarify list/set/dict/tuple comprehensions and enforce via flake8 ( #6957 )
...
Ensure good comprehension hygiene using flake8-comprehensions.
2020-02-21 07:15:07 -05:00
Brendan Abolivier
d484126bf7
Merge pull request #6907 from matrix-org/babolivier/acme-config
...
Add mention and warning about ACME v1 deprecation to the TLS config
2020-02-18 16:11:31 +00:00
Richard van der Hoff
97a42bbc3a
Add a warning about indentation to generated config ( #6920 )
...
Fixes #6916 .
2020-02-14 16:22:30 +00:00
Brendan Abolivier
36af094017
Linters are hard but in they end they just want what's best for us
2020-02-13 17:03:41 +00:00
Brendan Abolivier
ef9c275d96
Add a separator for the config warning
2020-02-13 15:44:14 +00:00
Brendan Abolivier
5820ed905f
Add mention and warning about ACME v1 deprecation to the Synapse config
2020-02-13 14:20:08 +00:00
timfi
bce557175b
Allow empty federation_certificate_verification_whitelist ( #6849 )
2020-02-06 14:45:01 +00:00
Andrew Morgan
198d52da3a
Fix empty account_validity config block
2020-01-20 14:05:29 +00:00
Brendan Abolivier
a17f64361c
Add more logging around message retention policies support ( #6717 )
...
So we can debug issues like #6683 more easily
2020-01-17 20:51:44 +00:00
Richard van der Hoff
2b6a77fcde
Delegate remote_user_id mapping to the saml mapping provider ( #6723 )
...
Turns out that figuring out a remote user id for the SAML user isn't quite as obvious as it seems. Factor it out to the SamlMappingProvider so that it's easy to control.
2020-01-17 10:32:47 +00:00
Richard van der Hoff
5ce0b17e38
Clarify the account_validity
and email
sections of the sample configuration. ( #6685 )
...
Generally try to make this more comprehensible, and make it match the
conventions.
I've removed the documentation for all the settings which allow you to change
the names of the template files, because I can't really see why they are
useful.
2020-01-17 10:04:15 +00:00
Brendan Abolivier
2b6b7f482a
Merge pull request #6621 from matrix-org/babolivier/purge_job_config_typo
...
Fix a typo in the purge jobs configuration example
2020-01-07 16:17:40 +01:00
Brendan Abolivier
391fb47791
Reword
2020-01-07 14:54:32 +00:00
Brendan Abolivier
3a86477162
Change the example from 5min to 12h
...
Have a purge job running every 5min is probably not something we want to advise admins to do as a sort-of default.
2020-01-07 14:53:07 +00:00
Erik Johnston
9f6c1befbb
Add experimental 'databases' config ( #6580 )
2020-01-06 14:44:01 +00:00
Richard van der Hoff
08815566bc
Automate generation of the sample and debian log configs ( #6627 )
2020-01-03 17:14:00 +00:00
Richard van der Hoff
e484101306
Raise an error if someone tries to use the log_file config option ( #6626 )
...
This has caused some confusion for people who didn't notice it going away.
2020-01-03 17:11:29 +00:00
Richard van der Hoff
98247c4a0e
Remove unused, undocumented "content repo" resource ( #6628 )
...
This looks like it got half-killed back in #888 .
Fixes #6567 .
2020-01-03 17:10:52 +00:00
Brendan Abolivier
4efe1d4d3f
Fix a typo in the purge jobs configuration example
2020-01-03 12:57:24 +01:00
Erik Johnston
75d8f26ac8
Split state groups into a separate data store ( #6296 )
2019-12-20 10:48:24 +00:00
Richard van der Hoff
b95b762560
Add an export_signing_key script ( #6546 )
...
I want to do some key rotation, and it is silly that we don't have a way to do
this.
2019-12-19 11:11:14 +00:00
Erik Johnston
2284eb3a53
Add database config class ( #6513 )
...
This encapsulates config for a given database and is the way to get new
connections.
2019-12-18 10:45:12 +00:00
Will Hunt
bfb95654c9
Add option to allow profile queries without sharing a room ( #6523 )
2019-12-16 16:11:55 +00:00
Erik Johnston
495005360c
Bump version of mypy
2019-12-12 15:21:12 +00:00
Andrew Morgan
4947de5a14
Allow SAML username provider plugins ( #6411 )
2019-12-10 17:30:16 +00:00
Neil Johnson
cb0aeb147e
privacy by default for room dir ( #6355 )
...
Ensure that the the default settings for the room directory are that the it is hidden from public view by default.
2019-12-04 09:46:16 +00:00
Brendan Abolivier
54dd5dc12b
Add ephemeral messages support (MSC2228) ( #6409 )
...
Implement part [MSC2228](https://github.com/matrix-org/matrix-doc/pull/2228 ). The parts that differ are:
* the feature is hidden behind a configuration flag (`enable_ephemeral_messages`)
* self-destruction doesn't happen for state events
* only implement support for the `m.self_destruct_after` field (not the `m.self_destruct` one)
* doesn't send synthetic redactions to clients because for this specific case we consider the clients to be able to destroy an event themselves, instead we just censor it (by pruning its JSON) in the database
2019-12-03 19:19:45 +00:00
Richard van der Hoff
c48ea98007
Clarifications for the email configuration settings. ( #6423 )
...
Cf #6422
2019-11-28 09:29:18 +00:00
Brendan Abolivier
d31f69afa0
Merge pull request #6358 from matrix-org/babolivier/message_retention
...
Implement message retention policies (MSC1763)
2019-11-27 15:04:38 +00:00
Andrew Morgan
ce578031f4
Remove assertion and provide a clear warning on startup for missing public_baseurl ( #6379 )
2019-11-26 18:42:27 +00:00
Brendan Abolivier
9e937c28ee
Merge branch 'develop' into babolivier/message_retention
2019-11-26 17:53:57 +00:00
Andrew Morgan
3916e1b97a
Clean up newline quote marks around the codebase ( #6362 )
2019-11-21 12:00:14 +00:00
Brendan Abolivier
97b863fe32
Lint again
2019-11-19 13:33:58 +00:00
Brendan Abolivier
bf9a11c54d
Lint again
2019-11-19 13:30:04 +00:00
Brendan Abolivier
7c24d0f443
Lint
2019-11-19 13:22:37 +00:00
Andrew Morgan
473acedcdd
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/homeserver_copy
...
* 'develop' of github.com:matrix-org/synapse:
Blacklist PurgeRoomTestCase (#6361 )
Set room version default to 5
2019-11-14 10:26:27 +00:00
Brendan Abolivier
a42567e4a8
Merge pull request #6220 from matrix-org/neilj/set_room_version_default_to_5
...
Set room version default to 5
2019-11-14 10:21:00 +00:00
Andrew Morgan
73d091be48
A couple more instances
2019-11-12 13:12:25 +00:00
Andrew Morgan
bc29a19731
Replace instance variations of homeserver with correct case/spacing
2019-11-12 13:08:12 +00:00
Brendan Abolivier
09957ce0e4
Implement per-room message retention policies
2019-11-04 17:09:22 +00:00
Andrew Morgan
fe1f2b4520
Remove last usages of deprecated logging.warn method ( #6314 )
2019-11-01 12:03:44 +00:00
Andrew Morgan
54fef094b3
Remove usage of deprecated logger.warn method from codebase ( #6271 )
...
Replace every instance of `logger.warn` with `logger.warning` as the former is deprecated.
2019-10-31 10:23:24 +00:00
Andrew Morgan
46c12918ad
Fix typo in domain name in account_threepid_delegates config option ( #6273 )
2019-10-30 11:07:42 +00:00
Neil Johnson
2794b79052
Option to suppress resource exceeded alerting ( #6173 )
...
The expected use case is to suppress MAU limiting on small instances
2019-10-24 11:48:46 +01:00