mirror of
https://mau.dev/maunium/synapse.git
synced 2024-10-01 01:36:05 -04:00
Merge branch 'develop' into rav/saml_mapping_work
This commit is contained in:
commit
b65327ff66
@ -6,6 +6,7 @@ services:
|
|||||||
image: postgres:9.5
|
image: postgres:9.5
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.5
|
image: python:3.5
|
||||||
@ -16,6 +17,6 @@ services:
|
|||||||
SYNAPSE_POSTGRES_HOST: postgres
|
SYNAPSE_POSTGRES_HOST: postgres
|
||||||
SYNAPSE_POSTGRES_USER: postgres
|
SYNAPSE_POSTGRES_USER: postgres
|
||||||
SYNAPSE_POSTGRES_PASSWORD: postgres
|
SYNAPSE_POSTGRES_PASSWORD: postgres
|
||||||
working_dir: /app
|
working_dir: /src
|
||||||
volumes:
|
volumes:
|
||||||
- ..:/app
|
- ..:/src
|
||||||
|
@ -6,6 +6,7 @@ services:
|
|||||||
image: postgres:11
|
image: postgres:11
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.7
|
image: python:3.7
|
||||||
@ -16,6 +17,6 @@ services:
|
|||||||
SYNAPSE_POSTGRES_HOST: postgres
|
SYNAPSE_POSTGRES_HOST: postgres
|
||||||
SYNAPSE_POSTGRES_USER: postgres
|
SYNAPSE_POSTGRES_USER: postgres
|
||||||
SYNAPSE_POSTGRES_PASSWORD: postgres
|
SYNAPSE_POSTGRES_PASSWORD: postgres
|
||||||
working_dir: /app
|
working_dir: /src
|
||||||
volumes:
|
volumes:
|
||||||
- ..:/app
|
- ..:/src
|
||||||
|
@ -6,6 +6,7 @@ services:
|
|||||||
image: postgres:9.5
|
image: postgres:9.5
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: postgres
|
POSTGRES_PASSWORD: postgres
|
||||||
|
command: -c fsync=off
|
||||||
|
|
||||||
testenv:
|
testenv:
|
||||||
image: python:3.7
|
image: python:3.7
|
||||||
@ -16,6 +17,6 @@ services:
|
|||||||
SYNAPSE_POSTGRES_HOST: postgres
|
SYNAPSE_POSTGRES_HOST: postgres
|
||||||
SYNAPSE_POSTGRES_USER: postgres
|
SYNAPSE_POSTGRES_USER: postgres
|
||||||
SYNAPSE_POSTGRES_PASSWORD: postgres
|
SYNAPSE_POSTGRES_PASSWORD: postgres
|
||||||
working_dir: /app
|
working_dir: /src
|
||||||
volumes:
|
volumes:
|
||||||
- ..:/app
|
- ..:/src
|
||||||
|
@ -1,3 +1,18 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Copyright 2019 The Matrix.org Foundation C.I.C.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
from tap.parser import Parser
|
from tap.parser import Parser
|
||||||
from tap.line import Result, Unknown, Diagnostic
|
from tap.line import Result, Unknown, Diagnostic
|
||||||
|
@ -27,7 +27,7 @@ git config --global user.name "A robot"
|
|||||||
|
|
||||||
# Fetch and merge. If it doesn't work, it will raise due to set -e.
|
# Fetch and merge. If it doesn't work, it will raise due to set -e.
|
||||||
git fetch -u origin $GITBASE
|
git fetch -u origin $GITBASE
|
||||||
git merge --no-edit origin/$GITBASE
|
git merge --no-edit --no-commit origin/$GITBASE
|
||||||
|
|
||||||
# Show what we are after.
|
# Show what we are after.
|
||||||
git --no-pager show -s
|
git --no-pager show -s
|
||||||
|
@ -1,240 +0,0 @@
|
|||||||
env:
|
|
||||||
CODECOV_TOKEN: "2dd7eb9b-0eda-45fe-a47c-9b5ac040045f"
|
|
||||||
|
|
||||||
steps:
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e check_codestyle"
|
|
||||||
label: "\U0001F9F9 Check Style"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e packaging"
|
|
||||||
label: "\U0001F9F9 packaging"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e check_isort"
|
|
||||||
label: "\U0001F9F9 isort"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "scripts-dev/check-newsfragment"
|
|
||||||
label: ":newspaper: Newsfile"
|
|
||||||
branches: "!master !develop !release-*"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
propagate-environment: true
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e check-sampleconfig"
|
|
||||||
label: "\U0001F9F9 check-sample-config"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
|
|
||||||
- wait
|
|
||||||
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "apt-get update && apt-get install -y python3.5 python3.5-dev python3-pip libxml2-dev libxslt-dev zlib1g-dev"
|
|
||||||
- "python3.5 -m pip install tox"
|
|
||||||
- "tox -e py35-old,codecov"
|
|
||||||
label: ":python: 3.5 / SQLite / Old Deps"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 2"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "ubuntu:xenial" # We use xenail to get an old sqlite and python
|
|
||||||
propagate-environment: true
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e py35,codecov"
|
|
||||||
label: ":python: 3.5 / SQLite"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 2"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.5"
|
|
||||||
propagate-environment: true
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e py36,codecov"
|
|
||||||
label: ":python: 3.6 / SQLite"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 2"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.6"
|
|
||||||
propagate-environment: true
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- command:
|
|
||||||
- "python -m pip install tox"
|
|
||||||
- "tox -e py37,codecov"
|
|
||||||
label: ":python: 3.7 / SQLite"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 2"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "python:3.7"
|
|
||||||
propagate-environment: true
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- label: ":python: 3.5 / :postgres: 9.5"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 8"
|
|
||||||
command:
|
|
||||||
- "bash -c 'python -m pip install tox && python -m tox -e py35-postgres,codecov'"
|
|
||||||
plugins:
|
|
||||||
- docker-compose#v2.1.0:
|
|
||||||
run: testenv
|
|
||||||
config:
|
|
||||||
- .buildkite/docker-compose.py35.pg95.yaml
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- label: ":python: 3.7 / :postgres: 9.5"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 8"
|
|
||||||
command:
|
|
||||||
- "bash -c 'python -m pip install tox && python -m tox -e py37-postgres,codecov'"
|
|
||||||
plugins:
|
|
||||||
- docker-compose#v2.1.0:
|
|
||||||
run: testenv
|
|
||||||
config:
|
|
||||||
- .buildkite/docker-compose.py37.pg95.yaml
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- label: ":python: 3.7 / :postgres: 11"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
env:
|
|
||||||
TRIAL_FLAGS: "-j 8"
|
|
||||||
command:
|
|
||||||
- "bash -c 'python -m pip install tox && python -m tox -e py37-postgres,codecov'"
|
|
||||||
plugins:
|
|
||||||
- docker-compose#v2.1.0:
|
|
||||||
run: testenv
|
|
||||||
config:
|
|
||||||
- .buildkite/docker-compose.py37.pg11.yaml
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
|
|
||||||
- label: "SyTest - :python: 3.5 / SQLite / Monolith"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
command:
|
|
||||||
- "bash .buildkite/merge_base_branch.sh"
|
|
||||||
- "bash /synapse_sytest.sh"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "matrixdotorg/sytest-synapse:py35"
|
|
||||||
propagate-environment: true
|
|
||||||
always-pull: true
|
|
||||||
workdir: "/src"
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- label: "SyTest - :python: 3.5 / :postgres: 9.6 / Monolith"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
env:
|
|
||||||
POSTGRES: "1"
|
|
||||||
command:
|
|
||||||
- "bash .buildkite/merge_base_branch.sh"
|
|
||||||
- "bash /synapse_sytest.sh"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "matrixdotorg/sytest-synapse:py35"
|
|
||||||
propagate-environment: true
|
|
||||||
always-pull: true
|
|
||||||
workdir: "/src"
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
||||||
|
|
||||||
- label: "SyTest - :python: 3.5 / :postgres: 9.6 / Workers"
|
|
||||||
agents:
|
|
||||||
queue: "medium"
|
|
||||||
env:
|
|
||||||
POSTGRES: "1"
|
|
||||||
WORKERS: "1"
|
|
||||||
BLACKLIST: "synapse-blacklist-with-workers"
|
|
||||||
command:
|
|
||||||
- "bash .buildkite/merge_base_branch.sh"
|
|
||||||
- "bash -c 'cat /src/sytest-blacklist /src/.buildkite/worker-blacklist > /src/synapse-blacklist-with-workers'"
|
|
||||||
- "bash /synapse_sytest.sh"
|
|
||||||
plugins:
|
|
||||||
- docker#v3.0.1:
|
|
||||||
image: "matrixdotorg/sytest-synapse:py35"
|
|
||||||
propagate-environment: true
|
|
||||||
always-pull: true
|
|
||||||
workdir: "/src"
|
|
||||||
retry:
|
|
||||||
automatic:
|
|
||||||
- exit_status: -1
|
|
||||||
limit: 2
|
|
||||||
- exit_status: 2
|
|
||||||
limit: 2
|
|
@ -1,7 +1,8 @@
|
|||||||
[run]
|
[run]
|
||||||
branch = True
|
branch = True
|
||||||
parallel = True
|
parallel = True
|
||||||
include = synapse/*
|
include=$TOP/synapse/*
|
||||||
|
data_file = $TOP/.coverage
|
||||||
|
|
||||||
[report]
|
[report]
|
||||||
precision = 2
|
precision = 2
|
||||||
|
5
.gitignore
vendored
5
.gitignore
vendored
@ -20,6 +20,7 @@ _trial_temp*/
|
|||||||
/*.signing.key
|
/*.signing.key
|
||||||
/env/
|
/env/
|
||||||
/homeserver*.yaml
|
/homeserver*.yaml
|
||||||
|
/logs
|
||||||
/media_store/
|
/media_store/
|
||||||
/uploads
|
/uploads
|
||||||
|
|
||||||
@ -29,8 +30,9 @@ _trial_temp*/
|
|||||||
/.vscode/
|
/.vscode/
|
||||||
|
|
||||||
# build products
|
# build products
|
||||||
/.coverage*
|
|
||||||
!/.coveragerc
|
!/.coveragerc
|
||||||
|
/.coverage*
|
||||||
|
/.mypy_cache/
|
||||||
/.tox
|
/.tox
|
||||||
/build/
|
/build/
|
||||||
/coverage.*
|
/coverage.*
|
||||||
@ -38,4 +40,3 @@ _trial_temp*/
|
|||||||
/docs/build/
|
/docs/build/
|
||||||
/htmlcov
|
/htmlcov
|
||||||
/pip-wheel-metadata/
|
/pip-wheel-metadata/
|
||||||
|
|
||||||
|
@ -56,7 +56,7 @@ Code style
|
|||||||
|
|
||||||
All Matrix projects have a well-defined code-style - and sometimes we've even
|
All Matrix projects have a well-defined code-style - and sometimes we've even
|
||||||
got as far as documenting it... For instance, synapse's code style doc lives
|
got as far as documenting it... For instance, synapse's code style doc lives
|
||||||
at https://github.com/matrix-org/synapse/tree/master/docs/code_style.rst.
|
at https://github.com/matrix-org/synapse/tree/master/docs/code_style.md.
|
||||||
|
|
||||||
Please ensure your changes match the cosmetic style of the existing project,
|
Please ensure your changes match the cosmetic style of the existing project,
|
||||||
and **never** mix cosmetic and functional changes in the same commit, as it
|
and **never** mix cosmetic and functional changes in the same commit, as it
|
||||||
|
@ -36,7 +36,7 @@ that your email address is probably `user@example.com` rather than
|
|||||||
System requirements:
|
System requirements:
|
||||||
|
|
||||||
- POSIX-compliant system (tested on Linux & OS X)
|
- POSIX-compliant system (tested on Linux & OS X)
|
||||||
- Python 3.5, 3.6, 3.7, or 2.7
|
- Python 3.5, 3.6, or 3.7
|
||||||
- At least 1GB of free RAM if you want to join large public rooms like #matrix:matrix.org
|
- At least 1GB of free RAM if you want to join large public rooms like #matrix:matrix.org
|
||||||
|
|
||||||
Synapse is written in Python but some of the libraries it uses are written in
|
Synapse is written in Python but some of the libraries it uses are written in
|
||||||
@ -373,7 +373,7 @@ is suitable for local testing, but for any practical use, you will either need
|
|||||||
to enable a reverse proxy, or configure Synapse to expose an HTTPS port.
|
to enable a reverse proxy, or configure Synapse to expose an HTTPS port.
|
||||||
|
|
||||||
For information on using a reverse proxy, see
|
For information on using a reverse proxy, see
|
||||||
[docs/reverse_proxy.rst](docs/reverse_proxy.rst).
|
[docs/reverse_proxy.md](docs/reverse_proxy.md).
|
||||||
|
|
||||||
To configure Synapse to expose an HTTPS port, you will need to edit
|
To configure Synapse to expose an HTTPS port, you will need to edit
|
||||||
`homeserver.yaml`, as follows:
|
`homeserver.yaml`, as follows:
|
||||||
@ -421,7 +421,7 @@ If Synapse is not configured with an SMTP server, password reset via email will
|
|||||||
|
|
||||||
The easiest way to create a new user is to do so from a client like [Riot](https://riot.im).
|
The easiest way to create a new user is to do so from a client like [Riot](https://riot.im).
|
||||||
|
|
||||||
Alternatively you can do so from the command line if you have installed via pip.
|
Alternatively you can do so from the command line if you have installed via pip.
|
||||||
|
|
||||||
This can be done as follows:
|
This can be done as follows:
|
||||||
|
|
||||||
@ -446,7 +446,7 @@ on your server even if `enable_registration` is `false`.
|
|||||||
## Setting up a TURN server
|
## Setting up a TURN server
|
||||||
|
|
||||||
For reliable VoIP calls to be routed via this homeserver, you MUST configure
|
For reliable VoIP calls to be routed via this homeserver, you MUST configure
|
||||||
a TURN server. See [docs/turn-howto.rst](docs/turn-howto.rst) for details.
|
a TURN server. See [docs/turn-howto.md](docs/turn-howto.md) for details.
|
||||||
|
|
||||||
## URL previews
|
## URL previews
|
||||||
|
|
||||||
|
12
MANIFEST.in
12
MANIFEST.in
@ -38,14 +38,16 @@ exclude sytest-blacklist
|
|||||||
include pyproject.toml
|
include pyproject.toml
|
||||||
recursive-include changelog.d *
|
recursive-include changelog.d *
|
||||||
|
|
||||||
|
prune .buildkite
|
||||||
|
prune .circleci
|
||||||
|
prune .codecov.yml
|
||||||
|
prune .coveragerc
|
||||||
prune .github
|
prune .github
|
||||||
|
prune debian
|
||||||
prune demo/etc
|
prune demo/etc
|
||||||
prune docker
|
prune docker
|
||||||
prune .circleci
|
prune mypy.ini
|
||||||
prune .coveragerc
|
prune stubs
|
||||||
prune debian
|
|
||||||
prune .codecov.yml
|
|
||||||
prune .buildkite
|
|
||||||
|
|
||||||
exclude jenkins*
|
exclude jenkins*
|
||||||
recursive-exclude jenkins *.sh
|
recursive-exclude jenkins *.sh
|
||||||
|
@ -115,7 +115,7 @@ Registering a new user from a client
|
|||||||
|
|
||||||
By default, registration of new users via Matrix clients is disabled. To enable
|
By default, registration of new users via Matrix clients is disabled. To enable
|
||||||
it, specify ``enable_registration: true`` in ``homeserver.yaml``. (It is then
|
it, specify ``enable_registration: true`` in ``homeserver.yaml``. (It is then
|
||||||
recommended to also set up CAPTCHA - see `<docs/CAPTCHA_SETUP.rst>`_.)
|
recommended to also set up CAPTCHA - see `<docs/CAPTCHA_SETUP.md>`_.)
|
||||||
|
|
||||||
Once ``enable_registration`` is set to ``true``, it is possible to register a
|
Once ``enable_registration`` is set to ``true``, it is possible to register a
|
||||||
user via `riot.im <https://riot.im/app/#/register>`_ or other Matrix clients.
|
user via `riot.im <https://riot.im/app/#/register>`_ or other Matrix clients.
|
||||||
@ -186,7 +186,7 @@ Almost all installations should opt to use PostreSQL. Advantages include:
|
|||||||
synapse itself.
|
synapse itself.
|
||||||
|
|
||||||
For information on how to install and use PostgreSQL, please see
|
For information on how to install and use PostgreSQL, please see
|
||||||
`docs/postgres.rst <docs/postgres.rst>`_.
|
`docs/postgres.md <docs/postgres.md>`_.
|
||||||
|
|
||||||
.. _reverse-proxy:
|
.. _reverse-proxy:
|
||||||
|
|
||||||
@ -201,7 +201,7 @@ It is recommended to put a reverse proxy such as
|
|||||||
doing so is that it means that you can expose the default https port (443) to
|
doing so is that it means that you can expose the default https port (443) to
|
||||||
Matrix clients without needing to run Synapse with root privileges.
|
Matrix clients without needing to run Synapse with root privileges.
|
||||||
|
|
||||||
For information on configuring one, see `<docs/reverse_proxy.rst>`_.
|
For information on configuring one, see `<docs/reverse_proxy.md>`_.
|
||||||
|
|
||||||
Identity Servers
|
Identity Servers
|
||||||
================
|
================
|
||||||
|
65
UPGRADE.rst
65
UPGRADE.rst
@ -49,11 +49,61 @@ returned by the Client-Server API:
|
|||||||
# configured on port 443.
|
# configured on port 443.
|
||||||
curl -kv https://<host.name>/_matrix/client/versions 2>&1 | grep "Server:"
|
curl -kv https://<host.name>/_matrix/client/versions 2>&1 | grep "Server:"
|
||||||
|
|
||||||
|
Upgrading to v1.4.0
|
||||||
|
===================
|
||||||
|
|
||||||
|
Config options
|
||||||
|
--------------
|
||||||
|
|
||||||
|
**Note: Registration by email address or phone number will not work in this release unless
|
||||||
|
some config options are changed from their defaults.**
|
||||||
|
|
||||||
|
This is due to Synapse v1.4.0 now defaulting to sending registration and password reset tokens
|
||||||
|
itself. This is for security reasons as well as putting less reliance on identity servers.
|
||||||
|
However, currently Synapse only supports sending emails, and does not have support for
|
||||||
|
phone-based password reset or account registration. If Synapse is configured to handle these on
|
||||||
|
its own, phone-based password resets and registration will be disabled. For Synapse to send
|
||||||
|
emails, the ``email`` block of the config must be filled out. If not, then password resets and
|
||||||
|
registration via email will be disabled entirely.
|
||||||
|
|
||||||
|
This release also deprecates the ``email.trust_identity_server_for_password_resets`` option and
|
||||||
|
replaces it with the ``account_threepid_delegates`` dictionary. This option defines whether the
|
||||||
|
homeserver should delegate an external server (typically an `identity server
|
||||||
|
<https://matrix.org/docs/spec/identity_service/r0.2.1>`_) to handle sending password reset or
|
||||||
|
registration messages via email and SMS.
|
||||||
|
|
||||||
|
If ``email.trust_identity_server_for_password_resets`` is set to ``true``, and
|
||||||
|
``account_threepid_delegates.email`` is not set, then the first entry in
|
||||||
|
``trusted_third_party_id_servers`` will be used as the account threepid delegate for email.
|
||||||
|
This is to ensure compatibility with existing Synapse installs that set up external server
|
||||||
|
handling for these tasks before v1.4.0. If ``email.trust_identity_server_for_password_resets``
|
||||||
|
is ``true`` and no trusted identity server domains are configured, Synapse will throw an error.
|
||||||
|
|
||||||
|
If ``email.trust_identity_server_for_password_resets`` is ``false`` or absent and a threepid
|
||||||
|
type in ``account_threepid_delegates`` is not set to a domain, then Synapse will attempt to
|
||||||
|
send password reset and registration messages for that type.
|
||||||
|
|
||||||
|
Email templates
|
||||||
|
---------------
|
||||||
|
|
||||||
|
If you have configured a custom template directory with the ``email.template_dir`` option, be
|
||||||
|
aware that there are new templates regarding registration. ``registration.html`` and
|
||||||
|
``registration.txt`` have been added and contain the content that is sent to a client upon
|
||||||
|
registering via an email address.
|
||||||
|
|
||||||
|
``registration_success.html`` and ``registration_failure.html`` are also new HTML templates
|
||||||
|
that will be shown to the user when they click the link in their registration emai , either
|
||||||
|
showing them a success or failure page (assuming a redirect URL is not configured).
|
||||||
|
|
||||||
|
Synapse will expect these files to exist inside the configured template directory. To view the
|
||||||
|
default templates, see `synapse/res/templates
|
||||||
|
<https://github.com/matrix-org/synapse/tree/master/synapse/res/templates>`_.
|
||||||
|
|
||||||
Upgrading to v1.2.0
|
Upgrading to v1.2.0
|
||||||
===================
|
===================
|
||||||
|
|
||||||
Some counter metrics have been renamed, with the old names deprecated. See
|
Some counter metrics have been renamed, with the old names deprecated. See
|
||||||
`the metrics documentation <docs/metrics-howto.rst#renaming-of-metrics--deprecation-of-old-names-in-12>`_
|
`the metrics documentation <docs/metrics-howto.md#renaming-of-metrics--deprecation-of-old-names-in-12>`_
|
||||||
for details.
|
for details.
|
||||||
|
|
||||||
Upgrading to v1.1.0
|
Upgrading to v1.1.0
|
||||||
@ -132,6 +182,19 @@ server for password resets, set ``trust_identity_server_for_password_resets`` to
|
|||||||
See the `sample configuration file <docs/sample_config.yaml>`_
|
See the `sample configuration file <docs/sample_config.yaml>`_
|
||||||
for more details on these settings.
|
for more details on these settings.
|
||||||
|
|
||||||
|
New email templates
|
||||||
|
---------------
|
||||||
|
Some new templates have been added to the default template directory for the purpose of the
|
||||||
|
homeserver sending its own password reset emails. If you have configured a custom
|
||||||
|
``template_dir`` in your Synapse config, these files will need to be added.
|
||||||
|
|
||||||
|
``password_reset.html`` and ``password_reset.txt`` are HTML and plain text templates
|
||||||
|
respectively that contain the contents of what will be emailed to the user upon attempting to
|
||||||
|
reset their password via email. ``password_reset_success.html`` and
|
||||||
|
``password_reset_failure.html`` are HTML files that the content of which (assuming no redirect
|
||||||
|
URL is set) will be shown to the user after they attempt to click the link in the email sent
|
||||||
|
to them.
|
||||||
|
|
||||||
Upgrading to v0.99.0
|
Upgrading to v0.99.0
|
||||||
====================
|
====================
|
||||||
|
|
||||||
|
1
changelog.d/5633.bugfix
Normal file
1
changelog.d/5633.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Don't create broken room when power_level_content_override.users does not contain creator_id.
|
1
changelog.d/5680.misc
Normal file
1
changelog.d/5680.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Lay the groundwork for structured logging output.
|
1
changelog.d/5771.feature
Normal file
1
changelog.d/5771.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Make Opentracing work in worker mode.
|
1
changelog.d/5776.misc
Normal file
1
changelog.d/5776.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Update opentracing docs to use the unified `trace` method.
|
1
changelog.d/5835.feature
Normal file
1
changelog.d/5835.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
1
changelog.d/5844.misc
Normal file
1
changelog.d/5844.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Retry well-known lookup before the cache expires, giving a grace period where the remote well-known can be down but we still use the old result.
|
1
changelog.d/5845.feature
Normal file
1
changelog.d/5845.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add an admin API to purge old rooms from the database.
|
1
changelog.d/5849.doc
Normal file
1
changelog.d/5849.doc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Convert documentation to markdown (from rst)
|
1
changelog.d/5850.feature
Normal file
1
changelog.d/5850.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add retry to well-known lookups if we have recently seen a valid well-known record for the server.
|
1
changelog.d/5852.feature
Normal file
1
changelog.d/5852.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Pass opentracing contexts between servers when transmitting EDUs.
|
1
changelog.d/5853.feature
Normal file
1
changelog.d/5853.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Opentracing for device list updates.
|
1
changelog.d/5855.misc
Normal file
1
changelog.d/5855.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Opentracing for room and e2e keys.
|
1
changelog.d/5856.feature
Normal file
1
changelog.d/5856.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add a tag recording a request's authenticated entity and corresponding servlet in opentracing.
|
1
changelog.d/5857.bugfix
Normal file
1
changelog.d/5857.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix database index so that different backup versions can have the same sessions.
|
1
changelog.d/5859.feature
Normal file
1
changelog.d/5859.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add unstable support for MSC2197 (filtered search requests over federation), in order to allow upcoming room directory query performance improvements.
|
1
changelog.d/5860.misc
Normal file
1
changelog.d/5860.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove log line for debugging issue #5407.
|
1
changelog.d/5863.bugfix
Normal file
1
changelog.d/5863.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix Synapse looking for config options `password_reset_failure_template` and `password_reset_success_template`, when they are actually `password_reset_template_failure_html`, `password_reset_template_success_html`.
|
1
changelog.d/5864.feature
Normal file
1
changelog.d/5864.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Correctly retry all hosts returned from SRV when we fail to connect.
|
1
changelog.d/5868.feature
Normal file
1
changelog.d/5868.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add `m.require_identity_server` key to `/versions`'s `unstable_features` section.
|
1
changelog.d/5875.misc
Normal file
1
changelog.d/5875.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Deprecate the `trusted_third_party_id_servers` option.
|
1
changelog.d/5876.feature
Normal file
1
changelog.d/5876.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Replace `trust_identity_server_for_password_resets` config option with `account_threepid_delegates`.
|
1
changelog.d/5877.removal
Normal file
1
changelog.d/5877.removal
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove shared secret registration from client/r0/register endpoint. Contributed by Awesome Technologies Innovationslabor GmbH.
|
1
changelog.d/5878.feature
Normal file
1
changelog.d/5878.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add admin API endpoint for setting whether or not a user is a server administrator.
|
1
changelog.d/5885.bugfix
Normal file
1
changelog.d/5885.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix stack overflow when recovering an appservice which had an outage.
|
1
changelog.d/5886.misc
Normal file
1
changelog.d/5886.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Refactor the Appservice scheduler code.
|
1
changelog.d/5892.misc
Normal file
1
changelog.d/5892.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Compatibility with v2 Identity Service APIs other than /lookup.
|
1
changelog.d/5893.misc
Normal file
1
changelog.d/5893.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Drop some unused tables.
|
1
changelog.d/5894.misc
Normal file
1
changelog.d/5894.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add missing index on users_in_public_rooms to improve the performance of directory queries.
|
1
changelog.d/5895.feature
Normal file
1
changelog.d/5895.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add config option to sign remote key query responses with a separate key.
|
1
changelog.d/5896.misc
Normal file
1
changelog.d/5896.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Improve the logging when we have an error when fetching signing keys.
|
1
changelog.d/5897.feature
Normal file
1
changelog.d/5897.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Switch to using the v2 Identity Service `/lookup` API where available, with fallback to v1. (Implements [MSC2134](https://github.com/matrix-org/matrix-doc/pull/2134) plus id_access_token authentication for v2 Identity Service APIs from [MSC2140](https://github.com/matrix-org/matrix-doc/pull/2140)).
|
1
changelog.d/5900.feature
Normal file
1
changelog.d/5900.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add support for config templating.
|
1
changelog.d/5902.feature
Normal file
1
changelog.d/5902.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Users with the type of "support" or "bot" are no longer required to consent.
|
1
changelog.d/5904.feature
Normal file
1
changelog.d/5904.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Let synctl accept a directory of config files.
|
1
changelog.d/5906.feature
Normal file
1
changelog.d/5906.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Increase max display name size to 256.
|
1
changelog.d/5909.misc
Normal file
1
changelog.d/5909.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix error message which referred to public_base_url instead of public_baseurl. Thanks to @aaronraimist for the fix!
|
1
changelog.d/5911.misc
Normal file
1
changelog.d/5911.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add support for database engine-specific schema deltas, based on file extension.
|
1
changelog.d/5914.feature
Normal file
1
changelog.d/5914.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add admin API endpoint for getting whether or not a user is a server administrator.
|
1
changelog.d/5915.bugfix
Normal file
1
changelog.d/5915.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix 404 for thumbnail download when `dynamic_thumbnails` is `false` and the thumbnail was dynamically generated. Fix reported by rkfg.
|
1
changelog.d/5920.bugfix
Normal file
1
changelog.d/5920.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix a cache-invalidation bug for worker-based deployments.
|
1
changelog.d/5922.misc
Normal file
1
changelog.d/5922.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Update Buildkite pipeline to use plugins instead of buildkite-agent commands.
|
1
changelog.d/5926.misc
Normal file
1
changelog.d/5926.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add link in sample config to the logging config schema.
|
1
changelog.d/5931.misc
Normal file
1
changelog.d/5931.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove unnecessary parentheses in return statements.
|
1
changelog.d/5934.feature
Normal file
1
changelog.d/5934.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Redact events in the database that have been redacted for a month.
|
1
changelog.d/5938.misc
Normal file
1
changelog.d/5938.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove unused jenkins/prepare_sytest.sh file.
|
1
changelog.d/5940.feature
Normal file
1
changelog.d/5940.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
1
changelog.d/5943.misc
Normal file
1
changelog.d/5943.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Move Buildkite pipeline config to the pipelines repo.
|
1
changelog.d/5953.misc
Normal file
1
changelog.d/5953.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Update INSTALL.md to say that Python 2 is no longer supported.
|
1
changelog.d/5962.misc
Normal file
1
changelog.d/5962.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove unnecessary return statements in the codebase which were the result of a regex run.
|
1
changelog.d/5963.misc
Normal file
1
changelog.d/5963.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove left-over methods from C/S registration API.
|
1
changelog.d/5964.feature
Normal file
1
changelog.d/5964.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove `bind_email` and `bind_msisdn` parameters from /register ala MSC2140.
|
1
changelog.d/5966.bugfix
Normal file
1
changelog.d/5966.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix admin API for listing media in a room not being available with an external media repo.
|
1
changelog.d/5967.bugfix
Normal file
1
changelog.d/5967.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix list media admin API always returning an error.
|
1
changelog.d/5969.feature
Normal file
1
changelog.d/5969.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Replace `trust_identity_server_for_password_resets` config option with `account_threepid_delegates`.
|
1
changelog.d/5970.docker
Normal file
1
changelog.d/5970.docker
Normal file
@ -0,0 +1 @@
|
|||||||
|
Avoid changing UID/GID if they are already correct.
|
1
changelog.d/5971.bugfix
Normal file
1
changelog.d/5971.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix room and user stats tracking.
|
1
changelog.d/5975.misc
Normal file
1
changelog.d/5975.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Cleanup event auth type initialisation.
|
1
changelog.d/5979.feature
Normal file
1
changelog.d/5979.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Use the v2 Identity Service API for 3PID invites.
|
1
changelog.d/5980.feature
Normal file
1
changelog.d/5980.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add POST /_matrix/client/r0/account/3pid/unbind endpoint from MSC2140 for unbinding a 3PID from an identity server without removing it from the homeserver user account.
|
1
changelog.d/5981.feature
Normal file
1
changelog.d/5981.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Setting metrics_flags.known_servers to True in the configuration will publish the synapse_federation_known_servers metric over Prometheus. This represents the total number of servers your server knows about (i.e. is in rooms with), including itself.
|
1
changelog.d/5982.bugfix
Normal file
1
changelog.d/5982.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Include missing opentracing contexts in outbout replication requests.
|
1
changelog.d/5983.feature
Normal file
1
changelog.d/5983.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add minimum opentracing for client servlets.
|
1
changelog.d/5984.bugfix
Normal file
1
changelog.d/5984.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix sending of EDUs when opentracing is enabled with an empty whitelist.
|
1
changelog.d/5985.feature
Normal file
1
changelog.d/5985.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Check at setup that opentracing is installed if it's enabled in the config.
|
1
changelog.d/5986.feature
Normal file
1
changelog.d/5986.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Trace replication send times.
|
1
changelog.d/5988.bugfix
Normal file
1
changelog.d/5988.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix invalid references to None while opentracing if the log context slips.
|
1
changelog.d/5989.misc
Normal file
1
changelog.d/5989.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Clean up dependency checking at setup.
|
1
changelog.d/5991.bugfix
Normal file
1
changelog.d/5991.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix invalid references to None while opentracing if the log context slips.
|
1
changelog.d/5993.feature
Normal file
1
changelog.d/5993.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
1
changelog.d/5994.feature
Normal file
1
changelog.d/5994.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add the ability to send registration emails from the homeserver rather than delegating to an identity server.
|
1
changelog.d/5995.bugfix
Normal file
1
changelog.d/5995.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Return a M_MISSING_PARAM if `sid` is not provided to `/account/3pid`.
|
1
changelog.d/5996.bugfix
Normal file
1
changelog.d/5996.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
federation_certificate_verification_whitelist now will not cause TypeErrors to be raised (a regression in 1.3). Additionally, it now supports internationalised domain names in their non-canonical representation.
|
1
changelog.d/5998.bugfix
Normal file
1
changelog.d/5998.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix room and user stats tracking.
|
1
changelog.d/6003.misc
Normal file
1
changelog.d/6003.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add opentracing span over HTTP push processing.
|
1
changelog.d/6004.bugfix
Normal file
1
changelog.d/6004.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Only count real users when checking for auto-creation of auto-join room.
|
1
changelog.d/6005.feature
Normal file
1
changelog.d/6005.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
The new Prometheus metric `synapse_build_info` exposes the Python version, OS version, and Synapse version of the running server.
|
1
changelog.d/6009.misc
Normal file
1
changelog.d/6009.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Small refactor of function arguments and docstrings in RoomMemberHandler.
|
1
changelog.d/6010.misc
Normal file
1
changelog.d/6010.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Remove unused `origin` argument on FederationHandler.add_display_name_to_third_party_invite.
|
1
changelog.d/6011.feature
Normal file
1
changelog.d/6011.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Use account_threepid_delegate.email and account_threepid_delegate.msisdn for validating threepid sessions.
|
1
changelog.d/6012.feature
Normal file
1
changelog.d/6012.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add report_stats_endpoint option to configure where stats are reported to, if enabled. Contributed by @Sorunome.
|
1
changelog.d/6013.misc
Normal file
1
changelog.d/6013.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Compatibility with v2 Identity Service APIs other than /lookup.
|
1
changelog.d/6015.feature
Normal file
1
changelog.d/6015.feature
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add config option to increase ratelimits for room admins redacting messages.
|
1
changelog.d/6016.misc
Normal file
1
changelog.d/6016.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Add a 'failure_ts' column to the 'destinations' database table.
|
1
changelog.d/6017.misc
Normal file
1
changelog.d/6017.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Clean up some code in the retry logic.
|
1
changelog.d/6020.bugfix
Normal file
1
changelog.d/6020.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Ensure support users can be registered even if MAU limit is reached.
|
1
changelog.d/6023.misc
Normal file
1
changelog.d/6023.misc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix the structured logging tests stomping on the global log configuration for subsequent tests.
|
1
changelog.d/6024.bugfix
Normal file
1
changelog.d/6024.bugfix
Normal file
@ -0,0 +1 @@
|
|||||||
|
Fix bug where login error was shown incorrectly on SSO fallback login.
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user