Commit Graph

103 Commits

Author SHA1 Message Date
Hugh Nimmo-Smith
d1693f0362
Implement stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session (#15388)
Implements stable support for MSC3882; this involves updating Synapse's support to
match the MSC / the spec says.

Continue to support the unstable version to allow clients to transition.
2023-06-01 08:52:51 -04:00
Jason Little
c835befd10
Add Unix socket support for Redis connections (#15644)
Adds a new configuration setting to connect to Redis via a Unix
socket instead of over TCP. Disabled by default.
2023-05-26 15:28:39 -04:00
Roel ter Maat
2611433b70
Add redis SSL configuration options (#15312)
* Add SSL options to redis config

* fix lint issues

* Add documentation and changelog file

* add missing . at the end of the changelog

* Move client context factory to new file

* Rename ssl to tls and fix typo

* fix lint issues

* Added when redis attributes were added
2023-05-11 13:02:51 +01:00
Jason Little
e4f545c452
Remove worker_replication_* settings (#15491)
* Add master to the instance_map as part of Complement, have ReplicationEndpoint look at instance_map for master.

* Fix typo in drive by.

* Remove unnecessary worker_replication_* bits from unit tests and add master to instance_map(hopefully in the right place)

* Several updates:

1. Switch from master to main for naming the main process in the instance_map. Add useful constants for easier adjustment of names in the future.
2. Add backwards compatibility for worker_replication_* to allow time to transition to new style. Make sure to prioritize declaring main directly on the instance_map.
3. Clean up old comments/commented out code.
4. Adjust unit tests to match with new code.
5. Adjust Complement setup infrastructure to only add main to the instance_map if workers are used and remove now unused options from the worker.yaml template.

* Initial Docs upload

* Changelog

* Missed some commented out code that can go now

* Remove TODO comment that no longer holds true.

* Fix links in docs

* More docs

* Remove debug logging

* Apply suggestions from code review

Co-authored-by: reivilibre <olivier@librepush.net>

* Apply suggestions from code review

Co-authored-by: reivilibre <olivier@librepush.net>

* Update version to latest, include completeish before/after examples in upgrade notes.

* Fix up and docs too

---------

Co-authored-by: reivilibre <olivier@librepush.net>
2023-05-11 11:30:56 +01:00
Travis Ralston
ab4535b608
Add config option to prevent media downloads from listed domains. (#15197)
This stops media (and thumbnails) from being accessed from the
listed domains. It does not delete any already locally cached media,
but will prevent accessing it.

Note that admin APIs are unaffected by this change.
2023-05-09 14:08:51 -04:00
Sean Quah
04e79e6a18
Add config option to forget rooms automatically when users leave them (#15224)
This is largely based off the stats and user directory updater code.

Signed-off-by: Sean Quah <seanq@matrix.org>
2023-05-03 12:27:33 +01:00
Erik Johnston
4de271a7fc
Allow adding random delay to push (#15516)
This is to discourage timing based profiling on the push gateways.
2023-05-02 16:45:44 +00:00
Andrew Morgan
929797d939
Add a note to the config documentation that the 'delete_stale_devices_after' job always runs on the main process (#15452) 2023-04-17 18:16:02 -06:00
Warren Bailey
a3bad89d57
Add the ability to enable/disable registrations when in the OIDC flow (#14978)
Signed-off-by: Warren Bailey <warren@warrenbailey.net>
2023-03-30 11:09:41 +00:00
Jayesh Nirve
d0541e36c0
doc: fix account login requests ratelimit defaults typo (#15341)
* doc: fix account login requests ratelimit defaults typo

Signed-off-by: td <nirvejayesh@gmail.com>

* chore: changelog.d file

---------

Signed-off-by: td <nirvejayesh@gmail.com>
2023-03-29 10:01:23 +01:00
Evan Krall
1cd4fbc51d
Correct documentation about registration_shared_secret_path (#15168)
* Correct documentation about registration_shared_secret_path

* Create 15168.doc

* Update changelog.d/15168.doc

---------

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
2023-02-28 11:09:31 +00:00
Centzilius
1a1738eca2
Fix typo in federation_verify_certificates in config documentation. (#15139) 2023-02-23 13:25:56 -05:00
Patrick Cloke
4ed08ff72e
Tighten the default rate limit of creating new devices. (#15135) 2023-02-22 14:37:18 -05:00
saddfox
d1efc47925
Fix a mistake in registration_shared_secret_path docs (#15078)
* fix a typo in registration_shared_secret_path docs
Signed-off-by: Filip Rutar <filip.rutar@gmail.com>

* changelog
2023-02-15 19:51:58 +00:00
999lakhisidhu
27a3a72a50
Support for selecting the Redis logical database. (#15034)
Note that this is only used for key-value store (cached values)
and not for the pub/sub replication used by Synapse.
2023-02-15 07:39:31 -05:00
Catalan Lover
e8f2bf5c40
Change default room version to 10. Implements MSC3904 (#14111)
* Change Documentation to have v10 as default room version

* Change Default Room version to 10

* Add changelog entry for default room version swap

* Add changelog entry for v10 default room version in docs

* Clarify doc changelog entry

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>

* Improve Documentation changes.

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>

* Update Changelog entry to have correct format

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>

* Update Spec Version to 1.5

* Only need 1 changelog.

* Fix test.

* Update "Changed in" line

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Patrick Cloke <patrickc@matrix.org>
2023-01-18 18:59:48 +00:00
Tejaswini Gurram
1416096527
Update misleading documentation user_directory.search_all_users (#14818)
Fixes #13852
2023-01-13 14:46:21 +00:00
Dirk Klimpel
1caf16a450
Add worker_manhole to configuration manual (#14824)
Closes: #13643
2023-01-13 14:14:39 +00:00
Dirk Klimpel
73f097888e
Add listener health (#14747)
Fixes: #8780
2023-01-11 12:00:38 +00:00
Dirk Klimpel
bc7ca704dd
Add tag to listeners documentation (#14803)
* Add `tag` to `listeners` documentation

* newsfile
2023-01-11 10:47:44 +00:00
Dirk Klimpel
3479599387
Add missing worker settings to shared configuration (#14748)
* Add missing worker settings to shared configuration

* newsfile

* update docs after review

* more update for doc

* This -> These

Co-authored-by: David Robertson <david.m.robertson1@gmail.com>
2023-01-09 18:35:19 +00:00
reivilibre
4eb2f4e02b
Fix broken links in the Synapse documentation. (#14744)
* Fix stale external links

* Fix some internal links

* Fix URLs without trailing / where needed

* Fix more links

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

* Reapply docs/openid.md fix after conflict

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-01-05 18:18:00 +00:00
Patrick Cloke
630d0aeaf6
Support RFC7636 PKCE in the OAuth 2.0 flow. (#14750)
PKCE can protect against certain attacks and is enabled by default. Support
can be controlled manually by setting the pkce_method of each oidc_providers
entry to 'auto' (default), 'always', or 'never'.

This is required by Twitter OAuth 2.0 support.
2023-01-04 14:58:08 -05:00
Patrick Cloke
906dfaa2cf
Support non-OpenID compliant user info endpoints (#14753)
OpenID specifies the format of the user info endpoint and some
OAuth 2.0 IdPs do not follow it, e.g. NextCloud and Twitter.

This adds subject_template and picture_template options to the
default mapping provider for more flexibility in matching those user
info responses.
2023-01-04 08:26:10 -05:00
Dirk Klimpel
2fb4071c1f
Move email to Server section in config file documentation (#14730)
* Move `email` to server in config file documentation

* changelog
2022-12-28 12:17:51 +00:00
Jeremy Kescher
046320b9b6
Fix missing word in autotune sub-option description (#14674)
Fix `target_memory_usage` being used in the description for the actual `cache_autotune` sub-option `target_cache_memory_usage`.

Signed-off-by: Jeremy Kescher <jeremy@kescher.at>

Signed-off-by: Jeremy Kescher <jeremy@kescher.at>
2022-12-14 20:03:13 -08:00
David Robertson
e2a1adbf5d
Allow selecting "prejoin" events by state keys (#14642)
* Declare new config

* Parse new config

* Read new config

* Don't use trial/our TestCase where it's not needed

Before:

```
$ time trial tests/events/test_utils.py > /dev/null

real	0m2.277s
user	0m2.186s
sys	0m0.083s
```

After:
```
$ time trial tests/events/test_utils.py > /dev/null

real	0m0.566s
user	0m0.508s
sys	0m0.056s
```

* Helper to upsert to event fields

without exceeding size limits.

* Use helper when adding invite/knock state

Now that we allow admins to include events in prejoin room state with
arbitrary state keys, be a good Matrix citizen and ensure they don't
accidentally create an oversized event.

* Changelog

* Move StateFilter tests

should have done this in #14668

* Add extra methods to StateFilter

* Use StateFilter

* Ensure test file enforces typed defs; alphabetise

* Workaround surprising get_current_state_ids

* Whoops, fix mypy
2022-12-13 00:54:46 +00:00
Will Hunt
e1779bc69f
Fix push.enabled config documentation (#14619)
* Fix push.enabled config documentation

* Create 14619.doc

* Update 14619.doc
2022-12-05 12:47:45 +00:00
realtyem
6acb6d772a
Update worker docs to update preferred settings for pusher and federation_sender (#14493)
* Fix one typo on line 3700(and apparently do something to other lines, no idea)

* Update config_documentation.md with more information about how federation_senders and pushers settings can be handled.

Specifically, that the instance map style of config does not require the special other variables that enable and disable functionality and that a single worker CAN be added to the map not only just two or more.

* Extra line here for consistency and appearance.

* Add link to sygnal repo.

* Add deprecation notice to workers.md and point to the newer alternative method of defining this functionality.

* Changelog

* Correct version number of Synapse the deprecation is happening in.

* Update quiet deprecation with simple notice and suggestion.
2022-12-02 11:38:01 +00:00
Will Hunt
71f3e53ad0
Add push.enabled option to disable push notification calculation (#14551)
* Add initial option

* changelog

* Some more linting
2022-12-01 13:46:24 +00:00
Ashish Kumar
09de2aecb0
Add support for handling avatar with SSO login (#13917)
This commit adds support for handling a provided avatar picture URL
when logging in via SSO.

Signed-off-by: Ashish Kumar <ashfame@users.noreply.github.com>

Fixes #9357.
2022-11-25 15:16:50 +00:00
reivilibre
9af2be192a
Remove legacy Prometheus metrics names. They were deprecated in Synapse v1.69.0 and disabled by default in Synapse v1.71.0. (#14538) 2022-11-24 09:09:17 +00:00
Tuomas Ojamies
b5ab2c428a
Support using SSL on worker endpoints. (#14128)
* Fix missing SSL support in worker endpoints.

* Add changelog

* SSL for Replication endpoint

* Remove unit test change

* Refactor listener creation to reduce duplicated code

* Fix the logger message

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update synapse/app/_base.py

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Add config documentation for new TLS option

Co-authored-by: Tuomas Ojamies <tojamies@palantir.com>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2022-11-15 12:55:00 +00:00
reivilibre
6546308c1e
Disable legacy Prometheus metric names by default. They can still be re-enabled for now, but they will be removed altogether in Synapse 1.73.0. (#14353) 2022-11-02 17:33:45 +00:00
Quentin Gliech
cc3a52b33d
Support OIDC backchannel logouts (#11414)
If configured an OIDC IdP can log a user's session out of
Synapse when they log out of the identity provider.

The IdP sends a request directly to Synapse (and must be
configured with an endpoint) when a user logs out.
2022-10-31 13:07:30 -04:00
Dirk Klimpel
44f0d573cf
Add docs for an empty trusted_key_servers config option (#13999)
* Add docs for an empty `trusted_key_servers` config option

* small rewording

* Tweak changelog
2022-10-28 13:55:03 +01:00
Dirk Klimpel
1357ae869f
Add workers settings to configuration manual (#14086)
* Add workers settings to configuration manual
* Update `pusher_instances`
* update url to python logger
* update headlines
* update links after headline change
* remove link from `daemon process`

There is no docs in Synapse for this

* extend example for `federation_sender_instances` and `pusher_instances`
* more infos about stream writers
* add link to DAG
* update `pusher_instances`
* update `worker_listeners`
* update `stream_writers`
* Update `worker_name`

Co-authored-by: David Robertson <davidr@element.io>
2022-10-27 14:39:47 +01:00
Matthew Hodgson
695a85d1bc
Document encryption_enabled_by_default_for_room_type under the right name (#14110)
* document encryption_enabled_by_default_for_room_type under the right name

* add changelog

* Update changelog.d/14110.doc
2022-10-19 20:17:37 +01:00
David Robertson
cd01a1d3b5
Fix dead link to admin registration API (#14189)
* Fix dead link to admin registration API

* Changelog
2022-10-17 12:10:01 +01:00
Andrew Morgan
e580f03e02
Fix name of "alias_creation_rules" option in config manual (#14124) 2022-10-10 20:01:05 +00:00
David Robertson
0c853e0970
Fix broken links to README (#14093) 2022-10-06 22:49:51 +00:00
Akshit Tyagi
1613857b90
Linkify config documentation. (#14003) 2022-10-04 09:03:31 +00:00
reivilibre
b381701f8c
Announce that legacy metric names are deprecated, will be turned off by default in Synapse v1.71.0 and removed altogether in Synapse v1.73.0. (#14024) 2022-10-03 17:16:15 +00:00
Andrew Morgan
25c0e69392
Document that the 'auto_join_rooms' option works with Spaces (#13931) 2022-09-28 14:13:19 +00:00
Eric Eastwood
5093cbf88d
Be able to correlate timeouts in reverse-proxy layer in front of Synapse (pull request ID from header) (#13801)
Fix https://github.com/matrix-org/synapse/issues/13685

New config:

```diff
  listeners:
    - port: 8008
      tls: false
      type: http
      x_forwarded: true
+     request_id_header: "cf-ray"
      bind_addresses: ['::1', '127.0.0.1', '0.0.0.0']
```
2022-09-15 15:32:25 -05:00
Brendan Abolivier
7571337445
Fix typo in ratelimiting documentation (#13727) 2022-09-12 14:11:18 +01:00
David Robertson
c46fecd1f2
Correct out-of-date doc for event_cache_size (#13726) 2022-09-07 14:46:11 +01:00
Patrick Cloke
32fc3b7ba4
Remove configuration options for direct TCP replication. (#13647)
Removes the ability to configure legacy direct TCP replication. Workers now require Redis to run.
2022-09-06 07:50:02 +00:00
Dirk Klimpel
044900af6c
Fix two typos with colon in headlines (#13665) 2022-09-01 20:38:37 +00:00
Will Hunt
c913e440c0
Add monthly active users documentation (#13617)
* Add monthly active users documentation

* changelog

* Tidy up notes

* more tidyup

* Rewrite #1

* link back to mau docs

* fix links

* s/appservice|AS/application service

* further review

* a newline

* Remove bit about shadow banned users.

I think talking about them is confusing, and the current text doesn't imply they get any special treatment.

* Update docs/usage/administration/monthly_active_users.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

* Update docs/usage/administration/monthly_active_users.md

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
2022-09-01 14:48:43 +00:00