Richard van der Hoff
1a7104fde3
Blacklist 0.0.0.0 and :: by default for URL previews
2019-05-03 15:35:49 +01:00
Erik Johnston
3677548a82
Use yaml safe_load
2019-03-22 10:20:17 +00:00
Erik Johnston
09f991a63d
Merge pull request #4896 from matrix-org/erikj/disable_room_directory
...
Add option to disable search room lists
2019-03-21 10:16:54 +00:00
Erik Johnston
263f2c9ce1
Merge pull request #4895 from matrix-org/erikj/disable_user_search
...
Add option to disable searching in the user dir
2019-03-20 16:47:15 +00:00
Richard van der Hoff
cdb8036161
Add a config option for torture-testing worker replication. ( #4902 )
...
Setting this to 50 or so makes a bunch of sytests fail in worker mode.
2019-03-20 16:04:35 +00:00
Richard van der Hoff
a902d13180
Batch up outgoing read-receipts to reduce federation traffic. ( #4890 )
...
Rate-limit outgoing read-receipts as per #4730 .
2019-03-20 16:02:25 +00:00
Erik Johnston
cd8c5b91ad
Fix up sample config
2019-03-20 14:35:41 +00:00
Richard van der Hoff
ab20f85c59
Update synapse/config/user_directory.py
...
Co-Authored-By: erikjohnston <erikj@jki.re>
2019-03-20 14:33:11 +00:00
Erik Johnston
926f29ea6d
Fix up config comments
2019-03-20 14:24:53 +00:00
Erik Johnston
213c98c00a
Add option to disable search room lists
...
This disables both local and remote room list searching.
2019-03-19 17:10:52 +00:00
Erik Johnston
320667a479
Add option to disable searching in the user dir
...
We still populate it, as it can still be accessed via the admin API.
2019-03-19 16:40:19 +00:00
Richard van der Hoff
13bc1e0746
Use a regular HomeServerConfig object for unit tests
...
Rather than using a Mock for the homeserver config, use a genuine
HomeServerConfig object. This makes for a more realistic test, and means that
we don't have to keep remembering to add things to the mock config every time
we add a new config setting.
2019-03-19 11:44:43 +00:00
Richard van der Hoff
fd463b4f5d
Comment out most options in the generated config. ( #4863 )
...
Make it so that most options in the config are optional, and commented out in
the generated config.
The reasons this is a good thing are as follows:
* If we decide that we should change the default for an option, we can do so,
and only those admins that have deliberately chosen to override that option
will be stuck on the old setting.
* It moves us towards a point where we can get rid of the super-surprising
feature of synapse where the default settings for the config come from the
generated yaml.
* It makes setting up a test config for unit testing an order of magnitude
easier (see forthcoming PR).
* It makes the generated config more consistent, and hopefully easier for users
to understand.
2019-03-19 10:06:40 +00:00
Brendan Abolivier
651ad8bc96
Add ratelimiting on failed login attempts ( #4865 )
2019-03-18 12:57:20 +00:00
Brendan Abolivier
899e523d6d
Add ratelimiting on login ( #4821 )
...
Add two ratelimiters on login (per-IP address and per-userID).
2019-03-15 17:46:16 +00:00
Erik Johnston
9ad448c1e5
Correctly handle all command line options
2019-03-14 13:32:14 +00:00
Erik Johnston
72bfaf746d
Allow passing --daemonize to workers
2019-03-13 17:33:54 +00:00
Andrew Morgan
7998ca3a66
Document using a certificate with a full chain ( #4849 )
2019-03-13 15:26:29 +00:00
Aaron Raimist
8ea1b41a0e
Clarify what registration_shared_secret allows for ( #2885 ) ( #4844 )
...
* Clarify what registration_shared_secret allows for (#2885 )
Signed-off-by: Aaron Raimist <aaron@raim.ist>
* Add changelog
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2019-03-11 18:21:52 +00:00
Brendan Abolivier
067ce795c0
Move settings from registration to ratelimiting in config file
2019-03-05 18:03:14 +00:00
Brendan Abolivier
a4c3a361b7
Add rate-limiting on registration ( #4735 )
...
* Rate-limiting for registration
* Add unit test for registration rate limiting
* Add config parameters for rate limiting on auth endpoints
* Doc
* Fix doc of rate limiting function
Co-Authored-By: babolivier <contact@brendanabolivier.com>
* Incorporate review
* Fix config parsing
* Fix linting errors
* Set default config for auth rate limiting
* Fix tests
* Add changelog
* Advance reactor instead of mocked clock
* Move parameters to registration specific config and give them more sensible default values
* Remove unused config options
* Don't mock the rate limiter un MAU tests
* Rename _register_with_store into register_with_store
* Make CI happy
* Remove unused import
* Update sample config
* Fix ratelimiting test for py2
* Add non-guest test
2019-03-05 14:25:33 +00:00
Richard van der Hoff
8e28bc5eee
Include a default configuration file in the 'docs' directory. ( #4791 )
2019-03-04 17:14:58 +00:00
Richard van der Hoff
641c409e4e
Fix ACME config for python 2. ( #4717 )
...
Fixes #4675 .
2019-02-25 11:16:33 -08:00
Matthew Hodgson
70ea2f4e1d
switch from google.com to recaptcha.net for reCAPTCHA ( #4731 )
...
* add trivial clarification about jemalloc
* switch from google.com to recaptcha.net
because https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally
2019-02-25 11:15:36 -08:00
Erik Johnston
82fca11fc1
Merge pull request #4694 from matrix-org/erikj/fix_sentry_config_format
...
Fixup generated metrics config
2019-02-20 14:13:38 +00:00
Erik Johnston
3d672fec51
Fixup generated metrics config
2019-02-20 13:39:37 +00:00
Richard van der Hoff
5f9bdf90fe
Attempt to make default config more consistent
...
The general idea here is that config examples should just have a hash and no
extraneous whitespace, both to make it easier for people who don't understand
yaml, and to make the examples stand out from the comments.
2019-02-19 13:54:29 +00:00
Brendan Abolivier
a288bdf0b1
Merge pull request #4652 from matrix-org/babolivier/acme-delegated
...
Support .well-known delegation when issuing certificates through ACME
2019-02-19 11:15:38 +00:00
Brendan Abolivier
5a707a2f9a
Improve config documentation
2019-02-19 10:59:26 +00:00
Erik Johnston
d154f5a055
Merge pull request #4632 from matrix-org/erikj/basic_sentry
...
Add basic optional sentry.io integration
2019-02-18 17:22:45 +00:00
Erik Johnston
d328a93b51
Fixup error handling and message
2019-02-18 16:53:56 +00:00
Brendan Abolivier
45bb55c6de
Use a configuration parameter to give the domain to generate a certificate for
2019-02-18 15:46:23 +00:00
Erik Johnston
dc5efc92a8
Fixup
2019-02-18 13:52:49 +00:00
Juuso "Linda" Lapinlampi
68d2869c8d
config: Remove a repeated word from a logger warning
...
The warning for missing macaroon_secret_key was "missing missing".
2019-02-15 22:24:53 -07:00
Erik Johnston
bd4505f765
Merge pull request #4647 from matrix-org/erikj/add_room_publishing_rules
...
Add configurable room list publishing rules
2019-02-15 22:11:01 +00:00
Erik Johnston
b99c532c1c
Move defaults up into code
2019-02-15 10:53:39 +00:00
Erik Johnston
02c729d6b0
Hoist up checks to reduce overall work
2019-02-15 10:20:02 +00:00
Erik Johnston
02c46acc6a
Fixup comments
2019-02-15 10:17:13 +00:00
Erik Johnston
8e32f26cb8
Clarify comments
2019-02-14 18:21:24 +00:00
Erik Johnston
cb12a37708
Clarify and fix behaviour when there are multiple aliases
2019-02-14 18:16:32 +00:00
Erik Johnston
f666fe36d7
Fixup comments
2019-02-14 18:07:24 +00:00
Richard van der Hoff
f311018823
Fix errors in acme provisioning ( #4648 )
...
* Better logging for errors on startup
* Fix "TypeError: '>' not supported" when starting without an existing
certificate
* Fix a bug where an existing certificate would be reprovisoned every day
2019-02-14 17:10:36 +00:00
Erik Johnston
eaf4d11af9
Add configurable room list publishing rules
...
This allows specifying who and what is allowed to be published onto the
public room list
2019-02-14 16:02:23 +00:00
Erik Johnston
6cb415b63f
Fixup comments and add warning
2019-02-13 16:15:11 +00:00
Richard van der Hoff
e3a0300431
Special-case the default bind_addresses for metrics listener
...
turns out it doesn't really support ipv6, so let's hack around that by only
listening on ipv4 by default.
2019-02-13 11:48:56 +00:00
Erik Johnston
6a8f902edb
Raise an appropriate error message if sentry_sdk missing
2019-02-12 16:01:41 +00:00
Erik Johnston
ef2228c890
Basic sentry integration
2019-02-12 13:55:58 +00:00
Erik Johnston
3c03c37883
Merge pull request #4625 from matrix-org/rav/fix_generate_config_warnings
...
fix self-signed cert notice from generate-config
2019-02-12 11:24:45 +00:00
Richard van der Hoff
a4ce91396b
Disable TLS by default ( #4614 )
2019-02-12 10:52:08 +00:00
Richard van der Hoff
32b781bfe2
Fix error when loading cert if tls is disabled ( #4618 )
...
If TLS is disabled, it should not be an error if no cert is given.
Fixes #4554 .
2019-02-12 10:51:31 +00:00