Handler is overused. Handler ought to mean the end-function handling the
command. The command processor is the central dispatcher to the handler.
Signed-off-by: Jason Volk <jason@zemos.net>
we use ring for hashing state and ruma, and reqwest/rustls defaults
to aws_lc_rs, so we have to manually pick which one. there doesn't
seem to be a way to just use one for some reason, so lets just use
the new aws_lc_rs.
Signed-off-by: strawberry <strawberry@puppygock.gay>
while their code of conduct has very great baseline points, this is not a code of
conduct the foundation upholds themselves, so it would be a disserve to mislead
folks into using this as a baseline.
Signed-off-by: strawberry <strawberry@puppygock.gay>
attic just sucks and every 5 CI runs guarantees at least 2 false
gateway errors that i can't do anything about.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is already done but we just don't error and always
use the sender user. match synapse behaviour where we check
and error.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this prefix causes you to require setting the environment variable
to `CONDUWUIT_CONDUIT_CACHE_CAPACITY_MODIFIER`
alias this so we dont break any configs
Signed-off-by: strawberry <strawberry@puppygock.gay>
we have the patch already and i dont want to make it nix
exclusive by reverting it in my rocksdb fork
Signed-off-by: strawberry <strawberry@puppygock.gay>
I run a homeserver whose logs show a high number of incoming empty
presence EDUs originating from the user agent "Conduwuit/0.4.4". They
arrive at a rate of about 2 queries per second per Conduwuit server.
The empty EDUs all look the same, only with `origin_server_ts`
increasing:
```
{"origin":"example.com","origin_server_ts":1720266475601,"edus":[{"edu_type":"m.presence","content":{"push":[]}}]}
```
These updates are unnecessary because they don't do anything. They
only increase network traffic and CPU usage on both sides.
After this commit, the empty presence updates are no longer inserted
into the outgoing event queue.
also had to fix a million clippy lints
fix(spaces): deal with hierarchy recursion
fix(spaces): properly handle max_depth
refactor(spaces): token scheme to prevent clients from modifying max_depth and suggested_only
perf(spaces): use tokens to skip to room to start populating results at
feat(spaces): request hierarchy from servers in via field of child event
Co-authored-by: Matthias Ahouansou <matthias@ahouansou.cz>
Signed-off-by: strawberry <strawberry@puppygock.gay>
sorry but this is just non-functional in our build system,
i haven't had time to figure out why nix doesn't like what
i'm doing with it, and i haven't heard anyone using this
(the user who i anticipated would use this has not updated
their conduwuit in many months)
Signed-off-by: strawberry <strawberry@puppygock.gay>
Previously, anyone could remove any local alias, meaning that someone could re-route a popular alias elsewhere
Now, only the creator of the alias, users who can set canonical aliases for the room, server admins and the server user can delete aliases
added some additional changes/fixes to adapt to our codebase
Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
This ensures that the tokenization algorithm will remain in sync between
querying, indexing, and deindexing. The existing code had slightly
different behavior for querying, because it did not discard words with
>50 bytes. This was inconsequential, because >50 byte tokens are never
present in the index.
Signed-off-by: strawberry <strawberry@puppygock.gay>
The previous code would drop some events entirely if any events between
`skip` and `skip + limit` were not visible to the user. This would cause
the set of events skipped by the `skip(skip)` method to extend past
`skip` in the raw result set, because `skip(skip)` was being called
*after* filtering out invisible events.
This bug will become much more severe with a full filtering
implementation, because it will be more likely for events to be filtered
out. Currently, it is only possible to trigger with rooms that have
history visibility set to "invited" or "joined".
Signed-off-by: strawberry <strawberry@puppygock.gay>
The previous code would fail to return next_batch if any of the events
in the window were not visible to the user. It would also return an
unnecessary next_batch when no more results are available if the total
number of results is exactly `skip + limit`.
This bug will become much more severe with a full filtering
implementation, because we will be more likely to trigger it by
filtering out events in a search call. Currently, it is only possible to
trigger with rooms that have history visibility set to "invited" or
"joined".
Signed-off-by: strawberry <strawberry@puppygock.gay>
for a few months now we accidentally had double 0xFF splits being
inserted into `roomuserid_joined` cf when membership counts and such
are being updated.
this is a conduwuit-specific db migration and does NOT break conduit
compatibility.
`fix_bad_double_separator_in_state_cache`
Signed-off-by: strawberry <strawberry@puppygock.gay>
When enabled, if a file is deemed unremovable, it skips past it and
continues deleting all other files that fit the criteria. Additionally,
fix age comparison under the same command.
Signed-off-by: Lux Aliaga <lux@nixgoat.me>
`roomuserid_joined` cf seems unreliable, so in the mean time we need to check
membership state (or maybe this is a more reliable check anyways)
Signed-off-by: strawberry <strawberry@puppygock.gay>
this `real_users_cache` cache seems weird, and i have no idea what
prompted its creation upstream. perhaps they did this because
sqlite was very slow and their rocksdb setup is very poor, so
a "solution" was to stick member counts in memory.
slow iterators, scanning, etc do not apply to conduwuit where
our rocksdb is extremely tuned, and i seriously doubt something
like this would have any real world net-positive performance impact.
also for some reason, there is suspicious logic where we
overwrite the entire push target collection.
both of these things could be a potential cause for receiving
notifications in rooms we've left.
Signed-off-by: strawberry <strawberry@puppygock.gay>
only return `inline` if the detected content-type is an allowed
inline content-type as defined by MSC2702
Signed-off-by: strawberry <strawberry@puppygock.gay>
so in theory: guest users, peaking over federation,
and world readable rooms should be allowed to send
read receipts even if they're not joined.
relaxing this check to only allow the read receipt if
the server has at least 1 member in the room makes
some of this still work
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is a code of conduct that the moderation team made up,
specific to conduwuit's community spaces such as the matrix rooms.
the matrix foundation and contributor's covenant still apply, but
having conduwuit-specific additional guidelines help
Signed-off-by: strawberry <strawberry@puppygock.gay>
rust:
* ALL lints which rustc defaults to "allow" have been set to "warn".
* NEW "warn" lints which produce a warning as of this commit have been
explicitly identified and commented with a TODO for later review.
clippy:
* ALL categories (sans restriction) now fully enabled to "warn".
* redundant lints set to "warn" from categories now at "warn" are removed.
* previous "allow" sadness moved into respective categories.
* new warnings produced as of this commit have been explicitly identified:
- nursery lints set to "allow" marked with TODO for later review.
- pedantic lints set to "allow"
Signed-off-by: Jason Volk <jason@zemos.net>
test -L $object [object exists and is a symbolic link (same as -h)]
It is not recommended to use -h
[True if file exists and is a symbolic link. This operator is retained for compatibility with previous versions of this program. Do not rely on its existence; use -L instead.]
this is dual-stack by default on linux, resolves
issues with nginx using `localhost` and randomly
choosing between 127.0.0.1 and [::1], causing
intermittent upstream issues
Signed-off-by: strawberry <strawberry@puppygock.gay>
The original implementation of this was really weird, so I restructed it
a lot while debugging, and am just gonna leave the restructured version.
Root cause of the segfault seems to be that upstream nixpkgs liburing
derivation is generating both static and dynamic libraries, causing
rocksdb to statically link liburing in a dynamic build, pulling in some
allocator stuff at the same time. I created a PR[1] to fix this upstream,
but it probably won't be available on nixos-unstable for quite a while,
so we can also patch it locally.
[1]: https://github.com/NixOS/nixpkgs/pull/314945
I talked to somebody yesterday in #conduwuit:puppygock.gay that was using
this output in their system config. The dynamically-linked jemalloc build
is quite fragile, and is not tested by anything else in CI. We want to
make sure we don't break it again in the future.
This failed to inherit the fix from bec507d739
because the crane package's buildInputs become propagatedBuildInputs in
a static stdenv, but become normal buildInputs in a dynamic stdenv. Since
we were only pulling propagatedBuildInputs into the devshell, dynamically
linked devshells did not include the rust-jemalloc-sys package. This
causes tikv-jemalloc-sys to build it's own static jemalloc package, and
we end up loading libc before jemalloc at runtime.
It turns out that this was actually fixed by
bec507d739 and
857ac42aac, but we didn't identify it at the
time. Notably, the `dynamic` devshell is still broken.
needed for hot reloading but rpath being true by default
causes linker errors on lld because of the sad rpath bug
Signed-off-by: strawberry <strawberry@puppygock.gay>
for a very long time, if a remote server responded to us with
a valid but unsuccessful (HTTP 4xx) response and the caller was the
`send_federation_request` function, we may find ourselves
with a warning message only containing the destination's
server name which was very unhelpful. the true error was
buried away in trace logs. this would primarily be noticed
with server key fetch requests from us.
conduit has been throwing away the ruma request error: https://gitlab.com/famedly/conduit/-/blame/next/src/utils/error.rs#L62
before: 2024-05-23T04:45:02.930224Z WARN router:{path=/_matrix/client/v3/publicRooms}:handle: conduit_api::client_server::directory: Failed to return our /publicRooms: matrix.org
after: 2024-05-23T05:05:02.435272Z WARN router:{path=/_matrix/client/v3/publicRooms}:handle: conduit_api::client_server::directory: Failed to return our /publicRooms: matrix.org: [401 / M_UNAUTHORIZED] Failed to find any key to satisfy: _FetchKeyRequest(server_name='your.server.name', minimum_valid_until_ts=1716440702337, key_ids=['ed25519:RQB3XPQX'])
Signed-off-by: strawberry <strawberry@puppygock.gay>
Previously we were relying on NIX_CFLAGS_COMPILE, but this is not being
set in static devshells. A cleaner solution for complement would likely
be to build the tests in their own nix derivation instead of building
them in the devshell, but this change unblocks CI for now.
This is causing build failures on Mac:
> In file included from /tmp/nix-build-rocksdb-static-aarch64-apple-darwin-9.1.1.drv-0/source/memory/memory_allocator.cc:8:
> In file included from /tmp/nix-build-rocksdb-static-aarch64-apple-darwin-9.1.1.drv-0/source/memory/jemalloc_nodump_allocator.h:11:
> /tmp/nix-build-rocksdb-static-aarch64-apple-darwin-9.1.1.drv-0/source/port/jemalloc_helper.h:63:36: warning: unknown attribute '_rjem_malloc' ignored [-Wunknown-attributes]
> mallocx(size_t, int) JEMALLOC_ATTR(malloc) JEMALLOC_ALLOC_SIZE(1)
> ^~~~~~
> /nix/store/3bix0kzy670dyhhizri3dwb1qfj3sdpa-jemalloc-static-aarch64-apple-darwin-5.3.0/include/jemalloc/jemalloc.h:412:18: note: expanded from macro 'malloc'
> # define malloc je_malloc
> ^~~~~~~~~
> /nix/store/3bix0kzy670dyhhizri3dwb1qfj3sdpa-jemalloc-static-aarch64-apple-darwin-5.3.0/include/jemalloc/jemalloc.h:75:21: note: expanded from macro 'je_malloc'
> # define je_malloc _rjem_malloc
> ^~~~~~~~~~~~
> /nix/store/3bix0kzy670dyhhizri3dwb1qfj3sdpa-jemalloc-static-aarch64-apple-darwin-5.3.0/include/jemalloc/jemalloc.h:183:43: note: expanded from macro 'JEMALLOC_ATTR'
> # define JEMALLOC_ATTR(s) __attribute__((s))
Full build log at <https://girlboss.ceo/~strawberry/pb/ygJ3>. This is
likely fixable with patches to rocksdb, but not worth it since darwin is
only a dev platform.
CI is running `cargo build --all-features`, so we should be passing all
the features to nix as well.
The only thing this currently affects is the jemalloc_prof feature, but if
we add any non-default features that affect nix in the future they should
also be handled correctly now.
Dynamically-linked jemalloc doesn't work due to link-order issues, and we
want CI to be testing a static binary anyway since that's what we're
publishing in releases.
Some of the features affect nix dependencies, so we need to have a
full feature list available when constructing the nix derivation. This
incidentally fixes the bug where we weren't enabling jemalloc on rocksdb
in CI/devshells, because jemalloc is now a default feature. It does not
fix the more general class of that issue, where CI is performing an
`--all-features` build in a nix devshell built for default-features.
I am now passing `--no-default-features` to cargo, and having it use our
unified feature list rather than duplicating the unification inside cargo.
Without setting JEMALLOC_OVERRIDE, we end up linking to two different
jemalloc builds. Once dynamically, as a transitive dependency through
rocksdb, and a second time to the static jemalloc that tikv-jemalloc-sys
builds.
Previously, we were returning redundant member count updates or encrypted
device updates from the /sync endpoint in some cases. The extra member
count updates are spec-compliant, but unnecessary, while the extra
encrypted device updates violate the spec.
The refactor necessary to fix this bug is also necessary to support
filtering on state events in sync.
Details:
Joined room incremental sync needs to examine state events for four
purposes:
1. determining whether we need to return an update to room member counts
2. determining the set of left/joined devices for encrypted rooms
(returned in `device_lists`)
3. returning state events to the client (in `rooms.joined.*.state`)
4. tracking which member events we have sent to the client, so they can
be omitted on future requests when lazy-loading is enabled.
The state events that we need to examine for the first two cases is member
events in the delta between `since` and the end of `timeline`. For the
second two cases, we need the delta between `since` and the start of
`timeline`, plus contextual member events for any senders that occur in
`timeline`. The second list is subject to filtering, while the first is
not.
Before this change, we were using the same set of state events that we are
returning to the client (cases 3/4) to do the analysis for cases 1/2.
In a compliant implementation, this would result in us missing some
relevant member events in 1/2 in addition to seeing redundant member
events. In current conduwuit this is not the case because the set of
events that we return to the client is always a superset of the set that
is needed for cases 1/2. This is because we don't support filtering, and
we have an existing bug[1] where we are returning the delta between
`since` and the end of `timeline` rather than the start.
[1]: https://github.com/girlbossceo/conduwuit/issues/361
Fixing this is necessary to implement filtering because otherwise
we would start missing some member events for member count or encrypted
device updates if the relevant member events are rejected by the filter.
This would be much worse than our current behavior.
This cache can serve invalid responses, and has an extremely low hit
rate.
It serves invalid responses because because it's only keyed off
the `since` parameter, but many of the other request parameters also
affect the response or it's side effects. This will become worse once we
implement filtering, because there will be a wider space of parameters
with different responses. This problem is fixable, but not worth it
because of the low hit rate.
The low hit rate is because normal clients will always issue the next
sync request with `since` set to the `prev_batch` value of the previous
response. The only time we expect to see multiple requests with the same
`since` is when the response is empty, but we don't cache empty
responses.
This was confirmed experimentally by logging cache hits and misses over
15 minutes with a wide variety of clients. This test was run on
matrix.computer.surgery, which has only a few active users, but a
large volume of sync traffic from many rooms. Over the test period, we
had 3 hits and 5309 misses. All hits occurred in the first minute, so I
suspect that they had something to do with client recovery from an
offline state. The clients that were connected during the test are:
- element web
- schildichat web
- iamb
- gomuks
- nheko
- fractal
- fluffychat web
- fluffychat android
- cinny web
- element android
- element X android
Fixes: #336
the namespace check on username login is unnecessary, hashes aren't ever
going to match, and axum auth handles this kind of stuff already
Signed-off-by: strawberry <strawberry@puppygock.gay>
debconf support needs to be done in a way that does not duplicate
the config file like upstream does.
Signed-off-by: strawberry <strawberry@puppygock.gay>
This reverts commit 321a6ca0fe.
These checks were not working as intended, resulting in the unban button not working
The join check gets kept since it slightly reduces the amount of sent joins in some cases
This check will probably be replaced soon for a more universal solution to the "made no change" issue
Signed-off-by: morguldir <morguldir@protonmail.com>
protects against a maintainer creating a downgrading version tag, and
uploading artifacts with that version
this check is only ran via workflow dispatch on the tag
Signed-off-by: strawberry <strawberry@puppygock.gay>
Only normal users should be prevented from creating an alias within an
exclusive namespace, not the appservice itself. This mirrors the
behaviour in api/client_server/room.rs on room creation.
this was already enabled by default by rocksdb technically, but
it wasn't building with it properly.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this makes `CONDUWUIT_WELL_KNOWN__CLIENT` a valid env variable config
option as it would normally exist under `[well_known.client]` in toml
Signed-off-by: strawberry <strawberry@puppygock.gay>
after getting the shared rooms with the target user, we actually only
get the presence of ourselves instead of the requested user
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is purely DNSSEC related which we don't use, and DNSSEC on matrix
is unbearable for federation (no one sets it up properly, it's extremely taxing, etc)
Signed-off-by: strawberry <strawberry@puppygock.gay>
there's really no point in trying to stay as low as possible for us,
and this makes development easier. Debian users should just use rustup,
Nix users already get the proper toolchains.
Signed-off-by: strawberry <strawberry@puppygock.gay>
Hardcoding the output path to something in CWD is a pain if you're running
conduwuit through systemd or similar. Also made the error message when
it's unable to create the output file a little more friendly.
Previously, enabling the `tracing_flame` or `allow_jaeger` options would
prevent any logs from being written to stdout. In addition, enabling the
`allow_jaeger` option would inhibit the `tracing_flame` option.
Now that we have a way to use separate tracing filters with different
layers, we can enable all three at the same time without issues.
This commit also prevents the `debug log_level` command from modifying
the `tracing-flame` filter. This was supported previously, but I don't
think it's something that you would ever want to do intentionally. Now
that we have both the normal log filter and the `tracing-flame` filter
enabled at the same time, we want to `debug log_level` to only modify the
normal filter.
imagine this SQL query but in conduwuit:
select * from users_in_public_rooms where user_id like '%user_id%';
Signed-off-by: strawberry <strawberry@puppygock.gay>
This turned out to be quite hairy, mostly because we need to apply the
config's log level filter to the actual logs (stdout and, optionally
sentry), but do not want to filter out the tokio tracing events needed by
the console_subscriber. I hit several edge cases in tracing getting
this to work, and we now depend on a git version of tracing with a
backported patch :(
All images should be generating correctly with parallelism and Docker manifests, and should output the end of the CI testing errors in a job summary box when the test fails.
When the test succeeds you get a big ✅ then at the end of the Docker publish it should include the `docker pull` commands for both Docker Hub and GHCR registries to make those pesky Docker users lives easier!
Should've been done in fe606f4fad but the
author didn't realize it.
Flake lock file updates:
• Updated input 'rocksdb':
'github:facebook/rocksdb/bcf88d48ce8aa8b536aee4dd305533b3b83cf435' (2024-04-16)
→ 'github:facebook/rocksdb/6f7cabeac80a3a6150be2c8a8369fcecb107bf43' (2024-04-22)
Apparently github actions VMs ship with it and that's how it was working
before? Cursed. We should control our own supply chain and also ensure
that local development uses the same version as CI.
Some of the improvements here include:
* rocksdb can actually use jemalloc now instead of just pulling in a
second rocksdb for no reason
* "complement-runtime" factored back out into shell file
* complement image no longer uses `mkDerivation` for `copyToRoot`
because that's what `buildEnv` is for
* complement image no longer sets `SERVER_NAME`, complement already does
that
* all packages were factored out into `callPackage`-able files for use
with a custom `lib.makeScope pkgs.newScope`
* new version of `mkPackage` has options that are easier to use and
override such as `features`
Apparently it uses `date -Iseconds` to parse, so we can use @ with a timestamp
Also it doesn't parse `created` in buildImage, only buildLayeredImage
Signed-off-by: morguldir <morguldir@protonmail.com>
Signed-off-by: strawberry <strawberry@puppygock.gay>
resolves X-Matrix signatures being invalid in some edge-cases,
and fixes Complement/Sytest federation tests
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is hard to maintain now, and i think conduwuit is reaching a point that
it's way too different from upstream to simply "list all the differences" out
Signed-off-by: strawberry <strawberry@puppygock.gay>
this does deprecate the original `well_known_` prefixed config options
with a dedicated/proper config sub-block (`[config.well_known]`)
Signed-off-by: strawberry <strawberry@puppygock.gay>
there's nothing unstable about this, and per upstream only unstable
room versions are used if they are complex to support (versions <=5)
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is not helpful informational logging
```
2024-04-02T04:40:52.590444Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking thomcat.rocks for /hierarchy
2024-04-02T04:40:52.628248Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking hackingfor.eu for /hierarchy
2024-04-02T04:40:52.808526Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:52.920936Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:52.959362Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: Some("#cybersec-whonix:matrix.org"), name: Some("Whonix"), num_joined_members: 329, room_id: "!OJFkLJksWastbfdRuf:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | RULES: https://cybersec-rules.thomcat.rocks | Whonix-focused room | Off-topic chat is fine. Keep it brief and/or move it to #cybersec-offtopic:matrix.org"), world_readable: true, guest_can_join: false, avatar_url: Some("mxc://matrix.org/DMJtrQdhQHKxeODrSibtrczX"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
2024-04-02T04:40:52.959762Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:53.109611Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: Some("#lockpicking:matrix.org"), name: Some("Lockpicking"), num_joined_members: 284, room_id: "!uEYjSxQOZnHEkiurTP:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | RULES: https://cybersec-rules.thomcat.rocks | Off-topic chat is fine. Keep it brief and/or move it to #cybersec-offtopic:matrix.org"), world_readable: false, guest_can_join: false, avatar_url: Some("mxc://thomcat.rocks/cSeFfMLUdjymKdkUmXtIQTjf"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
2024-04-02T04:40:53.109880Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:53.261581Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: Some("#cybersec-rss:matrix.org"), name: Some("Cybersecurity-RSS"), num_joined_members: 347, room_id: "!IVHnAZkhJOhdZxlHRA:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | Suggestions to our RSS feed list welcome at #cybersecurity:matrix.org"), world_readable: true, guest_can_join: false, avatar_url: Some("mxc://thomcat.rocks/ugdubBloOkVCYxqFzdVoPwcV"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
2024-04-02T04:40:53.305166Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: Some("#cybersec-whonix:matrix.org"), name: Some("Whonix"), num_joined_members: 329, room_id: "!OJFkLJksWastbfdRuf:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | RULES: https://cybersec-rules.thomcat.rocks | Whonix-focused room | Off-topic chat is fine. Keep it brief and/or move it to #cybersec-offtopic:matrix.org"), world_readable: true, guest_can_join: false, avatar_url: Some("mxc://matrix.org/DMJtrQdhQHKxeODrSibtrczX"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
2024-04-02T04:40:53.323257Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking thomcat.rocks for /hierarchy
2024-04-02T04:40:53.323672Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:53.369721Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Asking matrix.org for /hierarchy
2024-04-02T04:40:53.529250Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: None, name: None, num_joined_members: 1463, room_id: "!aBXqGDWIxVYeYxVbRu:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | The room needs urgent attention? @ all the mods! | RULES: https://cybersec-rules.thomcat.rocks | \"you seem to be completely in lack of basic knowledge of how a computer or any programming language operates, to the point that any attempt of discussing any security measures is a complete waste of time\""), world_readable: false, guest_can_join: false, avatar_url: Some("mxc://thomcat.rocks/DjRWzuYjLkScQYPySYNedlFr"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
2024-04-02T04:40:53.546581Z INFO http_request{path=/_matrix/client/v1/rooms/:room_id/hierarchy}: conduit::service::rooms::spaces: Got response from matrix.org for /hierarchy
Response { children: [], inaccessible_children: [], room: SpaceHierarchyParentSummary { canonical_alias: None, name: None, num_joined_members: 1463, room_id: "!aBXqGDWIxVYeYxVbRu:matrix.org", topic: Some("| Part of the Cybersec matrix.org community (#cyber-space:matrix.org) | The room needs urgent attention? @ all the mods! | RULES: https://cybersec-rules.thomcat.rocks | \"you seem to be completely in lack of basic knowledge of how a computer or any programming language operates, to the point that any attempt of discussing any security measures is a complete waste of time\""), world_readable: false, guest_can_join: false, avatar_url: Some("mxc://thomcat.rocks/DjRWzuYjLkScQYPySYNedlFr"), join_rule: "public", room_type: None, children_state: [], allowed_room_ids: [] } }
```
Signed-off-by: strawberry <strawberry@puppygock.gay>
this is the url field in the appservice registration file,
this is almost always localhost and the admin should
be vetting the appservice registration yaml file before
registering it anyways.
Signed-off-by: strawberry <strawberry@puppygock.gay>
there seems to be a regression, likely from https://github.com/facebook/rocksdb/issues/12361 / https://github.com/facebook/rocksdb/pull/12309
```
[1/0/2 built] building rocksdb-9.0.0 (configurePhase): -- Detecting CXX compile features - donedirenv: ([/Users/strawberry/.nix-profile/bin/direnv export zsh]) is taking a while to execute. Use CTRL-C to give up.
error: builder for '/nix/store/9slwgpnardhn2vqzqhn361ic668n38wq-rocksdb-9.0.0.drv' failed with exit code 1;
last 10 log lines:
> -- Found lz4: /nix/store/cafwv4439qbm2ij04mpc7xz5m3f7mfix-lz4-1.9.4/lib/liblz4.dylib
> CMake Error at /nix/store/bin32lqag7lx38994xpf9jvhk1xbd64c-cmake-3.28.2/share/cmake-3.28/Modules/FindPackageHandleStandardArgs.cmake:230 (message):
> Could NOT find zstd (missing: ZSTD_INCLUDE_DIRS)
> Call Stack (most recent call first):
> /nix/store/bin32lqag7lx38994xpf9jvhk1xbd64c-cmake-3.28.2/share/cmake-3.28/Modules/FindPackageHandleStandardArgs.cmake:600 (_FPHSA_FAILURE_MESSAGE)
> cmake/modules/Findzstd.cmake:17 (find_package_handle_standard_args)
> CMakeLists.txt:167 (find_package)
>
>
> -- Configuring incomplete, errors occurred!
For full logs, run 'nix log /nix/store/9slwgpnardhn2vqzqhn361ic668n38wq-rocksdb-9.0.0.drv'.
error: 1 dependencies of derivation '/nix/store/ir8jf2wic98iymjlk7d2i1kjjsgv15v2-nix-shell-env.drv' failed to build
```
happens in both rust-rocksdb and our fork of rust-rocksdb
Signed-off-by: strawberry <strawberry@puppygock.gay>
There are so many ways to do this we realistically shouldn't bother
describing any of them, especially because people should be learning all
the options and choosing the one that suits them best anyway.
Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
The main thing this section is really useful for is explaining how to
configure various reverse proxies, which applies to basically anything.
Also, remove all the language about this being "recommended", because
nothing in this documentation is actually tested in CI.
Signed-off-by: strawberry <strawberry@puppygock.gay>
It is very stale. Please just use Nix. Trying to do it outside of Nix
will be an exercise in frustration, I guarantee it.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this should fix FluffyChat password resets, and
other possible client issues that expose features
based on server capabilities.
Signed-off-by: strawberry <strawberry@puppygock.gay>
save the few bytes of bandwidth for something else
also now that we send our User-Agent, it is
technically sending conduwuit versions now
Signed-off-by: strawberry <strawberry@puppygock.gay>
i build/develop on a mac, i have a windows machine,
my servers run linux and i do prod builds on linux,
and BSD support is generally inherent with linux
and mac.
i don't think it hurts or would be difficult for me
to say i support all of these.
upstream conduit only officially supports Linux
Signed-off-by: strawberry <strawberry@puppygock.gay>
yes windows technically supports unix sockets,
but its not as good or the same as actual
nix platform unix sockets
Signed-off-by: strawberry <strawberry@puppygock.gay>
reduces unnecessary crates being compiled. splits them
into features.
i have yet to see anyone use conduit's opentelemetry
stuff, and realistically those people who do
performance benchmarking and measurements will be
building stuff anyways so they can just enable this
feature.
Signed-off-by: strawberry <strawberry@puppygock.gay>
if https://github.com/ruma/ruma/issues/1240 is to
be trusted, there are apparently still servers
and clients that may call these endpoints.
i'm unable to read the history of that matrix.to
link so i don't know the full context, but this
is trivial to implement so..
Signed-off-by: strawberry <strawberry@puppygock.gay>
retains compatibility for container users
who set it to empty.
if the variable is unspecified, it will
use the CONDUIT_ variables as normal.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this can be used as a way to deal with the thumbnail
and the media file at the same time without knowing
the thumbnail MXC URL.
Signed-off-by: strawberry <strawberry@puppygock.gay>
complement sends C-S requests over HTTP, and federation
over HTTPS.
complement without caddy *almost* works. unfortunately
i am now dealing with invalid X-Matrix signatures
due to non-percent encoded URIs and it does not
seem trivial to percent-encode URIs that a
reverse proxy would normally do for you.
Signed-off-by: strawberry <strawberry@puppygock.gay>
this provides not only some future compatibility with MSC4051,
but it just makes sense to not crash/error if we can't get a server_name
from the room ID and should just use the server_name from the sender
user's invite event. there is already code ahead that accounts for
an empty vector so this is safe.
Signed-off-by: strawberry <strawberry@puppygock.gay>
default of 90 seconds can be too low if hardware is not very fast
and rocksdb compaction or shutdown takes too long
Signed-off-by: strawberry <strawberry@puppygock.gay>
# attic nix binary cache server is very, very terribly flakey. nothing i can do to fix it other than retry multiple times here
ATTEMPTS=3
SUCCESS=false
while (( ATTEMPTS-- > 0 ))
do
bin/nix-build-and-cache just .#static-${{ matrix.target }}-all-features-debug
if [[ $? == 0 ]]; then
SUCCESS=true
break
else
sleep 3
fi
done
if [[ $SUCCESS == "false" ]]; then
exit 1
fi
# > warning: dev profile is not supported and will be a hard error in the future. cargo-deb is for making releases, and it doesn't make sense to use it with dev profiles.
# so we need to coerce cargo-deb into thinking this is a release binary
- if command -v nix > /dev/null; then echo "experimental-features = nix-command flakes" >> /etc/nix/nix.conf; fi
# Add conduwuit binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduwuit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduwuit:BbycGUgTISsltcmH0qNjFR9dbrQNYgdIAcmViSGoVTE=" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-substituters = https://attic.kennel.juneis.dog/conduit" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = conduit:eEKoUwlQGDdYmAI/Q/0slVlegqh/QmAvQd7HBSm21Wk=" >> /etc/nix/nix.conf; fi
# Add alternate binary cache
- if command -v nix > /dev/null && [ -n "$ATTIC_ENDPOINT" ]; then echo "extra-substituters = $ATTIC_ENDPOINT" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null && [ -n "$ATTIC_PUBLIC_KEY" ]; then echo "extra-trusted-public-keys = $ATTIC_PUBLIC_KEY" >> /etc/nix/nix.conf; fi
# Add Lix binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://cache.lix.systems" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" >> /etc/nix/nix.conf; fi
# Add crane binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://crane.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = crane.cachix.org-1:8Scfpmn9w+hGdXH/Q9tTLiYAE/2dnJYRJP7kl80GuRk=" >> /etc/nix/nix.conf; fi
# Add nix-community binary cache
- if command -v nix > /dev/null; then echo "extra-substituters = https://nix-community.cachix.org" >> /etc/nix/nix.conf; fi
- if command -v nix > /dev/null; then echo "extra-trusted-public-keys = nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" >> /etc/nix/nix.conf; fi
# Install direnv and nix-direnv
- if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv nixpkgs.engage; fi
- if command -v nix > /dev/null; then nix-env -iA nixpkgs.direnv nixpkgs.nix-direnv; fi
# Allow .envrc
- if command -v nix > /dev/null; then direnv allow; fi
@@ -31,134 +58,87 @@ before_script:
ci:
stage:ci
image:nixos/nix:2.20.2
image:nixos/nix:2.24.4
script:
# Cache CI dependencies
- ./bin/nix-build-and-cache ci
- direnv exec . engage
cache:
key:nix
paths:
- target
- .gitlab-ci.d
rules:
# CI on upstream runners (only available for maintainers)
If you run into any problems while setting up an Appservice, write an email to `timo@koesters.xyz`, ask us in [#conduit:fachschaften.org](https://matrix.to/#/#conduit:fachschaften.org) or [open an issue on GitLab](https://gitlab.com/famedly/conduit/-/issues/new).
## Set up the appservice - general instructions
Follow whatever instructions are given by the appservice. This usually includes
downloading, changing its config (setting domain, homeserver url, port etc.)
and later starting it.
At some point the appservice guide should ask you to add a registration yaml
file to the homeserver. In Synapse you would do this by adding the path to the
homeserver.yaml, but in Conduit you can do this from within Matrix:
First, go into the #admins room of your homeserver. The first person that
registered on the homeserver automatically joins it. Then send a message into
the room like this:
@conduit:your.server.name: register-appservice
```
paste
the
contents
of
the
yaml
registration
here
```
You can confirm it worked by sending a message like this:
`@conduit:your.server.name: list-appservices`
The @conduit bot should answer with `Appservices (1): your-bridge`
Then you are done. Conduit will send messages to the appservices and the
appservice can send requests to the homeserver. You don't need to restart
Conduit, but if it doesn't work, restarting while the appservice is running
could help.
## Appservice-specific instructions
### Remove an appservice
To remove an appservice go to your admin room and execute
Conduit uses the ports 443 and 8448 both of which need to be open in the firewall.
If Conduit runs behind a router or in a container and has a different public IP address than the host system these public ports need to be forwarded directly or indirectly to the port mentioned in the config.
## Optional: Avoid port 8448
If Conduit runs behind Cloudflare reverse proxy, which doesn't support port 8448 on free plans, [delegation](https://matrix-org.github.io/synapse/latest/delegate.html) can be set up to have federation traffic routed to port 443:
[SRV DNS record](https://spec.matrix.org/latest/server-server-api/#resolving-server-names) delegation is also [possible](https://www.cloudflare.com/en-gb/learning/dns/dns-records/dns-srv-record/).
## Setting up a systemd service
Now we'll set up a systemd service for Conduit, so it's easy to start/stop Conduit and set it to autostart when your
server reboots. Simply paste the default systemd service you can find below into
That's it! Just start or enable the service and you're set.
```bash
$ sudo systemctl enable caddy
```
### Nginx
If you use Nginx and not Apache, add the following server section inside the http section of `/etc/nginx/nginx.conf`
```nginx
server{
listen443sslhttp2;
listen[::]:443sslhttp2;
listen8448sslhttp2;
listen[::]:8448sslhttp2;
server_nameyour.server.name;# EDIT THIS
merge_slashesoff;
# Nginx defaults to only allow 1MB uploads
# Increase this to allow posting large files such as videos
client_max_body_size20M;
# UNIX socket
#upstream backend {
# server unix:/run/conduit/conduit.sock;
#}
location/_matrix/{
# TCP
proxy_passhttp://127.0.0.1:6167$request_uri;
# UNIX socket
#proxy_pass http://backend;
proxy_set_headerHost$http_host;
proxy_bufferingoff;
proxy_read_timeout5m;
}
ssl_certificate/etc/letsencrypt/live/your.server.name/fullchain.pem;# EDIT THIS
ssl_certificate_key/etc/letsencrypt/live/your.server.name/privkey.pem;# EDIT THIS
ssl_trusted_certificate/etc/letsencrypt/live/your.server.name/chain.pem;# EDIT THIS
include/etc/letsencrypt/options-ssl-nginx.conf;
}
```
**You need to make some edits again.** When you are done, run
```bash
$ sudo systemctl reload nginx
```
## SSL Certificate
If you chose Caddy as your web proxy SSL certificates are handled automatically and you can skip this step.
The easiest way to get an SSL certificate, if you don't have one already, is to [install](https://certbot.eff.org/instructions) `certbot` and run this:
```bash
# To use ECC for the private key,
# paste into /etc/letsencrypt/cli.ini:
# key-type = ecdsa
# elliptic-curve = secp384r1
$ sudo certbot -d your.server.name
```
[Automated renewal](https://eff-certbot.readthedocs.io/en/stable/using.html#automated-renewals) is usually preconfigured.
If using Cloudflare, configure instead the edge and origin certificates in dashboard. In case you’re already running a website on the same Apache server, you can just copy-and-paste the SSL configuration from your main virtual host on port 443 into the above-mentioned vhost.
## You're done!
Now you can start Conduit with:
```bash
$ sudo systemctl start conduit
```
Set it to start automatically when your system boots with:
```bash
$ sudo systemctl enable conduit
```
## How do I know it works?
You can open <https://app.element.io>, enter your homeserver and try to register.
You can also use these commands as a quick health check.
### list of features, bug fixes, etc that conduwuit does that upstream does not:
- GitLab CI ported to GitHub Actions
- Fixed every single clippy (default lints) and rustc warnings, including some that were performance related or potential safety issues / unsoundness
- Has Renovate and significantly updates all dependencies possible
- Uses proper argon2 crate instead of questionable rust-argon2 crate
- Improved and cleaned up logging (less noisy dead server logging, registration attempts, more useful troubleshooting logging, etc)
- Attempts and interest in removing extreme and unnecessary panics/unwraps/expects that can lead to denial of service or such (upstream and upstream contributors want this unusual behaviour for some reason)
- Merged and cleaned up upstream MRs that have been sitting for 6-12 months
- Configurable RocksDB logging (`LOG` files) with proper defaults (rotate, max size, verbosity, etc) to stop LOG files from accumulating so much
- Federated presence support and configurable local presence (via upstream MR)
- Concurrency support for key fetching for faster remote room joins and room joins that will error less frequently (via upstream MR)
- Experimental room version 11 support (via upstream MR)
- Enabled all non-officially-supported room versions as experimental so we can at least attempt to join them
- Configurable guest registration including forbidding guest registrations if no admin user is created yet, respects allow registration setting, and an optional override setting with a default of no guest registrations allowed.
- Explicit startup error/warning if your configuration allows open registration without a token or such like Synapse
- Improved RocksDB defaults to use new features that help with performance significantly, uses settings tailored to SSDs, and a conduwuit setting to tell RocksDB to use settings that are tailored to HDDs or slow spinning rust storage.
- Updated Ruma to latest commit where possible, and add some unstable MSCs (some still require an implementation though)
- conduwuit allows MXIDs with `+` in them (thanks to Ruma update)
- Revamped admin room infrastructure and commands (via upstream MR)
- Admin room commands to delete room aliases and unpublish rooms from our room directory (via upstream MR)
- Make spaces/hierarchy cache use cache_capacity_modifier instead of hardcoded small value
- Make PDU appending, building, etc asynchronous
- Add *optional* feature flag to use SHA256 key names for media instead of base64 to overcome filesystem file name length limitations (OS error file name too long) (via upstream MR)
- Add *optional* feature flag to enable zstd HTTP body compression
- Add support for querying both Matrix SRV records, the deprecated `_matrix` record and `_matrix-fed` record if necessary
- Add config option for device name federation with a privacy-friendly default (disabled)
- Add config option for requiring authentication to the `/publicRooms` endpoint (room directory) with a default enabled for privacy
- Add config option for federating `/publicRooms` endpoint (room directory) to other servers with a default disabled for privacy
- Add support for listening on a UNIX socket for performance and host security with proper default permissions (660)
- Add missing `destination` key to all `X-Matrix``Authorization` requests (spec compliance issue)
- Fix spec compliance issue with servers being able to fetch remote user profiles over federation for users who don't belong to our server (`/_matrix/federation/v1/query/profile`)
- Use aggressive build-time performance optimisations for release builds (1 codegen unit, no debug, fat LTO, etc, and optimise all crates with same)
- Raise various hardcoded timeouts in codebase that were way too short, making some things like room joins and client bugs error less or none at all than they should
- Add debug admin command to force update user device lists (could potentially resolve some E2EE flukes) (`ForceDeviceListUpdates`)
- Declare various missing Matrix versions and features at `/_matrix/client/versions`
- Add support for serving server and client well-known files from conduwuit using `well_known_client` and `well_known_server` options
- Add non-standard sliding sync proxy health check (?) endpoint at `/client/server.json` that some clients such as Element Web query using the `well_known_client` or `well_known_server` config options
- Send a User-Agent on all of our requests (`conduwuit/0.7.0-alpha+conduwuit-0.1.1`) which strangely was not done upstream since forever. Some providers consider no User-Agent suspicious and block said requests.
- Safer and cleaner shutdowns on both database side as we run cleanup on shutdown and exits database loop better (no potential hanging issues in database loop), overall cleaner shutdown logic
- Basic binary commands like `conduwuit --version` work (interested in expanding it more)
- Allow HEAD HTTP requests in CORS for clients (despite not being explicity mentioned in Matrix spec, HTTP spec says all HEAD requests need to behave the same as GET requests, Synapse supports HEAD requests)
- Support for suggesting servers to join at `/_matrix/client/v3/directory/room/{roomAlias}`
- Prevent admin credential commands like reset password and deactivate user from modifying non-local users (https://gitlab.com/famedly/conduit/-/issues/377)
- Fixed spec compliance issue with room version 8 - 11 joins (https://github.com/matrix-org/synapse/issues/16717 / https://github.com/matrix-org/matrix-spec/issues/1708)
- Add basic cache eviction for true destinations when requests fail if we use a cached destination (e.g. a server has modified their well-known and we're still connecting to the old destination)
- Only follow 6 redirects total in our default reqwest ClientBuilder
- Generate passwords with 25 characters instead of 15
- Add missing `reason` field to user ban events (`/ban`)
- For all [`/report`](https://spec.matrix.org/v1.9/client-server-api/#post_matrixclientv3roomsroomidreporteventid) requests: check if the reported event ID belongs to the reported room ID, raise report reasoning character limit to 750, fix broken formatting, make a small delayed random response per spec suggestion on privacy, and check if the sender user is in the reported room.
- Support blocking servers from downloading remote media from
- Support sending `well_known` response to client logins if using config option `well_known_client`
- Send `avatar_url` on invite room membership events/changes
- Revamp example config, adding a lot of config options available (still some missing)
- Return joined member count of rooms for push rules/conditions instead of a hardcoded value of 10
- Respect *most* client parameters for `/media/` requests (`allow_redirect` still needs work)
- Config option `ip_range_denylist` to support refusing to send requests (typically federation) to specific IP ranges, typically RFC 1918, non-routable, testnet, etc addresses like Synapse for security.
- Support for creating rooms with custom room IDs like Maunium Synapse (`room_id` request body field to `/createRoom`)
- Assume well-knowns are broken if they exceed past 10000 characters.
- Basic validation/checks on user-specified room aliases and custom room ID creations
- Warn on unknown config options specified
- Add support for preventing certain room alias names and usernames using regex (via upstream MR) and extended to custom room IDs
- Revamp appservice registration to ruma's `Registration` type which fixes various appservice registration issues, including fixing crashing upon no URL specified (via upstream MR)
- URL preview support (via upstream MR) with various improvements
- Increased graceful shutdown timeout from a low 60 seconds to 180 seconds to avoid killing connections and let the remaining ones finish processing, and ask systemd for more time to shutdown if needed to prevent systemd's default [`TimeoutStopSec=`](https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStopSec=) of 90 seconds from killing conduwuit
- Bumped default max_concurrent_requests to 500
- Add support for the deprecated `user` identifier field for all `/login` requests
- Query parameter `?format=event|content` for returning either the room state event's content (default) for the full room state event on ` /_matrix/client/v3/rooms/{roomId}/state/{eventType}[/{stateKey}]` requests (see https://github.com/matrix-org/matrix-spec/issues/1047)
- Add admin commands for banning (blocking) room IDs from our local users joining (admins are always allowed) and evicts all our local users from that room, in addition to bulk room banning support, as a moderation feature
### a very cool, featureful fork of [Conduit](https://conduit.rs/)
<!-- ANCHOR_END: catchphrase -->
Visit the [Conduwuit documentation](https://conduwuit.puppyirl.gay/) for more
information.
<!-- ANCHOR: body -->
#### What is Matrix?
[Matrix](https://matrix.org) is an open network for secure and decentralized
communication. Users from every Matrix homeserver can chat with users from all
other Matrix servers. You can even use bridges (also called Matrix appservices)
other Matrix servers. You can even use bridges (also called Matrix Appservices)
to communicate with users outside of Matrix, like a community on Discord.
#### What is the goal?
An efficient Matrix homeserver that's easy to set up and just works. You can install
it on a mini-computer like the Raspberry Pi to host Matrix for your family,
friends or company.
An efficient Matrix homeserver that's easy to set up and just works. You can
install it on a mini-computer like the Raspberry Pi to host Matrix for your
family, friends or company.
#### Can I try it out?
There are no public conduwuit homeservers available, however conduwuit is incredibly simple to install. It's just a binary, a config file, and a database path.
An official conduwuit server ran by me is available at transfem.dev
* It is assumed you have a [Coturn server](https://github.com/coturn/coturn) up and running. See [Synapse reference implementation](https://github.com/matrix-org/synapse/blob/develop/docs/turn-howto.md).
## Edit/Add a few settings to your existing conduit.toml
```
# Refer to your Coturn settings.
# `your.turn.url` has to match the REALM setting of your Coturn as well as `transport`.
# Enables open registration. If set to false, no users can register on this
# Enables registration. If set to false, no users can register on this
# server.
# If set to true without a token configured, users can register with no form of 2nd-
# step only if you set
@@ -151,6 +219,34 @@ registration_token = "change this token for something specific to your server"
# defaults to true
# allow_room_creation = true
# controls whether non-admin local users are forbidden from sending room invites (local and remote),
# and if non-admin users can receive remote room invites. admins are always allowed to send and receive all room invites.
# defaults to false
# block_non_admin_invites = false
# List of forbidden username patterns/strings. Values in this list are matched as *contains*.
# This is checked upon username availability check, registration, and startup as warnings if any local users in your database
# have a forbidden username.
# No default.
# forbidden_usernames = []
# List of forbidden room aliases and room IDs as patterns/strings. Values in this list are matched as *contains*.
# This is checked upon room alias creation, custom room ID creation if used, and startup as warnings if any room aliases
# in your database have a forbidden room alias/ID.
# No default.
# forbidden_alias_names = []
# List of forbidden server names that we will block incoming AND outgoing federation with, and block client room joins / remote user invites.
#
# This check is applied on the room ID, room alias, sender server name, sender user's server name, inbound federation X-Matrix origin, and outbound federation handler.
#
# Basically "global" ACLs. No default.
# forbidden_remote_server_names = []
# List of forbidden server names that we will block all outgoing federated room directory requests for. Useful for preventing our users from wandering into bad servers or spaces.
# Vector list of explicit domains allowed to send requests to for URL previews. Defaults to none.
# Note: This is an *explicit* match, not a ccontains match. Putting "google.com" will match "https://google.com", "http://google.com", but not "https://mymaliciousdomainexamplegoogle.com"
# Note: This is an *explicit* match, not a contains match. Putting "google.com" will match "https://google.com", "http://google.com", but not "https://mymaliciousdomainexamplegoogle.com"
# Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so.
# Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so.
url_preview_url_contains_allowlist=[]
# Maximum amount of bytes allowed in a URL preview body size when spidering. Defaults to 1MB (1_000_000 bytes)
url_preview_max_spider_size=1_000_000
# Vector list of explicit domains not allowed to send requests to for URL previews. Defaults to none.
# Note: This is an *explicit* match, not a contains match. Putting "google.com" will match "https://google.com", "http://google.com", but not "https://mymaliciousdomainexamplegoogle.com"
# The denylist is checked first before allowlist. Setting this to "*" will not do anything.
url_preview_domain_explicit_denylist=[]
# Maximum amount of bytes allowed in a URL preview body size when spidering. Defaults to 384KB (384_000 bytes)
url_preview_max_spider_size=384_000
# Option to decide whether you would like to run the domain allowlist checks (contains and explicit) on the root domain or not. Does not apply to URL contains allowlist. Defaults to false.
# Example: If this is enabled and you have "wikipedia.org" allowed in the explicit and/or contains domain allowlist, it will allow all subdomains under "wikipedia.org" such as "en.m.wikipedia.org" as the root domain is checked and matched.
# Useful if the domain contains allowlist is still too broad for you but you still want to allow all the subdomains under a root domain.
url_preview_check_root_domain=false
# Config option to allow or disallow incoming federation requests that obtain the profiles
# of our local users from `/_matrix/federation/v1/query/profile`
#
# This is inherently false if `allow_federation` is disabled
#
# Defaults to true
allow_profile_lookup_federation_requests=true
# Config option to automatically deactivate the account of any user who attempts to join a:
# - banned room
# - forbidden room alias
# - room alias or ID with a forbidden server name
#
# This may be useful if all your banned lists consist of toxic rooms or servers that no good faith user would ever attempt to join, and
# to automatically remediate the problem without any admin user intervention.
#
# This will also make the user leave all rooms. Federation (e.g. remote room invites) are ignored here.
#
# Defaults to false as rooms can be banned for non-moderation-related reasons
#auto_deactivate_banned_room_attempts = false
### Admin Room and Console
# Controls whether the conduwuit admin room console / CLI will immediately activate on startup.
# This option can also be enabled with `--console` conduwuit argument
#
# Defaults to false
#admin_console_automatic = false
# Controls what admin commands will be executed on startup. This is a vector list of strings of admin commands to run.
#
# An example of this can be: `admin_execute = ["debug ping puppygock.gay", "debug echo hi"]`
#
# This option can also be configured with the `--execute` conduwuit argument and can take standard shell commands and environment variables
#
# Such example could be: `./conduwuit --execute "server admin-notice conduwuit has started up at $(date)"`
#
# Defaults to nothing.
#admin_execute = [""]
# Controls whether conduwuit should error and fail to start if an admin execute command (`--execute` / `admin_execute`) fails
#
# Defaults to false
#admin_execute_errors_ignore = false
# Controls the max log level for admin command log captures (logs generated from running admin commands)
#
# Defaults to "info" on release builds, else "debug" on debug builds
#admin_log_capture = info
# Allows admins to enter commands in rooms other than #admins by prefixing with \!admin. The reply
# will be publicly visible to the room, originating from the sender.
# defaults to true
#admin_escape_commands = true
### Misc
# max log level for conduwuit. allows debug, info, warn, or error
#log = "warn"
# see also: https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives
# **Caveat**:
# For release builds, the tracing crate is configured to only implement levels higher than error to avoid unnecessary overhead in the compiled binary from trace macros.
# For debug builds, this restriction is not applied.
#
# Defaults to "info"
#log = "info"
# controls whether encrypted rooms and events are allowed (default true)
#allow_encryption = false
# conduwuit will send a simple GET request periodically to `https://pupbrain.dev/check-for-updates/stable`
# if enabled, conduwuit will send a simple GET request periodically to `https://pupbrain.dev/check-for-updates/stable`
# for any new announcements made. Despite the name, this is not an update check
# endpoint, it is simply an announcement check endpoint. I don't plan on using
# this so feel free to disable it.
allow_check_for_updates=true
# Enables adding the lightning bolt emoji (⚡️) to all newly registered users'
# initial display names.
enable_lightning_bolt=false
# If you are using delegation via well-known files and you cannot serve them from your reverse proxy, you can
# uncomment these to serve them directly from conduwuit. This requires proxying all requests to conduwuit, not just `/_matrix` to work.
#well_known_server = "matrix.example.com:443"
#well_known_client = "https://matrix.example.com"
# Note that whatever you put will show up in the well-known JSON values.
# endpoint, it is simply an announcement check endpoint.
# Defaults to false.
#allow_check_for_updates = false
# Set to false to disable users from joining or creating room versions that aren't 100% officially supported by conduwuit.
# conduwuit officially supports room versions 6 - 10. conduwuit has experimental/unstable support for 1 - 5, and 11.
# conduwuit officially supports room versions 6 - 10. conduwuit has experimental/unstable support for 3 - 5, and 11.
# Defaults to true.
#allow_unstable_room_versions = true
# Option to control adding arbitrary text to the end of the user's displayname upon registration with a space before the text.
# This was the lightning bolt emoji option, just replaced with support for adding your own custom text or emojis.
# To disable, set this to "" (an empty string)
# Defaults to "🏳️⚧️" (trans pride flag)
#new_user_displayname_suffix = "🏳️⚧️"
# Option to control whether conduwuit will query your list of trusted notary key servers (`trusted_servers`) for
# remote homeserver signing keys it doesn't know *first*, or query the individual servers first before falling back to the trusted
# key servers.
#
# The former/default behaviour makes federated/remote rooms joins generally faster because we're querying a single (or list of) server
# that we know works, is reasonably fast, and is reliable for just about all the homeserver signing keys in the room. Querying individual
# servers may take longer depending on the general infrastructure of everyone in there, how many dead servers there are, etc.
#
# However, this does create an increased reliance on one single or multiple large entities as `trusted_servers` should generally
# contain long-term and large servers who know a very large number of homeservers.
#
# If you don't know what any of this means, leave this and `trusted_servers` alone to their defaults.
#
# Defaults to true as this is the fastest option for federation.
#query_trusted_key_servers_first = true
# List/vector of room **IDs** that conduwuit will make newly registered users join.
# The room IDs specified must be rooms that you have joined at least once on the server, and must be public.
#
# No default.
#auto_join_rooms = []
# Retry failed and incomplete messages to remote servers immediately upon startup. This is called bursting.
# If this is disabled, said messages may not be delivered until more messages are queued for that server.
# Do not change this option unless server resources are extremely limited or the scale of the server's
# deployment is huge. Do not disable this unless you know what you are doing.
#startup_netburst = true
# Limit the startup netburst to the most recent (default: 50) messages queued for each remote server. All older
# messages are dropped and not reattempted. The `startup_netburst` option must be enabled for this value to have
# any effect. Do not change this value unless you know what you are doing. Set this value to -1 to reattempt
# every message without trimming the queues; this may consume significant disk. Set this value to 0 to drop all
# messages without any attempt at redelivery.
#startup_netburst_keep = 50
# If the 'perf_measurements' feature is enabled, enables collecting folded stack trace profile of tracing spans using
# tracing_flame. The resulting profile can be visualized with inferno[1], speedscope[2], or a number of other tools.
# [1]: https://github.com/jonhoo/inferno
# [2]: www.speedscope.app
# tracing_flame = false
# If 'tracing_flame' is enabled, sets a filter for which events will be included in the profile.
# Supported syntax is documented at https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives
# tracing_flame_filter = "trace,h2=off"
# If 'tracing_flame' is enabled, set the path to write the generated profile.
# tracing_flame_output_path = "./tracing.folded"
# Enable the tokio-console. This option is only relevant to developers.
# See: docs/development.md#debugging-with-tokio-console for more information.
#tokio_console = false
# Enable backward-compatibility with Conduit's media directory by creating symlinks of media. This
# option is only necessary if you plan on using Conduit again. Otherwise setting this to false
# reduces filesystem clutter and overhead for managing these symlinks in the directory. This is now
# disabled by default. You may still return to upstream Conduit but you have to run Conduwuit at
# least once with this set to true and allow the media_startup_check to take place before shutting
# down to return to Conduit.
#
# Disabled by default.
#media_compat_file_link = false
# Prunes missing media from the database as part of the media startup checks. This means if you
# delete files from the media directory the corresponding entries will be removed from the
# database. This is disabled by default because if the media directory is accidentally moved or
# inaccessible the metadata entries in the database will be lost with sadness.
#
# Disabled by default.
#prune_missing_media = false
# Checks consistency of the media directory at startup:
# 1. When `media_compat_file_link` is enbled, this check will upgrade media when switching back
# and forth between Conduit and Conduwuit. Both options must be enabled to handle this.
# 2. When media is deleted from the directory, this check will also delete its database entry.
#
# If none of these checks apply to your use cases, and your media directory is significantly large
# setting this to false may reduce startup time.
#
# Enabled by default.
#media_startup_check = true
# OpenID token expiration/TTL in seconds
#
# These are the OpenID tokens that are primarily used for Matrix account integrations, *not* OIDC/OpenID Connect/etc
#
# Defaults to 3600 (1 hour)
#openid_token_ttl = 3600
# Emergency password feature. This password set here will let you login to the server service account (e.g. `@conduit`)
# and let you run admin commands, invite yourself to the admin room, etc.
#
# no default.
#emergency_password = ""
### Generic database options
# Set this to any float value to multiply conduwuit's in-memory LRU caches with.
# May be useful if you have significant memory to spare to increase performance.
#
# This was previously called `conduit_cache_capacity_modifier`
#
# Defaults to 1.0.
#conduit_cache_capacity_modifier = 1.0
#cache_capacity_modifier = 1.0
# Set this to any float value in megabytes for conduwuit to tell the database engine that this much memory is available for database-related caches.
# May be useful if you have significant memory to spare to increase performance.
# Defaults to 300.0
#db_cache_capacity_mb = 300.0
# Defaults to 256.0
#db_cache_capacity_mb = 256.0
### RocksDB options
# Set this to true to use RocksDB config options that are tailored to HDDs (slower device storage)
#
# It is worth noting that by default, conduwuit will use RocksDB with Direct IO enabled. *Generally* speaking this improves performance as it bypasses buffered I/O (system page cache).
# However there is a potential chance that Direct IO may cause issues with database operations if your setup is uncommon. This has been observed with FUSE filesystems, and possibly ZFS filesystem.
# RocksDB generally deals/corrects these issues but it cannot account for all setups.
# If you experience any weird RocksDB issues, try enabling this option as it turns off Direct IO and feel free to report in the conduwuit Matrix room if this option fixes your DB issues.
# See https://github.com/facebook/rocksdb/wiki/Direct-IO for more information.
#
# Defaults to false
#rocksdb_optimize_for_spinning_disks = false
# RocksDB log level. This is not the same as conduwuit's log level. This is the log level for RocksDB itself
# which show up in your database folder/path as `LOG` files. Defaults to warn. conduwuit will typically log RocksDB errors.
#rocksdb_log_level = "warn"
# Enables direct-io to increase database performance. This is enabled by default. Set this option to false if the
# database resides on a filesystem which does not support direct-io.
#rocksdb_direct_io = true
# RocksDB log level. This is not the same as conduwuit's log level. This is the log level for the RocksDB engine/library
# which show up in your database folder/path as `LOG` files. Defaults to error. conduwuit will typically log RocksDB errors as normal.
#rocksdb_log_level = "error"
# Max RocksDB `LOG` file size before rotating in bytes. Defaults to 4MB.
# Time in seconds before RocksDB will forcibly rotate logs. Defaults to 0.
#rocksdb_log_time_to_roll = 0
# Amount of threads that RocksDB will use for parallelism on database operatons such as cleanup, sync, flush, compaction, etc. Set to 0 to use all your logical threads.
#
# Defaults to your CPU logical thread count.
#rocksdb_parallelism_threads = 0
# Enables idle IO priority for compaction thread. This prevents any unexpected lag in the server's operation and
# is usually a good idea. Enabled by default.
#rocksdb_compaction_ioprio_idle = true
# Enables idle CPU priority for compaction thread. This is not enabled by default to prevent compaction from
# falling too far behind on busy systems.
#rocksdb_compaction_prio_idle = false
# Maximum number of LOG files RocksDB will keep. This must *not* be set to 0. It must be at least 1.
# Defaults to 3 as these are not very useful.
#rocksdb_max_log_files = 3
# Type of RocksDB database compression to use.
# Available options are "zstd", "zlib", "bz2", "lz4", or "none"
# It is best to use ZSTD as an overall good balance between speed/performance, storage, IO amplification, and CPU usage.
# For more performance but less compression (more storage used) and less CPU usage, use LZ4.
# See https://github.com/facebook/rocksdb/wiki/Compression for more details.
#
# "none" will disable compression.
#
# Defaults to "zstd"
#rocksdb_compression_algo = "zstd"
# Level of compression the specified compression algorithm for RocksDB to use.
# Default is 32767, which is internally read by RocksDB as the default magic number and
# translated to the library's default compression level as they all differ.
# See their `kDefaultCompressionLevel`.
#
#rocksdb_compression_level = 32767
# Level of compression the specified compression algorithm for the bottommost level/data for RocksDB to use.
# Default is 32767, which is internally read by RocksDB as the default magic number and
# translated to the library's default compression level as they all differ.
# See their `kDefaultCompressionLevel`.
#
# Since this is the bottommost level (generally old and least used data), it may be desirable to have a very
# high compression level here as it's lesss likely for this data to be used. Research your chosen compression algorithm.
#
#rocksdb_bottommost_compression_level = 32767
# Whether to enable RocksDB "bottommost_compression".
# At the expense of more CPU usage, this will further compress the database to reduce more storage.
# It is recommended to use ZSTD compression with this for best compression results.
# See https://github.com/facebook/rocksdb/wiki/Compression for more details.
#
# Defaults to false as this uses more CPU when compressing.
#rocksdb_bottommost_compression = false
# Level of statistics collection. Some admin commands to display database statistics may require
# this option to be set. Database performance may be impacted by higher settings.
#
# Option is a number ranging from 0 to 6:
# 0 = No statistics.
# 1 = No statistics in release mode (default).
# 2 to 3 = Statistics with no performance impact.
# 3 to 5 = Statistics with possible performance impact.
# 6 = All statistics.
#
# Defaults to 1 (No statistics, except in debug-mode)
# TURN secret to use for generating the HMAC-SHA1 hash apart of username and password generation
#
# this is more secure, but if needed you can use traditional username/password below.
#
# no default
#turn_secret = ""
# TURN username to provide the client
#
# no default
#turn_username = ""
# TURN password to provide the client
#
# no default
#turn_password = ""
# TURN TTL
#
# Default is 86400 seconds
#turn_ttl = 86400
# allow guests/unauthenticated users to access TURN credentials
#
# this is the equivalent of Synapse's `turn_allow_guests` config option. this allows
# any unauthenticated user to call `/_matrix/client/v3/voip/turnServer`.
#
# defaults to false
#turn_allow_guests = false
# Other options not in [global]:
#
#
# Enables running conduwuit with direct TLS support
# It is strongly recommended you use a reverse proxy instead. This is primarily relevant for test suites like complement that require a private CA setup.
# [global.tls]
# certs = "/path/to/my/certificate.crt"
# key = "/path/to/my/private_key.key"
#
# Whether to listen and allow for HTTP and HTTPS connections (insecure!)
# This config option is only available if conduwuit was built with `axum_dual_protocol` feature (not default feature)
# Defaults to false
#dual_protocol = false
# If you are using delegation via well-known files and you cannot serve them from your reverse proxy, you can
# uncomment these to serve them directly from conduwuit. This requires proxying all requests to conduwuit, not just `/_matrix` to work.
#
#[global.well_known]
#server = "matrix.example.com:443"
#client = "https://matrix.example.com"
#
# A single contact and/or support page for /.well-known/matrix/support
# All options here are strings. Currently only supports 1 single contact.
Information about downloading and deploying the Debian package. This may also be referenced for other `apt`-based distros such as Ubuntu.
Information about downloading, building and deploying the Debian package, see
the "Installing Conduit" section in [DEPLOY.md](../DEPLOY.md).
All following sections until "Setting up the Reverse Proxy" be ignored because
this is handled automatically by the packaging.
### Installation
Configuration
-------------
It is recommended to see the [generic deployment guide](../deploying/generic.md) for further information if needed as usage of the Debian package is generally related.
When installed, Debconf generates the configuration of the homeserver
(host)name, the address and port it listens on. This configuration ends up in
`/etc/matrix-conduit/conduit.toml`.
### Configuration
You can tweak more detailed settings by uncommenting and setting the variables
in `/etc/matrix-conduit/conduit.toml`. This involves settings such as the maximum
file size for download/upload, enabling federation, etc.
When installed, the example config is placed at `/etc/conduwuit/conduwuit.toml` as the default config. At the minimum, you will need to change your `server_name` here.
Running
-------
You can tweak more detailed settings by uncommenting and setting the config options
in `/etc/conduwuit/conduwuit.toml`.
The package uses the `matrix-conduit.service` systemd unit file to start and
stop Conduit. It loads the configuration file mentioned above to set up the
environment before running the server.
### Running
This package assumes by default that Conduit will be placed behind a reverse
proxy such as Apache or nginx. This default deployment entails just listening
on `127.0.0.1` and the free port `6167` and is reachable via a client using the URL
<http://localhost:6167>.
The package uses the [`conduwuit.service`](../configuration/examples.md#example-systemd-unit-file) systemd unit file to start and stop conduwuit. The binary is installed at `/usr/sbin/conduwuit`.
At a later stage this packaging may support also setting up TLS and running
stand-alone. In this case, however, you need to set up some certificates and
renewal, for it to work properly.
This package assumes by default that conduwuit will be placed behind a reverse proxy. The default config options apply (listening on `localhost` and TCP port `6167`). Matrix federation requires a valid domain name and TLS, so you will need to set up TLS certificates and renewal for it to work properly if you intend to federate.
Consult various online documentation and guides on setting up a reverse proxy and TLS. Caddy is documented at the [generic deployment guide](../deploying/generic.md#setting-up-the-reverse-proxy) as it's the easiest and most user friendly.
# Set this to true to allow your server's public room directory to be queried without client
# authentication (access token) through the Client APIs. Set this to false to protect against /publicRooms spiders.
allow_public_room_directory_without_auth = false
# Set this to true to allow federating device display names / allow external users to see your device display name.
# If federation is disabled entirely (`allow_federation`), this is inherently false. For privacy, this is best disabled.
allow_device_name_federation = false
# Vector list of domains allowed to send requests to for URL previews. Defaults to none.
# Note: this is a *contains* match, not an explicit match. Putting "google.com" will match "https://google.com" and "http://mymaliciousdomainexamplegoogle.com"
# Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so.
url_preview_domain_contains_allowlist = []
# Vector list of explicit domains allowed to send requests to for URL previews. Defaults to none.
# Note: This is an *explicit* match, not a ccontains match. Putting "google.com" will match "https://google.com", "http://google.com", but not "https://mymaliciousdomainexamplegoogle.com"
# Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so.
url_preview_domain_explicit_allowlist = []
# Vector list of URLs allowed to send requests to for URL previews. Defaults to none.
# Note that this is a *contains* match, not an explicit match. Putting "google.com" will match "https://google.com/", "https://google.com/url?q=https://mymaliciousdomainexample.com", and "https://mymaliciousdomainexample.com/hi/google.com"
# Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so.
url_preview_url_contains_allowlist = []
# Maximum amount of bytes allowed in a URL preview body size when spidering. Defaults to 1MB (1_000_000 bytes)
url_preview_max_spider_size = 1_000_000
# Option to decide whether you would like to run the domain allowlist checks (contains and explicit) on the root domain or not. Does not apply to URL contains allowlist. Defaults to false.
# Example: If this is enabled and you have "wikipedia.org" allowed in the explicit and/or contains domain allowlist, it will allow all subdomains under "wikipedia.org" such as "en.m.wikipedia.org" as the root domain is checked and matched.
# Useful if the domain contains allowlist is still too broad for you but you still want to allow all the subdomains under a root domain.
url_preview_check_root_domain = false
### Misc
# max log level for conduwuit. allows debug, info, warn, or error
#log = "warn"
# controls whether encrypted rooms and events are allowed (default true)
#allow_encryption = false
# conduwuit will send a simple GET request periodically to `https://pupbrain.dev/check-for-updates/stable`
# for any new announcements made. Despite the name, this is not an update check
# endpoint, it is simply an announcement check endpoint. I don't plan on using
# this so feel free to disable it.
allow_check_for_updates = true
# Enables adding the lightning bolt emoji (⚡️) to all newly registered users'
# initial display names.
enable_lightning_bolt = false
# If you are using delegation via well-known files and you cannot serve them from your reverse proxy, you can
# uncomment these to serve them directly from conduwuit. This requires proxying all requests to conduwuit, not just `/_matrix` to work.
#well_known_server = "matrix.example.com:443"
#well_known_client = "https://matrix.example.com"
# Note that whatever you put will show up in the well-known JSON values.
# Set to false to disable users from joining or creating room versions that aren't 100% officially supported by conduwuit.
# conduwuit officially supports room versions 6 - 10. conduwuit has experimental/unstable support for 1 - 5, and 11.
# Defaults to true.
#allow_unstable_room_versions = true
# Set this to any float value to multiply conduwuit's in-memory LRU caches with.
# May be useful if you have significant memory to spare to increase performance.
# Defaults to 1.0.
#conduit_cache_capacity_modifier = 1.0
# Set this to any float value in megabytes for conduwuit to tell the database engine that this much memory is available for database-related caches.
# May be useful if you have significant memory to spare to increase performance.
# Defaults to 900.0
#db_cache_capacity_mb = 900.0
### RocksDB options
# Set this to true to use RocksDB config options that are tailored to HDDs (slower device storage)
#rocksdb_optimize_for_spinning_disks = false
# RocksDB log level. This is not the same as conduwuit's log level. This is the log level for RocksDB itself
# which show up in your database folder/path as `LOG` files. Defaults to warn. conduwuit will typically log RocksDB errors.
#rocksdb_log_level = "warn"
# Max RocksDB `LOG` file size before rotating in bytes. Defaults to 4MB.
#rocksdb_max_log_file_size = 4194304
# Time in seconds before RocksDB will forcibly rotate logs. Defaults to 0.
#rocksdb_log_time_to_roll = 0
### Presence
# Config option to control local (your server only) presence updates/requests. Defaults to false.
# Note that presence on conduwuit is very fast unlike Synapse's.
# If using outgoing presence, this MUST be enabled.
#allow_local_presence = false
# Config option to control incoming federated presence updates/requests. Defaults to false.
# This option receives presence updates from other servers, but does not send any unless `allow_outgoing_presence` is true.
# Note that presence on conduwuit is very fast unlike Synapse's.
#allow_incoming_presence = false
# Config option to control outgoing presence updates/requests. Defaults to false.
# This option sends presence updates to other servers, but does not receive any unless `allow_incoming_presence` is true.
# Note that presence on conduwuit is very fast unlike Synapse's.
# If using outgoing presence, you MUST enable `allow_local_presence` as well.
#
# Warning: Outgoing federated presence is not spec compliant due to relying on PDUs and EDUs combined.
# Outgoing presence will not be very reliable due to this and any issues with federated outgoing presence are very likely attributed to this issue.
# Incoming presence and local presence are unaffected.
#allow_outgoing_presence = false
# Config option to control how many seconds before presence updates that you are idle. Defaults to 5 minutes.
#presence_idle_timeout_s = 300
# Config option to control how many seconds before presence updates that you are offline. Defaults to 30 minutes.
#presence_offline_timeout_s = 1800
EOF
# symlink the previous location for compatibility if it does not exist yet.
> **Note:** To run and use Conduit you should probably use it with a Domain or Subdomain behind a reverse proxy (like Nginx, Traefik, Apache, ...) with a Lets Encrypt certificate.
## Docker
To run conduwuit with Docker you can either build the image yourself or pull it from a registry.
### Use a registry
OCI images for conduwuit are available in the registries listed below. We recommend using the image tagged as `latest` from GitLab's own registry.
The Dockerfile provided by Conduit has two stages, each of which creates an image.
1.**Builder:** Builds the binary from local context or by cloning a git revision from the official repository.
2.**Runner:** Copies the built binary from **Builder** and sets up the runtime environment, like creating a volume to persist the database and applying the correct permissions.
To build the image you can use the following command
```bash
docker build --tag girlbossceo/conduwuit:main .
```
which also will tag the resulting image as `girlbossceo/conduwuit:main`.
### Run
When you have the image you can simply run it with
```bash
docker run -d -p 8448:6167 \
-v db:/var/lib/matrix-conduit/ \
-e CONDUIT_SERVER_NAME="your.server.name"\
-e CONDUIT_DATABASE_BACKEND="rocksdb"\
-e CONDUIT_ALLOW_REGISTRATION=true\
-e CONDUIT_ALLOW_FEDERATION=true\
-e CONDUIT_MAX_REQUEST_SIZE="20000000"\
-e CONDUIT_TRUSTED_SERVERS="[\"matrix.org\"]"\
-e CONDUIT_MAX_CONCURRENT_REQUESTS="500"\
-e CONDUIT_LOG="warn,ruma_state_res=warn"\
--name conduit <link>
```
or you can use [docker-compose](#docker-compose).
The `-d` flag lets the container run in detached mode. You now need to supply a `conduit.toml` config file, an example can be found [here](../conduit-example.toml).
You can pass in different env vars to change config values on the fly. You can even configure Conduit completely by using env vars, but for that you need
to pass `-e CONDUIT_CONFIG=""` into your container. For an overview of possible values, please take a look at the `docker-compose.yml` file.
If you just want to test Conduit for a short time, you can use the `--rm` flag, which will clean up everything related to your container after you stop it.
### Docker-compose
If the `docker run` command is not for you or your setup, you can also use one of the provided `docker-compose` files.
Depending on your proxy setup, you can use one of the following files;
- If you already have a `traefik` instance set up, use [`docker-compose.for-traefik.yml`](docker-compose.for-traefik.yml)
- If you don't have a `traefik` instance set up (or any other reverse proxy), use [`docker-compose.with-traefik.yml`](docker-compose.with-traefik.yml)
- For any other reverse proxy, use [`docker-compose.yml`](docker-compose.yml)
When picking the traefik-related compose file, rename it so it matches `docker-compose.yml`, and
rename the override file to `docker-compose.override.yml`. Edit the latter with the values you want
for your server.
Additional info about deploying Conduit can be found [here](../DEPLOY.md).
### Build
To build the Conduit image with docker-compose, you first need to open and modify the `docker-compose.yml` file. There you need to comment the `image:` option and uncomment the `build:` option. Then call docker-compose with:
```bash
docker-compose up
```
This will also start the container right afterwards, so if want it to run in detached mode, you also should use the `-d` flag.
### Run
If you already have built the image or want to use one from the registries, you can just start the container and everything else in the compose file in detached mode with:
```bash
docker-compose up -d
```
> **Note:** Don't forget to modify and adjust the compose file to your needs.
### Use Traefik as Proxy
As a container user, you probably know about Traefik. It is a easy to use reverse proxy for making
containerized app and services available through the web. With the two provided files,
[`docker-compose.with-traefik.yml`](docker-compose.with-traefik.yml)) and [`docker-compose.override.yml`](docker-compose.override.yml) from the repository and remove `.for-traefik` (or `.with-traefik`) from the filename.
2. Open both files and modify/adjust them to your needs. Meaning, change the `CONDUIT_SERVER_NAME` and the volume host mappings according to your needs.
3. Create the `conduit.toml` config file, an example can be found [here](../conduit-example.toml), or set `CONDUIT_CONFIG=""` and configure Conduit per env vars.
4. Uncomment the `element-web` service if you want to host your own Element Web Client and create a `element_config.json`.
5. Create the files needed by the `well-known` service.
-`./nginx/matrix.conf` (relative to the compose file, you can change this, but then also need to change the volume mapping)
7. Connect to your homeserver with your preferred client and create a user. You should do this immediately after starting Conduit, because the first created user is the admin.
## Voice communication
In order to make or receive calls, a TURN server is required. Conduit suggests using [Coturn](https://github.com/coturn/coturn) for this purpose, which is also available as a Docker image. Before proceeding with the software installation, it is essential to have the necessary configurations in place.
### Configuration
Create a configuration file called `coturn.conf` containing:
```conf
use-auth-secret
static-auth-secret=<a secret key>
realm=<your server domain>
```
A common way to generate a suitable alphanumeric secret key is by using `pwgen -s 64 1`.
These same values need to be set in conduit. You can either modify conduit.toml to include these lines:
```
turn_uris = ["turn:<your server domain>?transport=udp", "turn:<your server domain>?transport=tcp"]
turn_secret = "<secret key from coturn configuration>"
```
or append the following to the docker environment variables dependig on which configuration method you used earlier:
```yml
CONDUIT_TURN_URIS: '["turn:<your server domain>?transport=udp", "turn:<your server domain>?transport=tcp"]'
CONDUIT_TURN_SECRET: "<secret key from coturn configuration>"
```
Restart Conduit to apply these changes.
### Run
Run the [Coturn](https://hub.docker.com/r/coturn/coturn) image using
```bash
docker run -d --network=host -v $(pwd)/coturn.conf:/etc/coturn/turnserver.conf coturn/coturn
```
or docker-compose. For the latter, paste the following section into a file called `docker-compose.yml`
and run `docker-compose up -d` in the same directory.
```yml
version: 3
services:
turn:
container_name: coturn-server
image: docker.io/coturn/coturn
restart: unless-stopped
network_mode: "host"
volumes:
- ./coturn.conf:/etc/coturn/turnserver.conf
```
To understand why the host networking mode is used and explore alternative configuration options, please visit the following link: https://github.com/coturn/coturn/blob/master/docker/coturn/README.md.
For security recommendations see Synapse's [Coturn documentation](https://github.com/matrix-org/synapse/blob/develop/docs/setup/turn/coturn.md#configuration).
/// - List all rooms we are currently handling an incoming pdu from
IncomingFederation,
/// - Disables incoming federation handling for a room.
DisableRoom{
room_id: Box<RoomId>,
},
/// - Enables incoming federation handling for a room again.
EnableRoom{
room_id: Box<RoomId>,
},
/// - Fetch `/.well-known/matrix/support` from the specified server
///
/// Despite the name, this is not a federation endpoint and does not go
/// through the federation / server resolution process as per-spec this is
/// supposed to be served at the server_name.
///
/// Respecting homeservers put this file here for listing administration,
/// moderation, and security inquiries. This command provides a way to
/// easily fetch that information.
FetchSupportWellKnown{
server_name: Box<ServerName>,
},
/// - Lists all the rooms we share/track with the specified *remote* user
RemoteUserInRooms{
user_id: Box<UserId>,
},
}
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
strawberry
morguldir
Jason Volk
renovate[bot]
Matthias Ahouansou
Aurora Master
Matthew Scheffel
skedastically
Myned
Charles Hall
AlexPewMaster
AlexPewMaster
Christoph Dittmann
Jacob Taylor
Kimiblock Moe
Paul Robertson
Integral
PedroHLC
Benjamin Lee
Lux Aliaga
Tom Black
Jayryn
slonkazoid
Xiretza
Matt Moriarity
Tom Foster
AwesomeQubic
strawberry
raizo
K900
Timo Kösters
Samuel Meenzen
sininenkissa
olly1240
EPS-DEV
