Commit graph

2280 commits

Author SHA1 Message Date
strawberry
950d69eb66 build OCI images for x86_64 and aarch64 in CI
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
468009fce5 fix wrong artifact path in gitlab ci
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
1f3b91accd remove redundant copy and just use path
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
Charles Hall
d68268da2e pass pkgsCrossStatic to mkOciImage, not pkgsHost
This fixes a bug where the aarch64 OCI image had metadata saying it was
an x86_64 OCI image. On top of that, I think the metadata was actually
right (aside from Conduit's binary): since all other packages were being
pulled from `pkgsHost`, an OCI image cross compiled for aarch64 from a
different architecture would result in unexecutable binaries (e.g. tini)
since they were compiled for the completely wrong architecture.

from: https://gitlab.com/famedly/conduit/-/merge_requests/579

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
fb1fa4364d downgrade rust-rocksdb back to latest stable
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
Charles Hall
8954243457 switch crane input back to upstream
Thanks to the crane maintainer to fixing my issue in a way that doesn't
suck, unlike my attempt in the fork we were briefly using.

from: https://gitlab.com/famedly/conduit/-/merge_requests/576

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
Charles Hall
79750b9685 make complement (mostly) work again
Well, kinda. It crashed on me after 10 minutes because the tests timed
out like in <https://github.com/matrix-org/complement/issues/394>.
Sounds like this means it's a them problem though.

I want to use Nix to build this image instead in the future but this
will at least make it work for now and give me a reference for while I'm
porting it. I also want to make Conduit natively understand Complement's
requirements instead of `sed`ing a bunch of stuff and needing a reverse
proxy in the container. Should be more reliable that way.

I'm not making this run in CI until the above stuff is addressed and
until I can decide on a way to pin the revision of Complement being
tested against.

from: https://gitlab.com/famedly/conduit/-/merge_requests/575

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
bc421ec96b add -L to nix build command
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
33847b8b4b fix syntax error (both uses and run)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
77e8a6e5ae port some of artifacts building to gh actions (attempt 1)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry
aa3fd6a47e switch cargo.toml pkg name back to conduit
we already make it clear this is a fork with
our version and such

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
strawberry
24605e151d make allow_federation default to true
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
Charles Hall
c329eb197d add ca certificates to the OCI image
Without this, checking the authority of TLS certificates fails, making
Conduit (rightly) refuse to connect to anything.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
strawberry
81a4f9e539 use main instead of latest for docker tag
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
strawberry
fd19d132eb make nix-build-and-cache executable
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 20:39:01 -05:00
strawberry
8793abf41f does this work
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 19:47:54 -05:00
strawberry
331b63ca40 upstream nix changes, make rocksdb git work
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 19:47:54 -05:00
strawberry
35ebc459fa add explicit_outlives_requirements rustc lint
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 19:47:54 -05:00
strawberry
5a8a3c742d s/15000/10000
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 19:47:54 -05:00
Charles Hall
620bfacc30 ci: cross compile static binaries for x86_64 and aarch64
from https://gitlab.com/famedly/conduit/-/merge_requests/569

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-26 19:47:54 -05:00
kubo6472
7588790c3b bump nix cache
Fix nodejs v16 incompatible/deprecation
2024-01-25 20:20:27 -05:00
strawberry
4ac568769b improvement: registration token now only works when registration is enabled
Co-authored-by: Timo Kösters <timo@koesters.xyz>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
ab0b52ef1e update DIFFERENCES.md
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
8b6bd8e89e add cargo clippy
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
2c51cdc23b update nix flake for gitlab CI building docker images
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
0e8267656f fix room ID messages, remove comments
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
08a183e8c7 assume well-known is None if text length exceeds 10000 chars
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
Charles Hall
ec7aeb1096 move resolver logic into the resolver
Honestly not sure why it wasn't done like this before. This code is much
less awkward to follow and more compartmentalized.

These changes were mainly motivated by a clippy lint triggering on the
original code, which then made me wonder if I could get rid of some of
the `Box`ing. Turns out I could, and this is the result of that.

Co-authored-by: strawberry <strawberry@puppygock.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
1536f08d81 use both is_ip_literal and IPAddress is_valid checks
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
9858b33b37 just remove double quotes if found instead
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
e0419d9c5d custom room ID checks, dont use format! macro due to quotes being added
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
7eff572e77 check if room ID already exists instead of erroring on auth check
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
8754f0e2a5 additional character check on room alias
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
e272f0f34f update DIFFERENCES.md
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
89d9cdeb3a IP range denylist logging, and fix logic error
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
382347353e add custom room ID support using room_id field
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
2980af6490 move room creation config check higher up
dont bother wasting resources if we know we
arent even allowed to make the room to begin with

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
ead9a58dce dont crash failing to deserialise room creation content
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
3453dcc344 add error checking to room aliases
length, colon, and spaces. also dont crash.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
b51d148899 remove random space
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
6c1358d0c8 send home_server on login response again
a 6+ year old deprecated field that isnt even spelled
right, and no clients use it must still be sent
according to spec

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
9d1ca3e84a update deps
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
114369bcf6 delete Dockerfile
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
fa0c083555 don't send requests to specified list of IP CIDRs
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.

i may find a better way to do this in the future, but this should cover
most areas anyways.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
71d247232d oops forgot that endpoint too
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
6c75087863 eat less of client parameters for media requests
still cantt respect allow_redirect yet

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
ab6cb4ad2d switch back to expect for sender_user
as far as i can tell, it will return a normal
error in the auth token handling code so this is fine.
we also shouldnt assume all errors from this are
access_token related.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
02bc818633 match explicit URI to see if we should authenticate the user
first attempt at forcing an endpoint to be authenticated

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
1de7980143 update DIFFERENCES.md so far
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry
dc9c86d3db bump ruma, rusqlite, and rocksdb
latest rocksdb now has WriteBufferManager support

i hope no one is using sqlite with conduwuit, but if they are let's
bump it to latest git too for the latest sqlite version available.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00