| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
| |
Co-authored-by: Patrick Cloke <patrickc@matrix.org>
|
| |
|
|
|
|
| |
(#16609)
simple_update_many_txn had a bug in it which would cause each
update to be applied twice.
|
| |
|
|
|
|
| |
If simple_{insert,upsert,update}_many_txn is called without any data
to modify then return instead of executing the query.
This matches the behavior of simple_{select,delete}_many_txn.
|
| |
|
|
| |
Expand tests for the simple_* database methods, additionally
test against both PostgreSQL and SQLite variants.
|
| |
|
|
|
|
|
|
| |
Fetch information needed for push rule evaluation in parallel.
Ideally this would use query pipelining, but this is not
available in psycopg2.
Due to the database thread pool this may result in little
to no parallelization.
|
| |
|
|
|
|
|
|
|
|
| |
Previously only Twisted's EPollReactor was compatible with the
reactor timing metric, notably not working when asyncio was used.
After this change, the following configurations support the reactor
timing metric:
* poll, epoll, or select reactors
* asyncio reactor with a poll, epoll, select, /dev/poll, or kqueue event loop.
|
| |
|
|
|
|
|
|
|
|
|
| |
The event persistence code used to handle multiple rooms
at a time, but was simplified to only ever be called with a
single room at a time (different rooms are now handled in
parallel). The code is still generic to multiple rooms causing
a lot of work that is unnecessary (e.g. unnecessary loops, and
partitioning data by room).
This strips out the ability to handle multiple rooms at once, greatly
simplifying the code.
|
| |
|
|
|
| |
Just to standardize on the normal helpers, it might also have
a slight perf improvement on PostgreSQL which will now use
`ANY (?)` instead of `IN (?, ?, ...)`.
|
| | |
|
| |
|
|
|
| |
getfullargspec is relatively expensive and the results will
not change between calls, so precalculate it outside the
wrapper.
|
| | |
|
| |
|
|
| |
7a3a55ac98847d7adb0e200378abe07ef8d0c645.
|
| | |
|
| |
|
|
| |
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
|
| |
|
|
| |
We can bail early if the from token is greater than or equal to the
current token.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This is mostly useful for federated rooms where some users
would get stuck in the invite or knock state when the room
was purged from their homeserver.
|
| |
|
| |
Follow on from / actually correctly does #16557
|
| | |
|
| |
|
| |
c.f. #16481
|
| | |
|
| |
|
|
| |
(#16549)
|
| |
|
| |
Mostly to improve type safety.
|
| |
|
|
|
|
|
|
|
|
| |
This adds a module API which allows a module to update a user's
presence state/status message. This is useful for controlling presence
from an external system.
To fully control presence from the module the presence.enabled config
parameter gains a new state of "untracked" which disables internal tracking
of presence changes via user actions, etc. Only updates from the module will
be persisted and sent down sync properly).
|
| |
|
|
|
| |
tuples (#16505)
This should use fewer allocations and improves type hints.
|
| |
|
| |
Fixes #16417
|
| | |
|
| |
|
|
| |
sending worker (#16515)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix bug where a new writer advances their token too quickly
When starting a new writer (for e.g. persisting events), the
`MultiWriterIdGenerator` doesn't have a minimum token for it as there
are no rows matching that new writer in the DB.
This results in the the first stream ID it acquired being announced as
persisted *before* it actually finishes persisting, if another writer
gets and persists a subsequent stream ID. This is due to the logic of
setting the minimum persisted position to the minimum known position of
across all writers, and the new writer starts off not being considered.
* Fix sending out POSITIONs when our token advances without update
Broke in #14820
* For replication HTTP requests, only wait for minimal position
|
| |
|
|
|
| |
(#16540)
This could happen if the last rows in the account data stream were inserted into `account_data`. After a restart the max account ID would be calculated without looking at the `account_data` table, and so have an old ID.
|
| |
|
|
|
|
|
|
|
|
| |
If using the script remotely, there's no particularly convincing reason
to disable certificate verification, as this makes the connection
interceptible.
If on the other hand, the script is used locally (the most common use
case), you can simply target the HTTP listener and avoid TLS altogether.
This is what the script already attempts to do if passed a homeserver
configuration YAML file.
|
| |
|
|
| |
This table was no longer used, except for a background process
which purged old entries in it.
|
| |
|
|
|
|
|
|
| |
This splits thinsg into two queries, but most of the time we won't have
new event backwards extremities so this shouldn't actually add an extra
RTT for the majority of cases.
Note this removes the check for events with no prev events, but that was
part of MSC2716 work that has since been removed.
|
| | |
|
| | |
|
| |
|
| |
To improve type safety & memory usage.
|
| |
|
|
| |
After this change a server will only be reported as back online
if they were previously having requests fail.
|
| |
|
| |
For improved type checking & memory usage.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
(#16465)
This reverts commit cabd57746004fe2dacc11aa8d373854a3d25e306.
There are additional usages of these tables
which need to be removed first.
|
| |
|
| |
This improves type annotations by not having a dictionary of Any values.
|
| | |
|
| | |
|
| |
|
|
| |
This only has a single use and is over abstracted. Inline it so that
we can improve type hints.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Disable statement timeout whilst purging rooms
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Note the introduction version
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bump ruff from 0.0.290 to 0.0.292
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.290 to 0.0.292.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.0.290...v0.0.292)
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix up lint
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Erik Johnston <erik@matrix.org>
|
| |
|
| |
Fixes #16396
|
| | |
|
| | |
|
| |
|
|
| |
Improves type hints by using concrete types instead of
dictionaries.
|
| |
|
|
| |
Drop the event_txn_id table and the tables related to MSC2716,
which is no longer supported in Synapse.
|
| |
|
|
|
|
|
|
|
| |
Synapse was incorrectly implemented with a knock_state_events
property on some APIs (instead of knock_room_state). This was
correct in Synapse 1.70.0, but *both* fields were sent to also be
compatible with Synapse versions expecting the wrong field.
Enough time has passed that only the correct field needs to be
included/handled.
|
| | |
|
| |
|
|
|
| |
This converts the media servlet URLs in the same way as
(most) of the rest of Synapse. This will give more flexibility
in the versions each endpoint exists under.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This avoids calling cursor_to_dict and then immediately
unpacking the values in the dict for other users. By not
creating the intermediate dictionary we can avoid allocating
the dictionary and strings for the keys, which should generally
be more performant.
Additionally this improves type hints by avoid Dict[str, Any]
dictionaries coming out of the database layer.
|
| |
|
| |
To slightly reduce the amount of memory each command takes.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Co-authored-by: David Robertson <davidr@element.io>
Co-authored-by: Patrick Cloke <patrickc@matrix.org>
Co-authored-by: Erik Johnston <erik@matrix.org>
Assert that the return type of callables wrapped in @cached
and @cachedList are cachable (aka immutable).
|
| |
|
|
| |
There's no reason to expose the full Python version over what is
frequently a public API.
|
| |
|
|
|
|
| |
This is because if a worker reaches ~100% CPU then everything starts
lagging and we hit the log line a lot. When at error we invoke sentry
and that has a lot of overhead, which then puts even more pressure on
the worker.
|
| |
|
|
|
| |
Use an `inline` Content-Disposition header when the media is
"safe" to display inline (some known text, image, video, audio
formats).
|
| | |
|
| |
|
|
|
| |
* Pre-compiles the server ACLs onto an object per room and
invalidates them when new events come in.
* Converts the server ACL checking into Rust.
|
| |
|
|
| |
This unstable push rule is implemented behind an experimental
configuration flag.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14
Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.21.11 to 2.9.21.14.
- [Commits](https://github.com/python/typeshed/commits)
---
updated-dependencies:
- dependency-name: types-psycopg2
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Relax the annotation of Cursor.description
See
https://github.com/matrix-org/synapse/pull/16343#issuecomment-1726083384
for rationale.
* Changelog
* Changelog
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: David Robertson <davidr@element.io>
|
| |
|
| |
While maintaining support with pydantic v1.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick Cloke <patrickc@matrix.org>
|
| |
|
|
| |
Co-authored-by: Hanadi Tamimi <hanadi.tamimi@sdui.de>
|
| | |
|
| | |
|
| |
|
|
| |
Reject invalid receipts with a reasonable error message &
expands tests for receipts.
|
| | |
|
| |
|
|
|
|
| |
Also add restore of purge/shutdown rooms after a synapse restart.
Co-authored-by: Eric Eastwood <erice@matrix.org>
Co-authored-by: Erik Johnston <erikj@matrix.org>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Refresh tokens were not correctly moved to the rehydrated
device (similar to how the access token is currently handled).
This resulted in invalid refresh tokens after rehydration.
|
| | |
|
| | |
|
| |
|
|
|
| |
Introduced in #16240
The action for the task was only defined on the "master" handler, rather than the base worker one.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Adds both the List-Unsubscribe (RFC2369) and List-Unsubscribe-Post (RFC8058)
headers to push notification emails, which together should:
* Show an "Unsubscribe" link in the MUA UI when viewing Synapse notification emails.
* Enable "one-click" unsubscribe (the user never leaves their MUA, which automatically
makes a POST request to the specified endpoint).
|
| | |
|
| | |
|
| |
|
| |
Enable additional checks & clean-up unneeded configuration.
|
| | |
|
| |
|
|
|
| |
Using the new `TaskScheduler` meant that we'ed create lots of new
metrics (due to adding task ID to the desc of background process),
resulting in requests for metrics taking an increasing amount of CPU.
|
| |
|
|
| |
During the UI auth process, avoid storing sensitive information
into the database.
|
| | |
|
| |
|
|
| |
This fixes a bug where we could get stuck re-requesting the device over
replication again and again.
|
| | |
|
| | |
|
| |
|
|
| |
Similar to OIDC, CAS providers can now disable registration such
that only existing users are able to login via SSO.
|
| |\ |
|
| | |\ |
|
| | | |
| | |
| | |
| | | |
(#16258)
|
| | | |
| | |
| | |
| | |
| | | |
I don't think has caused any actual issues.
Introduced in #15891
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
options that refer to numbers of bytes. (#16219)
* Add more suffixes to `parse_size`
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Allow user_id to be optional for room deletion
* Add module API method to delete a room
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Don't worry about the case block=True && requester_user_id is None
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| | | | |
|
| | | |
| | |
| | |
| | | |
(#16251)
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
* Correctly handle multiple rows per server/key
* Newsfile
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a (long) timeout to when a "busy" device is considered not online.
This does *not* match MSC3026, but is a reasonable thing for an
implementation to do.
Expands tests for the (unstable) busy presence with multiple devices.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Tracks presence on an individual per-device basis and combine
the per-device state into a per-user state. This should help in
situations where a user has multiple devices with conflicting status
(e.g. one is syncing with unavailable and one is syncing with online).
The tie-breaking is done by priority:
BUSY > ONLINE > UNAVAILABLE > OFFLINE
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Bump twisted from 22.10.0 to 23.8.0
Bumps [twisted](https://github.com/twisted/twisted) from 22.10.0 to 23.8.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-22.10.0...twisted-23.8.0)
---
updated-dependencies:
- dependency-name: twisted
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix types
* Fix lint
* Newsfile
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Erik Johnston <erik@matrix.org>
|
| | |
| |
| |
| | |
(#16223)
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
I don't think has caused any actual issues.
Introduced in #15891
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Fix rare bug that broke looping calls
We can't interact with the reactor from the main thread via looping
call.
Introduced in v1.90.0 / #15791.
* Newsfile
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Refactoring to use both the user ID & the device ID when tracking
the currently syncing users in the presence handler.
This is done both locally and over replication. Note that the device
ID is discarded but will be used in a future change.
|
| | | |
|
| | |
| |
| |
| | |
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| | |
| |
| |
| | |
Use Twisted HostnameEndpoint to connect to SMTP servers (instead
of connectTCP/connectSSL) which properly supports IPv6-only servers.
|
| | |
| |
| |
| | |
same or higher PL (#16205)
|
| | |
| |
| |
| |
| |
| | |
Refactoring to pass the device ID (in addition to the user ID) through
the presence handler (specifically the `user_syncing`, `set_state`,
and `bump_presence_active_time` methods and their replication
versions).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Simplify some of the presence code by reducing duplicated code between
worker & non-worker modes.
The main change is to push some of the logic from `user_syncing` into
`set_state`. This is done by passing whether the user is setting the presence
via a `/sync` with a new `is_sync` flag to `set_state`. If this is `true` some
additional logic is performed:
* Don't override `busy` presence.
* Update the `last_user_sync_ts`.
* Never update the status message.
|
| | | |
|
| | | |
|
| | |
| |
| | |
To avoid 500 internal server errors with garbage input.
|
| | |
| |
| |
| | |
The include_all_networks was previously sent in the JSON body as
string "true" and "false" instead of boolean true and false.
|
| | | |
|
| | | |
|
| | |
| |
| | |
Implements MSC4041 behind an experimental configuration flag.
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Properly update retry_last_ts when hitting the maximum retry interval
This was broken in 1.87 when the maximum retry interval got changed from
almost infinite to a week (and made configurable).
fixes #16101
Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
* Add changelog
* Change fix + add test
* Add comment
---------
Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
|
| | |
|
| |
|
| |
We do this by marking the tables as `UNLOGGED` in PostgreSQL.
|
| | |
|
| | |
|
| |
|
|
| |
revocations (#16125)
|
| | |
|
| |
|
|
| |
(#16030)
|
| |
|
|
| |
(#15891)
|
| |
|
|
|
|
|
| |
If we don't have all the auth events in a room then not all state events will have a chain cover index. Even so, we can still use the chain cover index on the events that do have it, rather than bailing and using the slower functions.
This situation should not arise for newly persisted rooms, as we check we have the full auth chain for each event, but can happen for existing rooms.
c.f. #15245
|
| | |
|
| | |
|
| |
|
| |
See #16119
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
We were seeing serialization errors when taking out multiple read locks.
The transactions were retried, so isn't causing any failures.
Introduced in #15782.
|
| | |
|
| |
|
| |
Fixes #15502
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
See: #16053
Signed off by Nick @ Beeper (@Fizzadar)
|
| |
|
|
|
|
|
|
|
|
|
| |
* Fix the method signature of `run_db_interaction` on the module API
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| |
|
|
|
|
|
|
| |
Misc. clean-ups to:
* Use keyword arguments.
* Return early (reducing indentation) of some functions.
* Removing duplicated / unused code.
* Use wrap_as_background_process.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add a module API function to provide `call_later`
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* Add comments
* Update version number
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
automatically. (This table is not used when Synapse is configured to use SQLite.) (#15868)
* Add a cache invalidation clean-up task
* Run the cache invalidation stream clean-up on the background worker
* Tune down
* call_later is in millis!
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
* fixup! Add a cache invalidation clean-up task
* Update synapse/storage/databases/main/cache.py
Co-authored-by: Eric Eastwood <erice@element.io>
* Update synapse/storage/databases/main/cache.py
Co-authored-by: Eric Eastwood <erice@element.io>
* MILLISEC -> MS
* Expand on comment
* Move and tweak comment about Postgres
* Use `wrap_as_background_process`
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
Co-authored-by: Eric Eastwood <erice@element.io>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
`device_id`) (#15629)
For now this maintains compatible with old Synapses by falling back
to using transaction semantics on a per-access token. A future version
of Synapse will drop support for this.
|
| |
|
|
| |
configuration option (#16017)
|
| |
|
|
|
|
|
|
|
|
|
| |
Adds three new configuration variables:
* destination_min_retry_interval is identical to before (10mn).
* destination_retry_multiplier is now 2 instead of 5, the maximum value will
be reached slower.
* destination_max_retry_interval is one day instead of (essentially) infinity.
Capping this will cause destinations to continue to be retried sometimes instead
of being lost forever. The previous value was 2 ^ 62 milliseconds.
|
| |
|
|
| |
background tasks. (#15991)
|
| |
|
|
|
|
|
|
| |
The location of the redacts field changes in room version 11. Ensure
it is copied to the *new* location for *old* room versions for
forwards-compatibility with clients.
Note that copying it to the *old* location for the *new* room version
was previously handled.
|
| |
|
|
|
| |
The un_partial_stated_event_stream_sequence and
application_services_txn_id_seq were never properly configured
in the portdb script, resulting in an error on start-up.
|
| | |
|
| |
|
|
| |
Track whether the ResponseCache is evicting due to invalidation
or due to time.
|
| |
|
|
| |
Refactoring related to stabilization of MSC3970, refactor to combine
code which has the same logic.
|
| |
|
|
|
| |
(#15791)
c.f. #13476
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
SQLite now supports TRUE and FALSE constants, simplify some
queries by inlining those instead of passing them as arguments.
|
| | |
|
| |
|
|
|
|
| |
Signed-off-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <n.werner@famedly.com>
Co-authored-by: Nicolas Werner <89468146+nico-famedly@users.noreply.github.com>
Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
|
| |
|
|
| |
This is so we don't block responding to federation transaction while we
try and fetch the device lists.
|
| | |
|
| | |
|
| |
|
| |
This should speed up updating state in rooms with lots of state.
|
| |
|
| |
Introduced in #15913
|
| | |
|
| |
|
| |
We do this by yielding the reactor in hot loops.
|
| |
|
| |
This was because we reverted the bump of the schema version, so we were not applying the new deltas.
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
`user_filters`. (#15953)
* Revert "Stop writing to column `user_id` of tables `profiles` and `user_filters` (#15787)"
This reverts commit f25b0f88081bb436bef914983cff7087b54eba5f.
* newsfragement
|
| | |
| |
| |
| |
| | |
And fix a bug in the implementation of the updated redaction
format (MSC2174) where the top-level redacts field was not
properly added for backwards-compatibility.
|
| | | |
|
| | |
| |
| |
| |
| | |
Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`).
This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
|
| | |
| |
| | |
This is unspecced, but has existed for a very long time.
|
| | |
| |
| |
| | |
Remove an __init__ which only calls super() without changing the
input arguments.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
**Before:**
```
Error retrieving alias
```
**After:**
```
Error retrieving alias #foo:bar -> 401 Unauthorized
```
*Spawning from creating the [manual testing strategy for the outbound federation proxy](https://github.com/matrix-org/synapse/pull/15773).*
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Unix socket support for `federation` and `client` Listeners has existed now for a little while(since [1.81.0](https://github.com/matrix-org/synapse/pull/15353)), but there was one last hold out before it could be complete: HTTP Replication communication. This should finish it up. The Listeners would have always worked, but would have had no way to be talked to/at.
---------
Co-authored-by: Eric Eastwood <madlittlemods@gmail.com>
Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
Co-authored-by: Eric Eastwood <erice@element.io>
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
A lot of the functions have the same name in this space like `store_file`,
and we also do it multiple times for different reasons (main media repo,
other storage providers, thumbnails, etc) so it's good to differentiate
them so your head doesn't explode.
Follow-up to https://github.com/matrix-org/synapse/pull/15850
Tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
|
| |
|
|
|
|
| |
Revert "Federation outbound proxy (#15773)"
This reverts commit b07b14b494ae1dd564b4c44f844c9a9545b3d08a.
|
| |
|
| |
We do this by marking the constraint as deferrable.
|
| |
|
|
| |
(#15787)
|
| |
|
|
|
|
| |
startup (#15860)
Co-authored-by: reivilibre <oliverw@matrix.org>
|
| | |
|
| |
|
|
|
|
|
| |
Allow configuring the set of workers to proxy outbound federation traffic through (`outbound_federation_restricted_to`).
This is useful when you have a worker setup with `federation_sender` instances responsible for sending outbound federation requests and want to make sure *all* outbound federation traffic goes through those instances. Before this change, the generic workers would still contact federation themselves for things like profile lookups, backfill, etc. This PR allows you to set more strict access controls/firewall for all workers and only allow the `federation_sender`'s to contact the outside world.
The original code is from @erikjohnston's branches which I've gotten in-shape to merge.
|
| |
|
| |
Fix https://github.com/matrix-org/synapse/issues/15836
|
| | |
|
| |
|
| |
Add tracing instrumentation to media `/upload` code paths to investigate https://github.com/matrix-org/synapse/issues/15841
|
| |
|
|
|
|
|
| |
presence_stream (#15826)
* Change update_presence to have a isolation level of READ_COMMITTED
* changelog
|
| | |
|
| |
|
|
|
| |
Image.ANTIALIAS is not defined in current pillow releases. Since ANTIALIAS was just using LANCZOS anyways, this is just a cosmetic change, but makes synapse work with most recent pillow releases.
Signed-off-by: Giovanni Harting <539@idlegandalf.com>
|
| |
|
| |
Signed-off-by: Michael Weimann <michaelw@element.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old device entries for the same user were being removed in individual
SQL commands, making the batch take way longer than necessary.
This combines the commands into a single one with a IN/ANY clause.
Example of log entry before the change, regularly observed with
"log_min_duration_statement = 10000" in PostgreSQL's config:
LOG: duration: 42538.282 ms statement:
DELETE FROM device_lists_stream
WHERE user_id = '@someone' AND device_id = 'someid1'
AND stream_id < 123456789
;
DELETE FROM device_lists_stream
WHERE user_id = '@someone' AND device_id = 'someid2'
AND stream_id < 123456789
;
[repeated for each device ID of that user, potentially a lot...]
With the patch applied on my instance for the past couple of days, I
no longer notice overly long statements of that particular kind.
Signed-off-by: pacien <pacien.trangirard@pacien.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(#15853)
* Add a timeout to Postgres statements
* Newsfile
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
---------
Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
If you leave a room and forget it, then rejoin it, the room would be
missing from the next initial sync.
fixes #13262
Signed-off-by: Nicolas Werner <n.werner@famedly.com>
|
| |
|
|
|
|
|
| |
The port DB script would try and run database background tasks, which
could fail if the data they acted on was in the process of being ported.
These exceptions were non fatal.
Fixes #15789
|
