161f145176
* Add NATS JetStream support Update shopify/sarama * Fix addresses * Don't change Addresses in Defaults * Update saramajetstream * Add missing error check Keep typing events for at least one minute * Use all configured NATS addresses * Update saramajetstream * Try setting up with NATS * Make sure NATS uses own persistent directory (TODO: make this configurable) * Update go.mod/go.sum * Jetstream package * Various other refactoring * Build fixes * Config tweaks, make random jetstream storage path for CI * Disable interest policies * Try to sane default on jetstream base path * Try to use in-memory for CI * Restore storage/retention * Update nats.go dependency * Adapt changes to config * Remove unneeded TopicFor * Dep update * Revert "Remove unneeded TopicFor" This reverts commit f5a4e4a339b6f94ec215778dca22204adaa893d1. * Revert changes made to streams * Fix build problems * Update nats-server * Update go.mod/go.sum * Roomserver input API queuing using NATS * Fix topic naming * Prometheus metrics * More refactoring to remove saramajetstream * Add missing topic * Don't try to populate map that doesn't exist * Roomserver output topic * Update go.mod/go.sum * Message acknowledgements * Ack tweaks * Try to resume transaction re-sends * Try to resume transaction re-sends * Update to matrix-org/gomatrixserverlib@91dadfb * Remove internal.PartitionStorer from components that don't consume keychanges * Try to reduce re-allocations a bit in resolveConflictsV2 * Tweak delivery options on RS input * Publish send-to-device messages into correct JetStream subject * Async and sync roomserver input * Update dendrite-config.yaml * Remove roomserver tests for now (they need rewriting) * Remove roomserver test again (was merged back in) * Update documentation * Docker updates * More Docker updates * Update Docker readme again * Fix lint issues * Send final event in `processEvent` synchronously (since this might stop Sytest from being so upset) * Don't report event rejection errors via `/send`, since apparently this is upsetting tests that don't expect that * Go 1.16 instead of Go 1.13 for upgrade tests and Complement * Revert "Don't report event rejection errors via `/send`, since apparently this is upsetting tests that don't expect that" This reverts commit 368675283fc44501f227639811bdb16dd5deef8c. * Don't report any errors on `/send` to see what fun that creates * Fix panics on closed channel sends * Enforce state key matches sender * Do the same for leave * Various tweaks to make tests happier Squashed commit of the following: commit 13f9028e7a63662759ce7c55504a9d2423058668 Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 15:47:14 2022 +0000 Do the same for leave commit e6be7f05c349fafbdddfe818337a17a60c867be1 Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 15:33:42 2022 +0000 Enforce state key matches sender commit 85ede6d64bf10ce9b91cdd6d80f87350ee55242f Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 14:07:04 2022 +0000 Fix panics on closed channel sends commit 9755494a98bed62450f8001d8128e40481d27e15 Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 13:38:22 2022 +0000 Don't report any errors on `/send` to see what fun that creates commit 3bb4f87b5dd56882febb4db5621db484c8789b7c Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 13:00:26 2022 +0000 Revert "Don't report event rejection errors via `/send`, since apparently this is upsetting tests that don't expect that" This reverts commit 368675283fc44501f227639811bdb16dd5deef8c. commit fe2673ed7be9559eaca134424e403a4faca100b0 Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 12:09:34 2022 +0000 Go 1.16 instead of Go 1.13 for upgrade tests and Complement commit 368675283fc44501f227639811bdb16dd5deef8c Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 11:51:45 2022 +0000 Don't report event rejection errors via `/send`, since apparently this is upsetting tests that don't expect that commit b028dfc08577bcf52e6cb498026e15fa5d46d07c Author: Neil Alexander <neilalexander@users.noreply.github.com> Date: Tue Jan 4 10:29:08 2022 +0000 Send final event in `processEvent` synchronously (since this might stop Sytest from being so upset) * Merge in NATS Server v2.6.6 and nats.go v1.13 into the in-process connection fork * Add `jetstream.WithJetStreamMessage` to make ack/nak-ing less messy, use process context in consumers * Fix consumer component name in federation API * Add comment explaining where streams are defined * Tweaks to roomserver input with comments * Finish that sentence that I apparently forgot to finish in INSTALL.md * Bump version number of config to 2 * Add comments around asynchronous sends to roomserver in processEventWithMissingState * More useful error message when the config version does not match * Set version in generate-config * Fix version in config.Defaults Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
198 lines
6.3 KiB
Go
198 lines
6.3 KiB
Go
package config
|
|
|
|
import (
|
|
"math/rand"
|
|
"time"
|
|
|
|
"github.com/matrix-org/gomatrixserverlib"
|
|
"golang.org/x/crypto/ed25519"
|
|
)
|
|
|
|
type Global struct {
|
|
// The name of the server. This is usually the domain name, e.g 'matrix.org', 'localhost'.
|
|
ServerName gomatrixserverlib.ServerName `yaml:"server_name"`
|
|
|
|
// Path to the private key which will be used to sign requests and events.
|
|
PrivateKeyPath Path `yaml:"private_key"`
|
|
|
|
// The private key which will be used to sign requests and events.
|
|
PrivateKey ed25519.PrivateKey `yaml:"-"`
|
|
|
|
// An arbitrary string used to uniquely identify the PrivateKey. Must start with the
|
|
// prefix "ed25519:".
|
|
KeyID gomatrixserverlib.KeyID `yaml:"-"`
|
|
|
|
// Information about old private keys that used to be used to sign requests and
|
|
// events on this domain. They will not be used but will be advertised to other
|
|
// servers that ask for them to help verify old events.
|
|
OldVerifyKeys []OldVerifyKeys `yaml:"old_private_keys"`
|
|
|
|
// How long a remote server can cache our server key for before requesting it again.
|
|
// Increasing this number will reduce the number of requests made by remote servers
|
|
// for our key, but increases the period a compromised key will be considered valid
|
|
// by remote servers.
|
|
// Defaults to 24 hours.
|
|
KeyValidityPeriod time.Duration `yaml:"key_validity_period"`
|
|
|
|
// The server name to delegate server-server communications to, with optional port
|
|
WellKnownServerName string `yaml:"well_known_server_name"`
|
|
|
|
// Disables federation. Dendrite will not be able to make any outbound HTTP requests
|
|
// to other servers and the federation API will not be exposed.
|
|
DisableFederation bool `yaml:"disable_federation"`
|
|
|
|
// List of domains that the server will trust as identity servers to
|
|
// verify third-party identifiers.
|
|
// Defaults to an empty array.
|
|
TrustedIDServers []string `yaml:"trusted_third_party_id_servers"`
|
|
|
|
// JetStream configuration
|
|
JetStream JetStream `yaml:"jetstream"`
|
|
|
|
// Metrics configuration
|
|
Metrics Metrics `yaml:"metrics"`
|
|
|
|
// Sentry configuration
|
|
Sentry Sentry `yaml:"sentry"`
|
|
|
|
// DNS caching options for all outbound HTTP requests
|
|
DNSCache DNSCacheOptions `yaml:"dns_cache"`
|
|
}
|
|
|
|
func (c *Global) Defaults(generate bool) {
|
|
if generate {
|
|
c.ServerName = "localhost"
|
|
c.PrivateKeyPath = "matrix_key.pem"
|
|
_, c.PrivateKey, _ = ed25519.GenerateKey(rand.New(rand.NewSource(0)))
|
|
c.KeyID = "ed25519:auto"
|
|
}
|
|
c.KeyValidityPeriod = time.Hour * 24 * 7
|
|
|
|
c.JetStream.Defaults(generate)
|
|
c.Metrics.Defaults(generate)
|
|
c.DNSCache.Defaults()
|
|
c.Sentry.Defaults()
|
|
}
|
|
|
|
func (c *Global) Verify(configErrs *ConfigErrors, isMonolith bool) {
|
|
checkNotEmpty(configErrs, "global.server_name", string(c.ServerName))
|
|
checkNotEmpty(configErrs, "global.private_key", string(c.PrivateKeyPath))
|
|
|
|
c.JetStream.Verify(configErrs, isMonolith)
|
|
c.Metrics.Verify(configErrs, isMonolith)
|
|
c.Sentry.Verify(configErrs, isMonolith)
|
|
c.DNSCache.Verify(configErrs, isMonolith)
|
|
}
|
|
|
|
type OldVerifyKeys struct {
|
|
// Path to the private key.
|
|
PrivateKeyPath Path `yaml:"private_key"`
|
|
|
|
// The private key itself.
|
|
PrivateKey ed25519.PrivateKey `yaml:"-"`
|
|
|
|
// The key ID of the private key.
|
|
KeyID gomatrixserverlib.KeyID `yaml:"-"`
|
|
|
|
// When the private key was designed as "expired", as a UNIX timestamp
|
|
// in millisecond precision.
|
|
ExpiredAt gomatrixserverlib.Timestamp `yaml:"expired_at"`
|
|
}
|
|
|
|
// The configuration to use for Prometheus metrics
|
|
type Metrics struct {
|
|
// Whether or not the metrics are enabled
|
|
Enabled bool `yaml:"enabled"`
|
|
// Use BasicAuth for Authorization
|
|
BasicAuth struct {
|
|
// Authorization via Static Username & Password
|
|
// Hardcoded Username and Password
|
|
Username string `yaml:"username"`
|
|
Password string `yaml:"password"`
|
|
} `yaml:"basic_auth"`
|
|
}
|
|
|
|
func (c *Metrics) Defaults(generate bool) {
|
|
c.Enabled = false
|
|
if generate {
|
|
c.BasicAuth.Username = "metrics"
|
|
c.BasicAuth.Password = "metrics"
|
|
}
|
|
}
|
|
|
|
func (c *Metrics) Verify(configErrs *ConfigErrors, isMonolith bool) {
|
|
}
|
|
|
|
// The configuration to use for Sentry error reporting
|
|
type Sentry struct {
|
|
Enabled bool `yaml:"enabled"`
|
|
// The DSN to connect to e.g "https://examplePublicKey@o0.ingest.sentry.io/0"
|
|
// See https://docs.sentry.io/platforms/go/configuration/options/
|
|
DSN string `yaml:"dsn"`
|
|
// The environment e.g "production"
|
|
// See https://docs.sentry.io/platforms/go/configuration/environments/
|
|
Environment string `yaml:"environment"`
|
|
}
|
|
|
|
func (c *Sentry) Defaults() {
|
|
c.Enabled = false
|
|
}
|
|
|
|
func (c *Sentry) Verify(configErrs *ConfigErrors, isMonolith bool) {
|
|
}
|
|
|
|
type DatabaseOptions struct {
|
|
// The connection string, file:filename.db or postgres://server....
|
|
ConnectionString DataSource `yaml:"connection_string"`
|
|
// Maximum open connections to the DB (0 = use default, negative means unlimited)
|
|
MaxOpenConnections int `yaml:"max_open_conns"`
|
|
// Maximum idle connections to the DB (0 = use default, negative means unlimited)
|
|
MaxIdleConnections int `yaml:"max_idle_conns"`
|
|
// maximum amount of time (in seconds) a connection may be reused (<= 0 means unlimited)
|
|
ConnMaxLifetimeSeconds int `yaml:"conn_max_lifetime"`
|
|
}
|
|
|
|
func (c *DatabaseOptions) Defaults(conns int) {
|
|
c.MaxOpenConnections = conns
|
|
c.MaxIdleConnections = 2
|
|
c.ConnMaxLifetimeSeconds = -1
|
|
}
|
|
|
|
func (c *DatabaseOptions) Verify(configErrs *ConfigErrors, isMonolith bool) {
|
|
}
|
|
|
|
// MaxIdleConns returns maximum idle connections to the DB
|
|
func (c DatabaseOptions) MaxIdleConns() int {
|
|
return c.MaxIdleConnections
|
|
}
|
|
|
|
// MaxOpenConns returns maximum open connections to the DB
|
|
func (c DatabaseOptions) MaxOpenConns() int {
|
|
return c.MaxOpenConnections
|
|
}
|
|
|
|
// ConnMaxLifetime returns maximum amount of time a connection may be reused
|
|
func (c DatabaseOptions) ConnMaxLifetime() time.Duration {
|
|
return time.Duration(c.ConnMaxLifetimeSeconds) * time.Second
|
|
}
|
|
|
|
type DNSCacheOptions struct {
|
|
// Whether the DNS cache is enabled or not
|
|
Enabled bool `yaml:"enabled"`
|
|
// How many entries to store in the DNS cache at a given time
|
|
CacheSize int `yaml:"cache_size"`
|
|
// How long a cache entry should be considered valid for
|
|
CacheLifetime time.Duration `yaml:"cache_lifetime"`
|
|
}
|
|
|
|
func (c *DNSCacheOptions) Defaults() {
|
|
c.Enabled = false
|
|
c.CacheSize = 256
|
|
c.CacheLifetime = time.Minute * 5
|
|
}
|
|
|
|
func (c *DNSCacheOptions) Verify(configErrs *ConfigErrors, isMonolith bool) {
|
|
checkPositive(configErrs, "cache_size", int64(c.CacheSize))
|
|
checkPositive(configErrs, "cache_lifetime", int64(c.CacheLifetime))
|
|
}
|