config

package
v0.2.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 27, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	NetworkTCP  = "tcp"
	NetworkUnix = "unix"
)
View Source
const DefaultOpenIDTokenLifetimeMS = 3600000 // 60 minutes
View Source
const UnixSocketPrefix = "unix://"
View Source
const Version = 2

Version is the current version of the config format. This will change whenever we make breaking changes to the config format.

Variables

View Source
var DefaultMaxFileSizeBytes = FileSizeBytes(10485760)

DefaultMaxFileSizeBytes defines the default file size allowed in transfers

Functions

func IsValidRegex

func IsValidRegex(regexString string) bool

IsValidRegex returns true or false based on whether the given string is valid regex or not

func LoadMatrixKey

func LoadMatrixKey(privateKeyPath string, readFile func(string) ([]byte, error)) (gomatrixserverlib.KeyID, ed25519.PrivateKey, error)

Types

type AppServiceAPI

type AppServiceAPI struct {
	Matrix  *Global  `yaml:"-"`
	Derived *Derived `yaml:"-"` // TODO: Nuke Derived from orbit

	// DisableTLSValidation disables the validation of X.509 TLS certs
	// on appservice endpoints. This is not recommended in production!
	DisableTLSValidation bool `yaml:"disable_tls_validation"`

	LegacyAuth  bool `yaml:"legacy_auth"`
	LegacyPaths bool `yaml:"legacy_paths"`

	ConfigFiles []string `yaml:"config_files"`
}

func (*AppServiceAPI) Defaults

func (c *AppServiceAPI) Defaults(opts DefaultOpts)

func (*AppServiceAPI) Verify

func (c *AppServiceAPI) Verify(configErrs *ConfigErrors)

type ApplicationService

type ApplicationService struct {
	// User-defined, unique, persistent ID of the application service
	ID string `yaml:"id"`
	// Base URL of the application service
	URL string `yaml:"url"`
	// Application service token provided in requests to a homeserver
	ASToken string `yaml:"as_token"`
	// Homeserver token provided in requests to an application service
	HSToken string `yaml:"hs_token"`
	// Localpart of application service user
	SenderLocalpart string `yaml:"sender_localpart"`
	// Information about an application service's namespaces. Key is either
	// "users", "aliases" or "rooms"
	NamespaceMap map[string][]ApplicationServiceNamespace `yaml:"namespaces"`
	// Whether rate limiting is applied to each application service user
	RateLimited bool `yaml:"rate_limited"`
	// Any custom protocols that this application service provides (e.g. IRC)
	Protocols  []string `yaml:"protocols"`
	HTTPClient *http.Client
	// contains filtered or unexported fields
}

ApplicationService represents a Matrix application service. https://matrix.org/docs/spec/application_service/unstable.html

func (*ApplicationService) CreateHTTPClient

func (a *ApplicationService) CreateHTTPClient(insecureSkipVerify bool)

func (*ApplicationService) IsInterestedInRoomAlias

func (a *ApplicationService) IsInterestedInRoomAlias(
	roomAlias string,
) bool

IsInterestedInRoomAlias returns a bool on whether an application service's namespace includes the given room alias

func (*ApplicationService) IsInterestedInRoomID

func (a *ApplicationService) IsInterestedInRoomID(
	roomID string,
) bool

IsInterestedInRoomID returns a bool on whether an application service's namespace includes the given room ID

func (*ApplicationService) IsInterestedInUserID

func (a *ApplicationService) IsInterestedInUserID(
	userID string,
) bool

IsInterestedInUserID returns a bool on whether an application service's namespace includes the given user ID

func (*ApplicationService) OwnsNamespaceCoveringUserId

func (a *ApplicationService) OwnsNamespaceCoveringUserId(
	userID string,
) bool

OwnsNamespaceCoveringUserId returns a bool on whether an application service's namespace is exclusive and includes the given user ID

func (*ApplicationService) RequestUrl

func (a *ApplicationService) RequestUrl() string

type ApplicationServiceNamespace

type ApplicationServiceNamespace struct {
	// Whether or not the namespace is managed solely by this application service
	Exclusive bool `yaml:"exclusive"`
	// A regex pattern that represents the namespace
	Regex string `yaml:"regex"`
	// The ID of an existing group that all users of this application service will
	// be added to. This field is only relevant to the `users` namespace.
	// Note that users who are joined to this group through an application service
	// are not to be listed when querying for the group's members, however the
	// group should be listed when querying an application service user's groups.
	// This is to prevent making spamming all users of an application service
	// trivial.
	GroupID string `yaml:"group_id"`
	// Regex object representing our pattern. Saves having to recompile every time
	RegexpObject *regexp.Regexp
}

ApplicationServiceNamespace is the namespace that a specific application service has management over.

type CacheOptions added in v0.1.3

type CacheOptions struct {
	// The connection string,
	ConnectionString DataSource `yaml:"connection_string"`

	EstimatedMaxSize DataUnit      `yaml:"max_size_estimated"`
	MaxAge           time.Duration `yaml:"max_age"`
	EnablePrometheus bool          `yaml:"enable_prometheus"`
}

func (*CacheOptions) Defaults added in v0.1.3

func (c *CacheOptions) Defaults(opts DefaultOpts)

func (*CacheOptions) LoadEnv added in v0.2.7

func (c *CacheOptions) LoadEnv()

func (*CacheOptions) Verify added in v0.1.3

func (c *CacheOptions) Verify(configErrs *ConfigErrors)

type ClientAPI

type ClientAPI struct {
	Matrix  *Global  `yaml:"-"`
	Derived *Derived `yaml:"-"` // TODO: Nuke Derived from orbit

	// If set disables new users from registering (except via shared
	// secrets)
	RegistrationDisabled bool `yaml:"registration_disabled"`

	// If set, requires users to submit a token during registration.
	// Tokens can be managed using admin API.
	RegistrationRequiresToken bool `yaml:"registration_requires_token"`

	// Enable registration without captcha verification or shared secret.
	// This option is populated by the -really-enable-open-registration
	// command line parameter as it is not recommended.
	OpenRegistrationWithoutVerificationEnabled bool `yaml:"-"`

	// If set, allows registration by anyone who also has the shared
	// secret, even if registration is otherwise disabled.
	RegistrationSharedSecret string `yaml:"registration_shared_secret"`
	// If set, prevents guest accounts from being created. Only takes
	// effect if registration is enabled, otherwise guests registration
	// is forbidden either way.
	GuestsDisabled bool `yaml:"guests_disabled"`

	// Boolean stating whether catpcha registration is enabled
	// and required
	RecaptchaEnabled bool `yaml:"enable_registration_captcha"`
	// Recaptcha api.js Url, for compatible with hcaptcha.com, etc.
	RecaptchaApiJsUrl string `yaml:"recaptcha_api_js_url"`
	// Recaptcha div class for sitekey, for compatible with hcaptcha.com, etc.
	RecaptchaSitekeyClass string `yaml:"recaptcha_sitekey_class"`
	// Recaptcha form field, for compatible with hcaptcha.com, etc.
	RecaptchaFormField string `yaml:"recaptcha_form_field"`
	// This Home Server's ReCAPTCHA public key.
	RecaptchaPublicKey string `yaml:"recaptcha_public_key"`
	// This Home Server's ReCAPTCHA private key.
	RecaptchaPrivateKey string `yaml:"recaptcha_private_key"`
	// Secret used to bypass the captcha registration entirely
	RecaptchaBypassSecret string `yaml:"recaptcha_bypass_secret"`
	// HTTP API endpoint used to verify whether the captcha response
	// was successful
	RecaptchaSiteVerifyAPI string `yaml:"recaptcha_siteverify_api"`

	LoginSSO LoginSSO `yaml:"login_sso"`

	// TURN options
	TURN TURN `yaml:"turn"`

	// Rate-limiting options
	RateLimiting RateLimiting `yaml:"rate_limiting"`

	MSCs *MSCs `yaml:"-"`
}

func (*ClientAPI) Defaults

func (c *ClientAPI) Defaults(opts DefaultOpts)

func (*ClientAPI) Verify

func (c *ClientAPI) Verify(configErrs *ConfigErrors)

type ConfigErrors

type ConfigErrors []string

ConfigErrors stores problems encountered when parsing a config file. It implements the error interface.

func (*ConfigErrors) Add

func (errs *ConfigErrors) Add(str string)

Add appends an error to the list of errors in this configErrors. It is a wrapper to the builtin append and hides pointers from the client code. This method is safe to use with an uninitialized configErrors because if it is nil, it will be properly allocated.

func (ConfigErrors) Error

func (errs ConfigErrors) Error() string

Error returns a string detailing how many errors were contained within a configErrors type.

type DNSCacheOptions

type DNSCacheOptions struct {
	// Whether the DNS cache is enabled or not
	Enabled bool `yaml:"enabled"`
	// How many entries to store in the DNS cache at a given time
	CacheSize int `yaml:"cache_size"`
	// How long a cache entry should be considered valid for
	CacheLifetime time.Duration `yaml:"cache_lifetime"`
}

func (*DNSCacheOptions) Defaults

func (c *DNSCacheOptions) Defaults()

func (*DNSCacheOptions) Verify

func (c *DNSCacheOptions) Verify(configErrs *ConfigErrors)

type DataSource

type DataSource string

A DataSource for opening a postgresql database using lib/pq.

func (DataSource) IsNats added in v0.2.5

func (d DataSource) IsNats() bool

func (DataSource) IsPostgres

func (d DataSource) IsPostgres() bool

func (DataSource) IsRedis added in v0.2.5

func (d DataSource) IsRedis() bool

func (DataSource) IsSQLite

func (d DataSource) IsSQLite() bool

type DataUnit

type DataUnit int64

func (*DataUnit) UnmarshalText

func (d *DataUnit) UnmarshalText(text []byte) error

type DatabaseOptions

type DatabaseOptions struct {
	// The connection string, file:filename.db or postgres://server....
	ConnectionString DataSource `yaml:"connection_string"`
	// Maximum open connections to the DB (0 = use default, negative means unlimited)
	MaxOpenConnections int `yaml:"max_open_conns"`
	// Maximum idle connections to the DB (0 = use default, negative means unlimited)
	MaxIdleConnections int `yaml:"max_idle_conns"`
	// maximum amount of time (in seconds) a connection may be reused (<= 0 means unlimited)
	ConnMaxLifetimeSeconds int `yaml:"conn_max_lifetime"`
}

func (*DatabaseOptions) ConnMaxLifetime

func (c *DatabaseOptions) ConnMaxLifetime() time.Duration

ConnMaxLifetime returns maximum amount of time a connection may be reused

func (*DatabaseOptions) Defaults

func (c *DatabaseOptions) Defaults(opts DefaultOpts)

func (*DatabaseOptions) LoadEnv added in v0.2.7

func (c *DatabaseOptions) LoadEnv()

func (*DatabaseOptions) MaxIdleConns

func (c *DatabaseOptions) MaxIdleConns() int

MaxIdleConns returns maximum idle connections to the DB

func (*DatabaseOptions) MaxOpenConns

func (c *DatabaseOptions) MaxOpenConns() int

MaxOpenConns returns maximum open connections to the DB

func (*DatabaseOptions) Verify

func (c *DatabaseOptions) Verify(configErrs *ConfigErrors)

type DefaultOpts

type DefaultOpts struct {
	DatabaseConnectionStr DataSource
	CacheConnectionStr    DataSource
	QueueConnectionStr    string
}

type Dendrite

type Dendrite struct {
	// The version of the configuration file.
	// If the version in a file doesn't match the current dendrite config
	// version then we can give a clear error message telling the user
	// to update their config file to the current version.
	// The version of the file should only be different if there has
	// been a breaking change to the config file format.
	Version int `yaml:"version"`

	Global        Global        `yaml:"global"`
	AppServiceAPI AppServiceAPI `yaml:"app_service_api"`
	ClientAPI     ClientAPI     `yaml:"client_api"`
	FederationAPI FederationAPI `yaml:"federation_api"`
	KeyServer     KeyServer     `yaml:"key_server"`
	MediaAPI      MediaAPI      `yaml:"media_api"`
	RoomServer    RoomServer    `yaml:"room_server"`
	SyncAPI       SyncAPI       `yaml:"sync_api"`
	UserAPI       UserAPI       `yaml:"user_api"`
	RelayAPI      RelayAPI      `yaml:"relay_api"`

	MSCs MSCs `yaml:"mscs"`

	// The config for tracing the dendrite servers.
	Tracing struct {
		// Set to true to enable tracer hooks. If false, no tracing is set up.
		Enabled bool `yaml:"enabled"`
		// The config for the jaeger opentracing reporter.
		Jaeger jaegerconfig.Configuration `yaml:"jaeger"`
	} `yaml:"tracing"`

	// The config for logging informations. Each hook will be added to logrus.
	Logging []LogrusHook `yaml:"logging"`

	// Any information derived from the configuration options for later use.
	Derived Derived `yaml:"-"`
}

Dendrite contains all the config used by a dendrite process. Relative paths are resolved relative to the current working directory

func Load

func Load(configPath string) (*Dendrite, error)

Load a yaml config file for a server run as multiple processes or as a monolith. Checks the config to ensure that it is valid.

func (*Dendrite) Defaults

func (config *Dendrite) Defaults(opts DefaultOpts)

SetDefaults sets default config values if they are not explicitly set.

func (*Dendrite) Derive

func (config *Dendrite) Derive() error

Derive generates data that is derived from various values provided in the config file.

func (*Dendrite) LoadEnv added in v0.2.7

func (config *Dendrite) LoadEnv()

func (*Dendrite) SetupTracing

func (config *Dendrite) SetupTracing() (closer io.Closer, err error)

SetupTracing configures the opentracing using the supplied configuration.

func (*Dendrite) Verify

func (config *Dendrite) Verify(configErrs *ConfigErrors)

func (*Dendrite) Wiring

func (config *Dendrite) Wiring()

type Derived

type Derived struct {
	Registration struct {
		// Flows is a slice of flows, which represent one possible way that the client can authenticate a request.
		// http://matrix.org/docs/spec/HEAD/client_server/r0.3.0.html#user-interactive-authentication-api
		// As long as the generated flows only rely on config file options,
		// we can generate them on startup and store them until needed
		Flows []authtypes.Flow `json:"flows"`

		// Params that need to be returned to the client during
		// registration in order to complete registration stages.
		Params map[string]interface{} `json:"params"`
	}

	// Application services parsed from their config files
	// The paths of which were given above in the main config file
	ApplicationServices []ApplicationService

	// Meta-regexes compiled from all exclusive application service
	// Regexes.
	//
	// When a user registers, we check that their username does not match any
	// exclusive application service namespaces
	ExclusiveApplicationServicesUsernameRegexp *regexp.Regexp
	// When a user creates a room alias, we check that it isn't already
	// reserved by an application service
	ExclusiveApplicationServicesAliasRegexp *regexp.Regexp
}

TODO: Kill Derived

type FederationAPI

type FederationAPI struct {
	Matrix *Global `yaml:"-"`

	// The database stores information used by the federation destination queues to
	// send transactions to remote servers.
	Database DatabaseOptions `yaml:"database,omitempty"`

	// Federation failure threshold. How many consecutive failures that we should
	// tolerate when sending federation requests to a specific server. The backoff
	// is 2**x seconds, so 1 = 2 seconds, 2 = 4 seconds, 3 = 8 seconds, etc.
	// The default value is 16 if not specified, which is circa 18 hours.
	FederationMaxRetries uint32 `yaml:"send_max_retries"`

	// P2P Feature: Whether relaying to specific nodes should be enabled.
	// Defaults to false.
	// Note: Enabling relays introduces a huge startup delay, if you are not using
	// relays and have many servers to re-hydrate on start. Only enable this
	// if you are using relays!
	EnableRelays bool `yaml:"enable_relays"`

	// P2P Feature: How many consecutive failures that we should tolerate when
	// sending federation requests to a specific server until we should assume they
	// are offline. If we assume they are offline then we will attempt to send
	// messages to their relay server if we know of one that is appropriate.
	P2PFederationRetriesUntilAssumedOffline uint32 `yaml:"p2p_retries_until_assumed_offline"`

	// FederationDisableTLSValidation disables the validation of X.509 TLS certs
	// on remote federation endpoints. This is not recommended in production!
	DisableTLSValidation bool `yaml:"disable_tls_validation"`

	// DisableHTTPKeepalives prevents Dendrite from keeping HTTP connections
	// open for reuse for future requests. Connections will be closed quicker
	// but we may spend more time on TLS handshakes instead.
	DisableHTTPKeepalives bool `yaml:"disable_http_keepalives"`

	// Perspective keyservers, to use as a backup when direct key fetch
	// requests don't succeed
	KeyPerspectives KeyPerspectives `yaml:"key_perspectives"`

	// Should we prefer direct key fetches over perspective ones?
	PreferDirectFetch bool `yaml:"prefer_direct_fetch"`
}

func (*FederationAPI) Defaults

func (c *FederationAPI) Defaults(opts DefaultOpts)

func (*FederationAPI) Verify

func (c *FederationAPI) Verify(configErrs *ConfigErrors)

type FileSizeBytes

type FileSizeBytes int64

FileSizeBytes is a file size in bytes

type Fulltext

type Fulltext struct {
	Enabled   bool   `yaml:"enabled"`
	IndexPath Path   `yaml:"index_path"`
	InMemory  bool   `yaml:"in_memory"` // only useful in tests
	Language  string `yaml:"language"`  // the language to use when analysing content
}

func (*Fulltext) Defaults

func (f *Fulltext) Defaults(opts DefaultOpts)

func (*Fulltext) Verify

func (f *Fulltext) Verify(configErrs *ConfigErrors)

type Global

type Global struct {
	// Signing identity contains the server name, private key and key ID of
	// the deployment.
	fclient.SigningIdentity `yaml:",inline"`

	// The secondary server names, used for virtual hosting.
	VirtualHosts []*VirtualHost `yaml:"-"`

	// Path to the private key which will be used to sign requests and events.
	PrivateKeyPath Path `yaml:"private_key"`

	// Information about old private keys that used to be used to sign requests and
	// events on this domain. They will not be used but will be advertised to other
	// servers that ask for them to help verify old events.
	OldVerifyKeys []*OldVerifyKeys `yaml:"old_private_keys"`

	// How long a remote server can cache our server key for before requesting it again.
	// Increasing this number will reduce the number of requests made by remote servers
	// for our key, but increases the period a compromised key will be considered valid
	// by remote servers.
	// Defaults to 24 hours.
	KeyValidityPeriod time.Duration `yaml:"key_validity_period"`

	// Global pool of database connections, which is used only in monolith mode. If a
	// component does not specify any database options of its own, then this pool of
	// connections will be used instead. This way we don't have to manage connection
	// counts on a per-component basis, but can instead do it for the entire monolith.
	DatabaseOptions DatabaseOptions `yaml:"database,omitempty"`

	// The server name to delegate server-server communications to, with optional port
	WellKnownServerName string `yaml:"well_known_server_name"`

	// The server name to delegate client-server communications to, with optional port
	WellKnownClientName string `yaml:"well_known_client_name"`

	// The server name to delegate sliding sync communications to, with optional port.
	// Requires `well_known_client_name` to also be configured.
	WellKnownSlidingSyncProxy string `yaml:"well_known_sliding_sync_proxy"`

	// Disables federation. Dendrite will not be able to make any outbound HTTP requests
	// to other servers and the federation API will not be exposed.
	DisableFederation bool `yaml:"disable_federation"`

	// Configures the handling of presence events.
	Presence PresenceOptions `yaml:"presence"`

	// List of domains that the server will trust as identity servers to
	// verify third-party identifiers.
	// Defaults to an empty array.
	TrustedIDServers []string `yaml:"trusted_third_party_id_servers"`

	// JetStream configuration
	JetStream JetStream `yaml:"jetstream"`

	// Metrics configuration
	Metrics Metrics `yaml:"metrics"`

	// Sentry configuration
	Sentry Sentry `yaml:"sentry"`

	// DNS caching options for all outbound HTTP requests
	DNSCache DNSCacheOptions `yaml:"dns_cache"`

	// ServerNotices configuration used for sending server notices
	ServerNotices ServerNotices `yaml:"server_notices"`

	// ReportStats configures opt-in phone-home statistics reporting.
	ReportStats ReportStats `yaml:"report_stats"`

	// Configuration for the caches.
	Cache CacheOptions `yaml:"cache"`
}

func (*Global) Defaults

func (c *Global) Defaults(opts DefaultOpts)

func (*Global) IsLocalServerName

func (c *Global) IsLocalServerName(serverName spec.ServerName) bool

func (*Global) LoadEnv added in v0.2.7

func (c *Global) LoadEnv()

func (*Global) SigningIdentities

func (c *Global) SigningIdentities() []*fclient.SigningIdentity

func (*Global) SigningIdentityFor

func (c *Global) SigningIdentityFor(serverName spec.ServerName) (*fclient.SigningIdentity, error)

func (*Global) SplitLocalID

func (c *Global) SplitLocalID(sigil byte, id string) (string, spec.ServerName, error)

func (*Global) Verify

func (c *Global) Verify(configErrs *ConfigErrors)

func (*Global) VirtualHost

func (c *Global) VirtualHost(serverName spec.ServerName) *VirtualHost

func (*Global) VirtualHostForHTTPHost

func (c *Global) VirtualHostForHTTPHost(serverName spec.ServerName) *VirtualHost

type IdentityProvider added in v0.2.1

type IdentityProvider struct {

	// ID is the unique identifier of this IdP. If empty, the brand will be used.
	ID string `yaml:"id"`

	// Name is a human-friendly name of the provider. If empty, a default based on
	// the brand will be used.
	Name string `yaml:"name"`

	ClientID     string `yaml:"client_id"`
	ClientSecret string `yaml:"client_secret"`
	DiscoveryURL string `yaml:"discovery_url"`

	JWTLogin JWTLogin `yaml:"jwt_login"`
}

func (*IdentityProvider) Verify added in v0.2.1

func (idp *IdentityProvider) Verify(configErrs *ConfigErrors)

func (*IdentityProvider) WithDefaults added in v0.2.1

func (idp *IdentityProvider) WithDefaults() IdentityProvider

type JWTLogin added in v0.1.3

type JWTLogin struct {
	Audience string `yaml:"audience"`
}

type JetStream

type JetStream struct {
	Matrix *Global `yaml:"-"`

	// A list of NATS addresses to connect to. If none are specified, an
	// internal NATS server will be used when running in monolith mode only.
	Addresses []string `yaml:"addresses"`
	// The prefix to use for stream names for this homeserver - really only
	// useful if running more than one Dendrite on the same NATS deployment.
	TopicPrefix string `yaml:"topic_prefix"`

	// A credentials file to be used for authentication, example:
	// https://docs.nats.io/using-nats/developer/connecting/creds
	Credentials Path `yaml:"credentials_path"`
}

func (*JetStream) Defaults

func (c *JetStream) Defaults(opts DefaultOpts)

func (*JetStream) Durable

func (c *JetStream) Durable(name string) string

func (*JetStream) LoadEnv added in v0.2.7

func (c *JetStream) LoadEnv()

func (*JetStream) Prefixed

func (c *JetStream) Prefixed(name string) string

func (*JetStream) Verify

func (c *JetStream) Verify(configErrs *ConfigErrors)

type KeyPerspective

type KeyPerspective struct {
	// The server name of the perspective key server
	ServerName spec.ServerName `yaml:"server_name"`
	// Server keys for the perspective user, used to verify the
	// keys have been signed by the perspective server
	Keys []KeyPerspectiveTrustKey `yaml:"keys"`
}

type KeyPerspectiveTrustKey

type KeyPerspectiveTrustKey struct {
	// The key ID, e.g. ed25519:auto
	KeyID gomatrixserverlib.KeyID `yaml:"key_id"`
	// The public key in base64 unpadded format
	PublicKey string `yaml:"public_key"`
}

type KeyPerspectives

type KeyPerspectives []KeyPerspective

KeyPerspectives are used to configure perspective key servers for retrieving server keys.

type KeyServer

type KeyServer struct {
	Matrix *Global `yaml:"-"`

	Database DatabaseOptions `yaml:"database,omitempty"`
}

func (*KeyServer) Defaults

func (c *KeyServer) Defaults(opts DefaultOpts)

func (*KeyServer) Verify

func (c *KeyServer) Verify(configErrs *ConfigErrors)

type LoginSSO added in v0.2.1

type LoginSSO struct {

	// CallbackURL is the absolute URL where a user agent can reach
	// the Dendrite `/_matrix/v3/login/sso/callback` endpoint. This is
	// used to create LoginSSO redirect URLs passed to identity
	// providers. If this is empty, a default is inferred from request
	// headers. When Dendrite is running behind a proxy, this may not
	// always be the right information.
	CallbackURL string `yaml:"callback_url"`

	// Providers list the identity providers this server is capable of confirming an
	// identity with.
	Providers []IdentityProvider `yaml:"providers"`

	// DefaultProviderID is the provider to use when the client doesn't indicate one.
	// This is legacy support. If empty, the first provider listed is used.
	DefaultProviderID string `yaml:"default_provider"`
}

func (*LoginSSO) Verify added in v0.2.1

func (sso *LoginSSO) Verify(configErrs *ConfigErrors)

type LogrusHook

type LogrusHook struct {
	// The type of hook, currently only "file" is supported.
	Type string `yaml:"type"`

	// The level of the logs to produce. Will output only this level and above.
	Level string `yaml:"level"`

	// The parameters for this hook.
	Params map[string]interface{} `yaml:"params"`
}

LogrusHook represents a single logrus hook. At this point, only parsing and verification of the proper values for type and level are done. Validity/integrity checks on the parameters are done when configuring logrus.

type MSCs

type MSCs struct {
	Matrix *Global `yaml:"-"`

	// The MSCs to enable. Supported MSCs include:
	// 'msc2444': Peeking over federation - https://github.com/matrix-org/matrix-doc/pull/2444
	// 'msc2753': Peeking via /sync - https://github.com/matrix-org/matrix-doc/pull/2753
	// 'msc2836': Threading - https://github.com/matrix-org/matrix-doc/pull/2836
	MSCs []string `yaml:"mscs"`

	Database DatabaseOptions `yaml:"database,omitempty"`
}

func (*MSCs) Defaults

func (c *MSCs) Defaults(opts DefaultOpts)

func (*MSCs) Enabled

func (c *MSCs) Enabled(msc string) bool

Enabled returns true if the given msc is enabled. Should in the form 'msc12345'.

func (*MSCs) Verify

func (c *MSCs) Verify(configErrs *ConfigErrors)

type MediaAPI

type MediaAPI struct {
	Matrix *Global `yaml:"-"`

	// The MediaAPI database stores information about files uploaded and downloaded
	// by local users. It is only accessed by the MediaAPI.
	Database DatabaseOptions `yaml:"database,omitempty"`

	// The base path to where the media files will be stored. May be relative or absolute.
	BasePath Path `yaml:"base_path"`

	// The absolute base path to where media files will be stored.
	AbsBasePath Path `yaml:"-"`

	// The maximum file size in bytes that is allowed to be stored on this server.
	// Note: if max_file_size_bytes is set to 0, the size is unlimited.
	// Note: if max_file_size_bytes is not set, it will default to 10485760 (10MB)
	MaxFileSizeBytes FileSizeBytes `yaml:"max_file_size_bytes,omitempty"`

	// Whether to dynamically generate thumbnails on-the-fly if the requested resolution is not already generated
	DynamicThumbnails bool `yaml:"dynamic_thumbnails"`

	// The maximum number of simultaneous thumbnail generators. default: 10
	MaxThumbnailGenerators int `yaml:"max_thumbnail_generators"`

	// A list of thumbnail sizes to be pre-generated for downloaded remote / uploaded content
	ThumbnailSizes []ThumbnailSize `yaml:"thumbnail_sizes"`
}

func (*MediaAPI) Defaults

func (c *MediaAPI) Defaults(opts DefaultOpts)

func (*MediaAPI) Verify

func (c *MediaAPI) Verify(configErrs *ConfigErrors)

type Metrics

type Metrics struct {
	// Whether or not the metrics are enabled
	Enabled bool `yaml:"enabled"`
	// Use BasicAuth for Authorization
	BasicAuth struct {
		// Authorization via Static Username & Password
		// Hardcoded Username and Password
		Username string `yaml:"username"`
		Password string `yaml:"password"`
	} `yaml:"basic_auth"`
}

The configuration to use for Prometheus metrics

func (*Metrics) Defaults

func (c *Metrics) Defaults(opts DefaultOpts)

func (*Metrics) Verify

func (c *Metrics) Verify(configErrs *ConfigErrors)

type OldVerifyKeys

type OldVerifyKeys struct {
	// Path to the private key.
	PrivateKeyPath Path `yaml:"private_key"`

	// The private key itself.
	PrivateKey ed25519.PrivateKey `yaml:"-"`

	// The public key, in case only that part is known.
	PublicKey spec.Base64Bytes `yaml:"public_key"`

	// The key ID of the private key.
	KeyID gomatrixserverlib.KeyID `yaml:"key_id"`

	// When the private key was designed as "expired", as a UNIX timestamp
	// in millisecond precision.
	ExpiredAt spec.Timestamp `yaml:"expired_at"`
}

type Path

type Path string

A Path on the filesystem.

type PresenceOptions

type PresenceOptions struct {
	// Whether inbound presence events are allowed
	EnableInbound bool `yaml:"enable_inbound"`
	// Whether outbound presence events are allowed
	EnableOutbound bool `yaml:"enable_outbound"`
}

PresenceOptions defines possible configurations for presence events.

type Proxy

type Proxy struct {
	// Is the proxy enabled?
	Enabled bool `yaml:"enabled"`
	// The protocol for the proxy (http / https / socks5)
	Protocol string `yaml:"protocol"`
	// The host where the proxy is listening
	Host string `yaml:"host"`
	// The port on which the proxy is listening
	Port uint16 `yaml:"port"`
}

Proxy The config for setting a proxy to use for server->server requests

func (*Proxy) Defaults

func (c *Proxy) Defaults()

func (*Proxy) Verify

func (c *Proxy) Verify(configErrs *ConfigErrors)

type RateLimiting

type RateLimiting struct {
	// Is rate limiting enabled or disabled?
	Enabled bool `yaml:"enabled"`

	// How many "slots" a user can occupy sending requests to a rate-limited
	// endpoint before we apply rate-limiting
	Threshold int64 `yaml:"threshold"`

	// The cooloff period in milliseconds after a request before the "slot"
	// is freed again
	CooloffMS int64 `yaml:"cooloff_ms"`

	// A list of users that are exempt from rate limiting, i.e. if you want
	// to run Mjolnir or other bots.
	ExemptUserIDs []string `yaml:"exempt_user_ids"`
}

func (*RateLimiting) Defaults

func (r *RateLimiting) Defaults()

func (*RateLimiting) Verify

func (r *RateLimiting) Verify(configErrs *ConfigErrors)

type RelayAPI

type RelayAPI struct {
	Matrix *Global `yaml:"-"`

	// The database stores information used by the relay queue to
	// forward transactions to remote servers.
	Database DatabaseOptions `yaml:"database,omitempty"`
}

func (*RelayAPI) Defaults

func (c *RelayAPI) Defaults(opts DefaultOpts)

func (*RelayAPI) Verify

func (c *RelayAPI) Verify(configErrs *ConfigErrors)

type ReportStats

type ReportStats struct {
	// Enabled configures phone-home statistics of the server
	Enabled bool `yaml:"enabled"`

	// Endpoint the endpoint to report stats to
	Endpoint string `yaml:"endpoint"`
}

ReportStats configures opt-in phone-home statistics reporting.

func (*ReportStats) Defaults

func (c *ReportStats) Defaults()

func (*ReportStats) Verify

func (c *ReportStats) Verify(configErrs *ConfigErrors)

type RoomServer

type RoomServer struct {
	Matrix *Global `yaml:"-"`

	DefaultRoomVersion gomatrixserverlib.RoomVersion `yaml:"default_room_version,omitempty"`

	Database DatabaseOptions `yaml:"database,omitempty"`
}

func (*RoomServer) Defaults

func (c *RoomServer) Defaults(opts DefaultOpts)

func (*RoomServer) Verify

func (c *RoomServer) Verify(configErrs *ConfigErrors)

type Sentry

type Sentry struct {
	Enabled bool `yaml:"enabled"`
	// The DSN to connect to e.g "https://examplePublicKey@o0.ingest.sentry.io/0"
	// See https://docs.sentry.io/platforms/go/configuration/options/
	DSN string `yaml:"dsn"`
	// The environment e.g "production"
	// See https://docs.sentry.io/platforms/go/configuration/environments/
	Environment string `yaml:"environment"`
}

The configuration to use for Sentry error reporting

func (*Sentry) Defaults

func (c *Sentry) Defaults()

func (*Sentry) Verify

func (c *Sentry) Verify(configErrs *ConfigErrors)

type ServerAddress

type ServerAddress struct {
	Address              string
	Scheme               string
	UnixSocketPermission fs.FileMode
}

func HTTPAddress

func HTTPAddress(urlAddress string) (ServerAddress, error)

func UnixSocketAddress

func UnixSocketAddress(path string, perm string) (ServerAddress, error)

func (ServerAddress) Enabled

func (s ServerAddress) Enabled() bool

func (ServerAddress) IsUnixSocket

func (s ServerAddress) IsUnixSocket() bool

func (ServerAddress) Network

func (s ServerAddress) Network() string

type ServerNotices

type ServerNotices struct {
	Enabled bool `yaml:"enabled"`
	// The localpart to be used when sending notices
	LocalPart string `yaml:"local_part"`
	// The displayname to be used when sending notices
	DisplayName string `yaml:"display_name"`
	// The avatar of this user
	AvatarURL string `yaml:"avatar_url"`
	// The roomname to be used when creating messages
	RoomName string `yaml:"room_name"`
}

ServerNotices defines the configuration used for sending server notices

func (*ServerNotices) Defaults

func (c *ServerNotices) Defaults(opts DefaultOpts)

func (*ServerNotices) Verify

func (c *ServerNotices) Verify(errors *ConfigErrors)

type SyncAPI

type SyncAPI struct {
	Matrix *Global `yaml:"-"`

	Database DatabaseOptions `yaml:"database,omitempty"`

	RealIPHeader string `yaml:"real_ip_header"`

	Fulltext Fulltext `yaml:"search"`
}

func (*SyncAPI) Defaults

func (c *SyncAPI) Defaults(opts DefaultOpts)

func (*SyncAPI) Verify

func (c *SyncAPI) Verify(configErrs *ConfigErrors)

type TURN

type TURN struct {
	// TODO Guest Support
	// Whether or not guests can request TURN credentials
	// AllowGuests bool `yaml:"turn_allow_guests"`
	// How long the authorization should last
	UserLifetime string `yaml:"turn_user_lifetime"`
	// The list of TURN URIs to pass to clients
	URIs []string `yaml:"turn_uris"`

	// Authorization via Shared Secret
	// The shared secret from coturn
	SharedSecret string `yaml:"turn_shared_secret"`

	// Authorization via Static Username & Password
	// Hardcoded Username and Password
	Username string `yaml:"turn_username"`
	Password string `yaml:"turn_password"`
}

func (*TURN) Verify

func (c *TURN) Verify(configErrs *ConfigErrors)

type ThumbnailSize

type ThumbnailSize struct {
	// Maximum width of the thumbnail image
	Width int `yaml:"width"`
	// Maximum height of the thumbnail image
	Height int `yaml:"height"`
	// ResizeMethod is one of crop or scale.
	// crop scales to fill the requested dimensions and crops the excess.
	// scale scales to fit the requested dimensions and one dimension may be smaller than requested.
	ResizeMethod string `yaml:"method,omitempty"`
}

ThumbnailSize contains a single thumbnail size configuration

type Topic

type Topic string

A Topic in kafka.

type UserAPI

type UserAPI struct {
	Matrix *Global `yaml:"-"`

	// The cost when hashing passwords.
	BCryptCost int `yaml:"bcrypt_cost"`

	// The length of time an OpenID token is condidered valid in milliseconds
	OpenIDTokenLifetimeMS int64 `yaml:"openid_token_lifetime_ms"`

	// Disable TLS validation on HTTPS calls to push gatways. NOT RECOMMENDED!
	PushGatewayDisableTLSValidation bool `yaml:"push_gateway_disable_tls_validation"`

	// The Account database stores the login details and account information
	// for local users. It is accessed by the UserAPI.
	AccountDatabase DatabaseOptions `yaml:"account_database,omitempty"`

	// Users who register on this homeserver will automatically
	// be joined to the rooms listed under this option.
	AutoJoinRooms []string `yaml:"auto_join_rooms"`

	// The number of workers to start for the DeviceListUpdater. Defaults to 8.
	// This only needs updating if the "InputDeviceListUpdate" stream keeps growing indefinitely.
	WorkerCount int `yaml:"worker_count"`
}

func (*UserAPI) Defaults

func (c *UserAPI) Defaults(opts DefaultOpts)

func (*UserAPI) Verify

func (c *UserAPI) Verify(configErrs *ConfigErrors)

type VirtualHost

type VirtualHost struct {
	// Signing identity contains the server name, private key and key ID of
	// the virtual host.
	fclient.SigningIdentity `yaml:",inline"`

	// Path to the private key. If not specified, the default global private key
	// will be used instead.
	PrivateKeyPath Path `yaml:"private_key"`

	// How long a remote server can cache our server key for before requesting it again.
	// Increasing this number will reduce the number of requests made by remote servers
	// for our key, but increases the period a compromised key will be considered valid
	// by remote servers.
	// Defaults to 24 hours.
	KeyValidityPeriod time.Duration `yaml:"key_validity_period"`

	// Match these HTTP Host headers on the `/key/v2/server` endpoint, this needs
	// to match all delegated names, likely including the port number too if
	// the well-known delegation includes that also.
	MatchHTTPHosts []spec.ServerName `yaml:"match_http_hosts"`

	// Is registration enabled on this virtual host?
	AllowRegistration bool `yaml:"allow_registration"`

	// Is guest registration enabled on this virtual host?
	AllowGuests bool `yaml:"allow_guests"`
}

func (*VirtualHost) RegistrationAllowed

func (v *VirtualHost) RegistrationAllowed() (bool, bool)

RegistrationAllowed returns two bools, the first states whether registration is allowed for this virtual host and the second states whether guests are allowed for this virtual host.

func (*VirtualHost) Verify

func (v *VirtualHost) Verify(configErrs *ConfigErrors)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL