Browse Source

feat: federation disabled by default

It can be enable in the Rocket.toml config or using ROCKET_FEDERATION_ENABLED=true
federation
Timo Kösters 3 weeks ago
parent
commit
6afc4c9b3e
Signed by: timo <timo@koesters.xyz> GPG Key ID: 24DA7517711A2BA4
5 changed files with 50 additions and 1 deletions
  1. +3
    -0
      DEPLOY_FROM_SOURCE.md
  2. +2
    -0
      Rocket-example.toml
  3. +1
    -0
      docker-compose.yml
  4. +6
    -0
      src/database/globals.rs
  5. +38
    -1
      src/server_server.rs

+ 3
- 0
DEPLOY_FROM_SOURCE.md View File

@@ -27,7 +27,10 @@ Environment="ROCKET_SERVER_NAME=YOURSERVERNAME.HERE" # EDIT THIS

Environment="ROCKET_PORT=14004" # Reverse proxy port

#Environment="ROCKET_MAX_REQUEST_SIZE=20000000" # in bytes
#Environment="ROCKET_REGISTRATION_DISABLED=true"
#Environment="ROCKET_ENCRYPTION_DISABLED=true"
#Environment="ROCKET_FEDERATION_ENABLED=true"
#Environment="ROCKET_LOG=normal" # Detailed logging

Environment="ROCKET_ENV=production"


+ 2
- 0
Rocket-example.toml View File

@@ -16,6 +16,8 @@ port = 14004
# Note: existing rooms will continue to work
#encryption_disabled = true

#federation_enabled = true

# Default path is in this user's data
#database_path = "/home/timo/MyConduitServer"



+ 1
- 0
docker-compose.yml View File

@@ -31,6 +31,7 @@ services:
# ROCKET_PORT: 8000
# ROCKET_REGISTRATION_DISABLED: 'true'
# ROCKET_ENCRYPTION_DISABLED: 'true'
# ROCKET_FEDERATION_ENABLED: 'true'
# ROCKET_DATABASE_PATH: /srv/conduit/.local/share/conduit
# ROCKET_WORKERS: 10
# ROCKET_MAX_REQUEST_SIZE: 20_000_000 # in bytes, ~20 MB


+ 6
- 0
src/database/globals.rs View File

@@ -14,6 +14,7 @@ pub struct Globals {
max_request_size: u32,
registration_disabled: bool,
encryption_disabled: bool,
federation_enabled: bool,
}

impl Globals {
@@ -69,6 +70,7 @@ impl Globals {
.map_err(|_| Error::BadConfig("Invalid max_request_size."))?,
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
federation_enabled: config.get_bool("federation_enabled").unwrap_or(false),
})
}

@@ -114,4 +116,8 @@ impl Globals {
pub fn encryption_disabled(&self) -> bool {
self.encryption_disabled
}

pub fn federation_enabled(&self) -> bool {
self.federation_enabled
}
}

+ 38
- 1
src/server_server.rs View File

@@ -57,6 +57,10 @@ pub async fn send_request<T: OutgoingRequest>(
where
T: Debug,
{
if !globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let resolver = AsyncResolver::tokio_from_system_conf()
.await
.map_err(|_| Error::BadConfig("Failed to set up trust dns resolver with system config."))?;
@@ -204,7 +208,11 @@ where
}

#[cfg_attr(feature = "conduit_bin", get("/_matrix/federation/v1/version"))]
pub fn get_server_version() -> ConduitResult<get_server_version::Response> {
pub fn get_server_version(db: State<'_, Database>) -> ConduitResult<get_server_version::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

Ok(get_server_version::Response {
server: Some(get_server_version::Server {
name: Some("Conduit".to_owned()),
@@ -216,6 +224,11 @@ pub fn get_server_version() -> ConduitResult<get_server_version::Response> {

#[cfg_attr(feature = "conduit_bin", get("/_matrix/key/v2/server"))]
pub fn get_server_keys(db: State<'_, Database>) -> Json<String> {
if !db.globals.federation_enabled() {
// TODO: Use proper types
return Json("Federation is disabled.".to_owned());
}

let mut verify_keys = BTreeMap::new();
verify_keys.insert(
format!("ed25519:{}", db.globals.keypair().version()),
@@ -259,6 +272,10 @@ pub async fn get_public_rooms_filtered_route(
db: State<'_, Database>,
body: Ruma<get_public_rooms_filtered::v1::Request<'_>>,
) -> ConduitResult<get_public_rooms_filtered::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let response = client_server::get_public_rooms_filtered_helper(
&db,
None,
@@ -302,6 +319,10 @@ pub async fn get_public_rooms_route(
db: State<'_, Database>,
body: Ruma<get_public_rooms::v1::Request<'_>>,
) -> ConduitResult<get_public_rooms::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let response = client_server::get_public_rooms_filtered_helper(
&db,
None,
@@ -345,6 +366,10 @@ pub fn send_transaction_message_route<'a>(
db: State<'a, Database>,
body: Ruma<send_transaction_message::v1::Request<'_>>,
) -> ConduitResult<send_transaction_message::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

//dbg!(&*body);
for pdu in &body.pdus {
let mut value = serde_json::from_str(pdu.json().get())
@@ -384,6 +409,10 @@ pub fn get_missing_events_route<'a>(
db: State<'a, Database>,
body: Ruma<get_missing_events::v1::Request<'_>>,
) -> ConduitResult<get_missing_events::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let mut queued_events = body.latest_events.clone();
let mut events = Vec::new();

@@ -427,6 +456,10 @@ pub fn get_profile_information_route<'a>(
db: State<'a, Database>,
body: Ruma<get_profile_information::v1::Request<'_>>,
) -> ConduitResult<get_profile_information::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let mut displayname = None;
let mut avatar_url = None;

@@ -455,6 +488,10 @@ pub fn get_user_devices_route<'a>(
db: State<'a, Database>,
body: Ruma<membership::v1::Request<'_>>,
) -> ConduitResult<get_profile_information::v1::Response> {
if !db.globals.federation_enabled() {
return Err(Error::BadConfig("Federation is disabled."));
}

let mut displayname = None;
let mut avatar_url = None;



Loading…
Cancel
Save