pull stuff out of globals
This commit is contained in:
dasha_uwu
@@ -185,7 +185,7 @@ pub async fn create_admin_room(services: &Services) -> Result {
|
||||
.await?;
|
||||
|
||||
// 6. Room alias
|
||||
let alias = &services.globals.admin_alias;
|
||||
let alias = &services.admin.admin_alias;
|
||||
|
||||
services
|
||||
.timeline
|
||||
|
||||
@@ -12,7 +12,7 @@ use async_trait::async_trait;
|
||||
pub use create::create_admin_room;
|
||||
use futures::{Future, FutureExt, TryFutureExt};
|
||||
use ruma::{
|
||||
OwnedEventId, OwnedRoomId, RoomId, UserId,
|
||||
OwnedEventId, OwnedRoomAliasId, OwnedRoomId, RoomId, UserId,
|
||||
events::room::message::{Relation, RoomMessageEventContent},
|
||||
};
|
||||
use tokio::sync::{RwLock, mpsc};
|
||||
@@ -27,6 +27,7 @@ pub struct Service {
|
||||
channel: StdRwLock<Option<mpsc::Sender<CommandInput>>>,
|
||||
pub handle: RwLock<Option<Processor>>,
|
||||
pub complete: StdRwLock<Option<Completer>>,
|
||||
pub admin_alias: OwnedRoomAliasId,
|
||||
#[cfg(feature = "console")]
|
||||
pub console: Arc<console::Console>,
|
||||
}
|
||||
@@ -69,6 +70,8 @@ impl crate::Service for Service {
|
||||
channel: StdRwLock::new(None),
|
||||
handle: RwLock::new(None),
|
||||
complete: StdRwLock::new(None),
|
||||
admin_alias: OwnedRoomAliasId::try_from(format!("#admins:{}", &args.server.name))
|
||||
.expect("#admins:server_name is valid alias name"),
|
||||
#[cfg(feature = "console")]
|
||||
console: console::Console::new(args),
|
||||
}))
|
||||
@@ -234,7 +237,7 @@ impl Service {
|
||||
let room_id = self
|
||||
.services
|
||||
.alias
|
||||
.resolve_local_alias(&self.services.globals.admin_alias)
|
||||
.resolve_local_alias(&self.admin_alias)
|
||||
.await?;
|
||||
|
||||
self.services
|
||||
|
||||
@@ -1,20 +1,10 @@
|
||||
mod data;
|
||||
|
||||
use std::{
|
||||
collections::HashMap,
|
||||
fmt::Write,
|
||||
ops::Range,
|
||||
sync::{Arc, RwLock},
|
||||
time::Instant,
|
||||
};
|
||||
use std::{ops::Range, sync::Arc};
|
||||
|
||||
use async_trait::async_trait;
|
||||
use data::Data;
|
||||
use regex::RegexSet;
|
||||
use ruma::{
|
||||
OwnedEventId, OwnedRoomAliasId, OwnedServerName, OwnedUserId, RoomAliasId, ServerName, UserId,
|
||||
};
|
||||
use tuwunel_core::{Result, Server, error, utils::bytes::pretty};
|
||||
use ruma::{OwnedUserId, RoomAliasId, ServerName, UserId};
|
||||
use tuwunel_core::{Result, Server, error};
|
||||
|
||||
use crate::service;
|
||||
|
||||
@@ -22,16 +12,11 @@ pub struct Service {
|
||||
pub db: Data,
|
||||
server: Arc<Server>,
|
||||
|
||||
pub bad_event_ratelimiter: Arc<RwLock<HashMap<OwnedEventId, RateLimitState>>>,
|
||||
pub server_user: OwnedUserId,
|
||||
pub admin_alias: OwnedRoomAliasId,
|
||||
pub turn_secret: String,
|
||||
pub registration_token: Option<String>,
|
||||
}
|
||||
|
||||
type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries
|
||||
|
||||
#[async_trait]
|
||||
impl crate::Service for Service {
|
||||
fn build(args: &crate::Args<'_>) -> Result<Arc<Self>> {
|
||||
let db = Data::new(args);
|
||||
@@ -67,9 +52,6 @@ impl crate::Service for Service {
|
||||
Ok(Arc::new(Self {
|
||||
db,
|
||||
server: args.server.clone(),
|
||||
bad_event_ratelimiter: Arc::new(RwLock::new(HashMap::new())),
|
||||
admin_alias: OwnedRoomAliasId::try_from(format!("#admins:{}", &args.server.name))
|
||||
.expect("#admins:server_name is valid alias name"),
|
||||
server_user: UserId::parse_with_server_name(
|
||||
String::from("conduit"),
|
||||
&args.server.name,
|
||||
@@ -80,29 +62,6 @@ impl crate::Service for Service {
|
||||
}))
|
||||
}
|
||||
|
||||
async fn memory_usage(&self, out: &mut (dyn Write + Send)) -> Result {
|
||||
let (ber_count, ber_bytes) = self.bad_event_ratelimiter.read()?.iter().fold(
|
||||
(0_usize, 0_usize),
|
||||
|(mut count, mut bytes), (event_id, _)| {
|
||||
bytes = bytes.saturating_add(event_id.capacity());
|
||||
bytes = bytes.saturating_add(size_of::<RateLimitState>());
|
||||
count = count.saturating_add(1);
|
||||
(count, bytes)
|
||||
},
|
||||
);
|
||||
|
||||
writeln!(out, "bad_event_ratelimiter: {ber_count} ({})", pretty(ber_bytes))?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn clear_cache(&self) {
|
||||
self.bad_event_ratelimiter
|
||||
.write()
|
||||
.expect("locked for writing")
|
||||
.clear();
|
||||
}
|
||||
|
||||
fn name(&self) -> &str { service::make_name(std::module_path!()) }
|
||||
}
|
||||
|
||||
@@ -141,110 +100,6 @@ impl Service {
|
||||
#[must_use]
|
||||
pub fn server_name(&self) -> &ServerName { self.server.name.as_ref() }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn allow_public_room_directory_over_federation(&self) -> bool {
|
||||
self.server
|
||||
.config
|
||||
.allow_public_room_directory_over_federation
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn allow_device_name_federation(&self) -> bool {
|
||||
self.server.config.allow_device_name_federation
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn allow_room_creation(&self) -> bool { self.server.config.allow_room_creation }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn new_user_displayname_suffix(&self) -> &String {
|
||||
&self.server.config.new_user_displayname_suffix
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn trusted_servers(&self) -> &[OwnedServerName] { &self.server.config.trusted_servers }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn turn_password(&self) -> &String { &self.server.config.turn_password }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn turn_ttl(&self) -> u64 { self.server.config.turn_ttl }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn turn_uris(&self) -> &[String] { &self.server.config.turn_uris }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn turn_username(&self) -> &String { &self.server.config.turn_username }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn notification_push_path(&self) -> &String { &self.server.config.notification_push_path }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_domain_contains_allowlist(&self) -> &Vec<String> {
|
||||
&self
|
||||
.server
|
||||
.config
|
||||
.url_preview_domain_contains_allowlist
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_domain_explicit_allowlist(&self) -> &Vec<String> {
|
||||
&self
|
||||
.server
|
||||
.config
|
||||
.url_preview_domain_explicit_allowlist
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_domain_explicit_denylist(&self) -> &Vec<String> {
|
||||
&self
|
||||
.server
|
||||
.config
|
||||
.url_preview_domain_explicit_denylist
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_url_contains_allowlist(&self) -> &Vec<String> {
|
||||
&self
|
||||
.server
|
||||
.config
|
||||
.url_preview_url_contains_allowlist
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_max_spider_size(&self) -> usize {
|
||||
self.server.config.url_preview_max_spider_size
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn url_preview_check_root_domain(&self) -> bool {
|
||||
self.server.config.url_preview_check_root_domain
|
||||
}
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn forbidden_alias_names(&self) -> &RegexSet { &self.server.config.forbidden_alias_names }
|
||||
|
||||
#[inline]
|
||||
#[must_use]
|
||||
pub fn forbidden_usernames(&self) -> &RegexSet { &self.server.config.forbidden_usernames }
|
||||
|
||||
/// checks if `user_id` is local to us via server_name comparison
|
||||
#[inline]
|
||||
#[must_use]
|
||||
|
||||
@@ -180,20 +180,12 @@ async fn download_html(&self, url: &str) -> Result<UrlPreviewData> {
|
||||
let mut bytes: Vec<u8> = Vec::new();
|
||||
while let Some(chunk) = response.chunk().await? {
|
||||
bytes.extend_from_slice(&chunk);
|
||||
if bytes.len()
|
||||
> self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_max_spider_size()
|
||||
{
|
||||
if bytes.len() > self.services.config.url_preview_max_spider_size {
|
||||
debug!(
|
||||
"Response body from URL {} exceeds url_preview_max_spider_size ({}), not \
|
||||
processing the rest of the response body and assuming our necessary data is in \
|
||||
this range.",
|
||||
url,
|
||||
self.services
|
||||
.globals
|
||||
.url_preview_max_spider_size()
|
||||
url, self.services.config.url_preview_max_spider_size
|
||||
);
|
||||
break;
|
||||
}
|
||||
@@ -244,22 +236,22 @@ pub fn url_preview_allowed(&self, url: &Url) -> bool {
|
||||
| Some(h) => h.to_owned(),
|
||||
};
|
||||
|
||||
let allowlist_domain_contains = self
|
||||
let allowlist_domain_contains = &self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_domain_contains_allowlist();
|
||||
let allowlist_domain_explicit = self
|
||||
.config
|
||||
.url_preview_domain_contains_allowlist;
|
||||
let allowlist_domain_explicit = &self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_domain_explicit_allowlist();
|
||||
let denylist_domain_explicit = self
|
||||
.config
|
||||
.url_preview_domain_explicit_allowlist;
|
||||
let denylist_domain_explicit = &self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_domain_explicit_denylist();
|
||||
let allowlist_url_contains = self
|
||||
.config
|
||||
.url_preview_domain_explicit_denylist;
|
||||
let allowlist_url_contains = &self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_url_contains_allowlist();
|
||||
.config
|
||||
.url_preview_url_contains_allowlist;
|
||||
|
||||
if allowlist_domain_contains.contains(&"*".to_owned())
|
||||
|| allowlist_domain_explicit.contains(&"*".to_owned())
|
||||
@@ -306,11 +298,7 @@ pub fn url_preview_allowed(&self, url: &Url) -> bool {
|
||||
}
|
||||
|
||||
// check root domain if available and if user has root domain checks
|
||||
if self
|
||||
.services
|
||||
.globals
|
||||
.url_preview_check_root_domain()
|
||||
{
|
||||
if self.services.config.url_preview_check_root_domain {
|
||||
debug!("Checking root domain");
|
||||
match host.split_once('.') {
|
||||
| None => return false,
|
||||
|
||||
@@ -159,7 +159,7 @@ async fn migrate(services: &Services) -> Result {
|
||||
);
|
||||
|
||||
{
|
||||
let patterns = services.globals.forbidden_usernames();
|
||||
let patterns = &services.config.forbidden_usernames;
|
||||
if !patterns.is_empty() {
|
||||
services
|
||||
.users
|
||||
@@ -183,7 +183,7 @@ async fn migrate(services: &Services) -> Result {
|
||||
}
|
||||
|
||||
{
|
||||
let patterns = services.globals.forbidden_alias_names();
|
||||
let patterns = &services.config.forbidden_alias_names;
|
||||
if !patterns.is_empty() {
|
||||
for room_id in services
|
||||
.metadata
|
||||
|
||||
@@ -207,7 +207,7 @@ impl Service {
|
||||
features: Default::default(),
|
||||
};
|
||||
|
||||
let dest = dest.replace(self.services.globals.notification_push_path(), "");
|
||||
let dest = dest.replace(&self.services.config.notification_push_path, "");
|
||||
trace!("Push gateway destination: {dest}");
|
||||
|
||||
let http_request = request
|
||||
|
||||
@@ -45,7 +45,7 @@ impl Service {
|
||||
pub fn set_alias(&self, alias: &RoomAliasId, room_id: &RoomId, user_id: &UserId) -> Result {
|
||||
self.check_alias_local(alias)?;
|
||||
|
||||
if alias == self.services.globals.admin_alias
|
||||
if alias == self.services.admin.admin_alias
|
||||
&& user_id != self.services.globals.server_user
|
||||
{
|
||||
return Err!(Request(Forbidden("Only the server user can set this alias")));
|
||||
|
||||
@@ -11,34 +11,38 @@ mod state_at_incoming;
|
||||
mod upgrade_outlier_pdu;
|
||||
|
||||
use std::{
|
||||
collections::hash_map,
|
||||
collections::{HashMap, hash_map},
|
||||
fmt::Write,
|
||||
ops::Range,
|
||||
sync::Arc,
|
||||
sync::{Arc, RwLock},
|
||||
time::{Duration, Instant},
|
||||
};
|
||||
|
||||
use async_trait::async_trait;
|
||||
use ruma::{EventId, OwnedRoomId, RoomId};
|
||||
use ruma::{EventId, OwnedEventId, OwnedRoomId, RoomId};
|
||||
use tuwunel_core::{
|
||||
Err, Result, implement,
|
||||
matrix::{Event, PduEvent},
|
||||
utils::{MutexMap, continue_exponential_backoff},
|
||||
utils::{MutexMap, bytes::pretty, continue_exponential_backoff},
|
||||
};
|
||||
|
||||
type RoomMutexMap = MutexMap<OwnedRoomId, ()>;
|
||||
|
||||
type RateLimitState = (Instant, u32); // Time if last failed try, number of failed tries
|
||||
|
||||
pub struct Service {
|
||||
pub mutex_federation: RoomMutexMap,
|
||||
services: Arc<crate::services::OnceServices>,
|
||||
bad_event_ratelimiter: Arc<RwLock<HashMap<OwnedEventId, RateLimitState>>>,
|
||||
}
|
||||
|
||||
type RoomMutexMap = MutexMap<OwnedRoomId, ()>;
|
||||
|
||||
#[async_trait]
|
||||
impl crate::Service for Service {
|
||||
fn build(args: &crate::Args<'_>) -> Result<Arc<Self>> {
|
||||
Ok(Arc::new(Self {
|
||||
mutex_federation: RoomMutexMap::new(),
|
||||
services: args.services.clone(),
|
||||
bad_event_ratelimiter: Arc::new(RwLock::new(HashMap::new())),
|
||||
}))
|
||||
}
|
||||
|
||||
@@ -46,9 +50,28 @@ impl crate::Service for Service {
|
||||
let mutex_federation = self.mutex_federation.len();
|
||||
writeln!(out, "federation_mutex: {mutex_federation}")?;
|
||||
|
||||
let (ber_count, ber_bytes) = self.bad_event_ratelimiter.read()?.iter().fold(
|
||||
(0_usize, 0_usize),
|
||||
|(mut count, mut bytes), (event_id, _)| {
|
||||
bytes = bytes.saturating_add(event_id.capacity());
|
||||
bytes = bytes.saturating_add(size_of::<RateLimitState>());
|
||||
count = count.saturating_add(1);
|
||||
(count, bytes)
|
||||
},
|
||||
);
|
||||
|
||||
writeln!(out, "bad_event_ratelimiter: {ber_count} ({})", pretty(ber_bytes))?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn clear_cache(&self) {
|
||||
self.bad_event_ratelimiter
|
||||
.write()
|
||||
.expect("locked for writing")
|
||||
.clear();
|
||||
}
|
||||
|
||||
fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }
|
||||
}
|
||||
|
||||
@@ -57,8 +80,6 @@ fn back_off(&self, event_id: &EventId) {
|
||||
use hash_map::Entry::{Occupied, Vacant};
|
||||
|
||||
match self
|
||||
.services
|
||||
.globals
|
||||
.bad_event_ratelimiter
|
||||
.write()
|
||||
.expect("locked")
|
||||
@@ -76,8 +97,6 @@ fn back_off(&self, event_id: &EventId) {
|
||||
#[implement(Service)]
|
||||
fn is_backed_off(&self, event_id: &EventId, range: Range<Duration>) -> bool {
|
||||
let Some((time, tries)) = self
|
||||
.services
|
||||
.globals
|
||||
.bad_event_ratelimiter
|
||||
.read()
|
||||
.expect("locked")
|
||||
|
||||
@@ -212,7 +212,7 @@ where
|
||||
I: Iterator<Item = (OwnedServerName, Vec<OwnedServerSigningKeyId>)> + Send,
|
||||
{
|
||||
let mut missing: Batch = batch.collect();
|
||||
for notary in self.services.globals.trusted_servers() {
|
||||
for notary in &self.services.config.trusted_servers {
|
||||
let missing_keys = keys_count(&missing);
|
||||
let missing_servers = missing.len();
|
||||
debug!(
|
||||
|
||||
@@ -121,7 +121,7 @@ async fn get_verify_key_from_notaries(
|
||||
origin: &ServerName,
|
||||
key_id: &ServerSigningKeyId,
|
||||
) -> Result<VerifyKey> {
|
||||
for notary in self.services.globals.trusted_servers() {
|
||||
for notary in &self.services.config.trusted_servers {
|
||||
if let Ok(server_keys) = self.notary_request(notary, origin).await {
|
||||
for server_key in server_keys.clone() {
|
||||
self.add_signing_keys(server_key).await;
|
||||
|
||||
Reference in New Issue
Block a user