Merge remote-tracking branch 'famedly/master' into develop

next
Timo Kösters 2021-04-14 10:26:28 +02:00
commit abddfc2d2a
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
10 changed files with 147 additions and 40 deletions

63
.gitignore vendored
View File

@ -1,5 +1,64 @@
/target # CMake
**/*.rs.bk cmake-build-*/
# IntelliJ
.idea/
out/
*.iml
modules.xml
*.ipr
# mpeltonen/sbt-idea plugin
.idea_modules/
# Linux backup files
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
# Rust
/target/
### vscode ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
*.code-workspace
### Windows ###
# Windows thumbnail cache files
Thumbs.db
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows shortcuts
*.lnk
# Conduit
Rocket.toml Rocket.toml
conduit.toml conduit.toml
# Etc.
**/*.rs.bk

3
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,3 @@
{
"rust-analyzer.procMacro.enable": true
}

View File

@ -1,13 +1,10 @@
Install docker: Install docker:
```
$ sudo apt install docker $ sudo apt install docker
$ sudo usermod -aG docker $USER $ sudo usermod -aG docker $USER
$ exec sudo su -l $USER
Then log out and back in.
$ sudo systemctl start docker $ sudo systemctl start docker
$ cargo install cross $ cargo install cross
$ cross build --release --features tls_vendored --target armv7-unknown-linux-musleabihf $ cross build --release --features tls_vendored --target armv7-unknown-linux-musleabihf
```
The cross-compiled binary is at target/armv7-unknown-linux-musleabihf/release/conduit The cross-compiled binary is at target/armv7-unknown-linux-musleabihf/release/conduit

View File

@ -29,7 +29,7 @@ state-res = { git = "https://github.com/timokoesters/state-res", rev = "9bb46ae6
# Used for long polling and federation sender, should be the same as rocket::tokio # Used for long polling and federation sender, should be the same as rocket::tokio
tokio = "1.2.0" tokio = "1.2.0"
# Used for storing data permanently # Used for storing data permanently
sled = { version = "0.34.6", default-features = false, features = ["compression"] } sled = { version = "0.34.6", features = ["compression", "no_metrics"] }
#sled = { git = "https://github.com/spacejam/sled.git", rev = "e4640e0773595229f398438886f19bca6f7326a2", features = ["compression"] } #sled = { git = "https://github.com/spacejam/sled.git", rev = "e4640e0773595229f398438886f19bca6f7326a2", features = ["compression"] }
# Used for emitting log entries # Used for emitting log entries

View File

@ -18,6 +18,16 @@ $ sudo wget -O /usr/local/bin/matrix-conduit <url>
$ sudo chmod +x /usr/local/bin/matrix-conduit $ sudo chmod +x /usr/local/bin/matrix-conduit
``` ```
## Adding a Conduit user
While Conduit can run as any user it is usually better to use dedicated users for different services.
This also allows you to make sure that the file permissions are correctly set up.
In Debian you can use this command to create a Conduit user:
```
sudo adduser --system conduit --no-create-home
```
## Setting up a systemd service ## Setting up a systemd service
@ -33,8 +43,8 @@ After=network.target
[Service] [Service]
Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml" Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml"
User=root User=conduit
Group=root Group=nogroup
Restart=always Restart=always
ExecStart=/usr/local/bin/matrix-conduit ExecStart=/usr/local/bin/matrix-conduit
@ -91,6 +101,22 @@ allow_federation = true
address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
``` ```
## Setting the correct file permissions
As we are using a Conduit specific user we need to allow it to read the config.
To do that you can run this command on Debian:
```
sudo chown -R conduit:nogroup /etc/matrix-conduit
```
If you use the default database path you also need to run this:
```
sudo mkdir -p /var/lib/matrix-conduit/conduit_db
sudo chown -R conduit:nogroup /var/lib/matrix-conduit/conduit_db
```
## Setting up the Reverse Proxy ## Setting up the Reverse Proxy
@ -107,8 +133,8 @@ Listen 8448
ServerName your.server.name # EDIT THIS ServerName your.server.name # EDIT THIS
AllowEncodedSlashes NoDecode AllowEncodedSlashes NoDecode
ProxyPass /_matrix/ http://localhost:6167/ ProxyPass /_matrix/ http://localhost:6167/_matrix/
ProxyPassReverse /_matrix/ http://localhost:6167/ ProxyPassReverse /_matrix/ http://localhost:6167/_matrix/
Include /etc/letsencrypt/options-ssl-apache.conf Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/your.server.name/fullchain.pem # EDIT THIS SSLCertificateFile /etc/letsencrypt/live/your.server.name/fullchain.pem # EDIT THIS

View File

@ -1,25 +1,43 @@
# Conduit # Conduit
### A Matrix homeserver written in Rust ### A Matrix homeserver written in Rust
[![Liberapay](https://img.shields.io/liberapay/receives/timokoesters?logo=liberapay)](https://liberapay.com/timokoesters)
[![Matrix](https://img.shields.io/matrix/conduit:conduit.rs?server_fqdn=conduit.koesters.xyz)](https://matrix.to/#/#conduit:matrix.org)
#### What is the goal? #### What is the goal?
A fast Matrix homeserver that's easy to set up and just works. You can install A fast Matrix homeserver that's easy to set up and just works. You can install
it on a mini-computer like the Raspberry Pi to host Matrix for your family, it on a mini-computer like the Raspberry Pi to host Matrix for your family,
friends or company. friends or company.
#### Can I try it out? #### Can I try it out?
Yes! Just open a Matrix client (<https://app.element.io> or Element Android for Yes! Just open a Matrix client (<https://app.element.io> or Element Android for
example) and register on the `https://conduit.koesters.xyz` homeserver. example) and register on the `https://conduit.koesters.xyz` homeserver.
#### What is it build on?
- [Ruma](https://www.ruma.io): Useful structures for endpoint requests and
responses that can be (de)serialized
- [Sled](https://github.com/spacejam/sled): A simple (key, value) database with
good performance
- [Rocket](https://rocket.rs): A flexible web framework
#### What are the biggest things still missing?
- Most federation features (invites, e2ee)
- Push notifications on mobile
- Notification settings
- Lots of testing
Check out the [Conduit 1.0 Release Milestone](https://gitlab.com/famedly/conduit/-/milestones/3).
#### How can I deploy my own? #### How can I deploy my own?
##### Deploy ##### Deploy
Download or compile a conduit binary and call it from somewhere like a systemd script. [Read Download or compile a Conduit binary, set up the config and call it from somewhere like a systemd script. [Read
more](DEPLOY.md) more](DEPLOY.md)
##### Deploy using Docker ##### Deploy using Docker
@ -33,34 +51,23 @@ docker run -d -p 8448:8000 -v db:/srv/conduit/.local/share/conduit matrixconduit
Or build and run it with docker or docker-compose. [Read more](docker/README.md) Or build and run it with docker or docker-compose. [Read more](docker/README.md)
#### What is it build on?
- [Ruma](https://www.ruma.io): Useful structures for endpoint requests and
responses that can be (de)serialized
- [Sled](https://github.com/spacejam/sled): A simple (key, value) database with
good performance
- [Rocket](https://rocket.rs): A flexible web framework
#### What are the biggest things still missing?
- Appservices (Bridges and Bots)
- Most federation features (invites, e2ee)
- Push notifications on mobile
- Notification settings
- Lots of testing
Also check out the [milestones](https://git.koesters.xyz/timo/conduit/milestones).
#### How can I contribute? #### How can I contribute?
1. Look for an issue you would like to work on and make sure it's not assigned 1. Look for an issue you would like to work on and make sure it's not assigned
to other users to other users
2. Ask someone to assign the issue to you (comment on the issue or chat in 2. Ask someone to assign the issue to you (comment on the issue or chat in
#conduit:matrix.org) #conduit:nordgedanken.dev)
3. Fork the repo and work on the issue. #conduit:matrix.org is happy to help :) 3. Fork the repo and work on the issue. #conduit:nordgedanken.dev is happy to help :)
4. Submit a PR 4. Submit a MR
#### Donate #### Donate
Liberapay: <https://liberapay.com/timokoesters/>\ Liberapay: <https://liberapay.com/timokoesters/>\
Bitcoin: `bc1qnnykf986tw49ur7wx9rpw2tevpsztvar5x8w4n` Bitcoin: `bc1qnnykf986tw49ur7wx9rpw2tevpsztvar5x8w4n`
#### Logo
Lightning Bolt Logo: https://github.com/mozilla/fxemoji/blob/gh-pages/svgs/nature/u26A1-bolt.svg \
Logo License: https://github.com/mozilla/fxemoji/blob/gh-pages/LICENSE.md

View File

@ -22,8 +22,7 @@ use ruma::{
serde::{to_canonical_value, CanonicalJsonObject, Raw}, serde::{to_canonical_value, CanonicalJsonObject, Raw},
EventId, RoomId, RoomVersionId, ServerName, UserId, EventId, RoomId, RoomVersionId, ServerName, UserId,
}; };
use std::sync::RwLock; use std::{collections::BTreeMap, convert::TryFrom, sync::RwLock};
use std::{collections::BTreeMap, convert::TryFrom};
#[cfg(feature = "conduit_bin")] #[cfg(feature = "conduit_bin")]
use rocket::{get, post}; use rocket::{get, post};

View File

@ -1,3 +1,4 @@
#![allow(clippy::suspicious_else_formatting)]
pub mod appservice_server; pub mod appservice_server;
pub mod client_server; pub mod client_server;
mod database; mod database;

View File

@ -1,4 +1,5 @@
#![warn(rust_2018_idioms)] #![warn(rust_2018_idioms)]
#![allow(clippy::suspicious_else_formatting)]
pub mod appservice_server; pub mod appservice_server;
pub mod client_server; pub mod client_server;

View File

@ -1,4 +1,19 @@
# For use in our CI only. This requires a build artifact created by a previous run pipline stage to be placed in cached_target/release/conduit # For use in our CI only. This requires a build artifact created by a previous run pipline stage to be placed in cached_target/release/conduit
FROM valkum/docker-rust-ci:latest as builder
WORKDIR /workdir
ARG RUSTC_WRAPPER
ARG AWS_ACCESS_KEY_ID
ARG AWS_SECRET_ACCESS_KEY
ARG SCCACHE_BUCKET
ARG SCCACHE_ENDPOINT
ARG SCCACHE_S3_USE_SSL
COPY . .
RUN mkdir -p target/release
RUN test -e cached_target/release/conduit && cp cached_target/release/conduit target/release/conduit || cargo build --release
FROM valkum/docker-rust-ci:latest FROM valkum/docker-rust-ci:latest
WORKDIR /workdir WORKDIR /workdir
@ -32,4 +47,3 @@ CMD ([ -z "${COMPLEMENT_CA}" ] && echo "Error: Need Complement PKI support" && t
sed -i "s/your.server.name/${SERVER_NAME}/g" caddy.json && \ sed -i "s/your.server.name/${SERVER_NAME}/g" caddy.json && \
/workdir/caddy start --config caddy.json > /dev/null && \ /workdir/caddy start --config caddy.json > /dev/null && \
/workdir/conduit /workdir/conduit