feat: Add allowed_remote_server_names

This allows explicitly allowing servers. Can be combined with the opposite to create allowlist-only federation. See also #31 Closes #673
2026-05-26 10:24:48 +00:00 · 2025-04-19 23:29:33 +01:00
parent 0eb9e4f3d2
commit 9e62076baa
3 changed files with 39 additions and 2 deletions
@@ -1206,10 +1206,20 @@
 #
 # Basically "global" ACLs.
 #
+# You can set this to ["*"] to block all servers by default, and then
+# use `allowed_remote_server_names` to allow only specific servers.
+#
 # example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
 #
 #forbidden_remote_server_names = []

+# List of allowed server names via regex patterns that we will allow,
+# regardless of if they match `forbidden_remote_server_names`.
+#
+# example: ["goodserver\.tld$", "goodphrase"]
+#
+#allowed_remote_server_names = []
+
 # List of forbidden server names via regex patterns that we will block all
 # outgoing federated room directory requests for. Useful for preventing
 # our users from wandering into bad servers or spaces.
@@ -1383,12 +1383,24 @@ pub struct Config {
 	///
 	/// Basically "global" ACLs.
 	///
+	/// You can set this to ["*"] to block all servers by default, and then
+	/// use `allowed_remote_server_names` to allow only specific servers.
+	///
 	/// example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
 	///
 	/// default: []
 	#[serde(default, with = "serde_regex")]
 	pub forbidden_remote_server_names: RegexSet,

+	/// List of allowed server names via regex patterns that we will allow,
+	/// regardless of if they match `forbidden_remote_server_names`.
+	///
+	/// example: ["goodserver\.tld$", "goodphrase"]
+	///
+	/// default: []
+	#[serde(default, with = "serde_regex")]
+	pub allowed_remote_server_names: RegexSet,
+
 	/// List of forbidden server names via regex patterns that we will block all
 	/// outgoing federated room directory requests for. Useful for preventing
 	/// our users from wandering into bad servers or spaces.
@@ -24,8 +24,23 @@ fn name(&self) -> &str { crate::service::make_name(std::module_path!()) }
 #[implement(Service)]
 #[must_use]
 pub fn is_remote_server_forbidden(&self, server_name: &ServerName) -> bool {
-	// Forbidden if NOT (allowed is empty OR allowed contains server OR is self)
-	// OR forbidden contains server
+	// We must never block federating with ourselves
+	if server_name == self.services.server.config.server_name {
+		return false;
+	}
+
+	// Check if server is explicitly allowed
+	if self
+		.services
+		.server
+		.config
+		.allowed_remote_server_names
+		.is_match(server_name.host())
+	{
+		return false;
+	}
+
+	// Check if server is explicitly forbidden
 	self.services
 		.server
 		.config