Compare commits

..
Author SHA1 Message Date
Jade Ellis 7207398a9e docs: Changelog 2026-03-03 19:39:54 +00:00
Jason VolkandJade Ellis 1a7bda209b feat: Implement Dehydrated Devices MSC3814
Co-authored-by: Jade Ellis <jade@ellis.link>
Signed-off-by: Jason Volk <jason@zemos.net>
2026-03-03 19:39:53 +00:00
Autumn AshtonandEllis Git 7e1950b3d2 fix(docker): Fix building a docker container with dev profile
In Rust, the dev profile uses "debug" as the name of the output folder.
2026-03-03 19:31:04 +00:00
timedout b507898c62 fix: Bump ruwuma again 2026-03-03 18:10:28 +00:00
nexy7574 f4af67575e fix: Bump ruwuma to resolve duplicate state error 2026-03-03 06:01:02 +00:00
timedout 6adb99397e feat: Remove MSC4010 support 2026-02-27 17:03:19 +00:00
Renovate BotandEllis Git 8ce83a8a14 chore(deps): update rust crate axum-extra to 0.12.0 2026-02-25 17:16:35 +00:00
Niklas WojtkowiakandEllis Git 052c4dfa21 fix(sync): don't override sliding sync v5 list range start to zero 2026-02-24 13:59:33 +00:00
lynxize a43dee1728 fix: Don't show successful media deletion as an error
Fixes !admin media delete --mxc <url> responding with an error message
when the media was deleted successfully.
2026-02-23 22:02:34 -07:00
Niklas Wojtkowiak 763d9b3de8 fixup! fix(api): restore backwards compatibility for RTC foci config 2026-02-23 18:10:25 -05:00
Niklas Wojtkowiakand0xnim 1e6d95583c chore(deps): update ruwuma revision 2026-02-23 23:01:15 +00:00
Niklas Wojtkowiakand0xnim 8a254a33cc fix(api): restore backwards compatibility for RTC foci config 2026-02-23 23:01:15 +00:00
Niklas Wojtkowiakand0xnim c97dd54766 chore(changelog): add news fragment for #1442 2026-02-23 23:01:15 +00:00
Niklas Wojtkowiakand0xnim 8ddb7c70c0 feat(api): implement MSC4143 RTC transports discovery endpoint
Add dedicated \`GET /_matrix/client/v1/rtc/transports\` and \`GET /_matrix/client/unstable/org.matrix.msc4143/rtc/transports\` endpoints for MatrixRTC focus discovery (MSC4143), replacing the deprecated well-known approach.

Move RTC foci configuration from \`[global.well_known]\` into a new \`[global.matrix_rtc]\` config section with a \`foci\` field. Remove \`rtc_foci\` from the \`.well-known/matrix/client\` response. Update LiveKit setup documentation accordingly.

Closes #1431
2026-02-23 23:01:15 +00:00
Niklas WojtkowiakandEllis Git cb9786466b chore(changelog): add news fragment for #1441 2026-02-23 17:59:13 +00:00
Niklas WojtkowiakandEllis Git 18d2662b01 fix(config): remove allow_public_room_directory_without_auth 2026-02-23 17:59:13 +00:00
timedout 558262dd1f chore: Refactor transaction_ids -> transactions 2026-02-23 17:44:35 +00:00
timedout d311b87579 chore: Fix incorrect capitalisation
I didn't realise I agreed to take an English class with @ginger while
working on this server lol
2026-02-23 17:25:12 +00:00
timedout 8702f55cf5 fix: Don't panic if nobody's listening 2026-02-23 17:22:37 +00:00
timedout d4481b07ac chore: Add news frag 2026-02-23 16:54:54 +00:00
Jade Ellisandtimedout 92351df925 refactor: Make federation transaction handle errors correctly
We have a dedicated error type that's then matched.
Event sorting is now infallible.
Could probably be cleaned up in a bit.
2026-02-23 16:36:46 +00:00
Jade Ellisandtimedout 47e2733ea1 refactor: Make stream utils generic over the error type 2026-02-23 16:36:46 +00:00
Jade Ellisandtimedout 6637e4c6a7 fix: Clean up cache, prevent several race conditions
We use one map which is only ever held for a short time.
2026-02-23 16:36:46 +00:00
nexy7574 35e441452f feat: Attempt to build localised DAG before processing PDUs 2026-02-23 16:36:46 +00:00
nexy7574 66bbb655bf feat: Warn when server is overloaded 2026-02-23 16:36:45 +00:00
nexy7574 81b202ce51 chore: Decrease transaction log verbosity 2026-02-23 16:36:45 +00:00
nexy7574 4657844d46 feat: Show active transaction handle count in !admin federation incoming-federation 2026-02-23 16:36:45 +00:00
nexy7574 9016cd11a6 chore: Run pre-commit and clippy to fix inherited CI errs 2026-02-23 16:36:45 +00:00
nexy7574 dd70094719 feat: Make max_active_txns actually configurable 2026-02-23 16:36:45 +00:00
nexy7574 fcd49b7ab3 fix: Remove duplicate fields from logs 2026-02-23 16:36:45 +00:00
nexy7574 470c9b52dd feat: Instrument process_inbound_transaction 2026-02-23 16:36:45 +00:00
nexy7574 0d8cafc329 feat: Support casting transaction processing to the background 2026-02-23 16:36:44 +00:00
nexy7574 2f9956ddca feat: Add helper functions for federation channels 2026-02-23 16:36:44 +00:00
nexy7574 21a97cdd0b chore: Refactor existing references to transaction service 2026-02-23 16:36:44 +00:00
nexy7574 e986cd4536 feat(federation): Restructure transaction_ids service
Adds two new in-memory maps to the service in to prepare for better handlers
2026-02-23 16:36:40 +00:00
Shane JarochandEllis Git 526d862296 fix: more aggressive user agent for URL preview
adding "facebookexternalhit" alongside "embedbot" fixes many errors, such as YouTube Music's:
    "Your browser is deprecated. Please upgrade."

add admin command to clear URL stuck and broken data (per URL currently)

    add command to clear all saved URL previews.
    sync resolver docs.
2026-02-23 15:24:14 +00:00
Ben BotwinandEllis Git fbeb5bf186 report permission denied errors 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git a336f2df44 fixed formatting 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git 19b78ec73e made error handling more concise 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git 27ff2d9363 added more granular error handling for other file fetch function 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git 50fa8c3abf ran format 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git 18c4be869f added handling for other potential errors 2026-02-23 15:22:18 +00:00
Ben BotwinandEllis Git fc00b96d8b Added proper 404 for not found media and fixed devshell for running tests 2026-02-23 15:22:18 +00:00
Jade EllisandEllis Git fa4156d8a6 docs: Changelog 2026-02-22 21:19:20 +00:00
Jade EllisandEllis Git 23638cd714 feat(appservices): MSC3202 Device masquerading for appservices 2026-02-22 21:19:20 +00:00
Raven 9f1a483e76 docs: Add information about partnered homeservers to the introduction page & update README.md
Includes step-by-step directions to ease the lift for those who have ended up
here and who have never created a matrix account or used matrix before in the
past.

Also updates the information in README.md to match, as these should generally be identical.
2026-02-21 18:51:56 -08:00
Renovate BotandEllis Git 688ef727e5 chore(deps): update rust crate nix to 0.31.0 2026-02-21 16:33:05 +00:00
Shannon SterzandEllis Git 3de026160e docs: express forbidden_remote_server_names as valid regex
this field expects a regex not a glob, so the correct value should be
".*" if one wants to block all remote server names. otherwise, setting
"*" as documented results in an error on start because the configuration
could not be properly parsed.
2026-02-21 16:27:59 +00:00
Ginger 9fe761513d chore: Clippy & prek fixes 2026-02-21 11:27:39 -05:00
Renovate BotandEllis Git abf1e1195a chore(deps): update rust crate libloading to 0.9.0 2026-02-21 01:55:48 +00:00
Ginger d9537e9b55 fix: Forbid registering users with a non-local localpart 2026-02-20 20:54:19 -05:00
Jade Ellis 0d1de70d8f fix(deps): Update lockfile 2026-02-21 00:22:42 +00:00
Ben BotwinandJade Ellis 4aa03a71eb fix(nix): Added unstable flag to buildDeps 2026-02-21 00:15:53 +00:00
aviacandJade Ellis f847918575 fix(nix): Fix all-features build
The build was broken since we started using an unstable reqwest version
which requires setting an extra feature flag
2026-02-21 00:15:53 +00:00
Renovate BotandEllis Git 7569a0545b chore(deps): update dependency lddtree to 0.5.0 2026-02-20 22:59:34 +00:00
Jade Ellis b6c5991e1f chore(deps): Update rand
A couple indirect deps are still on rand_core 0.6 but we can deal
2026-02-20 22:57:45 +00:00
Katie KlossandEllis Git efd879fcd8 docs: Add news fragment 2026-02-20 10:13:54 +00:00
Katie KlossandEllis Git 92a848f74d fix: Crash before starting on OpenBSD
core_affinity doesn't return any cores on OpenBSD, so we try to
clamp(1, 0). This is Less Good than fixing that crate, but at
least allows the server to start up.
2026-02-20 10:13:54 +00:00
Renovate Bot 776b5865ba chore(deps): update sentry-rust monorepo to 0.46.0 2026-02-19 14:56:25 +00:00
timedout 722bacbe89 chore: Fix busted lockfile merge 2026-02-19 02:33:41 +00:00
46907e3dce chore: Migrate to axum 0.8
Co-authored-by: dasha_uwu
2026-02-19 02:18:29 +00:00
timedout 31e2195e56 fix: Remove non-compliant and non-functional non-authoritative directory queries
chore: Add news frag
2026-02-19 01:37:42 +00:00
TerryandEllis Git 7ecac93ddc fix: Remove rocksdb secondary mode 2026-02-18 23:11:53 +00:00
TerryandEllis Git 6a0b103722 docs: Changelog 2026-02-18 23:11:53 +00:00
TerryandEllis Git 23d77b614f fix: Remove ability to set rocksdb as read only 2026-02-18 23:11:53 +00:00
stratselfandEllis Git e01aa44b16 fix: add nodejs URL in CONTRIBUTING.md page 2026-02-18 23:07:29 +00:00
stratselfandEllis Git a08739c246 docs: rewrite how to load docs with new rspress engine 2026-02-18 23:07:29 +00:00
GingerandEllis Git c14864b881 fix: Wording fixes 2026-02-18 14:41:03 +00:00
GingerandEllis Git 1773e72e68 feat(docs): Add a note about !779 to the troubleshooting page 2026-02-18 14:41:03 +00:00
kraemandEllis Git 0f94d55689 fix: don't warn about needed backfill via federation for non-federated rooms 2026-02-18 14:27:14 +00:00
Renovate BotandEllis Git abfb6377c2 chore(deps): update rust-patch-updates 2026-02-18 14:26:49 +00:00
Renovate Bot 91d64f5b24 chore(deps): update rust crate askama to 0.15.0 2026-02-18 05:04:23 +00:00
Jade Ellis 9a3f3f6e78 ci: Explicitly enable Dependency Dashboard 2026-02-17 21:33:30 +00:00
Jade Ellis b3e31a4aad ci(deps): Automerge typos updates 2026-02-17 21:33:13 +00:00
Jade Ellis 8cda431cc6 ci(deps): Group npm patch updates 2026-02-17 21:30:51 +00:00
Renovate Bot 02b9a3f713 chore(deps): update pre-commit hook crate-ci/typos to v1.43.5 2026-02-17 05:03:45 +00:00
timedoutandEllis Git d40893730c chore: Lighten the phrasing 2026-02-17 02:07:19 +00:00
timedoutandEllis Git 28fae58cf6 chore: Add news frag & rebuild config 2026-02-17 02:07:19 +00:00
timedoutandEllis Git f458f6ab76 chore: Disable presence by default, and add warnings to other heavy ops 2026-02-17 02:07:19 +00:00
Shane Jaroch fdf9cea533 fix(admin-cli): concatenation/formatting error, i.e.,
**NOTE:** If there are any features, tools, or admin internals dependent on this output that would break, let me know!
I'm hoping this is acceptable, since it's a human-readable command.

Current output:

```shell
uwu> server list-backups
    #1 Mon, 9 Feb 2026 20:36:25 +0000: 66135580 bytes, 595 files#2 Wed, 11 Feb 2026 02:33:15 +0000: 270963746 bytes, 1002 files#3 Sat, 14 Feb 2026 22:11:19 +0000: 675905487 bytes, 2139 files
```

Should be:

```shell
uwu> server list-backups
    #1 Mon, 9 Feb 2026 20:36:25 +0000: 66135580 bytes, 595 files
    #2 Wed, 11 Feb 2026 02:33:15 +0000: 270963746 bytes, 1002 files
    #3 Sat, 14 Feb 2026 22:11:19 +0000: 675905487 bytes, 2139 files
```
2026-02-16 00:52:02 -05:00
Jade Ellis ecb1b73c84 style: Trailing whitespace 2026-02-16 03:47:16 +00:00
roootandJade Ellis e03082480a docs(livekit): document nginx websockets too
Signed-off-by: rooot <hey@rooot.gay>
2026-02-16 03:43:43 +00:00
roootandJade Ellis f9e7f019ad docs(livekit): fix port in caddy config example
Signed-off-by: rooot <hey@rooot.gay>
2026-02-16 03:43:43 +00:00
roootandJade Ellis 12069e7c86 docs(livekit): add nginx proxy example
Signed-off-by: rooot <hey@rooot.gay>
2026-02-16 03:43:42 +00:00
Jade Ellis 77928a62b4 docs: Document BSD community room 2026-02-16 03:31:56 +00:00
elisaadoandEllis Git c73cb5c1bf feat(docs): Add Kubernetes documentation with sample (#1387)
Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1387
Reviewed-by: Jade Ellis <jade@ellis.link>
Co-authored-by: elisaado <forgejoellis@elisaado.com>
Co-committed-by: elisaado <forgejoellis@elisaado.com>
2026-02-16 03:14:29 +00:00
Jade Ellis a140eacb04 docs: Fix trailing list 2026-02-16 03:12:50 +00:00
Jade Ellis 40536b13da feat: Add experimental http3 support
Only enabled in Docker builds for now, due to build config required. Not
sure if more work is needed for 0RTT.
2026-02-16 02:56:49 +00:00
Jade Ellis cacd8681d1 docs: Update & apply feedback 2026-02-16 02:55:26 +00:00
burgundiaandJade Ellis b095518e6f Update documentation to feature LiveKit-related configuration options present in continuwuity.toml 2026-02-16 02:35:41 +00:00
Jade Ellis a91add4aca docs: Apply feedback 2026-02-16 02:35:41 +00:00
Jade Ellis 7fec48423a chore: Style 2026-02-16 02:35:40 +00:00
Jade Ellis 2f6b7c7a40 docs: Update TURN guide 2026-02-16 02:35:40 +00:00
Jade Ellis 48ab6adec1 chore: Apply review comments 2026-02-16 02:35:40 +00:00
Jade Ellis 592244d5aa docs: Last dead link 2026-02-16 02:35:40 +00:00
Jade Ellis 091893f8bc fix: oops 2026-02-16 02:35:40 +00:00
Jade Ellis 6eba6a838e docs: Fix broken links 2026-02-16 02:35:39 +00:00
Jade Ellis 1a11c784f5 docs: Write up how to set up LiveKit calling 2026-02-16 02:35:38 +00:00
Renovate BotandEllis Git 55ccfdb973 chore(deps): update rust-patch-updates 2026-02-15 23:04:26 +00:00
Henry-HilesandEllis Git a9a39e6d5e fix: Update regex for web template in uwulib build 2026-02-15 23:04:05 +00:00
Jade Ellis 38bf1ccbcc refactor: Drop duplicate clone 2026-02-15 23:03:23 +00:00
timedoutandJade Ellis b7a8cbdb42 feat: Exclude empty rooms from !admin rooms list by default
Reviewed-By: Ginger <ginger@gingershaped.computer>
2026-02-15 23:03:23 +00:00
Ginger 4e1dac32a5 fix: Don't panic when running startup admin commands 2026-02-15 17:32:26 -05:00
timedout 7b21c3fd9f chore: Update changelog 2026-02-15 20:39:14 +00:00
timedout f566ca1b93 chore: Release 0.5.5 2026-02-15 20:31:58 +00:00
timedout debe411e23 fix(ci): Work around LLVM issue & dynamically select clang pkg version 2026-02-15 20:27:55 +00:00
timedout dc0d6a9220 fix: Install clang-23 specifically
clang (clang-22) is busted
2026-02-15 19:09:33 +00:00
timedout 2efdb6fb0d fix: Work around https://github.com/llvm/llvm-project/issues/153385 2026-02-15 18:55:17 +00:00
GingerandEllis Git 576348a445 fix: Set default value of allow_registration to true 2026-02-15 18:05:42 +00:00
GingerandEllis Git f322b6dca0 chore: News fragment 2026-02-15 18:05:42 +00:00
GingerandEllis Git a1ed77a99c feat: Add a link to the clients list on matrix.org 2026-02-15 18:05:42 +00:00
GingerandEllis Git 01b5dffeee feat: Default index page improvements
- Add project logo to footer and favicon
- Display different messages depending on if first-run mode is active
2026-02-15 18:05:42 +00:00
GingerandEllis Git ea3c00da43 chore: Clippy fixes 2026-02-15 18:05:42 +00:00
GingerandEllis Git 047eba0442 feat: Improve the initial setup experience
- Issue a single-use token for initial account creation
- Disable registration through other methods until the first account is made
- Print helpful instructions to the console on the first run
- Improve the welcome message sent in the admin room on first run
2026-02-15 18:05:42 +00:00
GingerandEllis Git 11a088be5d feat: Stop logging announcements to the console 2026-02-15 18:05:42 +00:00
GingerandEllis Git dc6bd4e541 fix: Silence unnecessary policy server errors in debug builds 2026-02-15 18:05:42 +00:00
GingerandEllis Git 2bf9207cc4 feat: Add skeleton first-run service 2026-02-15 18:05:42 +00:00
GingerandEllis Git b2a87e2fb9 refactor: Add support for multiple static tokens to registration token service 2026-02-15 18:05:42 +00:00
timedout 7d0686f33c fix: Error response can leak appservice token
Reviewed-By: Ginger <ginger@gingershaped.computer>
Reviewed-By: Jade Ellis <jade@ellis.link>
2026-02-15 17:58:48 +00:00
Jade Ellis 082c44f355 fix: Only sync LDAP admin status when admin_filter is configured
Closes #1307
2026-02-15 16:17:26 +00:00
Jade Ellis 117c581948 fix: Correct incorrectly inverted boolean expression 2026-02-15 16:11:19 +00:00
timedoutandJade Ellis cb846a3ad1 style: Invert pending_invite_state check 2026-02-15 16:11:19 +00:00
timedoutandJade Ellis 81b984b2cc style: Compress should_rescind_invite 2026-02-15 16:11:19 +00:00
timedoutandJade Ellis e2961390ee feat: Support rescinding invites over federation 2026-02-15 16:11:19 +00:00
timedoutandJade Ellis cb75e836e0 style: Update error messages in make_join.rs 2026-02-15 16:11:19 +00:00
nexy7574andJade Ellis cb7a988b1b chore: Add news frag 2026-02-15 16:11:19 +00:00
nexy7574andJade Ellis aa5400bcef style: Fix IncompatibleRoomVersion log line 2026-02-15 16:11:18 +00:00
nexy7574andJade Ellis ff4dddd673 fix: Refactor local join process 2026-02-15 16:11:18 +00:00
nexy7574andJade Ellis c22b17fb29 fix: Return accurate errors in make_join for restricted rooms 2026-02-15 16:11:18 +00:00
timedoutandJade Ellis 3da7fa24db fix: Produce more useful errors in make_join_request 2026-02-15 16:11:18 +00:00
timedoutandJade Ellis d15ac1d3c1 fix: Use 404 instead of 400 (and include sender) 2026-02-15 15:55:36 +00:00
timedoutandJade Ellis a9ebdf58e2 feat: Filter ignored PDUs in relations 2026-02-15 15:55:35 +00:00
timedoutandJade Ellis f1ab27d344 feat: Return SENDER_IGNORED error for context and relations 2026-02-15 15:55:35 +00:00
timedoutandJade Ellis 8bc6e6ccca feat: Return SENDER_IGNORED error in is_ignored_pdu 2026-02-15 15:55:32 +00:00
Jade Ellis 60a3abe752 refactor: Use HashSet 2026-02-15 15:35:29 +00:00
EllieandJade Ellis e3b874d336 fix(sync): handle wildcard state keys in sliding sync required_state 2026-02-15 15:35:29 +00:00
Jade Ellis f3f82831b4 docs: Changelog 2026-02-15 15:23:15 +00:00
Jade Ellis 26aac1408e fix: Correct user agent changes
Correct the domain
Remove "embed" in the UA because the
global UA was modified, rather than
just the one for preview requests
2026-02-15 15:21:06 +00:00
Trash PandaandJade Ellis be8f62396a feat(core): Change default user agent 2026-02-15 15:21:06 +00:00
Trash PandaandJade Ellis 40996a6602 feat(core): Add config option for the url preview user agent 2026-02-15 15:21:05 +00:00
Jade Ellis 9cae531f90 doc: Changelog 2026-02-15 15:19:03 +00:00
Jade Ellis 56eea935b6 feat: Deadlock detector thread 2026-02-15 15:19:02 +00:00
Renovate Bot fcb646f8c4 chore(deps): update rust-patch-updates 2026-02-15 05:02:30 +00:00
Jade EllisandEllis Git 57b21c1b32 docs: Add links to matrix guides 2026-02-14 19:29:07 +00:00
Ginger 8d66500c99 chore: Code cleanup 2026-02-14 14:12:57 -05:00
Simon GardlingandGinger abacf1dc20 chore: News fragment 2026-02-14 14:12:42 -05:00
Simon GardlingandGinger 134e5cadaf fix(sliding-sync): Properly handle wildcard state_key
Fixes calls as described in https://forgejo.ellis.link/continuwuation/continuwuity/issues/1306
2026-02-14 14:12:35 -05:00
Renovate BotandEllis Git 8ec0f0d830 chore(deps): update dependency @rspress/plugin-client-redirects to v2.0.3 2026-02-14 14:14:40 +00:00
Renovate Bot 0453544036 chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.5 2026-02-14 05:03:21 +00:00
Jade EllisandEllis Git 89ad809270 docs: Correct comment on rtc_focus_server_urls 2026-02-13 19:52:39 +00:00
Chris W JonesandEllis Git ecd3a4eb41 build: Update ruwuma for RTC Foci responses 2026-02-13 19:52:39 +00:00
Chris W JonesandEllis Git 5506997ca0 feat: Add config option for livekit
This adds a new config option under `global.well_known` for livekit
server URLs.  It also updates the well_known client API endpoint to
return this list.

Closes #1355
2026-02-13 19:52:39 +00:00
Renovate BotandEllis Git abc0683d59 chore(deps): update dependency @rspress/core to v2.0.3 2026-02-13 19:32:56 +00:00
Renovate Bot dd60beb9fb chore(deps): update dependency @rspress/plugin-sitemap to v2.0.3 2026-02-13 05:04:20 +00:00
arxari d9520f9382 Change the federation testing site in the docs to a more verbose one
The new site is easy to use at a glance but provides more advanced info if needed

Nexxy approved https://matrix.to/#/#offtopic:continuwuity.org/$rHSywj-s3v9onrROBcwDCHnnOpPVFbu0-Xgrh9A4btw
2026-02-12 20:13:47 +00:00
arxari 40bb5366bb Change the federation testing site to a more verbose one
The new site is easy to use at a glance but provides more advanced info if needed

Nexxy approved https://matrix.to/#/#offtopic:continuwuity.org/$rHSywj-s3v9onrROBcwDCHnnOpPVFbu0-Xgrh9A4btw
2026-02-12 20:11:20 +00:00
timedout f82bd77073 style: Fix clippy issues 2026-02-12 19:10:13 +00:00
timedout 7d84ba5ff2 fix: Don't include latest_events in output 2026-02-12 17:37:29 +00:00
timedout 69a8937584 fix: Complement runner 2026-02-12 17:23:39 +00:00
timedout b2ec13d342 fix: Redo the get_missing_events federation route 2026-02-12 16:48:12 +00:00
Jade Ellis 4e55e1ea90 docs: Add note about checking the contents of configuration 2026-02-11 16:56:07 +00:00
gingerandEllis Git f5f3108d5f chore: Formatting 2026-02-10 22:56:11 +00:00
chri-kandEllis Git d1e1ee6156 fix: always treat server_user as an admin 2026-02-10 22:56:11 +00:00
Omar Pakker ae16a45515 chore: Add towncrier news fragment 2026-02-10 23:07:38 +01:00
Omar Pakker 077bda23a6 feat(admin): Add resolver cache flush command
This command allows an admin to flush a specific server
from the resolver caches or flush the whole cache.
2026-02-10 23:07:32 +01:00
Renovate Bot a2bf0c1223 chore(deps): update pre-commit hook crate-ci/typos to v1.43.4 2026-02-10 05:02:40 +00:00
GingerandEllis Git b9b1ff87f2 chore: Formatting fixes 2026-02-10 02:29:11 +00:00
GingerandEllis Git 3c0146d437 feat: Implement a migration to fix busted local invites 2026-02-10 02:29:11 +00:00
GingerandEllis Git 7485d4aa91 fix: Properly set stripped state for local invites 2026-02-10 02:29:11 +00:00
Jade Ellis 39bdb4c5a2 chore: Announcement for v0.5.4 2026-02-09 20:48:47 +00:00
Renovate BotandEllis Git 55fb3b8848 chore(deps): update pre-commit hook crate-ci/typos to v1.43.3 2026-02-09 15:26:52 +00:00
timedout 19146166c0 chore: Linkify pull requests in CHANGELOG.md 2026-02-08 17:49:53 +00:00
timedout f47027006f chore: Bump cargo lock 2026-02-08 17:45:51 +00:00
timedout b7a8f71e14 chore: Bump version 2026-02-08 17:41:53 +00:00
timedout c7378d15ab chore: Update changelog 2026-02-08 17:41:30 +00:00
timedoutandEllis Git 7beeab270e fix: Add failing spell check string to typos
This isn't the proper fix but whatever it makes CI pass
2026-02-08 17:25:09 +00:00
Julian AndersonandEllis Git 6a812b7776 chore: Add news fragment 2026-02-08 17:25:09 +00:00
Julian AndersonandEllis Git b1f4bbe89e docs(deploying/fedora): Remove seemingly nonexistent/impossible Fedora install method 2026-02-08 17:25:09 +00:00
Julian AndersonandEllis Git 6701f88bf9 docs(deploying/fedora): Fix URLs for known working install methods, add EL caveat, correct GPG key info 2026-02-08 17:25:09 +00:00
Jade EllisandEllis Git 62b9e8227b docs: Explain enabling backtraces at runtime 2026-02-08 17:23:09 +00:00
Jade EllisandEllis Git 7369b58d91 feat: Try log original server error 2026-02-08 17:23:09 +00:00
Jade EllisandEllis Git f6df44b13f feat: Try log panics before unwinds to catch backtraces 2026-02-08 17:23:09 +00:00
timedout f243b383cb style: Fix typo in validate_remote_member_event_stub 2026-02-08 15:37:40 +00:00
timedout e0b7d03018 fix: Perform additional membership validation on remote knocks too 2026-02-08 15:34:07 +00:00
timedout 184ae2ebb9 fix: Apply validation to make_join process 2026-02-06 18:15:39 +00:00
timedout 0ea0d09b97 fix: Don't fail open when a PDU doesn't have a short state hash 2026-02-06 18:09:09 +00:00
timedout 6763952ce4 chore: Bump ruwuma 2026-02-06 17:52:48 +00:00
Renovate BotandEllis Git e2da8301df chore(deps): update pre-commit hook crate-ci/typos to v1.43.2 2026-02-06 16:49:57 +00:00
April Grimoireandaprilgrimoire 296a4b92d6 fix: Resolve unnecessary serialization issue
Fixes #1335
2026-02-06 07:52:19 +00:00
timedout 00c054d356 fix: Get_missing_events returns the same event N times 2026-02-05 21:28:21 +00:00
Renovate BotandEllis Git 2558ec0c2a chore(deps): update rust-patch-updates 2026-02-05 14:06:42 +00:00
timedoutandEllis Git 56bc3c184e feat: Enable running complement manually 2026-02-04 18:06:53 +00:00
Renovate BotandEllis Git 5c1b90b463 chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.4 2026-02-04 16:05:32 +00:00
Renovate BotandEllis Git 0dbb774559 chore(deps): update dependency @rspress/plugin-sitemap to v2.0.2 2026-02-04 16:04:56 +00:00
Renovate Bot 16e0566c84 chore(deps): update dependency @rspress/plugin-client-redirects to v2.0.2 2026-02-04 16:02:09 +00:00
Renovate BotandEllis Git 489b6e4ecb chore(deps): update pre-commit hook crate-ci/typos to v1.43.1 2026-02-04 15:58:34 +00:00
Renovate Bot e71f75a58c chore(deps): update dependency @rspress/core to v2.0.2 2026-02-04 05:04:11 +00:00
timedoutandEllis Git 082ed5b70c feat: Use info level logs for residency check failures 2026-02-03 20:09:41 +00:00
timedoutandEllis Git 76fe8c4cdc chore: Add news fragment 2026-02-03 20:09:41 +00:00
timedoutandEllis Git c4a9f7a6d1 perf: Don't handle expensive requests for rooms we aren't in
Mostly borrowed from dendrite:

https://github.com/element-hq/dendrite/blob/a042861/federationapi/routing/routing.go#L601
2026-02-03 20:09:41 +00:00
timedoutandEllis Git a047199fb4 perf: Don't handle PDUs for rooms we aren't in 2026-02-03 20:09:41 +00:00
Renovate BotandEllis Git 411c9da743 chore(deps): update rust-patch-updates 2026-02-02 01:34:58 +00:00
Renovate Bot fb54f2058c chore(deps): update dependency @rspress/plugin-client-redirects to v2.0.1 2026-02-01 05:03:41 +00:00
gingerandEllis Git 358273226c chore: Update FUNDING.yml 2026-01-31 01:13:15 +00:00
timedoutandEllis Git fd9bbb08ed fix: Restore admin room announcement for deactivations 2026-01-30 05:11:30 +00:00
timedoutandEllis Git 53184cd2fc chore: Add news fragment 2026-01-30 05:11:30 +00:00
timedoutandEllis Git 25f7d80a8c fix: Clippy lint 2026-01-30 05:11:30 +00:00
timedoutandEllis Git 02fa0ba0b8 perf: Optimise account deactivation process 2026-01-30 05:11:30 +00:00
gingerandEllis Git 572b228f40 Update homeserver list 2026-01-29 23:35:07 +00:00
Renovate BotandEllis Git b0a61e38da chore(deps): update pre-commit hook crate-ci/typos to v1.42.3 2026-01-29 15:49:54 +00:00
Renovate BotandEllis Git 401dff20eb chore(deps): update dependency cargo-bins/cargo-binstall to v1.17.3 2026-01-29 15:49:32 +00:00
Ginger f2a50e8f62 fix(docs): Remove rspress-plugin-preview 2026-01-29 10:41:46 -05:00
Ginger 36e80b0af4 fix(docs): Add stub type definition for docs CSS 2026-01-29 10:36:44 -05:00
Ginger c9a4c546e2 chore(deps): Update to rspress 2.0.0 2026-01-29 10:35:24 -05:00
Ginger da8b60b4ce fix(docs): Add redirect from old community page 2026-01-26 21:42:50 -05:00
Ginger 89afaa94ac feat(docs): Move community pages into subdir, add partnered homeservers page 2026-01-26 21:32:05 -05:00
Ginger 2b5563cee3 fix(docs): Remove busted link in nav 2026-01-26 20:55:12 -05:00
Ginger 6cb9d50383 chore: News fragment 2026-01-21 12:27:13 -05:00
Ginger 77c0f6e0c6 fix: Add a code path for clients trying to use fallback auth 2026-01-21 12:27:13 -05:00
Jade Ellis c85e710760 fix: Add option to mark certain config sections as optional
Fixes #1290
2026-01-20 17:36:22 +00:00
Renovate BotandEllis Git 59346fc766 chore(deps): update pre-commit hook crate-ci/committed to v1.1.10 2026-01-20 16:25:19 +00:00
Renovate BotandEllis Git 9c5e735888 chore(deps): update dependency cargo-bins/cargo-binstall to v1.16.7 2026-01-20 16:24:46 +00:00
Ginger fe74e82318 chore: Formatting 2026-01-20 10:00:26 -05:00
K900 cb79a3b9d7 refactor(treewide): get rid of compile time build environment introspection
It's cursed and not very useful. Still a few uses of ctor left, but oh well.
2026-01-19 19:44:28 +00:00
timedout ebc8df1c4d feat: Add endpoints required for API-based takedowns and room bans 2026-01-18 18:47:15 +00:00
nexandEllis Git b667a963cf chore: Fixup typos 2026-01-18 15:22:14 +00:00
timedoutandEllis Git 5a6b909b37 fix: Remove homebrewed error mangling for correctness 2026-01-18 15:22:14 +00:00
timedoutandEllis Git dba9cf0ad2 chore: Add news fragment 2026-01-18 15:22:14 +00:00
timedoutandEllis Git 287ddd9bc5 fix: Only fall back to legacy media when response is M_UNRECOGNIZED
https://spec.matrix.org/v1.17/server-server-api/#content-repository
Previously we would fall back for ALL
auth media errors.
2026-01-18 15:22:14 +00:00
Jason Volkandtimedout 79a278b9e8 Fix verification loss; workaround Nheko-Reborn/nheko#1908 (closes #146)
Signed-off-by: Jason Volk <jason@zemos.net>
2026-01-18 14:41:01 +00:00
Ginger 6c5d658ef2 fix: Fix explosions with new tracing 2026-01-15 09:28:26 -05:00
Renovate BotandGinger 70c43abca8 chore(deps): update rust-patch-updates 2026-01-15 09:28:26 -05:00
Renovate Bot 6a9b47c52e chore(deps): update rust-patch-updates 2026-01-15 05:03:40 +00:00
Ginger c042de96f8 chore(deps): Update rspress to 2.0.0-rc.5 2026-01-14 09:35:20 -05:00
Jade Ellis 7a6acd1c82 chore: Changelog 2026-01-13 20:29:30 +00:00
Jade Ellis d260c4fcc2 style: Fix yo unused variables 2026-01-13 20:29:30 +00:00
Jade Ellis fa15de9764 feat: Admin announce improvements
- Check announcements on first start
- Print out any fetch errors on first start in the admin room
- Randomly jitter the next check
2026-01-13 20:29:30 +00:00
Jade Ellis e6c7a4ae60 docs: Changelog 2026-01-13 00:05:20 +00:00
Jade Ellis 5bed4ad81d chore: Admin announcement 2026-01-13 00:01:28 +00:00
Jade Ellis 587abe9d14 chore: Release 2026-01-12 23:47:37 +00:00
Jade Ellis c499042a76 docs: Changelog 2026-01-12 23:45:42 +00:00
timedout 86e450a835 fix: M_BAD_JSON in send_join and send_knock 2026-01-12 17:53:37 +00:00
Jade EllisandGinger 4c796029bb chore: Add correct configuration for cargo release 2026-01-12 16:20:38 +00:00
Jade EllisandGinger fc3615c46b docs: Changelog 2026-01-12 16:20:38 +00:00
Jade EllisandGinger 7375f7a68e feat: Improve the display of the configuration in the admin room 2026-01-12 16:20:38 +00:00
Ginger ae28fe92d2 feat: Exclude undocumented commands 2026-01-12 10:51:17 -05:00
Ginger 00eeeb78de fix: Remove extraneous dashes from command help 2026-01-12 10:47:19 -05:00
Ginger a028049e6f feat: Add copy to admin command reference index 2026-01-12 10:36:37 -05:00
Ginger 7b159bc8c8 feat: Add comments to generated files 2026-01-12 10:36:37 -05:00
Ginger 66fcedf08b fix: Update documentation TOC 2026-01-12 10:36:37 -05:00
Ginger 3f790844f3 chore: Clippy fixes 2026-01-12 10:36:37 -05:00
Ginger 89be9d1efc feat: Improve admin command reference generation
- Change xtasks to use `clap` for argument parsing
- Generate admin command reference manually instead of with `clap_markdown`
- Split admin command reference into multiple files
2026-01-12 10:36:37 -05:00
Astralchroma 60dd6baffd Link to documentation clarifying what exactly "Performance optimised version." means 2026-01-11 16:54:33 +00:00
timedout 99a10998b4 style: Remove unused import 2026-01-11 15:42:06 +00:00
nexandEllis Git 05c6b5df75 fix: M_BAD_JSON in c2s invite 2026-01-11 15:37:59 +00:00
Jade Ellis 74db426c6b fix: Correct federation timeouts 2026-01-09 19:51:29 +00:00
Jade Ellis 344d68dabc fix: Use correct token handlers for Ruma 2026-01-09 19:42:14 +00:00
Jade Ellis d3ee9c407a fix: Apply timeouts in more places 2026-01-09 19:42:13 +00:00
Ginger da956b1a2a chore: Release 2026-01-09 09:28:54 -05:00
Ginger 244bf6ed2f chore: Update changelog for 0.5.2 2026-01-09 09:28:37 -05:00
timedoutandEllis Git 52a51f1de0 fix: Remove useless timestamp check in outlier upgrade process 2026-01-09 02:50:04 +00:00
timedoutandEllis Git 6e118f445b chore: Add news fragment 2026-01-09 02:50:04 +00:00
timedoutandEllis Git e3cf288f39 feat: Support creating custom v12 room IDs 2026-01-09 02:50:04 +00:00
Ginger 6e6c9ae4cb chore: Update news fragments 2026-01-08 20:14:46 -05:00
timedout 5a2a1b6240 style: Clean up whoami code 2026-01-09 01:12:38 +00:00
timedout fb536ca1ce chore: Add news fragment 2026-01-09 00:47:09 +00:00
timedout d22d47954f fix: Return 403 instead of 404 at /_matrix/client/v3/account/whoami 2026-01-09 00:44:38 +00:00
Ginger d48cc46643 fix: Allow cargo_common_metadata clippy lint 2026-01-08 19:28:27 +00:00
Ginger 8cf2d175d6 fix: Update package and crate metadata 2026-01-08 19:28:27 +00:00
Ginger 205ac22008 chore: Update admin command documentation 2026-01-08 14:27:50 -05:00
Jade Ellis d353446488 fix: Incomplete rename 2026-01-07 23:48:04 +00:00
timedout 77e8fd1744 style: Use contains to check for row presence 2026-01-07 17:31:54 +00:00
timedout 7fa7b129c0 perf: Store empty value (row only needs to exist) 2026-01-07 17:31:54 +00:00
timedout 247bc15659 fix: Await future 2026-01-07 17:31:53 +00:00
timedout 88a35e139d fix: Correctly return M_USER_LOCKED during login 2026-01-07 17:31:53 +00:00
timedout 37574ef5cc chore: Add news fragment 2026-01-07 17:31:53 +00:00
timedout 1c816850ed feat: Allow admins to disable the login capability of an account
# Conflicts:
#	src/admin/user/commands.rs
2026-01-07 17:31:51 +00:00
timedout 3483059e1c fix: Unawaited future causing build error 2026-01-07 14:33:37 +00:00
Ginger d865dd4454 feat(!783): Add --once shortcut flag to issue command 2026-01-07 14:22:37 +00:00
Ginger adc7c5ac49 fix(!783): Don't allow registrations by default with no token configured 2026-01-07 14:22:37 +00:00
Ginger 112403e470 chore(!783): Remove config file check for no static token or captcha 2026-01-07 14:22:37 +00:00
Ginger ea0a124981 chore(!783): Update config file documentation, depluralize token subcommand 2026-01-07 14:22:37 +00:00
Ginger bf205fb13c chore(!783): Note that registration_token_file is gone 2026-01-07 14:22:37 +00:00
Ginger 9a6408f98f chore(!783): News fragment 2026-01-07 14:22:37 +00:00
Ginger ca77970ff3 feat(!783): Add admin commands for managing tokens 2026-01-07 14:22:37 +00:00
Ginger 42f4ec34cd feat(!783): Initial implementation
Adds support for extra limited-use registration tokens
stored in the database, and a new service to manage them.
2026-01-07 14:22:37 +00:00
Renovate BotandJade Ellis ecf74bb31f chore(deps): update dependency lddtree to 0.4.0 2026-01-06 20:38:12 +00:00
timedout 8c716befdc chore: Add news fragment 2026-01-06 20:32:52 +00:00
timedout a8209d1dd9 feat: Add command to forcefully log out all of a user's devices 2026-01-06 20:28:23 +00:00
Jade Ellis 9552dd7485 style: Log error 2026-01-06 01:55:52 +00:00
GingerandJade Ellis 88c84f221f chore: Add comment and warning to unhappy path 2026-01-06 00:59:32 +00:00
Laurențiu NicolaandJade Ellis a10bd71945 fix(admin): fix force-leaving rooms with no left_state PDU 2026-01-06 00:59:31 +00:00
Jade Ellis 2f11bf4d74 docs: Document image mirrors 2026-01-06 00:45:12 +00:00
Jade Ellis 1e8748d1a0 docs: Fix some issues 2026-01-06 00:45:12 +00:00
Tom FosterandJade Ellis 70ef6e4211 docs: Document maxperf Docker image variants from #1017
Add documentation for the new performance-optimised Docker images with
"-maxperf" suffix. These use the release-max-perf build profile with LTO
and target haswell CPU architecture on amd64 for optimal performance.

Also restructure the static prebuilt binary section in generic deployment
docs for better clarity and fix various UK English spelling issues.
2026-01-06 00:45:12 +00:00
Renovate BotandJade Ellis 212c1bc14d chore(deps): update github-actions-non-major 2026-01-06 00:24:55 +00:00
timedoutandJade Ellis ce46b6869f chore: Bump dependencies to fix request errors 2026-01-05 20:10:30 +00:00
timedoutandJade Ellis a18b8254d0 chore: Add news fragment 2026-01-05 20:10:30 +00:00
timedoutandJade Ellis 279f7cbfe4 style: Fix failing lints 2026-01-05 20:10:29 +00:00
timedoutandJade Ellis 006c57face perf: Don't check accept_make_join twice for restricted make_join 2026-01-05 20:10:29 +00:00
timedoutandJade Ellis d52e0dc014 fix: Apply check_all_joins to make_join 2026-01-05 20:10:29 +00:00
timedoutandJade Ellis 4b873a1b95 fix: Apply spam checker to local restricted joins 2026-01-05 20:10:29 +00:00
timedoutandJade Ellis 76865e6f91 fix: Accept_may_join callback works again 2026-01-05 20:10:29 +00:00
timedoutandJade Ellis 99f16c2dfc fix: Call user_may_join_room later in the join process 2026-01-05 20:10:28 +00:00
timedoutandJade Ellis 5ac82f36f3 feat: Consolidate antispam checks into a service
Also adds support for the spam checker join rule, and Draupnir callbacks
2026-01-05 20:10:28 +00:00
timedoutandJade Ellis c249dd992e feat: Add support for automatically rejecting pending invites 2026-01-05 20:10:28 +00:00
timedoutandJade Ellis 0956779802 feat: Add Meowlnir invite interception support
Co-authored-by: Jade Ellis <jade@ellis.link>
2026-01-05 20:10:27 +00:00
timedout a83c1f1513 fix: Restrict suspend+lock commands to admin room
Also prevent locking the service user or admin users
2026-01-05 19:49:12 +00:00
timedout 8b5e4d8fe1 chore: Add news fragment 2026-01-05 19:34:21 +00:00
timedout 7502a944d7 feat: Add user locking and unlocking commands and functionality
Also corrects the response code returned by UserSuspended
2026-01-05 19:30:16 +00:00
Jade Ellis aed15f246a refactor: Clean up logging issues
Primary issues: Double escapes (debug fmt), spans without levels
2026-01-05 18:28:57 +00:00
timedout 27d6604d14 fix: Use a timeout instead of deadline 2026-01-03 17:08:47 +00:00
timedout 1c7bd2f6fa style: Remove unnecessary then() calls in chain 2026-01-03 16:22:49 +00:00
timedout 56d7099011 style: Include errors in key claim response too 2026-01-03 16:10:06 +00:00
timedout bc426e1bfc fix: Apply client-requested timeout to federated key queries
Also parallelised federation calls in related functions
2026-01-03 16:05:05 +00:00
timedout 6c61b3ec5b fix: Build error two: electric boogaloo 2025-12-31 21:15:28 +00:00
timedout 9d9d1170b6 fix: Build error 2025-12-31 21:04:06 +00:00
Jade Ellis 7be20abcad style: Fix typo 2025-12-31 20:08:53 +00:00
Jade Ellis 078275964c chore: Update precommit hooks 2025-12-31 20:08:53 +00:00
timedoutandJade Ellis bf200ad12d fix: Resolve compile errors
me and cargo check are oops now
2025-12-31 20:01:29 +00:00
timedoutandJade Ellis 41e628892d chore: Add news fragment 2025-12-31 20:01:29 +00:00
timedoutandJade Ellis 44851ee6a2 feat: Fall back to remote room summary if local fails 2025-12-31 20:01:29 +00:00
timedoutandJade Ellis a7e6e6e83f feat: Allow local server admins to bypass summary visibility checks
feat: Allow local server admins to bypass summary visibility checks

Also improve error messages so they aren't so damn long.
2025-12-31 20:01:29 +00:00
GingerandJade Ellis 8a561fcd3a chore: Clippy fixes 2025-12-31 19:56:35 +00:00
GingerandJade Ellis 25c305f473 chore: Fix comment formatting 2025-12-31 19:56:35 +00:00
GingerandJade Ellis c900350164 chore: Add news fragment 2025-12-31 19:56:35 +00:00
GingerandJade Ellis c565e6ffbc feat: Restrict where certain admin commands may be used 2025-12-31 19:56:31 +00:00
Jade Ellis 442f887c98 style: Improve warning regarding admin removal 2025-12-31 19:40:42 +00:00
TerryandJade Ellis 03220845e5 docs: Changelog 2025-12-31 19:35:53 +00:00
TerryandJade Ellis f8c1e9bcde feat: Config defined admin list
Closes !1246
2025-12-31 19:35:40 +00:00
GingerandJade Ellis 21324b748f feat: Enable console feature by default 2025-12-31 19:12:25 +00:00
Jade Ellis b7bf36443b docs: Fix typo 2025-12-31 19:03:22 +00:00
ginger d72192aa32 fix(ci): Stop using nightly to build Debian packages 2025-12-30 14:23:31 -05:00
Jade Ellis 38ecc41780 chore: Release 2025-12-30 17:45:32 +00:00
Jade Ellis 7ae958bb03 docs: Announcement 2025-12-30 17:35:20 +00:00
Jade Ellis f676fa53f1 chore: Specify the tag body template 2025-12-30 17:34:44 +00:00
Jade Ellis 978bdc6466 docs: Changelog 2025-12-30 17:34:44 +00:00
timedoutandJade Ellis 7c741e62cf fix: Forbid creators in power levels 2025-12-30 17:34:43 +00:00
12aecf8091 validate membership events returned by remote servers
This fixes a vulnerability where an attacker with a malicious remote
server and a user on the local server can trick the local server into
signing arbitrary events. The attacker issue a remote leave as the local
user to a room on the malicious server. Without any validation of the
make_leave response, the local server would sign the attacker-controlled
event and pass it back to the malicious server with send_leave.

The join and knock endpoints are also fixed in this commit, but are less
useful for exploitation because the local server replaces the "content"
field returned by the remote server. Remote invites are unaffected
because we already check that the event returned from /invite has the
same event ID as the event passed to it.

Co-authored-by: timedout <git@nexy7574.co.uk>
Co-authored-by: Jade Ellis <jade@ellis.link>
Co-authored-by: Ginger <ginger@gingershaped.computer>
2025-12-30 15:24:45 +00:00
Renovate BotandJade Ellis 19372f0b15 chore(deps): update dependency cargo-bins/cargo-binstall to v1.16.6 2025-12-29 23:52:04 +00:00
Jade Ellis a66b90cb3d ci: Explicitly auto tag latest 2025-12-29 23:45:02 +00:00
Jade Ellis 7234ce6cbe ci: Don't force tag all versions as latest 2025-12-29 23:45:02 +00:00
Jade Ellis beb0c2ad9a fix(ci): Don't double append latest tag suffix 2025-12-29 23:45:02 +00:00
Jade Ellis 39aaf95d09 docs: Changelog 2025-12-29 23:33:12 +00:00
Jade Ellis 5e0edd5a1c feat: Allow configuring the OTLP protocol 2025-12-29 23:33:12 +00:00
Jade Ellis d180f5a759 feat: Split otlp exporter into a new, enabled-by-default feature 2025-12-29 23:33:12 +00:00
Jade Ellis f163264a82 docs: Update example domains 2025-12-29 23:33:12 +00:00
timedoutandEllis Git 5e7bc590d2 chore: Apply suggestions 2025-12-29 23:30:49 +00:00
timedoutandEllis Git 08df35946b fix: File -> line 2025-12-29 23:30:49 +00:00
timedoutandEllis Git c4ebf289fa fix: Dead link to code style doc 2025-12-29 23:30:49 +00:00
timedoutandEllis Git 1fc6010f9a fix: Issue title -> pull request title 2025-12-29 23:30:49 +00:00
timedoutandEllis Git 1d91331275 fix: Stray whitespace 2025-12-29 23:30:49 +00:00
timedoutandEllis Git 77e62ad772 feat: Add pull request template 2025-12-29 23:30:49 +00:00
timedout 696a1e6a4d docs: Add information on writing changelog fragments 2025-12-28 00:59:31 +00:00
timedout f41bbd7361 feat(meta): Set up towncrier 2025-12-28 00:53:44 +00:00
timedout 7350266c80 fix: Don't allow admin room upgrades and fix power levels during upgrade 2025-12-27 04:05:26 +00:00
Julian Anderson 322c0900c6 docs: handle traefik >=3.6.3 "encoded characters" 2025-12-24 22:40:50 -05:00
timedout 1237e60aaf Revert "feat(ci): Allow running manual workflows against specific commits"
This reverts commit 9b4845bf8d.
2025-12-22 13:45:45 +00:00
timedout 9b4845bf8d feat(ci): Allow running manual workflows against specific commits 2025-12-22 13:29:40 +00:00
aviacandnex fb5b515f96 chore: update flake lock 2025-12-22 04:11:41 +00:00
Jade Ellis e6336d694a chore: Fix escape 2025-12-22 02:42:21 +00:00
Jade Ellis b7841280d9 chore: Security announcement 2025-12-22 02:36:31 +00:00
Jade Ellis f4ccb81913 chore: Release 2025-12-22 00:23:20 +00:00
Jade Ellis 710cdfeadb chore: Update mailmap 2025-12-21 20:34:11 +00:00
Jade Ellis 666849ea87 chore(ci): Unify artifact versions 2025-12-21 19:11:12 +00:00
Jade Ellis 71094803f1 fix(ci): Try use path that exists 2025-12-21 18:50:48 +00:00
Jade Ellis bf91ce5c7f feat: Mark v12 as stable 2025-12-21 17:15:16 +00:00
Jade Ellis 8fd15f26ce style: Fix clippy 2025-12-21 17:12:36 +00:00
Jade Ellis 705fa6c5c6 fix: Simplify visibility check code 2025-12-21 17:12:36 +00:00
Jade Ellis 6f67c27538 fix: Ensure that room ID is present on state events sent to client
routes

Mostly fixes !1094

The remaining issue is federation routes
2025-12-21 17:12:35 +00:00
Jade Ellis 8586d747d1 feat: Run visibility checks on bundled relations 2025-12-21 17:12:35 +00:00
Jade Ellis 11012a9ce1 fix: Always return the same 404 message in context 2025-12-21 17:12:35 +00:00
Jade Ellis 07be190507 fix: Return 404 when event is not accessible 2025-12-21 17:12:35 +00:00
Jade Ellis ae4acc9568 fix: Don't incorrectly add thread root to relation response 2025-12-21 17:12:35 +00:00
Jade Ellis f83ddecd8c refactor(perf): Push down visibility check after limit 2025-12-21 17:12:34 +00:00
Jade Ellis dd87232f1f refactor: Reduce database lookups in some cases 2025-12-21 17:12:34 +00:00
Jade Ellis 8e33f9a7d0 refactor: Improve code style for bundled aggregations 2025-12-21 17:12:34 +00:00
Jade Ellis 8d3e4eba99 fix: Add aggregations to the search endpoint 2025-12-21 17:12:34 +00:00
Jade Ellis 96bfdb97da fix: Filter out invalid replacements from bundled aggregations 2025-12-21 17:12:34 +00:00
Jade Ellis b61010da47 feat: Add bundled aggregations support
Add support for the m.replace and m.reference bundled
aggregations.
This should fix plenty of subtle client issues.
Threads are not included in the new code as they have
historically been written to the database. Replacing the
old system would result in issues when switching away from
continuwuity, so saved for later.
Some TODOs have been left re event visibility and ignored users.
These should be OK for now, though.
2025-12-21 17:12:34 +00:00
Jade Ellis 987c5eeb03 refactor: Promote handling unsigned data out of timeline
Also fixes:
- Transaction IDs leaking in event route
- Age not being set for event relations or threads
- Both of the above for search results

Notes down concern with relations table
2025-12-21 17:12:33 +00:00
timedout 7fa4fa9862 fix: Also check sender origin 2025-12-21 10:58:50 +00:00
timedout b2bead67ac fix: Apply additional validation to invites 2025-12-21 10:10:54 +00:00
timedoutandEllis Git 48a6a475ce fix: Omit children with invalid state from space summary 2025-12-18 19:48:58 +00:00
timedout 86450da705 style: Run clippy 2025-12-18 19:48:26 +00:00
timedout 8538b21860 feat: Check for incoming signatures 2025-12-18 19:03:32 +00:00
timedout 63e4aacd2b style: Reword TODO comment 2025-12-18 18:24:00 +00:00
timedout 72f0eb9493 feat: Fetch policy server signatures 2025-12-18 18:23:54 +00:00
Odd E. EbbesenandOdd E. Ebbesen 867d0ab671 fix(reload): Store paths to config files for admin reload
Paths given via --config at startup are now stored inside the config
struct at runtime, to make it possible to reload config without setting
an env var for the config file location.
2025-12-16 14:58:33 +00:00
Ginger 64e187e5b4 fix: Update comment in src/core/config/mod.rs 2025-12-16 14:19:43 +00:00
aviacandGinger 5dc449a87a test: add test for config with default_room_version
This commit refactors the test a bit to run the basic test script with
different configs. Currently we have two configs we test:

- the bare minimum to make it run (base)
- base + default_room_version set to "12"
2025-12-16 14:19:43 +00:00
aviacandGinger f5fda01013 docs: Add note about the type of the default_room_version option 2025-12-16 14:19:43 +00:00
Jade EllisandEllis Git cdc53b3421 fix: Allow using LDAP passwords in UIAA
Fixes #1131

Co-authored-by: Jade Ellis <jade@ellis.link>
2025-12-16 13:55:32 +00:00
Ginger 0b667ae4fd fix(ci): Try explicitly specifying the ref for debian/fedora workflows 2025-12-15 10:21:46 -05:00
unbeatable-101 83baf9b524 Keep location of Continuwuity configuration file consitant 2025-12-13 22:51:16 +00:00
timedout 4f198fb4ef fix: Enforce limits when joining rooms 2025-12-13 22:17:47 +00:00
timedout 1631c0afa4 fix: Perform additional validation on events 2025-12-13 21:36:20 +00:00
Charlotte Hartmann Paludoandnex 862684af28 fix: remove trailing whitespace from secrets read from secrets file 2025-12-13 16:07:51 +00:00
Ginger 7345c241a9 fix: Don't halt and catch fire on deserialization errors in MSC4133 migration 2025-12-12 11:16:52 -05:00
Ginger 6a8b988b36 fix(ci): Downgrade upload-artifact actions again to v3 this time 2025-12-10 11:33:36 -05:00
Ginger f1d6536793 fix(ci): Downgrade upload-artifact actions to v4 2025-12-10 11:33:36 -05:00
Gingerandtimedout cf8d8e4ea6 chore: Post-rebase cleanup 2025-12-09 03:25:04 +00:00
timedout 393d341f07 perf: Throttle frequent device metadata updates & centralise site 2025-12-09 03:25:03 +00:00
timedout ba55dffa0e perf: Don't increment the device list version when updating local info 2025-12-09 03:25:03 +00:00
timedout f3115e14ab feat: Update device metadata upon hitting hot endpoints 2025-12-09 03:25:03 +00:00
Ginger b3fa4705ef chore: Fix line endings 2025-12-07 15:28:19 -05:00
Ginger 53b06a7918 chore(sync/v3): Remove unused imports 2025-12-07 19:58:24 +00:00
Ginger fafc1d3fd1 fix(sync/v3): Don't send rejected invites on initial syncs 2025-12-07 19:58:24 +00:00
Ginger dbc74272c3 refactor(sync/v3): Extract left room timeline logic into its own function 2025-12-07 19:58:24 +00:00
Ginger f11caac05e fix(sync/v3): Don't send dummy leaves on an initial sync 2025-12-07 19:58:24 +00:00
Ginger e581face44 chore: Formatting 2025-12-07 19:58:24 +00:00
ginger 037ba41adb fix: Nitpicky comment reword 2025-12-07 19:58:24 +00:00
Ginger 941c8f7d52 fix: Bump max startup time to ten minutes in the systemd unit 2025-12-07 19:58:24 +00:00
Ginger 7dae118af9 chore(sync/v3): More goat sacrifices 2025-12-07 19:58:24 +00:00
Ginger 07dfc5528d refactor(sync/v3): Split load_joined_room into smaller functions 2025-12-07 19:58:24 +00:00
ginger 3f4749a796 fix: Correct error message 2025-12-07 19:58:24 +00:00
Ginger be8d72fafc fix(sync/v3): Add a workaround for matrix-js-sdk/5071 2025-12-07 19:58:24 +00:00
Ginger 0008709481 fix(sync/v3): Stop ignoring leave cache deserialization failures 2025-12-07 19:58:24 +00:00
Ginger ee51d4357f fix(sync/v3): Do not include the last membership event when syncing left rooms 2025-12-07 19:58:24 +00:00
Ginger 8ffc6d4f15 chore(sync/v3): Sacrifice a goat to clippy 2025-12-07 19:58:24 +00:00
Ginger 93efe89a1f fix(sync/v3): Cache shortstatehashes to speed up migration 2025-12-07 19:58:24 +00:00
Ginger 16f37d21ff fix(sync/v3): Implement a migration for the userroomid_leftstate table 2025-12-07 19:58:24 +00:00
Ginger 800ac8d1f1 fix(sync/v3): Fix invite filtering for federated invites 2025-12-07 19:58:24 +00:00
Ginger 872f5bf077 feat(sync/v3): Remove TL size config option in favor of using the sync filter 2025-12-07 19:58:24 +00:00
Ginger 992217d644 chore(sync/v3): Fix clippy lints 2025-12-07 19:58:24 +00:00
Ginger 4fb4397a9f fix(sync/v3): Remove mysterious membership event manipulation code 2025-12-07 19:58:24 +00:00
Ginger 61b6947e88 fix(sync/v3): Properly sync room heroes 2025-12-07 19:58:24 +00:00
Ginger 876d3faec4 chore(sync/v3): Use "build_*" terminology instead of "calculate_*" 2025-12-07 19:58:24 +00:00
Ginger 9cc0cc69f7 chore(sync/v3): Use more descriptive names for SyncContext properties 2025-12-07 19:58:24 +00:00
Ginger 5513bb4dff chore: Remove unneeded comment 2025-12-07 19:58:24 +00:00
Ginger 693e327004 fix: Use prepare_lazily_loaded_members for joined rooms
Also, don't take read receipts into consideration for lazy loading.
Synapse doesn't do this and they're making initial syncs very large.
2025-12-07 19:58:24 +00:00
Ginger 3e6571a2b8 chore: Clippy fixes 2025-12-07 19:58:24 +00:00
Jade EllisandGinger f0f10f8f3e feat: Typing notifications in simplified sliding sync
What's missing? Being able to use separate rooms & lists for typing
indicators.
At the moment, we use the same ones as we use for the timeline, as
todo_rooms is quite intertwined. We need to disentangle this to get that
functionality, although I'm not sure if clients use it.
2025-12-07 19:58:24 +00:00
Ginger a4f2b55a8a feat: Add a config option to change the max TL size for legacy sync 2025-12-07 19:58:24 +00:00
Ginger 213a361c53 fix: Set limited to true for newly joined rooms again 2025-12-07 19:58:24 +00:00
Ginger 1c21e4af6e fix: Properly sync left rooms
- Remove most usages of `update_membership` in favor
  of directly calling the `mark_as_*` functions
- Store the leave membership event as the value in the
  `userroomid_leftstate` table
- Use the `userroomid_leftstate` table to synchronize the
  timeline and state for left rooms if possible
2025-12-07 19:58:24 +00:00
Ginger fceaaedc04 fix: Properly sync newly joined rooms 2025-12-07 19:58:24 +00:00
Ginger 0eff173c0b fix(sync/v3): Further cleanup + improve incremental sync consistency 2025-12-07 19:58:24 +00:00
Ginger 72bf8e5927 fix: Correctly send limited timelines again 2025-12-07 19:58:24 +00:00
Ginger 3491f653a5 refactor: Split sync v3 into multiple files 2025-12-07 19:58:24 +00:00
Ginger e820dd7aed feat: Drop support for MSC3575 (legacy sliding sync) 2025-12-07 19:58:24 +00:00
Ginger c92b7239a8 chore: Clippy fixes 2025-12-07 19:58:24 +00:00
Ginger 2940bc69c1 fix(sync/v3): Cleanup part 1: mostly fix redundant data in state 2025-12-07 19:58:24 +00:00
Jade 502919b248 chore: Tell continuwuity.org to use my livekit instance 2025-12-04 14:23:02 +00:00
Renovate Bot 33c3d23d60 chore(deps): update rust-patch-updates 2025-11-29 05:01:44 +00:00
Renovate BotandGinger ce318fe455 chore(deps): update pre-commit hook crate-ci/typos to v1.40.0 2025-11-28 20:19:35 +00:00
Renovate BotandGinger a729e1d63d chore(deps): update actions/upload-artifact action to v5 2025-11-28 20:19:10 +00:00
Ginger 956c3dfa62 chore: Fix deprecation warning 2025-11-28 15:08:20 -05:00
Renovate BotandGinger 49e8f06559 chore(deps): update rust-patch-updates 2025-11-28 15:00:38 -05:00
rooot c0f4424cb9 fix(docs): blurry small logo, scroll resizing top bar
Signed-off-by: rooot <hey@rooot.gay>
2025-11-27 13:53:12 +01:00
Tobias Fella 3eac985c5e fix(docs): Correct typo and outdated name 2025-11-26 21:13:43 +01:00
Jade 5fd341096d fix(docs): Dead link 2025-11-26 00:10:59 +00:00
Renovate BotandJade Ellis a1b2d6ec46 chore(deps): update dependency @rspress/plugin-client-redirects to v2.0.0-rc.1 2025-11-25 21:50:27 +00:00
Renovate Bot 551563ce83 chore(deps): update dependency @rspress/plugin-preview to v2.0.0-rc.1 2025-11-25 18:38:26 +00:00
Ginger 9f133cf75b chore(deps): Update actions/checkout to v6 2025-11-25 18:26:28 +00:00
Ginger 23c398dc1e fix(ci): Remove explicit references to code.forgejo.org in action steps 2025-11-25 18:26:28 +00:00
Renovate BotandGinger fa73893179 chore(deps): update pre-commit hook crate-ci/committed to v1.1.8 2025-11-25 17:16:13 +00:00
Renovate Bot 57fec44ec7 chore(deps): update dependency cargo-bins/cargo-binstall to v1.16.2 2025-11-24 05:02:19 +00:00
timedout bc8d304dbf style: Fix unnecessary qualification
Sounds like my university experience
2025-11-23 16:33:32 +00:00
timedout 7f4248a8c6 feat: Enhance remote room leave handling 2025-11-23 16:33:32 +00:00
aviacandnex 430200b60e fix: add explicit fix of rpath
Without this the rpath is empty and the binary won't be able to load the librocksdb.so.10 shared lib
2025-11-23 16:26:27 +00:00
Jade Ellis a573f1f502 docs: Disable incomplete homepage prose for now 2025-11-22 23:13:52 +00:00
Jade Ellis 3bf3c24d22 docs: Update homepage layout 2025-11-22 22:41:53 +00:00
Jade Ellis c1dc336c65 docs: Fix a couple contrast issues 2025-11-22 20:58:18 +00:00
Jade Ellis be3c6ebb58 docs: Update rspress, add redirects 2025-11-22 20:49:19 +00:00
Jade Ellis bdf31fa92e docs: Remove exclude rules 2025-11-22 20:35:13 +00:00
Jade Ellis 1372f74812 docs: Capitalise page title 2025-11-22 20:35:13 +00:00
Jade Ellis 5935d99af0 feat(docs): Sitemap 2025-11-22 20:35:13 +00:00
Jade Ellis 6b11a65545 fix: Repair symlink 2025-11-22 20:35:13 +00:00
Jade Ellis 5ea1206739 docs: New site 🎉 2025-11-22 20:35:09 +00:00
Jade Ellis d45c5a9f47 feat: Deal with low screen widths in CSS 2025-11-22 20:30:30 +00:00
Jade Ellis 9a1039b215 docs: Update logos 2025-11-22 20:30:29 +00:00
Renovate BotandGinger 59f9b8bdb8 chore(deps): update rust crate bytes to v1.11.0 2025-11-22 16:13:45 +00:00
lily 3b76e9876d fix: revert to mdbook version 0.4.52 since >=0.5.0 broke rendering with our current setup completely 2025-11-22 17:05:14 +01:00
nex 64c059f82e fix(docs): Partially revert 4a9bea5764
Signed-off-by: nex <git@nexy7574.co.uk>
2025-11-22 14:15:26 +00:00
lilyandGinger 76b90acea6 Remove rust flags since they're pretty much outdated and don't work anymore
Not much difference from what I've observed, plus it's as max-perf as it gets
2025-11-21 17:12:27 +00:00
Renovate BotandGinger 5e0334088a chore(deps): update dependency cargo-bins/cargo-binstall to v1.16.0 2025-11-21 16:27:13 +00:00
Ginger eecc472258 fix(ci): Use the version from rust-toolchain.toml when restoring caches 2025-11-21 11:07:44 -05:00
Ginger 4a9bea5764 fix(docs): Fix git repository icon name 2025-11-21 10:46:15 -05:00
Ginger 08fd87c7de chore: Kick forgejo 2025-11-21 15:19:39 +00:00
Ginger ac6d639660 fix(docs): Remove unused multilingual option in mdBook config 2025-11-21 15:19:39 +00:00
Ginger 0958660eb5 ci: Do not run release-image workflow on pull requests 2025-11-21 14:52:41 +00:00
Renovate BotandGinger 57c3290f02 chore(deps): update rust-patch-updates 2025-11-21 14:25:55 +00:00
nex 6794ea565f fix(tests): Fix new syntax error in debug.rc
fixes #1180
2025-11-18 18:46:35 +00:00
Lilith 38080275d4 build(Cargo.toml): updated the versions automatically 2025-11-17 12:51:49 +00:00
Lilith 1138218878 build(Cargo.toml): resolve the fact that we have v0.5.0-rc.8.1 despite 0.5.0-rc.8 in toml 2025-11-17 12:51:49 +00:00
Renovate Bot c0f1d8eab6 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v42 2025-11-17 00:33:11 +00:00
nexandEllis Git 192f78887a chore: Add rc.8.1 release announcement 2025-11-16 22:08:09 +00:00
timedout def8816c02 style: Fix clippy failures from 9e73146 2025-11-16 19:55:28 +00:00
timedout 9e73146b19 fix: Restore continuwuity's remembering capabilities 2025-11-14 14:57:49 +00:00
Renovate BotandGinger 19d792e4eb chore(deps): update rust crate ctor to 0.6.0 2025-11-14 14:03:57 +00:00
Renovate Bot 2a977f019f chore(deps): update pre-commit hook crate-ci/typos to v1.39.2 2025-11-14 05:01:41 +00:00
ginger 76ea4dfa29 Update README.md 2025-11-13 19:55:12 +00:00
Renovate Bot 2ec771c84d chore(deps): update rust crate bytesize to v2.2.0 2025-11-13 05:03:54 +00:00
timedout 9375e81974 fix(1163): Resolve algorithm misinterpretations 2025-11-13 03:33:47 +00:00
Renovate Bot f22f35d27b chore(deps): update rust crate syn to v2.0.110 2025-11-12 05:03:14 +00:00
Renovate BotandJade Ellis d5c7d80709 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.11 2025-11-11 23:11:19 +00:00
Jade Ellis 1899d8bb00 ci: Mirror to Docker Hub 2025-11-11 23:11:09 +00:00
Ginger 9a5ba6171f ci: Remove hardcoded default in setup-rust action 2025-11-11 10:37:03 -05:00
renovateandGinger da3efa05b5 chore(Nix): Updated flake hashes 2025-11-11 15:07:05 +00:00
Ginger b53ba2eef4 ci: Give flake hashes workflow permissions to push 2025-11-11 15:07:05 +00:00
Jade EllisandGinger 33019c4529 chore: Update rust 2025-11-11 15:07:05 +00:00
Jade EllisandEllis Git f7bd9eaba8 chore(clippy): Remove old redundant lint 2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git f9c42bbadc refactor(clippy): Unused self 2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git fe62c39501 style(clippy): Remove unneeded allocation 2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git 35320cf0d4 style(clippy): Elide lifetimes 2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git eaf6a889c2 style(clippy): Unnecessary move
Function is used in a single place and the move doesn't seem to provide
any safety benefits, so 💨
2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git b04f1332db style(clippy): Remove dead code
Looks like this has been dead since we forked at least, seems pretty
safe to remove
2025-11-11 13:59:12 +00:00
Jade EllisandEllis Git 9e4bcda17b style(clippy): Make the event graph generic over the hasher 2025-11-11 13:59:12 +00:00
JadeandEllis Git 45e4053883 fix: Don't break when encountering the server user, as there may be real users after 2025-11-10 23:56:02 +00:00
Jade Ellis c0b617f4f1 feat(sentry): Include the commit hash in the release name 2025-11-10 16:57:24 +00:00
Jade Ellis a28cfd284b chore(deps): Upgrade tracing / telemetry ecosystem
We no longer need the tracing patches, so I've removed those and
unpinned them in renovate.

otel's jaeger propagator is deprecated too, so it's replaced with the
builtin W3C TraceContext propagator
2025-11-10 16:42:28 +00:00
Jade Ellis a5b9cb69bd fix(deps): Pin hyper-util back to the patched version 2025-11-10 15:56:09 +00:00
Renovate Bot 3c8f252a14 chore(deps): update opentelemetry-rust monorepo to 0.31.0 2025-11-10 05:03:16 +00:00
JadeandEllis Git 8a63818f31 feat: Enable sentry compilation feature 2025-11-10 01:33:50 +00:00
Renovate BotandJade Ellis 5b5e26e529 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.10 2025-11-09 19:05:26 +00:00
aviac 866769c054 chore: replace serde-yml with serde-saphyr
- serde-yml has an un-addressed [security issue][sec-issue]
- [saphyr][saphyr] is a pretty recent and active crate that deals with YAML parsing
- based on that, someone recently created [serde-saphyr][serde-saphyr]

---

The change was pretty straightforward and mostly "just a search and replace". The new crate has it's `Error` type split
into serialization and derserialization errors. Hence I created one Continuwuity-Error variant for each instead of just
having a single `Yaml` variant. This was already done previously with the `Toml` errors so I thought this would be
rather acceptable.

[sec-issue]: https://github.com/advisories/GHSA-gfxp-f68g-8x78
[saphyr]: https://github.com/saphyr-rs/saphyr
[serde-saphyr]: https://github.com/saphyr-rs/saphyr/issues/66#issuecomment-3353212289
2025-11-09 11:23:32 +01:00
Renovate BotandJade Ellis 2e3b71f5f1 chore(deps): update rust-patch-updates 2025-11-08 23:57:36 +00:00
JadeandEllis Git 1312d61141 revert f7867cf6ca
revert ci: Clean up old images
2025-11-08 23:56:02 +00:00
Jade Ellis f7867cf6ca ci: Clean up old images 2025-11-08 23:29:25 +00:00
Jade Ellis 2ca6887a5d chore(ci): Fix merge error 2025-11-08 23:08:10 +00:00
Jade Ellis 368685f8cd ci: Re-run mirror script when files change 2025-11-08 23:00:37 +00:00
Jade Ellis ad2d192b94 ci: Use PATs for github registry
https://stackoverflow.com/questions/76821352/how-can-you-authenticate-to-the-github-container-registry-using-a-github-app

thx github
2025-11-08 23:00:31 +00:00
Jade Ellis 3214e94cdb ci: Mirror to ghcr 2025-11-08 22:59:27 +00:00
timedoutandEllis Git 37c537379d chore(ci): Add git.nexy7574.co.uk image mirror (#1149)
secrets were added to the org

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1149
Co-authored-by: timedout <git@nexy7574.co.uk>
Co-committed-by: timedout <git@nexy7574.co.uk>
2025-11-08 22:56:16 +00:00
Jade Ellis 3c01c5f085 chore: Don't try to update patched deps automatically 2025-11-08 21:17:04 +00:00
Renovate BotandJade Ellis 4c552bb8ca chore(deps): update pre-commit hook pre-commit/pre-commit-hooks to v6 2025-11-08 20:56:00 +00:00
Jade Ellis ce73d29855 chore: Fix typos 2025-11-08 20:54:49 +00:00
Renovate Bot d6e314744b chore(deps): update pre-commit hook crate-ci/typos to v1.39.0 2025-11-08 14:34:13 +00:00
Jade ec603188de ci: Enable pre-commit in renovate 2025-11-08 14:31:35 +00:00
timedoutandTom Foster fbf48addc7 fix(user_can): Fix room creators being unable to redact events in v12 rooms 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster cbf726580f fix: Kicks in !v12 are impossible 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster 28f258fc8c fix: Incorrect interpretation of 5.5.4 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster 8b3acfd770 fix: Inverted creatorship check 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster a581e8de01 fix: Don't check restricted join rules for invite joins 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster 7c74db5e74 fix: Weird re-application of partially resolved state 2025-10-27 14:34:50 +00:00
nexy7574andTom Foster b17b4235f3 fix: Unbans and kicks incorrectly checked creatorship in !v12 2025-10-27 14:34:50 +00:00
aviacandJade Ellis ec3564e8aa chore: use upstream rust-jemalloc-sys-unprefixed after flake.lock update 2025-10-27 12:55:21 +00:00
aviacandJade Ellis 9a887ac04b chore: fix CI to make all checks green
- define a nix default package
- try to fix CI
- fix/improve (?) CI even more (??)
2025-10-27 12:55:21 +00:00
aviacandJade Ellis fed808a3c6 feat: add taplo.toml to check now that we have it 2025-10-27 12:55:21 +00:00
aviacandJade Ellis 37983b33a2 feat: add treefmt 2025-10-27 12:55:21 +00:00
aviacandJade Ellis 1b2224fac6 feat: add hydra jobs to build all packages 2025-10-27 12:55:21 +00:00
aviacandJade Ellis c1c165ab48 fix: apply rocksdb changes in checks and shll 2025-10-27 12:55:20 +00:00
aviacandJade Ellis 68bea1816f feat(nix): flake-parts, first draft 2025-10-27 12:55:20 +00:00
Odd E. EbbesenandJade Ellis cb7875e479 fix(#1134): Update docs and implementation of admin media delete-past-remote-media (#1136)
Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1136
Co-authored-by: Odd E. Ebbesen <git@oddware.net>
Co-committed-by: Odd E. Ebbesen <git@oddware.net>
2025-10-27 12:31:25 +00:00
Jade Ellis 910a3182f7 fix: Prevent crash on process exit on MacOS 2025-10-26 17:42:08 +00:00
Jade Ellis 05886f8dcb feat: Add option to control WAL compression
Also enables zstd compression by default
2025-10-26 17:30:42 +00:00
timedoutandKierre cff3c27729 fix: Bump ruwuma, export new route, config loading 2025-10-24 16:37:22 -04:00
Kierre 80be2ca22c Repair 2025-10-24 16:07:06 -04:00
Kierre d133b6c0c3 feat: set MSC4373 values 2025-10-24 15:33:16 -04:00
Ginger a3592bd3b7 feat: Make a few improvements to the systemd unit
- Use systemd's credential system to supply our config file
- Remove `ConfigurationDirectory` to prevent conflicts with package managers
- Set `config_reload_signal` to true using an envvar
2025-10-17 13:37:42 +00:00
Ginger 70e8e96302 fix: Use mode 600 for config files on Fedora because they contain secret info 2025-10-17 13:37:42 +00:00
timedout 6002edccd3 perf: Remove extraneous policy server check 2025-10-16 23:57:07 +01:00
timedoutandnex d189004d65 feat: Add more granular controls for policy server calling (#1127)
Adds two new toggles to the configuration, the first of which allows disabling the policy server checks entirely, and the second of which allows disabling checking events created locally. They're both enabled by default for maximum PS efficacy but allowing them to be disabled allows people who frequently cannot contact policy servers, for example those in censored countries, to be able to still use rooms with pace, allows single-user/trusted-only homeservers to disable the preliminary check on their own events, and also gives an escape hatch in case an issue like #1060 happens again, especially with MSCs not in FCP being moving targets.

In future, I think we should gate all MSC implementations behind config flags, even if they default to on.

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1127
Reviewed-by: Jade Ellis <jade@ellis.link>
Co-authored-by: timedout <git@nexy7574.co.uk>
Co-committed-by: timedout <git@nexy7574.co.uk>
2025-10-16 22:45:23 +00:00
timedoutandnex 26b700bf51 fix: Policy server calls use the correct JSON object (#1126)
Fixes #1060

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1126
Reviewed-by: Jacob Taylor <aranjedeath@noreply.forgejo.ellis.link>
Co-authored-by: timedout <git@nexy7574.co.uk>
Co-committed-by: timedout <git@nexy7574.co.uk>
2025-10-16 21:06:54 +00:00
Renovate Bot 09f24745c3 chore(deps): lock file maintenance 2025-10-15 19:05:50 +00:00
Renovate BotandJade Ellis 7ffbbe6890 chore(deps): update https://github.com/actions/setup-node action to v6 2025-10-15 18:55:02 +00:00
Renovate BotandJade Ellis ad94c112fe chore(deps): update rust-patch-updates 2025-10-15 17:55:58 +00:00
Jade 8c7cc68cbf fix(ci): Don't use shallow clone when we're comparing git history 2025-10-15 12:53:15 +00:00
Gingerandnex dc047b635f feat: Send notifications to systemd when a reload is triggered 2025-10-15 03:12:25 +00:00
Renovate BotandJade Ellis cc4c2fed25 chore(deps): lock file maintenance 2025-10-13 12:05:52 +00:00
Renovate Bot 17e47ecd6d chore(deps): update github-actions-non-major 2025-10-13 11:27:22 +00:00
Jade b1d5ff477b chore: Update renovate config
- Limit renovate updates to mondays
- Don't group lock updates
- Update checksums if possible
2025-10-13 11:26:26 +00:00
Renovate BotandJade Ellis d6dc01ac2c chore(deps): update https://code.forgejo.org/actions/checkout action to v5 2025-10-13 10:41:20 +00:00
Jimmy BrushandJade Ellis 77ebe0d02f fix(!714): Off-by-one in v5 sync
Simplified sliding sync specifies ranges to be inclusive while rust ranges are
exclusive.
2025-10-13 10:28:19 +00:00
Renovate BotandJade Ellis 81e3d4c905 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.7 2025-10-13 10:27:18 +00:00
nexy7574andnex cb8f36444c feat: Proactively read Content-Length to reject oversized uploads 2025-10-12 19:42:57 +00:00
nexy7574andnex 799def70dc feat: Produce even more informative errors when saving media fails 2025-10-12 19:42:57 +00:00
nexy7574andnex 20f741d0e5 feat: Produce a more informative error when uploading media fails 2025-10-12 19:42:57 +00:00
Renovate Bot d38f4a24f2 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.146.0 2025-10-11 05:03:03 +00:00
Renovate Bot 6604cc4df9 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.144.1 2025-10-10 05:01:39 +00:00
Renovate Bot 89aa4d1eae chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.143.1 2025-10-09 05:03:56 +00:00
Renovate Bot 9231ea5114 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.141.0 2025-10-08 05:01:41 +00:00
Renovate Bot 4a3c72338d chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.138.1 2025-10-07 05:02:54 +00:00
Renovate Bot ab862f4383 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.135.5 2025-10-06 05:01:26 +00:00
Renovate Bot bd43be931a chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.135.4 2025-10-05 05:03:52 +00:00
Ginger 148240cbbb fix: Add missing ldap3 feature 2025-10-01 18:55:30 +00:00
Renovate BotandGinger 2e9e42d9ae chore(deps): update rust crate ldap3 to 0.12.0 2025-10-01 18:55:30 +00:00
Renovate Bot 89fbda0d6e chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.132.5 2025-10-01 05:03:28 +00:00
Renovate Bot c97eb5c889 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.132.2 2025-09-30 05:01:26 +00:00
Ginger 366ec46b26 fix: Upload debs built on a schedule 2025-09-29 14:17:44 +00:00
ginger 62a98ebc71 fix: Upload RPMs built on a schedule 2025-09-29 14:17:44 +00:00
Renovate Bot 439c605efe chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.131.9 2025-09-29 05:03:13 +00:00
Renovate Bot 32df2f3487 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.131.8 2025-09-28 05:03:46 +00:00
Renovate BotandJade Ellis 692da7ffc2 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.6 2025-09-27 16:17:44 +00:00
Renovate Bot 1082b24b1d chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.131.6 2025-09-27 05:03:28 +00:00
nexy7574 f45ceedb8a fix(upgrade): Potentially resolve CI clippy errors
I'm not convinced this isn't a rust bug itself,
but CI was complaining about lifetimes
and those complaints couldn't be reproduced locally,
so this should probably fix it maybe?
2025-09-26 18:47:49 +01:00
nexy7574 d614e43981 fix(stateres): Creators can always unban
Also basically rewrote all of the event auth logs to be more digestable
2025-09-26 18:47:49 +01:00
Renovate Bot 1e0e7a31aa chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.131.2 2025-09-26 05:02:43 +00:00
Renovate Bot 92fffe9c82 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.130.1 2025-09-25 08:28:06 +00:00
Renovate BotandJade Ellis 11e51300a5 chore(deps): update github-actions-non-major 2025-09-25 08:16:34 +00:00
Jade Ellis ef84e1bb02 fix(v12): Create tombstone event on room upgrade 2025-09-25 08:15:23 +00:00
nexy7574andJade Ellis 1887d58df8 fix: V12 room upgrades 2025-09-25 08:15:23 +00:00
nexy7574 c66f6f8900 fix(stateres): Correctly fetch missing auth events for incoming PDUs 2025-09-25 02:54:00 +01:00
Ginger 902fe7b7ab fix: Fix panic in debug builds caused by MSC4133 migration 2025-09-24 16:45:11 -04:00
Renovate Bot 472e1fee17 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.127.2 2025-09-24 05:03:46 +00:00
Jade Ellis 3c6f2d07e0 ci: Only run RPM builds on tags or schedule 2025-09-23 22:16:46 +01:00
gingerandJade Ellis 43254aa396 fix: Attempt to enable RPM signing 2025-09-23 22:15:01 +01:00
Tom FosterandJade Ellis 48ebf86335 feat(ci): Add Fedora RPM package build workflow
Build and publish RPM packages for Fedora using rpkg and official
rust-packaging macros. Packages are automatically signed by Forgejo's
built-in package registry (introduced in v9.0).

Publishes packages to organised groups:
- continuwuity (binary): base group (stable/dev/branch-name)
- continuwuity-debuginfo: GROUP-debug
- continuwuity (source RPM): GROUP-src

Workflow triggers on pushes to relevant paths and version tags (v*).
Tagged releases use clean version numbers (v1.2.3 becomes 1.2.3-1)
while branch builds use sanitised branch name versioning.

Uses dnf builddep to install build dependencies directly from the
generated SRPM, ensuring consistency between CI and spec file without
duplication. This also prevents hiding packaging issues that could
occur with --nodeps fallbacks.
2025-09-23 22:15:00 +01:00
Gingerandnex f1e3b4907e Build Debian packages and upload them to Forgejo's repository (#996)
This uses the existing `cargo-deb` metadata.

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/996
Reviewed-by: Tom Foster <tom@tcpip.uk>
Reviewed-by: nex <nex@noreply.forgejo.ellis.link>
Co-authored-by: Ginger <ginger@gingershaped.computer>
Co-committed-by: Ginger <ginger@gingershaped.computer>
2025-09-23 19:53:37 +00:00
Jade Ellis 9346a0d05e fix(ci): Typo 2025-09-23 12:55:04 +01:00
nyanbinaryandTom Foster c99faae115 chore(nix): bump rocksdb version in flake.nix to 10.5.fb 2025-09-23 06:31:10 +00:00
Renovate Bot a5aa68ee8d chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.125.2 2025-09-23 03:53:03 +00:00
Tom Foster 8959ac06ac ci: Split Rust build cache into dependencies and incremental caches
Replace single large build cache with separate dependencies and incremental
caches. Dependencies cache survives source code changes and uses tiered
restore keys. Removes build directory from caching to improve CI performance
while maintaining effective compilation caching with sccache.
2025-09-23 04:30:35 +01:00
Tom Foster 47f7ebfd68 fix: Use node_version in npm cache key for wrangler installation
Replace hashFiles('**/package-lock.json') with node_version since wrangler
is installed via npm without a lockfile to hash. Removes trailing dash from
cache keys and ensures npm dependencies are regenerated when Node.js version
changes.
2025-09-23 04:30:35 +01:00
Tom Foster 7d91f218b1 ci: Migrate to detect-versions with namespaced cache keys
Replace local detect-runner-os action with external detect-versions@v1 to
reduce custom action maintenance. Add architecture detection for future
cross-platform support and namespace all cache keys with "continuwuity-"
prefix to prevent collisions with other projects on shared runners.

Updates cache mount IDs in Dockerfiles to match the new namespacing
convention, ensuring consistent cache isolation across CI and Docker builds.
2025-09-23 04:30:22 +01:00
Jade Ellis e5e2db37d9 ci: Run image release workflow on tag 2025-09-22 17:03:26 +01:00
Jade Ellis e08ea3b9e5 ci: Trace commands to push docker manifests 2025-09-22 17:03:26 +01:00
Jade Ellis 4f1907abfa ci: Change tag generation to use suffix flavour 2025-09-22 17:03:26 +01:00
Ginger 92d74c293e feat: Advertise support for MSC4155 2025-09-22 11:33:45 -04:00
Renovate Bot 3fbdced0e1 chore(deps): update github-actions-non-major 2025-09-22 05:04:03 +00:00
nexy7574 b70470fa71 fix: Event filters all non-state events 2025-09-21 20:10:36 +01:00
nexy7574 703d6a2075 chore: Bump version to rc.8 2025-09-21 18:17:24 +01:00
Savyasachee Jhaandnex 5b75e21810 Update resolv-conf to upstream 0.7.5 2025-09-21 17:13:38 +00:00
13b7538785 Add support for MSC4155 (#1013)
[rendered msc here](https://github.com/Johennes/matrix-spec-proposals/blob/johannes/invite-filtering/proposals/4155-invite-filtering.md). Closes #836.

Co-authored-by: nexy7574 <git@nexy7574.co.uk>
Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1013
Reviewed-by: nex <nex@noreply.forgejo.ellis.link>
Co-authored-by: Ginger <ginger@gingershaped.computer>
Co-committed-by: Ginger <ginger@gingershaped.computer>
2025-09-21 17:03:40 +00:00
Renovate Bot 9745bcba1c chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.121.4 2025-09-21 05:02:02 +00:00
nexy7574andnex c9c79fbea6 fix: Fix restricted join rules inconsistencies 2025-09-20 21:07:13 +00:00
nexy7574andnex 92e9802340 style: Tidy up 1054 2025-09-20 21:07:00 +00:00
nexy7574andnex 1d80b7ce0c fix: Don't perform local join when there's no remote servers 2025-09-20 21:07:00 +00:00
Jade 563b6d4b30 fix: Update debug assertion with new serde type location
Fixes !1052
2025-09-20 18:04:16 +00:00
Renovate Bot e86fc6d9f8 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.119.5 2025-09-20 05:03:27 +00:00
Renovate Bot 13adea6498 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.118.1 2025-09-19 10:31:58 +00:00
Renovate Bot 17d0bb6cf6 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.117.0 2025-09-18 21:06:35 +00:00
Renovate Bot 6dc5051fa6 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.116.10 2025-09-18 19:26:39 +00:00
Renovate Bot 3034c03ad1 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.116.8 2025-09-18 13:36:19 +00:00
Renovate BotandJade Ellis fa6f549d39 chore(deps): lock file maintenance 2025-09-18 13:32:26 +00:00
Renovate BotandJade Ellis 999217b0f6 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.5 2025-09-18 13:31:48 +00:00
Renovate BotandJade Ellis 74fccff2cc chore(deps): update github-actions-non-major 2025-09-18 13:31:19 +00:00
ShuroiiandJade Ellis 7a56a2462c fix(ci): Use github env namespace as forgejo is still unsupported 2025-09-18 13:30:50 +00:00
Ginger 458811f241 fix: Fix nexy's very accurate and not-at-all busted fix to my fix 2025-09-17 20:04:50 -04:00
nexy7574 0672ce5b88 style: Fix clippy lint errors 2025-09-17 23:54:09 +01:00
Gingerandnexy7574 7f287c7880 fix: Use a database migration to fix corrupted us.cloke.msc4175.tz fields
(cherry picked from commit 4a893ce4cc81487bcf324dccefd8184ddef5b215)
2025-09-17 23:14:07 +01:00
ShuroiiandEllis Git 9142978a15 fix: Fully qualify action
This fixes an issue where Forgejo tries to look for code.forgejo.org for the action despite it not being available.
2025-09-17 21:37:50 +00:00
ShuroiiandEllis Git a8eb9c47f8 feat(ci): Add a workflow to update flake hashes
This workflow is intended to be ran as dispatch whenever the rocksdb fork changes!
Other than that, it'll run on any toolchain changes (rust-toolchain.toml, Cargo.lock, Cargo.toml) and update the relevant hash accordingly.
2025-09-17 21:37:50 +00:00
nexy7574 9f18cf667a chore: Temporarily disable bad tests 2025-09-17 22:25:04 +01:00
nexy7574andnex 7e4071c117 Implement room v12 (#943)
**Does not yet work!** Currently, state resolution does not correctly resolve conflicting states. Everything else appears to work as expected, so stateres will be fixed soon, then we should be clear for takeoff.

Also: a lot of things currently accept a nullable room ID that really just don't need to. This will need tidying up before merge. Some authentication checks have also been disabled temporarily but nothing important.

A lot of things are tagged with `TODO(hydra)`, those need resolving before merge. External contributors should PR to the `hydra/public` branch, *not* ` main`.

---

This PR should be squash merged.

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/943
Co-authored-by: nexy7574 <git@nexy7574.co.uk>
Co-committed-by: nexy7574 <git@nexy7574.co.uk>
2025-09-17 20:46:03 +00:00
Renovate Bot 51423c9d7d chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.115.6 2025-09-17 05:03:46 +00:00
Gingerandnex a0b0ff9d5c fix: Remove legacy check for u. prefix 2025-09-16 11:30:39 +00:00
Gingerandnex 8e27d74c4a fix: Slightly more parallelism 2025-09-16 11:30:39 +00:00
Gingerandnex d6b1055683 fix: Remove needless async marker 2025-09-16 11:30:39 +00:00
Gingerandnex c9117e6ee4 fix: Fix incorrect deserialization of MSC4133 profile fields 2025-09-16 11:30:39 +00:00
Gingerandnex e3415a500d chore: Code cleanup 2025-09-16 11:30:39 +00:00
Gingerandnex e6fd3c970b fix: Nuke explicit references to the MSC4175 tz profile field 2025-09-16 11:30:39 +00:00
Renovate Bot 6b7f35a8b8 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.115.0 2025-09-16 05:01:56 +00:00
Tom Foster a120a4fa95 fix: Handle runner cargo bin path migration in timelord action
Runner images have migrated from /usr/share/rust/.cargo/bin to standard
~/.cargo/bin location. Action now checks old location first and migrates
binaries if found, maintaining compatibility with both paths.

Bump cache key to v3 to ensure fresh binary cache after path changes.
2025-09-15 16:17:32 +01:00
Renovate Bot f872210b20 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.113.4 2025-09-15 05:01:40 +00:00
Renovate Bot 3dd04bd9df chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.113.2 2025-09-14 05:03:21 +00:00
Gingerandnex af45c348a4 fix: Properly deserialize changes to legacy fields made with MSC4133 endpoints 2025-09-14 01:28:08 +00:00
nexy7574andnex 36dabecb82 chore(1014): Include MSC4155 in build features to resolve build errors 2025-09-14 00:53:43 +00:00
nexy7574andnex 50cd1081ba chore(1014): Bump ruwuma 2025-09-14 00:53:43 +00:00
nexy7574andnex 14df55e5c5 style(1014): Remove unnecessary commented code 2025-09-14 00:53:43 +00:00
nexy7574andnex d9d0d1a465 fix(!1014): Don't prematurely return during registration 2025-09-14 00:53:43 +00:00
Tom Foster 81b6b3547c fix: Resolve Forgejo runner v11 matrix job execution failure
Matrix jobs stopped starting after upgrading from runner v9 to v11 due to
changes in job dependency resolution. Remove redundant define-variables job
that computed static image paths and replace with IMAGE_PATH environment
variable.

Also fix timelord action binary caching for compatibility between different
runner images that install cargo binaries in different locations.
2025-09-13 17:12:09 +01:00
Renovate Bot 0bbc3c4e05 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.112.0 2025-09-12 21:11:13 +00:00
Jade 0f09fa3d31 chore(renovate): Specify automerge strategy 2025-09-12 21:02:25 +00:00
Tom Foster 3d5355dfc3 chore(renovate): Add auto-merge for renovatebot and reorganise package rules
Enable automatic merging of ghcr.io/renovatebot/renovate docker image updates
to reduce manual maintenance overhead.

Reorganise package rules by manager type (cargo, github-actions, docker) and
add missing description for cargo concurrency limit rule to improve config
maintainability.
2025-09-12 17:50:08 +01:00
Renovate Bot 2547eb3a90 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.109.0 2025-09-12 13:29:47 +00:00
Renovate BotandJade Ellis 51ba41823f chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.106.0 2025-09-12 13:23:28 +00:00
Tom Foster 542dff50bd ci: Split Docker builds into sequential release and max-perf stages
Separate fast release builds from slow max-perf builds to optimise runner
utilisation and provide quicker feedback. Release builds complete first with
standard optimisations, followed by Haswell-optimised dragrace builds once
the safe builds pass successfully.

Extract build logic into focused composite actions for better log visibility
in Forgejo UI. Split monolithic build action into prepare-docker-build,
inline docker build step, and upload-docker-artifacts to ensure each phase
completes independently and shows logs immediately.

Creates separate manifests at each stage to avoid waiting for all builds
before publishing.
2025-09-12 12:43:19 +01:00
Tom Foster 9c147b182f ci: Fix BuildKit cache invalidation and add Haswell-optimised builds
The workflow was rebuilding dependencies unnecessarily despite timelord
restoring timestamps because TARGET_CPU and RUST_PROFILE weren't passed
to Docker, creating inconsistent cache keys. Now passes both arguments
for proper cache reuse.

Adds Haswell-optimised builds alongside baseline builds using -march=haswell
for PCLMUL instruction support. Recent build improvements reducing compile
times from 15-20 minutes to ~5 minutes make this additional CPU variant
feasible. Users can pull optimised images with -haswell suffix.
2025-09-11 13:59:43 +01:00
Renovate BotandTom Foster 7e76ca45c1 chore(deps): lock file maintenance 2025-09-11 12:28:11 +00:00
Tom Foster 5126cb4554 fix: Use forgejo/upload-artifact@v4 for artifact consistency
Follow-on to correct #1009. The previous fix downgraded upload-artifact
to v3 but kept download-artifact@v4, creating incompatible storage
formats that prevented artifact pattern filtering from working.

Update all upload-artifact actions to v4 and adjust renovate
configuration to disable automatic updates for forgejo artifact
actions to maintain version consistency.
2025-09-11 11:57:04 +01:00
Renovate BotandJade Ellis 4d05d0f677 chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.99.9 2025-09-11 09:56:48 +00:00
Tom Foster 0673ac1a6c fix: Fix artifact action compatibility and add digest debugging
Resolve upload-artifact v4 GHES compatibility errors by downgrading to v3.
Switch to standard forgejo/download-artifact@v4 for pattern filtering support.
Update renovate configuration to prevent future incompatible upgrades.

Add diagnostic output to digest export step to troubleshoot zero-byte
artifact uploads preventing manifest creation. Include CI triggers for
Element workflow to test changes in pull requests.
2025-09-11 10:44:11 +01:00
Jade Ellis ad11417145 chore(deps): Replace serde_yaml with serde_yml 2025-09-10 20:20:45 +01:00
Renovate Bot 0de904ffe4 chore(deps): update rust crate const-str to 0.7.0 2025-09-10 18:05:00 +00:00
Renovate BotandJade Ellis d74b9de221 chore(deps): update dependency cargo-bins/cargo-binstall to v1.15.4 2025-09-10 17:44:44 +00:00
Renovate Bot e7ac5988cb chore(deps): update https://github.com/actions/setup-node action to v5 2025-09-10 17:06:45 +00:00
Jade Ellis 571f05017c chore: Update resolv git hash 2025-09-10 17:50:37 +01:00
Jade Ellis a339e73eb5 chore: Unify actions versions 2025-09-10 17:39:25 +01:00
Jade Ellis 72b78ed6d4 chore: Fix nightly-only clippy lints 2025-09-10 17:35:17 +01:00
nexy7574andnex baa89586e2 fix(MSC4277): Undo refuted response changes 2025-09-10 16:25:06 +00:00
nexy7574andnex 7ad8ff2e45 style(MSC4277): Run lints to satisfy checks 2025-09-10 16:25:06 +00:00
nexy7574andnex 2046b1e2f6 feat(MSC4277): Unify reporting endpoint behaviours
* reporting rooms now always returns 200 OK
* reporting an event returns OK if we don't know about the reported event
* removed the score parameter (needs a followup ruwuma update)
2025-09-10 16:25:06 +00:00
Renovate Bot 2cb980cd4c chore(deps): update ghcr.io/renovatebot/renovate docker tag to v41.99.7 2025-09-10 16:16:34 +00:00
Jade Ellis 27e0ef7b2e chore: Update renovate CI
- Fixes some issues with the action - Enables OSV vuln scanning -
Enables updating the dockerfile tool versions
2025-09-10 16:53:59 +01:00
Jade Ellis 7091882887 chore: Update cargo lockfile 2025-09-10 16:47:20 +01:00
Jade Ellis a81546374d ci: Make timelord docker work locally 2025-09-10 16:40:55 +01:00
Tom Foster 7950e2cc7f ci: Refactor timelord action to use git-warp-time fallback
Updates the timelord action to fall back to git-warp-time when the cache
is completely empty, enabling timestamp restoration even on fresh builds.
When git-warp-time is used, performs an unshallow fetch to get full history,
while subsequent runs use normal fetches. Simplifies the interface by making
inputs optional with sensible defaults.

Adds binary caching for timelord-cli and git-warp-time tools to avoid
repeated installations, and updates paths to use /usr/share/rust/.cargo/bin/
for the catthehacker runner image used by the dind profile (may need updating
if/when switching to standard image).

The main timelord restore now happens inside the Dockerfile itself, as Docker
intentionally wipes all file mtimes on COPY/ADD operations.
2025-09-08 08:34:29 +00:00
Renovate Bot 8f186cd770 chore(deps): update https://github.com/renovatebot/github-action action to v43.0.11 2025-09-08 05:02:33 +00:00
Ginger 5d3e10a048 fix: Make RA use the full feature 2025-09-07 18:07:03 -04:00
Ginger 1e541875ad fix: Nuke src/api/client/utils.rs 2025-09-07 18:06:11 -04:00
nexy7574andnex 90fd92977e style: Run clippy 2025-09-07 21:20:26 +00:00
Gingerandnex e27ef7f5ec feat: Do not persist remote PDUs fetched with admin commands 2025-09-07 21:20:26 +00:00
Gingerandnex 16f4efa708 fix: Fix pagination tokens being corrupted for backfilled PDUs 2025-09-07 21:20:26 +00:00
Gingerandnex e38dec5864 fix: Put the output of !admin query room-timeline pdus in a codeblock 2025-09-07 21:20:26 +00:00
Gingerandnex f3824ffc3d fix: Use handle_incoming_pdu directly to keep remote PDUs as outliers 2025-09-07 21:20:26 +00:00
nexy7574andnex e3fbf7a143 feat: Ask remote servers for individual unknown events 2025-09-07 21:20:26 +00:00
nexy7574 09de586dc7 feat(PR977): Log more things in the join process 2025-09-07 22:01:07 +01:00
nexy7574 d1fff1d09f perf(pr977): Remove redundant ACL check in send_join 2025-09-07 22:01:07 +01:00
nexy7574 f47474d12a fix(PR977): Adjust some log levels 2025-09-07 22:01:07 +01:00
nexy7574 53da294e53 fix(PR977): Omitting redundant entries from the auth_chain caused problems 2025-09-07 22:01:07 +01:00
nexy7574 2cdccbf2fe feat(PR977): Support omitting members in the send_join response 2025-09-07 22:01:07 +01:00
Tom Foster 6cf3c839e4 ci(release-image): Skip digest upload when not pushing images
After #992, builds without registry credentials skip Docker image output
but still extract binary artifacts. However, we were still trying to
upload digests for images that weren't created. Add conditional check
to only upload digests when actually pushing to registry.
2025-09-07 21:27:56 +01:00
Tom Foster 4a1091dd06 ci(release-image): Unify binary extraction using BuildKit local output
Fork PRs currently fail binary extraction with 'invalid reference format'
and 'must specify at least one container source' errors. This replaces the
registry-specific docker create/copy method with BuildKit's local output
feature for all builds.

Uses multiple outputs in single build: image export plus local binary
extraction from /sbin. Speeds up extracting binary artifacts and saves a
couple of extra workflow steps in the process.
2025-09-07 20:46:11 +01:00
Tom Foster 1e9701f379 ci(release-image): Skip setup steps when using persistent BuildKit
When BUILDKIT_ENDPOINT is set, builds run on a persistent BuildKit instance,
making runner setup steps unnecessary. Skip Rust toolchain installation,
QEMU setup, caching steps, and timelord to eliminate ~7 operations per job.

Also adds output to git SHA and timestamp steps for visibility.

Cuts at least a minute off average build time through fewer installs,
cache restores, and cache saves.
2025-09-07 18:59:05 +01:00
Tom Foster 2cedf0d2e1 fix(ci): Use image output instead of docker for fork PRs
Docker exporter doesn't support manifest lists (multi-platform builds).
For fork PRs without registry credentials, use 'type=image,push=false'
instead of 'type=docker' to build multi-platform images locally without pushing.
2025-09-07 18:32:38 +01:00
Tom Foster 84fdcd326a fix(ci): Resolve registry push failures for fork PRs
Fork PRs now fail during Docker image build with 'tag is needed when
pushing to registry' because BUILTIN_REGISTRY_ENABLED evaluates to false
without proper credentials, leaving the images list empty. This appears
to be due to recent Forgejo permission changes affecting fork access to
repository secrets.

Add fallback to official registry when credentials unavailable, skip
registry login and push operations for forks, and make merge job
conditional since no digests exist without push. This allows forks to
test Docker builds whilst avoiding authentication failures.
2025-09-07 17:39:18 +01:00
Tom Foster d640853f9d ci(docs): Optimise build performance with caching and conditional Node.js
Skip installing Node.js entirely if v20+ is already available, otherwise
install v22. Add npm dependency caching with OS-specific cache keys using
the custom detect-runner-os action for proper cache isolation between
runners. Dependencies normally take just under 10s, so this should more
than halve the doc build time to free up runner slots.
2025-09-07 14:51:10 +01:00
Tom Foster fff9629b0f fix(docker): Resolve liburing.so.2 loading error for non-root users
Container failed to start when running as non-root (user 1000:1000) because
copied directories had restrictive 770 permissions, likely due to different
umask in persistent BuildKit. Non-root users couldn't access /usr/lib to
load required dynamic libraries.

Introduces prepper stage using Ubuntu to organize files into layered structure
with explicit 755 directory permissions before copying to scratch image.
Also fixes workflow syntax error and removes docker/** from paths-ignore to
ensure Docker changes trigger CI builds.
2025-09-07 14:13:14 +01:00
Tom Foster 1a3107c20a fix(ci): Replace Mozilla sccache action with token-free alternative
Replace mozilla-actions/sccache-action with a custom Forgejo-specific
implementation that eliminates GitHub token dependencies and rate limiting
issues for all contributors regardless of repository permissions.

The new action mirrors sccache binaries to the Forgejo package registry
and queries that instead of GitHub releases, maintaining identical functionality
including hostedtoolcache support.
2025-09-07 09:29:32 +01:00
aviacandEllis Git 969d7cbb66 feat(nix): remove rocksdb from flake.nix inputs
Consuming this flake is pretty annoying since the rocksdb input is
fetched on every build which takes ~ 10 - 20 sec. By removing it and
replacing it with a `pkgs.fetchFromGitea`, we create an intermediate
derivation which is better for caching reasons.
2025-09-06 17:40:31 +00:00
Jade Ellis cd238b05de fix: Remove bad colon in workflow 2025-09-06 16:21:21 +01:00
Jade Ellis c0e3829fed feat: Replace Jaeger with OTLP 2025-09-06 16:19:56 +01:00
Jade Ellis 1d7dda6cf5 chore: Upgrade ctor, cbor 2025-09-06 16:19:56 +01:00
Jade Ellis 6f19931c5b chore(deps): Upgrade minor incompatible dependencies 2025-09-06 16:19:56 +01:00
Tom Foster 2516e783ba ci: Support optional persistent BuildKit endpoints in Docker builds
Allows us to use runners with persistent BuildKit containers for improved
caching and faster build times. Falls back to standard docker-container
driver when BUILDKIT_ENDPOINT environment variable is not set.
2025-09-06 16:05:51 +01:00
Jade Ellis fdf5771387 ci: Fix CI not triggering on external pull requests 2025-09-06 15:21:39 +01:00
GingerandJade Ellis 58bbc0e676 fix: Move packaging files from dist/ to pkg/ 2025-09-06 14:03:57 +00:00
GingerandJade Ellis 0d58e660a2 fix: Remove unnecessary user and directory modifications
systemd creates a dynamic user for
continuwuity and manages directories for
it automatically, so the debian postinst
script no longer needs to do that.
2025-09-06 14:03:57 +00:00
GingerandJade Ellis e7124edb73 fix: Update debian systemd unit path 2025-09-06 14:03:57 +00:00
GingerandJade Ellis d19e0f0d97 feat: Move packaging scripts into dist/ and consolidate the service files 2025-09-06 14:03:57 +00:00
nex 467aed3028 chore: Add Ginger's GH noreply email to mailmap 2025-09-02 16:36:56 +00:00
Ginger 99b44bbf09 Update conduwuit-example.toml 2025-09-01 17:50:09 +00:00
Ginger 95aeff8cdc Set the DB path as an env var in systemd service files to prevent footgunning 2025-09-01 17:50:09 +00:00
nexy7574andnex 9e62e66ae4 chore(PR956): Update admin docs 2025-09-01 11:27:58 +00:00
nexy7574andnex 76b93e252d feat: Only inject vias when manual ones aren't provided during join 2025-09-01 11:27:58 +00:00
nexy7574andnex 66d479e2eb fix: Make remote leave helper a public fn 2025-09-01 11:27:58 +00:00
nexy7574andnex 241371463e feat: Force leave remote rooms admin command 2025-09-01 11:27:58 +00:00
nexy7574 d970df5fd2 perf(MSC4323): Parallelise some check futs 2025-09-01 12:13:37 +01:00
nexy7574 4e644961f3 perf(MSC4323): Remove redundant authorisation checks 2025-09-01 12:13:37 +01:00
nexy7574 35cf9af5c8 feat(MSC4323): Add versions flag 2025-09-01 12:13:37 +01:00
nexy7574 04e796176a style(MSC4323): Satisfy our linting overlords 2025-09-01 12:13:37 +01:00
nexy7574 9783940105 feat(MSC4323): Advertise suspension support in capabilities 2025-09-01 12:13:37 +01:00
nexy7574 1e430f9470 feat(MSC4323): Implement agnostic suspension endpoint 2025-09-01 12:13:37 +01:00
Renovate Bot 5cce024841 chore(deps): update https://github.com/reproducible-containers/buildkit-cache-dance action to v3.3.0 2025-08-31 00:44:28 +00:00
Jade Ellis e87c461b8d feat: Cache renovate data, RO GitHub token 2025-08-31 01:37:50 +01:00
Jade Ellis b934898f51 chore: Update renovate config, limit cargo updates 2025-08-31 00:25:41 +01:00
nexy7574 83e3de55a4 fix(sync/v2): Room leaves being omitted incorrectly
Partially borrowed from https://github.com/matrix-construct/tuwunel/commit/85a84f93c7ef7184a8eee1bb17116e5f0f0faf5a
2025-08-30 16:18:46 +01:00
Tom Foster 609e239436 fix(fedora): Correct linting issues in RPM spec file
The Fedora RPM packaging files added in PR #950 weren't passing pre-commit
checks, causing CI failures for any branches rebased after that merge. This
applies prek linting fixes (typo correction, trailing whitespace removal,
and EOF newline) to ensure CI passes for all contributors.
2025-08-30 16:10:41 +01:00
GingerandJade Ellis 34417c96ae Update URL to point at the landing page 2025-08-28 21:10:46 +00:00
GingerandJade Ellis f33f281edb Update long description to match deb package 2025-08-28 21:10:46 +00:00
GingerandJade Ellis ddbca59193 Add spec and service files for creating an RPM package 2025-08-28 21:10:46 +00:00
Tom Foster b5a2e49ae4 fix: Resolve Clippy CI failures from elided lifetime warnings
The latest Rust nightly compiler (2025-08-27) introduced the
elided-named-lifetimes lint which causes Clippy CI checks to fail
when an elided lifetime ('_) resolves to a named lifetime that's
already in scope.

This commit fixes the Clippy warnings by:
- Making lifetime relationships explicit where 'a is already in scope
- Keeping elided lifetimes ('_) in functions without explicit
  lifetime parameters
- Ensuring proper lifetime handling in the database pool module

Affected files (17 total):
- Database map modules: Handle, Key, and KeyVal references in get,
  qry, keys, and stream operations
- Database pool module: into_recv_seek function

This change resolves the CI build failures without changing any
functionality, ensuring the codebase remains compatible with the
latest nightly Clippy checks.
2025-08-28 21:13:19 +01:00
Jade Ellis 37248a4f68 chore: Add reasons for test skips 2025-08-28 20:10:05 +01:00
Tom Foster dd22325ea2 refactor(ci): Consolidate Rust checks with optimised toolchain setup
Merge rust-checks.yml into prek-checks.yml for a unified workflow that
runs formatting and clippy/test checks in parallel jobs.

Add reusable composite actions:
- setup-rust: Smart Rust toolchain management with caching
  * Uses cargo-binstall for pre-built binary downloads
  * Integrates Mozilla sccache-action for compilation caching
  * Workspace-relative paths for better cache control
  * GitHub token support for improved rate limits
- setup-llvm-with-apt: LLVM installation with native dependencies
- detect-runner-os: Consistent OS detection for cache keys

Key improvements:
- Install prek via cargo-binstall --git (crates.io outdated at v0.0.1)
- Download timelord-cli from cargo-quickinstall
- Set BINSTALL_MAXIMUM_RESOLUTION_TIMEOUT=10 to avoid rate limit delays
- Default Rust version 1.87.0 with override support
- Remove redundant sccache stats (handled by Mozilla action)

Significantly reduces CI runtime through binary downloads instead of
compilation while maintaining all existing quality checks.
2025-08-28 19:20:14 +01:00
nexandEllis Git 30a56d5cb9 Update renovate.json 2025-08-28 17:15:32 +00:00
nexy7574 3183210459 fix: Post-merge compile issues 2025-08-23 21:28:31 +01:00
RatCornuandEllis Git 57d7743037 feat: add ldap_only config option 2025-08-23 19:59:36 +00:00
Jade EllisandEllis Git cb09bfa4e7 fix: Correctly pass ldap feature from the default crate 2025-08-23 19:59:36 +00:00
Jade EllisandEllis Git 0ed691edef fix: Make builds without LDAP work correctly 2025-08-23 19:59:36 +00:00
Jade EllisandEllis Git c58b9f05ed chore: Fix default attributes for config 2025-08-23 19:59:36 +00:00
RatCornuandEllis Git fb7e739b72 chore: remove unused LDAP mail attribute 2025-08-23 19:59:36 +00:00
RatCornuandEllis Git c7adbae03f feat: ldap login 2025-08-23 19:59:36 +00:00
Jade Ellis 8b35de6a43 chore: Fix clippy lints with minimal diff 2025-08-22 00:51:54 +01:00
aviacandJade Ellis d191494f18 chore(nix): update fenix input
This is required, since now we're installing `rustfmt` from the latest
state of the fenix repo. This wasn't recent enough for the latest rust
version. The input was locked at (2025-07-02). Now it's up to date.
2025-08-22 00:37:16 +01:00
aviacandJade Ellis 6d1f12b22d chore(nix): make rustfmt-nightly available to default dev shell
I verified this by running `rustfmt --version` on my system. Note that I
don't have a system-wide install of rust and only rely on dev shells, so
this can't possibly come from somewhere else.

```
$ rustfmt --version
rustfmt 1.8.0-nightly (6677875279 2025-07-02)
```
2025-08-22 00:37:16 +01:00
aviacandJade Ellis ca3ee9224b chore(rust): drop rustfmt from rust-toolchain.toml
This just installs regular rustfmt, which is not needed in this project.
One could say "It doesn't hurt", but in the NixOS dev shell it actually
does since it will shadow nightly rustfmt and we don't have the
`cargo +nightly fmt` synatx on NixOS that is available on other Distros.

Also "It doesn't hurt" to delete it for non NixOS users.
2025-08-22 00:37:16 +01:00
aviacandJade Ellis 427b973b67 chore(rust): bump version 1.87 -> 1.89
- bump version in rust-toolchain.toml
- update sha in flake.nix
2025-08-22 00:32:04 +01:00
Tom Foster aacaf5a2a0 fix(ci): Downgrade setup-uv action from v6 to v5
The setup-uv@v6 action has deprecated Node 18 support mid-version by
using the File API, causing workflow failures. Temporarily downgrading
to v5 until we migrate to a better runner image with Node 20+ support.
2025-08-21 21:10:15 +01:00
aviac 256bed992e chore(nix): exec 'use flake' with direnv on NixOS systems 2025-08-21 13:40:11 +02:00
aviac ecb87ccd1c chore(nix): bump rocksdb version in flake.nix to 10.4.fb
This works without any further changes. Multiple people in the matrix
room (including myself) have reported that the built executable runs
fine with this. Nevertheless, there might be room for improvements (in
future commits)
2025-08-21 13:39:36 +02:00
Tom Foster 14a4b24fc5 fix(ci): Configure Renovate for Forgejo platform
- Set platform to 'forgejo' with proper API endpoint
- Use environment variables for all Renovate configuration
- Add git timeout and disable GitHub token warnings
- Move PR limit configuration to workflow
2025-08-17 17:37:24 +01:00
Tom Foster 731761f0fc Merge branch 'main' into tom/prek-was-prefligit 2025-08-17 15:08:44 +00:00
Tom Foster 4524a00fc6 chore(ci): Remove obsolete prefligit action
Now using prek directly via uvx, this custom action is no longer needed.
2025-08-17 16:00:42 +01:00
Tom Foster 9db750e97c fix(ci): Add full GitHub URL to renovate action
Forgejo's runner doesn't automatically assume actions are on github.com,
so we need to specify the full URL.
2025-08-17 15:51:29 +01:00
Tom Foster b14a4d470b Merge branch 'main' into tom/prek-was-prefligit 2025-08-17 14:16:35 +00:00
Tom Foster 5d1f141882 ci: Rename prefligit-checks.yml to prek-checks.yml
Rename workflow file to match the updated tool name.
2025-08-17 15:13:02 +01:00
Tom Foster b447cfff56 ci: Update prefligit to prek
The prefligit project has been renamed to prek due to typosquatting
concerns. This updates our CI to use the new name and recommended
installation method via uv, which significantly reduces setup time
compared to cargo install and includes automatic caching.

- Replace outdated static prefligit action with direct prek invocation
- Use uv as recommended by upstream: https://github.com/j178/prek
- Update check-byte-order-marker to fix-byte-order-marker (deprecated)
- Simplify workflow by removing unused ref calculations

The same .pre-commit-config.yaml works unchanged. Developers can
install locally with 'uvx prek install' or other methods from the repo.
2025-08-17 15:11:38 +01:00
Tom Foster 283888e788 Merge branch 'main' into tom/renovate 2025-08-17 13:27:33 +00:00
Tom Foster f54e59a068 ci: Add Renovate for automated dependency management
Configures Renovate bot to create PRs for outdated dependencies.
Runs daily at 5am UTC with manual trigger via workflow_dispatch.

Configuration:
- Ignores custom forks (jemalloc, telemetry packages)
- Groups: GHA minor/patch, Rust toolchain, lockfile, Rust patches
- Limits: 3 concurrent PRs, 2 PRs per hour
- Supports: Cargo, GitHub Actions, Nix
2025-08-17 14:20:20 +01:00
Tom Foster 2a183cc5a4 fix(build): Remove hardened_malloc from full feature set
The hardened_malloc feature conflicts with jemalloc, preventing successful
builds with the --features full flag. Commenting out hardened_malloc allows
the full profile to build correctly while maintaining all other features.
2025-08-17 13:44:32 +01:00
nexy7574 54acd07555 fix: Drop fake room v2 support 2025-08-16 16:22:24 +01:00
Tom Foster 583cb924f1 refactor: address code review feedback for auth and pagination improvements
- Extract duplicated thread/message pagination functions to shared utils module
- Refactor pagination token parsing to use Option combinators instead of defaults
- Split access token generation from assignment for clearer error handling
- Add appservice token collision detection at startup and registration
- Allow appservice re-registration with same token (for config updates)
- Simplify thread relation chunk building using iterator chaining
- Fix saturating_inc edge case in relation queries with explicit filtering
- Add concise comments explaining non-obvious behaviour choices
2025-08-12 05:29:41 +01:00
Tom Foster 9286838d23 fix(relations): improve thread pagination and include root event
Replace unreliable PduCount pagination tokens with ShortEventId throughout
the relations and messages endpoints. ShortEventId provides stable, unique
identifiers that persist across server restarts and database operations.

Key improvements:
- Add token parsing helpers that try ShortEventId first, fall back to
  PduCount for backwards compatibility
- Include thread root event when paginating backwards to thread start
- Fix off-by-one error in get_relations that was returning the starting
  event in results
- Only return next_batch/prev_batch tokens when more events are available,
  preventing clients from making unnecessary requests at thread boundaries
- Ensure consistent token format between /relations, /messages, and /sync
  endpoints for interoperability

This fixes duplicate events when scrolling at thread boundaries and ensures
the thread root message is visible when viewing a thread, matching expected
client behaviour.
2025-08-10 19:12:56 +01:00
Tom Foster d1ebcfaf0b fix(auth): prevent token collisions and optimise lookups
Ensures access tokens are unique across both user and appservice tables to
prevent authentication ambiguity and potential security issues.

Changes:
- On startup, automatically logout any user devices using tokens that
  conflict with appservice tokens (resolves in favour of appservices)
  and log a warning with affected user/device details
- When creating new user tokens, check for conflicts with appservice tokens
  and generate a new token if a collision would occur
- When registering new appservices, reject registration if the token is
  already in use by a user device
- Use futures::select_ok to race token lookups concurrently for better
  performance (adapted from tuwunel commit 066097a8)

This fix-forward approach resolves existing token collisions on startup
whilst preventing new ones from being created, without breaking existing
valid authentications.

The find_token optimisation is adapted from tuwunel (matrix-construct/tuwunel)
commit 066097a8: "Optimize user and appservice token queries" by Jason Volk.
2025-08-10 17:10:06 +01:00
Tom Foster e820551f62 fix(appservice): create sender_localpart user during appservice startup
Fixes #813: Application services were unable to work because their sender_localpart
user was never created in the database, preventing authentication.

This fix ensures the appservice user account is created when:
- The server starts up and loads existing appservices from the database
- A new appservice is registered via the admin command

Additionally, if an appservice user has been accidentally deactivated, it will be
automatically reactivated when the appservice starts.

The solution centralises all appservice startup logic into a single `start_appservice`
helper method, eliminating code duplication between the registration and startup paths.
2025-08-10 17:10:06 +01:00
Yonatan Sidler bd3db65cb2 fix(arch): fix config.toml not being loaded from LoadCredentials directory 2025-08-06 20:01:36 +03:00
nexy7574 e4a43b1a5b fix(policy-server): Call the PS later in the PDU creation process
This avoids accidentally sending partially built PDUs to the policy server,
which may cause issues with some implementations
2025-08-02 00:19:33 +01:00
Jade Ellis 5775e0ad9d docs: Make traefik router names consistent 2025-07-30 19:55:48 +01:00
Jade Ellis 238cc627e3 docs: Set traefik labels 2025-07-30 19:33:53 +01:00
Jade Ellis b1516209c4 chore: Update funding file 2025-07-30 19:23:38 +01:00
Jade Ellis 0589884109 docs: Fix documentation link in README
Closes https://forgejo.ellis.link/continuwuation/continuwuity/issues/913
2025-07-28 19:28:34 +01:00
Jade Ellis 4a83df5b57 chore: Fix link 2025-07-25 17:35:18 +01:00
Jade Ellis aa08edc55f chore: Release announcement 2025-07-25 17:30:31 +01:00
Jade Ellis 00c7e220bb chore: Release 2025-07-25 14:10:06 +01:00
Jade Ellis 87be4d1a52 feat: Almost-functional musl builds on Alpine
Lots of fiddling, still can't get stuff to work

Next step is a debian builder copying the static libs from alpine
2025-07-24 23:22:27 +01:00
Jade Ellis 205506f206 chore: Update deps 2025-07-24 22:18:10 +01:00
Jade Ellis 66181c61af chore: Update rocksdb, feature flag changes
Most of the way to static musl builds, just zlib I think
2025-07-24 21:51:52 +01:00
Jade Ellis b7a0442298 feat: Musl images in docker
Not working at the moment, need to upgrade the rust-rocksdb and possibly
zstd to stop them force-enabling dynamic libclang
2025-07-24 19:00:41 +01:00
Jade Ellis 1bc663e1c8 docs: Fix spacing at the top 2025-07-24 13:37:52 +01:00
Jade Ellis 68b0140c42 docs: Add vias to matrix.to links 2025-07-24 13:31:58 +01:00
nexy7574 f32f60d056 fix(policy-server): Return the correct result when an event is marked as spam 2025-07-23 18:01:46 +01:00
nexy7574 fe06d78c8e fix(policy-server): Update ask_policy_server docstring 2025-07-23 17:58:33 +01:00
nexy7574 99ebe022ed fix(policy-server): Correctly default to 10 second timeout 2025-07-23 17:56:45 +01:00
nexy7574 f335f45017 feat(policy-server): Add configurable timeout 2025-07-23 17:49:08 +01:00
nexy7574 1726633c0f fix(policy-server): Fixup refactor 2025-07-23 17:49:08 +01:00
nexy7574 dfda27fadc feat(policy-server): Don't fail-closed & refactor references 2025-07-23 17:49:08 +01:00
Jade Ellisandnexy7574 9465c5df1f style: Improve logging and comments 2025-07-23 17:49:07 +01:00
nexy7574 2d475b1220 style(policy-server): Run clippy 2025-07-23 17:49:07 +01:00
nexy7574 d7fa624fd2 feat(policy-server): Optimise policy server lookups 2025-07-23 17:49:07 +01:00
nexy7574 cc9202b0c4 feat(policy-server): Limit policy server request timeout to 10 seconds 2025-07-23 17:49:07 +01:00
nexy7574 a3d62ed0d9 feat(policy-server): Prevent local events that fail the policy check 2025-07-23 17:49:07 +01:00
nexy7574 78b7175677 feat(policy-server): Soft-fail redactions for failed events 2025-07-23 17:49:07 +01:00
nexy7574 74d60f256b style(policy-server): Restructure logging 2025-07-23 17:49:07 +01:00
nexy7574 732c69f5ca fix(policy-server): Avoid unnecessary database lookup 2025-07-23 17:49:07 +01:00
nexy7574 8e7801f323 chore: Update ruwuma & fix lints 2025-07-23 17:49:06 +01:00
nexy7574 9017efe45b feat(policy-server): Policy server following 2025-07-23 17:49:06 +01:00
Jade Ellis 7e2f04a78a chore: Check all features in CI and docs 2025-07-20 21:25:27 +01:00
Jade Ellis d74514f305 ci: Fix inverted latest tag 2025-07-20 20:59:29 +01:00
Jade Ellis 95610499c7 chore: Disable direnv's nix flake interfering with cargo cache 2025-07-20 16:36:01 +01:00
Jade Ellis f593cac58a feat: Enable hardware-lock-elision and deadlock_detection 2025-07-20 16:35:59 +01:00
Jade Ellis 1c985c59f5 refactor: Allow with_lock to return data and take an async closure 2025-07-20 16:34:48 +01:00
Jade Ellis b635e825d2 refactor: Implement with_lock for lock_api 2025-07-20 16:34:36 +01:00
Jade Ellis 6d29098d1a refactor: Replace remaining std RwLocks 2025-07-20 16:33:36 +01:00
Jade Ellis 374fb2745c refactor: Replace remaining std Mutexes 2025-07-20 16:32:48 +01:00
Jade Ellis a1d616e3e3 refactor: Replace std RwLock with parking_lot 2025-07-20 16:31:55 +01:00
Jade Ellis 30a8c06fd9 refactor: Replace std Mutex with parking_lot 2025-07-20 16:31:02 +01:00
roootandJade Ellis 0631094350 docs(config): warn about federation key query timeout caveat
Signed-off-by: rooot <hey@rooot.gay>
2025-07-20 16:24:56 +01:00
roootandJade Ellis 9051ce63f7 feat(config): introduce federation connection timeout setting
fixes #906

Signed-off-by: rooot <hey@rooot.gay>
2025-07-20 16:24:26 +01:00
Jade Ellis f513cb7598 chore: Remove false positives in typo checks 2025-07-19 20:31:54 +01:00
nexy7574andJade Ellis c639228f4d style(space-upgrades): Remove unused import left over from 6691b7672b 2025-07-19 18:37:45 +01:00
nexy7574andJade Ellis 331832616f feat(space-upgrades): MSC4168: Override space child vias 2025-07-19 18:37:45 +01:00
nexy7574andJade Ellis b2b18002ea fix(space-upgrades): Remove unused helper function 2025-07-19 18:37:45 +01:00
nexy7574andJade Ellis 57868a008c feat(space-upgrades): Skip empty state events in room upgrade 2025-07-19 18:37:45 +01:00
nexy7574andJade Ellis f063814d94 fix(space-upgrades): Incorrectly updated parent children events 2025-07-19 18:37:38 +01:00
nexy7574andJade Ellis 3b5335630d feat(space-upgrades): Transfer all state keys during upgrade
Before this change, only state events with an
empty state key would be cloned.
This allows m.space.child to be cloned appropriately.
2025-07-19 18:35:59 +01:00
nexy7574andJade Ellis b2883c3d6e feat(space-upgrades): Update parent spaces in upgrade
This relies on the room being upgraded referencing
the space itself, but there isn't an easy way to
do it otherwise.
2025-07-19 18:35:58 +01:00
nexy7574andJade Ellis 62bdfe1ce8 feat(space-upgrades): Copy over space child & parent states 2025-07-19 18:35:56 +01:00
Jade Ellis 843e501902 docs: Add section for testing TURN servers 2025-07-16 23:47:41 +01:00
Jade Ellis 0a8c13ffd2 fix: Use boolean where expected in services
Fixes https://forgejo.ellis.link/continuwuation/continuwuity/issues/905
2025-07-16 23:27:14 +01:00
Jade Ellis a89ceb93d8 docs: Update Docker and generic instructions
Add instructions for proxying .well-known to Continuwuity in with
Traefik. Clarify and expand build instructions in generic deployment,
separating Rust toolchain and Nix approaches.
2025-07-16 23:27:14 +01:00
Jade Ellis 13de0ac822 docs: Update and improve NixOS documentation
Documentation now mentions the official package
2025-07-16 23:27:14 +01:00
Jade Ellis 4a5b122d77 docs: Improve grammar in Debian package 2025-07-16 23:27:14 +01:00
Jade Ellis 2655acf269 docs: Improve grammar in deployment documentation 2025-07-16 23:27:14 +01:00
Jade Ellis 3c320f6d6e docs: Fix code examples in style guide 2025-07-16 23:27:14 +01:00
Jade Ellis 946449d3e5 docs: Add link to UV docs 2025-07-16 23:27:13 +01:00
Jade Ellis b17f278803 docs: Add code style guide 2025-07-16 23:27:13 +01:00
Jade Ellis 6a4905271e refactor: Add with_lock traits 2025-07-16 23:27:13 +01:00
Jade Ellis cfc64ddb40 docs: Note python requirements 2025-07-16 23:27:13 +01:00
Jade Ellis 6aceac3833 docs: Note policy on large formatting diffs 2025-07-16 23:27:13 +01:00
NyxandJade Ellis 5bf20db8e7 Add /_continuwuity/ paths 2025-07-14 17:49:06 +00:00
nexy7574 1abe8f7835 fix: Creation bug 2025-07-12 22:37:49 +01:00
nexy7574 ce84c46459 style(902): Fix clippy complaining about cast 2025-07-09 15:28:31 +01:00
nexy7574 7b60f5368d feat(902): Upload files for admin commands that are too long 2025-07-09 15:11:09 +01:00
nexy7574andEllis Git e61a593932 fix: Implement MSC4307 2025-07-08 22:40:44 +00:00
nexy7574 b71186d958 chore(recaptcha): Update example config file
Unsure how this managed to get past the `git commit -S -a`
but sure
2025-07-08 19:47:42 +01:00
nexy7574 c362499cef docs(recaptcha): Clarify registration when token & captcha are configured 2025-07-08 19:34:47 +01:00
nexy7574 14774fa153 feat(recaptcha): Don't allow pubkey without associated privkey 2025-07-08 19:32:23 +01:00
nexy7574 ff805d8ae1 feat(recaptcha): Fix linting issues after the linter fix lied to me 2025-07-08 19:27:51 +01:00
nexy7574 f0994355d4 feat(recaptcha): Fix linting issues 2025-07-08 19:15:55 +01:00
nexy7574 980774a275 feat(recaptcha): Update example config after previous changes 2025-07-08 19:08:25 +01:00
nexy7574 e4a6abe15e feat(recaptcha): Disable treating captcha-enabled servers as abuse-prone 2025-07-08 19:07:27 +01:00
nexy7574 df1cb10a8e feat(recaptcha): Add documentation for new fields 2025-07-08 19:03:35 +01:00
nexy7574 651d07a609 feat: Add ReCaptcha registration flow 2025-07-08 18:58:05 +01:00
Odd E. Ebbesen 13b21b00a9 feat: #821 - Options to disable local typing and read receipts 2025-07-08 14:52:28 +02:00
Odd E. Ebbesen c3c33f47e2 feat: #821 - Options to disable local typing and read receipts 2025-07-08 14:45:57 +02:00
Odd E. Ebbesen 564e7097e6 feat: #821 - Options to disable local typing and read receipts 2025-07-08 12:43:48 +02:00
Gwendolyn Kornak 925e200d9c include xtask 2025-07-07 14:18:09 -07:00
ShuroiiandJade Ellis b5bf68b8c8 fix: RocksDB build 2025-07-07 20:47:30 +01:00
ShuroiiandJade Ellis 6289bcaabc style: Run statix 2025-07-07 20:47:30 +01:00
ShuroiiandJade Ellis cb138f5039 ref: Clean up rocksdb build 2025-07-07 20:47:29 +01:00
ShuroiiandJade Ellis 36a7bd7eb3 chore: Update toolchain hash & flake.lock 2025-07-07 20:47:29 +01:00
ShuroiiandJade Ellis 520a179bb0 ref: Remove lots of unused Nix assets
Also change some links to the new ones, removing reliance on June's github repos in some places
2025-07-07 20:47:29 +01:00
ShuroiiandJade Ellis 09199b0ea7 style: Format nix
nixfmt-rfc-style for flake
nixpkgs-fmt for nix/ directory
2025-07-07 20:47:29 +01:00
transgwenderandJade Ellis 0e2fdc415c Update the rust 1.87 hash 2025-07-07 01:42:26 +00:00
Jade EllisandEllis Git 8fb94f99e9 ci: Upload binaries as artifacts 2025-07-07 01:40:59 +00:00
Jade EllisandEllis Git 3977ccfcea ci: Fix docker tags 2025-07-07 01:40:59 +00:00
Jade EllisandEllis Git 890b8e25fc ci: Mirror RC tags 2025-07-07 01:40:59 +00:00
Jade Ellis 28a29c3a7b feat: Generate binary documentation
Also refactors main.rs/mod.rs to silence clippy
2025-07-06 22:58:01 +01:00
Jade Ellis d98ce2c7b9 feat: Generate admin command documentation
The first part of getting admin command docs on the website.

There's also the beginnings of manpage generation here, although it's
kinda sus and I'm not sure how it's supposed to work. I'll leave that to
anyone who wants to package it.

We introduce the beginings of the xtask pattern here - we do a lot of
file generation, I thought it would be best to avoid doing that on every
compilation. It also helps avoid lots of runtime deps.

We'll need to document generating this stuff & probably add pre-commit
hooks for it, though.
2025-07-06 22:58:00 +01:00
Jade Ellis 18d12a7756 feat: Support logging to journald with tracing-journald
This stubs out on non-unix platforms.
2025-07-06 22:58:00 +01:00
Jade Ellis 928b7c5e4a fix: Correct vars 2025-07-06 22:57:33 +01:00
Jade Ellis af8783ee51 ci: Mirror registry images 2025-07-06 22:45:01 +01:00
Nyx 52954c5b75 Even more renaming 2025-07-06 14:00:42 -05:00
Tom Foster 7e406445d4 Element Web build fixes 2025-07-03 22:26:02 +01:00
Jade Ellis 293e7243b3 style: Fix formatting/clippy issues 2025-07-02 19:32:50 +01:00
Jason VolkandJade Ellis 143cb55ac8 Fix clippy::unnecessary-unwrap.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:29:32 +01:00
Jason VolkandJade Ellis 3c7c641d2d Add revoke_admin to service.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:29:32 +01:00
Jason VolkandJade Ellis 36e81ba185 Split state_cache service.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:29:31 +01:00
Jason VolkandJade Ellis 56420a67ca Outdent state_compressor service.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:29:31 +01:00
Jason VolkandJade Ellis c5c309ec43 Split timeline service.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:29:28 +01:00
Jason VolkandJade Ellis c06aa49a90 Fix regression 75aadd5c6a
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:17:09 +01:00
Jason VolkandJade Ellis 364293608d Post-formatting aesthetic and spacing corrections
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:17:06 +01:00
Jason VolkandJade Ellis af4f66c768 Cleanup/improve other async queries in some client handlers.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:12:51 +01:00
Jason VolkandJade Ellis 116f85360f Toward abstracting Pdu into trait Event.
Co-authored-by: Jade Ellis <jade@ellis.link>
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:03:26 +01:00
Jason VolkandJade Ellis 3d0360bcd6 Dedup and parallelize current key backup count and etag fetching.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:03:26 +01:00
Jason VolkandJade Ellis 667afedd24 Macroize various remaining Error constructions.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 19:03:24 +01:00
Jason VolkandJade Ellis 21bbee8e3c Simplify api to send notices to admin room
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 18:58:18 +01:00
Jason VolkandJade Ellis 732a77f3a8 Use integrated error instead of panic on some legacy codepaths
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 18:58:18 +01:00
Jason VolkandJade Ellis f3dd90df39 Mitigate large futures
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 18:58:18 +01:00
Jason VolkandJade Ellis 2051c22a28 Support optional device_id's in lazy-loading context.
Co-authored-by: Jade Ellis <jade@ellis.link>
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 18:58:17 +01:00
Jason VolkandJade Ellis 49f7a2487f Modernize various sender_user/sender_device lets.
Signed-off-by: Jason Volk <jason@zemos.net>
2025-07-02 18:58:14 +01:00
nexy7574andEllis Git d6aa03ea73 style: Remove extraneous import 2025-07-02 00:53:40 +00:00
nexy7574andEllis Git 8e0852e5b5 docs: Add suggestion about auto join room
Adds suggestion to suspend_on_register doc that admins
should add a room that contains information to their
auto_join_rooms as to not confuse new users who may be
lost at the fact they can't join any rooms or send any
messages.
2025-07-02 00:53:40 +00:00
nexy7574andEllis Git 6e60918584 feat: Suspend new users on registration 2025-07-02 00:53:40 +00:00
nexy7574 68afb07c27 feat: Stabilise room summary API (MSC3266)
# Conflicts:
#	Cargo.lock
#	Cargo.toml
2025-07-02 00:48:16 +01:00
nexy7574 b44791799c fix: Room bans preventing federated leaves
Fixes the issue where room bans prevent federating leave
events, resulting in local users being stuck in remote
rooms
2025-07-01 23:14:41 +01:00
nexy7574 4f69da47c6 feat: Advertise support for spec v1.8, 1.12, 1.13, and 1.14 2025-07-01 18:38:48 +01:00
nexy7574 24d2a514e2 chore: Resolve linting errors 2025-07-01 18:00:28 +01:00
nexy7574 f49c73c031 feat: Forbid suspended users from sending reports 2025-07-01 15:44:04 +01:00
nexy7574 59912709aa feat: Send intentional mentions in report messages 2025-07-01 15:42:38 +01:00
nexy7574 97e5cc4e2d feat: Implement user reporting 2025-07-01 01:55:13 +01:00
Jade Ellis 17930708d8 chore: Add second ko-fi as custom link 2025-06-29 23:06:26 +01:00
Jade Ellis ec9d3d613e chore: Add funding 2025-06-29 23:02:15 +01:00
nexy7574andEllis Git d4862b8ead style: Remove redundant, unused functions 2025-06-29 15:38:01 +00:00
Jade EllisandEllis Git acb74faa07 feat: Pass sender through admin commands 2025-06-29 15:38:01 +00:00
Jade EllisandEllis Git ecc6fda98b feat: Record metadata about user suspensions 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 13e17d52e0 style: Remove unnecessary imports (clippy) 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git d8a27eeb54 fix: Failing open on database errors
oops
2025-06-29 15:38:01 +00:00
nexy7574andEllis Git eb2e3b3bb7 fix: Missing suspensions shouldn't error
Turns out copying and pasting the function
above verbatim actually introduces more
problems than it solves!
2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 72f8cb3038 feat: Do not allow suspended users to send typing statuses 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 1124097bd1 feat: Only allow private read receipts when suspended 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 08527a2880 feat: Prevent suspended users upgrading rooms 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 8e06571e7c feat: Prevent suspended users uploading media 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 90180916eb feat: Prevent suspended users performing room changes
Prevents kicks, bans, unbans, and alias modification
2025-06-29 15:38:01 +00:00
nexy7574andEllis Git d0548ec064 feat: Forbid suspended users from sending state events 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 1ff8af8e9e style: Remove unneeded statements (clippy) 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git cc864dc8bb feat: Do not allow suspending admin users 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 8791a9b851 fix: Inappropriate empty check
I once again, assumed `true` is actually `false`.
2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 968c0e236c fix: Create the column appropriately 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 5d5350a9fe feat: Prevent suspended users creating new rooms 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git e127c4e5a2 feat: Add un/suspend admin commands 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git a94128e698 feat: Prevent suspended users joining/knocking on rooms 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git a6ba9e3045 feat: Prevent suspended users changing their profile 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git 286974cb9a feat: Prevent suspended users redacting events 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git accfda2586 feat: Prevent suspended users sending events 2025-06-29 15:38:01 +00:00
nexy7574andEllis Git fac9e090cd feat: Add suspension helper to user service 2025-06-29 15:38:01 +00:00
nexy7574 b4bdd1ee65 chore: Update ruwuma
Fixes the wrong field name being serialised
2025-06-29 13:43:27 +01:00
nexy7574 4b5e8df95c fix: Add missing init fields 2025-06-29 13:29:27 +01:00
nexy7574 d63c8b9fca feat: Support passing through MSC4293 redact_events 2025-06-29 13:16:31 +01:00
nexy7574andnex 9b6ac6c45f fix: Ignore existing membership when room is disconnected 2025-06-29 12:14:20 +00:00
nexy7574andnex 52e042cb06 Always calculate state diff IDs in syncv3
seemingly fixes #779
2025-06-28 20:37:40 +00:00
Jason Volk f508e7654c fix: off by one. 2025-06-28 00:38:45 +00:00
nexy7574 543ab27747 fix: Additional sanity checks when creating a PDU
Prevents creating events that are most likely catastrophically invalid
2025-06-27 20:58:52 +01:00
Jade Ellis c82ea24069 docs: Add Matrix chat and space badges to README 2025-06-27 18:44:46 +01:00
Jacob TaylorandJade Ellis db58d841aa fix: Only load children of nested spaces 2025-06-25 18:17:06 +01:00
Jade Ellis f1ca84fcaf fix: Correct project brand in admin & OTEL 2025-06-24 23:16:48 +01:00
Jade Ellis 63962fc040 docs: Remove completed items from the README 2025-06-24 23:13:28 +01:00
Jade Ellis a24278dc1b docs: Update mirror badges 2025-06-24 23:12:09 +01:00
Jade Ellis b787e97dc1 chore: Document & enforce conventional commit messages 2025-06-24 22:43:44 +01:00
Jade Ellis eb75c4ecb0 chore: Fix typos in commit messages automatically 2025-06-24 22:43:44 +01:00
Jade Ellis 9bbe333082 ci: Don't run docs flow when the secret is inaccessible 2025-06-24 22:43:43 +01:00
Jade Ellis 3177545a6f chore: Remove clippy pre-commit hook
It's too slow for a good git experience
2025-06-24 21:45:54 +01:00
Kimiblock Moe 4a289a9fee arch systemd: use credentials to load config 2025-06-24 11:07:11 +00:00
Jade Ellis 4d69a1ad51 docs: Deduplicate sections 2025-06-23 01:25:38 +01:00
Jade Ellis 4f174324ba docs: Update contributing guide 2025-06-23 01:04:27 +01:00
Jade Ellis 2ecbd75d64 ci: fixes
- Install UV
- Verbose run
- Set permissions explicitly
- Check all files
2025-06-21 19:17:21 +01:00
Jade Ellis a682e9dbb8 chore: Add commit to ignored revs 2025-06-21 18:03:38 +01:00
Jade Ellis 46c193e74b chore: fix end of files & trailing whitespace 2025-06-21 17:59:01 +01:00
Jade Ellis 93719018a8 ci: Run additional sanity checks on repository 2025-06-21 17:58:28 +01:00
Jade Ellis 70df8364b3 chore: Bump rustyline-async from 0.4.3 to 0.4.6 2025-06-21 00:50:02 +01:00
Jade Ellis bae8192fb3 chore: Bump resolv-conf from 0.7.1 to 0.7.4 2025-06-20 23:39:20 +01:00
Jade Ellis add5c7052c chore: Update lockfile 2025-06-20 21:51:53 +01:00
Jade Ellis 01200d9b54 build: Allow specifying build profile
Additionally splits caches by target CPU
2025-06-20 21:48:37 +01:00
Jade Ellis 0ba4a265be build: Upgrade to Rust 1.87 2025-06-20 21:45:29 +01:00
Jade Ellis 08fbcbba69 build: Use newer LLVM for rust 1.87 2025-06-20 21:35:48 +01:00
Jade Ellis b526935d45 build: Specify debian version 2025-06-20 21:35:03 +01:00
Jade Ellis a737d845a4 chore: Don't specify targets in rust-toolchain 2025-06-20 21:25:34 +01:00
nexandJade Ellis e508b1197f feat: allow overriding the "most recent event" when forcing a state download (#853)
Add option to select which event to set the state at to, for the force-set-room-state admin command.

This allows us to work around issues where the latest PDU is one that remote servers don't know about (i.e. failed federation for whatever reason)

Closes #852

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/853
Reviewed-by: Jade Ellis <jade@ellis.link>
Co-authored-by: nex <nex@noreply.forgejo.ellis.link>
Co-committed-by: nex <nex@noreply.forgejo.ellis.link>
2025-06-19 21:27:50 +00:00
Kimiblock d6fd30393c Update docs/deploying/arch-linux.md 2025-06-19 12:36:49 +00:00
Jade Ellis 6e16a6ef8f chore: Release announcement 2025-06-14 22:34:24 +01:00
Jade Ellis 0870c8d647 chore: Release 2025-06-14 20:53:00 +01:00
Jade Ellis d0f00e6f5c feat: Allow mentioning @room in an admin announcement 2025-06-14 19:09:54 +01:00
538 changed files with 35001 additions and 18654 deletions
+2
View File
@@ -0,0 +1,2 @@
[alias]
xtask = "run --package xtask --"
+1 -1
View File
@@ -1,9 +1,9 @@
# Local build and dev artifacts
target/
!target/debug/conduwuit
# Docker files
Dockerfile*
docker/
# IDE files
.vscode
+5 -1
View File
@@ -23,6 +23,10 @@ indent_size = 2
indent_style = tab
max_line_length = 98
[{.forgejo/**/*.yml,.github/**/*.yml}]
[*.yml]
indent_size = 2
indent_style = space
[*.json]
indent_size = 4
indent_style = space
+3 -1
View File
@@ -2,6 +2,8 @@
dotenv_if_exists
use flake ".#${DIRENV_DEVSHELL:-default}"
if [ -f /etc/os-release ] && grep -q '^ID=nixos' /etc/os-release; then
use flake ".#${DIRENV_DEVSHELL:-default}"
fi
PATH_add bin
@@ -0,0 +1,110 @@
name: create-manifest
description: |
Create and push a multi-platform Docker manifest from individual platform digests.
Handles downloading digests, creating manifest lists, and pushing to registry.
inputs:
digest_pattern:
description: Glob pattern to match digest artifacts (e.g. "digests-linux-{amd64,arm64}")
required: true
tag_suffix:
description: Suffix to add to all Docker tags (e.g. "-maxperf")
required: false
default: ""
images:
description: Container registry images (newline-separated)
required: true
registry_user:
description: Registry username for authentication
required: false
registry_password:
description: Registry password for authentication
required: false
outputs:
version:
description: The version tag created for the manifest
value: ${{ steps.meta.outputs.version }}
tags:
description: All tags created for the manifest
value: ${{ steps.meta.outputs.tags }}
runs:
using: composite
steps:
- run: mkdir -p digests
shell: bash
- name: Download digests
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
uses: forgejo/download-artifact@v4
with:
path: digests
pattern: ${{ inputs.digest_pattern }}
merge-multiple: true
- name: Login to builtin registry
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
uses: docker/login-action@v3
with:
registry: ${{ env.BUILTIN_REGISTRY }}
username: ${{ inputs.registry_user }}
password: ${{ inputs.registry_password }}
- name: Set up Docker Buildx
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
uses: docker/setup-buildx-action@v3
with:
# Use persistent BuildKit if BUILDKIT_ENDPOINT is set (e.g. tcp://buildkit:8125)
driver: ${{ env.BUILDKIT_ENDPOINT != '' && 'remote' || 'docker-container' }}
endpoint: ${{ env.BUILDKIT_ENDPOINT || '' }}
- name: Extract metadata (tags) for Docker
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
id: meta
uses: docker/metadata-action@v5
with:
flavor: |
latest=auto
suffix=${{ inputs.tag_suffix }},onlatest=true
tags: |
type=semver,pattern={{version}},prefix=v
type=semver,pattern={{major}}.{{minor}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.0.') }},prefix=v
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }},prefix=v
type=ref,event=branch,prefix=${{ format('refs/heads/{0}', github.event.repository.default_branch) != github.ref && 'branch-' || '' }},
type=ref,event=pr
type=sha,format=short
images: ${{ inputs.images }}
# default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: index
- name: Create manifest list and push
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
working-directory: digests
shell: bash
env:
IMAGES: ${{ inputs.images }}
run: |
set -o xtrace
IFS=$'\n'
IMAGES_LIST=($IMAGES)
ANNOTATIONS_LIST=($DOCKER_METADATA_OUTPUT_ANNOTATIONS)
TAGS_LIST=($DOCKER_METADATA_OUTPUT_TAGS)
for REPO in "${IMAGES_LIST[@]}"; do
docker buildx imagetools create \
$(for tag in "${TAGS_LIST[@]}"; do echo "--tag"; echo "$tag"; done) \
$(for annotation in "${ANNOTATIONS_LIST[@]}"; do echo "--annotation"; echo "$annotation"; done) \
$(for reference in *; do printf "$REPO@sha256:%s\n" $reference; done)
done
- name: Inspect image
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
shell: bash
env:
IMAGES: ${{ inputs.images }}
run: |
set -o xtrace
IMAGES_LIST=($IMAGES)
for REPO in "${IMAGES_LIST[@]}"; do
docker buildx imagetools inspect $REPO:${{ steps.meta.outputs.version }}
done
@@ -0,0 +1,169 @@
name: prepare-docker-build
description: |
Prepare the Docker build environment for Continuwuity builds.
Sets up Rust toolchain, Docker Buildx, caching, and extracts metadata for Docker builds.
inputs:
platform:
description: Target platform (e.g. linux/amd64, linux/arm64)
required: true
slug:
description: Platform slug for artifact naming (e.g. linux-amd64, linux-arm64)
required: true
target_cpu:
description: Target CPU architecture (e.g. haswell, empty for base)
required: false
default: ""
profile:
description: Cargo build profile (release or release-max-perf)
required: true
images:
description: Container registry images (newline-separated)
required: true
registry_user:
description: Registry username for authentication
required: false
registry_password:
description: Registry password for authentication
required: false
outputs:
cpu_suffix:
description: CPU suffix for artifact naming
value: ${{ steps.cpu-suffix.outputs.suffix }}
metadata_labels:
description: Docker labels for the image
value: ${{ steps.meta.outputs.labels }}
metadata_annotations:
description: Docker annotations for the image
value: ${{ steps.meta.outputs.annotations }}
runs:
using: composite
steps:
- name: Set CPU suffix variable
id: cpu-suffix
shell: bash
run: |
if [[ -n "${{ inputs.target_cpu }}" ]]; then
echo "suffix=-${{ inputs.target_cpu }}" >> $GITHUB_OUTPUT
echo "CPU_SUFFIX=-${{ inputs.target_cpu }}" >> $GITHUB_ENV
else
echo "suffix=" >> $GITHUB_OUTPUT
echo "CPU_SUFFIX=" >> $GITHUB_ENV
fi
- name: Echo matrix configuration
shell: bash
run: |
echo "Platform: ${{ inputs.platform }}"
echo "Slug: ${{ inputs.slug }}"
echo "Target CPU: ${{ inputs.target_cpu }}"
echo "Profile: ${{ inputs.profile }}"
- name: Install rust
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
id: rust-toolchain
uses: ./.forgejo/actions/rust-toolchain
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
# Use persistent BuildKit if BUILDKIT_ENDPOINT is set (e.g. tcp://buildkit:8125)
driver: ${{ env.BUILDKIT_ENDPOINT != '' && 'remote' || 'docker-container' }}
endpoint: ${{ env.BUILDKIT_ENDPOINT || '' }}
- name: Set up QEMU
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
uses: docker/setup-qemu-action@v3
- name: Login to builtin registry
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
uses: docker/login-action@v3
with:
registry: ${{ env.BUILTIN_REGISTRY }}
username: ${{ inputs.registry_user }}
password: ${{ inputs.registry_password }}
- name: Extract metadata (labels, annotations) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ inputs.images }}
# default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
- name: Get short git commit SHA
id: sha
shell: bash
run: |
calculatedSha=$(git rev-parse --short ${{ github.sha }})
echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV
echo "Short SHA: $calculatedSha"
- name: Get Git commit timestamps
shell: bash
run: |
timestamp=$(git log -1 --pretty=%ct)
echo "TIMESTAMP=$timestamp" >> $GITHUB_ENV
echo "Commit timestamp: $timestamp"
- uses: ./.forgejo/actions/timelord
id: timelord
- name: Cache Rust registry
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
uses: actions/cache@v3
with:
path: |
.cargo/git
.cargo/git/checkouts
.cargo/registry
.cargo/registry/src
key: continuwuity-rust-registry-image-${{hashFiles('**/Cargo.lock') }}
- name: Cache cargo target
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
id: cache-cargo-target
uses: actions/cache@v3
with:
path: |
cargo-target${{ env.CPU_SUFFIX }}-${{ inputs.slug }}-${{ inputs.profile }}
key: continuwuity-cargo-target${{ env.CPU_SUFFIX }}-${{ inputs.slug }}-${{ inputs.profile }}-${{hashFiles('**/Cargo.lock') }}-${{steps.rust-toolchain.outputs.rustc_version}}
- name: Cache apt cache
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
id: cache-apt
uses: actions/cache@v3
with:
path: |
var-cache-apt-${{ inputs.slug }}
key: continuwuity-var-cache-apt-${{ inputs.slug }}
- name: Cache apt lib
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
id: cache-apt-lib
uses: actions/cache@v3
with:
path: |
var-lib-apt-${{ inputs.slug }}
key: continuwuity-var-lib-apt-${{ inputs.slug }}
- name: inject cache into docker
if: ${{ env.BUILDKIT_ENDPOINT == '' }}
uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.3.0
with:
cache-map: |
{
".cargo/registry": "/usr/local/cargo/registry",
".cargo/git/db": "/usr/local/cargo/git/db",
"cargo-target${{ env.CPU_SUFFIX }}-${{ inputs.slug }}-${{ inputs.profile }}": {
"target": "/app/target",
"id": "cargo-target${{ env.CPU_SUFFIX }}-${{ inputs.slug }}-${{ inputs.profile }}"
},
"var-cache-apt-${{ inputs.slug }}": "/var/cache/apt",
"var-lib-apt-${{ inputs.slug }}": "/var/lib/apt",
"${{ steps.timelord.outputs.database-path }}":"/timelord"
}
skip-extraction: ${{ steps.cache.outputs.cache-hit }}
+1 -1
View File
@@ -40,7 +40,7 @@ runs:
!~/.rustup/tmp
!~/.rustup/downloads
# Requires repo to be cloned if toolchain is not specified
key: ${{ runner.os }}-rustup-${{ inputs.toolchain || hashFiles('**/rust-toolchain.toml') }}
key: continuwuity-${{ runner.os }}-rustup-${{ inputs.toolchain || hashFiles('**/rust-toolchain.toml') }}
- name: Install Rust toolchain
if: steps.rustup-version.outputs.version == ''
shell: bash
+2 -8
View File
@@ -2,20 +2,14 @@ name: sccache
description: |
Install sccache for caching builds in GitHub Actions.
inputs:
token:
description: 'A Github PAT'
required: false
runs:
using: composite
steps:
- name: Install sccache
uses: https://github.com/mozilla-actions/sccache-action@v0.0.9
with:
token: ${{ inputs.token }}
uses: https://git.tomfos.tr/tom/sccache-action@v1
- name: Configure sccache
uses: https://github.com/actions/github-script@v7
uses: https://github.com/actions/github-script@v8
with:
script: |
core.exportVariable('ACTIONS_RESULTS_URL', process.env.ACTIONS_RESULTS_URL || '');
@@ -0,0 +1,167 @@
name: setup-llvm-with-apt
description: |
Set up LLVM toolchain with APT package management and smart caching.
Supports cross-compilation architectures and additional package installation.
Creates symlinks in /usr/bin: clang, clang++, lld, llvm-ar, llvm-ranlib
inputs:
dpkg-arch:
description: 'Debian architecture for cross-compilation (e.g. arm64)'
required: false
default: ''
extra-packages:
description: 'Additional APT packages to install (space-separated)'
required: false
default: ''
llvm-version:
description: 'LLVM version to install'
required: false
default: '20'
outputs:
llvm-version:
description: 'Installed LLVM version'
value: ${{ steps.configure.outputs.version }}
runs:
using: composite
steps:
- name: Detect runner OS
id: runner-os
uses: https://git.tomfos.tr/actions/detect-versions@v1
- name: Configure cross-compilation architecture
if: inputs.dpkg-arch != ''
shell: bash
run: |
echo "🏗️ Adding ${{ inputs.dpkg-arch }} architecture"
sudo dpkg --add-architecture ${{ inputs.dpkg-arch }}
# Restrict default sources to amd64
sudo sed -i 's/^deb http/deb [arch=amd64] http/g' /etc/apt/sources.list
sudo sed -i 's/^deb https/deb [arch=amd64] https/g' /etc/apt/sources.list
# Add ports sources for foreign architecture
sudo tee /etc/apt/sources.list.d/${{ inputs.dpkg-arch }}.list > /dev/null <<EOF
deb [arch=${{ inputs.dpkg-arch }}] http://ports.ubuntu.com/ubuntu-ports/ jammy main restricted universe multiverse
deb [arch=${{ inputs.dpkg-arch }}] http://ports.ubuntu.com/ubuntu-ports/ jammy-updates main restricted universe multiverse
deb [arch=${{ inputs.dpkg-arch }}] http://ports.ubuntu.com/ubuntu-ports/ jammy-security main restricted universe multiverse
EOF
echo "✅ Architecture ${{ inputs.dpkg-arch }} configured"
- name: Start LLVM cache group
shell: bash
run: echo "::group::📦 Restoring LLVM cache"
- name: Check for LLVM cache
id: cache
uses: actions/cache@v4
with:
path: |
/usr/bin/clang-*
/usr/bin/clang++-*
/usr/bin/lld-*
/usr/bin/llvm-*
/usr/lib/llvm-*/
/usr/lib/x86_64-linux-gnu/libLLVM*.so*
/usr/lib/x86_64-linux-gnu/libclang*.so*
/etc/apt/sources.list.d/archive_uri-*
/etc/apt/trusted.gpg.d/apt.llvm.org.asc
key: continuwuity-llvm-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-v${{ inputs.llvm-version }}-${{ hashFiles('**/Cargo.lock', 'rust-toolchain.toml') }}
- name: End LLVM cache group
shell: bash
run: echo "::endgroup::"
- name: Check and install LLVM if needed
id: llvm-setup
shell: bash
run: |
echo "🔍 Checking for LLVM ${{ inputs.llvm-version }}..."
# Check both binaries and libraries exist
if [ -f "/usr/bin/clang-${{ inputs.llvm-version }}" ] && \
[ -f "/usr/bin/clang++-${{ inputs.llvm-version }}" ] && \
[ -f "/usr/bin/lld-${{ inputs.llvm-version }}" ] && \
([ -f "/usr/lib/x86_64-linux-gnu/libLLVM.so.${{ inputs.llvm-version }}.1" ] || \
[ -f "/usr/lib/x86_64-linux-gnu/libLLVM-${{ inputs.llvm-version }}.so.1" ] || \
[ -f "/usr/lib/llvm-${{ inputs.llvm-version }}/lib/libLLVM.so" ]); then
echo "✅ LLVM ${{ inputs.llvm-version }} found and verified"
echo "needs-install=false" >> $GITHUB_OUTPUT
else
echo "📦 LLVM ${{ inputs.llvm-version }} not found or incomplete - installing..."
echo "::group::🔧 Installing LLVM ${{ inputs.llvm-version }}"
wget -O - https://apt.llvm.org/llvm.sh | bash -s -- ${{ inputs.llvm-version }}
echo "::endgroup::"
if [ ! -f "/usr/bin/clang-${{ inputs.llvm-version }}" ]; then
echo "❌ Failed to install LLVM ${{ inputs.llvm-version }}"
exit 1
fi
echo "✅ Installed LLVM ${{ inputs.llvm-version }}"
echo "needs-install=true" >> $GITHUB_OUTPUT
fi
- name: Prepare for additional packages
if: inputs.extra-packages != ''
shell: bash
run: |
# Update APT if LLVM was cached (installer script already does apt-get update)
if [[ "${{ steps.llvm-setup.outputs.needs-install }}" != "true" ]]; then
echo "::group::📦 Running apt-get update (LLVM cached, extra packages needed)"
sudo apt-get update
echo "::endgroup::"
fi
echo "::group::📦 Installing additional packages"
- name: Install additional packages
if: inputs.extra-packages != ''
uses: https://github.com/awalsh128/cache-apt-pkgs-action@latest
with:
packages: ${{ inputs.extra-packages }}
version: 1.0
- name: End package installation group
if: inputs.extra-packages != ''
shell: bash
run: echo "::endgroup::"
- name: Configure LLVM environment
id: configure
shell: bash
run: |
echo "::group::🔧 Configuring LLVM ${{ inputs.llvm-version }} environment"
# Create symlinks
sudo ln -sf "/usr/bin/clang-${{ inputs.llvm-version }}" /usr/bin/clang
sudo ln -sf "/usr/bin/clang++-${{ inputs.llvm-version }}" /usr/bin/clang++
sudo ln -sf "/usr/bin/lld-${{ inputs.llvm-version }}" /usr/bin/lld
sudo ln -sf "/usr/bin/llvm-ar-${{ inputs.llvm-version }}" /usr/bin/llvm-ar
sudo ln -sf "/usr/bin/llvm-ranlib-${{ inputs.llvm-version }}" /usr/bin/llvm-ranlib
echo " ✓ Created symlinks"
# Setup library paths
LLVM_LIB_PATH="/usr/lib/llvm-${{ inputs.llvm-version }}/lib"
if [ -d "$LLVM_LIB_PATH" ]; then
echo "LD_LIBRARY_PATH=${LLVM_LIB_PATH}:${LD_LIBRARY_PATH:-}" >> $GITHUB_ENV
echo "LIBCLANG_PATH=${LLVM_LIB_PATH}" >> $GITHUB_ENV
echo "$LLVM_LIB_PATH" | sudo tee "/etc/ld.so.conf.d/llvm-${{ inputs.llvm-version }}.conf" > /dev/null
sudo ldconfig
echo " ✓ Configured library paths"
else
# Fallback to standard library location
if [ -d "/usr/lib/x86_64-linux-gnu" ]; then
echo "LIBCLANG_PATH=/usr/lib/x86_64-linux-gnu" >> $GITHUB_ENV
echo " ✓ Using fallback library path"
fi
fi
# Set output
echo "version=${{ inputs.llvm-version }}" >> $GITHUB_OUTPUT
echo "::endgroup::"
echo "✅ LLVM ready: $(clang --version | head -1)"
+247
View File
@@ -0,0 +1,247 @@
name: setup-rust
description: |
Set up Rust toolchain with sccache for compilation caching.
Respects rust-toolchain.toml by default or accepts explicit version override.
inputs:
cache-key-suffix:
description: 'Optional suffix for cache keys (e.g. platform identifier)'
required: false
default: ''
rust-components:
description: 'Additional Rust components to install (space-separated)'
required: false
default: ''
rust-target:
description: 'Rust target triple (e.g. x86_64-unknown-linux-gnu)'
required: false
default: ''
rust-version:
description: 'Rust version to install (e.g. nightly). Defaults to the version specified in rust-toolchain.toml'
required: false
default: ''
sccache-cache-limit:
description: 'Maximum size limit for sccache local cache (e.g. 2G, 500M)'
required: false
default: '2G'
github-token:
description: 'GitHub token for downloading sccache from GitHub releases'
required: false
default: ''
outputs:
rust-version:
description: 'Installed Rust version'
value: ${{ steps.rust-setup.outputs.version }}
runs:
using: composite
steps:
- name: Detect runner OS
id: runner-os
uses: https://git.tomfos.tr/actions/detect-versions@v1
- name: Configure Cargo environment
shell: bash
run: |
# Use workspace-relative paths for better control and consistency
echo "CARGO_HOME=${{ github.workspace }}/.cargo" >> $GITHUB_ENV
echo "CARGO_TARGET_DIR=${{ github.workspace }}/target" >> $GITHUB_ENV
echo "SCCACHE_DIR=${{ github.workspace }}/.sccache" >> $GITHUB_ENV
echo "RUSTUP_HOME=${{ github.workspace }}/.rustup" >> $GITHUB_ENV
# Limit binstall resolution timeout to avoid GitHub rate limit delays
echo "BINSTALL_MAXIMUM_RESOLUTION_TIMEOUT=10" >> $GITHUB_ENV
# Ensure directories exist for first run
mkdir -p "${{ github.workspace }}/.cargo"
mkdir -p "${{ github.workspace }}/.sccache"
mkdir -p "${{ github.workspace }}/target"
mkdir -p "${{ github.workspace }}/.rustup"
- name: Start registry/toolchain restore group
shell: bash
run: echo "::group::📦 Restoring registry and toolchain caches"
- name: Cache toolchain binaries
id: toolchain-cache
uses: actions/cache@v4
with:
path: |
.cargo/bin
.rustup/toolchains
.rustup/update-hashes
# Shared toolchain cache across all Rust versions
key: continuwuity-toolchain-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}
- name: Cache Cargo registry and git
id: registry-cache
uses: actions/cache@v4
with:
path: |
.cargo/registry/index
.cargo/registry/cache
.cargo/git/db
# Registry cache saved per workflow, restored from any workflow's cache
# Each workflow maintains its own registry that accumulates its needed crates
key: continuwuity-cargo-registry-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ github.workflow }}
restore-keys: |
continuwuity-cargo-registry-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-
- name: End registry/toolchain restore group
shell: bash
run: echo "::endgroup::"
- name: Setup Rust toolchain
shell: bash
id: rust-setup
run: |
# Install rustup if not already cached
if ! command -v rustup &> /dev/null; then
echo "::group::📦 Installing rustup"
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --no-modify-path --default-toolchain none
source "$CARGO_HOME/env"
echo "::endgroup::"
else
echo "✅ rustup already available"
fi
# Setup the appropriate Rust version
if [[ -n "${{ inputs.rust-version }}" ]]; then
echo "::group::📦 Setting up Rust ${{ inputs.rust-version }}"
# Set override first to prevent rust-toolchain.toml from auto-installing
rustup override set ${{ inputs.rust-version }} 2>/dev/null || true
# Check if we need to install/update the toolchain
if rustup toolchain list | grep -q "^${{ inputs.rust-version }}-"; then
rustup update ${{ inputs.rust-version }}
else
rustup toolchain install ${{ inputs.rust-version }} --profile minimal -c cargo,clippy,rustfmt
fi
else
echo "::group::📦 Setting up Rust from rust-toolchain.toml"
rustup show
fi
RUST_VERSION=$(rustc --version | cut -d' ' -f2)
echo "version=$RUST_VERSION" >> $GITHUB_OUTPUT
echo "::endgroup::"
- name: Install Rust components
if: inputs.rust-components != ''
shell: bash
run: |
echo "📦 Installing components: ${{ inputs.rust-components }}"
rustup component add ${{ inputs.rust-components }}
- name: Install Rust target
if: inputs.rust-target != ''
shell: bash
run: |
echo "📦 Installing target: ${{ inputs.rust-target }}"
rustup target add ${{ inputs.rust-target }}
- name: Start build cache restore group
shell: bash
run: echo "::group::📦 Restoring build cache"
- name: Setup sccache
uses: https://git.tomfos.tr/tom/sccache-action@v1
- name: Cache dependencies
id: deps-cache
uses: actions/cache@v4
with:
path: |
target/**/.fingerprint
target/**/deps
target/**/*.d
target/**/.cargo-lock
target/**/CACHEDIR.TAG
target/**/.rustc_info.json
/timelord/
# Dependencies cache - based on Cargo.lock, survives source code changes
key: >-
continuwuity-deps-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ steps.rust-setup.outputs.version }}${{ inputs.cache-key-suffix && format('-{0}', inputs.cache-key-suffix) || '' }}-${{ hashFiles('rust-toolchain.toml', '**/Cargo.lock') }}
restore-keys: |
continuwuity-deps-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ steps.rust-setup.outputs.version }}${{ inputs.cache-key-suffix && format('-{0}', inputs.cache-key-suffix) || '' }}-
- name: Cache incremental compilation
id: incremental-cache
uses: actions/cache@v4
with:
path: |
target/**/incremental
# Incremental cache - based on source code changes
key: >-
continuwuity-incremental-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ steps.rust-setup.outputs.version }}${{ inputs.cache-key-suffix && format('-{0}', inputs.cache-key-suffix) || '' }}-${{ hashFiles('rust-toolchain.toml', '**/Cargo.lock') }}-${{ hashFiles('**/*.rs', '**/Cargo.toml') }}
restore-keys: |
continuwuity-incremental-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ steps.rust-setup.outputs.version }}${{ inputs.cache-key-suffix && format('-{0}', inputs.cache-key-suffix) || '' }}-${{ hashFiles('rust-toolchain.toml', '**/Cargo.lock') }}-
continuwuity-incremental-${{ steps.runner-os.outputs.slug }}-${{ steps.runner-os.outputs.arch }}-${{ steps.rust-setup.outputs.version }}${{ inputs.cache-key-suffix && format('-{0}', inputs.cache-key-suffix) || '' }}-
- name: End build cache restore group
shell: bash
run: echo "::endgroup::"
- name: Configure PATH and install tools
shell: bash
env:
GITHUB_TOKEN: ${{ inputs.github-token }}
run: |
# Add .cargo/bin to PATH permanently for all subsequent steps
echo "${{ github.workspace }}/.cargo/bin" >> $GITHUB_PATH
# For this step only, we need to add it to PATH since GITHUB_PATH takes effect in the next step
export PATH="${{ github.workspace }}/.cargo/bin:$PATH"
# Install cargo-binstall for fast binary installations
if command -v cargo-binstall &> /dev/null; then
echo "✅ cargo-binstall already available"
else
echo "::group::📦 Installing cargo-binstall"
curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
echo "::endgroup::"
fi
if command -v prek &> /dev/null; then
echo "✅ prek already available"
else
echo "::group::📦 Installing prek"
# prek isn't regularly published to crates.io, so we use git source
cargo-binstall -y --no-symlinks --git https://github.com/j178/prek prek
echo "::endgroup::"
fi
if command -v timelord &> /dev/null; then
echo "✅ timelord already available"
else
echo "::group::📦 Installing timelord"
cargo-binstall -y --no-symlinks timelord-cli
echo "::endgroup::"
fi
- name: Configure sccache environment
shell: bash
run: |
echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV
echo "CMAKE_C_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "CMAKE_CXX_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "CMAKE_CUDA_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "SCCACHE_GHA_ENABLED=true" >> $GITHUB_ENV
# Configure incremental compilation GC
# If we restored from old cache (partial hit), clean up aggressively
if [[ "${{ steps.build-cache.outputs.cache-hit }}" != "true" ]]; then
echo "♻️ Partial cache hit - enabling cache cleanup"
echo "CARGO_INCREMENTAL_GC_THRESHOLD=5" >> $GITHUB_ENV
fi
- name: Output version and summary
shell: bash
run: |
echo "📋 Setup complete:"
echo " Rust: $(rustc --version)"
echo " Cargo: $(cargo --version)"
echo " prek: $(prek --version 2>/dev/null || echo 'installed')"
echo " timelord: $(timelord --version 2>/dev/null || echo 'installed')"
+102 -28
View File
@@ -1,46 +1,120 @@
name: timelord
description: |
Use timelord to set file timestamps
Use timelord to set file timestamps with git-warp-time fallback for cache misses
inputs:
key:
description: |
The key to use for caching the timelord data.
This should be unique to the repository and the runner.
required: true
default: timelord-v0
required: false
default: ''
path:
description: |
The path to the directory to be timestamped.
This should be the root of the repository.
required: true
default: .
required: false
default: ''
outputs:
database-path:
description: Path to timelord database
value: '${{ env.TIMELORD_CACHE_PATH }}'
runs:
using: composite
steps:
- name: Cache timelord-cli installation
id: cache-timelord-bin
uses: actions/cache@v3
with:
path: ~/.cargo/bin/timelord
key: timelord-cli-v3.0.1
- name: Install timelord-cli
uses: https://github.com/cargo-bins/cargo-binstall@main
if: steps.cache-timelord-bin.outputs.cache-hit != 'true'
- run: cargo binstall timelord-cli@3.0.1
- name: Set defaults
shell: bash
if: steps.cache-timelord-bin.outputs.cache-hit != 'true'
run: |
echo "TIMELORD_KEY=${{ inputs.key || format('timelord-v1-{0}-{1}', github.repository, hashFiles('**/*.rs', '**/Cargo.toml', '**/Cargo.lock')) }}" >> $GITHUB_ENV
echo "TIMELORD_PATH=${{ inputs.path || '.' }}" >> $GITHUB_ENV
echo "TIMELORD_CACHE_PATH=$HOME/.cache/timelord" >> $GITHUB_ENV
echo "PATH=$HOME/.cargo/bin:/usr/share/rust/.cargo/bin:$PATH" >> $GITHUB_ENV
- name: Load timelord files
uses: actions/cache/restore@v3
- name: Restore binary cache
id: binary-cache
uses: actions/cache/restore@v4
with:
path: /timelord/
key: ${{ inputs.key }}
- name: Run timelord to set timestamps
path: |
/usr/share/rust/.cargo/bin
~/.cargo/bin
key: continuwuity-timelord-binaries
- name: Check if binaries need installation
shell: bash
run: timelord sync --source-dir ${{ inputs.path }} --cache-dir /timelord/
- name: Save timelord
uses: actions/cache/save@v3
id: check-binaries
run: |
NEED_INSTALL=false
# Ensure ~/.cargo/bin exists
mkdir -p ~/.cargo/bin
# Check and move timelord if needed
if [ -f /usr/share/rust/.cargo/bin/timelord ] && [ ! -f ~/.cargo/bin/timelord ]; then
echo "Moving timelord from /usr/share/rust/.cargo/bin to ~/.cargo/bin"
mv /usr/share/rust/.cargo/bin/timelord ~/.cargo/bin/
fi
if [ ! -f ~/.cargo/bin/timelord ]; then
echo "timelord-cli not found, needs installation"
NEED_INSTALL=true
fi
# Check and move git-warp-time if needed
if [ -f /usr/share/rust/.cargo/bin/git-warp-time ] && [ ! -f ~/.cargo/bin/git-warp-time ]; then
echo "Moving git-warp-time from /usr/share/rust/.cargo/bin to ~/.cargo/bin"
mv /usr/share/rust/.cargo/bin/git-warp-time ~/.cargo/bin/
fi
if [ ! -f ~/.cargo/bin/git-warp-time ]; then
echo "git-warp-time not found, needs installation"
NEED_INSTALL=true
fi
echo "need-install=$NEED_INSTALL" >> $GITHUB_OUTPUT
- name: Install timelord-cli and git-warp-time
if: steps.check-binaries.outputs.need-install == 'true'
uses: https://github.com/taiki-e/install-action@v2
with:
path: /timelord/
key: ${{ inputs.key }}
tool: git-warp-time,timelord-cli@3.0.1
- name: Save binary cache
if: steps.check-binaries.outputs.need-install == 'true'
uses: actions/cache/save@v4
with:
path: |
/usr/share/rust/.cargo/bin
~/.cargo/bin
key: continuwuity-timelord-binaries
- name: Restore timelord cache with fallbacks
id: timelord-restore
uses: actions/cache/restore@v4
with:
path: ${{ env.TIMELORD_CACHE_PATH }}
key: ${{ env.TIMELORD_KEY }}
restore-keys: |
continuwuity-timelord-${{ github.repository }}-
- name: Initialize timestamps on complete cache miss
if: steps.timelord-restore.outputs.cache-hit != 'true'
shell: bash
run: |
echo "Complete timelord cache miss - running git-warp-time"
git fetch --unshallow
if [ "${{ env.TIMELORD_PATH }}" = "." ]; then
git-warp-time --quiet
else
git-warp-time --quiet ${{ env.TIMELORD_PATH }}
fi
echo "Git timestamps restored"
- name: Run timelord sync
shell: bash
run: |
mkdir -p ${{ env.TIMELORD_CACHE_PATH }}
timelord sync --source-dir ${{ env.TIMELORD_PATH }} --cache-dir ${{ env.TIMELORD_CACHE_PATH }}
- name: Save updated timelord cache immediately
uses: actions/cache/save@v4
with:
path: ${{ env.TIMELORD_CACHE_PATH }}
key: ${{ env.TIMELORD_KEY }}
@@ -0,0 +1,70 @@
name: upload-docker-artifacts
description: |
Upload Docker build artifacts including binary and digest files.
Handles artifact naming and conditional digest uploads for registry publishing.
inputs:
slug:
description: Platform slug for artifact naming (e.g. linux-amd64, linux-arm64)
required: true
cpu_suffix:
description: CPU suffix for artifact naming (e.g. -haswell)
required: false
default: ""
artifact_suffix:
description: Suffix for binary artifacts (e.g. -maxperf)
required: false
default: ""
digest_suffix:
description: Suffix for digest artifacts (e.g. -maxperf)
required: false
default: ""
digest:
description: The digest of the built Docker image
required: true
outputs:
binary_artifact_name:
description: The name of the uploaded binary artifact
value: conduwuit${{ inputs.cpu_suffix }}-${{ inputs.slug }}${{ inputs.artifact_suffix }}
runs:
using: composite
steps:
- name: Export digest
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
shell: bash
run: |
mkdir -p /tmp/digests
digest="${{ inputs.digest }}"
echo "🔍 Build step digest output: '$digest'"
if [[ -z "$digest" ]]; then
echo "❌ ERROR: No digest found from build step"
exit 1
fi
digest_file="/tmp/digests/${digest#sha256:}"
echo "📁 Creating digest file: $digest_file"
touch "$digest_file"
echo "✅ Digest file created successfully"
echo "📋 Contents of /tmp/digests:"
ls -la /tmp/digests/
- name: Rename extracted binary
shell: bash
run: mv /tmp/binaries/sbin/conduwuit /tmp/binaries/conduwuit${{ inputs.cpu_suffix }}-${{ inputs.slug }}${{ inputs.artifact_suffix }}
- name: Upload binary artifact
uses: forgejo/upload-artifact@v4
with:
name: conduwuit${{ inputs.cpu_suffix }}-${{ inputs.slug }}${{ inputs.artifact_suffix }}
path: /tmp/binaries/conduwuit${{ inputs.cpu_suffix }}-${{ inputs.slug }}${{ inputs.artifact_suffix }}
if-no-files-found: error
- name: Upload digest
if: ${{ env.BUILTIN_REGISTRY_ENABLED == 'true' }}
uses: forgejo/upload-artifact@v4
with:
name: digests${{ inputs.digest_suffix }}-${{ inputs.slug }}${{ inputs.cpu_suffix }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 5
+82
View File
@@ -0,0 +1,82 @@
---
name: 'New pull request'
about: 'Open a new pull request to contribute to continuwuity'
ref: 'main'
---
<!--
In order to help reviewers know what your pull request does at a glance, you should ensure that
1. Your PR title is a short, single sentence describing what you changed
2. You have described in more detail what you have changed, why you have changed it, what the
intended effect is, and why you think this will be beneficial to the project.
If you have made any potentially strange/questionable design choices, but didn't feel they'd benefit
from code comments, please don't mention them here - after opening your pull request,
go to "files changed", and click on the "+" symbol in the line number gutter,
and attach comments to the lines that you think would benefit from some clarification.
-->
This pull request...
<!-- Example:
This pull request allows us to warp through time and space ten times faster than before by
double-inverting the warp drive with hyperheated jump fluid, both making the drive faster and more
efficient. This resolves the common issue where we have to wait more than 10 milliseconds to
engage, use, and disengage the warp drive when travelling between galaxies.
-->
<!-- Closes: #... -->
<!-- Fixes: #... -->
<!-- Uncomment the above line(s) if your pull request fixes an issue or closes another pull request
by superseding it. Replace `#...` with the issue/pr number, such as `#123`. -->
**Pull request checklist:**
<!-- You need to complete these before your PR can be considered.
If you aren't sure about some, feel free to ask for clarification in #dev:continuwuity.org. -->
- [ ] This pull request targets the `main` branch, and the branch is named something other than
`main`.
- [ ] I have written an appropriate pull request title and my description is clear.
- [ ] I understand I am responsible for the contents of this pull request.
- I have followed the [contributing guidelines][c1]:
- [ ] My contribution follows the [code style][c2], if applicable.
- [ ] I ran [pre-commit checks][c1pc] before opening/drafting this pull request.
- [ ] I have [tested my contribution][c1t] (or proof-read it for documentation-only changes)
myself, if applicable. This includes ensuring code compiles.
- [ ] My commit messages follow the [commit message format][c1cm] and are descriptive.
- [ ] I have written a [news fragment][n1] for this PR, if applicable<!--(can be done after hitting open!)-->.
<!--
Notes on these requirements:
- While not required, we encourage you to sign your commits with GPG or SSH to attest the
authenticity of your changes.
- While we allow LLM-assisted contributions, we do not appreciate contributions that are
low quality, which is typical of machine-generated contributions that have not had a lot of love
and care from a human. Please do not open a PR if all you have done is asked ChatGPT to tidy up
the codebase with a +-100,000 diff.
- In the case of code style violations, reviewers may leave review comments/change requests
indicating what the ideal change would look like. For example, a reviewer may suggest you lower
a log level, or use `match` instead of `if/else` etc.
- In the case of code style violations, pre-commit check failures, minor things like typos/spelling
errors, and in some cases commit format violations, reviewers may modify your branch directly,
typically by making changes and adding a commit. Particularly in the latter case, a reviewer may
rebase your commits to squash "spammy" ones (like "fix", "fix", "actually fix"), and reword
commit messages that don't satisfy the format.
- Pull requests MUST pass the `Checks` CI workflows to be capable of being merged. This can only be
bypassed in exceptional circumstances.
If your CI flakes, let us know in matrix:r/dev:continuwuity.org.
- Pull requests have to be based on the latest `main` commit before being merged. If the main branch
changes while you're making your changes, you should make sure you rebase on main before
opening a PR. Your branch will be rebased on main before it is merged if it has fallen behind.
- We typically only do fast-forward merges, so your entire commit log will be included. Once in
main, it's difficult to get out cleanly, so put on your best dress, smile for the cameras!
-->
[c1]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md
[c2]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/docs/development/code_style.mdx
[c1pc]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#pre-commit-checks
[c1t]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#running-tests-locally
[c1cm]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#commit-messages
[n1]: https://towncrier.readthedocs.io/en/stable/tutorial.html#creating-news-fragments
+76
View File
@@ -0,0 +1,76 @@
version: 1
x-source: &source forgejo.ellis.link/continuwuation/continuwuity
x-tags:
releases: &tags-releases
tags:
allow:
- "latest"
- "v[0-9]+\\.[0-9]+\\.[0-9]+(-[a-z0-9\\.]+)?"
- "v[0-9]+\\.[0-9]+"
- "v[0-9]+"
main: &tags-main
tags:
allow:
- "latest"
- "v[0-9]+\\.[0-9]+\\.[0-9]+(-[a-z0-9\\.]+)?"
- "v[0-9]+\\.[0-9]+"
- "v[0-9]+"
- "main"
commits: &tags-commits
tags:
allow:
- "latest"
- "v[0-9]+\\.[0-9]+\\.[0-9]+(-[a-z0-9\\.]+)?"
- "v[0-9]+\\.[0-9]+"
- "v[0-9]+"
- "main"
- "sha-[a-f0-9]+"
all: &tags-all
tags:
allow:
- ".*"
# Registry credentials
creds:
- registry: forgejo.ellis.link
user: "{{env \"BUILTIN_REGISTRY_USER\"}}"
pass: "{{env \"BUILTIN_REGISTRY_PASSWORD\"}}"
- registry: registry.gitlab.com
user: "{{env \"GITLAB_USERNAME\"}}"
pass: "{{env \"GITLAB_TOKEN\"}}"
- registry: git.nexy7574.co.uk
user: "{{env \"N7574_GIT_USERNAME\"}}"
pass: "{{env \"N7574_GIT_TOKEN\"}}"
- registry: ghcr.io
user: "{{env \"GH_PACKAGES_USER\"}}"
pass: "{{env \"GH_PACKAGES_TOKEN\"}}"
- registry: docker.io
user: "{{env \"DOCKER_MIRROR_USER\"}}"
pass: "{{env \"DOCKER_MIRROR_TOKEN\"}}"
# Global defaults
defaults:
parallel: 3
interval: 2h
digestTags: true
# Sync configuration - each registry gets different image sets
sync:
- source: *source
target: registry.gitlab.com/continuwuity/continuwuity
type: repository
<<: *tags-main
- source: *source
target: git.nexy7574.co.uk/mirrored/continuwuity
type: repository
<<: *tags-releases
- source: *source
target: ghcr.io/continuwuity/continuwuity
type: repository
<<: *tags-main
- source: *source
target: docker.io/jadedblueeyes/continuwuity
type: repository
<<: *tags-main
+170
View File
@@ -0,0 +1,170 @@
name: Build / Debian DEB
concurrency:
group: "build-debian-${{ forge.ref }}"
cancel-in-progress: true
on:
push:
tags:
- "v*.*.*"
workflow_dispatch:
schedule:
- cron: '30 0 * * *'
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
container: [ "ubuntu-latest", "ubuntu-previous", "debian-latest", "debian-oldstable" ]
container:
image: "ghcr.io/tcpipuk/act-runner:${{ matrix.container }}"
steps:
- name: Get Debian version
id: debian-version
run: |
VERSION=$(cat /etc/debian_version)
DISTRIBUTION=$(lsb_release -sc 2>/dev/null)
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "distribution=$DISTRIBUTION" >> $GITHUB_OUTPUT
echo "Debian distribution: $DISTRIBUTION ($VERSION)"
- name: Work around llvm-project#153385
id: llvm-workaround
run: |
if [ -f /usr/share/apt/default-sequoia.config ]; then
echo "Applying workaround for llvm-project#153385"
mkdir -p /etc/crypto-policies/back-ends/
cp /usr/share/apt/default-sequoia.config /etc/crypto-policies/back-ends/apt-sequoia.config
sed -i 's/\(sha1\.second_preimage_resistance = \)2026-02-01/\12026-06-01/' /etc/crypto-policies/back-ends/apt-sequoia.config
else
echo "No workaround needed for llvm-project#153385"
fi
- name: Pick compatible clang version
id: clang-version
run: |
# both latest need to use clang-23, but oldstable and previous can just use clang
if [[ "${{ matrix.container }}" == "ubuntu-latest" || "${{ matrix.container }}" == "debian-latest" ]]; then
echo "Using clang-23 package for ${{ matrix.container }}"
echo "version=clang-23" >> $GITHUB_OUTPUT
else
echo "Using default clang package for ${{ matrix.container }}"
echo "version=clang" >> $GITHUB_OUTPUT
fi
- name: Checkout repository with full history
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ github.ref_name }}
- name: Cache Cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
key: cargo-debian-${{ steps.debian-version.outputs.distribution }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
cargo-debian-${{ steps.debian-version.outputs.distribution }}-
- name: Setup sccache
uses: https://git.tomfos.tr/tom/sccache-action@v1
- name: Configure sccache environment
run: |
echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV
echo "CMAKE_C_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "CMAKE_CXX_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "SCCACHE_CACHE_SIZE=10G" >> $GITHUB_ENV
# Aggressive GC since cache restores don't increment counter
echo "CARGO_INCREMENTAL_GC_TRIGGER=5" >> $GITHUB_ENV
- name: Setup Rust
uses: ./.forgejo/actions/setup-rust
with:
github-token: ${{ secrets.GH_PUBLIC_RO }}
- name: Get package version and component
id: package-meta
run: |
BASE_VERSION=$(cargo metadata --no-deps --format-version 1 | jq -r ".packages[] | select(.name == \"conduwuit\").version" | sed 's/[^a-zA-Z0-9.+]/~/g')
# VERSION is the package version, COMPONENT is used in
# apt's repository config like a git repo branch
if [[ "${{ forge.ref }}" == "refs/tags/"* ]]; then
# Use the "stable" component for tagged releases
COMPONENT="stable"
VERSION=$BASE_VERSION
else
# Use the "dev" component for development builds
SHA=$(echo "${{ forge.sha }}" | cut -c1-7)
DATE=$(date +%Y%m%d)
if [ "${{ forge.ref_name }}" = "main" ]; then
COMPONENT="dev"
else
# Use the sanitized ref name as the component for feature branches
COMPONENT="dev-$(echo '${{ forge.ref_name }}' | sed 's/[^a-zA-Z0-9.+]/-/g' | tr '[:upper:]' '[:lower:]' | cut -c1-30)"
fi
CLEAN_COMPONENT=$(echo $COMPONENT | sed 's/[^a-zA-Z0-9.+]/~/g')
VERSION="$BASE_VERSION~git$DATE.$SHA-$CLEAN_COMPONENT"
fi
echo "component=$COMPONENT" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Component: $COMPONENT"
echo "Version: $VERSION"
- name: Install cargo-deb
run: |
if command -v cargo-deb &> /dev/null; then
echo "cargo-deb already available"
else
echo "Installing cargo-deb"
cargo-binstall -y --no-symlinks cargo-deb
fi
- name: Install build dependencies
run: |
apt-get update -y
# Build dependencies for rocksdb
apt-get install -y liburing-dev ${{ steps.clang-version.outputs.version }}
- name: Run cargo-deb
id: cargo-deb
run: |
DEB_PATH=$(cargo deb --deb-version ${{ steps.package-meta.outputs.version }})
echo "path=$DEB_PATH" >> $GITHUB_OUTPUT
- name: Test deb installation
run: |
echo "Installing: ${{ steps.cargo-deb.outputs.path }}"
apt-get install -y ${{ steps.cargo-deb.outputs.path }}
dpkg -s continuwuity
[ -f /usr/bin/conduwuit ] && echo "✅ Binary installed successfully"
[ -f /usr/lib/systemd/system/conduwuit.service ] && echo "✅ Systemd service installed"
[ -f /etc/conduwuit/conduwuit.toml ] && echo "✅ Config file installed"
- name: Upload deb artifact
uses: forgejo/upload-artifact@v4
with:
name: continuwuity-${{ steps.debian-version.outputs.distribution }}
path: ${{ steps.cargo-deb.outputs.path }}
- name: Publish to Forgejo package registry
if: ${{ forge.event_name == 'push' || forge.event_name == 'workflow_dispatch' || forge.event_name == 'schedule' }}
run: |
OWNER="continuwuation"
DISTRIBUTION=${{ steps.debian-version.outputs.distribution }}
COMPONENT=${{ steps.package-meta.outputs.component }}
DEB=${{ steps.cargo-deb.outputs.path }}
echo "Publishing: $DEB in component $COMPONENT for distribution $DISTRIBUTION"
curl --fail-with-body \
-X PUT \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
--upload-file "$DEB" \
"${{ forge.server_url }}/api/packages/$OWNER/debian/pool/$DISTRIBUTION/$COMPONENT/upload"
+390
View File
@@ -0,0 +1,390 @@
name: Build / Fedora RPM
concurrency:
group: "build-fedora-${{ github.ref }}"
cancel-in-progress: true
on:
push:
tags:
- "v*.*.*"
# paths:
# - 'pkg/fedora/**'
# - 'src/**'
# - 'Cargo.toml'
# - 'Cargo.lock'
# - '.forgejo/workflows/build-fedora.yml'
workflow_dispatch:
schedule:
- cron: '30 0 * * *'
jobs:
build:
runs-on: fedora-latest
steps:
- name: Detect Fedora version
id: fedora
run: |
VERSION=$(rpm -E %fedora)
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Fedora version: $VERSION"
- name: Checkout repository with full history
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ github.ref_name }}
- name: Cache DNF packages
uses: actions/cache@v4
with:
path: |
/var/cache/dnf
/var/cache/yum
key: dnf-fedora${{ steps.fedora.outputs.version }}-${{ hashFiles('pkg/fedora/continuwuity.spec.rpkg') }}-v1
restore-keys: |
dnf-fedora${{ steps.fedora.outputs.version }}-
- name: Cache Cargo registry
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
key: cargo-fedora${{ steps.fedora.outputs.version }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
cargo-fedora${{ steps.fedora.outputs.version }}-
- name: Cache Rust build dependencies
uses: actions/cache@v4
with:
path: |
~/rpmbuild/BUILD/*/target/release/deps
~/rpmbuild/BUILD/*/target/release/build
~/rpmbuild/BUILD/*/target/release/.fingerprint
~/rpmbuild/BUILD/*/target/release/incremental
key: rust-deps-fedora${{ steps.fedora.outputs.version }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
rust-deps-fedora${{ steps.fedora.outputs.version }}-
- name: Setup sccache
uses: https://git.tomfos.tr/tom/sccache-action@v1
- name: Configure sccache environment
run: |
echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV
echo "CMAKE_C_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "CMAKE_CXX_COMPILER_LAUNCHER=sccache" >> $GITHUB_ENV
echo "SCCACHE_CACHE_SIZE=10G" >> $GITHUB_ENV
# Aggressive GC since cache restores don't increment counter
echo "CARGO_INCREMENTAL_GC_TRIGGER=5" >> $GITHUB_ENV
- name: Install base RPM tools
run: |
dnf install -y --setopt=keepcache=1 \
fedora-packager \
python3-pip \
rpm-sign \
rpkg \
wget
- name: Setup build environment and build SRPM
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
git config --global user.email "ci@continuwuity.org"
git config --global user.name "Continuwuity"
rpmdev-setuptree
cd "$GITHUB_WORKSPACE"
# Determine release suffix and version based on ref type and branch
if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then
# Tags get clean version numbers for stable releases
RELEASE_SUFFIX=""
TAG_NAME="${{ github.ref_name }}"
# Extract version from tag (remove v prefix if present)
TAG_VERSION=$(echo "$TAG_NAME" | sed 's/^v//')
# Create spec file with tag version
sed -e "s/^Version:.*$/Version: $TAG_VERSION/" \
-e "s/^Release:.*$/Release: 1%{?dist}/" \
pkg/fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg
elif [ "${{ github.ref_name }}" = "main" ]; then
# Main branch gets .dev suffix
RELEASE_SUFFIX=".dev"
# Replace the Release line to include our suffix
sed "s/^Release:.*$/Release: 1${RELEASE_SUFFIX}%{?dist}/" \
pkg/fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg
else
# Other branches get sanitized branch name as suffix
SAFE_BRANCH=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9]/_/g' | cut -c1-20)
RELEASE_SUFFIX=".${SAFE_BRANCH}"
# Replace the Release line to include our suffix
sed "s/^Release:.*$/Release: 1${RELEASE_SUFFIX}%{?dist}/" \
pkg/fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg
fi
rpkg srpm --outdir "$HOME/rpmbuild/SRPMS"
ls -la $HOME/rpmbuild/SRPMS/
- name: Install build dependencies from SRPM
run: |
SRPM=$(find "$HOME/rpmbuild/SRPMS" -name "*.src.rpm" | head -1)
if [ -z "$SRPM" ]; then
echo "Error: No SRPM file found"
exit 1
fi
echo "Installing build dependencies from: $(basename $SRPM)"
dnf builddep -y "$SRPM"
- name: Build RPM from SRPM
run: |
SRPM=$(find "$HOME/rpmbuild/SRPMS" -name "*.src.rpm" | head -1)
if [ -z "$SRPM" ]; then
echo "Error: No SRPM file found"
exit 1
fi
echo "Building from SRPM: $SRPM"
rpmbuild --rebuild "$SRPM" \
--define "_topdir $HOME/rpmbuild" \
--define "_sourcedir $GITHUB_WORKSPACE" \
--nocheck # Skip %check section to avoid test dependencies
- name: Test RPM installation
run: |
# Find the main binary RPM (exclude debug and source RPMs)
RPM=$(find "$HOME/rpmbuild/RPMS" -name "continuwuity-*.rpm" \
! -name "*debuginfo*" \
! -name "*debugsource*" \
! -name "*.src.rpm" | head -1)
if [ -z "$RPM" ]; then
echo "Error: No binary RPM file found"
exit 1
fi
echo "Testing installation of: $RPM"
# Dry run first
rpm -qpi "$RPM"
echo ""
rpm -qpl "$RPM"
# Actually install it
dnf install -y "$RPM"
# Verify installation
rpm -qa | grep continuwuity
# Check that the binary exists
[ -f /usr/bin/conduwuit ] && echo "✅ Binary installed successfully"
[ -f /usr/lib/systemd/system/conduwuit.service ] && echo "✅ Systemd service installed"
[ -f /etc/conduwuit/conduwuit.toml ] && echo "✅ Config file installed"
- name: List built packages
run: |
echo "Binary RPMs:"
find "$HOME/rpmbuild/RPMS" -name "*.rpm" -type f -exec ls -la {} \;
echo ""
echo "Source RPMs:"
find "$HOME/rpmbuild/SRPMS" -name "*.rpm" -type f -exec ls -la {} \;
- name: Collect artifacts
run: |
mkdir -p artifacts
find "$HOME/rpmbuild/RPMS" -name "*.rpm" -type f -exec cp {} artifacts/ \;
find "$HOME/rpmbuild/SRPMS" -name "*.rpm" -type f -exec cp {} artifacts/ \;
cd artifacts
echo "Build Information:" > BUILD_INFO.txt
echo "==================" >> BUILD_INFO.txt
echo "Git commit: ${{ github.sha }}" >> BUILD_INFO.txt
echo "Git branch: ${{ github.ref_name }}" >> BUILD_INFO.txt
echo "Build date: $(date -u +%Y-%m-%d_%H:%M:%S_UTC)" >> BUILD_INFO.txt
echo "" >> BUILD_INFO.txt
echo "Package contents:" >> BUILD_INFO.txt
echo "-----------------" >> BUILD_INFO.txt
for rpm in *.rpm; do
echo "" >> BUILD_INFO.txt
echo "File: $rpm" >> BUILD_INFO.txt
rpm -qpi "$rpm" 2>/dev/null | grep -E "^(Name|Version|Release|Architecture|Size)" >> BUILD_INFO.txt
done
ls -la
- name: Upload binary RPM artifact
run: |
# Find the main binary RPM (exclude debug and source RPMs)
BIN_RPM=$(find artifacts -name "continuwuity-*.rpm" \
! -name "*debuginfo*" \
! -name "*debugsource*" \
! -name "*.src.rpm" \
-type f)
mkdir -p upload-bin
cp $BIN_RPM upload-bin/
- name: Upload binary RPM
uses: forgejo/upload-artifact@v4
with:
name: continuwuity
path: upload-bin/
- name: Upload debug RPM artifact
uses: forgejo/upload-artifact@v4
with:
name: continuwuity-debug
path: artifacts/*debuginfo*.rpm
- name: Publish to RPM Package Registry
if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' }}
run: |
# Find the main binary RPM (exclude debug and source RPMs)
RPM=$(find artifacts -name "continuwuity-*.rpm" \
! -name "*debuginfo*" \
! -name "*debugsource*" \
! -name "*.src.rpm" \
-type f | head -1)
if [ -z "$RPM" ]; then
echo "No binary RPM found to publish"
exit 0
fi
RPM_BASENAME=$(basename "$RPM")
echo "Publishing: $RPM_BASENAME"
# Determine the group based on ref type and branch
if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then
GROUP="stable"
# For tags, extract the tag name for version info
TAG_NAME="${{ github.ref_name }}"
elif [ "${{ github.ref_name }}" = "main" ]; then
GROUP="dev"
else
# Use sanitized branch name as group for feature branches
GROUP=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9]/-/g' | tr '[:upper:]' '[:lower:]' | cut -c1-30)
fi
PACKAGE_INFO=$(rpm -qpi "$RPM" 2>/dev/null)
PACKAGE_NAME=$(echo "$PACKAGE_INFO" | grep "^Name" | awk '{print $3}')
PACKAGE_VERSION=$(echo "$PACKAGE_INFO" | grep "^Version" | awk '{print $3}')
PACKAGE_RELEASE=$(echo "$PACKAGE_INFO" | grep "^Release" | awk '{print $3}')
PACKAGE_ARCH=$(echo "$PACKAGE_INFO" | grep "^Architecture" | awk '{print $2}')
# Full version includes release
FULL_VERSION="${PACKAGE_VERSION}-${PACKAGE_RELEASE}"
# Forgejo's RPM registry cannot overwrite existing packages, so we must delete first
# 404 is OK if package doesn't exist yet
echo "Removing any existing package: $PACKAGE_NAME-$FULL_VERSION.$PACKAGE_ARCH"
RESPONSE=$(curl -s -w "\n%{http_code}" -X DELETE \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/$GROUP/package/$PACKAGE_NAME/$FULL_VERSION/$PACKAGE_ARCH")
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
if [ "$HTTP_CODE" != "204" ] && [ "$HTTP_CODE" != "404" ]; then
echo "ERROR: Failed to delete package (HTTP $HTTP_CODE)"
echo "$RESPONSE" | head -n -1
exit 1
fi
curl --fail-with-body \
-X PUT \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/x-rpm" \
-T "$RPM" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/$GROUP/upload?sign=true"
echo ""
echo "✅ Published binary RPM to: https://forgejo.ellis.link/continuwuation/-/packages/rpm/continuwuity/"
echo "Group: $GROUP"
# Upload debug RPMs to separate group
DEBUG_RPMS=$(find artifacts -name "*debuginfo*.rpm")
if [ -n "$DEBUG_RPMS" ]; then
echo ""
echo "Publishing debug RPMs to group: ${GROUP}-debug"
for DEBUG_RPM in $DEBUG_RPMS; do
echo "Publishing: $(basename "$DEBUG_RPM")"
DEBUG_INFO=$(rpm -qpi "$DEBUG_RPM" 2>/dev/null)
DEBUG_NAME=$(echo "$DEBUG_INFO" | grep "^Name" | awk '{print $3}')
DEBUG_VERSION=$(echo "$DEBUG_INFO" | grep "^Version" | awk '{print $3}')
DEBUG_RELEASE=$(echo "$DEBUG_INFO" | grep "^Release" | awk '{print $3}')
DEBUG_ARCH=$(echo "$DEBUG_INFO" | grep "^Architecture" | awk '{print $2}')
DEBUG_FULL_VERSION="${DEBUG_VERSION}-${DEBUG_RELEASE}"
# Must delete existing package first (Forgejo limitation)
RESPONSE=$(curl -s -w "\n%{http_code}" -X DELETE \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-debug/package/$DEBUG_NAME/$DEBUG_FULL_VERSION/$DEBUG_ARCH")
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
if [ "$HTTP_CODE" != "204" ] && [ "$HTTP_CODE" != "404" ]; then
echo "ERROR: Failed to delete debug package (HTTP $HTTP_CODE)"
echo "$RESPONSE" | head -n -1
exit 1
fi
curl --fail-with-body \
-X PUT \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/x-rpm" \
-T "$DEBUG_RPM" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-debug/upload?sign=true"
done
echo "✅ Published debug RPMs to group: ${GROUP}-debug"
fi
# Also upload the SRPM to separate group
SRPM=$(find artifacts -name "*.src.rpm" | head -1)
if [ -n "$SRPM" ]; then
echo ""
echo "Publishing source RPM: $(basename "$SRPM")"
echo "Publishing to group: ${GROUP}-src"
SRPM_INFO=$(rpm -qpi "$SRPM" 2>/dev/null)
SRPM_NAME=$(echo "$SRPM_INFO" | grep "^Name" | awk '{print $3}')
SRPM_VERSION=$(echo "$SRPM_INFO" | grep "^Version" | awk '{print $3}')
SRPM_RELEASE=$(echo "$SRPM_INFO" | grep "^Release" | awk '{print $3}')
SRPM_FULL_VERSION="${SRPM_VERSION}-${SRPM_RELEASE}"
# Must delete existing SRPM first (Forgejo limitation)
echo "Removing any existing SRPM: $SRPM_NAME-$SRPM_FULL_VERSION.src"
RESPONSE=$(curl -s -w "\n%{http_code}" -X DELETE \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-src/package/$SRPM_NAME/$SRPM_FULL_VERSION/src")
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
if [ "$HTTP_CODE" != "204" ] && [ "$HTTP_CODE" != "404" ]; then
echo "ERROR: Failed to delete SRPM (HTTP $HTTP_CODE)"
echo "$RESPONSE" | head -n -1
exit 1
fi
curl --fail-with-body \
-X PUT \
-H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/x-rpm" \
-T "$SRPM" \
"https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-src/upload?sign=true"
echo "✅ Published source RPM to group: ${GROUP}-src"
fi
+25 -27
View File
@@ -17,43 +17,41 @@ jobs:
docs:
name: Build and Deploy Documentation
runs-on: ubuntu-latest
if: secrets.CLOUDFLARE_API_TOKEN != ''
steps:
- name: Sync repository
uses: https://github.com/actions/checkout@v4
uses: actions/checkout@v6
with:
persist-credentials: false
fetch-depth: 0
- name: Setup mdBook
uses: https://github.com/peaceiris/actions-mdbook@v2
with:
mdbook-version: "latest"
- name: Build mdbook
run: mdbook build
- name: Prepare static files for deployment
run: |
mkdir -p ./public/.well-known/matrix
mkdir -p ./public/.well-known/continuwuity
mkdir -p ./public/schema
# Copy the Matrix .well-known files
cp ./docs/static/server ./public/.well-known/matrix/server
cp ./docs/static/client ./public/.well-known/matrix/client
cp ./docs/static/client ./public/.well-known/matrix/support
cp ./docs/static/announcements.json ./public/.well-known/continuwuity/announcements
cp ./docs/static/announcements.schema.json ./public/schema/announcements.schema.json
# Copy the custom headers file
cp ./docs/static/_headers ./public/_headers
echo "Copied .well-known files and _headers to ./public"
- name: Detect runner environment
id: runner-env
uses: https://git.tomfos.tr/actions/detect-versions@v1
- name: Setup Node.js
uses: https://github.com/actions/setup-node@v4
if: steps.runner-env.outputs.node_major == '' || steps.runner-env.outputs.node_major < '20'
uses: https://github.com/actions/setup-node@v6
with:
node-version: 20
node-version: 22
- name: Cache npm dependencies
uses: actions/cache@v3
with:
path: ~/.npm
key: continuwuity-rspress-${{ steps.runner-env.outputs.slug }}-${{ steps.runner-env.outputs.arch }}-node-${{ steps.runner-env.outputs.node_version }}-${{ hashFiles('package-lock.json') }}
restore-keys: |
continuwuity-rspress-${{ steps.runner-env.outputs.slug }}-${{ steps.runner-env.outputs.arch }}-node-${{ steps.runner-env.outputs.node_version }}-
continuwuity-rspress-${{ steps.runner-env.outputs.slug }}-${{ steps.runner-env.outputs.arch }}-node-
- name: Install dependencies
run: npm ci
- name: Build Rspress documentation
run: npm run docs:build
- name: Install Wrangler
run: npm install --save-dev wrangler@latest
- name: Deploy to Cloudflare Pages (Production)
@@ -62,7 +60,7 @@ jobs:
with:
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
command: pages deploy ./public --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
command: pages deploy ./doc_build --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
- name: Deploy to Cloudflare Pages (Preview)
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
@@ -70,4 +68,4 @@ jobs:
with:
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
command: pages deploy ./public --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
command: pages deploy ./doc_build --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}"
+25 -20
View File
@@ -4,6 +4,14 @@ on:
schedule:
- cron: "0 0 * * *"
workflow_dispatch:
pull_request:
paths:
- ".forgejo/workflows/element.yml"
push:
branches:
- main
paths:
- ".forgejo/workflows/element.yml"
concurrency:
group: "element-${{ github.ref }}"
@@ -11,16 +19,16 @@ concurrency:
jobs:
build-and-deploy:
name: Build and Deploy Element Web
name: 🏗️ Build and Deploy
runs-on: ubuntu-latest
steps:
- name: Setup Node.js
uses: https://code.forgejo.org/actions/setup-node@v4
- name: 📦 Setup Node.js
uses: https://github.com/actions/setup-node@v6
with:
node-version: "20"
node-version: "22"
- name: Clone, setup, and build Element Web
- name: 🔨 Clone, setup, and build Element Web
run: |
echo "Cloning Element Web..."
git clone https://github.com/maunium/element-web
@@ -64,7 +72,7 @@ jobs:
echo "Checking for build output..."
ls -la webapp/
- name: Create config.json
- name: ⚙️ Create config.json
run: |
cat <<EOF > ./element-web/webapp/config.json
{
@@ -100,28 +108,25 @@ jobs:
echo "Created ./element-web/webapp/config.json"
cat ./element-web/webapp/config.json
- name: Upload Artifact
uses: https://code.forgejo.org/actions/upload-artifact@v3
- name: 📤 Upload Artifact
uses: forgejo/upload-artifact@v4
with:
name: element-web
path: ./element-web/webapp/
retention-days: 14
- name: Install Wrangler
- name: 🛠️ Install Wrangler
run: npm install --save-dev wrangler@latest
- name: Deploy to Cloudflare Pages (Production)
if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
- name: 🚀 Deploy to Cloudflare Pages
if: vars.CLOUDFLARE_PROJECT_NAME != ''
id: deploy
uses: https://github.com/cloudflare/wrangler-action@v3
with:
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
command: pages deploy ./element-web/webapp --branch="main" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
- name: Deploy to Cloudflare Pages (Preview)
if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
uses: https://github.com/cloudflare/wrangler-action@v3
with:
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
command: pages deploy ./element-web/webapp --branch="${{ github.head_ref || github.ref_name }}" --commit-dirty=true --project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
command: >-
pages deploy ./element-web/webapp
--branch="${{ github.ref == 'refs/heads/main' && 'main' || github.head_ref || github.ref_name }}"
--commit-dirty=true
--project-name="${{ vars.CLOUDFLARE_PROJECT_NAME }}-element"
+68
View File
@@ -0,0 +1,68 @@
name: Mirror Container Images
on:
schedule:
# Run every 2 hours
- cron: "0 */2 * * *"
workflow_dispatch:
inputs:
dry_run:
description: 'Dry run (check only, no actual mirroring)'
required: false
default: false
type: boolean
push:
branches:
- main
paths:
# Re-run when config changes
- '.forgejo/regsync/regsync.yml'
- '.forgejo/workflows/mirror-images.yml'
concurrency:
group: "mirror-images"
cancel-in-progress: true
jobs:
mirror-images:
runs-on: ubuntu-latest
env:
BUILTIN_REGISTRY_USER: ${{ vars.BUILTIN_REGISTRY_USER }}
BUILTIN_REGISTRY_PASSWORD: ${{ secrets.BUILTIN_REGISTRY_PASSWORD }}
GITLAB_USERNAME: ${{ vars.GITLAB_USERNAME }}
GITLAB_TOKEN: ${{ secrets.GITLAB_TOKEN }}
N7574_GIT_USERNAME: ${{ vars.N7574_GIT_USERNAME }}
N7574_GIT_TOKEN: ${{ secrets.N7574_GIT_TOKEN }}
GH_PACKAGES_USER: ${{ vars.GH_PACKAGES_USER }}
GH_PACKAGES_TOKEN: ${{ secrets.GH_PACKAGES_TOKEN }}
DOCKER_MIRROR_USER: ${{ vars.DOCKER_MIRROR_USER }}
DOCKER_MIRROR_TOKEN: ${{ secrets.DOCKER_MIRROR_TOKEN }}
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
persist-credentials: false
# - uses: https://github.com/actions/create-github-app-token@v2
# id: app-token
# with:
# app-id: ${{ vars.GH_APP_ID }}
# private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
# github-api-url: https://api.github.com
# owner: continuwuity
# repositories: continuwuity
- name: Install regctl
uses: https://forgejo.ellis.link/continuwuation/regclient-actions/regctl-installer@main
with:
binary: regsync
- name: Check what images need mirroring
run: |
echo "Checking images that need mirroring..."
regsync check -c .forgejo/regsync/regsync.yml -v info
- name: Mirror images
if: ${{ !inputs.dry_run }}
run: |
echo "Starting image mirroring..."
regsync once -c .forgejo/regsync/regsync.yml -v info
+83
View File
@@ -0,0 +1,83 @@
name: Checks / Prek
on:
pull_request:
push:
branches:
- main
workflow_dispatch:
permissions:
contents: read
jobs:
fast-checks:
name: Pre-commit & Formatting
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
persist-credentials: false
- name: Setup Rust nightly
uses: ./.forgejo/actions/setup-rust
with:
rust-version: nightly
github-token: ${{ secrets.GH_PUBLIC_RO }}
- name: Run prek
run: |
prek run \
--all-files \
--hook-stage manual \
--show-diff-on-failure \
--color=always \
-v
- name: Check Rust formatting
run: |
cargo +nightly fmt --all -- --check && \
echo "✅ Formatting check passed" || \
exit 1
clippy-and-tests:
name: Clippy and Cargo Tests
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
persist-credentials: false
- name: Setup LLVM
uses: ./.forgejo/actions/setup-llvm-with-apt
with:
extra-packages: liburing-dev liburing2
- name: Setup Rust with caching
uses: ./.forgejo/actions/setup-rust
with:
github-token: ${{ secrets.GH_PUBLIC_RO }}
- name: Run Clippy lints
run: |
cargo clippy \
--workspace \
--features full \
--locked \
--no-deps \
--profile test \
-- \
-D warnings
- name: Run Cargo tests
run: |
cargo test \
--workspace \
--features full \
--locked \
--profile test \
--all-targets \
--no-fail-fast
+136 -212
View File
@@ -4,60 +4,30 @@ concurrency:
on:
push:
branches:
- main
paths-ignore:
- "*.md"
- "**/*.md"
- ".gitlab-ci.yml"
- ".gitignore"
- "renovate.json"
- "debian/**"
- "docker/**"
- "pkg/**"
- "docs/**"
tags:
- "v*.*.*"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
BUILTIN_REGISTRY: forgejo.ellis.link
BUILTIN_REGISTRY_ENABLED: "${{ ((vars.BUILTIN_REGISTRY_USER && secrets.BUILTIN_REGISTRY_PASSWORD) || (github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false)) && 'true' || 'false' }}"
IMAGE_PATH: forgejo.ellis.link/continuwuation/continuwuity
jobs:
define-variables:
runs-on: ubuntu-latest
outputs:
images: ${{ steps.var.outputs.images }}
images_list: ${{ steps.var.outputs.images_list }}
build_matrix: ${{ steps.var.outputs.build_matrix }}
steps:
- name: Setting variables
uses: https://github.com/actions/github-script@v7
id: var
with:
script: |
const githubRepo = '${{ github.repository }}'.toLowerCase()
const repoId = githubRepo.split('/')[1]
core.setOutput('github_repository', githubRepo)
const builtinImage = '${{ env.BUILTIN_REGISTRY }}/' + githubRepo
let images = []
if (process.env.BUILTIN_REGISTRY_ENABLED === "true") {
images.push(builtinImage)
}
core.setOutput('images', images.join("\n"))
core.setOutput('images_list', images.join(","))
const platforms = ['linux/amd64', 'linux/arm64']
core.setOutput('build_matrix', JSON.stringify({
platform: platforms,
include: platforms.map(platform => { return {
platform,
slug: platform.replace('/', '-')
}})
}))
build-image:
build-release:
name: "Build ${{ matrix.slug }} (release)"
runs-on: dind
needs: define-variables
permissions:
contents: read
packages: write
@@ -65,113 +35,28 @@ jobs:
id-token: write
strategy:
matrix:
{
"include":
[
{ "platform": "linux/amd64", "slug": "linux-amd64" },
{ "platform": "linux/arm64", "slug": "linux-arm64" },
],
"platform": ["linux/amd64", "linux/arm64"],
}
steps:
- name: Echo strategy
run: echo '${{ toJSON(fromJSON(needs.define-variables.outputs.build_matrix)) }}'
- name: Echo matrix
run: echo '${{ toJSON(matrix) }}'
include:
- platform: "linux/amd64"
slug: "linux-amd64"
- platform: "linux/arm64"
slug: "linux-arm64"
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v6
with:
persist-credentials: false
- name: Install rust
id: rust-toolchain
uses: ./.forgejo/actions/rust-toolchain
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Login to builtin registry
uses: docker/login-action@v3
- name: Prepare Docker build environment
id: prepare
uses: ./.forgejo/actions/prepare-docker-build
with:
registry: ${{ env.BUILTIN_REGISTRY }}
username: ${{ vars.BUILTIN_REGISTRY_USER || github.actor }}
password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (labels, annotations) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{needs.define-variables.outputs.images}}
# default labels & annotations: https://github.com/docker/metadata-action/blob/master/src/meta.ts#L509
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
# It will not push images generated from a pull request