Compare commits

...

8 Commits

15 changed files with 100 additions and 18 deletions
+1 -1
View File
@@ -31,7 +31,7 @@ repos:
stages: [commit-msg]
- repo: https://github.com/crate-ci/committed
rev: v1.1.9
rev: v1.1.10
hooks:
- id: committed
+1
View File
@@ -0,0 +1 @@
Fix the generated configuration containing uncommented optional sections. Contributed by @Jade
+1
View File
@@ -0,0 +1 @@
UIAA requests which check for out-of-band success (sent by matrix-js-sdk) will no longer create unhelpful errors in the logs.
+3 -3
View File
@@ -1926,9 +1926,9 @@
#
#admin_filter = ""
[global.antispam]
#[global.antispam]
[global.antispam.meowlnir]
#[global.antispam.meowlnir]
# The base URL on which to contact Meowlnir (before /_meowlnir/antispam).
#
@@ -1953,7 +1953,7 @@
#
#check_all_joins = false
[global.antispam.draupnir]
#[global.antispam.draupnir]
# The base URL on which to contact Draupnir (before /api/).
#
+1 -1
View File
@@ -48,7 +48,7 @@ EOF
# Developer tool versions
# renovate: datasource=github-releases depName=cargo-bins/cargo-binstall
ENV BINSTALL_VERSION=1.16.6
ENV BINSTALL_VERSION=1.16.7
# renovate: datasource=github-releases depName=psastras/sbom-rs
ENV CARGO_SBOM_VERSION=0.9.1
# renovate: datasource=crate depName=lddtree
+1 -1
View File
@@ -18,7 +18,7 @@ RUN --mount=type=cache,target=/etc/apk/cache apk add \
# Developer tool versions
# renovate: datasource=github-releases depName=cargo-bins/cargo-binstall
ENV BINSTALL_VERSION=1.16.6
ENV BINSTALL_VERSION=1.16.7
# renovate: datasource=github-releases depName=psastras/sbom-rs
ENV CARGO_SBOM_VERSION=0.9.1
# renovate: datasource=crate depName=lddtree
+9 -3
View File
@@ -34,6 +34,14 @@
"name": "troubleshooting",
"label": "Troubleshooting"
},
"security",
{
"type": "dir-section-header",
"name": "community",
"label": "Community",
"collapsible": true,
"collapsed": false
},
{
"type": "divider"
},
@@ -63,7 +71,5 @@
},
{
"type": "divider"
},
"community",
"security"
}
]
+10 -5
View File
@@ -19,16 +19,21 @@
{
"text": "Admin Command Reference",
"link": "/reference/admin/"
},
{
"text": "Server Reference",
"link": "/reference/server"
}
]
},
{
"text": "Community",
"link": "/community"
"items": [
{
"text": "Community Guidelines",
"link": "/community/guidelines"
},
{
"text": "Become a Partnered Homeserver!",
"link": "/community/ops-guidelines"
}
]
},
{
"text": "Security",
+12
View File
@@ -0,0 +1,12 @@
[
{
"type": "file",
"name": "guidelines",
"label": "Community Guidelines"
},
{
"type": "file",
"name": "ops-guidelines",
"label": "Partnered Homeserver Guidelines"
}
]
+32
View File
@@ -0,0 +1,32 @@
# Partnered Homeserver Operator Requirements
> _So you want to be an officially sanctioned public Continuwuity homeserver operator?_
Thank you for your interest in the project! There's a few things we need from you first to make sure your homeserver meets our quality standards and that you are prepared to handle the additional workload introduced by operating a public chat service.
## Stuff you must have
if you don't do these things we will tell you to go away
- Your homeserver must be running an up-to-date version of Continuwuity
- You must have a CAPTCHA, external registration system, or apply-to-join system that provides one-time-use invite codes (we do not accept fully open nor static token registration)
- Your homeserver must have support details listed in [`/.well-known/matrix/support`](https://spec.matrix.org/v1.17/client-server-api/#getwell-knownmatrixsupport)
- Your rules and guidelines must align with [the project's own code of conduct](guidelines).
- You must be reasonably responsive (i.e. don't leave us hanging for a week if we alert you to an issue on your server)
- Your homeserver's community rooms (if any) must be protected by a moderation bot subscribed to policy lists like the Community Moderation Effort (you can get one from https://asgard.chat if you don't want to run your own)
## Stuff we encourage you to have
not strictly required but we will consider your request more strongly if you have it
- You should have automated moderation tooling that can automatically suspend abusive users on your homeserver who are added to policy lists
- You should have multiple server administrators (increased bus factor)
- You should have a terms of service and privacy policy prominently available
## Stuff you get
- Prominent listing in our README!
- A gold star sticker
- Access to a low noise room for more direct communication with maintainers and collaboration with fellow operators
- Read-only access to the continuwuity internal ban list
- Early notice of upcoming releases
## Sound good?
To get started, ping a team member in [our main chatroom](https://matrix.to/#/#continuwuity:continuwuity.org) and ask to be added to the list.
+3
View File
@@ -54,6 +54,9 @@ export default defineConfig({
}, {
from: '/server_reference',
to: '/reference/server'
}, {
from: '/community$',
to: '/community/guidelines'
}
]
})],
+9 -3
View File
@@ -2261,7 +2261,11 @@ struct ListeningAddr {
}
#[derive(Clone, Debug, Deserialize)]
#[config_example_generator(filename = "conduwuit-example.toml", section = "global.antispam")]
#[config_example_generator(
filename = "conduwuit-example.toml",
section = "global.antispam",
optional = "true"
)]
pub struct Antispam {
/// display: nested
pub meowlnir: Option<MeowlnirConfig>,
@@ -2272,7 +2276,8 @@ pub struct Antispam {
#[derive(Clone, Debug, Deserialize)]
#[config_example_generator(
filename = "conduwuit-example.toml",
section = "global.antispam.meowlnir"
section = "global.antispam.meowlnir",
optional = "true"
)]
pub struct MeowlnirConfig {
/// The base URL on which to contact Meowlnir (before /_meowlnir/antispam).
@@ -2301,7 +2306,8 @@ pub struct MeowlnirConfig {
#[derive(Clone, Debug, Deserialize)]
#[config_example_generator(
filename = "conduwuit-example.toml",
section = "global.antispam.draupnir"
section = "global.antispam.draupnir",
optional = "true"
)]
pub struct DraupnirConfig {
/// The base URL on which to contact Draupnir (before /api/).
+7 -1
View File
@@ -73,7 +73,13 @@ fn generate_example(input: &ItemStruct, args: &[Meta], write: bool) -> Result<To
.expect("written to config file");
}
file.write_fmt(format_args!("\n[{section}]\n"))
let optional = settings.get("optional").is_some_and(|v| v == "true");
let section_header = if optional {
format!("\n#[{section}]\n")
} else {
format!("\n[{section}]\n")
};
file.write_fmt(format_args!("{section_header}"))
.expect("written to config file");
}
+10
View File
@@ -233,6 +233,16 @@ pub async fn try_auth(
| AuthData::Dummy(_) => {
uiaainfo.completed.push(AuthType::Dummy);
},
| AuthData::FallbackAcknowledgement(_) => {
// The client is checking if authentication has succeeded out-of-band. This is
// possible if the client is using "fallback auth" (see spec section
// 4.9.1.4), which we don't support (and probably never will, because it's a
// disgusting hack).
// Return early to tell the client that no, authentication did not succeed while
// it wasn't looking.
return Ok((false, uiaainfo));
},
| k => error!("type not supported: {:?}", k),
}