chore(deps): update https://github.com/actions/setup-node digest to 48b55a0

(cherry picked from commit 8b206564aa)

.forgejo/actions/rust-toolchain/action.yml

@@ -33,7 +33,7 @@ runs:
         echo "version=$(rustup --version)" >> $GITHUB_OUTPUT
     - name: Cache rustup toolchains
       if: steps.rustup-version.outputs.version == ''
-      uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3
+      uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           ~/.rustup

.forgejo/actions/setup-llvm-with-apt/action.yml

@@ -57,7 +57,7 @@ runs:
 
     - name: Check for LLVM cache
       id: cache
-      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           /usr/bin/clang-*

.forgejo/actions/setup-rust/action.yml

@@ -65,7 +65,7 @@ runs:
 
     - name: Cache toolchain binaries
       id: toolchain-cache
-      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           .cargo/bin
@@ -76,7 +76,7 @@ runs:
 
     - name: Cache Cargo registry and git
       id: registry-cache
-      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           .cargo/registry/index

.forgejo/actions/timelord/action.yml

@@ -31,7 +31,7 @@ runs:
 
     - name: Restore binary cache
       id: binary-cache
-      uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           /usr/share/rust/.cargo/bin
@@ -71,13 +71,13 @@ runs:
 
     - name: Install timelord-cli and git-warp-time
       if: steps.check-binaries.outputs.need-install == 'true'
-      uses: https://github.com/taiki-e/install-action@d0f23220b09a75c6db730f13bb37c4f8144b4382 # v2
+      uses: https://github.com/taiki-e/install-action@a2352fc6ce487f030a3aa709482d57823eadfb37 # v2
       with:
         tool: git-warp-time,timelord-cli@3.0.1
 
     - name: Save binary cache
       if: steps.check-binaries.outputs.need-install == 'true'
-      uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: |
           /usr/share/rust/.cargo/bin
@@ -87,7 +87,7 @@ runs:
 
     - name: Restore timelord cache with fallbacks
       id: timelord-restore
-      uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: ${{ env.TIMELORD_CACHE_PATH }}
         key: ${{ env.TIMELORD_KEY }}
@@ -114,7 +114,7 @@ runs:
         timelord sync --source-dir ${{ env.TIMELORD_PATH }} --cache-dir ${{ env.TIMELORD_CACHE_PATH }}
 
     - name: Save updated timelord cache immediately
-      uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+      uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
       with:
         path: ${{ env.TIMELORD_CACHE_PATH }}
         key: ${{ env.TIMELORD_KEY }}

.forgejo/workflows/auto-labeler.yml

@@ -0,0 +1,53 @@
+name: Auto Labeler
+
+on:
+  pull_request_target:
+    types: [opened, reopened]
+
+permissions:
+  contents: read
+  pull-requests: write
+  issues: write
+
+jobs:
+  auto-label:
+    name: Apply labels based on changed files
+    runs-on: ubuntu-latest
+    steps:
+      - name: Apply PR Labels
+        uses: https://github.com/actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9
+        with:
+          script: |
+            const allFiles = await github.paginate(github.rest.pulls.listFiles, {
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.issue.number,
+            });
+
+            const fileNames = allFiles.map(f => f.filename);
+            const labelsToAdd = new Set();
+
+            for (const file of fileNames) {
+              if (file.startsWith('docs/') || file.startsWith('theme/') || file.endsWith('.md') || file == 'rspress.config.ts') {
+                labelsToAdd.add('Documentation');
+              }
+              if (file.startsWith('.forgejo/')) {
+                labelsToAdd.add('Meta/CI');
+              }
+              if (file.startsWith('pkg/') || file.startsWith('nix/') || file === 'flake.nix' || file === 'flake.lock' || file.startsWith('docker/')) {
+                labelsToAdd.add('Meta/Packaging');
+              }
+            }
+
+            if (labelsToAdd.size > 0) {
+              const labelsArray = Array.from(labelsToAdd);
+              console.log('Adding labels:', labelsArray);
+              await github.rest.issues.addLabels({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                labels: labelsArray,
+              });
+            } else {
+              console.log('No files changed that require auto-labeling.');
+            }

.forgejo/workflows/build-debian.yml

@@ -60,7 +60,7 @@ jobs:
           ref: ${{ github.ref_name }}
 
       - name: Cache Cargo registry
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             ~/.cargo/registry
@@ -92,10 +92,13 @@ jobs:
           BASE_VERSION=$(cargo metadata --no-deps --format-version 1 | jq -r ".packages[] | select(.name == \"conduwuit\").version" | sed 's/[^a-zA-Z0-9.+]/~/g')
           # VERSION is the package version, COMPONENT is used in
           # apt's repository config like a git repo branch
-          if [[ "${{ forge.ref }}" == "refs/tags/"* ]]; then
-            # Use the "stable" component for tagged releases
+          VERSION=$BASE_VERSION
+          if [[ ${{ forge.ref_name }} =~ ^v+[0-9]\.+[0-9]\.+[0-9]$ ]]; then
+            # Use the "stable" component for tagged semver releases
             COMPONENT="stable"
-            VERSION=$BASE_VERSION
+          elif [[ ${{ forge.ref }} =~ ^refs/tags/^v+[0-9]\.+[0-9]\.+[0-9] ]]; then
+            # Use the "unstable" component for tagged semver pre-releases
+            COMPONENT="unstable"
           else
             # Use the "dev" component for development builds
             SHA=$(echo "${{ forge.sha }}" | cut -c1-7)

.forgejo/workflows/build-fedora.yml

@@ -37,7 +37,7 @@ jobs:
 
 
       - name: Cache DNF packages
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /var/cache/dnf
@@ -47,7 +47,7 @@ jobs:
             dnf-fedora${{ steps.fedora.outputs.version }}-
 
       - name: Cache Cargo registry
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             ~/.cargo/registry
@@ -57,7 +57,7 @@ jobs:
             cargo-fedora${{ steps.fedora.outputs.version }}-
 
       - name: Cache Rust build dependencies
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             ~/rpmbuild/BUILD/*/target/release/deps

.forgejo/workflows/check-changelog.yml

@@ -4,11 +4,6 @@ on:
   pull_request_target:
     types: [opened, synchronize, reopened, ready_for_review, labeled, unlabeled]
 
-
-concurrency:
-  group: "${{ github.workflow }}-${{ github.ref }}"
-  cancel-in-progress: true
-
 permissions:
   contents: read
   pull-requests: write

.forgejo/workflows/documentation.yml

@@ -32,12 +32,12 @@ jobs:
 
       - name: Setup Node.js
         if: steps.runner-env.outputs.node_major == '' || steps.runner-env.outputs.node_major < '20'
-        uses: https://github.com/actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: https://github.com/actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version: 22
 
       - name: Cache npm dependencies
-        uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: ~/.npm
           key: continuwuity-rspress-${{ steps.runner-env.outputs.slug }}-${{ steps.runner-env.outputs.arch }}-node-${{ steps.runner-env.outputs.node_version }}-${{ hashFiles('package-lock.json') }}
@@ -56,7 +56,7 @@ jobs:
 
       - name: Deploy to Cloudflare Pages (Production)
         if: github.ref == 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
-        uses: https://github.com/cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3
+        uses: https://github.com/cloudflare/wrangler-action@9acf94ace14e7dc412b076f2c5c20b8ce93c79cd # v3
         with:
           accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
           apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
@@ -64,7 +64,7 @@ jobs:
 
       - name: Deploy to Cloudflare Pages (Preview)
         if: github.ref != 'refs/heads/main' && vars.CLOUDFLARE_PROJECT_NAME != ''
-        uses: https://github.com/cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3
+        uses: https://github.com/cloudflare/wrangler-action@9acf94ace14e7dc412b076f2c5c20b8ce93c79cd # v3
         with:
           accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
           apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}

.forgejo/workflows/element.yml

@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: 📦 Setup Node.js
-        uses: https://github.com/actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: https://github.com/actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version: "22"
 
@@ -121,7 +121,7 @@ jobs:
       - name: 🚀 Deploy to Cloudflare Pages
         if: vars.CLOUDFLARE_PROJECT_NAME != ''
         id: deploy
-        uses: https://github.com/cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3
+        uses: https://github.com/cloudflare/wrangler-action@9acf94ace14e7dc412b076f2c5c20b8ce93c79cd # v3
         with:
           accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
           apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}

.forgejo/workflows/mirror-images.yml

@@ -55,7 +55,7 @@ jobs:
       #     repositories: continuwuity
 
       - name: Install regsync
-        uses: https://github.com/regclient/actions/regsync-installer@f07124ffba4b0cbf96b2a666d481ed9d44b5e7e4 # main
+        uses: https://github.com/regclient/actions/regsync-installer@f3c6d87835906c175eb6ccfc18b348b69bb447e7 # main
 
       - name: Check what images need mirroring
         run: |

.forgejo/workflows/release-image.yml

@@ -9,6 +9,9 @@ on:
     paths-ignore:
       - "*.md"
       - "**/*.md"
+      - "*.mdx"
+      - "**/*.mdx"
+      - "changelog.d/**"
       - ".gitlab-ci.yml"
       - ".gitignore"
       - "renovate.json"
@@ -197,8 +200,10 @@ jobs:
           registry_password: ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}
 
   mirror_images:
+    name: "Mirror Images"
+    runs-on: ubuntu-latest
     needs:
       - merge-maxperf
       - merge-release
-    runs-on: ubuntu-latest
+    secrets: inherit
     uses: ./.forgejo/workflows/mirror-images.yml

.forgejo/workflows/renovate.yml

@@ -55,7 +55,7 @@ jobs:
         run: /usr/local/renovate/node -e 'console.log(`node heap limit = ${require("v8").getHeapStatistics().heap_size_limit / (1024 * 1024)} Mb`)'
 
       - name: Restore renovate repo cache
-        uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /tmp/renovate/cache/renovate/repository
@@ -64,7 +64,7 @@ jobs:
             renovate-repo-cache-
 
       - name: Restore renovate package cache
-        uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /tmp/renovate/cache/renovate/renovate-cache-sqlite
@@ -73,7 +73,7 @@ jobs:
             renovate-package-cache-
 
       - name: Restore renovate OSV cache
-        uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /tmp/osv
@@ -109,7 +109,7 @@ jobs:
       - name: Save renovate repo cache
         if: always()
         uses:
-          actions/cache/save@v4
+          actions/cache/save@v5
         with:
           path: |
             /tmp/renovate/cache/renovate/repository
@@ -117,7 +117,7 @@ jobs:
 
       - name: Save renovate package cache
         if: always()
-        uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /tmp/renovate/cache/renovate/renovate-cache-sqlite
@@ -125,7 +125,7 @@ jobs:
 
       - name: Save renovate OSV cache
         if: always()
-        uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4
+        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
         with:
           path: |
             /tmp/osv

.pre-commit-config.yaml

@@ -24,7 +24,7 @@ repos:
         - id: check-added-large-files
 
   - repo: https://github.com/crate-ci/typos
-    rev: v1.45.0
+    rev: v1.45.1
     hooks:
       - id: typos
       - id: typos

CHANGELOG.md

@@ -1,3 +1,45 @@
+# Continuwuity v0.5.7 (2026-04-17)
+
+## Features
+
+- Re-added support for reading registration tokens from a file. Contributed by @ginger and @benbot. (#1371)
+- Add new config option to allow or disallow search engine indexing through a `<meta ../>` tag. Defaults to blocking indexing (`content="noindex"`). Contributed by @s1lv3r and @ginger. (#1527)
+- Add new config option for [MSC4439](https://github.com/matrix-org/matrix-spec-proposals/pull/4439)
+  PGP key URIs. Contributed by LogN. (#1609)
+- Added `!admin users reset-push-rules` command to reset the notification settings of users. Contributed by @nex. (#1613)
+- Notification pushers are now automatically removed when their associated device is. Admin commands now exist for manual cleanup too. Contributed by @nex. (#1614)
+- Implemented option to deprioritize servers for room join requests. Contributed by @ezera. (#1624)
+- Added admin commands to get build information and features. Contributed by @Jade (#1629)
+- Added support for associating email addresses with accounts, requiring email addresses for registration, and resetting passwords via email. Contributed by @ginger
+- Added support for requiring users to accept terms and conditions when registering.
+- Added support for using an admin command to issue self-service password reset links.
+
+## Bugfixes
+
+- Fixed corrupted appservice registrations causing the server to enter a crash loop. Contributed by @nex. (#1265)
+- Prevent removing the admin room alias (`#admins`) to avoid accidentally breaking admin room functionality. Contributed by @0xnim (#1448)
+- Stripped `join_authorised_via_users_server` from json if user is already in room (@partha:cxy.run) (#1542)
+- Fixed internal server errors for fetching thumbnails. Contributed by @PerformativeJade (#1572)
+- Fixed error 500 when joining non-existent rooms. Contributed by @ezera. (#1579)
+- Refactored nix package. Breaking, since `all-features` package no longer exists. Continuwuity is now built with jemalloc and liburing by default. Contributed by @Henry-Hiles (QuadRadical). (#1596)
+- Fixed resolving IP of servers that only use SRV delegation. Contributed by @tulir. (#1615)
+- Fixed "Sender must be a local user" error for make_join, make_knock, and make_leave federation routes. Contributed by @nex. (#1623)
+- Fixed restricted joins not being signed when we are being used as an authorising server. Contributed by @nex, reported by [vel](matrix:u/vel:nhjkl.com?action=chat). (#1630)
+- Fixed room alias deletion so removing one local alias no longer removes other aliases from room alias listings.
+- Stopped left rooms from being unconditionally sent on initial sync, hopefully fixing spurious appearances of left rooms in some clients (and making sync faster as a bonus). Contributed by @ginger
+- Correct the response field name for MatrixRTC transports. Contributed by @spaetz
+
+## Improved Documentation
+
+- Added Testing and Troubleshooting instructions for Livekit documentation. Contributed by @stratself. (#1429)
+- Refactored docker docs to include new initial token workflow, and add Caddyfile example. Contributed by @stratself. (#1594)
+- Add DNS tuning guide for Continuwuity. Users are recommended to set up a local caching resolver following the guide's advice. Contributed by @stratself (#1601)
+
+## Misc
+
+- Fixed compiler warning in cf_opts.rs when building in release. Contributed by @ezera. (#1620)
+
+
 # Continuwuity 0.5.6 (2026-03-03)
 
 ## Security

Cargo.lock

@@ -848,9 +848,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.6.0"
+version = "4.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b193af5b67834b676abd72466a96c1024e6a6ad978a1f484bd90b85c94041351"
+checksum = "1ddb117e43bbf7dacf0a4190fef4d345b9bad68dfc649cb349e7d17d28428e51"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -868,9 +868,9 @@ dependencies = [
 
 [[package]]
 name = "clap_derive"
-version = "4.6.0"
+version = "4.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1110bd8a634a1ab8cb04345d8d878267d57c3cf1b38d91b71af6686408bbca6a"
+checksum = "f2ce8604710f6733aa641a2b3731eaa1e8b3d9973d5e3565da11800813f997a9"
 dependencies = [
  "heck",
  "proc-macro2",
@@ -936,7 +936,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "clap",
  "conduwuit_admin",
@@ -970,7 +970,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_admin"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "clap",
  "conduwuit_api",
@@ -993,7 +993,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_api"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "async-trait",
  "axum",
@@ -1028,7 +1028,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_build_metadata"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "built",
  "cargo_metadata",
@@ -1036,7 +1036,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_core"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "argon2",
  "arrayvec",
@@ -1100,7 +1100,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_database"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "async-channel",
  "conduwuit_core",
@@ -1120,7 +1120,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_macros"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "cargo_toml",
  "itertools 0.14.0",
@@ -1131,7 +1131,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_router"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "axum",
  "axum-client-ip",
@@ -1167,7 +1167,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_service"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "askama",
  "async-trait",
@@ -1203,7 +1203,7 @@ dependencies = [
  "serde",
  "serde-saphyr",
  "serde_json",
- "sha2",
+ "sha2 0.11.0",
  "termimad",
  "tokio",
  "tracing",
@@ -1214,7 +1214,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_web"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "askama",
  "async-trait",
@@ -1300,7 +1300,7 @@ dependencies = [
 [[package]]
 name = "continuwuity-admin-api"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "ruma-common",
  "serde",
@@ -1541,9 +1541,9 @@ dependencies = [
 
 [[package]]
 name = "ctor"
-version = "0.9.1"
+version = "0.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1c888a2a4f677017373fb6c01e13e318dd9e78758445ed5eb985e355d3f8281"
+checksum = "95d0d11eb38e7642efca359c3cf6eb7b2e528182d09110165de70192b0352775"
 dependencies = [
  "ctor-proc-macro",
  "dtor",
@@ -1765,7 +1765,7 @@ dependencies = [
 [[package]]
 name = "draupnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "ruma-common",
  "serde",
@@ -1774,9 +1774,9 @@ dependencies = [
 
 [[package]]
 name = "dtor"
-version = "0.6.0"
+version = "0.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "30e4690622ab6700ced40fc370a3f07b7d111f0154bb6fb08f73b4c8834f75b6"
+checksum = "17f72721db8027a4e96dd6fb50d2a1d32259c9d3da1b63dee612ccd981e14293"
 dependencies = [
  "dtor-proc-macro",
 ]
@@ -1813,7 +1813,7 @@ dependencies = [
  "ed25519",
  "rand_core 0.6.4",
  "serde",
- "sha2",
+ "sha2 0.10.9",
  "subtle",
  "zeroize",
 ]
@@ -1906,7 +1906,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
 dependencies = [
  "libc",
- "windows-sys 0.61.2",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -3118,9 +3118,9 @@ dependencies = [
 
 [[package]]
 name = "link-section"
-version = "0.0.12"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f52437d47b0358721ec869cc7374b2a21f7b2237af9b439c0391341a1fbfbf1b"
+checksum = "468808413fa8bdf0edbe61c2bbc182dfc59885b94f496cf3fb42c9c96b1e0149"
 
 [[package]]
 name = "linked-hash-map"
@@ -3293,7 +3293,7 @@ dependencies = [
 [[package]]
 name = "meowlnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "ruma-common",
  "serde",
@@ -3475,7 +3475,7 @@ version = "0.50.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7957b9740744892f114936ab4a57b3f487491bbeafaf8083688b16841a4240e5"
 dependencies = [
- "windows-sys 0.61.2",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -4581,7 +4581,7 @@ dependencies = [
 [[package]]
 name = "ruma"
 version = "0.10.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "assign",
  "continuwuity-admin-api",
@@ -4604,7 +4604,7 @@ dependencies = [
 [[package]]
 name = "ruma-appservice-api"
 version = "0.10.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4616,7 +4616,7 @@ dependencies = [
 [[package]]
 name = "ruma-client-api"
 version = "0.18.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "as_variant",
  "assign",
@@ -4639,7 +4639,7 @@ dependencies = [
 [[package]]
 name = "ruma-common"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "as_variant",
  "base64 0.22.1",
@@ -4671,7 +4671,7 @@ dependencies = [
 [[package]]
 name = "ruma-events"
 version = "0.28.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "as_variant",
  "indexmap",
@@ -4696,7 +4696,7 @@ dependencies = [
 [[package]]
 name = "ruma-federation-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "bytes",
  "headers",
@@ -4718,7 +4718,7 @@ dependencies = [
 [[package]]
 name = "ruma-identifiers-validation"
 version = "0.9.5"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "js_int",
  "thiserror 2.0.18",
@@ -4727,7 +4727,7 @@ dependencies = [
 [[package]]
 name = "ruma-identity-service-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4737,7 +4737,7 @@ dependencies = [
 [[package]]
 name = "ruma-macros"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "cfg-if",
  "proc-macro-crate",
@@ -4752,7 +4752,7 @@ dependencies = [
 [[package]]
 name = "ruma-push-gateway-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4764,7 +4764,7 @@ dependencies = [
 [[package]]
 name = "ruma-signatures"
 version = "0.15.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=1415caf8a32af4d943580c5ea4e12be1974593c2#1415caf8a32af4d943580c5ea4e12be1974593c2"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=d00b51a8669b21689c4eb47fb81f3a8b27c3e371#d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 dependencies = [
  "base64 0.22.1",
  "ed25519-dalek",
@@ -4773,7 +4773,7 @@ dependencies = [
  "rand_core 0.6.4",
  "ruma-common",
  "serde_json",
- "sha2",
+ "sha2 0.10.9",
  "subslice",
  "thiserror 2.0.18",
 ]
@@ -4845,7 +4845,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys",
- "windows-sys 0.61.2",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -5314,6 +5314,17 @@ dependencies = [
  "digest 0.10.7",
 ]
 
+[[package]]
+name = "sha2"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "446ba717509524cb3f22f17ecc096f10f4822d76ab5c0b9822c5f9c284e825f4"
+dependencies = [
+ "cfg-if",
+ "cpufeatures 0.3.0",
+ "digest 0.11.2",
+]
+
 [[package]]
 name = "sha256"
 version = "1.6.0"
@@ -5323,7 +5334,7 @@ dependencies = [
  "async-trait",
  "bytes",
  "hex",
- "sha2",
+ "sha2 0.10.9",
  "tokio",
 ]
 
@@ -5435,7 +5446,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e"
 dependencies = [
  "libc",
- "windows-sys 0.61.2",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -5738,9 +5749,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.51.1"
+version = "1.52.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f66bf9585cda4b724d3e78ab34b73fb2bbaba9011b9bfdf69dc836382ea13b8c"
+checksum = "b67dee974fe86fd92cc45b7a95fdd2f99a36a6d7b0d431a231178d3d670bbcc6"
 dependencies = [
  "bytes",
  "libc",
@@ -6567,7 +6578,7 @@ version = "0.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22"
 dependencies = [
- "windows-sys 0.61.2",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -6909,7 +6920,7 @@ dependencies = [
 
 [[package]]
 name = "xtask"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 dependencies = [
  "askama",
  "cargo_metadata",

Cargo.toml

@@ -12,7 +12,7 @@ license = "Apache-2.0"
 # See also `rust-toolchain.toml`
 readme = "README.md"
 repository = "https://forgejo.ellis.link/continuwuation/continuwuity"
-version = "0.5.7-alpha.1"
+version = "0.5.7"
 
 [workspace.metadata.crane]
 name = "conduwuit"
@@ -39,7 +39,7 @@ features = ["ffi", "std", "union"]
 version = "0.7.0"
 
 [workspace.dependencies.ctor]
-version = "0.9.0"
+version = "0.10.0"
 
 [workspace.dependencies.cargo_toml]
 version = "0.22"
@@ -344,7 +344,7 @@ version = "0.1.2"
 [workspace.dependencies.ruma]
 git = "https://forgejo.ellis.link/continuwuation/ruwuma"
 #branch = "conduwuit-changes"
-rev = "1415caf8a32af4d943580c5ea4e12be1974593c2"
+rev = "d00b51a8669b21689c4eb47fb81f3a8b27c3e371"
 features = [
     "compat",
     "rand",
@@ -400,7 +400,7 @@ features = [
 ]
 
 [workspace.dependencies.sha2]
-version = "0.10.8"
+version = "0.11.0"
 default-features = false
 
 [workspace.dependencies.sha1]

changelog.d/+1770db35.feature.md

@@ -1 +0,0 @@
-Added support for associating email addresses with accounts, requiring email addresses for registration, and resetting passwords via email. Contributed by @ginger

changelog.d/+6368729a.feature.md

@@ -1 +0,0 @@
-Added support for using an admin command to issue self-service password reset links.

changelog.d/+6e57599d.bugfix.md

@@ -1 +0,0 @@
-Stopped left rooms from being unconditionally sent on initial sync, hopefully fixing spurious appearances of left rooms in some clients (and making sync faster as a bonus). Contributed by @ginger

changelog.d/+7409b1db.feature.md

@@ -1 +0,0 @@
-Added support for requiring users to accept terms and conditions when registering.

changelog.d/+alias-enumeration-delete.bugfix.md

@@ -1 +0,0 @@
-Fixed room alias deletion so removing one local alias no longer removes other aliases from room alias listings.

changelog.d/1265.bugfix

@@ -1 +0,0 @@
-Fixed corrupted appservice registrations causing the server to enter a crash loop. Contributed by @nex.

changelog.d/1371.feature.md

@@ -1 +0,0 @@
-Re-added support for reading registration tokens from a file. Contributed by @ginger and @benbot.

changelog.d/1429.doc

@@ -1 +0,0 @@
-Added Testing and Troubleshooting instructions for Livekit documentation. Contributed by @stratself.

changelog.d/1448.bugfix

@@ -1 +0,0 @@
-Prevent removing the admin room alias (`#admins`) to avoid accidentally breaking admin room functionality. Contributed by @0xnim

changelog.d/1527.feature.md

@@ -1 +0,0 @@
-Add new config option to allow or disallow search engine indexing through a `<meta ../>` tag. Defaults to blocking indexing (`content="noindex"`). Contributed by @s1lv3r and @ginger.

changelog.d/1542.bugfix.md

@@ -1 +0,0 @@
-Stripped `join_authorised_via_users_server` from json if user is already in room (@partha:cxy.run)

changelog.d/1572.bugfix

@@ -1 +0,0 @@
-Fixed internal server errors for fetching thumbnails. Contributed by @PerformativeJade

changelog.d/1579.bugfix

@@ -1 +0,0 @@
-Fixed error 500 when joining non-existent rooms. Contributed by @ezera.

changelog.d/1594.doc

@@ -1 +0,0 @@
-Refactored docker docs to include new initial token workflow, and add Caddyfile example. Contributed by @stratself.

changelog.d/1596.bugfix

@@ -1 +0,0 @@
-Refactored nix package. Breaking, since `all-features` package no longer exists. Continuwuity is now built with jemalloc and liburing by default. Contributed by @Henry-Hiles (QuadRadical).

changelog.d/1601.doc

@@ -1 +0,0 @@
-Add DNS tuning guide for Continuwuity. Users are recommended to set up a local caching resolver following the guide's advice. Contributed by @stratself

changelog.d/1609.feature.md

@@ -1,2 +0,0 @@
-Add new config option for [MSC4439](https://github.com/matrix-org/matrix-spec-proposals/pull/4439)
-PGP key URIs. Contributed by LogN.

changelog.d/1613.feature

@@ -1 +0,0 @@
-Added `!admin users reset-push-rules` command to reset the notification settings of users. Contributed by @nex.

changelog.d/1614.feature

@@ -1 +0,0 @@
-Notification pushers are now automatically removed when their associated device is. Admin commands now exist for manual cleanup too. Contributed by @nex.

changelog.d/1615.bugfix

@@ -1 +0,0 @@
-Fixed resolving IP of servers that only use SRV delegation. Contributed by @tulir.

changelog.d/1620.misc

@@ -1 +0,0 @@
-Fixed compiler warning in cf_opts.rs when building in release. Contributed by @ezera.

changelog.d/1622.doc

@@ -0,0 +1 @@
+Updated config docs to state we support room version 12, and set it as default. Contributed by @ezera.

changelog.d/1623.bugfix

@@ -1 +0,0 @@
-Fixed "Sender must be a local user" error for make_join, make_knock, and make_leave federation routes. Contributed by @nex.

changelog.d/1629.feature.md

@@ -1 +0,0 @@
-Added admin commands to get build information and features. Contributed by @Jade

changelog.d/1630.bugfix

@@ -1 +0,0 @@
-Fixed restricted joins not being signed when we are being used as an authorising server. Contributed by @nex, reported by [vel](matrix:u/vel:nhjkl.com?action=chat).

conduwuit-example.toml

@@ -619,7 +619,7 @@
 # Set to false to disable users from joining or creating room versions
 # that aren't officially supported by continuwuity.
 #
-# continuwuity officially supports room versions 6 - 11.
+# continuwuity officially supports room versions 6 - 12.
 #
 # continuwuity has slightly experimental (though works fine in practice)
 # support for versions 3 - 5.
@@ -631,9 +631,9 @@
 # rather than an integer. Forgetting the quotes will make the server fail
 # to start!
 #
-# Per spec, room version "11" is the default.
+# Per spec, room version "12" is the default.
 #
-#default_room_version = "11"
+#default_room_version = "12"
 
 # Enable OpenTelemetry OTLP tracing export. This replaces the deprecated
 # Jaeger exporter. Traces will be sent via OTLP to a collector (such as
@@ -1409,6 +1409,20 @@
 #
 #ignore_messages_from_server_names = []
 
+# List of server names that continuwuity will deprioritize (try last) when
+# a client requests to join a room.
+#
+# This can be used to potentially speed up room join requests, by
+# deprioritizing sending join requests through servers that are known to
+# be large or slow.
+#
+# continuwuity will still send join requests to servers in this list if
+# the room couldn't be joined via other servers it federates with.
+#
+# example: ["example.com"]
+#
+#deprioritize_joins_through_servers = []
+
 # Send messages from users that the user has ignored to the client.
 #
 # There is no way for clients to receive messages sent while a user was

docker/Dockerfile

@@ -48,7 +48,7 @@ EOF
 
 # Developer tool versions
 # renovate: datasource=github-releases depName=cargo-bins/cargo-binstall
-ENV BINSTALL_VERSION=1.18.0
+ENV BINSTALL_VERSION=1.18.1
 # renovate: datasource=github-releases depName=psastras/sbom-rs
 ENV CARGO_SBOM_VERSION=0.9.1
 # renovate: datasource=crate depName=lddtree

docker/musl.Dockerfile

@@ -18,7 +18,7 @@ RUN --mount=type=cache,target=/etc/apk/cache apk add \
 
 # Developer tool versions
 # renovate: datasource=github-releases depName=cargo-bins/cargo-binstall
-ENV BINSTALL_VERSION=1.18.0
+ENV BINSTALL_VERSION=1.18.1
 # renovate: datasource=github-releases depName=psastras/sbom-rs
 ENV CARGO_SBOM_VERSION=0.9.1
 # renovate: datasource=crate depName=lddtree

docs/_meta.json

@@ -69,11 +69,6 @@
         "label": "Configuration Reference",
         "name": "/reference/config"
     },
-    {
-        "type": "file",
-        "label": "Environment Variables",
-        "name": "/reference/environment-variables"
-    },
     {
         "type": "dir",
         "label": "Admin Command Reference",

docs/advanced/delegation.mdx

@@ -18,12 +18,14 @@ ## Configuration
 ```toml
 [global.well_known]
 
+# defaults to port :443 if not specified
 client = "https://matrix.example.com"
 
 # port number MUST be specified
 server = "matrix.example.com:443"
 
 # (optional) customize your support contacts
+# Defaults to members of the admin room if unset
 #support_page =
 #support_role = "m.role.admin"
 #support_email =
@@ -42,9 +44,13 @@ # (optional) customize your support contacts
         client=https://matrix.example.com,
         server=matrix.example.com:443
         }
+
+      # You can also configure individual `.well-knowns` like this
+      # CONTINUWUITY_WELL_KNOWN__CLIENT: https://matrix.example.com
+      # CONTINUWUITY_WELL_KNOWN__SERVER: matrix.example.com:443
 ```
 
-## Serving with a reverse proxy
+## Reverse proxying well-known files to Continuwuity
 
 After doing the steps above, Continuwuity will serve these 3 JSON files:
 
@@ -94,9 +100,7 @@ ## Serving with a reverse proxy
 <summary>`https://example.com/.well-known/matrix/server`</summary>
 
 ```json
-{
-  "m.server": "matrix.example.com:443"
-}
+{ "m.server": "matrix.example.com:443" }
 ```
 
 </details>
@@ -115,12 +119,57 @@ ## Serving with a reverse proxy
 
 </details>
 
+### Serving well-known files manually
+
+Instead of configuring `[global.well_known]` options and reverse proxying well-known URIs, you can serve these files directly as static JSON that match the ones above. This is useful if your base domain points to a different physical server, and reverse proxying isn't feasible.
+
+<details>
+
+<summary>Example Caddyfile **for the base domain**</summary>
+
+```
+https://example.com {
+
+    respond /.well-known/matrix/server 200 {
+        body `{"m.server":"matrix.example.com:443"}`
+    }
+
+    handle /.well-known/matrix/client {
+    header Access-Control-Allow-Origin *
+    respond <<JSON
+    {
+        "m.homeserver": {
+            "base_url": "https://matrix.example.com/"
+        }
+    }
+    JSON
+    }
+}
+```
+
+</details>
+
+Remember to set the `Access-Control-Allow-Origin: *` header in your `/.well-known/matrix/client` path for web clients to work.
+
 ## Troubleshooting
 
+Check with the [Matrix Connectivity Tester][federation-tester] to see that it's working.
+
+[federation-tester]: https://federationtester.mtrnord.blog/
+
 ### Cannot log in with web clients
 
 Make sure there is an `Access-Control-Allow-Origin: *` header in your `/.well-known/matrix/client` path. While Continuwuity serves this header by default, it may be dropped by reverse proxies or other middlewares.
 
+### Issues with alternative setups
+
+As Matrix clients prioritize well-known URIs for their destination, this can lead to issues with alternative methods of accessing the server that doesn't use a publicly routeable IP and domain name. You will probably find yourself connecting to non-existent/undesired URLs in certain cases like:
+
+- Accessing to the server via localhost IPs (e.g. for testing purposes)
+- Accessing the server from behind a VPN, or from alternative networks (such as from an onionsite)
+
+In these scenarios, further configurations would be needed. Refer to the [Related Documentation](#related-documentation) section for resolution steps and see how they could apply to your use case.
+
 ---
 
 ## Using SRV records (not recommended)

docs/configuration.mdx

@@ -2,66 +2,90 @@ # Configuration
 
 This chapter describes various ways to configure Continuwuity.
 
-## Basics
+## Configuration file
 
-Continuwuity uses a config file for the majority of the settings, but also supports
-setting individual config options via commandline.
+Continuwuity uses a TOML config file for all of its settings. This is the recommended way to configure Continuwuity. Please refer to the [example config file](./reference/config.mdx) for all of these settings.
 
-Please refer to the [example config
-file](./reference/config.mdx) for all of those
-settings.
+You can specify the config file to be used by Continuwuity with the command-line flag `-c` or `--config`:
 
-The config file to use can be specified on the commandline when running
-Continuwuity by specifying the `-c`, `--config` flag. Alternatively, you can use
-the environment variable `CONTINUWUITY_CONFIG` to specify the config file to be
-used; see [the section on environment variables](#environment-variables) for
-more information.
+```bash
+./conduwuit -c /path/to/continuwuity.toml
+```
 
-## Option commandline flag
+Alternatively, you can use the environment variable `CONTINUWUITY_CONFIG` to specify the config file to be used; see [the section on environment variables](#environment-variables) for more information.
 
-Continuwuity supports setting individual config options in TOML format from the
-`-O` / `--option` flag. For example, you can set your server name via `-O
-server_name=\"example.com\"`.
+## Environment variables
+
+All of the options in the config file can also be specified by using environment variables. This is ideal for containerised deployments and infrastructure-as-code scenarios.
+
+The environment variable names are represented in all caps and prefixed with `CONTINUWUITY_`. They are mapped to config options in the ways demonstrated below:
+
+```bash
+# Top-level options (those inside the [global] section) are simply capitalised
+CONTINUWUITY_SERVER_NAME="matrix.example.com"
+CONTINUWUITY_PORT="8008"
+CONTINUWUITY_DATABASE_PATH="/var/lib/continuwuity"
+
+# Nested config sections use double underscores `__`
+
+# This maps to the `server` field of the [global.well_known] section in TOML
+CONTINUWUITY_WELL_KNOWN__SERVER="example.com:443"
+
+# This maps to the `base_url` field of the `[global.antispam.draupnir]` section in TOML
+CONTINUWUITY_ANTISPAM__DRAUPNIR__BASE_URL="https://draupnir.example.com"
+
+# Alternatively, you can pass a (quoted) struct to define an entire section
+# This maps to the [global.well_known] section
+CONTINUWUITY_WELL_KNOWN="{ client=https://example.com,server=example.com:443 }"
+```
+
+### Alternative prefixes
+
+For backwards compatibility, Continuwuity also supports the following environment variable prefixes, in order of descending priority:
+
+- `CONDUWUIT_*` (compatibility)
+- `CONDUIT_*` (legacy)
+
+As an example, the environment variable `CONTINUWUITY_CONFIG` can also be expressed as `CONDUWUIT_CONFIG` or `CONDUIT_CONFIG`.
+
+## Option command-line flag
+
+Continuwuity also supports setting individual config options in TOML format from the `-O` / `--option` flag. For example, you can set your server name via `-O server_name=\"example.com\"`.
+
+Note that the config is parsed as TOML, and shells like `bash` will remove quotes. Therefore, if the config option is a string, quote escapes must be properly handled. If the config option is a number or a boolean, this does not apply.
 
-Note that the config is parsed as TOML, and shells like bash will remove quotes.
-So unfortunately it is required to escape quotes if the config option takes a
-string. This does not apply to options that take booleans or numbers:
 - `--option allow_registration=true` works ✅
 - `-O max_request_size=99999999` works ✅
 - `-O server_name=example.com` does not work ❌
 - `--option log=\"debug\"` works ✅
 - `--option server_name='"example.com'"` works ✅
 
-## Execute commandline flag
+## Order of priority
 
-Continuwuity supports running admin commands on startup using the commandline
-argument `--execute`. The most notable use for this is to create an admin user
-on first startup.
+The above configuration methods are prioritised, in descending order, as below:
 
-The syntax of this is a standard admin command without the prefix such as
-`./conduwuit --execute "users create_user june"`
+- Command-line `-o`/`--option` flags
+- Environment variables
+    - `CONTINUWUITY_*` variables
+    - `CONDUWUIT_*` variables
+    - `CONDUIT_*` variables
+- Config file
 
-An example output of a success is:
-```
+Therefore, you can use environment variables or the options flags to override values in the config file.
+
+---
+
+## Executing startup commands
+
+Continuwuity supports running admin commands on startup using the command-line flag `--execute`. This is treated as a standard admin command, without the need for the `!admin` prefix. For example, to create a new user:
+
+```bash
+# Equivalent to `!admin users create_user june`
+./conduwuit --execute "users create_user june"
 INFO conduwuit_service::admin::startup: Startup command #0 completed:
 Created user with user_id: @june:girlboss.ceo and password: `<redacted>`
 ```
 
-This commandline argument can be paired with the `--option` flag.
+Alternatively, you can configure `CONTINUWUITY_ADMIN_EXECUTE` or the config file value `admin_execute` with a list of commands.
 
-## Environment variables
-
-All of the settings that are found in the config file can be specified by using
-environment variables. The environment variable names should be all caps and
-prefixed with `CONTINUWUITY_`.
-
-For example, if the setting you are changing is `max_request_size`, then the
-environment variable to set is `CONTINUWUITY_MAX_REQUEST_SIZE`.
-
-To modify config options not in the `[global]` context such as
-`[global.well_known]`, use the `__` suffix split:
-`CONTINUWUITY_WELL_KNOWN__SERVER`
-
-Conduit and conduwuit's environment variables are also supported for backwards
-compatibility, via the `CONDUIT_` and `CONDUWUIT_` prefixes respectively (e.g.
-`CONDUIT_SERVER_NAME`).
+This command-line argument can be paired with the `--option` flag.

docs/deploying/docker.mdx

@@ -152,7 +152,7 @@ #### For other reverse proxies
 
 ### Starting Your Server
 
-1. Choose your compose file from the above, and rename it to `docker-compose.yml`. Edit values as you see fit.
+1. Choose your compose file from the above, and rename it to `docker-compose.yml`. Replace `example.com` with your homeserver's domain name, and edit other values as you see fit.
 2. If using the override file, rename it to `docker-compose.override.yml` and
    edit your values.
 3. Start the server:

docs/public/.well-known/continuwuity/announcements

@@ -6,10 +6,10 @@
             "message": "Welcome to Continuwuity! Important announcements about the project will appear here."
         },
         {
-            "id": 10,
+            "id": 11,
             "mention_room": false,
-            "date": "2026-03-03",
-            "message": "We've just released [v0.5.6](https://forgejo.ellis.link/continuwuation/continuwuity/releases/tag/v0.5.6), which contains a few  security improvements - plus significant reliability and performance improvements. Please update as soon as possible. \n\nWe released [v0.5.5](https://forgejo.ellis.link/continuwuation/continuwuity/releases/tag/v0.5.5) two weeks ago, but it skipped your admin room straight to [our announcements channel](https://matrix.to/#/!jIdNjSM5X-V5JVx2h2kAhUZIIQ08GyzPL55NFZAH1vM?via=ellis.link&via=gingershaped.computer&via=matrix.org). Make sure you're there to get important information as soon as we announce it! [Our space](https://matrix.to/#/!8cR4g-i9ucof69E4JHNg9LbPVkGprHb3SzcrGBDDJgk?via=continuwuity.org&via=ellis.link&via=matrix.org) has also gained a bunch of new and interesting rooms - be there or be square."
+            "date": "2026-04-17",
+            "message": "[v0.5.7](https://forgejo.ellis.link/continuwuation/continuwuity/releases/tag/v0.5.7) is out! Email verification! Terms and Conditions! Deleting notification pushers! So much good stuff. Go grab the release and read the changelog!"
         }
     ]
 }

docs/public/deploying/docker-compose.for-traefik.yml

@@ -13,7 +13,7 @@ services:
       - proxy
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.continuwuity.rule=(Host(`matrix.example.com`) || (Host(`example.com`) && PathPrefix(`/.well-known/matrix`)))"
+      - "traefik.http.routers.continuwuity.rule=(Host(`example.com`))"
       - "traefik.http.routers.continuwuity.entrypoints=websecure" # your HTTPS entry point
       - "traefik.http.routers.continuwuity.tls=true"
       - "traefik.http.routers.continuwuity.service=continuwuity"
@@ -21,7 +21,7 @@ services:
       # possibly, depending on your config:
       # - "traefik.http.routers.continuwuity.tls.certresolver=letsencrypt"
     environment:
-      CONTINUWUITY_SERVER_NAME: example.com # EDIT THIS
+      CONTINUWUITY_SERVER_NAME: example.com
       CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
       CONTINUWUITY_ADDRESS: 0.0.0.0
       CONTINUWUITY_PORT: 8008 # This must match with traefik's loadbalancer label

docs/public/deploying/docker-compose.override.yml

@@ -6,7 +6,7 @@ services:
       - "traefik.enable=true"
       - "traefik.docker.network=proxy"  # Change this to the name of your Traefik docker proxy network
 
-      - "traefik.http.routers.to-continuwuity.rule=Host(`matrix.example.com`)"  # Change to the address on which Continuwuity is hosted
+      - "traefik.http.routers.to-continuwuity.rule=Host(`example.com`)"  # Change to the address on which Continuwuity is hosted
       - "traefik.http.routers.to-continuwuity.tls=true"
       - "traefik.http.routers.to-continuwuity.tls.certresolver=letsencrypt"
       - "traefik.http.routers.to-continuwuity.middlewares=cors-headers@docker"

docs/public/deploying/docker-compose.with-caddy-labels.yml

@@ -14,9 +14,6 @@ services:
             - /var/run/docker.sock:/var/run/docker.sock
             - ./data:/data
         restart: unless-stopped
-        labels:
-            caddy: example.com
-            caddy.reverse_proxy: /.well-known/matrix/* homeserver:8008
 
     homeserver:
         image: forgejo.ellis.link/continuwuation/continuwuity:latest
@@ -27,7 +24,7 @@ services:
             - ./continuwuity-resolv.conf:/etc/resolv.conf # use custom resolvers rather than Docker's
             #- ./continuwuity.toml:/etc/continuwuity.toml
         environment:
-            CONTINUWUITY_SERVER_NAME: example.com # EDIT THIS
+            CONTINUWUITY_SERVER_NAME: example.com
             CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
             CONTINUWUITY_ADDRESS: 0.0.0.0
             CONTINUWUITY_PORT: 8008

docs/public/deploying/docker-compose.with-traefik.yml

@@ -13,12 +13,12 @@ services:
       - proxy
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.continuwuity.rule=(Host(`matrix.example.com`) || (Host(`example.com`) && PathPrefix(`/.well-known/matrix`)))"
+      - "traefik.http.routers.continuwuity.rule=(Host(`example.com`))"
       - "traefik.http.routers.continuwuity.entrypoints=websecure"
       - "traefik.http.routers.continuwuity.tls.certresolver=letsencrypt"
       - "traefik.http.services.continuwuity.loadbalancer.server.port=8008"
     environment:
-      CONTINUWUITY_SERVER_NAME: example.com # EDIT THIS
+      CONTINUWUITY_SERVER_NAME: example.com
       CONTINUWUITY_DATABASE_PATH: /var/lib/continuwuity
       CONTINUWUITY_ADDRESS: 0.0.0.0
       CONTINUWUITY_PORT: 8008 # This must match with traefik's loadbalancer label

docs/reference/_meta.json

@@ -4,11 +4,6 @@
         "name": "config",
         "label": "Configuration"
     },
-    {
-        "type": "file",
-        "name": "environment-variables",
-        "label": "Environment Variables"
-    },
     {
         "type": "file",
         "name": "admin",

docs/reference/environment-variables.mdx

@@ -1,281 +0,0 @@
-# Environment Variables
-
-Continuwuity can be configured entirely through environment variables, making it
-ideal for containerised deployments and infrastructure-as-code scenarios.
-
-This is a convenience reference and may not be exhaustive. The
-[Configuration Reference](./config.mdx) is the primary source for all
-configuration options.
-
-## Prefix System
-
-Continuwuity supports three environment variable prefixes for backwards
-compatibility:
-
-- `CONTINUWUITY_*` (current, recommended)
-- `CONDUWUIT_*` (compatibility)
-- `CONDUIT_*` (legacy)
-
-All three prefixes work identically. Use double underscores (`__`) to represent
-nested configuration sections from the TOML config.
-
-**Examples:**
-
-```bash
-# Simple top-level config
-CONTINUWUITY_SERVER_NAME="matrix.example.com"
-CONTINUWUITY_PORT="8008"
-
-# Nested config sections use double underscores
-# This maps to [database] section in TOML
-CONTINUWUITY_DATABASE__PATH="/var/lib/continuwuity"
-
-# This maps to [tls] section in TOML
-CONTINUWUITY_TLS__CERTS="/path/to/cert.pem"
-```
-
-## Configuration File Override
-
-You can specify a custom configuration file path:
-
-- `CONTINUWUITY_CONFIG` - Path to continuwuity.toml (current)
-- `CONDUWUIT_CONFIG` - Path to config file (compatibility)
-- `CONDUIT_CONFIG` - Path to config file (legacy)
-
-## Essential Variables
-
-These are the minimum variables needed for a working deployment:
-
-| Variable                     | Description                        | Default                |
-| ---------------------------- | ---------------------------------- | ---------------------- |
-| `CONTINUWUITY_SERVER_NAME`   | Your Matrix server's domain name   | Required               |
-| `CONTINUWUITY_DATABASE_PATH` | Path to RocksDB database directory | `/var/lib/conduwuit`   |
-| `CONTINUWUITY_ADDRESS`       | IP address to bind to              | `["127.0.0.1", "::1"]` |
-| `CONTINUWUITY_PORT`          | Port to listen on                  | `8008`                 |
-
-## Network Configuration
-
-| Variable                         | Description                                     | Default                |
-| -------------------------------- | ----------------------------------------------- | ---------------------- |
-| `CONTINUWUITY_ADDRESS`           | Bind address (use `0.0.0.0` for all interfaces) | `["127.0.0.1", "::1"]` |
-| `CONTINUWUITY_PORT`              | HTTP port                                       | `8008`                 |
-| `CONTINUWUITY_UNIX_SOCKET_PATH`  | UNIX socket path (alternative to TCP)           | -                      |
-| `CONTINUWUITY_UNIX_SOCKET_PERMS` | Socket permissions (octal)                      | `660`                  |
-
-## Database Configuration
-
-| Variable                                   | Description                 | Default              |
-| ------------------------------------------ | --------------------------- | -------------------- |
-| `CONTINUWUITY_DATABASE_PATH`               | RocksDB data directory      | `/var/lib/conduwuit` |
-| `CONTINUWUITY_DATABASE_BACKUP_PATH`        | Backup directory            | -                    |
-| `CONTINUWUITY_DATABASE_BACKUPS_TO_KEEP`    | Number of backups to retain | `1`                  |
-| `CONTINUWUITY_DB_CACHE_CAPACITY_MB`        | Database read cache (MB)    | -                    |
-| `CONTINUWUITY_DB_WRITE_BUFFER_CAPACITY_MB` | Write cache (MB)            | -                    |
-
-## Cache Configuration
-
-| Variable                                 | Description              |
-| ---------------------------------------- | ------------------------ |
-| `CONTINUWUITY_CACHE_CAPACITY_MODIFIER`   | LRU cache multiplier     |
-| `CONTINUWUITY_PDU_CACHE_CAPACITY`        | PDU cache entries        |
-| `CONTINUWUITY_AUTH_CHAIN_CACHE_CAPACITY` | Auth chain cache entries |
-
-## DNS Configuration
-
-Configure DNS resolution behaviour for federation and external requests.
-
-| Variable                             | Description                  | Default  |
-| ------------------------------------ | ---------------------------- | -------- |
-| `CONTINUWUITY_DNS_CACHE_ENTRIES`     | Max DNS cache entries        | `32768`  |
-| `CONTINUWUITY_DNS_MIN_TTL`           | Minimum cache TTL (seconds)  | `10800`  |
-| `CONTINUWUITY_DNS_MIN_TTL_NXDOMAIN`  | NXDOMAIN cache TTL (seconds) | `259200` |
-| `CONTINUWUITY_DNS_ATTEMPTS`          | Retry attempts               | -        |
-| `CONTINUWUITY_DNS_TIMEOUT`           | Query timeout (seconds)      | -        |
-| `CONTINUWUITY_DNS_TCP_FALLBACK`      | Allow TCP fallback           | -        |
-| `CONTINUWUITY_QUERY_ALL_NAMESERVERS` | Query all nameservers        | -        |
-| `CONTINUWUITY_QUERY_OVER_TCP_ONLY`   | TCP-only queries             | -        |
-
-## Request Configuration
-
-| Variable                             | Description                   |
-| ------------------------------------ | ----------------------------- |
-| `CONTINUWUITY_MAX_REQUEST_SIZE`      | Max HTTP request size (bytes) |
-| `CONTINUWUITY_REQUEST_CONN_TIMEOUT`  | Connection timeout (seconds)  |
-| `CONTINUWUITY_REQUEST_TIMEOUT`       | Overall request timeout       |
-| `CONTINUWUITY_REQUEST_TOTAL_TIMEOUT` | Total timeout                 |
-| `CONTINUWUITY_REQUEST_IDLE_TIMEOUT`  | Idle timeout                  |
-| `CONTINUWUITY_REQUEST_IDLE_PER_HOST` | Idle connections per host     |
-
-## Federation Configuration
-
-Control how your server federates with other Matrix servers.
-
-| Variable                                       | Description                   | Default |
-| ---------------------------------------------- | ----------------------------- | ------- |
-| `CONTINUWUITY_ALLOW_FEDERATION`                | Enable federation             | `true`  |
-| `CONTINUWUITY_FEDERATION_LOOPBACK`             | Allow loopback federation     | -       |
-| `CONTINUWUITY_FEDERATION_CONN_TIMEOUT`         | Connection timeout            | -       |
-| `CONTINUWUITY_FEDERATION_TIMEOUT`              | Request timeout               | -       |
-| `CONTINUWUITY_FEDERATION_IDLE_TIMEOUT`         | Idle timeout                  | -       |
-| `CONTINUWUITY_FEDERATION_IDLE_PER_HOST`        | Idle connections per host     | -       |
-| `CONTINUWUITY_TRUSTED_SERVERS`                 | JSON array of trusted servers | -       |
-| `CONTINUWUITY_QUERY_TRUSTED_KEY_SERVERS_FIRST` | Query trusted first           | -       |
-| `CONTINUWUITY_ONLY_QUERY_TRUSTED_KEY_SERVERS`  | Only query trusted            | -       |
-
-**Example:**
-
-```bash
-# Trust matrix.org for key verification
-CONTINUWUITY_TRUSTED_SERVERS='["matrix.org"]'
-```
-
-## Registration & User Configuration
-
-Control user registration and account creation behaviour.
-
-| Variable                                   | Description           | Default |
-| ------------------------------------------ | --------------------- | ------- |
-| `CONTINUWUITY_ALLOW_REGISTRATION`          | Enable registration   | `true`  |
-| `CONTINUWUITY_REGISTRATION_TOKEN`          | Token requirement     | -       |
-| `CONTINUWUITY_SUSPEND_ON_REGISTER`         | Suspend new accounts  | -       |
-| `CONTINUWUITY_NEW_USER_DISPLAYNAME_SUFFIX` | Display name suffix   | 🏳️‍⚧️      |
-| `CONTINUWUITY_RECAPTCHA_SITE_KEY`          | reCAPTCHA site key    | -       |
-| `CONTINUWUITY_RECAPTCHA_PRIVATE_SITE_KEY`  | reCAPTCHA private key | -       |
-
-**Example:**
-
-```bash
-# Disable open registration
-CONTINUWUITY_ALLOW_REGISTRATION="false"
-
-# Require a registration token
-CONTINUWUITY_REGISTRATION_TOKEN="your_secret_token_here"
-```
-
-## Feature Configuration
-
-| Variable                                                   | Description                | Default |
-| ---------------------------------------------------------- | -------------------------- | ------- |
-| `CONTINUWUITY_ALLOW_ENCRYPTION`                            | Enable E2EE                | `true`  |
-| `CONTINUWUITY_ALLOW_ROOM_CREATION`                         | Enable room creation       | -       |
-| `CONTINUWUITY_ALLOW_UNSTABLE_ROOM_VERSIONS`                | Allow unstable versions    | -       |
-| `CONTINUWUITY_DEFAULT_ROOM_VERSION`                        | Default room version       | `v11`   |
-| `CONTINUWUITY_REQUIRE_AUTH_FOR_PROFILE_REQUESTS`           | Auth for profiles          | -       |
-| `CONTINUWUITY_ALLOW_PUBLIC_ROOM_DIRECTORY_OVER_FEDERATION` | Federate directory         | -       |
-| `CONTINUWUITY_ALLOW_PUBLIC_ROOM_DIRECTORY_WITHOUT_AUTH`    | Unauth directory           | -       |
-| `CONTINUWUITY_ALLOW_DEVICE_NAME_FEDERATION`                | Device names in federation | -       |
-
-## TLS Configuration
-
-Built-in TLS support is primarily for testing. **For production deployments,
-especially when federating on the internet, use a reverse proxy** (Traefik,
-Caddy, nginx) to handle TLS termination.
-
-| Variable                          | Description               |
-| --------------------------------- | ------------------------- |
-| `CONTINUWUITY_TLS__CERTS`         | TLS certificate file path |
-| `CONTINUWUITY_TLS__KEY`           | TLS private key path      |
-| `CONTINUWUITY_TLS__DUAL_PROTOCOL` | Support TLS 1.2 + 1.3     |
-
-**Example (testing only):**
-
-```bash
-CONTINUWUITY_TLS__CERTS="/etc/letsencrypt/live/matrix.example.com/fullchain.pem"
-CONTINUWUITY_TLS__KEY="/etc/letsencrypt/live/matrix.example.com/privkey.pem"
-```
-
-## Logging Configuration
-
-Control log output format and verbosity.
-
-| Variable                       | Description        | Default |
-| ------------------------------ | ------------------ | ------- |
-| `CONTINUWUITY_LOG`             | Log filter level   | -       |
-| `CONTINUWUITY_LOG_COLORS`      | ANSI colours       | `true`  |
-| `CONTINUWUITY_LOG_SPAN_EVENTS` | Log span events    | `none`  |
-| `CONTINUWUITY_LOG_THREAD_IDS`  | Include thread IDs | -       |
-
-**Examples:**
-
-```bash
-# Set log level to info
-CONTINUWUITY_LOG="info"
-
-# Enable debug logging for specific modules
-CONTINUWUITY_LOG="warn,continuwuity::api=debug"
-
-# Disable colours for log aggregation
-CONTINUWUITY_LOG_COLORS="false"
-```
-
-## Observability Configuration
-
-| Variable                                 | Description           |
-| ---------------------------------------- | --------------------- |
-| `CONTINUWUITY_ALLOW_OTLP`                | Enable OpenTelemetry  |
-| `CONTINUWUITY_OTLP_FILTER`               | OTLP filter level     |
-| `CONTINUWUITY_OTLP_PROTOCOL`             | Protocol (http/grpc)  |
-| `CONTINUWUITY_TRACING_FLAME`             | Enable flame graphs   |
-| `CONTINUWUITY_TRACING_FLAME_FILTER`      | Flame graph filter    |
-| `CONTINUWUITY_TRACING_FLAME_OUTPUT_PATH` | Output directory      |
-| `CONTINUWUITY_SENTRY`                    | Enable Sentry         |
-| `CONTINUWUITY_SENTRY_ENDPOINT`           | Sentry DSN            |
-| `CONTINUWUITY_SENTRY_SEND_SERVER_NAME`   | Include server name   |
-| `CONTINUWUITY_SENTRY_TRACES_SAMPLE_RATE` | Sample rate (0.0-1.0) |
-
-## Admin Configuration
-
-Configure admin users and automated command execution.
-
-| Variable                                   | Description                      | Default           |
-| ------------------------------------------ | -------------------------------- | ----------------- |
-| `CONTINUWUITY_ADMINS_LIST`                 | JSON array of admin user IDs     | -                 |
-| `CONTINUWUITY_ADMINS_FROM_ROOM`            | Derive admins from room          | -                 |
-| `CONTINUWUITY_ADMIN_ESCAPE_COMMANDS`       | Allow `\` prefix in public rooms | -                 |
-| `CONTINUWUITY_ADMIN_CONSOLE_AUTOMATIC`     | Auto-activate console            | -                 |
-| `CONTINUWUITY_ADMIN_EXECUTE`               | JSON array of startup commands   | -                 |
-| `CONTINUWUITY_ADMIN_EXECUTE_ERRORS_IGNORE` | Ignore command errors            | -                 |
-| `CONTINUWUITY_ADMIN_SIGNAL_EXECUTE`        | Commands on SIGUSR2              | -                 |
-| `CONTINUWUITY_ADMIN_ROOM_TAG`              | Admin room tag                   | `m.server_notice` |
-
-**Examples:**
-
-```bash
-# Create admin user on startup
-CONTINUWUITY_ADMIN_EXECUTE='["users create-user admin", "users make-user-admin admin"]'
-
-# Specify admin users directly
-CONTINUWUITY_ADMINS_LIST='["@alice:example.com", "@bob:example.com"]'
-```
-
-## Media & URL Preview Configuration
-
-| Variable                                             | Description        |
-| ---------------------------------------------------- | ------------------ |
-| `CONTINUWUITY_URL_PREVIEW_BOUND_INTERFACE`           | Bind interface     |
-| `CONTINUWUITY_URL_PREVIEW_DOMAIN_CONTAINS_ALLOWLIST` | Domain allowlist   |
-| `CONTINUWUITY_URL_PREVIEW_DOMAIN_EXPLICIT_ALLOWLIST` | Explicit allowlist |
-| `CONTINUWUITY_URL_PREVIEW_DOMAIN_EXPLICIT_DENYLIST`  | Explicit denylist  |
-| `CONTINUWUITY_URL_PREVIEW_MAX_SPIDER_SIZE`           | Max fetch size     |
-| `CONTINUWUITY_URL_PREVIEW_TIMEOUT`                   | Fetch timeout      |
-| `CONTINUWUITY_IP_RANGE_DENYLIST`                     | IP range denylist  |
-
-## Tokio Runtime Configuration
-
-These can be set as environment variables or CLI arguments:
-
-| Variable                                  | Description                |
-| ----------------------------------------- | -------------------------- |
-| `TOKIO_WORKER_THREADS`                    | Worker thread count        |
-| `TOKIO_GLOBAL_QUEUE_INTERVAL`             | Global queue interval      |
-| `TOKIO_EVENT_INTERVAL`                    | Event interval             |
-| `TOKIO_MAX_IO_EVENTS_PER_TICK`            | Max I/O events per tick    |
-| `CONTINUWUITY_RUNTIME_HISTOGRAM_INTERVAL` | Histogram bucket size (μs) |
-| `CONTINUWUITY_RUNTIME_HISTOGRAM_BUCKETS`  | Bucket count               |
-| `CONTINUWUITY_RUNTIME_WORKER_AFFINITY`    | Enable worker affinity     |
-
-## See Also
-
-- [Configuration Reference](./config.mdx) - Complete TOML configuration
-  documentation
-- [Admin Commands](./admin/) - Admin command reference

package-lock.json

@@ -3297,9 +3297,9 @@
       "license": "0BSD"
     },
     "node_modules/typescript": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz",
-      "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==",
+      "version": "6.0.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz",
+      "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {

pkg/debian/README.md

@@ -6,7 +6,9 @@ ### Installation
 
 To add the Continuwuation apt repository:
 ```bash
-# Replace with `"dev"` for bleeding-edge builds at your own risk
+# Component `"stable"` contains all tagged releases. Use `"stable unstable"` to additionally include all pre-releases (alpha, beta, rc,...)
+# Replace with `"dev"` for bleeding-edge builds at your own risk, these contain
+# automatic nightly builds and might or might not work.
 export COMPONENT="stable"
 # Import the Continuwuation signing key
 sudo curl https://forgejo.ellis.link/api/packages/continuwuation/debian/repository.key -o /etc/apt/keyrings/forgejo-continuwuation.asc

src/api/client/membership/join.rs

@@ -113,6 +113,7 @@ pub(crate) async fn join_room_by_id_route(
 	servers.sort_unstable();
 	servers.dedup();
 	shuffle(&mut servers);
+	let servers = deprioritize(servers, &services.config.deprioritize_joins_through_servers);
 
 	join_room_by_id_helper(
 		&services,
@@ -241,6 +242,7 @@ pub(crate) async fn join_room_by_id_or_alias_route(
 		},
 	};
 
+	let servers = deprioritize(servers, &services.config.deprioritize_joins_through_servers);
 	let join_room_response = join_room_by_id_helper(
 		&services,
 		sender_user,
@@ -890,3 +892,59 @@ async fn make_join_request(
 	info!("All {} servers were unable to assist in joining {room_id} :(", servers.len());
 	Err!(BadServerResponse("No server available to assist in joining."))
 }
+
+/// Moves deprioritized servers (if any) to the back of the list.
+///
+/// No-op if we aren't given any servers to deprioritize.
+fn deprioritize(
+	servers: Vec<OwnedServerName>,
+	deprioritized: &[OwnedServerName],
+) -> Vec<OwnedServerName> {
+	if deprioritized.is_empty() {
+		return servers;
+	}
+
+	let (mut depr, mut servers): (Vec<_>, Vec<_>) =
+		servers.into_iter().partition(|s| deprioritized.contains(s));
+	servers.append(&mut depr);
+	servers
+}
+
+#[cfg(test)]
+mod tests {
+	use ruma::OwnedServerName;
+
+	use super::*;
+
+	#[test]
+	fn deprioritizing_servers_works() -> Result<(), Box<dyn std::error::Error>> {
+		let servers = vec![
+			"example.com".try_into()?,
+			"slow.invalid".try_into()?,
+			"example.org".try_into()?,
+		];
+		let depr = vec!["slow.invalid".try_into()?];
+		let expected: Vec<OwnedServerName> = vec![
+			"example.com".try_into()?,
+			"example.org".try_into()?,
+			"slow.invalid".try_into()?,
+		];
+
+		let servers = deprioritize(servers, &depr);
+		assert_eq!(servers, expected);
+		Ok(())
+	}
+
+	#[test]
+	fn empty_deprioritized_is_noop() -> Result<(), Box<dyn std::error::Error>> {
+		let servers = vec![
+			"example.com".try_into()?,
+			"slow.invalid".try_into()?,
+			"example.org".try_into()?,
+		];
+
+		let depr_servers = deprioritize(servers.clone(), &[]);
+		assert_eq!(depr_servers, servers);
+		Ok(())
+	}
+}

src/core/config/mod.rs

@@ -753,7 +753,7 @@ pub struct Config {
 	/// Set to false to disable users from joining or creating room versions
 	/// that aren't officially supported by continuwuity.
 	///
-	/// continuwuity officially supports room versions 6 - 11.
+	/// continuwuity officially supports room versions 6 - 12.
 	///
 	/// continuwuity has slightly experimental (though works fine in practice)
 	/// support for versions 3 - 5.
@@ -765,9 +765,9 @@ pub struct Config {
 	/// rather than an integer. Forgetting the quotes will make the server fail
 	/// to start!
 	///
-	/// Per spec, room version "11" is the default.
+	/// Per spec, room version "12" is the default.
 	///
-	/// default: "11"
+	/// default: "12"
 	#[serde(default = "default_default_room_version")]
 	pub default_room_version: RoomVersionId,
 
@@ -1630,6 +1630,22 @@ pub struct Config {
 	#[serde(default, with = "serde_regex")]
 	pub ignore_messages_from_server_names: RegexSet,
 
+	/// List of server names that continuwuity will deprioritize (try last) when
+	/// a client requests to join a room.
+	///
+	/// This can be used to potentially speed up room join requests, by
+	/// deprioritizing sending join requests through servers that are known to
+	/// be large or slow.
+	///
+	/// continuwuity will still send join requests to servers in this list if
+	/// the room couldn't be joined via other servers it federates with.
+	///
+	/// example: ["example.com"]
+	///
+	/// default: []
+	#[serde(default = "Vec::new")]
+	pub deprioritize_joins_through_servers: Vec<OwnedServerName>,
+
 	/// Send messages from users that the user has ignored to the client.
 	///
 	/// There is no way for clients to receive messages sent while a user was
@@ -2812,7 +2828,7 @@ fn default_rocksdb_stats_level() -> u8 { 1 }
 // I know, it's a great name
 #[must_use]
 #[inline]
-pub fn default_default_room_version() -> RoomVersionId { RoomVersionId::V11 }
+pub fn default_default_room_version() -> RoomVersionId { RoomVersionId::V12 }
 
 fn default_ip_range_denylist() -> Vec<String> {
 	vec![

src/service/sending/sender.rs

@@ -9,6 +9,7 @@
 };
 
 use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
+use conduwuit::info;
 use conduwuit_core::{
 	Error, Event, Result, at, debug, err, error,
 	result::LogErr,
@@ -866,9 +867,12 @@ async fn send_events_dest_federation(
 
 		for (event_id, result) in result.iter().flat_map(|resp| resp.pdus.iter()) {
 			if let Err(e) = result {
-				warn!(
-					%txn_id, %server,
-					"error sending PDU {event_id} to remote server: {e:?}"
+				info!(
+					%txn_id,
+					%server,
+					%event_id,
+					remote_error=?e,
+					"remote server encountered an error while processing an event"
 				);
 			}
 		}