docs(docker): Restructure deployment guide and add env var reference

Add Quick Run section with complete getting-started workflow including
admin user creation via --execute flag. Consolidate Docker Compose to
treat reverse proxy as essential with Traefik/Caddy/nginx examples.

Move detailed image building to development guide, keeping deployment
docs focused on using pre-built images.

Create environment variables reference with practical examples and
context. Clarify built-in TLS is for testing only; production should
use reverse proxies.

.forgejo/workflows/build-debian.yml

@@ -30,22 +30,22 @@ jobs:
           echo "version=$VERSION" >> $GITHUB_OUTPUT
           echo "distribution=$DISTRIBUTION" >> $GITHUB_OUTPUT
           echo "Debian distribution: $DISTRIBUTION ($VERSION)"
-      #- name: Work around llvm-project#153385
-      #  id: llvm-workaround
-      #  run: |
-      #    if [ -f /usr/share/apt/default-sequoia.config ]; then
-      #      echo "Applying workaround for llvm-project#153385"
-      #      mkdir -p /etc/crypto-policies/back-ends/
-      #      cp /usr/share/apt/default-sequoia.config /etc/crypto-policies/back-ends/apt-sequoia.config
-      #      sed -i 's/\(sha1\.second_preimage_resistance = \)2026-02-01/\12026-06-01/' /etc/crypto-policies/back-ends/apt-sequoia.config
-      #    else
-      #      echo "No workaround needed for llvm-project#153385"
-      #    fi
+      - name: Work around llvm-project#153385
+        id: llvm-workaround
+        run: |
+          if [ -f /usr/share/apt/default-sequoia.config ]; then
+            echo "Applying workaround for llvm-project#153385"
+            mkdir -p /etc/crypto-policies/back-ends/
+            cp /usr/share/apt/default-sequoia.config /etc/crypto-policies/back-ends/apt-sequoia.config
+            sed -i 's/\(sha1\.second_preimage_resistance = \)2026-02-01/\12026-06-01/' /etc/crypto-policies/back-ends/apt-sequoia.config
+          else
+            echo "No workaround needed for llvm-project#153385"
+          fi
       - name: Pick compatible clang version
         id: clang-version
         run: |
           # both latest need to use clang-23, but oldstable and previous can just use clang
-          if [[ "${{ matrix.container }}" == "ubuntu-latest" ]]; then
+          if [[ "${{ matrix.container }}" == "ubuntu-latest" || "${{ matrix.container }}" == "debian-latest" ]]; then
             echo "Using clang-23 package for ${{ matrix.container }}"
             echo "version=clang-23" >> $GITHUB_OUTPUT
           else

CHANGELOG.md

@@ -1,32 +1,3 @@
-# Continuwuity 0.5.6 (2026-03-03)
-
-## Security
-
-- Admin escape commands received over federation will never be executed, as this is never valid in a genuine situation. Contributed by @Jade.
-- Fixed data amplification vulnerability (CWE-409) that affected configurations with server-side compression enabled (non-default). Contributed by @nex.
-
-## Features
-
-- Outgoing presence is now disabled by default, and the config option documentation has been adjusted to more accurately represent the weight of presence, typing indicators, and read receipts. Contributed by @nex. ([#1399](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1399))
-- Improved the concurrency handling of federation transactions, vastly improving performance and reliability by more accurately handling inbound transactions and reducing the amount of repeated wasted work. Contributed by @nex and @Jade. ([#1428](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1428))
-- Added [MSC3202](https://github.com/matrix-org/matrix-spec-proposals/pull/3202) Device masquerading (not all of MSC3202). This should fix issues with enabling [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) for some Mautrix bridges. Contributed by @Jade ([#1435](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1435))
-- Added [MSC3814](https://github.com/matrix-org/matrix-spec-proposals/pull/3814) Dehydrated Devices - you can now decrypt messages sent while all devices were logged out. ([#1436](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1436))
-- Implement [MSC4143](https://github.com/matrix-org/matrix-spec-proposals/pull/4143) MatrixRTC transport discovery endpoint. Move RTC foci configuration from `[global.well_known]` to a new `[global.matrix_rtc]` section with a `foci` field. Contributed by @0xnim ([#1442](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1442))
-- Updated `list-backups` admin command to output one backup per line. ([#1394](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1394))
-- Improved URL preview fetching with a more compatible user agent for sites like YouTube Music. Added `!admin media delete-url-preview <url>` command to clear cached URL previews that were stuck and broken. ([#1434](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1434))
-
-## Bugfixes
-
-- Removed non-compliant nor functional room alias lookups over federation. Contributed by @nex ([#1393](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1393))
-- Removed ability to set rocksdb as read only. Doing so would cause unintentional and buggy behaviour. Contributed by @Terryiscool160. ([#1418](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1418))
-- Fixed a startup crash in the sender service if we can't detect the number of CPU cores, even if the `sender_workers` config option is set correctly. Contributed by @katie. ([#1421](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1421))
-- Removed the `allow_public_room_directory_without_auth` config option. Contributed by @0xnim. ([#1441](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1441))
-- Fixed sliding sync v5 list ranges always starting from 0, causing extra rooms to be unnecessarily processed and returned. Contributed by @0xnim ([#1445](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1445))
-- Fixed a bug that (repairably) caused a room split between continuwuity and non-continuwuity servers when the room had both `m.room.policy` and `org.matrix.msc4284.policy` in its room state. Contributed by @nex ([#1481](https://forgejo.ellis.link/continuwuation/continuwuity/pulls/1481))
-- Fixed `!admin media delete --mxc <url>` responding with an error message when the media was deleted successfully. Contributed by @lynxize
-- Fixed spurious 404 media errors in the logs. Contributed by @benbot.
-- Fixed spurious warn about needed backfill via federation for non-federated rooms. Contributed by @kraem.
-
 # Continuwuity v0.5.5 (2026-02-15)
 
 ## Features

Cargo.lock

@@ -445,14 +445,13 @@ dependencies = [
 
 [[package]]
 name = "axum-extra"
-version = "0.12.5"
+version = "0.10.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fef252edff26ddba56bbcdf2ee3307b8129acb86f5749b68990c168a6fcc9c76"
+checksum = "9963ff19f40c6102c76756ef0a46004c0d58957d87259fc9208ff8441c12ab96"
 dependencies = [
  "axum",
  "axum-core",
  "bytes",
- "futures-core",
  "futures-util",
  "headers",
  "http",
@@ -460,6 +459,8 @@ dependencies = [
  "http-body-util",
  "mime",
  "pin-project-lite",
+ "rustversion",
+ "serde_core",
  "tower-layer",
  "tower-service",
  "tracing",
@@ -887,7 +888,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "clap",
  "conduwuit_admin",
@@ -919,7 +920,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_admin"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "clap",
  "conduwuit_api",
@@ -940,7 +941,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_api"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "async-trait",
  "axum",
@@ -972,14 +973,14 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_build_metadata"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "built",
 ]
 
 [[package]]
 name = "conduwuit_core"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "argon2",
  "arrayvec",
@@ -1041,7 +1042,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_database"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "async-channel",
  "conduwuit_core",
@@ -1059,7 +1060,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_macros"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "itertools 0.14.0",
  "proc-macro2",
@@ -1069,7 +1070,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_router"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "axum",
  "axum-client-ip",
@@ -1103,7 +1104,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_service"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "askama",
  "async-trait",
@@ -1145,7 +1146,7 @@ dependencies = [
 
 [[package]]
 name = "conduwuit_web"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "askama",
  "axum",
@@ -1221,7 +1222,7 @@ dependencies = [
 [[package]]
 name = "continuwuity-admin-api"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "ruma-common",
  "serde",
@@ -1600,7 +1601,7 @@ dependencies = [
 [[package]]
 name = "draupnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "ruma-common",
  "serde",
@@ -3002,7 +3003,7 @@ checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
 [[package]]
 name = "meowlnir-antispam"
 version = "0.1.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "ruma-common",
  "serde",
@@ -4055,14 +4056,12 @@ dependencies = [
  "sync_wrapper",
  "tokio",
  "tokio-rustls",
- "tokio-util",
  "tower",
  "tower-http",
  "tower-service",
  "url",
  "wasm-bindgen",
  "wasm-bindgen-futures",
- "wasm-streams",
  "web-sys",
  "webpki-roots",
 ]
@@ -4096,7 +4095,7 @@ dependencies = [
 [[package]]
 name = "ruma"
 version = "0.10.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "assign",
  "continuwuity-admin-api",
@@ -4119,7 +4118,7 @@ dependencies = [
 [[package]]
 name = "ruma-appservice-api"
 version = "0.10.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4131,7 +4130,7 @@ dependencies = [
 [[package]]
 name = "ruma-client-api"
 version = "0.18.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "as_variant",
  "assign",
@@ -4154,7 +4153,7 @@ dependencies = [
 [[package]]
 name = "ruma-common"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "as_variant",
  "base64 0.22.1",
@@ -4186,7 +4185,7 @@ dependencies = [
 [[package]]
 name = "ruma-events"
 version = "0.28.1"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "as_variant",
  "indexmap",
@@ -4211,7 +4210,7 @@ dependencies = [
 [[package]]
 name = "ruma-federation-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "bytes",
  "headers",
@@ -4233,7 +4232,7 @@ dependencies = [
 [[package]]
 name = "ruma-identifiers-validation"
 version = "0.9.5"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "js_int",
  "thiserror 2.0.18",
@@ -4242,7 +4241,7 @@ dependencies = [
 [[package]]
 name = "ruma-identity-service-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4252,7 +4251,7 @@ dependencies = [
 [[package]]
 name = "ruma-macros"
 version = "0.13.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "cfg-if",
  "proc-macro-crate",
@@ -4267,7 +4266,7 @@ dependencies = [
 [[package]]
 name = "ruma-push-gateway-api"
 version = "0.9.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "js_int",
  "ruma-common",
@@ -4279,7 +4278,7 @@ dependencies = [
 [[package]]
 name = "ruma-signatures"
 version = "0.15.0"
-source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=bb12ed288a31a23aa11b10ba0fad22b7f985eb88#bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=e087ff15888156942ca2ffe6097d1b4c3fd27628#e087ff15888156942ca2ffe6097d1b4c3fd27628"
 dependencies = [
  "base64 0.22.1",
  "ed25519-dalek",
@@ -5870,19 +5869,6 @@ dependencies = [
  "wasmparser",
 ]
 
-[[package]]
-name = "wasm-streams"
-version = "0.4.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15053d8d85c7eccdbefef60f06769760a563c7f0a9d6902a13d35c7800b0ad65"
-dependencies = [
- "futures-util",
- "js-sys",
- "wasm-bindgen",
- "wasm-bindgen-futures",
- "web-sys",
-]
-
 [[package]]
 name = "wasmparser"
 version = "0.244.0"
@@ -6347,7 +6333,7 @@ dependencies = [
 
 [[package]]
 name = "xtask"
-version = "0.5.6"
+version = "0.5.5"
 dependencies = [
  "askama",
  "cargo_metadata",

Cargo.toml

@@ -12,7 +12,7 @@ license = "Apache-2.0"
 # See also `rust-toolchain.toml`
 readme = "README.md"
 repository = "https://forgejo.ellis.link/continuwuation/continuwuity"
-version = "0.5.6"
+version = "0.5.5"
 
 [workspace.metadata.crane]
 name = "conduwuit"
@@ -97,7 +97,7 @@ features = [
 ]
 
 [workspace.dependencies.axum-extra]
-version = "0.12.0"
+version = "0.10.1"
 default-features = false
 features = ["typed-header", "tracing"]
 
@@ -144,7 +144,6 @@ features = [
     "socks",
     "hickory-dns",
     "http2",
-    "stream",
 ]
 
 [workspace.dependencies.serde]
@@ -344,7 +343,7 @@ version = "0.1.2"
 [workspace.dependencies.ruma]
 git = "https://forgejo.ellis.link/continuwuation/ruwuma"
 #branch = "conduwuit-changes"
-rev = "bb12ed288a31a23aa11b10ba0fad22b7f985eb88"
+rev = "e087ff15888156942ca2ffe6097d1b4c3fd27628"
 features = [
     "compat",
     "rand",
@@ -364,7 +363,6 @@ features = [
     "unstable-msc2870",
     "unstable-msc3026",
     "unstable-msc3061",
-    "unstable-msc3814",
     "unstable-msc3245",
     "unstable-msc3266",
     "unstable-msc3381", # polls
@@ -383,7 +381,6 @@ features = [
     "unstable-pdu",
     "unstable-msc4155",
     "unstable-msc4143", # livekit well_known response
-    "unstable-msc4284"
 ]
 
 [workspace.dependencies.rust-rocksdb]

changelog.d/1393.bugfix

@@ -0,0 +1 @@
+Removed non-compliant nor functional room alias lookups over federation. Contributed by @nex

changelog.d/1399.feature

@@ -0,0 +1 @@
+Outgoing presence is now disabled by default, and the config option documentation has been adjusted to more accurately represent the weight of presence, typing indicators, and read receipts. Contributed by @nex.

changelog.d/1418.bugfix

@@ -0,0 +1 @@
+Removed ability to set rocksdb as read only. Doing so would cause unintentional and buggy behaviour. Contributed by @Terryiscool160.

changelog.d/1421.bugfix

@@ -0,0 +1 @@
+Fixed a startup crash in the sender service if we can't detect the number of CPU cores, even if the `sender_workers' config option is set correctly. Contributed by @katie.

changelog.d/1428.feature

@@ -0,0 +1 @@
+Improved the concurrency handling of federation transactions, vastly improving performance and reliability by more accurately handling inbound transactions and reducing the amount of repeated wasted work. Contributed by @nex and @Jade.

changelog.d/1435.feature.md

@@ -0,0 +1 @@
+Added MSC3202 Device masquerading (not all of MSC3202). This should fix issues with enabling MSC4190 for some Mautrix bridges. Contributed by @Jade

changelog.d/list-backups-formatting.feature

@@ -0,0 +1 @@
+Updated `list-backups` admin command to output one backup per line.

changelog.d/url-preview-fix.feature

@@ -0,0 +1 @@
+Improved URL preview fetching with a more compatible user agent for sites like YouTube Music. Added `!admin media delete-url-preview <url>` command to clear cached URL previews that were stuck and broken.

clippy.toml

@@ -15,18 +15,6 @@ disallowed-macros = [
 	{ path = "log::trace", reason = "use conduwuit_core::trace" },
 ]
 
-[[disallowed-methods]]
-path = "tokio::spawn"
-reason = "use and pass conduwuit_core::server::Server::runtime() to spawn from"
-
-[[disallowed-methods]]
-path = "reqwest::Response::bytes"
-reason = "bytes is unsafe, use limit_read via the conduwuit_core::utils::LimitReadExt trait instead"
-
-[[disallowed-methods]]
-path = "reqwest::Response::text"
-reason = "text is unsafe, use limit_read_text via the conduwuit_core::utils::LimitReadExt trait instead"
-
-[[disallowed-methods]]
-path = "reqwest::Response::json"
-reason = "json is unsafe, use limit_read_text via the conduwuit_core::utils::LimitReadExt trait instead"
+disallowed-methods = [
+    { path = "tokio::spawn", reason = "use and pass conduuwit_core::server::Server::runtime() to spawn from" },
+]

complement/complement.config.toml

@@ -9,6 +9,7 @@ address = "0.0.0.0"
 allow_device_name_federation = true
 allow_guest_registration = true
 allow_public_room_directory_over_federation = true
+allow_public_room_directory_without_auth = true
 allow_registration = true
 database_path = "/database"
 log = "trace,h2=debug,hyper=debug"

conduwuit-example.toml

@@ -546,6 +546,12 @@
 #
 #allow_public_room_directory_over_federation = false
 
+# Set this to true to allow your server's public room directory to be
+# queried without client authentication (access token) through the Client
+# APIs. Set this to false to protect against /publicRooms spiders.
+#
+#allow_public_room_directory_without_auth = false
+
 # Allow guests/unauthenticated users to access TURN credentials.
 #
 # This is the equivalent of Synapse's `turn_allow_guests` config option.
@@ -1844,13 +1850,14 @@
 #
 #support_mxid =
 
-# **DEPRECATED**: Use `[global.matrix_rtc].foci` instead.
-#
 # A list of MatrixRTC foci URLs which will be served as part of the
-# MSC4143 client endpoint at /.well-known/matrix/client.
+# MSC4143 client endpoint at /.well-known/matrix/client.  If you're
+# setting up livekit, you'd want something like:
+# rtc_focus_server_urls = [
+#     { type = "livekit", livekit_service_url = "https://livekit.example.com" },
+# ]
 #
-# This option is deprecated and will be removed in a future release.
-# Please migrate to the new `[global.matrix_rtc]` config section.
+# To disable, set this to be an empty vector (`[]`).
 #
 #rtc_focus_server_urls = []
 
@@ -1872,23 +1879,6 @@
 #
 #blurhash_max_raw_size = 33554432
 
-[global.matrix_rtc]
-
-# A list of MatrixRTC foci (transports) which will be served via the
-# MSC4143 RTC transports endpoint at
-# `/_matrix/client/v1/rtc/transports`. If you're setting up livekit,
-# you'd want something like:
-# ```toml
-# [global.matrix_rtc]
-# foci = [
-#     { type = "livekit", livekit_service_url = "https://livekit.example.com" },
-# ]
-# ```
-#
-# To disable, set this to an empty list (`[]`).
-#
-#foci = []
-
 [global.ldap]
 
 # Whether to enable LDAP login.

docker/Dockerfile

@@ -180,11 +180,6 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
         export RUSTFLAGS="${RUSTFLAGS}"
     fi
 
-    RUST_PROFILE_DIR="${RUST_PROFILE}"
-    if [[ "${RUST_PROFILE}" == "dev" ]]; then
-        RUST_PROFILE_DIR="debug"
-    fi
-
     TARGET_DIR=($(cargo metadata --no-deps --format-version 1 | \
             jq -r ".target_directory"))
     mkdir /out/sbin
@@ -196,8 +191,8 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
         jq -r ".packages[] | select(.name == \"$PACKAGE\") | .targets[] | select( .kind | map(. == \"bin\") | any ) | .name"))
     for BINARY in "${BINARIES[@]}"; do
         echo $BINARY
-        xx-verify $TARGET_DIR/$(xx-cargo --print-target-triple)/${RUST_PROFILE_DIR}/$BINARY
-        cp $TARGET_DIR/$(xx-cargo --print-target-triple)/${RUST_PROFILE_DIR}/$BINARY /out/sbin/$BINARY
+        xx-verify $TARGET_DIR/$(xx-cargo --print-target-triple)/${RUST_PROFILE}/$BINARY
+        cp $TARGET_DIR/$(xx-cargo --print-target-triple)/${RUST_PROFILE}/$BINARY /out/sbin/$BINARY
     done
 EOF
 

docs/_meta.json

@@ -64,6 +64,11 @@
         "label": "Configuration Reference",
         "name": "/reference/config"
     },
+    {
+        "type": "file",
+        "label": "Environment Variables",
+        "name": "/reference/environment-variables"
+    },
     {
         "type": "dir",
         "label": "Admin Command Reference",

docs/calls/livekit.mdx

@@ -78,19 +78,47 @@ #### Firewall hints
 
 ### 3. Telling clients where to find LiveKit
 
-To tell clients where to find LiveKit, you need to add the address of your `lk-jwt-service` to the `[global.matrix_rtc]` config section using the `foci` option.
+To tell clients where to find LiveKit, you need to add the address of your `lk-jwt-service` to your client .well-known file. To do so, in the config section `global.well-known`, add (or modify) the option `rtc_focus_server_urls`.
 
-The variable should be a list of servers serving as MatrixRTC endpoints. Clients discover these via the `/_matrix/client/v1/rtc/transports` endpoint (MSC4143).
+The variable should be a list of servers serving as MatrixRTC endpoints to serve in the well-known file to the client.
 
 ```toml
-[global.matrix_rtc]
-foci = [
+rtc_focus_server_urls = [
     { type = "livekit", livekit_service_url = "https://livekit.example.com" },
 ]
 ```
 
 Remember to replace the URL with the address you are deploying your instance of lk-jwt-service to.
 
+#### Serving .well-known manually
+
+If you don't let Continuwuity serve your `.well-known` files, you need to add the following lines to your `.well-known/matrix/client` file, remembering to replace the URL with your own `lk-jwt-service` deployment:
+
+```json
+  "org.matrix.msc4143.rtc_foci": [
+    {
+      "type": "livekit",
+      "livekit_service_url": "https://livekit.example.com"
+    }
+  ]
+```
+
+The final file should look something like this:
+
+```json
+{
+  "m.homeserver": {
+    "base_url":"https://matrix.example.com"
+  },
+  "org.matrix.msc4143.rtc_foci": [
+    {
+      "type": "livekit",
+      "livekit_service_url": "https://livekit.example.com"
+    }
+  ]
+}
+```
+
 ### 4. Configure your Reverse Proxy
 
 Reverse proxies can be configured in many different ways - so we can't provide a step by step for this.

docs/deploying/docker-compose.for-traefik.yml

@@ -8,7 +8,6 @@ services:
     restart: unless-stopped
     volumes:
       - db:/var/lib/continuwuity
-      - /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's.
       #- ./continuwuity.toml:/etc/continuwuity.toml
     networks:
       - proxy

docs/deploying/docker.mdx

@@ -2,28 +2,26 @@ # Continuwuity for Docker
 
 ## Docker
 
-To run Continuwuity with Docker, you can either build the image yourself or pull it
-from a registry.
+To run Continuwuity with Docker, you can either build the image yourself or pull
+it from a registry.
 
 ### Use a registry
 
-OCI images for Continuwuity are available in the registries listed below.
+Available OCI images:
 
-| Registry        | Image                                                           | Notes                  |
-| --------------- | --------------------------------------------------------------- | -----------------------|
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest)     | Latest tagged image.   |
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main)       | Main branch image.     |
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:latest-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest-maxperf) | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
-| Forgejo Registry| [forgejo.ellis.link/continuwuation/continuwuity:main-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main-maxperf)   | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
+| Registry         | Image                                                                                                                                                       | Notes                                                                        |
+| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- |
+| Forgejo Registry | [forgejo.ellis.link/continuwuation/continuwuity:latest](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest)                 | Latest tagged image.                                                         |
+| Forgejo Registry | [forgejo.ellis.link/continuwuation/continuwuity:main](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main)                     | Main branch image.                                                           |
+| Forgejo Registry | [forgejo.ellis.link/continuwuation/continuwuity:latest-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/latest-maxperf) | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
+| Forgejo Registry | [forgejo.ellis.link/continuwuation/continuwuity:main-maxperf](https://forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/main-maxperf)     | [Performance optimised version.](./generic.mdx#performance-optimised-builds) |
 
-Use
+**Example:**
 
 ```bash
-docker image pull $LINK
+docker image pull forgejo.ellis.link/continuwuation/continuwuity:main-maxperf
 ```
 
-to pull it to your machine.
-
 #### Mirrors
 
 Images are mirrored to multiple locations automatically, on a schedule:
@@ -33,39 +31,146 @@ #### Mirrors
 - `registry.gitlab.com/continuwuity/continuwuity`
 - `git.nexy7574.co.uk/mirrored/continuwuity` (releases only, no `main`)
 
-### Run
+### Quick Run
 
-When you have the image, you can simply run it with
+Get a working Continuwuity server with an admin user in four steps:
+
+#### Prerequisites
+
+Continuwuity requires HTTPS for Matrix federation. You'll need:
+
+- A domain name pointing to your server
+- A reverse proxy with SSL/TLS certificates (Traefik, Caddy, nginx, etc.)
+
+See [Docker Compose](#docker-compose) for complete examples.
+
+#### Environment Variables
+
+- `CONTINUWUITY_SERVER_NAME` - Your Matrix server's domain name
+- `CONTINUWUITY_DATABASE_PATH` - Where to store your database (must match the
+  volume mount)
+- `CONTINUWUITY_ADDRESS` - Bind address (use `0.0.0.0` to listen on all
+  interfaces)
+- `CONTINUWUITY_ALLOW_REGISTRATION` - Set to `false` to disable registration, or
+  use with `CONTINUWUITY_REGISTRATION_TOKEN` to require a token (see
+  [reference](../reference/environment-variables.mdx#registration--user-configuration)
+  for details)
+
+See the
+[Environment Variables Reference](../reference/environment-variables.mdx) for
+more configuration options.
+
+#### 1. Pull the image
 
 ```bash
-docker run -d -p 8448:6167 \
-    -v db:/var/lib/continuwuity/ \
-    -e CONTINUWUITY_SERVER_NAME="your.server.name" \
-    -e CONTINUWUITY_ALLOW_REGISTRATION=false \
-    --name continuwuity $LINK
+docker pull forgejo.ellis.link/continuwuation/continuwuity:latest
 ```
 
-or you can use [Docker Compose](#docker-compose).
+#### 2. Start the server with initial admin user
 
-The `-d` flag lets the container run in detached mode. You may supply an
-optional `continuwuity.toml` config file, the example config can be found
-[here](../reference/config.mdx). You can pass in different env vars to
-change config values on the fly. You can even configure Continuwuity completely by
-using env vars. For an overview of possible values, please take a look at the
-<a href="/examples/docker-compose.yml" target="_blank">`docker-compose.yml`</a> file.
+```bash
+docker run -d \
+  -p 6167:6167 \
+  -v continuwuity_db:/var/lib/continuwuity \
+  -e CONTINUWUITY_SERVER_NAME="matrix.example.com" \
+  -e CONTINUWUITY_DATABASE_PATH="/var/lib/continuwuity" \
+  -e CONTINUWUITY_ADDRESS="0.0.0.0" \
+  -e CONTINUWUITY_ALLOW_REGISTRATION="false" \
+  --name continuwuity \
+  forgejo.ellis.link/continuwuation/continuwuity:latest \
+  --execute "users create-user admin"
+```
 
-If you just want to test Continuwuity for a short time, you can use the `--rm`
-flag, which cleans up everything related to your container after you stop
-it.
+Replace `matrix.example.com` with your actual server name and `admin` with
+your preferred username.
+
+#### 3. Get your admin password
+
+```bash
+docker logs continuwuity 2>&1 | grep "Created user"
+```
+
+You'll see output like:
+
+```
+Created user with user_id: @admin:matrix.example.com and password: `[auto-generated-password]`
+```
+
+#### 4. Configure your reverse proxy
+
+Configure your reverse proxy to forward HTTPS traffic to Continuwuity. See
+[Docker Compose](#docker-compose) for examples.
+
+Once configured, log in with any Matrix client using `@admin:matrix.example.com`
+and the generated password. You'll automatically be invited to the admin room
+where you can manage your server.
 
 ### Docker Compose
 
-If the `docker run` command is not suitable for you or your setup, you can also use one
-of the provided `docker-compose` files.
+Docker Compose is the recommended deployment method. These examples include
+reverse proxy configurations for Matrix federation.
 
-Depending on your proxy setup, you can use one of the following files:
+#### Matrix Federation Requirements
 
-### For existing Traefik setup
+For Matrix federation to work, you need to serve `.well-known/matrix/client` and
+`.well-known/matrix/server` endpoints. You can achieve this either by:
+
+1. **Using a well-known service** - The compose files below include an nginx
+   container to serve these files
+2. **Using Continuwuity's built-in delegation** (easier for Traefik) - Configure
+   delegation files in your config, then proxy `/.well-known/matrix/*` to
+   Continuwuity
+
+**Traefik example using built-in delegation:**
+
+```yaml
+labels:
+  traefik.http.routers.continuwuity.rule: >-
+    (Host(`matrix.example.com`) ||
+     (Host(`example.com`) && PathPrefix(`/.well-known/matrix`)))
+```
+
+This routes your Matrix domain and well-known paths to Continuwuity.
+
+#### Creating Your First Admin User
+
+Add the `--execute` command to create an admin user on first startup. In your
+compose file, add under the `continuwuity` service:
+
+```yaml
+services:
+    continuwuity:
+        image: forgejo.ellis.link/continuwuation/continuwuity:latest
+        command: --execute "users create-user admin"
+        # ... rest of configuration
+```
+
+Then retrieve the auto-generated password:
+
+```bash
+docker compose logs continuwuity | grep "Created user"
+```
+
+#### Choose Your Reverse Proxy
+
+Select the compose file that matches your setup:
+
+:::note DNS Performance
+Docker's default DNS resolver can cause performance issues with Matrix
+federation. If you experience slow federation or DNS timeouts, you may need to
+use your host's DNS resolver instead. Add this volume mount to the
+`continuwuity` service:
+
+```yaml
+volumes:
+  - /etc/resolv.conf:/etc/resolv.conf:ro
+```
+
+See [Troubleshooting - DNS Issues](../troubleshooting.mdx#potential-dns-issues-when-using-docker)
+for more details and alternative solutions.
+:::
+
+##### For existing Traefik setup
 
 <details>
 <summary>docker-compose.for-traefik.yml</summary>
@@ -76,7 +181,7 @@ ### For existing Traefik setup
 
 </details>
 
-### With Traefik included
+##### With Traefik included
 
 <details>
 <summary>docker-compose.with-traefik.yml</summary>
@@ -87,7 +192,7 @@ ### With Traefik included
 
 </details>
 
-### With Caddy Docker Proxy
+##### With Caddy Docker Proxy
 
 <details>
 <summary>docker-compose.with-caddy.yml</summary>
@@ -98,9 +203,15 @@ ### With Caddy Docker Proxy
 
 ```
 
+If you don't already have a network for Caddy to monitor, create one first:
+
+```bash
+docker network create caddy
+```
+
 </details>
 
-### For other reverse proxies
+##### For other reverse proxies
 
 <details>
 <summary>docker-compose.yml</summary>
@@ -111,7 +222,7 @@ ### For other reverse proxies
 
 </details>
 
-### Override file
+##### Override file for customisation
 
 <details>
 <summary>docker-compose.override.yml</summary>
@@ -122,98 +233,24 @@ ### Override file
 
 </details>
 
-When picking the Traefik-related compose file, rename it to
-`docker-compose.yml`, and rename the override file to
-`docker-compose.override.yml`. Edit the latter with the values you want for your
-server.
+#### Starting Your Server
 
-When picking the `caddy-docker-proxy` compose file, it's important to first
-create the `caddy` network before spinning up the containers:
-
-```bash
-docker network create caddy
-```
-
-After that, you can rename it to `docker-compose.yml` and spin up the
-containers!
-
-Additional info about deploying Continuwuity can be found [here](generic.mdx).
-
-### Build
-
-Official Continuwuity images are built using **Docker Buildx** and the Dockerfile found at [`docker/Dockerfile`][dockerfile-path]. This approach uses common Docker tooling and enables efficient multi-platform builds.
-
-The resulting images are widely compatible with Docker and other container runtimes like Podman or containerd.
-
-The images *do not contain a shell*. They contain only the Continuwuity binary, required libraries, TLS certificates, and metadata.
-
-<details>
-<summary>Click to view the Dockerfile</summary>
-
-You can also <a href="https://forgejo.ellis.link/continuwuation/continuwuation/src/branch/main/docker/Dockerfile" target="_blank">view the Dockerfile on Forgejo</a>.
-
-```dockerfile file="../../docker/Dockerfile"
-
-```
-
-</details>
-
-To build an image locally using Docker Buildx, you can typically run a command like:
-
-```bash
-# Build for the current platform and load into the local Docker daemon
-docker buildx build --load --tag continuwuity:latest -f docker/Dockerfile .
-
-# Example: Build for specific platforms and push to a registry.
-# docker buildx build --platform linux/amd64,linux/arm64 --tag registry.io/org/continuwuity:latest -f docker/Dockerfile . --push
-
-# Example: Build binary optimised for the current CPU (standard release profile)
-# docker buildx build --load \
-#   --tag continuwuity:latest \
-#   --build-arg TARGET_CPU=native \
-#   -f docker/Dockerfile .
-
-# Example: Build maxperf variant (release-max-perf profile with LTO)
-# Optimised for runtime performance and smaller binary size, but requires longer build time
-# docker buildx build --load \
-#   --tag continuwuity:latest-maxperf \
-#   --build-arg TARGET_CPU=native \
-#   --build-arg RUST_PROFILE=release-max-perf \
-#   -f docker/Dockerfile .
-```
-
-Refer to the Docker Buildx documentation for more advanced build options.
-
-[dockerfile-path]: https://forgejo.ellis.link/continuwuation/continuwuation/src/branch/main/docker/Dockerfile
-
-### Run
-
-If you have already built the image or want to use one from the registries, you
-can start the container and everything else in the compose file in detached
-mode with:
+1. Choose your compose file and rename it to `docker-compose.yml`
+2. If using the override file, rename it to `docker-compose.override.yml` and
+   edit your values
+3. Start the server:
 
 ```bash
 docker compose up -d
 ```
 
-> **Note:** Don't forget to modify and adjust the compose file to your needs.
+See the [generic deployment guide](generic.mdx) for more deployment options.
 
-### Use Traefik as Proxy
+### Building Custom Images
 
-As a container user, you probably know about Traefik. It is an easy-to-use
-reverse proxy for making containerized apps and services available through the
-web. With the Traefik-related docker-compose files provided above, it is equally easy
-to deploy and use Continuwuity, with a small caveat. If you have already looked at
-the files, you should have seen the `well-known` service, which is the
-small caveat. Traefik is simply a proxy and load balancer and cannot
-serve any kind of content. For Continuwuity to federate, we need to either
-expose ports `443` and `8448` or serve two endpoints: `.well-known/matrix/client`
-and `.well-known/matrix/server`.
-
-With the service `well-known`, we use a single `nginx` container that serves
-those two files.
-
-Alternatively, you can use Continuwuity's built-in delegation file capability. Set up the delegation files in the configuration file, and then proxy paths under `/.well-known/matrix` to continuwuity. For example, the label ``traefik.http.routers.continuwuity.rule=(Host(`matrix.ellis.link`) || (Host(`ellis.link`) && PathPrefix(`/.well-known/matrix`)))`` does this for the domain `ellis.link`.
+For information on building your own Continuwuity Docker images, see the
+[Building Docker Images](../development/index.mdx#building-docker-images)
+section in the development documentation.
 
 ## Voice communication
 

docs/development/index.mdx

@@ -2,7 +2,8 @@ # Development
 
 Information about developing the project. If you are only interested in using
 it, you can safely ignore this page. If you plan on contributing, see the
-[contributor's guide](./contributing.mdx) and [code style guide](./code_style.mdx).
+[contributor's guide](./contributing.mdx) and
+[code style guide](./code_style.mdx).
 
 ## Continuwuity project layout
 
@@ -12,86 +13,98 @@ ## Continuwuity project layout
 `Cargo.toml`.
 
 The crate names are generally self-explanatory:
+
 - `admin` is the admin room
 - `api` is the HTTP API, Matrix C-S and S-S endpoints, etc
-- `core` is core Continuwuity functionality like config loading, error definitions,
-global utilities, logging infrastructure, etc
-- `database` is RocksDB methods, helpers, RocksDB config, and general database definitions,
-utilities, or functions
-- `macros` are Continuwuity Rust [macros][macros] like general helper macros, logging
-and error handling macros, and [syn][syn] and [procedural macros][proc-macro]
-used for admin room commands and others
+- `core` is core Continuwuity functionality like config loading, error
+  definitions, global utilities, logging infrastructure, etc
+- `database` is RocksDB methods, helpers, RocksDB config, and general database
+  definitions, utilities, or functions
+- `macros` are Continuwuity Rust [macros][macros] like general helper macros,
+  logging and error handling macros, and [syn][syn] and [procedural
+  macros][proc-macro] used for admin room commands and others
 - `main` is the "primary" sub-crate. This is where the `main()` function lives,
-tokio worker and async initialisation, Sentry initialisation, [clap][clap] init,
-and signal handling. If you are adding new [Rust features][features], they *must*
-go here.
-- `router` is the webserver and request handling bits, using axum, tower, tower-http,
-hyper, etc, and the [global server state][state] to access `services`.
+  tokio worker and async initialisation, Sentry initialisation, [clap][clap]
+  init, and signal handling. If you are adding new [Rust features][features],
+  they _must_ go here.
+- `router` is the webserver and request handling bits, using axum, tower,
+  tower-http, hyper, etc, and the [global server state][state] to access
+  `services`.
 - `service` is the high-level database definitions and functions for data,
-outbound/sending code, and other business logic such as media fetching.
+  outbound/sending code, and other business logic such as media fetching.
 
-It is highly unlikely you will ever need to add a new workspace member, but
-if you truly find yourself needing to, we recommend reaching out to us in
-the Matrix room for discussions about it beforehand.
+It is highly unlikely you will ever need to add a new workspace member, but if
+you truly find yourself needing to, we recommend reaching out to us in the
+Matrix room for discussions about it beforehand.
 
 The primary inspiration for this design was apart of hot reloadable development,
-to support "Continuwuity as a library" where specific parts can simply be swapped out.
-There is evidence Conduit wanted to go this route too as `axum` is technically an
-optional feature in Conduit, and can be compiled without the binary or axum library
-for handling inbound web requests; but it was never completed or worked.
+to support "Continuwuity as a library" where specific parts can simply be
+swapped out. There is evidence Conduit wanted to go this route too as `axum` is
+technically an optional feature in Conduit, and can be compiled without the
+binary or axum library for handling inbound web requests; but it was never
+completed or worked.
 
-See the Rust documentation on [Workspaces][workspaces] for general questions
-and information on Cargo workspaces.
+See the Rust documentation on [Workspaces][workspaces] for general questions and
+information on Cargo workspaces.
 
 ## Adding compile-time [features][features]
 
-If you'd like to add a compile-time feature, you must first define it in
-the `main` workspace crate located in `src/main/Cargo.toml`. The feature must
-enable a feature in the other workspace crate(s) you intend to use it in. Then
-the said workspace crate(s) must define the feature there in its `Cargo.toml`.
+If you'd like to add a compile-time feature, you must first define it in the
+`main` workspace crate located in `src/main/Cargo.toml`. The feature must enable
+a feature in the other workspace crate(s) you intend to use it in. Then the said
+workspace crate(s) must define the feature there in its `Cargo.toml`.
 
-So, if this is adding a feature to the API such as `woof`, you define the feature
-in the `api` crate's `Cargo.toml` as `woof = []`. The feature definition in `main`'s
-`Cargo.toml` will be `woof = ["conduwuit-api/woof"]`.
+So, if this is adding a feature to the API such as `woof`, you define the
+feature in the `api` crate's `Cargo.toml` as `woof = []`. The feature definition
+in `main`'s `Cargo.toml` will be `woof = ["conduwuit-api/woof"]`.
 
-The rationale for this is due to Rust / Cargo not supporting
-["workspace level features"][9], we must make a choice of; either scattering
-features all over the workspace crates, making it difficult for anyone to add
-or remove default features; or define all the features in one central workspace
-crate that propagate down/up to the other workspace crates. It is a Cargo pitfall,
-and we'd like to see better developer UX in Rust's Workspaces.
+The rationale for this is due to Rust / Cargo not supporting ["workspace level
+features"][9], we must make a choice of; either scattering features all over the
+workspace crates, making it difficult for anyone to add or remove default
+features; or define all the features in one central workspace crate that
+propagate down/up to the other workspace crates. It is a Cargo pitfall, and we'd
+like to see better developer UX in Rust's Workspaces.
 
-Additionally, the definition of one single place makes "feature collection" in our
-Nix flake a million times easier instead of collecting and deduping them all from
-searching in all the workspace crates' `Cargo.toml`s. Though we wouldn't need to
-do this if Rust supported workspace-level features to begin with.
+Additionally, the definition of one single place makes "feature collection" in
+our Nix flake a million times easier instead of collecting and deduping them all
+from searching in all the workspace crates' `Cargo.toml`s. Though we wouldn't
+need to do this if Rust supported workspace-level features to begin with.
 
 ## List of forked dependencies
 
-During Continuwuity (and prior projects) development, we have had to fork some dependencies to support our use-cases.
-These forks exist for various reasons including features that upstream projects won't accept,
-faster-paced development, Continuwuity-specific usecases, or lack of time to upstream changes.
+During Continuwuity (and prior projects) development, we have had to fork some
+dependencies to support our use-cases. These forks exist for various reasons
+including features that upstream projects won't accept, faster-paced
+development, Continuwuity-specific usecases, or lack of time to upstream
+changes.
 
-All forked dependencies are maintained under the [continuwuation organization on Forgejo](https://forgejo.ellis.link/continuwuation):
+All forked dependencies are maintained under the
+[continuwuation organization on Forgejo](https://forgejo.ellis.link/continuwuation):
 
-- [ruwuma][continuwuation-ruwuma] - Fork of [ruma/ruma][ruma] with various performance improvements, more features and better client/server interop
-- [rocksdb][continuwuation-rocksdb] - Fork of [facebook/rocksdb][rocksdb] via [`@zaidoon1`][8] with liburing build fixes and GCC debug build fixes
-- [jemallocator][continuwuation-jemallocator] - Fork of [tikv/jemallocator][jemallocator] fixing musl builds, suspicious code,
-  and adding support for redzones in Valgrind
-- [rustyline-async][continuwuation-rustyline-async] - Fork of [zyansheep/rustyline-async][rustyline-async] with tab completion callback
-  and `CTRL+\` signal quit event for Continuwuity console CLI
-- [rust-rocksdb][continuwuation-rust-rocksdb] - Fork of [rust-rocksdb/rust-rocksdb][rust-rocksdb] fixing musl build issues,
-  removing unnecessary `gtest` include, and using our RocksDB and jemallocator forks
-- [tracing][continuwuation-tracing] - Fork of [tokio-rs/tracing][tracing] implementing `Clone` for `EnvFilter` to
-  support dynamically changing tracing environments
+- [ruwuma][continuwuation-ruwuma] - Fork of [ruma/ruma][ruma] with various
+  performance improvements, more features and better client/server interop
+- [rocksdb][continuwuation-rocksdb] - Fork of [facebook/rocksdb][rocksdb] via
+  [`@zaidoon1`][8] with liburing build fixes and GCC debug build fixes
+- [jemallocator][continuwuation-jemallocator] - Fork of
+  [tikv/jemallocator][jemallocator] fixing musl builds, suspicious code, and
+  adding support for redzones in Valgrind
+- [rustyline-async][continuwuation-rustyline-async] - Fork of
+  [zyansheep/rustyline-async][rustyline-async] with tab completion callback and
+  `CTRL+\` signal quit event for Continuwuity console CLI
+- [rust-rocksdb][continuwuation-rust-rocksdb] - Fork of
+  [rust-rocksdb/rust-rocksdb][rust-rocksdb] fixing musl build issues, removing
+  unnecessary `gtest` include, and using our RocksDB and jemallocator forks
+- [tracing][continuwuation-tracing] - Fork of [tokio-rs/tracing][tracing]
+  implementing `Clone` for `EnvFilter` to support dynamically changing tracing
+  environments
 
 ## Debugging with `tokio-console`
 
 [`tokio-console`][7] can be a useful tool for debugging and profiling. To make a
-`tokio-console`-enabled build of Continuwuity, enable the `tokio_console` feature,
-disable the default `release_max_log_level` feature, and set the `--cfg
-tokio_unstable` flag to enable experimental tokio APIs. A build might look like
-this:
+`tokio-console`-enabled build of Continuwuity, enable the `tokio_console`
+feature, disable the default `release_max_log_level` feature, and set the
+`--cfg tokio_unstable` flag to enable experimental tokio APIs. A build might
+look like this:
 
 ```bash
 RUSTFLAGS="--cfg tokio_unstable" cargo +nightly build \
@@ -100,34 +113,84 @@ ## Debugging with `tokio-console`
     --features=systemd,element_hacks,gzip_compression,brotli_compression,zstd_compression,tokio_console
 ```
 
-You will also need to enable the `tokio_console` config option in Continuwuity when
-starting it. This was due to tokio-console causing gradual memory leak/usage
-if left enabled.
+You will also need to enable the `tokio_console` config option in Continuwuity
+when starting it. This was due to tokio-console causing gradual memory
+leak/usage if left enabled.
 
 ## Building Docker Images
 
-To build a Docker image for Continuwuity, use the standard Docker build command:
+Official Continuwuity images are built using **Docker Buildx** and the
+Dockerfile found at [`docker/Dockerfile`][dockerfile-path].
+
+The images are compatible with Docker and other container runtimes like Podman
+or containerd.
+
+The images _do not contain a shell_. They contain only the Continuwuity binary,
+required libraries, TLS certificates, and metadata.
+
+<details>
+<summary>Click to view the Dockerfile</summary>
+
+You can also
+
+<a
+    href="<https://forgejo.ellis.link/continuwuation/continuwuation/src/branch/main/docker/Dockerfile>"
+    target="_blank"
+>
+    view the Dockerfile on Forgejo
+</a>
+.
+
+```dockerfile file="../../docker/Dockerfile"
 
-```bash
-docker build -f docker/Dockerfile .
 ```
 
-The image can be cross-compiled for different architectures.
+</details>
 
+### Building Locally
+
+To build an image locally using Docker Buildx:
+
+```bash
+# Build for the current platform and load into the local Docker daemon
+docker buildx build --load --tag continuwuity:latest -f docker/Dockerfile .
+
+# Example: Build for specific platforms and push to a registry
+# docker buildx build --platform linux/amd64,linux/arm64 --tag registry.io/org/continuwuity:latest -f docker/Dockerfile . --push
+
+# Example: Build binary optimised for the current CPU (standard release profile)
+# docker buildx build --load \
+#   --tag continuwuity:latest \
+#   --build-arg TARGET_CPU=native \
+#   -f docker/Dockerfile .
+
+# Example: Build maxperf variant (release-max-perf profile with LTO)
+# docker buildx build --load \
+#   --tag continuwuity:latest-maxperf \
+#   --build-arg TARGET_CPU=native \
+#   --build-arg RUST_PROFILE=release-max-perf \
+#   -f docker/Dockerfile .
+```
+
+Refer to the Docker Buildx documentation for more advanced build options.
+
+[dockerfile-path]:
+    https://forgejo.ellis.link/continuwuation/continuwuation/src/branch/main/docker/Dockerfile
 [continuwuation-ruwuma]: https://forgejo.ellis.link/continuwuation/ruwuma
 [continuwuation-rocksdb]: https://forgejo.ellis.link/continuwuation/rocksdb
-[continuwuation-jemallocator]: https://forgejo.ellis.link/continuwuation/jemallocator
-[continuwuation-rustyline-async]: https://forgejo.ellis.link/continuwuation/rustyline-async
-[continuwuation-rust-rocksdb]: https://forgejo.ellis.link/continuwuation/rust-rocksdb
+[continuwuation-jemallocator]:
+    https://forgejo.ellis.link/continuwuation/jemallocator
+[continuwuation-rustyline-async]:
+    https://forgejo.ellis.link/continuwuation/rustyline-async
+[continuwuation-rust-rocksdb]:
+    https://forgejo.ellis.link/continuwuation/rust-rocksdb
 [continuwuation-tracing]: https://forgejo.ellis.link/continuwuation/tracing
-
 [ruma]: https://github.com/ruma/ruma/
 [rocksdb]: https://github.com/facebook/rocksdb/
 [jemallocator]: https://github.com/tikv/jemallocator/
 [rustyline-async]: https://github.com/zyansheep/rustyline-async/
 [rust-rocksdb]: https://github.com/rust-rocksdb/rust-rocksdb/
 [tracing]: https://github.com/tokio-rs/tracing/
-
 [7]: https://docs.rs/tokio-console/latest/tokio_console/
 [8]: https://github.com/zaidoon1/
 [9]: https://github.com/rust-lang/cargo/issues/12162

docs/reference/_meta.json

@@ -4,6 +4,11 @@
         "name": "config",
         "label": "Configuration"
     },
+    {
+        "type": "file",
+        "name": "environment-variables",
+        "label": "Environment Variables"
+    },
     {
         "type": "file",
         "name": "admin",

docs/reference/environment-variables.mdx

@@ -0,0 +1,281 @@
+# Environment Variables
+
+Continuwuity can be configured entirely through environment variables, making it
+ideal for containerised deployments and infrastructure-as-code scenarios.
+
+This is a convenience reference and may not be exhaustive. The
+[Configuration Reference](./config.mdx) is the primary source for all
+configuration options.
+
+## Prefix System
+
+Continuwuity supports three environment variable prefixes for backwards
+compatibility:
+
+- `CONTINUWUITY_*` (current, recommended)
+- `CONDUWUIT_*` (compatibility)
+- `CONDUIT_*` (legacy)
+
+All three prefixes work identically. Use double underscores (`__`) to represent
+nested configuration sections from the TOML config.
+
+**Examples:**
+
+```bash
+# Simple top-level config
+CONTINUWUITY_SERVER_NAME="matrix.example.com"
+CONTINUWUITY_PORT="8008"
+
+# Nested config sections use double underscores
+# This maps to [database] section in TOML
+CONTINUWUITY_DATABASE__PATH="/var/lib/continuwuity"
+
+# This maps to [tls] section in TOML
+CONTINUWUITY_TLS__CERTS="/path/to/cert.pem"
+```
+
+## Configuration File Override
+
+You can specify a custom configuration file path:
+
+- `CONTINUWUITY_CONFIG` - Path to continuwuity.toml (current)
+- `CONDUWUIT_CONFIG` - Path to config file (compatibility)
+- `CONDUIT_CONFIG` - Path to config file (legacy)
+
+## Essential Variables
+
+These are the minimum variables needed for a working deployment:
+
+| Variable                     | Description                        | Default                |
+| ---------------------------- | ---------------------------------- | ---------------------- |
+| `CONTINUWUITY_SERVER_NAME`   | Your Matrix server's domain name   | Required               |
+| `CONTINUWUITY_DATABASE_PATH` | Path to RocksDB database directory | `/var/lib/conduwuit`   |
+| `CONTINUWUITY_ADDRESS`       | IP address to bind to              | `["127.0.0.1", "::1"]` |
+| `CONTINUWUITY_PORT`          | Port to listen on                  | `8008`                 |
+
+## Network Configuration
+
+| Variable                         | Description                                     | Default                |
+| -------------------------------- | ----------------------------------------------- | ---------------------- |
+| `CONTINUWUITY_ADDRESS`           | Bind address (use `0.0.0.0` for all interfaces) | `["127.0.0.1", "::1"]` |
+| `CONTINUWUITY_PORT`              | HTTP port                                       | `8008`                 |
+| `CONTINUWUITY_UNIX_SOCKET_PATH`  | UNIX socket path (alternative to TCP)           | -                      |
+| `CONTINUWUITY_UNIX_SOCKET_PERMS` | Socket permissions (octal)                      | `660`                  |
+
+## Database Configuration
+
+| Variable                                   | Description                 | Default              |
+| ------------------------------------------ | --------------------------- | -------------------- |
+| `CONTINUWUITY_DATABASE_PATH`               | RocksDB data directory      | `/var/lib/conduwuit` |
+| `CONTINUWUITY_DATABASE_BACKUP_PATH`        | Backup directory            | -                    |
+| `CONTINUWUITY_DATABASE_BACKUPS_TO_KEEP`    | Number of backups to retain | `1`                  |
+| `CONTINUWUITY_DB_CACHE_CAPACITY_MB`        | Database read cache (MB)    | -                    |
+| `CONTINUWUITY_DB_WRITE_BUFFER_CAPACITY_MB` | Write cache (MB)            | -                    |
+
+## Cache Configuration
+
+| Variable                                 | Description              |
+| ---------------------------------------- | ------------------------ |
+| `CONTINUWUITY_CACHE_CAPACITY_MODIFIER`   | LRU cache multiplier     |
+| `CONTINUWUITY_PDU_CACHE_CAPACITY`        | PDU cache entries        |
+| `CONTINUWUITY_AUTH_CHAIN_CACHE_CAPACITY` | Auth chain cache entries |
+
+## DNS Configuration
+
+Configure DNS resolution behaviour for federation and external requests.
+
+| Variable                             | Description                  | Default  |
+| ------------------------------------ | ---------------------------- | -------- |
+| `CONTINUWUITY_DNS_CACHE_ENTRIES`     | Max DNS cache entries        | `32768`  |
+| `CONTINUWUITY_DNS_MIN_TTL`           | Minimum cache TTL (seconds)  | `10800`  |
+| `CONTINUWUITY_DNS_MIN_TTL_NXDOMAIN`  | NXDOMAIN cache TTL (seconds) | `259200` |
+| `CONTINUWUITY_DNS_ATTEMPTS`          | Retry attempts               | -        |
+| `CONTINUWUITY_DNS_TIMEOUT`           | Query timeout (seconds)      | -        |
+| `CONTINUWUITY_DNS_TCP_FALLBACK`      | Allow TCP fallback           | -        |
+| `CONTINUWUITY_QUERY_ALL_NAMESERVERS` | Query all nameservers        | -        |
+| `CONTINUWUITY_QUERY_OVER_TCP_ONLY`   | TCP-only queries             | -        |
+
+## Request Configuration
+
+| Variable                             | Description                   |
+| ------------------------------------ | ----------------------------- |
+| `CONTINUWUITY_MAX_REQUEST_SIZE`      | Max HTTP request size (bytes) |
+| `CONTINUWUITY_REQUEST_CONN_TIMEOUT`  | Connection timeout (seconds)  |
+| `CONTINUWUITY_REQUEST_TIMEOUT`       | Overall request timeout       |
+| `CONTINUWUITY_REQUEST_TOTAL_TIMEOUT` | Total timeout                 |
+| `CONTINUWUITY_REQUEST_IDLE_TIMEOUT`  | Idle timeout                  |
+| `CONTINUWUITY_REQUEST_IDLE_PER_HOST` | Idle connections per host     |
+
+## Federation Configuration
+
+Control how your server federates with other Matrix servers.
+
+| Variable                                       | Description                   | Default |
+| ---------------------------------------------- | ----------------------------- | ------- |
+| `CONTINUWUITY_ALLOW_FEDERATION`                | Enable federation             | `true`  |
+| `CONTINUWUITY_FEDERATION_LOOPBACK`             | Allow loopback federation     | -       |
+| `CONTINUWUITY_FEDERATION_CONN_TIMEOUT`         | Connection timeout            | -       |
+| `CONTINUWUITY_FEDERATION_TIMEOUT`              | Request timeout               | -       |
+| `CONTINUWUITY_FEDERATION_IDLE_TIMEOUT`         | Idle timeout                  | -       |
+| `CONTINUWUITY_FEDERATION_IDLE_PER_HOST`        | Idle connections per host     | -       |
+| `CONTINUWUITY_TRUSTED_SERVERS`                 | JSON array of trusted servers | -       |
+| `CONTINUWUITY_QUERY_TRUSTED_KEY_SERVERS_FIRST` | Query trusted first           | -       |
+| `CONTINUWUITY_ONLY_QUERY_TRUSTED_KEY_SERVERS`  | Only query trusted            | -       |
+
+**Example:**
+
+```bash
+# Trust matrix.org for key verification
+CONTINUWUITY_TRUSTED_SERVERS='["matrix.org"]'
+```
+
+## Registration & User Configuration
+
+Control user registration and account creation behaviour.
+
+| Variable                                   | Description           | Default |
+| ------------------------------------------ | --------------------- | ------- |
+| `CONTINUWUITY_ALLOW_REGISTRATION`          | Enable registration   | `true`  |
+| `CONTINUWUITY_REGISTRATION_TOKEN`          | Token requirement     | -       |
+| `CONTINUWUITY_SUSPEND_ON_REGISTER`         | Suspend new accounts  | -       |
+| `CONTINUWUITY_NEW_USER_DISPLAYNAME_SUFFIX` | Display name suffix   | 🏳️‍⚧️      |
+| `CONTINUWUITY_RECAPTCHA_SITE_KEY`          | reCAPTCHA site key    | -       |
+| `CONTINUWUITY_RECAPTCHA_PRIVATE_SITE_KEY`  | reCAPTCHA private key | -       |
+
+**Example:**
+
+```bash
+# Disable open registration
+CONTINUWUITY_ALLOW_REGISTRATION="false"
+
+# Require a registration token
+CONTINUWUITY_REGISTRATION_TOKEN="your_secret_token_here"
+```
+
+## Feature Configuration
+
+| Variable                                                   | Description                | Default |
+| ---------------------------------------------------------- | -------------------------- | ------- |
+| `CONTINUWUITY_ALLOW_ENCRYPTION`                            | Enable E2EE                | `true`  |
+| `CONTINUWUITY_ALLOW_ROOM_CREATION`                         | Enable room creation       | -       |
+| `CONTINUWUITY_ALLOW_UNSTABLE_ROOM_VERSIONS`                | Allow unstable versions    | -       |
+| `CONTINUWUITY_DEFAULT_ROOM_VERSION`                        | Default room version       | `v11`   |
+| `CONTINUWUITY_REQUIRE_AUTH_FOR_PROFILE_REQUESTS`           | Auth for profiles          | -       |
+| `CONTINUWUITY_ALLOW_PUBLIC_ROOM_DIRECTORY_OVER_FEDERATION` | Federate directory         | -       |
+| `CONTINUWUITY_ALLOW_PUBLIC_ROOM_DIRECTORY_WITHOUT_AUTH`    | Unauth directory           | -       |
+| `CONTINUWUITY_ALLOW_DEVICE_NAME_FEDERATION`                | Device names in federation | -       |
+
+## TLS Configuration
+
+Built-in TLS support is primarily for testing. **For production deployments,
+especially when federating on the internet, use a reverse proxy** (Traefik,
+Caddy, nginx) to handle TLS termination.
+
+| Variable                          | Description               |
+| --------------------------------- | ------------------------- |
+| `CONTINUWUITY_TLS__CERTS`         | TLS certificate file path |
+| `CONTINUWUITY_TLS__KEY`           | TLS private key path      |
+| `CONTINUWUITY_TLS__DUAL_PROTOCOL` | Support TLS 1.2 + 1.3     |
+
+**Example (testing only):**
+
+```bash
+CONTINUWUITY_TLS__CERTS="/etc/letsencrypt/live/matrix.example.com/fullchain.pem"
+CONTINUWUITY_TLS__KEY="/etc/letsencrypt/live/matrix.example.com/privkey.pem"
+```
+
+## Logging Configuration
+
+Control log output format and verbosity.
+
+| Variable                       | Description        | Default |
+| ------------------------------ | ------------------ | ------- |
+| `CONTINUWUITY_LOG`             | Log filter level   | -       |
+| `CONTINUWUITY_LOG_COLORS`      | ANSI colours       | `true`  |
+| `CONTINUWUITY_LOG_SPAN_EVENTS` | Log span events    | `none`  |
+| `CONTINUWUITY_LOG_THREAD_IDS`  | Include thread IDs | -       |
+
+**Examples:**
+
+```bash
+# Set log level to info
+CONTINUWUITY_LOG="info"
+
+# Enable debug logging for specific modules
+CONTINUWUITY_LOG="warn,continuwuity::api=debug"
+
+# Disable colours for log aggregation
+CONTINUWUITY_LOG_COLORS="false"
+```
+
+## Observability Configuration
+
+| Variable                                 | Description           |
+| ---------------------------------------- | --------------------- |
+| `CONTINUWUITY_ALLOW_OTLP`                | Enable OpenTelemetry  |
+| `CONTINUWUITY_OTLP_FILTER`               | OTLP filter level     |
+| `CONTINUWUITY_OTLP_PROTOCOL`             | Protocol (http/grpc)  |
+| `CONTINUWUITY_TRACING_FLAME`             | Enable flame graphs   |
+| `CONTINUWUITY_TRACING_FLAME_FILTER`      | Flame graph filter    |
+| `CONTINUWUITY_TRACING_FLAME_OUTPUT_PATH` | Output directory      |
+| `CONTINUWUITY_SENTRY`                    | Enable Sentry         |
+| `CONTINUWUITY_SENTRY_ENDPOINT`           | Sentry DSN            |
+| `CONTINUWUITY_SENTRY_SEND_SERVER_NAME`   | Include server name   |
+| `CONTINUWUITY_SENTRY_TRACES_SAMPLE_RATE` | Sample rate (0.0-1.0) |
+
+## Admin Configuration
+
+Configure admin users and automated command execution.
+
+| Variable                                   | Description                      | Default           |
+| ------------------------------------------ | -------------------------------- | ----------------- |
+| `CONTINUWUITY_ADMINS_LIST`                 | JSON array of admin user IDs     | -                 |
+| `CONTINUWUITY_ADMINS_FROM_ROOM`            | Derive admins from room          | -                 |
+| `CONTINUWUITY_ADMIN_ESCAPE_COMMANDS`       | Allow `\` prefix in public rooms | -                 |
+| `CONTINUWUITY_ADMIN_CONSOLE_AUTOMATIC`     | Auto-activate console            | -                 |
+| `CONTINUWUITY_ADMIN_EXECUTE`               | JSON array of startup commands   | -                 |
+| `CONTINUWUITY_ADMIN_EXECUTE_ERRORS_IGNORE` | Ignore command errors            | -                 |
+| `CONTINUWUITY_ADMIN_SIGNAL_EXECUTE`        | Commands on SIGUSR2              | -                 |
+| `CONTINUWUITY_ADMIN_ROOM_TAG`              | Admin room tag                   | `m.server_notice` |
+
+**Examples:**
+
+```bash
+# Create admin user on startup
+CONTINUWUITY_ADMIN_EXECUTE='["users create-user admin", "users make-user-admin admin"]'
+
+# Specify admin users directly
+CONTINUWUITY_ADMINS_LIST='["@alice:example.com", "@bob:example.com"]'
+```
+
+## Media & URL Preview Configuration
+
+| Variable                                             | Description        |
+| ---------------------------------------------------- | ------------------ |
+| `CONTINUWUITY_URL_PREVIEW_BOUND_INTERFACE`           | Bind interface     |
+| `CONTINUWUITY_URL_PREVIEW_DOMAIN_CONTAINS_ALLOWLIST` | Domain allowlist   |
+| `CONTINUWUITY_URL_PREVIEW_DOMAIN_EXPLICIT_ALLOWLIST` | Explicit allowlist |
+| `CONTINUWUITY_URL_PREVIEW_DOMAIN_EXPLICIT_DENYLIST`  | Explicit denylist  |
+| `CONTINUWUITY_URL_PREVIEW_MAX_SPIDER_SIZE`           | Max fetch size     |
+| `CONTINUWUITY_URL_PREVIEW_TIMEOUT`                   | Fetch timeout      |
+| `CONTINUWUITY_IP_RANGE_DENYLIST`                     | IP range denylist  |
+
+## Tokio Runtime Configuration
+
+These can be set as environment variables or CLI arguments:
+
+| Variable                                  | Description                |
+| ----------------------------------------- | -------------------------- |
+| `TOKIO_WORKER_THREADS`                    | Worker thread count        |
+| `TOKIO_GLOBAL_QUEUE_INTERVAL`             | Global queue interval      |
+| `TOKIO_EVENT_INTERVAL`                    | Event interval             |
+| `TOKIO_MAX_IO_EVENTS_PER_TICK`            | Max I/O events per tick    |
+| `CONTINUWUITY_RUNTIME_HISTOGRAM_INTERVAL` | Histogram bucket size (μs) |
+| `CONTINUWUITY_RUNTIME_HISTOGRAM_BUCKETS`  | Bucket count               |
+| `CONTINUWUITY_RUNTIME_WORKER_AFFINITY`    | Enable worker affinity     |
+
+## See Also
+
+- [Configuration Reference](./config.mdx) - Complete TOML configuration
+  documentation
+- [Admin Commands](./admin/) - Admin command reference

src/admin/federation/commands.rs

@@ -1,6 +1,6 @@
 use std::fmt::Write;
 
-use conduwuit::{Err, Result, utils::response::LimitReadExt};
+use conduwuit::{Err, Result};
 use futures::StreamExt;
 use ruma::{OwnedRoomId, OwnedServerName, OwnedUserId};
 
@@ -55,15 +55,7 @@ pub(super) async fn fetch_support_well_known(&self, server_name: OwnedServerName
 		.send()
 		.await?;
 
-	let text = response
-		.limit_read_text(
-			self.services
-				.config
-				.max_request_size
-				.try_into()
-				.expect("u64 fits into usize"),
-		)
-		.await?;
+	let text = response.text().await?;
 
 	if text.is_empty() {
 		return Err!("Response text/body is empty.");

src/admin/media/commands.rs

@@ -29,9 +29,7 @@ pub(super) async fn delete(
 			.delete(&mxc.as_str().try_into()?)
 			.await?;
 
-		return self
-			.write_str("Deleted the MXC from our database and on our filesystem.")
-			.await;
+		return Err!("Deleted the MXC from our database and on our filesystem.",);
 	}
 
 	if let Some(event_id) = event_id {

src/api/client/account_data.rs

@@ -9,7 +9,7 @@
 	},
 	events::{
 		AnyGlobalAccountDataEventContent, AnyRoomAccountDataEventContent,
-		RoomAccountDataEventType,
+		GlobalAccountDataEventType, RoomAccountDataEventType,
 	},
 	serde::Raw,
 };
@@ -126,6 +126,12 @@ async fn set_account_data(
 		)));
 	}
 
+	if event_type_s == GlobalAccountDataEventType::PushRules.to_cow_str() {
+		return Err!(Request(BadJson(
+			"This endpoint cannot be used for setting/configuring push rules."
+		)));
+	}
+
 	let data: serde_json::Value = serde_json::from_str(data.get())
 		.map_err(|e| err!(Request(BadJson(warn!("Invalid JSON provided: {e}")))))?;
 

src/api/client/dehydrated_device.rs

@@ -1,121 +0,0 @@
-use axum::extract::State;
-use axum_client_ip::InsecureClientIp;
-use conduwuit::{Err, Result, at};
-use futures::StreamExt;
-use ruma::api::client::dehydrated_device::{
-	delete_dehydrated_device::unstable as delete_dehydrated_device,
-	get_dehydrated_device::unstable as get_dehydrated_device, get_events::unstable as get_events,
-	put_dehydrated_device::unstable as put_dehydrated_device,
-};
-
-use crate::Ruma;
-
-const MAX_BATCH_EVENTS: usize = 50;
-
-/// # `PUT /_matrix/client/../dehydrated_device`
-///
-/// Creates or overwrites the user's dehydrated device.
-#[tracing::instrument(skip_all, fields(%client))]
-pub(crate) async fn put_dehydrated_device_route(
-	State(services): State<crate::State>,
-	InsecureClientIp(client): InsecureClientIp,
-	body: Ruma<put_dehydrated_device::Request>,
-) -> Result<put_dehydrated_device::Response> {
-	let sender_user = body
-		.sender_user
-		.as_deref()
-		.expect("AccessToken authentication required");
-
-	let device_id = body.body.device_id.clone();
-
-	services
-		.users
-		.set_dehydrated_device(sender_user, body.body)
-		.await?;
-
-	Ok(put_dehydrated_device::Response { device_id })
-}
-
-/// # `DELETE /_matrix/client/../dehydrated_device`
-///
-/// Deletes the user's dehydrated device without replacement.
-#[tracing::instrument(skip_all, fields(%client))]
-pub(crate) async fn delete_dehydrated_device_route(
-	State(services): State<crate::State>,
-	InsecureClientIp(client): InsecureClientIp,
-	body: Ruma<delete_dehydrated_device::Request>,
-) -> Result<delete_dehydrated_device::Response> {
-	let sender_user = body.sender_user();
-
-	let device_id = services.users.get_dehydrated_device_id(sender_user).await?;
-
-	services.users.remove_device(sender_user, &device_id).await;
-
-	Ok(delete_dehydrated_device::Response { device_id })
-}
-
-/// # `GET /_matrix/client/../dehydrated_device`
-///
-/// Gets the user's dehydrated device
-#[tracing::instrument(skip_all, fields(%client))]
-pub(crate) async fn get_dehydrated_device_route(
-	State(services): State<crate::State>,
-	InsecureClientIp(client): InsecureClientIp,
-	body: Ruma<get_dehydrated_device::Request>,
-) -> Result<get_dehydrated_device::Response> {
-	let sender_user = body.sender_user();
-
-	let device = services.users.get_dehydrated_device(sender_user).await?;
-
-	Ok(get_dehydrated_device::Response {
-		device_id: device.device_id,
-		device_data: device.device_data,
-	})
-}
-
-/// # `GET /_matrix/client/../dehydrated_device/{device_id}/events`
-///
-/// Paginates the events of the dehydrated device.
-#[tracing::instrument(skip_all, fields(%client))]
-pub(crate) async fn get_dehydrated_events_route(
-	State(services): State<crate::State>,
-	InsecureClientIp(client): InsecureClientIp,
-	body: Ruma<get_events::Request>,
-) -> Result<get_events::Response> {
-	let sender_user = body.sender_user();
-
-	let device_id = &body.body.device_id;
-	let existing_id = services.users.get_dehydrated_device_id(sender_user).await;
-
-	if existing_id.as_ref().is_err()
-		|| existing_id
-			.as_ref()
-			.is_ok_and(|existing_id| existing_id != device_id)
-	{
-		return Err!(Request(Forbidden("Not the dehydrated device_id.")));
-	}
-
-	let since: Option<u64> = body
-		.body
-		.next_batch
-		.as_deref()
-		.map(str::parse)
-		.transpose()?;
-
-	let mut next_batch: Option<u64> = None;
-	let events = services
-		.users
-		.get_to_device_events(sender_user, device_id, since, None)
-		.take(MAX_BATCH_EVENTS)
-		.inspect(|&(count, _)| {
-			next_batch.replace(count);
-		})
-		.map(at!(1))
-		.collect()
-		.await;
-
-	Ok(get_events::Response {
-		events,
-		next_batch: next_batch.as_ref().map(ToString::to_string),
-	})
-}

src/api/client/mod.rs

@@ -6,7 +6,6 @@
 pub(super) mod backup;
 pub(super) mod capabilities;
 pub(super) mod context;
-pub(super) mod dehydrated_device;
 pub(super) mod device;
 pub(super) mod directory;
 pub(super) mod filter;
@@ -50,7 +49,6 @@
 pub(super) use backup::*;
 pub(super) use capabilities::*;
 pub(super) use context::*;
-pub(super) use dehydrated_device::*;
 pub(super) use device::*;
 pub(super) use directory::*;
 pub(super) use filter::*;

src/api/client/sync/v3/mod.rs

@@ -11,7 +11,7 @@
 use axum::extract::State;
 use axum_client_ip::InsecureClientIp;
 use conduwuit::{
-	Result, at, extract_variant,
+	Result, extract_variant,
 	utils::{
 		ReadyExt, TryFutureExtExt,
 		stream::{BroadbandExt, Tools, WidebandExt},
@@ -385,7 +385,6 @@ pub(crate) async fn build_sync_events(
 			last_sync_end_count,
 			Some(current_count),
 		)
-		.map(at!(1))
 		.collect::<Vec<_>>();
 
 	let device_one_time_keys_count = services

src/api/client/sync/v5.rs

@@ -336,9 +336,7 @@ async fn handle_lists<'a, Rooms, AllRooms>(
 		let ranges = list.ranges.clone();
 
 		for mut range in ranges {
-			range.0 = range
-				.0
-				.min(UInt::try_from(active_rooms.len()).unwrap_or(UInt::MAX));
+			range.0 = uint!(0);
 			range.1 = range.1.checked_add(uint!(1)).unwrap_or(range.1);
 			range.1 = range
 				.1
@@ -1029,7 +1027,6 @@ async fn collect_to_device(
 		events: services
 			.users
 			.get_to_device_events(sender_user, sender_device, None, Some(next_batch))
-			.map(at!(1))
 			.collect()
 			.await,
 	})

src/api/client/unversioned.rs

@@ -50,7 +50,6 @@ pub(crate) async fn get_supported_versions_route(
 			("org.matrix.msc2836".to_owned(), true), /* threading/threads (https://github.com/matrix-org/matrix-spec-proposals/pull/2836) */
 			("org.matrix.msc2946".to_owned(), true), /* spaces/hierarchy summaries (https://github.com/matrix-org/matrix-spec-proposals/pull/2946) */
 			("org.matrix.msc3026.busy_presence".to_owned(), true), /* busy presence status (https://github.com/matrix-org/matrix-spec-proposals/pull/3026) */
-			("org.matrix.msc3814".to_owned(), true),               /* dehydrated devices */
 			("org.matrix.msc3827".to_owned(), true), /* filtering of /publicRooms by room type (https://github.com/matrix-org/matrix-spec-proposals/pull/3827) */
 			("org.matrix.msc3952_intentional_mentions".to_owned(), true), /* intentional mentions (https://github.com/matrix-org/matrix-spec-proposals/pull/3952) */
 			("org.matrix.msc3916.stable".to_owned(), true), /* authenticated media (https://github.com/matrix-org/matrix-spec-proposals/pull/3916) */

src/api/client/well_known.rs

@@ -27,32 +27,10 @@ pub(crate) async fn well_known_client(
 		identity_server: None,
 		sliding_sync_proxy: Some(SlidingSyncProxyInfo { url: client_url }),
 		tile_server: None,
-		rtc_foci: services
-			.config
-			.matrix_rtc
-			.effective_foci(&services.config.well_known.rtc_focus_server_urls)
-			.to_vec(),
+		rtc_foci: services.config.well_known.rtc_focus_server_urls.clone(),
 	})
 }
 
-/// # `GET /_matrix/client/v1/rtc/transports`
-/// # `GET /_matrix/client/unstable/org.matrix.msc4143/rtc/transports`
-///
-/// Returns the list of MatrixRTC foci (transports) configured for this
-/// homeserver, implementing MSC4143.
-pub(crate) async fn get_rtc_transports(
-	State(services): State<crate::State>,
-	_body: Ruma<ruma::api::client::discovery::get_rtc_transports::Request>,
-) -> Result<ruma::api::client::discovery::get_rtc_transports::Response> {
-	Ok(ruma::api::client::discovery::get_rtc_transports::Response::new(
-		services
-			.config
-			.matrix_rtc
-			.effective_foci(&services.config.well_known.rtc_focus_server_urls)
-			.to_vec(),
-	))
-}
-
 /// # `GET /.well-known/matrix/support`
 ///
 /// Server support contact and support page of a homeserver's domain.

src/api/router.rs

@@ -160,10 +160,6 @@ pub fn build(router: Router<State>, server: &Server) -> Router<State> {
 		.ruma_route(&client::update_device_route)
 		.ruma_route(&client::delete_device_route)
 		.ruma_route(&client::delete_devices_route)
-		.ruma_route(&client::put_dehydrated_device_route)
-		.ruma_route(&client::delete_dehydrated_device_route)
-		.ruma_route(&client::get_dehydrated_device_route)
-		.ruma_route(&client::get_dehydrated_events_route)
 		.ruma_route(&client::get_tags_route)
 		.ruma_route(&client::update_tag_route)
 		.ruma_route(&client::delete_tag_route)
@@ -188,7 +184,6 @@ pub fn build(router: Router<State>, server: &Server) -> Router<State> {
 		.ruma_route(&client::put_suspended_status)
 		.ruma_route(&client::well_known_support)
 		.ruma_route(&client::well_known_client)
-		.ruma_route(&client::get_rtc_transports)
 		.route("/_conduwuit/server_version", get(client::conduwuit_server_version))
 		.route("/_continuwuity/server_version", get(client::conduwuit_server_version))
 		.ruma_route(&client::room_initial_sync_route)

src/api/router/auth.rs

@@ -67,17 +67,23 @@ pub(super) async fn auth(
 	if metadata.authentication == AuthScheme::None {
 		match metadata {
 			| &get_public_rooms::v3::Request::METADATA => {
-				match token {
-					| Token::Appservice(_) | Token::User(_) => {
-						// we should have validated the token above
-						// already
-					},
-					| Token::None | Token::Invalid => {
-						return Err(Error::BadRequest(
-							ErrorKind::MissingToken,
-							"Missing or invalid access token.",
-						));
-					},
+				if !services
+					.server
+					.config
+					.allow_public_room_directory_without_auth
+				{
+					match token {
+						| Token::Appservice(_) | Token::User(_) => {
+							// we should have validated the token above
+							// already
+						},
+						| Token::None | Token::Invalid => {
+							return Err(Error::BadRequest(
+								ErrorKind::MissingToken,
+								"Missing or invalid access token.",
+							));
+						},
+					}
 				}
 			},
 			| &get_profile::v3::Request::METADATA

src/core/config/mod.rs

@@ -678,6 +678,12 @@ pub struct Config {
 	#[serde(default)]
 	pub allow_public_room_directory_over_federation: bool,
 
+	/// Set this to true to allow your server's public room directory to be
+	/// queried without client authentication (access token) through the Client
+	/// APIs. Set this to false to protect against /publicRooms spiders.
+	#[serde(default)]
+	pub allow_public_room_directory_without_auth: bool,
+
 	/// Allow guests/unauthenticated users to access TURN credentials.
 	///
 	/// This is the equivalent of Synapse's `turn_allow_guests` config option.
@@ -2080,12 +2086,6 @@ pub struct Config {
 	/// display: nested
 	#[serde(default)]
 	pub blurhashing: BlurhashConfig,
-
-	/// Configuration for MatrixRTC (MSC4143) transport discovery.
-	/// display: nested
-	#[serde(default)]
-	pub matrix_rtc: MatrixRtcConfig,
-
 	#[serde(flatten)]
 	#[allow(clippy::zero_sized_map_values)]
 	// this is a catchall, the map shouldn't be zero at runtime
@@ -2151,16 +2151,17 @@ pub struct WellKnownConfig {
 	/// listed.
 	pub support_mxid: Option<OwnedUserId>,
 
-	/// **DEPRECATED**: Use `[global.matrix_rtc].foci` instead.
-	///
 	/// A list of MatrixRTC foci URLs which will be served as part of the
-	/// MSC4143 client endpoint at /.well-known/matrix/client.
+	/// MSC4143 client endpoint at /.well-known/matrix/client.  If you're
+	/// setting up livekit, you'd want something like:
+	/// rtc_focus_server_urls = [
+	///     { type = "livekit", livekit_service_url = "https://livekit.example.com" },
+	/// ]
 	///
-	/// This option is deprecated and will be removed in a future release.
-	/// Please migrate to the new `[global.matrix_rtc]` config section.
+	/// To disable, set this to be an empty vector (`[]`).
 	///
 	/// default: []
-	#[serde(default)]
+	#[serde(default = "default_rtc_focus_urls")]
 	pub rtc_focus_server_urls: Vec<RtcFocusInfo>,
 }
 
@@ -2189,43 +2190,6 @@ pub struct BlurhashConfig {
 	pub blurhash_max_raw_size: u64,
 }
 
-#[derive(Clone, Debug, Deserialize, Default)]
-#[config_example_generator(filename = "conduwuit-example.toml", section = "global.matrix_rtc")]
-pub struct MatrixRtcConfig {
-	/// A list of MatrixRTC foci (transports) which will be served via the
-	/// MSC4143 RTC transports endpoint at
-	/// `/_matrix/client/v1/rtc/transports`. If you're setting up livekit,
-	/// you'd want something like:
-	/// ```toml
-	/// [global.matrix_rtc]
-	/// foci = [
-	///     { type = "livekit", livekit_service_url = "https://livekit.example.com" },
-	/// ]
-	/// ```
-	///
-	/// To disable, set this to an empty list (`[]`).
-	///
-	/// default: []
-	#[serde(default)]
-	pub foci: Vec<RtcFocusInfo>,
-}
-
-impl MatrixRtcConfig {
-	/// Returns the effective foci, falling back to the deprecated
-	/// `rtc_focus_server_urls` if the new config is empty.
-	#[must_use]
-	pub fn effective_foci<'a>(
-		&'a self,
-		deprecated_foci: &'a [RtcFocusInfo],
-	) -> &'a [RtcFocusInfo] {
-		if !self.foci.is_empty() {
-			&self.foci
-		} else {
-			deprecated_foci
-		}
-	}
-}
-
 #[derive(Clone, Debug, Default, Deserialize)]
 #[config_example_generator(filename = "conduwuit-example.toml", section = "global.ldap")]
 pub struct LdapConfig {
@@ -2419,7 +2383,6 @@ pub struct DraupnirConfig {
 	"well_known_support_email",
 	"well_known_support_mxid",
 	"registration_token_file",
-	"well_known.rtc_focus_server_urls",
 ];
 
 impl Config {
@@ -2703,6 +2666,9 @@ fn default_rocksdb_stats_level() -> u8 { 1 }
 #[inline]
 pub fn default_default_room_version() -> RoomVersionId { RoomVersionId::V11 }
 
+#[must_use]
+pub fn default_rtc_focus_urls() -> Vec<RtcFocusInfo> { vec![] }
+
 fn default_ip_range_denylist() -> Vec<String> {
 	vec![
 		"127.0.0.0/8".to_owned(),

src/core/utils/mod.rs

@@ -11,7 +11,6 @@
 pub mod math;
 pub mod mutex_map;
 pub mod rand;
-pub mod response;
 pub mod result;
 pub mod set;
 pub mod stream;

src/core/utils/response.rs

@@ -1,51 +0,0 @@
-use futures::StreamExt;
-use num_traits::ToPrimitive;
-
-use crate::Err;
-
-/// Reads the response body while enforcing a maximum size limit to prevent
-/// memory exhaustion.
-pub async fn limit_read(response: reqwest::Response, max_size: u64) -> crate::Result<Vec<u8>> {
-	if response.content_length().is_some_and(|len| len > max_size) {
-		return Err!(BadServerResponse("Response too large"));
-	}
-	let mut data = Vec::new();
-	let mut reader = response.bytes_stream();
-
-	while let Some(chunk) = reader.next().await {
-		let chunk = chunk?;
-		data.extend_from_slice(&chunk);
-
-		if data.len() > max_size.to_usize().expect("max_size must fit in usize") {
-			return Err!(BadServerResponse("Response too large"));
-		}
-	}
-
-	Ok(data)
-}
-
-/// Reads the response body as text while enforcing a maximum size limit to
-/// prevent memory exhaustion.
-pub async fn limit_read_text(
-	response: reqwest::Response,
-	max_size: u64,
-) -> crate::Result<String> {
-	let text = String::from_utf8(limit_read(response, max_size).await?)?;
-	Ok(text)
-}
-
-#[allow(async_fn_in_trait)]
-pub trait LimitReadExt {
-	async fn limit_read(self, max_size: u64) -> crate::Result<Vec<u8>>;
-	async fn limit_read_text(self, max_size: u64) -> crate::Result<String>;
-}
-
-impl LimitReadExt for reqwest::Response {
-	async fn limit_read(self, max_size: u64) -> crate::Result<Vec<u8>> {
-		limit_read(self, max_size).await
-	}
-
-	async fn limit_read_text(self, max_size: u64) -> crate::Result<String> {
-		limit_read_text(self, max_size).await
-	}
-}

src/database/maps.rs

@@ -362,10 +362,6 @@ pub(super) fn open_list(db: &Arc<Engine>, maps: &[Descriptor]) -> Result<Maps> {
 		name: "userid_blurhash",
 		..descriptor::RANDOM_SMALL
 	},
-	Descriptor {
-		name: "userid_dehydrateddevice",
-		..descriptor::RANDOM_SMALL
-	},
 	Descriptor {
 		name: "userid_devicelistversion",
 		..descriptor::RANDOM_SMALL

src/service/admin/mod.rs

@@ -530,12 +530,7 @@ async fn handle_response_error(
 		Ok(())
 	}
 
-	pub async fn is_admin_command<E>(
-		&self,
-		event: &E,
-		body: &str,
-		sent_locally: bool,
-	) -> Option<InvocationSource>
+	pub async fn is_admin_command<E>(&self, event: &E, body: &str) -> Option<InvocationSource>
 	where
 		E: Event + Send + Sync,
 	{
@@ -585,15 +580,6 @@ pub async fn is_admin_command<E>(
 				return None;
 			}
 
-			// Escaped commands must be sent locally (via client API), not via federation
-			if !sent_locally {
-				conduwuit::warn!(
-					"Ignoring escaped admin command from {} that arrived via federation",
-					event.sender()
-				);
-				return None;
-			}
-
 			// Looks good
 			Some(InvocationSource::EscapedCommand)
 		}

src/service/announcements/mod.rs

@@ -18,7 +18,7 @@
 use std::{sync::Arc, time::Duration};
 
 use async_trait::async_trait;
-use conduwuit::{Result, Server, debug, error, utils::response::LimitReadExt, warn};
+use conduwuit::{Result, Server, debug, error, warn};
 use database::{Deserialized, Map};
 use ruma::events::{Mentions, room::message::RoomMessageEventContent};
 use serde::Deserialize;
@@ -137,7 +137,7 @@ async fn check(&self) -> Result<()> {
 			.get(CHECK_FOR_ANNOUNCEMENTS_URL)
 			.send()
 			.await?
-			.limit_read_text(1024 * 1024)
+			.text()
 			.await?;
 
 		let response = serde_json::from_str::<CheckForAnnouncementsResponse>(&response)?;

src/service/federation/execute.rs

@@ -2,8 +2,8 @@
 
 use bytes::Bytes;
 use conduwuit::{
-	Err, Error, Result, debug, debug::INFO_SPAN_LEVEL, debug_error, debug_warn, err, implement,
-	trace, utils::response::LimitReadExt,
+	Err, Error, Result, debug, debug::INFO_SPAN_LEVEL, debug_error, debug_warn, err,
+	error::inspect_debug_log, implement, trace,
 };
 use http::{HeaderValue, header::AUTHORIZATION};
 use ipaddress::IPAddress;
@@ -133,22 +133,7 @@ async fn handle_response<T>(
 where
 	T: OutgoingRequest + Send,
 {
-	const HUGE_ENDPOINTS: [&str; 2] =
-		["/_matrix/federation/v2/send_join/", "/_matrix/federation/v2/state/"];
-	let size_limit: u64 = if HUGE_ENDPOINTS.iter().any(|e| url.path().starts_with(e)) {
-		// Some federation endpoints can return huge response bodies, so we'll bump the
-		// limit for those endpoints specifically.
-		self.services
-			.server
-			.config
-			.max_request_size
-			.saturating_mul(10)
-	} else {
-		self.services.server.config.max_request_size
-	}
-	.try_into()
-	.expect("size_limit (usize) should fit within a u64");
-	let response = into_http_response(dest, actual, method, url, response, size_limit).await?;
+	let response = into_http_response(dest, actual, method, url, response).await?;
 
 	T::IncomingResponse::try_from_http_response(response)
 		.map_err(|e| err!(BadServerResponse("Server returned bad 200 response: {e:?}")))
@@ -160,7 +145,6 @@ async fn into_http_response(
 	method: &Method,
 	url: &Url,
 	mut response: Response,
-	max_size: u64,
 ) -> Result<http::Response<Bytes>> {
 	let status = response.status();
 	trace!(
@@ -183,14 +167,14 @@ async fn into_http_response(
 	);
 
 	trace!("Waiting for response body...");
+	let body = response
+		.bytes()
+		.await
+		.inspect_err(inspect_debug_log)
+		.unwrap_or_else(|_| Vec::new().into());
+
 	let http_response = http_response_builder
-		.body(
-			response
-				.limit_read(max_size)
-				.await
-				.unwrap_or_default()
-				.into(),
-		)
+		.body(body)
 		.expect("reqwest body is valid http body");
 
 	debug!("Got {status:?} for {method} {url}");

src/service/media/preview.rs

@@ -7,7 +7,7 @@
 
 use std::time::SystemTime;
 
-use conduwuit::{Err, Result, debug, err, utils::response::LimitReadExt};
+use conduwuit::{Err, Result, debug, err};
 use conduwuit_core::implement;
 use ipaddress::IPAddress;
 use serde::Serialize;
@@ -112,22 +112,8 @@ pub async fn download_image(&self, url: &str) -> Result<UrlPreviewData> {
 	use image::ImageReader;
 	use ruma::Mxc;
 
-	let image = self
-		.services
-		.client
-		.url_preview
-		.get(url)
-		.send()
-		.await?
-		.limit_read(
-			self.services
-				.server
-				.config
-				.max_request_size
-				.try_into()
-				.expect("u64 should fit in usize"),
-		)
-		.await?;
+	let image = self.services.client.url_preview.get(url).send().await?;
+	let image = image.bytes().await?;
 	let mxc = Mxc {
 		server_name: self.services.globals.server_name(),
 		media_id: &random_string(super::MXC_LENGTH),
@@ -165,20 +151,24 @@ async fn download_html(&self, url: &str) -> Result<UrlPreviewData> {
 	use webpage::HTML;
 
 	let client = &self.services.client.url_preview;
-	let body = client
-		.get(url)
-		.send()
-		.await?
-		.limit_read_text(
-			self.services
-				.server
-				.config
-				.max_request_size
-				.try_into()
-				.expect("u64 should fit in usize"),
-		)
-		.await?;
-	let Ok(html) = HTML::from_string(body.clone(), Some(url.to_owned())) else {
+	let mut response = client.get(url).send().await?;
+
+	let mut bytes: Vec<u8> = Vec::new();
+	while let Some(chunk) = response.chunk().await? {
+		bytes.extend_from_slice(&chunk);
+		if bytes.len() > self.services.globals.url_preview_max_spider_size() {
+			debug!(
+				"Response body from URL {} exceeds url_preview_max_spider_size ({}), not \
+				 processing the rest of the response body and assuming our necessary data is in \
+				 this range.",
+				url,
+				self.services.globals.url_preview_max_spider_size()
+			);
+			break;
+		}
+	}
+	let body = String::from_utf8_lossy(&bytes);
+	let Ok(html) = HTML::from_string(body.to_string(), Some(url.to_owned())) else {
 		return Err!(Request(Unknown("Failed to parse HTML")));
 	};
 

src/service/media/remote.rs

@@ -2,7 +2,7 @@
 
 use conduwuit::{
 	Err, Error, Result, debug_warn, err, implement,
-	utils::{content_disposition::make_content_disposition, response::LimitReadExt},
+	utils::content_disposition::make_content_disposition,
 };
 use http::header::{CONTENT_DISPOSITION, CONTENT_TYPE, HeaderValue};
 use ruma::{
@@ -286,15 +286,10 @@ async fn location_request(&self, location: &str) -> Result<FileMeta> {
 		.and_then(Result::ok);
 
 	response
-		.limit_read(
-			self.services
-				.server
-				.config
-				.max_request_size
-				.try_into()
-				.expect("u64 should fit in usize"),
-		)
+		.bytes()
 		.await
+		.map(Vec::from)
+		.map_err(Into::into)
 		.map(|content| FileMeta {
 			content: Some(content),
 			content_type: content_type.clone(),

src/service/pusher/mod.rs

@@ -1,7 +1,6 @@
 use std::{fmt::Debug, mem, sync::Arc};
 
 use bytes::BytesMut;
-use conduwuit::utils::response::LimitReadExt;
 use conduwuit_core::{
 	Err, Event, Result, debug_warn, err, trace,
 	utils::{stream::TryIgnore, string_from_bytes},
@@ -31,7 +30,7 @@
 	uint,
 };
 
-use crate::{Dep, client, config, globals, rooms, sending, users};
+use crate::{Dep, client, globals, rooms, sending, users};
 
 pub struct Service {
 	db: Data,
@@ -40,7 +39,6 @@ pub struct Service {
 
 struct Services {
 	globals: Dep<globals::Service>,
-	config: Dep<config::Service>,
 	client: Dep<client::Service>,
 	state_accessor: Dep<rooms::state_accessor::Service>,
 	state_cache: Dep<rooms::state_cache::Service>,
@@ -63,7 +61,6 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 			services: Services {
 				globals: args.depend::<globals::Service>("globals"),
 				client: args.depend::<client::Service>("client"),
-				config: args.depend::<config::Service>("config"),
 				state_accessor: args
 					.depend::<rooms::state_accessor::Service>("rooms::state_accessor"),
 				state_cache: args.depend::<rooms::state_cache::Service>("rooms::state_cache"),
@@ -248,15 +245,7 @@ pub async fn send_request<T>(&self, dest: &str, request: T) -> Result<T::Incomin
 						.expect("http::response::Builder is usable"),
 				);
 
-				let body = response
-					.limit_read(
-						self.services
-							.config
-							.max_request_size
-							.try_into()
-							.expect("usize fits into u64"),
-					)
-					.await?;
+				let body = response.bytes().await?;
 
 				if !status.is_success() {
 					debug_warn!("Push gateway response body: {:?}", string_from_bytes(&body));

src/service/resolver/well_known.rs

@@ -1,6 +1,4 @@
-use conduwuit::{
-	Result, debug, debug_error, debug_info, implement, trace, utils::response::LimitReadExt,
-};
+use conduwuit::{Result, debug, debug_error, debug_info, debug_warn, implement, trace};
 
 #[implement(super::Service)]
 #[tracing::instrument(name = "well-known", level = "debug", skip(self, dest))]
@@ -26,8 +24,12 @@ pub(super) async fn request_well_known(&self, dest: &str) -> Result<Option<Strin
 		return Ok(None);
 	}
 
-	let text = response.limit_read_text(8192).await?;
+	let text = response.text().await?;
 	trace!("response text: {text:?}");
+	if text.len() >= 12288 {
+		debug_warn!("response contains junk");
+		return Ok(None);
+	}
 
 	let body: serde_json::Value = serde_json::from_str(&text).unwrap_or_default();
 

src/service/rooms/event_handler/fetch_state.rs

@@ -63,9 +63,7 @@ pub(super) async fn fetch_state<Pdu>(
 			},
 			| hash_map::Entry::Occupied(_) => {
 				return Err!(Database(
-					"State event's type and state_key combination exists multiple times: {}, {}",
-					pdu.kind(),
-					state_key
+					"State event's type and state_key combination exists multiple times.",
 				));
 			},
 		}

src/service/rooms/event_handler/handle_outlier_pdu.rs

@@ -162,9 +162,7 @@ pub(super) async fn handle_outlier_pdu<'a, Pdu>(
 			},
 			| hash_map::Entry::Occupied(_) => {
 				return Err!(Request(InvalidParam(
-					"Auth event's type and state_key combination exists multiple times: {}, {}",
-					auth_event.kind,
-					auth_event.state_key().unwrap_or("")
+					"Auth event's type and state_key combination exists multiple times.",
 				)));
 			},
 		}

src/service/rooms/timeline/append.rs

@@ -72,26 +72,6 @@ pub async fn append_incoming_pdu<'a, Leaves>(
 		.append_pdu(pdu, pdu_json, new_room_leaves, state_lock, room_id)
 		.await?;
 
-	// Process admin commands for federation events
-	if *pdu.kind() == TimelineEventType::RoomMessage {
-		let content: ExtractBody = pdu.get_content()?;
-		if let Some(body) = content.body {
-			if let Some(source) = self
-				.services
-				.admin
-				.is_admin_command(pdu, &body, false)
-				.await
-			{
-				self.services.admin.command_with_sender(
-					body,
-					Some(pdu.event_id().into()),
-					source,
-					pdu.sender.clone().into(),
-				)?;
-			}
-		}
-	}
-
 	Ok(Some(pdu_id))
 }
 
@@ -354,6 +334,15 @@ pub async fn append_pdu<'a, Leaves>(
 			let content: ExtractBody = pdu.get_content()?;
 			if let Some(body) = content.body {
 				self.services.search.index_pdu(shortroomid, &pdu_id, &body);
+
+				if let Some(source) = self.services.admin.is_admin_command(pdu, &body).await {
+					self.services.admin.command_with_sender(
+						body,
+						Some((pdu.event_id()).into()),
+						source,
+						pdu.sender.clone().into(),
+					)?;
+				}
 			}
 		},
 		| _ => {},

src/service/rooms/timeline/build.rs

@@ -18,7 +18,7 @@
 	},
 };
 
-use super::{ExtractBody, RoomMutexGuard};
+use super::RoomMutexGuard;
 
 /// Creates a new persisted data unit and adds it to a room. This function
 /// takes a roomid_mutex_state, meaning that only this function is able to
@@ -126,26 +126,6 @@ pub async fn build_and_append_pdu(
 		.boxed()
 		.await?;
 
-	// Process admin commands for locally sent events
-	if *pdu.kind() == TimelineEventType::RoomMessage {
-		let content: ExtractBody = pdu.get_content()?;
-		if let Some(body) = content.body {
-			if let Some(source) = self
-				.services
-				.admin
-				.is_admin_command(&pdu, &body, true)
-				.await
-			{
-				self.services.admin.command_with_sender(
-					body,
-					Some(pdu.event_id().into()),
-					source,
-					pdu.sender.clone().into(),
-				)?;
-			}
-		}
-	}
-
 	// We set the room state after inserting the pdu, so that we never have a moment
 	// in time where events in the current room state do not exist
 	trace!("Setting room state for room {room_id}");
@@ -187,8 +167,6 @@ pub async fn build_and_append_pdu(
 	Ok(pdu.event_id().to_owned())
 }
 
-/// Assert invariants about the admin room, to prevent (for example) all admins
-/// from leaving or being banned from the room
 #[implement(super::Service)]
 #[tracing::instrument(skip_all, level = "debug")]
 async fn check_pdu_for_admin_room<Pdu>(&self, pdu: &Pdu, sender: &UserId) -> Result

src/service/sending/antispam.rs

@@ -1,7 +1,7 @@
 use std::{fmt::Debug, mem};
 
 use bytes::BytesMut;
-use conduwuit::{Err, Result, debug_error, err, utils, utils::response::LimitReadExt, warn};
+use conduwuit::{Err, Result, debug_error, err, utils, warn};
 use reqwest::Client;
 use ruma::api::{IncomingResponse, MatrixVersion, OutgoingRequest, SendAccessToken};
 
@@ -38,7 +38,7 @@ pub(crate) async fn send_antispam_request<T>(
 			.expect("http::response::Builder is usable"),
 	);
 
-	let body = response.limit_read(65535).await?; // TODO: handle timeout
+	let body = response.bytes().await?; // TODO: handle timeout
 
 	if !status.is_success() {
 		debug_error!("Antispam response bytes: {:?}", utils::string_from_bytes(&body));

src/service/sending/appservice.rs

@@ -1,9 +1,7 @@
 use std::{fmt::Debug, mem};
 
 use bytes::BytesMut;
-use conduwuit::{
-	Err, Result, debug_error, err, implement, trace, utils, utils::response::LimitReadExt, warn,
-};
+use conduwuit::{Err, Result, debug_error, err, implement, trace, utils, warn};
 use ruma::api::{
 	IncomingResponse, MatrixVersion, OutgoingRequest, SendAccessToken, appservice::Registration,
 };
@@ -79,15 +77,7 @@ pub async fn send_appservice_request<T>(
 			.expect("http::response::Builder is usable"),
 	);
 
-	let body = response
-		.limit_read(
-			self.server
-				.config
-				.max_request_size
-				.try_into()
-				.expect("usize fits into u64"),
-		)
-		.await?;
+	let body = response.bytes().await?;
 
 	if !status.is_success() {
 		debug_error!("Appservice response bytes: {:?}", utils::string_from_bytes(&body));

src/service/sending/sender.rs

@@ -10,7 +10,7 @@
 
 use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
 use conduwuit_core::{
-	Error, Event, Result, at, debug, err, error,
+	Error, Event, Result, debug, err, error,
 	result::LogErr,
 	trace,
 	utils::{
@@ -175,7 +175,7 @@ async fn handle_response_ok<'a>(
 		if !new_events.is_empty() {
 			self.db.mark_as_active(new_events.iter());
 
-			let new_events_vec = new_events.into_iter().map(at!(1)).collect();
+			let new_events_vec = new_events.into_iter().map(|(_, event)| event).collect();
 			futures.push(self.send_events(dest.clone(), new_events_vec));
 		} else {
 			statuses.remove(dest);

src/service/users/dehydrated_device.rs

@@ -1,149 +0,0 @@
-use conduwuit::{Err, Result, implement, trace};
-use conduwuit_database::{Deserialized, Json};
-use ruma::{
-	DeviceId, OwnedDeviceId, UserId,
-	api::client::dehydrated_device::{
-		DehydratedDeviceData, put_dehydrated_device::unstable::Request,
-	},
-	serde::Raw,
-};
-use serde::{Deserialize, Serialize};
-
-#[derive(Clone, Debug, Serialize, Deserialize)]
-pub struct DehydratedDevice {
-	/// Unique ID of the device.
-	pub device_id: OwnedDeviceId,
-
-	/// Contains serialized and encrypted private data.
-	pub device_data: Raw<DehydratedDeviceData>,
-}
-
-/// Creates or recreates the user's dehydrated device.
-#[implement(super::Service)]
-#[tracing::instrument(
-	level = "info",
-	skip_all,
-	fields(
-		%user_id,
-		device_id = %request.device_id,
-		display_name = ?request.initial_device_display_name,
-	)
-)]
-pub async fn set_dehydrated_device(&self, user_id: &UserId, request: Request) -> Result {
-	assert!(
-		self.exists(user_id).await,
-		"Tried to create dehydrated device for non-existent user"
-	);
-
-	let existing_id = self.get_dehydrated_device_id(user_id).await;
-
-	if existing_id.is_err()
-		&& self
-			.get_device_metadata(user_id, &request.device_id)
-			.await
-			.is_ok()
-	{
-		return Err!("A hydrated device already exists with that ID.");
-	}
-
-	if let Ok(existing_id) = existing_id {
-		self.remove_device(user_id, &existing_id).await;
-	}
-
-	self.create_device(
-		user_id,
-		&request.device_id,
-		"",
-		request.initial_device_display_name.clone(),
-		None,
-	)
-	.await?;
-
-	trace!(device_data = ?request.device_data);
-	self.db.userid_dehydrateddevice.raw_put(
-		user_id,
-		Json(&DehydratedDevice {
-			device_id: request.device_id.clone(),
-			device_data: request.device_data,
-		}),
-	);
-
-	trace!(device_keys = ?request.device_keys);
-	self.add_device_keys(user_id, &request.device_id, &request.device_keys)
-		.await;
-
-	trace!(one_time_keys = ?request.one_time_keys);
-	for (one_time_key_key, one_time_key_value) in &request.one_time_keys {
-		self.add_one_time_key(user_id, &request.device_id, one_time_key_key, one_time_key_value)
-			.await?;
-	}
-
-	Ok(())
-}
-
-/// Removes a user's dehydrated device.
-///
-/// Calling this directly will remove the dehydrated data but leak the frontage
-/// device. Thus this is called by the regular device interface such that the
-/// dehydrated data will not leak instead.
-///
-/// If device_id is given, the user's dehydrated device must match or this is a
-/// no-op, but an Err is still returned to indicate that. Otherwise returns the
-/// removed dehydrated device_id.
-#[implement(super::Service)]
-#[tracing::instrument(
-	level = "debug",
-	skip_all,
-	fields(
-		%user_id,
-		device_id = ?maybe_device_id,
-	)
-)]
-pub(super) async fn remove_dehydrated_device(
-	&self,
-	user_id: &UserId,
-	maybe_device_id: Option<&DeviceId>,
-) -> Result<OwnedDeviceId> {
-	let Ok(device_id) = self.get_dehydrated_device_id(user_id).await else {
-		return Err!(Request(NotFound("No dehydrated device for this user.")));
-	};
-
-	if let Some(maybe_device_id) = maybe_device_id {
-		if maybe_device_id != device_id {
-			return Err!(Request(NotFound("Not the user's dehydrated device.")));
-		}
-	}
-
-	self.db.userid_dehydrateddevice.remove(user_id);
-
-	Ok(device_id)
-}
-
-/// Get the device_id of the user's dehydrated device.
-#[implement(super::Service)]
-#[tracing::instrument(
-	level = "debug",
-	skip_all,
-	fields(%user_id)
-)]
-pub async fn get_dehydrated_device_id(&self, user_id: &UserId) -> Result<OwnedDeviceId> {
-	self.get_dehydrated_device(user_id)
-		.await
-		.map(|device| device.device_id)
-}
-
-/// Get the dehydrated device private data
-#[implement(super::Service)]
-#[tracing::instrument(
-	level = "debug",
-	skip_all,
-	fields(%user_id),
-	ret,
-)]
-pub async fn get_dehydrated_device(&self, user_id: &UserId) -> Result<DehydratedDevice> {
-	self.db
-		.userid_dehydrateddevice
-		.get(user_id)
-		.await
-		.deserialized()
-}

src/service/users/mod.rs

@@ -1,5 +1,3 @@
-pub(super) mod dehydrated_device;
-
 #[cfg(feature = "ldap")]
 use std::collections::HashMap;
 use std::{collections::BTreeMap, mem, net::IpAddr, sync::Arc};
@@ -7,7 +5,7 @@
 #[cfg(feature = "ldap")]
 use conduwuit::result::LogErr;
 use conduwuit::{
-	Err, Error, Result, Server, debug_warn, err, is_equal_to, trace,
+	Err, Error, Result, Server, at, debug_warn, err, is_equal_to, trace,
 	utils::{self, ReadyExt, stream::TryIgnore, string::Unquoted},
 };
 #[cfg(feature = "ldap")]
@@ -72,7 +70,6 @@ struct Data {
 	userfilterid_filter: Arc<Map>,
 	userid_avatarurl: Arc<Map>,
 	userid_blurhash: Arc<Map>,
-	userid_dehydrateddevice: Arc<Map>,
 	userid_devicelistversion: Arc<Map>,
 	userid_displayname: Arc<Map>,
 	userid_lastonetimekeyupdate: Arc<Map>,
@@ -113,7 +110,6 @@ fn build(args: crate::Args<'_>) -> Result<Arc<Self>> {
 				userfilterid_filter: args.db["userfilterid_filter"].clone(),
 				userid_avatarurl: args.db["userid_avatarurl"].clone(),
 				userid_blurhash: args.db["userid_blurhash"].clone(),
-				userid_dehydrateddevice: args.db["userid_dehydrateddevice"].clone(),
 				userid_devicelistversion: args.db["userid_devicelistversion"].clone(),
 				userid_displayname: args.db["userid_displayname"].clone(),
 				userid_lastonetimekeyupdate: args.db["userid_lastonetimekeyupdate"].clone(),
@@ -484,11 +480,6 @@ pub async fn create_device(
 
 	/// Removes a device from a user.
 	pub async fn remove_device(&self, user_id: &UserId, device_id: &DeviceId) {
-		// Remove dehydrated device if this is the dehydrated device
-		let _: Result<_> = self
-			.remove_dehydrated_device(user_id, Some(device_id))
-			.await;
-
 		let userdeviceid = (user_id, device_id);
 
 		// Remove tokens
@@ -1012,7 +1003,7 @@ pub fn get_to_device_events<'a>(
 		device_id: &'a DeviceId,
 		since: Option<u64>,
 		to: Option<u64>,
-	) -> impl Stream<Item = (u64, Raw<AnyToDeviceEvent>)> + Send + 'a {
+	) -> impl Stream<Item = Raw<AnyToDeviceEvent>> + Send + 'a {
 		type Key<'a> = (&'a UserId, &'a DeviceId, u64);
 
 		let from = (user_id, device_id, since.map_or(0, |since| since.saturating_add(1)));
@@ -1026,7 +1017,7 @@ pub fn get_to_device_events<'a>(
 					&& device_id == *device_id_
 					&& to.is_none_or(|to| *count <= to)
 			})
-			.map(|((_, _, count), event)| (count, event))
+			.map(at!(1))
 	}
 
 	pub async fn remove_to_device_events<Until>(