Commit Graph

239 Commits

Author SHA1 Message Date
decentral1se 6dd5a3b0fc
Merge branch 'master' into ccchaos 2021-12-11 17:53:24 +01:00
Matthew Wild d1cdca0c2c docs: Update certificate troubleshooting docs with more info 2021-11-25 15:00:41 +00:00
Matthew Wild e5d493483e prosody: Bump prosody-modules for bugfix in 4abb33a15897 2021-11-19 17:02:09 +00:00
Matthew Wild fbc5a46c43 prosody: Bump prosody-modules for bugfix in fd90925dc239 2021-11-18 09:09:05 +00:00
Matthew Wild 8c506217d5
Merge pull request #84 from snikket-im/docs/add-user-roles-page
docs: Add page about user roles
2021-11-17 15:49:35 +00:00
Matthew Wild 861c570b37
Merge pull request #85 from snikket-im/feature/measure-active-users
Feature: measure active users
2021-11-17 15:49:23 +00:00
Matthew Wild ad694d6436 prosody: Enable mod_measure_active_users
This allows an operator (via Prometheus, or eventually the web portal) to keep
tabs on how many people are using the server, e.g. to assist with capacity
planning. This will become more important once we allow user-to-user account
invitations.
2021-11-17 13:51:05 +00:00
Matthew Wild 569fce239c prosody: Switch to and enable mod_lastlog2
This records a timestamp of various account events - account registration
time, last connection and last disconnection.

In the future I would like to keep a time-limited record of account activity
so we can also present it to the user for security purposes (e.g. detecting
account compromise and access by third-parties). That will need additional
design work to figure out how to do it in a privacy-preserving way.
2021-11-17 13:47:42 +00:00
Matthew Wild 6ab178385f
Merge pull request #83 from snikket-im/auto-enable-group-push
prosody: Enable push notifications for offline group members by default
2021-11-16 19:21:20 +00:00
Matthew Wild cd462a28a7 docs: Add page about user roles 2021-11-16 17:11:36 +00:00
Matthew Wild 17444cc3bd prosody: Enable push notifications for offline group members by default
This avoids the app needing to gain logic to opt-in to push notifications.
Such logic may be fragile, and introduce additional traffic and round-trips
that would hurt performance.

Note that this will trigger pushes even to users who only use Android or
non-mobile devices. That should cause no issues, and the impact would be
minor. Also considering that non-iOS devices usually remain online most of the
time anyway.

Not accounted for in this commit is the MUC notification filtering side of
things. By default the MUC will push all messages, and
mod_cloud_notify(_filters) will allow all of them through to the device unless
the user explicitly configures otherwise within the app.

If the server can detect whether a MUC is public or private, it can make the
default behaviour more sensible (maybe when adding bookmarks or something?).
In any case, public channels are not a primary use-case for Snikket and can
easily be configured manually in the app for now.
2021-11-16 16:08:16 +00:00
Matthew Wild a24eddab8b prosody: Add symlink for mod_muc_offline_delivery 2021-11-15 14:15:56 +00:00
Matthew Wild 77ecd4d9b9
Merge pull request #77 from snikket-im/fix/restricted-users
Fix restricted users
2021-11-12 21:46:00 +00:00
Matthew Wild fb518da3c8
Merge branch 'master' into fix/restricted-users 2021-11-12 21:45:38 +00:00
Matthew Wild b2b1ea3660
Merge pull request #76 from snikket-im/feature/admin-shell-prompt
prosody: Show Snikket domain in admin shell prompt
2021-11-12 16:02:51 +00:00
Matthew Wild a2714fc178 prosody: Bump to build 1540 for role improvements
This change will disconnect user sessions when their role changes, ensuring
appropriate policies are always enforced.
2021-11-12 15:58:34 +00:00
Matthew Wild ce14c8153b prosody: Load mod_snikket_restricted_users on main host 2021-11-12 15:56:52 +00:00
Matthew Wild 08080f03b9 prosody: Show Snikket domain in admin shell prompt 2021-11-12 13:43:50 +00:00
Matthew Wild 2d623e7bf5
Merge pull request #75 from snikket-im/fix/tweak-gc-defaults
prosody: Tune GC to be more aggressive by default
2021-11-11 14:57:53 +00:00
Matthew Wild e19b0a32af prosody: Tune GC to be more aggressive by default
It appears that, in some environments at least, large file uploads can still
cause a significant increase in RAM. This reduces that effect.

It is expected that a future release will switch to Lua 5.4, which has shown
to have far better GC behaviour.
2021-11-11 14:40:09 +00:00
Matthew Wild b57057f809
Merge pull request #74 from snikket-im/fix/no-roles-no-isolation
mod_snikket_restricted_users: Don't isolate users with no roles
2021-11-10 17:51:14 +00:00
Matthew Wild 457096a13d mod_snikket_restricted_users: Don't isolate users with no roles
The code was originally written to fail safe in the event of failure, hence
the 'if roles and ...'. However a user with no roles (which is normal for a
normal user, especially on upgrade) can return nil.

Failure is signified by 'false', so now we explicitly catch this and return
early without bypassing isolation. Users with no roles (nil) or with roles
but not prosody:restricted bypass isolation.
2021-11-10 17:27:09 +00:00
Matthew Wild f85250461c CHANGELOG: Add unreleased changes 2021-11-10 14:41:44 +00:00
Matthew Wild 631c3acc99
Merge pull request #72 from snikket-im/restricted-users
Restrictions for restricted users
2021-11-09 16:21:39 +00:00
Matthew Wild 8d16897cff
Merge pull request #73 from snikket-im/fix-uploads-allow-for-gcm-tag
prosody: Add 16 bytes to upload limit to allow for appended GCM tag
2021-11-09 16:17:50 +00:00
Matthew Wild ca242ce8a4 prosody: Add 16 bytes to upload limit to allow for appended GCM tag (XEP-0454) 2021-11-09 14:25:56 +00:00
Matthew Wild a5084a289e mod_snikket_restricted_users: Add some explanatory comments 2021-11-09 12:28:50 +00:00
Matthew Wild 40daaa883b prosody: Disable user invitations for restricted users
Note that this currently has no effect, because user and contact invitations
are disabled globally for non-admins.
2021-11-09 12:01:59 +00:00
Matthew Wild 263d5cf286 prosody: Bump to trunk build 1535 + prosody-modules 8bd36bba2292 2021-11-09 11:51:16 +00:00
Matthew Wild d47a6ddbc0 mod_snikket_restricted_users: Use event.actor, which is preferred and always present 2021-11-09 11:23:49 +00:00
Matthew Wild 2f997d50b5 prosody: Enable mod_snikket_restricted_users on MUC host to enforce channel creation 2021-11-09 11:23:19 +00:00
Matthew Wild 0294b0e7e0 prosody: Prevent restricted users from creating public channels (#37) 2021-11-08 16:13:07 +00:00
Matthew Wild 5dddfeb876 prosody: Prevent federation for users with prosody:restricted role (#37) 2021-11-08 12:51:14 +00:00
Matthew Wild 00ad72bcf1 prosody: add symlink for mod_cloud_notify_extensions 2021-11-02 12:52:51 +00:00
3wc d1fd9d6ef4 Merge remote-tracking branch 'upstream/master' 2021-11-01 16:40:04 +02:00
Matthew Wild 1fe4571ab4 mod_snikket_ios_preserve_push: Handle case where user has no push registrations stored 2021-11-01 10:16:08 +00:00
3wc d8577e0e57 Awful scary changes to Prosody SSL config 2021-10-31 16:57:01 +02:00
3wc 7605046cb0 don't merge: add certificate path conf for prosody 2021-10-30 23:31:54 +02:00
3wc b1af112f15 don't merge: ho ho now we have variables 2021-10-30 22:58:21 +02:00
Matthew Wild e125e70e3e docs: Fix missing quote in command 2021-10-20 20:49:09 +01:00
Matthew Wild 94a279a277 docs: Fix infoboxes in the quickstart to be mkdocs-compatible 2021-10-20 14:20:20 +01:00
Matthew Wild 609183c305 Makefile: Some fixes for the docs build process 2021-10-20 14:03:36 +01:00
Matthew Wild 6160d259e6 docs: Add troubleshooting guide 2021-10-20 14:03:08 +01:00
Matthew Wild dae151c7c9 prosody: Add new module to load push registration for new sessions 2021-10-18 14:17:20 +01:00
Matthew Wild ff38924c47
Merge pull request #71 from Zash/repo-filename
Specify a filename for repository
2021-10-18 13:52:15 +01:00
Matthew Wild adb1fb92ae prosody: Bump prosody-modules for cloud_notify improvements 2021-10-18 13:51:55 +01:00
Matthew Wild 83c757c786 prosody: Add module to expose stable client id across sessions 2021-10-18 13:50:36 +01:00
Kim Alvefur 30e05e8754 Specify a filename for repository
So that it stays the same even if the URL is changed.
2021-10-18 14:15:32 +02:00
Matthew Wild deddef38f2 prosody: Use new cloud_notify_extensions meta-module 2021-10-16 21:23:05 +01:00
Matthew Wild f6cf8f2645 prosody: Add mod_muc_offline_delivery for group notifications on iOS 2021-10-16 21:23:05 +01:00