Add changelog entry for beta.20210205

... load the module, too

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Snikket Server changelog
 
+## beta.20210205
+
+- Fix destruction of circle group chats when a circle
+    is deleted or fails to be created
+- Add circle group chats to bookmarks of newly-added members
+- Add trailing '/' to invite URLs for compatibility with some
+    URL parsers
+
 ## beta.20210202
 
 - Support for Raspberry Pi and other ARM-based systems
@@ -22,7 +30,7 @@ then put the new one in its place. For example:
 mv docker-compose.yml docker-compose.old.yml
 wget -O docker-compose.yml https://snikket.org/service/resources/docker-compose.beta.yml
 docker-compose pull
-docker-compose up -d
+docker-compose up -d --remove-orphans
 ```
 
 You may also want to check out our new repository of scripts to help

ansible/files/prosody.cfg.lua

@@ -99,7 +99,9 @@ modules_enabled = {
 		"firewall";
 
 	-- Circles
+		"groups_internal";
 		"groups_migration";
+		"groups_muc_bookmarks";
 
 	-- For the web portal
 		"http_oauth2";
@@ -128,7 +130,7 @@ registration_invite_only = true
 -- over what happens when a user invites someone.
 allow_contact_invites = false
 
-invites_page = ENV_SNIKKET_INVITE_URL or ("https://"..DOMAIN.."/invite/{invite.token}");
+invites_page = ENV_SNIKKET_INVITE_URL or ("https://"..DOMAIN.."/invite/{invite.token}/");
 invites_page_external = true
 
 c2s_require_encryption = true

ansible/tasks/prosody.yml

@@ -64,7 +64,7 @@
   hg:
     repo: https://hg.prosody.im/prosody-modules
     dest: /usr/local/lib/prosody-modules
-    revision: 94805a7e7b30
+    revision: b3e0295e14a3
     purge: yes
     update: yes
 - name: Enable wanted modules
@@ -109,6 +109,7 @@
     - mod_invites_register_api
     - mod_invites_tracking
     - mod_groups_internal
+    - mod_groups_muc_bookmarks
     - mod_muc_defaults
     - mod_muc_local_only
 

docs/advanced/update_notifications.md

@@ -0,0 +1,101 @@
+# Update notifications
+
+This is an informational technical document about the update notification
+system in Snikket server.
+
+## Why are update notifications important?
+
+It is now widely known that [outdated software][OWASP-A9] is one of the
+biggest risk factors in securing systems on the internet. Therefore the
+Snikket server will alert all admins to available updates and important
+notices from the Snikket team.
+
+We believe it is up to you to decide when and how to update your service.
+But we will provide you with the tools you need to make that easy, fast
+and painless.
+
+## How are they implemented?
+
+To preserve your privacy, private Snikket servers do not make requests
+directly to our servers. Instead we put the necessary information about
+current releases and security updates into our DNS records.
+
+## Why did you choose DNS?
+
+The obvious choice was HTTP, and this is how most traffic on the internet
+is conveyed these days. But we opted for DNS due to the following advantages:
+
+- DNS is designed for serving small amounts of data from one place to many
+- Due to caching, and its connectionless nature, DNS is more scalable
+- Queries will often travel via an intermediate resolver, so we
+    typically won't have access to your server's IP address
+- A DNS query contains very little information, whereas HTTP will always
+    leak the IP address, and by default will often leak other headers.
+
+But it also has some known downsides. In particular DNS is not secure by
+default. Intermediaries may observe or drop the query, or even modify the
+response.
+
+The following conclusions were made about the downsides:
+
+- Observability: an intermediary seeing outbound queries to our DNS
+    records may deduce that your server is running Snikket. This should
+    not be a problem in itself - there are many ways to detect if a server
+    is running Snikket (load up its web page for a start!).
+- Availability: an intermediary may block queries for our DNS records.
+    This would prevent a server admin from receiving update notifications,
+    which is bad (they may be tricked into thinking they are up to date).
+    However using another protocol such as HTTP(S) would not prevent this
+    focused attack.
+- Integrity: the data returned to the Snikket server may be modified or
+    spoofed by an intermediary. This would allow them to trigger false
+    update notifications. We have designed the system so that the risk is
+    minimized - the update notifications will always include a link to the
+    real announcement on snikket.org (if any). It is not possible to direct
+    admins to arbitrary URLs.
+
+It is possible that in the future we will add support for DNSSEC or manually
+sign the data provided in our DNS records.
+
+It is also possible that we will move to another mechanism in the future, if
+a more suitable one can be found.
+
+## The details
+
+Snikket releases are organized into 'channels', e.g. 'dev', 'alpha', 'beta',
+'stable'. Your server will work out the channel it belongs to, and make a DNS
+query to:
+
+```
+TXT _channel.update.snikket.net
+```
+
+The response will look like:
+
+```
+"latest=3"
+"secure=2"
+"msg=0"
+```
+
+This response indicates that version '3' is the latest, but version '2' is the
+last release with no known security vulnerabilities is '2'. The `msg` field
+allows us to send important announcements that may not be included in a release.
+
+A Snikket server will use the returned information to determine whether the
+administrators need to be notified, and generate a message if necessary. Since
+the server has no further information, the message will include a link to the
+relevant announcement on the snikket.org website by calculating the URL to use.
+
+## Disabling update checks
+
+We strongly recommend you leave update notifications enabled so that you are
+notified promptly about important releases and announcements. However if you
+plan to receive these another way, you may disable them by adding to your
+snikket.conf:
+
+```
+SNIKKET_UPDATE_CHECK=0
+```
+
+[OWASP-A9]: https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities