diff --git a/.gitignore b/.gitignore index efbc1d9e..e2f4e882 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,64 @@ -/target -**/*.rs.bk +# CMake +cmake-build-*/ +# IntelliJ +.idea/ +out/ +*.iml +modules.xml +*.ipr + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# Linux backup files +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +# Rust +/target/ + +### vscode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +*.code-workspace + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows shortcuts +*.lnk + +# Conduit Rocket.toml conduit.toml + +# Etc. +**/*.rs.bk diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..c3f66054 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "rust-analyzer.procMacro.enable": true +} \ No newline at end of file diff --git a/CROSS_COMPILE.md b/CROSS_COMPILE.md index 3c7bbcb5..4728768c 100644 --- a/CROSS_COMPILE.md +++ b/CROSS_COMPILE.md @@ -1,13 +1,10 @@ Install docker: - +``` $ sudo apt install docker $ sudo usermod -aG docker $USER - -Then log out and back in. - +$ exec sudo su -l $USER $ sudo systemctl start docker - $ cargo install cross $ cross build --release --features tls_vendored --target armv7-unknown-linux-musleabihf - +``` The cross-compiled binary is at target/armv7-unknown-linux-musleabihf/release/conduit diff --git a/Cargo.toml b/Cargo.toml index fba7e5d3..59d9ff1a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -29,7 +29,7 @@ state-res = { git = "https://github.com/timokoesters/state-res", rev = "9bb46ae6 # Used for long polling and federation sender, should be the same as rocket::tokio tokio = "1.2.0" # Used for storing data permanently -sled = { version = "0.34.6", default-features = false, features = ["compression"] } +sled = { version = "0.34.6", features = ["compression", "no_metrics"] } #sled = { git = "https://github.com/spacejam/sled.git", rev = "e4640e0773595229f398438886f19bca6f7326a2", features = ["compression"] } # Used for emitting log entries diff --git a/DEPLOY.md b/DEPLOY.md index b547b644..4601ab57 100644 --- a/DEPLOY.md +++ b/DEPLOY.md @@ -18,6 +18,16 @@ $ sudo wget -O /usr/local/bin/matrix-conduit $ sudo chmod +x /usr/local/bin/matrix-conduit ``` +## Adding a Conduit user + +While Conduit can run as any user it is usually better to use dedicated users for different services. +This also allows you to make sure that the file permissions are correctly set up. + +In Debian you can use this command to create a Conduit user: + +``` +sudo adduser --system conduit --no-create-home +``` ## Setting up a systemd service @@ -33,8 +43,8 @@ After=network.target [Service] Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml" -User=root -Group=root +User=conduit +Group=nogroup Restart=always ExecStart=/usr/local/bin/matrix-conduit @@ -91,6 +101,22 @@ allow_federation = true address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy ``` +## Setting the correct file permissions + +As we are using a Conduit specific user we need to allow it to read the config. +To do that you can run this command on Debian: + +``` +sudo chown -R conduit:nogroup /etc/matrix-conduit +``` + +If you use the default database path you also need to run this: + +``` +sudo mkdir -p /var/lib/matrix-conduit/conduit_db +sudo chown -R conduit:nogroup /var/lib/matrix-conduit/conduit_db +``` + ## Setting up the Reverse Proxy @@ -107,8 +133,8 @@ Listen 8448 ServerName your.server.name # EDIT THIS AllowEncodedSlashes NoDecode -ProxyPass /_matrix/ http://localhost:6167/ -ProxyPassReverse /_matrix/ http://localhost:6167/ +ProxyPass /_matrix/ http://localhost:6167/_matrix/ +ProxyPassReverse /_matrix/ http://localhost:6167/_matrix/ Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/your.server.name/fullchain.pem # EDIT THIS diff --git a/README.md b/README.md index 8e4b1b70..32fa6572 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,43 @@ # Conduit ### A Matrix homeserver written in Rust -[![Liberapay](https://img.shields.io/liberapay/receives/timokoesters?logo=liberapay)](https://liberapay.com/timokoesters) -[![Matrix](https://img.shields.io/matrix/conduit:conduit.rs?server_fqdn=conduit.koesters.xyz)](https://matrix.to/#/#conduit:matrix.org) - #### What is the goal? A fast Matrix homeserver that's easy to set up and just works. You can install it on a mini-computer like the Raspberry Pi to host Matrix for your family, friends or company. + #### Can I try it out? Yes! Just open a Matrix client ( or Element Android for example) and register on the `https://conduit.koesters.xyz` homeserver. + +#### What is it build on? + +- [Ruma](https://www.ruma.io): Useful structures for endpoint requests and + responses that can be (de)serialized +- [Sled](https://github.com/spacejam/sled): A simple (key, value) database with + good performance +- [Rocket](https://rocket.rs): A flexible web framework + + +#### What are the biggest things still missing? + +- Most federation features (invites, e2ee) +- Push notifications on mobile +- Notification settings +- Lots of testing + +Check out the [Conduit 1.0 Release Milestone](https://gitlab.com/famedly/conduit/-/milestones/3). + + #### How can I deploy my own? ##### Deploy -Download or compile a conduit binary and call it from somewhere like a systemd script. [Read +Download or compile a Conduit binary, set up the config and call it from somewhere like a systemd script. [Read more](DEPLOY.md) ##### Deploy using Docker @@ -33,34 +51,23 @@ docker run -d -p 8448:8000 -v db:/srv/conduit/.local/share/conduit matrixconduit Or build and run it with docker or docker-compose. [Read more](docker/README.md) -#### What is it build on? - -- [Ruma](https://www.ruma.io): Useful structures for endpoint requests and - responses that can be (de)serialized -- [Sled](https://github.com/spacejam/sled): A simple (key, value) database with - good performance -- [Rocket](https://rocket.rs): A flexible web framework - -#### What are the biggest things still missing? - -- Appservices (Bridges and Bots) -- Most federation features (invites, e2ee) -- Push notifications on mobile -- Notification settings -- Lots of testing - -Also check out the [milestones](https://git.koesters.xyz/timo/conduit/milestones). #### How can I contribute? 1. Look for an issue you would like to work on and make sure it's not assigned to other users 2. Ask someone to assign the issue to you (comment on the issue or chat in - #conduit:matrix.org) -3. Fork the repo and work on the issue. #conduit:matrix.org is happy to help :) -4. Submit a PR + #conduit:nordgedanken.dev) +3. Fork the repo and work on the issue. #conduit:nordgedanken.dev is happy to help :) +4. Submit a MR #### Donate Liberapay: \ Bitcoin: `bc1qnnykf986tw49ur7wx9rpw2tevpsztvar5x8w4n` + + +#### Logo + +Lightning Bolt Logo: https://github.com/mozilla/fxemoji/blob/gh-pages/svgs/nature/u26A1-bolt.svg \ +Logo License: https://github.com/mozilla/fxemoji/blob/gh-pages/LICENSE.md diff --git a/src/client_server/membership.rs b/src/client_server/membership.rs index 4be0d5f7..dad43289 100644 --- a/src/client_server/membership.rs +++ b/src/client_server/membership.rs @@ -22,8 +22,7 @@ use ruma::{ serde::{to_canonical_value, CanonicalJsonObject, Raw}, EventId, RoomId, RoomVersionId, ServerName, UserId, }; -use std::sync::RwLock; -use std::{collections::BTreeMap, convert::TryFrom}; +use std::{collections::BTreeMap, convert::TryFrom, sync::RwLock}; #[cfg(feature = "conduit_bin")] use rocket::{get, post}; diff --git a/src/lib.rs b/src/lib.rs index 0af46e03..f7d9062b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,3 +1,4 @@ +#![allow(clippy::suspicious_else_formatting)] pub mod appservice_server; pub mod client_server; mod database; diff --git a/src/main.rs b/src/main.rs index 6fd04ce6..31cfaca6 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,4 +1,5 @@ #![warn(rust_2018_idioms)] +#![allow(clippy::suspicious_else_formatting)] pub mod appservice_server; pub mod client_server; diff --git a/tests/Complement.Dockerfile b/tests/Complement.Dockerfile index abae3fb1..f6c62fe8 100644 --- a/tests/Complement.Dockerfile +++ b/tests/Complement.Dockerfile @@ -1,4 +1,19 @@ # For use in our CI only. This requires a build artifact created by a previous run pipline stage to be placed in cached_target/release/conduit +FROM valkum/docker-rust-ci:latest as builder +WORKDIR /workdir + +ARG RUSTC_WRAPPER +ARG AWS_ACCESS_KEY_ID +ARG AWS_SECRET_ACCESS_KEY +ARG SCCACHE_BUCKET +ARG SCCACHE_ENDPOINT +ARG SCCACHE_S3_USE_SSL + +COPY . . +RUN mkdir -p target/release +RUN test -e cached_target/release/conduit && cp cached_target/release/conduit target/release/conduit || cargo build --release + + FROM valkum/docker-rust-ci:latest WORKDIR /workdir @@ -32,4 +47,3 @@ CMD ([ -z "${COMPLEMENT_CA}" ] && echo "Error: Need Complement PKI support" && t sed -i "s/your.server.name/${SERVER_NAME}/g" caddy.json && \ /workdir/caddy start --config caddy.json > /dev/null && \ /workdir/conduit - \ No newline at end of file