diff --git a/.forgejo/workflows/prek-checks.yml b/.forgejo/workflows/prek-checks.yml index 45288bef..c25b9c3d 100644 --- a/.forgejo/workflows/prek-checks.yml +++ b/.forgejo/workflows/prek-checks.yml @@ -1,11 +1,7 @@ name: Checks / Prek on: - pull_request: push: - branches: - - main - workflow_dispatch: permissions: contents: read diff --git a/.forgejo/workflows/release-image.yml b/.forgejo/workflows/release-image.yml index 7b29b7ca..04fc9de9 100644 --- a/.forgejo/workflows/release-image.yml +++ b/.forgejo/workflows/release-image.yml @@ -3,26 +3,14 @@ concurrency: group: "release-image-${{ github.ref }}" on: - pull_request: - paths-ignore: - - "*.md" - - "**/*.md" - - ".gitlab-ci.yml" - - ".gitignore" - - "renovate.json" - - "pkg/**" - - "docker/**" - - "docs/**" push: - branches: - - main paths-ignore: - "*.md" - "**/*.md" - ".gitlab-ci.yml" - ".gitignore" - "renovate.json" - - "pkg/**" + - "debian/**" - "docker/**" - "docs/**" # Allows you to run this workflow manually from the Actions tab @@ -105,10 +93,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - with: - # Use persistent BuildKit if BUILDKIT_ENDPOINT is set (e.g. tcp://buildkit:8125) - driver: ${{ env.BUILDKIT_ENDPOINT != '' && 'remote' || 'docker-container' }} - endpoint: ${{ env.BUILDKIT_ENDPOINT || '' }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. @@ -177,7 +161,7 @@ jobs: var-lib-apt-${{ matrix.slug }} key: var-lib-apt-${{ matrix.slug }} - name: inject cache into docker - uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.3.0 + uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.1.0 with: cache-map: | { @@ -266,10 +250,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - with: - # Use persistent BuildKit if BUILDKIT_ENDPOINT is set (e.g. tcp://buildkit:8125) - driver: ${{ env.BUILDKIT_ENDPOINT != '' && 'remote' || 'docker-container' }} - endpoint: ${{ env.BUILDKIT_ENDPOINT || '' }} - name: Extract metadata (tags) for Docker id: meta diff --git a/.mailmap b/.mailmap index 7c25737d..fa267e13 100644 --- a/.mailmap +++ b/.mailmap @@ -13,4 +13,3 @@ Rudi Floren Tamara Schmitz <15906939+tamara-schmitz@users.noreply.github.com> Timo Kösters x4u <14617923-x4u@users.noreply.gitlab.com> -Ginger <75683114+gingershaped@users.noreply.github.com> diff --git a/Cargo.lock b/Cargo.lock index 9e56ad45..dc31364e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -922,10 +922,9 @@ dependencies = [ "ctor", "hardened_malloc-rs", "log", - "opentelemetry", - "opentelemetry-jaeger-propagator", - "opentelemetry-otlp", - "opentelemetry_sdk", + "opentelemetry 0.30.0", + "opentelemetry-jaeger", + "opentelemetry_sdk 0.30.0", "sentry", "sentry-tower", "sentry-tracing", @@ -1188,7 +1187,7 @@ dependencies = [ "futures-core", "prost", "prost-types", - "tonic 0.12.3", + "tonic", "tracing-core", ] @@ -1212,7 +1211,7 @@ dependencies = [ "thread_local", "tokio", "tokio-stream", - "tonic 0.12.3", + "tonic", "tracing", "tracing-core", "tracing-subscriber", @@ -2552,6 +2551,12 @@ version = "0.1.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c8fae54786f62fb2918dcfae3d568594e50eb9b5c25bf04371af6fe7516452fb" +[[package]] +name = "integer-encoding" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bb03732005da905c88227371639bf1ad885cc712789c011c31c5fb3ab3ccf02" + [[package]] name = "interpolate_name" version = "0.2.4" @@ -3278,6 +3283,20 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" +[[package]] +name = "opentelemetry" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b69a91d4893e713e06f724597ad630f1fa76057a5e1026c0ca67054a9032a76" +dependencies = [ + "futures-core", + "futures-sink", + "js-sys", + "once_cell", + "pin-project-lite", + "thiserror 1.0.69", +] + [[package]] name = "opentelemetry" version = "0.30.0" @@ -3293,54 +3312,46 @@ dependencies = [ ] [[package]] -name = "opentelemetry-http" -version = "0.30.0" +name = "opentelemetry-jaeger" +version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50f6639e842a97dbea8886e3439710ae463120091e2e064518ba8e716e6ac36d" +checksum = "501b471b67b746d9a07d4c29f8be00f952d1a2eca356922ede0098cbaddff19f" dependencies = [ "async-trait", - "bytes", - "http", - "opentelemetry", - "reqwest", + "futures-core", + "futures-util", + "opentelemetry 0.23.0", + "opentelemetry-semantic-conventions", + "opentelemetry_sdk 0.23.0", + "thrift", + "tokio", ] [[package]] -name = "opentelemetry-jaeger-propagator" -version = "0.30.0" +name = "opentelemetry-semantic-conventions" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "090b8ec07bb2e304b529581aa1fe530d7861298c9ef549ebbf44a4a56472c539" -dependencies = [ - "opentelemetry", -] +checksum = "1869fb4bb9b35c5ba8a1e40c9b128a7b4c010d07091e864a29da19e4fe2ca4d7" [[package]] -name = "opentelemetry-otlp" -version = "0.30.0" +name = "opentelemetry_sdk" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbee664a43e07615731afc539ca60c6d9f1a9425e25ca09c57bc36c87c55852b" +checksum = "ae312d58eaa90a82d2e627fd86e075cf5230b3f11794e2ed74199ebbe572d4fd" dependencies = [ - "http", - "opentelemetry", - "opentelemetry-http", - "opentelemetry-proto", - "opentelemetry_sdk", - "prost", - "reqwest", - "thiserror 2.0.16", - "tracing", -] - -[[package]] -name = "opentelemetry-proto" -version = "0.30.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e046fd7660710fe5a05e8748e70d9058dc15c94ba914e7c4faa7c728f0e8ddc" -dependencies = [ - "opentelemetry", - "opentelemetry_sdk", - "prost", - "tonic 0.13.1", + "async-trait", + "futures-channel", + "futures-executor", + "futures-util", + "lazy_static", + "once_cell", + "opentelemetry 0.23.0", + "ordered-float 4.6.0", + "percent-encoding", + "rand 0.8.5", + "thiserror 1.0.69", + "tokio", + "tokio-stream", ] [[package]] @@ -3352,7 +3363,7 @@ dependencies = [ "futures-channel", "futures-executor", "futures-util", - "opentelemetry", + "opentelemetry 0.30.0", "percent-encoding", "rand 0.9.2", "serde_json", @@ -3361,6 +3372,24 @@ dependencies = [ "tokio-stream", ] +[[package]] +name = "ordered-float" +version = "2.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68f19d67e5a2795c94e73e0bb1cc1a7edeb2e28efd39e2e1c9b7a40c1108b11c" +dependencies = [ + "num-traits", +] + +[[package]] +name = "ordered-float" +version = "4.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bb71e1b3fa6ca1c61f383464aaf2bb0e2f8e772a1f01d486832464de363b951" +dependencies = [ + "num-traits", +] + [[package]] name = "os_info" version = "3.12.0" @@ -4111,7 +4140,7 @@ checksum = "88f8660c1ff60292143c98d08fc6e2f654d722db50410e3f3797d40baaf9d8f3" [[package]] name = "ruma" version = "0.10.1" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "assign", "js_int", @@ -4131,7 +4160,7 @@ dependencies = [ [[package]] name = "ruma-appservice-api" version = "0.10.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "js_int", "ruma-common", @@ -4143,7 +4172,7 @@ dependencies = [ [[package]] name = "ruma-client-api" version = "0.18.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "as_variant", "assign", @@ -4166,7 +4195,7 @@ dependencies = [ [[package]] name = "ruma-common" version = "0.13.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "as_variant", "base64 0.22.1", @@ -4198,7 +4227,7 @@ dependencies = [ [[package]] name = "ruma-events" version = "0.28.1" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "as_variant", "indexmap 2.11.0", @@ -4223,7 +4252,7 @@ dependencies = [ [[package]] name = "ruma-federation-api" version = "0.9.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "bytes", "headers", @@ -4245,7 +4274,7 @@ dependencies = [ [[package]] name = "ruma-identifiers-validation" version = "0.9.5" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "js_int", "thiserror 2.0.16", @@ -4254,7 +4283,7 @@ dependencies = [ [[package]] name = "ruma-identity-service-api" version = "0.9.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "js_int", "ruma-common", @@ -4264,7 +4293,7 @@ dependencies = [ [[package]] name = "ruma-macros" version = "0.13.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "cfg-if", "proc-macro-crate", @@ -4279,7 +4308,7 @@ dependencies = [ [[package]] name = "ruma-push-gateway-api" version = "0.9.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "js_int", "ruma-common", @@ -4291,7 +4320,7 @@ dependencies = [ [[package]] name = "ruma-signatures" version = "0.15.0" -source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd#8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +source = "git+https://forgejo.ellis.link/continuwuation/ruwuma?rev=b753738047d1f443aca870896ef27ecaacf027da#b753738047d1f443aca870896ef27ecaacf027da" dependencies = [ "base64 0.22.1", "ed25519-dalek", @@ -5243,6 +5272,28 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "threadpool" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa" +dependencies = [ + "num_cpus", +] + +[[package]] +name = "thrift" +version = "0.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e54bc85fc7faa8bc175c4bab5b92ba8d9a3ce893d0e9f42cc455c8ab16a9e09" +dependencies = [ + "byteorder", + "integer-encoding", + "log", + "ordered-float 2.10.1", + "threadpool", +] + [[package]] name = "tiff" version = "0.9.1" @@ -5547,27 +5598,6 @@ dependencies = [ "tracing", ] -[[package]] -name = "tonic" -version = "0.13.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e581ba15a835f4d9ea06c55ab1bd4dce26fc53752c69a04aac00703bfb49ba9" -dependencies = [ - "async-trait", - "base64 0.22.1", - "bytes", - "http", - "http-body", - "http-body-util", - "percent-encoding", - "pin-project", - "prost", - "tokio-stream", - "tower-layer", - "tower-service", - "tracing", -] - [[package]] name = "tower" version = "0.4.13" @@ -5707,8 +5737,8 @@ checksum = "ddcf5959f39507d0d04d6413119c04f33b623f4f951ebcbdddddfad2d0623a9c" dependencies = [ "js-sys", "once_cell", - "opentelemetry", - "opentelemetry_sdk", + "opentelemetry 0.30.0", + "opentelemetry_sdk 0.30.0", "smallvec", "tracing", "tracing-core", diff --git a/Cargo.toml b/Cargo.toml index 12ba6456..0fe11358 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -352,7 +352,7 @@ version = "0.1.2" [workspace.dependencies.ruma] git = "https://forgejo.ellis.link/continuwuation/ruwuma" #branch = "conduwuit-changes" -rev = "8fb268fa2771dfc3a1c8075ef1246e7c9a0a53fd" +rev = "b753738047d1f443aca870896ef27ecaacf027da" features = [ "compat", "rand", @@ -423,12 +423,9 @@ version = "0.31.0" version = "0.30.0" features = ["rt-tokio"] -[workspace.dependencies.opentelemetry-otlp] -version = "0.30.0" -features = ["http", "trace", "logs", "metrics"] - -[workspace.dependencies.opentelemetry-jaeger-propagator] -version = "0.30.0" +[workspace.dependencies.opentelemetry-jaeger] +version = "0.22.0" +features = ["rt-tokio"] # optional sentry metrics for crash/panic reporting [workspace.dependencies.sentry] @@ -767,6 +764,25 @@ incremental = true [profile.dev.package.conduwuit_core] inherits = "dev" +#rustflags = [ +# '--cfg', 'conduwuit_mods', +# '-Ztime-passes', +# '-Zmir-opt-level=0', +# '-Ztls-model=initial-exec', +# '-Cprefer-dynamic=true', +# '-Zstaticlib-prefer-dynamic=true', +# '-Zstaticlib-allow-rdylib-deps=true', +# '-Zpacked-bundled-libs=false', +# '-Zplt=true', +# '-Clink-arg=-Wl,--as-needed', +# '-Clink-arg=-Wl,--allow-shlib-undefined', +# '-Clink-arg=-Wl,-z,lazy', +# '-Clink-arg=-Wl,-z,unique', +# '-Clink-arg=-Wl,-z,nodlopen', +# '-Clink-arg=-Wl,-z,nodelete', +#] +[profile.dev.package.xtask-generate-commands] +inherits = "dev" [profile.dev.package.conduwuit] inherits = "dev" #rustflags = [ diff --git a/arch/conduwuit.service b/arch/conduwuit.service new file mode 100644 index 00000000..34c3995e --- /dev/null +++ b/arch/conduwuit.service @@ -0,0 +1,83 @@ +[Unit] + +Description=Continuwuity - Matrix homeserver +Wants=network-online.target +After=network-online.target +Documentation=https://continuwuity.org/ +RequiresMountsFor=/var/lib/private/conduwuit +Alias=matrix-conduwuit.service + +[Service] +DynamicUser=yes +Type=notify-reload +ReloadSignal=SIGUSR1 + +TTYPath=/dev/tty25 +DeviceAllow=char-tty +StandardInput=tty-force +StandardOutput=tty +StandardError=journal+console + +Environment="CONTINUWUITY_LOG_TO_JOURNALD=true" +Environment="CONTINUWUITY_JOURNALD_IDENTIFIER=%N" + +TTYReset=yes +# uncomment to allow buffer to be cleared every restart +TTYVTDisallocate=no + +TTYColumns=120 +TTYRows=40 + +AmbientCapabilities= +CapabilityBoundingSet= + +DevicePolicy=closed +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +#ProcSubset=pid +ProtectClock=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectProc=invisible +ProtectSystem=strict +PrivateDevices=yes +PrivateMounts=yes +PrivateTmp=yes +PrivateUsers=yes +PrivateIPC=yes +RemoveIPC=yes +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service @resources +SystemCallFilter=~@clock @debug @module @mount @reboot @swap @cpu-emulation @obsolete @timer @chown @setuid @privileged @keyring @ipc +SystemCallErrorNumber=EPERM +StateDirectory=conduwuit + +RuntimeDirectory=conduwuit +RuntimeDirectoryMode=0750 + +Environment=CONTINUWUITY_CONFIG=%d/config.toml +LoadCredential=config.toml:/etc/conduwuit/conduwuit.toml +BindPaths=/var/lib/private/conduwuit:/var/lib/matrix-conduit +BindPaths=/var/lib/private/conduwuit:/var/lib/private/matrix-conduit + +ExecStart=/usr/bin/conduwuit +Restart=on-failure +RestartSec=5 + +TimeoutStopSec=4m +TimeoutStartSec=4m + +StartLimitInterval=1m +StartLimitBurst=5 + +[Install] +WantedBy=multi-user.target diff --git a/conduwuit-example.toml b/conduwuit-example.toml index 07374aae..f0e510b4 100644 --- a/conduwuit-example.toml +++ b/conduwuit-example.toml @@ -79,11 +79,9 @@ # This is the only directory where continuwuity will save its data, # including media. Note: this was previously "/var/lib/matrix-conduit". # -# YOU NEED TO EDIT THIS, UNLESS you are running continuwuity as a -# `systemd` service. The service file sets it to `/var/lib/conduwuit` -# using an environment variable and also grants write access. +# YOU NEED TO EDIT THIS. # -# example: "/var/lib/conduwuit" +# example: "/var/lib/continuwuity" # #database_path = @@ -591,19 +589,13 @@ # #default_room_version = 11 -# Enable OpenTelemetry OTLP tracing export. This replaces the deprecated -# Jaeger exporter. Traces will be sent via OTLP to a collector (such as -# Jaeger) that supports the OpenTelemetry Protocol. +# This item is undocumented. Please contribute documentation for it. # -# Configure your OTLP endpoint using the OTEL_EXPORTER_OTLP_ENDPOINT -# environment variable (defaults to http://localhost:4318). -# -#allow_otlp = false +#allow_jaeger = false -# Filter for OTLP tracing spans. This controls which spans are exported -# to the OTLP collector. +# This item is undocumented. Please contribute documentation for it. # -#otlp_filter = "info" +#jaeger_filter = "info" # If the 'perf_measurements' compile-time feature is enabled, enables # collecting folded stack trace profile of tracing spans using diff --git a/pkg/debian/README.md b/debian/README.md similarity index 100% rename from pkg/debian/README.md rename to debian/README.md diff --git a/debian/conduwuit.service b/debian/conduwuit.service new file mode 100644 index 00000000..da78f09f --- /dev/null +++ b/debian/conduwuit.service @@ -0,0 +1,70 @@ +[Unit] + +Description=Continuwuity - Matrix homeserver +Wants=network-online.target +After=network-online.target +Documentation=https://continuwuity.org/ +Alias=matrix-conduwuit.service + +[Service] +DynamicUser=yes +User=conduwuit +Group=conduwuit +Type=notify + +Environment="CONTINUWUITY_CONFIG=/etc/conduwuit/conduwuit.toml" + +Environment="CONTINUWUITY_LOG_TO_JOURNALD=true" +Environment="CONTINUWUITY_JOURNALD_IDENTIFIER=%N" + +ExecStart=/usr/sbin/conduwuit + +ReadWritePaths=/var/lib/conduwuit /etc/conduwuit + +AmbientCapabilities= +CapabilityBoundingSet= + +DevicePolicy=closed +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +#ProcSubset=pid +ProtectClock=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectProc=invisible +ProtectSystem=strict +PrivateDevices=yes +PrivateMounts=yes +PrivateTmp=yes +PrivateUsers=yes +PrivateIPC=yes +RemoveIPC=yes +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service @resources +SystemCallFilter=~@clock @debug @module @mount @reboot @swap @cpu-emulation @obsolete @timer @chown @setuid @privileged @keyring @ipc +SystemCallErrorNumber=EPERM +#StateDirectory=conduwuit + +RuntimeDirectory=conduwuit +RuntimeDirectoryMode=0750 + +Restart=on-failure +RestartSec=5 + +TimeoutStopSec=2m +TimeoutStartSec=2m + +StartLimitInterval=1m +StartLimitBurst=5 + +[Install] +WantedBy=multi-user.target diff --git a/pkg/debian/config b/debian/config similarity index 100% rename from pkg/debian/config rename to debian/config diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 00000000..4eae4573 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,44 @@ +#!/bin/sh +set -e + +# TODO: implement debconf support that is maintainable without duplicating the config +#. /usr/share/debconf/confmodule + +CONDUWUIT_DATABASE_PATH=/var/lib/conduwuit +CONDUWUIT_CONFIG_PATH=/etc/conduwuit + +case "$1" in + configure) + # Create the `conduwuit` user if it does not exist yet. + if ! getent passwd conduwuit > /dev/null ; then + echo 'Adding system user for the conduwuit Matrix homeserver' 1>&2 + adduser --system --group --quiet \ + --home "$CONDUWUIT_DATABASE_PATH" \ + --disabled-login \ + --shell "/usr/sbin/nologin" \ + conduwuit + fi + + # Create the database path if it does not exist yet and fix up ownership + # and permissions for the config. + mkdir -v -p "$CONDUWUIT_DATABASE_PATH" + + # symlink the previous location for compatibility if it does not exist yet. + if ! test -L "/var/lib/matrix-conduit" ; then + ln -s -v "$CONDUWUIT_DATABASE_PATH" "/var/lib/matrix-conduit" + fi + + chown -v conduwuit:conduwuit -R "$CONDUWUIT_DATABASE_PATH" + chown -v conduwuit:conduwuit -R "$CONDUWUIT_CONFIG_PATH" + + chmod -v 740 "$CONDUWUIT_DATABASE_PATH" + + echo '' + echo 'Make sure you edit the example config at /etc/conduwuit/conduwuit.toml before starting!' + echo 'To start the server, run: systemctl start conduwuit.service' + echo '' + + ;; +esac + +#DEBHELPER# diff --git a/pkg/debian/postrm b/debian/postrm similarity index 71% rename from pkg/debian/postrm rename to debian/postrm index d5a9e0ac..3c0b1c09 100644 --- a/pkg/debian/postrm +++ b/debian/postrm @@ -20,18 +20,24 @@ case $1 in if [ -d "$CONDUWUIT_CONFIG_PATH" ]; then if test -L "$CONDUWUIT_CONFIG_PATH"; then - echo "Deleting continuwuity configuration files" + echo "Deleting conduwuit configuration files" rm -v -r "$CONDUWUIT_CONFIG_PATH" fi fi if [ -d "$CONDUWUIT_DATABASE_PATH" ]; then if test -L "$CONDUWUIT_DATABASE_PATH"; then - echo "Deleting continuwuity database directory" + echo "Deleting conduwuit database directory" rm -r "$CONDUWUIT_DATABASE_PATH" fi fi + if [ -d "$CONDUWUIT_DATABASE_PATH_SYMLINK" ]; then + if test -L "$CONDUWUIT_DATABASE_SYMLINK"; then + echo "Removing matrix-conduit symlink" + rm -r "$CONDUWUIT_DATABASE_PATH_SYMLINK" + fi + fi ;; esac diff --git a/docs/admin_reference.md b/docs/admin_reference.md index 1c9d4fb0..18e039e4 100644 --- a/docs/admin_reference.md +++ b/docs/admin_reference.md @@ -21,7 +21,6 @@ This document contains the help content for the `admin` command-line program. * [`admin users list-joined-rooms`↴](#admin-users-list-joined-rooms) * [`admin users force-join-room`↴](#admin-users-force-join-room) * [`admin users force-leave-room`↴](#admin-users-force-leave-room) -* [`admin users force-leave-remote-room`↴](#admin-users-force-leave-remote-room) * [`admin users force-demote`↴](#admin-users-force-demote) * [`admin users make-user-admin`↴](#admin-users-make-user-admin) * [`admin users put-room-tag`↴](#admin-users-put-room-tag) @@ -296,7 +295,6 @@ You can find the ID using the `list-appservices` command. * `list-joined-rooms` — - Lists all the rooms (local and remote) that the specified user is joined in * `force-join-room` — - Manually join a local user to a room * `force-leave-room` — - Manually leave a local user from a room -* `force-leave-remote-room` — - Manually leave a remote room for a local user * `force-demote` — - Forces the specified user to drop their power levels to the room default, if their permissions allow and the auth check permits * `make-user-admin` — - Grant server-admin privileges to a user * `put-room-tag` — - Puts a room tag for the specified user and room ID @@ -451,19 +449,6 @@ Reverses the effects of the `suspend` command, allowing the user to send message -## `admin users force-leave-remote-room` - -- Manually leave a remote room for a local user - -**Usage:** `admin users force-leave-remote-room ` - -###### **Arguments:** - -* `` -* `` - - - ## `admin users force-demote` - Forces the specified user to drop their power levels to the room default, if their permissions allow and the auth check permits diff --git a/docs/configuration/examples.md b/docs/configuration/examples.md index 9613e252..54aa8bd7 100644 --- a/docs/configuration/examples.md +++ b/docs/configuration/examples.md @@ -9,11 +9,24 @@ -## systemd unit file +## Debian systemd unit file
-systemd unit file +Debian systemd unit file ``` -{{#include ../../pkg/conduwuit.service}} +{{#include ../../debian/conduwuit.service}} ``` + +
+ +## Arch Linux systemd unit file + +
+Arch Linux systemd unit file + +``` +{{#include ../../arch/conduwuit.service}} +``` + +
diff --git a/docs/deploying/debian.md b/docs/deploying/debian.md index 369638a4..2e8a544a 100644 --- a/docs/deploying/debian.md +++ b/docs/deploying/debian.md @@ -1 +1 @@ -{{#include ../../pkg/debian/README.md}} +{{#include ../../debian/README.md}} diff --git a/pkg/conduwuit.service b/fedora/conduwuit.service similarity index 91% rename from pkg/conduwuit.service rename to fedora/conduwuit.service index db9aca1a..6ab2af46 100644 --- a/pkg/conduwuit.service +++ b/fedora/conduwuit.service @@ -9,14 +9,12 @@ Alias=matrix-conduwuit.service DynamicUser=yes User=conduwuit Group=conduwuit -Type=notify-reload -ReloadSignal=SIGUSR1 +Type=notify Environment="CONTINUWUITY_CONFIG=/etc/conduwuit/conduwuit.toml" Environment="CONTINUWUITY_LOG_TO_JOURNALD=true" Environment="CONTINUWUITY_JOURNALD_IDENTIFIER=%N" -Environment="CONTINUWUITY_DATABASE_PATH=/var/lib/conduwuit" ExecStart=/usr/bin/conduwuit @@ -60,8 +58,8 @@ RuntimeDirectoryMode=0750 Restart=on-failure RestartSec=5 -TimeoutStopSec=4m -TimeoutStartSec=4m +TimeoutStopSec=2m +TimeoutStartSec=2m StartLimitInterval=1m StartLimitBurst=5 diff --git a/pkg/fedora/continuwuity.spec.rpkg b/fedora/continuwuity.spec.rpkg similarity index 97% rename from pkg/fedora/continuwuity.spec.rpkg rename to fedora/continuwuity.spec.rpkg index a2b32e48..f2efa383 100644 --- a/pkg/fedora/continuwuity.spec.rpkg +++ b/fedora/continuwuity.spec.rpkg @@ -51,7 +51,7 @@ find .cargo/registry/ -executable -name "*.rs" -exec chmod -x {} + %install install -Dpm0755 target/rpm/conduwuit -t %{buildroot}%{_bindir} -install -Dpm0644 pkg/conduwuit.service -t %{buildroot}%{_unitdir} +install -Dpm0644 fedora/conduwuit.service -t %{buildroot}%{_unitdir} install -Dpm0644 conduwuit-example.toml %{buildroot}%{_sysconfdir}/conduwuit/conduwuit.toml %files diff --git a/flake.nix b/flake.nix index e65fcbda..d6beb84e 100644 --- a/flake.nix +++ b/flake.nix @@ -48,7 +48,7 @@ pkgs.lib.makeScope pkgs.newScope (self: { inherit pkgs inputs; craneLib = (inputs.crane.mkLib pkgs).overrideToolchain (_: toolchain); - main = self.callPackage ./pkg/nix/pkgs/main { }; + main = self.callPackage ./nix/pkgs/main { }; liburing = pkgs.liburing.overrideAttrs { # Tests weren't building outputs = [ diff --git a/pkg/nix/pkgs/main/cross-compilation-env.nix b/nix/pkgs/main/cross-compilation-env.nix similarity index 100% rename from pkg/nix/pkgs/main/cross-compilation-env.nix rename to nix/pkgs/main/cross-compilation-env.nix diff --git a/pkg/nix/pkgs/main/default.nix b/nix/pkgs/main/default.nix similarity index 100% rename from pkg/nix/pkgs/main/default.nix rename to nix/pkgs/main/default.nix diff --git a/pkg/debian/postinst b/pkg/debian/postinst deleted file mode 100644 index 4bc89422..00000000 --- a/pkg/debian/postinst +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -set -e - -# TODO: implement debconf support that is maintainable without duplicating the config -#. /usr/share/debconf/confmodule - -CONDUWUIT_DATABASE_PATH=/var/lib/conduwuit -CONDUWUIT_CONFIG_PATH=/etc/conduwuit - -case "$1" in - configure) - echo '' - echo 'Make sure you edit the example config at /etc/conduwuit/conduwuit.toml before starting!' - echo 'To start the server, run: systemctl start conduwuit.service' - echo '' - - ;; -esac - -#DEBHELPER# diff --git a/src/admin/user/commands.rs b/src/admin/user/commands.rs index 37ab030c..56864a32 100644 --- a/src/admin/user/commands.rs +++ b/src/admin/user/commands.rs @@ -1,8 +1,8 @@ use std::{collections::BTreeMap, fmt::Write as _}; use api::client::{ - full_user_deactivate, join_room_by_id_helper, leave_all_rooms, leave_room, remote_leave_room, - update_avatar_url, update_displayname, + full_user_deactivate, join_room_by_id_helper, leave_all_rooms, leave_room, update_avatar_url, + update_displayname, }; use conduwuit::{ Err, Result, debug, debug_warn, error, info, is_equal_to, @@ -926,29 +926,3 @@ pub(super) async fn redact_event(&self, event_id: OwnedEventId) -> Result { )) .await } - -#[admin_command] -pub(super) async fn force_leave_remote_room( - &self, - user_id: String, - room_id: OwnedRoomOrAliasId, -) -> Result { - let user_id = parse_local_user_id(self.services, &user_id)?; - let (room_id, _) = self - .services - .rooms - .alias - .resolve_with_servers(&room_id, None) - .await?; - - assert!( - self.services.globals.user_is_local(&user_id), - "Parsed user_id must be a local user" - ); - remote_leave_room(self.services, &user_id, &room_id, None) - .boxed() - .await?; - - self.write_str(&format!("{user_id} has been joined to {room_id}.",)) - .await -} diff --git a/src/admin/user/mod.rs b/src/admin/user/mod.rs index 366f7dd5..656cacaf 100644 --- a/src/admin/user/mod.rs +++ b/src/admin/user/mod.rs @@ -103,12 +103,6 @@ pub enum UserCommand { room_id: OwnedRoomOrAliasId, }, - /// - Manually leave a remote room for a local user. - ForceLeaveRemoteRoom { - user_id: String, - room_id: OwnedRoomOrAliasId, - }, - /// - Forces the specified user to drop their power levels to the room /// default, if their permissions allow and the auth check permits ForceDemote { diff --git a/src/api/client/admin/mod.rs b/src/api/client/admin/mod.rs deleted file mode 100644 index 8355a600..00000000 --- a/src/api/client/admin/mod.rs +++ /dev/null @@ -1,3 +0,0 @@ -mod suspend; - -pub(crate) use self::suspend::*; diff --git a/src/api/client/admin/suspend.rs b/src/api/client/admin/suspend.rs deleted file mode 100644 index bab1cb5a..00000000 --- a/src/api/client/admin/suspend.rs +++ /dev/null @@ -1,89 +0,0 @@ -use axum::extract::State; -use conduwuit::{Err, Result}; -use futures::future::{join, join3}; -use ruma::api::client::admin::{get_suspended, set_suspended}; - -use crate::Ruma; - -/// # `GET /_matrix/client/v1/admin/suspend/{userId}` -/// -/// Check the suspension status of a target user -pub(crate) async fn get_suspended_status( - State(services): State, - body: Ruma, -) -> Result { - let sender_user = body.sender_user(); - - let (admin, active) = - join(services.users.is_admin(sender_user), services.users.is_active(&body.user_id)).await; - if !admin { - return Err!(Request(Forbidden("Only server administrators can use this endpoint"))); - } - if !services.globals.user_is_local(&body.user_id) { - return Err!(Request(InvalidParam("Can only check the suspended status of local users"))); - } - if !active { - return Err!(Request(NotFound("Unknown user"))); - } - Ok(get_suspended::v1::Response::new( - services.users.is_suspended(&body.user_id).await?, - )) -} - -/// # `PUT /_matrix/client/v1/admin/suspend/{userId}` -/// -/// Set the suspension status of a target user -pub(crate) async fn put_suspended_status( - State(services): State, - body: Ruma, -) -> Result { - let sender_user = body.sender_user(); - - let (sender_admin, active, target_admin) = join3( - services.users.is_admin(sender_user), - services.users.is_active(&body.user_id), - services.users.is_admin(&body.user_id), - ) - .await; - - if !sender_admin { - return Err!(Request(Forbidden("Only server administrators can use this endpoint"))); - } - if !services.globals.user_is_local(&body.user_id) { - return Err!(Request(InvalidParam("Can only set the suspended status of local users"))); - } - if !active { - return Err!(Request(NotFound("Unknown user"))); - } - if body.user_id == *sender_user { - return Err!(Request(Forbidden("You cannot suspend yourself"))); - } - if target_admin { - return Err!(Request(Forbidden("You cannot suspend another server administrator"))); - } - if services.users.is_suspended(&body.user_id).await? == body.suspended { - // No change - return Ok(set_suspended::v1::Response::new(body.suspended)); - } - - let action = if body.suspended { - services - .users - .suspend_account(&body.user_id, sender_user) - .await; - "suspended" - } else { - services.users.unsuspend_account(&body.user_id).await; - "unsuspended" - }; - - if services.config.admin_room_notices { - // Notify the admin room that an account has been un/suspended - services - .admin - .send_text(&format!("{} has been {} by {}.", body.user_id, action, sender_user)) - .await; - } - - Ok(set_suspended::v1::Response::new(body.suspended)) -} diff --git a/src/api/client/capabilities.rs b/src/api/client/capabilities.rs index afa61498..c42c6dfd 100644 --- a/src/api/client/capabilities.rs +++ b/src/api/client/capabilities.rs @@ -19,7 +19,7 @@ use crate::Ruma; /// of this server. pub(crate) async fn get_capabilities_route( State(services): State, - body: Ruma, + _body: Ruma, ) -> Result { let available: BTreeMap = Server::available_room_versions().collect(); @@ -45,14 +45,5 @@ pub(crate) async fn get_capabilities_route( json!({"enabled": services.config.forget_forced_upon_leave}), )?; - if services - .users - .is_admin(body.sender_user.as_ref().unwrap()) - .await - { - // Advertise suspension API - capabilities.set("uk.timedout.msc4323", json!({"suspend":true, "lock": false}))?; - } - Ok(get_capabilities::v3::Response { capabilities }) } diff --git a/src/api/client/membership/join.rs b/src/api/client/membership/join.rs index f3434bf5..dc170cbf 100644 --- a/src/api/client/membership/join.rs +++ b/src/api/client/membership/join.rs @@ -156,34 +156,31 @@ pub(crate) async fn join_room_by_id_or_alias_route( .await?; let mut servers = body.via.clone(); - if servers.is_empty() { - debug!("No via servers provided for join, injecting some."); - servers.extend( - services - .rooms - .state_cache - .servers_invite_via(&room_id) - .map(ToOwned::to_owned) - .collect::>() - .await, - ); + servers.extend( + services + .rooms + .state_cache + .servers_invite_via(&room_id) + .map(ToOwned::to_owned) + .collect::>() + .await, + ); - servers.extend( - services - .rooms - .state_cache - .invite_state(sender_user, &room_id) - .await - .unwrap_or_default() - .iter() - .filter_map(|event| event.get_field("sender").ok().flatten()) - .filter_map(|sender: &str| UserId::parse(sender).ok()) - .map(|user| user.server_name().to_owned()), - ); + servers.extend( + services + .rooms + .state_cache + .invite_state(sender_user, &room_id) + .await + .unwrap_or_default() + .iter() + .filter_map(|event| event.get_field("sender").ok().flatten()) + .filter_map(|sender: &str| UserId::parse(sender).ok()) + .map(|user| user.server_name().to_owned()), + ); - if let Some(server) = room_id.server_name() { - servers.push(server.to_owned()); - } + if let Some(server) = room_id.server_name() { + servers.push(server.to_owned()); } servers.sort_unstable(); diff --git a/src/api/client/membership/leave.rs b/src/api/client/membership/leave.rs index 0aadd833..f4f1666b 100644 --- a/src/api/client/membership/leave.rs +++ b/src/api/client/membership/leave.rs @@ -215,7 +215,7 @@ pub async fn leave_room( Ok(()) } -pub async fn remote_leave_room( +async fn remote_leave_room( services: &Services, user_id: &UserId, room_id: &RoomId, diff --git a/src/api/client/membership/mod.rs b/src/api/client/membership/mod.rs index 691419f6..7a6f19ad 100644 --- a/src/api/client/membership/mod.rs +++ b/src/api/client/membership/mod.rs @@ -29,7 +29,7 @@ pub(crate) use self::{ }; pub use self::{ join::join_room_by_id_helper, - leave::{leave_all_rooms, leave_room, remote_leave_room}, + leave::{leave_all_rooms, leave_room}, }; use crate::{Ruma, client::full_user_deactivate}; diff --git a/src/api/client/mod.rs b/src/api/client/mod.rs index c8ca7757..e4be20b7 100644 --- a/src/api/client/mod.rs +++ b/src/api/client/mod.rs @@ -1,6 +1,5 @@ pub(super) mod account; pub(super) mod account_data; -pub(super) mod admin; pub(super) mod alias; pub(super) mod appservice; pub(super) mod backup; @@ -44,7 +43,6 @@ pub(super) mod well_known; pub use account::full_user_deactivate; pub(super) use account::*; pub(super) use account_data::*; -pub(super) use admin::*; pub(super) use alias::*; pub(super) use appservice::*; pub(super) use backup::*; @@ -57,7 +55,7 @@ pub(super) use keys::*; pub(super) use media::*; pub(super) use media_legacy::*; pub(super) use membership::*; -pub use membership::{join_room_by_id_helper, leave_all_rooms, leave_room, remote_leave_room}; +pub use membership::{join_room_by_id_helper, leave_all_rooms, leave_room}; pub(super) use message::*; pub(super) use openid::*; pub(super) use presence::*; diff --git a/src/api/client/unversioned.rs b/src/api/client/unversioned.rs index 7f19bc94..a4136d1a 100644 --- a/src/api/client/unversioned.rs +++ b/src/api/client/unversioned.rs @@ -58,7 +58,6 @@ pub(crate) async fn get_supported_versions_route( ("uk.tcpip.msc4133".to_owned(), true), /* Extending User Profile API with Key:Value Pairs (https://github.com/matrix-org/matrix-spec-proposals/pull/4133) */ ("us.cloke.msc4175".to_owned(), true), /* Profile field for user time zone (https://github.com/matrix-org/matrix-spec-proposals/pull/4175) */ ("org.matrix.simplified_msc3575".to_owned(), true), /* Simplified Sliding sync (https://github.com/matrix-org/matrix-spec-proposals/pull/4186) */ - ("uk.timedout.msc4323".to_owned(), true), /* agnostic suspend (https://github.com/matrix-org/matrix-spec-proposals/pull/4323) */ ]), }; diff --git a/src/api/router.rs b/src/api/router.rs index 42934f70..8072fa5b 100644 --- a/src/api/router.rs +++ b/src/api/router.rs @@ -184,8 +184,6 @@ pub fn build(router: Router, server: &Server) -> Router { "/_matrix/client/unstable/im.nheko.summary/rooms/:room_id_or_alias/summary", get(client::get_room_summary_legacy) ) - .ruma_route(&client::get_suspended_status) - .ruma_route(&client::put_suspended_status) .ruma_route(&client::well_known_support) .ruma_route(&client::well_known_client) .route("/_conduwuit/server_version", get(client::conduwuit_server_version)) diff --git a/src/core/config/mod.rs b/src/core/config/mod.rs index b6f6ab53..e8518ed4 100644 --- a/src/core/config/mod.rs +++ b/src/core/config/mod.rs @@ -126,11 +126,9 @@ pub struct Config { /// This is the only directory where continuwuity will save its data, /// including media. Note: this was previously "/var/lib/matrix-conduit". /// - /// YOU NEED TO EDIT THIS, UNLESS you are running continuwuity as a - /// `systemd` service. The service file sets it to `/var/lib/conduwuit` - /// using an environment variable and also grants write access. + /// YOU NEED TO EDIT THIS. /// - /// example: "/var/lib/conduwuit" + /// example: "/var/lib/continuwuity" pub database_path: PathBuf, /// continuwuity supports online database backups using RocksDB's Backup @@ -714,21 +712,12 @@ pub struct Config { #[serde(default)] pub well_known: WellKnownConfig, - /// Enable OpenTelemetry OTLP tracing export. This replaces the deprecated - /// Jaeger exporter. Traces will be sent via OTLP to a collector (such as - /// Jaeger) that supports the OpenTelemetry Protocol. - /// - /// Configure your OTLP endpoint using the OTEL_EXPORTER_OTLP_ENDPOINT - /// environment variable (defaults to http://localhost:4318). - #[serde(default, alias = "allow_jaeger")] - pub allow_otlp: bool, + #[serde(default)] + pub allow_jaeger: bool, - /// Filter for OTLP tracing spans. This controls which spans are exported - /// to the OTLP collector. - /// /// default: "info" - #[serde(default = "default_otlp_filter", alias = "jaeger_filter")] - pub otlp_filter: String, + #[serde(default = "default_jaeger_filter")] + pub jaeger_filter: String, /// If the 'perf_measurements' compile-time feature is enabled, enables /// collecting folded stack trace profile of tracing spans using @@ -2376,7 +2365,7 @@ fn default_tracing_flame_filter() -> String { .to_owned() } -fn default_otlp_filter() -> String { +fn default_jaeger_filter() -> String { cfg!(debug_assertions) .then_some("trace,h2=off") .unwrap_or("info") diff --git a/src/main/Cargo.toml b/src/main/Cargo.toml index 388ad503..8e127f92 100644 --- a/src/main/Cargo.toml +++ b/src/main/Cargo.toml @@ -32,12 +32,12 @@ a cool hard fork of Conduit, a Matrix homeserver written in Rust""" section = "net" priority = "optional" conf-files = ["/etc/conduwuit/conduwuit.toml"] -maintainer-scripts = "../../pkg/debian/" -systemd-units = { unit-name = "conduwuit", start = false, unit-scripts = "../../pkg/" } +maintainer-scripts = "../../debian/" +systemd-units = { unit-name = "conduwuit", start = false } assets = [ - ["../../pkg/debian/README.md", "usr/share/doc/conduwuit/README.Debian", "644"], + ["../../debian/README.md", "usr/share/doc/conduwuit/README.Debian", "644"], ["../../README.md", "usr/share/doc/conduwuit/", "644"], - ["../../target/release/conduwuit", "usr/bin/conduwuit", "755"], + ["../../target/release/conduwuit", "usr/sbin/conduwuit", "755"], ["../../conduwuit-example.toml", "etc/conduwuit/conduwuit.toml", "640"], ] @@ -126,8 +126,7 @@ perf_measurements = [ "dep:tracing-flame", "dep:tracing-opentelemetry", "dep:opentelemetry_sdk", - "dep:opentelemetry-otlp", - "dep:opentelemetry-jaeger-propagator", + "dep:opentelemetry-jaeger", "conduwuit-core/perf_measurements", "conduwuit-core/sentry_telemetry", ] @@ -205,12 +204,10 @@ console-subscriber.workspace = true const-str.workspace = true ctor.workspace = true log.workspace = true +opentelemetry-jaeger.optional = true +opentelemetry-jaeger.workspace = true opentelemetry.optional = true opentelemetry.workspace = true -opentelemetry-otlp.optional = true -opentelemetry-otlp.workspace = true -opentelemetry-jaeger-propagator.optional = true -opentelemetry-jaeger-propagator.workspace = true opentelemetry_sdk.optional = true opentelemetry_sdk.workspace = true sentry-tower.optional = true @@ -230,7 +227,6 @@ tracing-subscriber.workspace = true tracing.workspace = true tracing-journald = { workspace = true, optional = true } - [target.'cfg(all(not(target_env = "msvc"), target_os = "linux"))'.dependencies] hardened_malloc-rs.workspace = true hardened_malloc-rs.optional = true diff --git a/src/main/logging.rs b/src/main/logging.rs index 57b56707..b7beb103 100644 --- a/src/main/logging.rs +++ b/src/main/logging.rs @@ -7,8 +7,6 @@ use conduwuit_core::{ log::{ConsoleFormat, ConsoleWriter, LogLevelReloadHandles, capture, fmt_span}, result::UnwrapOrErr, }; -#[cfg(feature = "perf_measurements")] -use opentelemetry::trace::TracerProvider; use tracing_subscriber::{EnvFilter, Layer, Registry, fmt, layer::SubscriberExt, reload}; #[cfg(feature = "perf_measurements")] @@ -89,35 +87,30 @@ pub(crate) fn init( (None, None) }; - let otlp_filter = EnvFilter::try_new(&config.otlp_filter) - .map_err(|e| err!(Config("otlp_filter", "{e}.")))?; + let jaeger_filter = EnvFilter::try_new(&config.jaeger_filter) + .map_err(|e| err!(Config("jaeger_filter", "{e}.")))?; - let otlp_layer = config.allow_otlp.then(|| { + let jaeger_layer = config.allow_jaeger.then(|| { opentelemetry::global::set_text_map_propagator( - opentelemetry_jaeger_propagator::Propagator::new(), + opentelemetry_jaeger::Propagator::new(), ); - let exporter = opentelemetry_otlp::SpanExporter::builder() - .with_http() - .build() - .expect("Failed to create OTLP exporter"); - - let provider = opentelemetry_sdk::trace::SdkTracerProvider::builder() - .with_batch_exporter(exporter) - .build(); - - let tracer = provider.tracer(conduwuit_core::name()); + let tracer = opentelemetry_jaeger::new_agent_pipeline() + .with_auto_split_batch(true) + .with_service_name(conduwuit_core::name()) + .install_batch(opentelemetry_sdk::runtime::Tokio) + .expect("jaeger agent pipeline"); let telemetry = tracing_opentelemetry::layer().with_tracer(tracer); - let (otlp_reload_filter, otlp_reload_handle) = - reload::Layer::new(otlp_filter.clone()); - reload_handles.add("otlp", Box::new(otlp_reload_handle)); + let (jaeger_reload_filter, jaeger_reload_handle) = + reload::Layer::new(jaeger_filter.clone()); + reload_handles.add("jaeger", Box::new(jaeger_reload_handle)); - Some(telemetry.with_filter(otlp_reload_filter)) + Some(telemetry.with_filter(jaeger_reload_filter)) }); - let subscriber = subscriber.with(flame_layer).with(otlp_layer); + let subscriber = subscriber.with(flame_layer).with(jaeger_layer); (subscriber, flame_guard) };