continuwuation/continuwuity
5
5
Fork 0
Code Issues 66 Pull requests 5 Projects Releases 15 Packages 1 Activity Actions

Federation allow list #673

Open
Jade wants to merge 4 commits from JadedBlueEyes/federation-allow-list into main
pull from: JadedBlueEyes/federation-allow-list
merge into: continuwuation:main
Conversation 1 Commits 4 Files changed 19 +127 -96
Jade commented 2025-01-18 17:08:32 +00:00
Owner
Copy link

This adds an allowed_remote_server_names. When empty, all remote servers are allowed. When set, servers not in the list are treated the same as forbidden_remote_server_names.

This additionally makes these options apply to remote media fetching and remote room directory fetching.

Not sure if ignoring messages from servers not in the allow-list is the best behaviour - it may result in some unexpected behaviour in cases like #672, where users are in a room with a non-allowed user via an allowed user. Perhaps this should be a separate option?

Unfortunately, the example config won't regenerate for me.
Tested and appears to work well (matrix-limited-federation.pissing.dev, only allows pissing.dev)

A useful enhancement for this and related options may be glob matching, or reading from a policy room. Out of scope for this, though.

This adds an `allowed_remote_server_names`. When empty, all remote servers are allowed. When set, servers not in the list are treated the same as `forbidden_remote_server_names`. This additionally makes these options apply to remote media fetching and remote room directory fetching. Not sure if ignoring messages from servers not in the allow-list is the best behaviour - it may result in some unexpected behaviour in cases like #672, where users are in a room with a non-allowed user via an allowed user. Perhaps this should be a separate option? Unfortunately, the example config won't regenerate for me. Tested and appears to work well (`matrix-limited-federation.pissing.dev`, only allows `pissing.dev`) A useful enhancement for this and related options may be glob matching, or reading from a policy room. Out of scope for this, though.
Jade commented 2025-01-29 19:51:44 +00:00
Author
Owner
Copy link

Rebased on the latest main, but I haven't tested config live reload with this as it's not a feature I use

Rebased on the latest main, but I haven't tested config live reload with this as it's not a feature I use
nex added the
Inherited
Priority
Unknown
 labels 2025-04-14 23:38:40 +00:00
Jade referenced this pull request from a commit 2025-04-19 22:33:20 +00:00
feat: Add `allowed_remote_server_names`
Jade referenced this pull request from a commit 2025-04-19 22:36:43 +00:00
feat: Add `allowed_remote_server_names`
Jade referenced this pull request from a commit 2025-04-19 22:38:02 +00:00
feat: Add `allowed_remote_server_names`
This pull request has changes conflicting with the target branch.
  • conduwuit-example.toml
  • src/api/client/directory.rs
  • src/api/client/membership.rs
  • src/api/client/message.rs
  • src/core/config/mod.rs
  • src/service/federation/mod.rs
  • src/service/media/mod.rs
  • src/service/media/remote.rs
  • src/service/sending/mod.rs
  • src/service/services.rs
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin JadedBlueEyes/federation-allow-list:JadedBlueEyes/federation-allow-list
git checkout JadedBlueEyes/federation-allow-list

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git checkout main
git merge --no-ff JadedBlueEyes/federation-allow-list
git checkout JadedBlueEyes/federation-allow-list
git rebase main
git checkout main
git merge --ff-only JadedBlueEyes/federation-allow-list
git checkout JadedBlueEyes/federation-allow-list
git rebase main
git checkout main
git merge --no-ff JadedBlueEyes/federation-allow-list
git checkout main
git merge --squash JadedBlueEyes/federation-allow-list
git checkout main
git merge --ff-only JadedBlueEyes/federation-allow-list
git checkout main
git merge JadedBlueEyes/federation-allow-list
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
Bug

Something isn't working as intended

  
Cherry-picking

Commits picked from other conduit projects

  
Dependencies

Something dependency related

  
Documentation

Improvements or additions to documentation

  
Duplicate

This issue or pull request already exists

  
Enhancement

New feature or request

  
Good first issue

Good for newcomers

  
Help wanted

Additional eyes and keyboards are required for this one

  
Inherited

Issues that have been inhereted from the project pre-fork

  
Invalid

This issue doesn't seem right

  
Matrix/Administration

Features pertaining to homeserver administration

  
Matrix/Appservices

Features pertaining to the appservice API

  
Matrix/Auth

Features pertaining to authentication

  
Matrix/Client

Features pertaining to client-to-server interactions

  
Matrix/Federation

Features pertaining to server-to-server interactions

  
Matrix/MSC

Features pertaining to unstable matrix features

  
Matrix/Media

Features pertaining to media interactions

  
Meta

Related to housekeeping, maintenance, or other repo-meta.

  
Performance

Issues related to performance and related improvements

  
Priority
Critical
This issue is of the utmost priority

  
Priority
High
This issue is very important

  
Priority
Low
This issue is of a rather low priority

  
Priority
Medium
This issue is of a medium priority

  
Priority
Unknown
The priority of this issue has not been triaged yet, or cannot be appropriately decided.

  
Security

This item is related to general security

  
Wont fix

This will not be worked on

  
no-priority

   
old/blocked

Issue is blocked on another issue being completed

Archived

  
old/ci/cd

Ci/CD

Archived

  
old/core-matrix

Archived

  
old/database

Database things

Archived

  
old/github_actions

Issue/PR is from GitHub Actions

Archived

  
old/high-priority

Archived

  
old/low-priority

Archived

  
old/medium-priority

Archived

  
old/question

General questions

Archived

  
old/rocksdb

RocksDB database stuff

Archived

  
old/rust

Pull requests that update Rust code

Archived

  
packaging

Packaging

No labels
Bug
Cherry-picking
Dependencies
Documentation
Duplicate
Enhancement
Good first issue
Help wanted
Inherited
Invalid
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Federation
Matrix/MSC
Matrix/Media
Meta
Performance
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Priority
Unknown
Security
Wont fix
no-priority
old/blocked
old/ci/cd
old/core-matrix
old/database
old/github_actions
old/high-priority
old/low-priority
old/medium-priority
old/question
old/rocksdb
old/rust
packaging
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: continuwuation/continuwuity#673
No description provided.
Delete branch "JadedBlueEyes/federation-allow-list"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?