Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move the configuration file handling code into a separate module #385

Merged
merged 28 commits into from
Sep 13, 2021
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
cf17843
Add SydentConfig class and use when calling Sydent constructor
Sep 7, 2021
2985b37
Move database config handling over to SydentConfig
Sep 7, 2021
3a1a400
Move crypto config handling over to SydentConfig
Sep 7, 2021
91fdc6b
Move sms config handling over to SydentConfig
Sep 7, 2021
4b0a900
Move deprecated email template config over to SydentConfig
Sep 7, 2021
21b030a
Move email config handled by synapse.py over to SynapseConfig
Sep 7, 2021
11f8711
Move rest of email config over to SydenConfig
Sep 7, 2021
f09779b
Move deprecated http template config over to SydentConfig
Sep 7, 2021
25aac48
Move rest of http config handling over to SynapseConfig
Sep 7, 2021
1492c1c
Move server name config handling to SydentConfig
Sep 7, 2021
bb02656
Move 'general' template config handling over to SydentConfig
Sep 7, 2021
2d460ee
Move rest of 'general' config handling over to SydentConfig
Sep 7, 2021
4b0eb67
Remove deprecated template argument from get_branded_template
Sep 8, 2021
37b928b
Remove old cfg argument from Sydent constructor
Sep 8, 2021
a9415f4
Add changelog
Sep 8, 2021
c0b7b03
Merge remote-tracking branch 'origin/main' into azren/move_config_cod…
Sep 9, 2021
cf58f3a
Add file that got lost while fixing merge conflicts
Sep 9, 2021
85bd376
Apply suggestions from code review
Sep 10, 2021
6cf0090
Run linters
Sep 10, 2021
b0ad7d0
Make initial read of internalapi.http.port a local variable
Sep 10, 2021
760963e
Standardize it being one empty line after licence
Sep 10, 2021
d2c24c3
Document more clearly that parse_config_file sets up logging
Sep 10, 2021
e4b0bcb
Merge remote-tracking branch 'origin/main' into azren/move_config_cod…
Sep 10, 2021
64d3d34
Readd lines between licence and code to make linters happy
Sep 10, 2021
e57fa59
Apply suggestions from code review
Sep 10, 2021
d12d283
Add missing file from last commit
Sep 10, 2021
e4ce136
Fix type issues in config code
Sep 13, 2021
98bc803
Merge remote-tracking branch 'origin/main' into azren/move_config_cod…
Sep 13, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions sydent/config/http.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

from configparser import NoOptionError
from typing import TYPE_CHECKING

if TYPE_CHECKING:
Expand All @@ -29,3 +30,44 @@ def parse_config(self, cfg: "ConfigParser") -> None:
self.verify_response_template = None
if cfg.has_option("http", "verify_response_template"):
self.verify_response_template = cfg.get("http", "verify_response_template")

self.client_bind_address = cfg.get("http", "clientapi.http.bind_address")
self.client_port = cfg.getint("http", "clientapi.http.port")

# internal port is allowed to be set to an empty string in the config
self.internal_port = cfg.get("http", "internalapi.http.port")
Azrenbeth marked this conversation as resolved.
Show resolved Hide resolved
if self.internal_port:
self.internal_api_enabled = True
self.internal_port = int(self.internal_port)
try:
self.internal_bind_address = cfg.get(
"http", "internalapi.http.bind_address"
)
except NoOptionError:
self.internal_bind_address = "::1"
Azrenbeth marked this conversation as resolved.
Show resolved Hide resolved
else:
self.internal_api_enabled = False

self.cert_file = cfg.get("http", "replication.https.certfile")
self.ca_cert_File = cfg.get("http", "replication.https.cacert")
Azrenbeth marked this conversation as resolved.
Show resolved Hide resolved

self.replication_bind_address = cfg.get(
"http", "replication.https.bind_address"
)
self.replication_port = cfg.getint("http", "replication.https.port")

self.obey_x_forwarded_for = cfg.get("http", "obey_x_forwarded_for")

self.verify_federation_certs = cfg.getboolean("http", "federation.verifycerts")

self.server_http_url_base = cfg.get("http", "client_http_base")

self.base_replication_urls = {}

for section in cfg.sections():
if section.startswith("peer."):
# peer name is all the characters after 'peer.'
peer = section[5:]
if cfg.has_option(section, "base_replication_url"):
base_url = cfg.get(section, "base_replication_url")
self.base_replication_urls[peer] = base_url
richvdh marked this conversation as resolved.
Show resolved Hide resolved
3 changes: 1 addition & 2 deletions sydent/http/federation_tls_options.py
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,7 @@ class ClientTLSOptionsFactory:
"""Factory for Twisted ClientTLSOptions that are used to make connections
to remote servers for federation."""

def __init__(self, config):
verify_requests = config.getboolean("http", "federation.verifycerts")
def __init__(self, verify_requests):
Azrenbeth marked this conversation as resolved.
Show resolved Hide resolved
if verify_requests:
self._options = ssl.CertificateOptions(trustRoot=ssl.platformTrust())
else:
Expand Down
2 changes: 1 addition & 1 deletion sydent/http/httpclient.py
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ def __init__(self, sydent: "Sydent") -> None:
ip_whitelist=sydent.ip_whitelist,
ip_blacklist=sydent.ip_blacklist,
),
ClientTLSOptionsFactory(sydent.cfg)
ClientTLSOptionsFactory(sydent.config.http.verify_federation_certs)
if sydent.use_tls_for_federation
else None,
)
8 changes: 4 additions & 4 deletions sydent/http/httpcommon.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ def __init__(self, sydent: "Sydent") -> None:
self.trustRoot = self.makeTrustRoot()

def makeMyCertificate(self):
privKeyAndCertFilename = self.sydent.cfg.get(
"http", "replication.https.certfile"
)
# TODO Move some of this loading into parse_config
privKeyAndCertFilename = self.sydent.config.http.cert_file

if privKeyAndCertFilename == "":
logger.warning(
"No HTTPS private key / cert found: not starting replication server "
Expand All @@ -69,7 +69,7 @@ def makeMyCertificate(self):
def makeTrustRoot(self):
# If this option is specified, use a specific root CA cert. This is useful for testing when it's not
# practical to get the client cert signed by a real root CA but should never be used on a production server.
caCertFilename = self.sydent.cfg.get("http", "replication.https.cacert")
caCertFilename = self.sydent.config.http.ca_cert_File
Azrenbeth marked this conversation as resolved.
Show resolved Hide resolved
if len(caCertFilename) > 0:
try:
fp = open(caCertFilename)
Expand Down
9 changes: 5 additions & 4 deletions sydent/http/httpserver.py
Original file line number Diff line number Diff line change
Expand Up @@ -139,8 +139,9 @@ def __init__(self, sydent: "Sydent") -> None:
self.factory.displayTracebacks = False

def setup(self):
httpPort = int(self.sydent.cfg.get("http", "clientapi.http.port"))
interface = self.sydent.cfg.get("http", "clientapi.http.bind_address")
httpPort = self.sydent.config.http.client_port
interface = self.sydent.config.http.client_bind_address

logger.info("Starting Client API HTTP server on %s:%d", interface, httpPort)
self.sydent.reactor.listenTCP(
httpPort,
Expand Down Expand Up @@ -199,8 +200,8 @@ def __init__(self, sydent: "Sydent") -> None:
self.factory.displayTracebacks = False

def setup(self):
httpPort = int(self.sydent.cfg.get("http", "replication.https.port"))
interface = self.sydent.cfg.get("http", "replication.https.bind_address")
httpPort = self.sydent.config.http.replication_port
interface = self.sydent.config.http.replication_bind_address

if self.sydent.sslComponents.myPrivateCertificate:
# We will already have logged a warn if this is absent, so don't do it again
Expand Down
2 changes: 1 addition & 1 deletion sydent/http/servlets/store_invite_servlet.py
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ def render_POST(self, request: Request) -> JsonDict:
pubKeyBase64 = encode_base64(pubKey.encode())

baseUrl = "%s/_matrix/identity/api/v1" % (
self.sydent.cfg.get("http", "client_http_base"),
self.sydent.config.http.server_http_url_base,
)

keysToReturn = []
Expand Down
10 changes: 3 additions & 7 deletions sydent/replication/peer.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
# limitations under the License.

import binascii
import configparser
import json
import logging
from typing import TYPE_CHECKING, Any, Dict
Expand Down Expand Up @@ -138,12 +137,9 @@ def __init__(
self.lastSentVersion = lastSentVersion

# look up or build the replication URL
try:
replication_url = sydent.cfg.get(
"peer.%s" % server_name,
"base_replication_url",
)
except (configparser.NoSectionError, configparser.NoOptionError):
replication_url = self.sydent.config.http.base_replication_urls.get(server_name)

if replication_url is None:
if not port:
port = 1001
replication_url = "https://%s:%i" % (server_name, port)
Expand Down
18 changes: 8 additions & 10 deletions sydent/sydent.py
Original file line number Diff line number Diff line change
Expand Up @@ -395,14 +395,12 @@ def run(self):
self.replicationHttpsServer.setup()
self.pusher.setup()

internalport = self.cfg.get("http", "internalapi.http.port")
if internalport:
try:
interface = self.cfg.get("http", "internalapi.http.bind_address")
except configparser.NoOptionError:
interface = "::1"
if self.config.http.internal_api_enabled:
internalport = self.config.http.internal_port
interface = self.config.http.internal_bind_address

self.internalApiHttpServer = InternalApiHttpServer(self)
self.internalApiHttpServer.setup(interface, int(internalport))
self.internalApiHttpServer.setup(interface, internalport)

if self.pidfile:
with open(self.pidfile, "w") as pidfile:
Expand All @@ -411,9 +409,9 @@ def run(self):
self.reactor.run()

def ip_from_request(self, request):
if self.cfg.get(
"http", "obey_x_forwarded_for"
) and request.requestHeaders.hasHeader("X-Forwarded-For"):
if self.config.http.obey_x_forwarded_for and request.requestHeaders.hasHeader(
"X-Forwarded-For"
):
return request.requestHeaders.getRawHeaders("X-Forwarded-For")[0]
client = request.getClientAddress()
if isinstance(client, (address.IPv4Address, address.IPv6Address)):
Expand Down
2 changes: 1 addition & 1 deletion sydent/validators/emailvalidator.py
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ def makeValidateLink(

:return: The validation link.
"""
base = self.sydent.cfg.get("http", "client_http_base")
base = self.sydent.config.http.server_http_url_base
link = "%s/_matrix/identity/api/v1/validate/email/submitToken?token=%s&client_secret=%s&sid=%d" % (
base,
urllib.parse.quote(valSession.token),
Expand Down