pierre/MatrixGW
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Compare commits

base: pierre:renovate/uuid-1.x
Branches Tags
pierre:master pierre:renovate/uuid-1.x pierre:renovate/serde_json-1.x pierre:migrate-to-matrix-sdk
pierre:v1.0.0
..
compare: pierre:f3c405ad107a5db9c2ac61f03dd0aafb32aec33b
Branches Tags
pierre:renovate/uuid-1.x pierre:renovate/serde_json-1.x pierre:migrate-to-matrix-sdk pierre:master
pierre:v1.0.0

1 Commits
renovate/u ... f3c405ad10

Author SHA1 Message Date
Pierre HUBERT
f3c405ad10 Update Rust crate sha2 to v0.11.0-pre.5
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-09 00:18:52 +00:00
14 changed files with 519 additions and 672 deletions
Expand all files Collapse all files

922
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

44
Cargo.toml
View File

@@ -4,32 +4,32 @@ version = "0.1.0"
edition = "2021"
[dependencies]
log = "0.4.28"
env_logger = "0.11.8"
clap = { version = "4.5.51", features = ["derive", "env"] }
log = "0.4.25"
env_logger = "0.11.6"
clap = { version = "4.5.26", features = ["derive", "env"] }
lazy_static = "1.5.0"
anyhow = "1.0.100"
serde = { version = "1.0.228", features = ["derive"] }
serde_json = "1.0.143"
rust-s3 = { version = "0.37.0", features = ["tokio"] }
actix-web = "4.11.0"
actix-session = { version = "0.11.0", features = ["redis-session"] }
light-openid = "1.0.4"
thiserror = "2.0.17"
rand = "0.9.2"
rust-embed = "8.8.0"
anyhow = "1.0.95"
serde = { version = "1.0.217", features = ["derive"] }
serde_json = "1.0.137"
rust-s3 = { version = "0.36.0-beta.2", features = ["tokio"] }
actix-web = "4"
actix-session = { version = "0.10.1", features = ["redis-session"] }
light-openid = "1.0.2"
thiserror = "2.0.11"
rand = "0.9.0"
rust-embed = "8.5.0"
mime_guess = "2.0.5"
askama = "0.14.0"
askama = "0.12.1"
urlencoding = "2.1.3"
uuid = { version = "1.18.1", features = ["v4", "serde"] }
uuid = { version = "1.12.1", features = ["v4", "serde"] }
ipnet = { version = "2.11.0", features = ["serde"] }
chrono = "0.4.42"
chrono = "0.4.39"
futures-util = { version = "0.3.31", features = ["sink"] }
jwt-simple = { version = "0.12.13", default-features = false, features = ["pure-rust"] }
jwt-simple = { version = "0.12.11", default-features = false, features = ["pure-rust"] }
actix-remote-ip = "0.1.0"
bytes = "1.10.1"
sha2 = "0.11.0-rc.2"
base16ct = { version = "0.3.0", features = ["alloc"] }
ruma = { version = "0.13.0", features = ["client-api-c", "client-ext-client-api", "client-hyper-native-tls", "rand"] }
bytes = "1.9.0"
sha2 = "0.11.0-pre.4"
base16ct = "0.2.0"
ruma = { version = "0.12.0", features = ["client-api-c", "client-ext-client-api", "client-hyper-native-tls", "rand"] }
actix-ws = "0.3.0"
tokio = { version = "1.48.0", features = ["rt", "time", "macros", "rt-multi-thread"] }
tokio = { version = "1.43.0", features = ["rt", "time", "macros", "rt-multi-thread"] }

9
README.md
View File

@@ -18,20 +18,13 @@ docker run --rm -it docker.io/pierre42100/matrix_gateway --help
## Setup dev environment
```
mkdir -p storage/maspostgres storage/synapse storage/minio
mkdir -p storage/postgres storage/synapse storage/minio
docker compose up
```
To create default account, in another terminal, run the following command:
```bash
docker compose --profile create-accounts up -d
```
URLs:
* Element: http://localhost:8080/
* Synapse: http://localhost:8448/
* Matrix Authentication Service: http://localhost:8778/
* OpenID configuration: http://127.0.0.1:9001/dex/.well-known/openid-configuration
* Minio console: http://localhost:9002/

57
docker-compose.yml
View File

@@ -1,48 +1,15 @@
services:
mas:
image: ghcr.io/element-hq/matrix-authentication-service:main
user: "1000"
restart: unless-stopped
depends_on:
- masdb
volumes:
- ./docker/mas:/config:ro
command: server -c /config/config.yaml
ports:
- "8778:8778/tcp"
mas_create_admin1:
image: ghcr.io/element-hq/matrix-authentication-service:main
user: "1000"
restart: no
profiles: ["create-accounts"]
depends_on:
- mas
volumes:
- ./docker/mas:/config:ro
command: |
manage register-user -c /config/config.yaml -y --ignore-password-complexity
-p admin1 -e admin1@admin1.local --admin -d "Admin One" admin1
mas_create_user1:
image: ghcr.io/element-hq/matrix-authentication-service:main
user: "1000"
restart: no
profiles: ["create-accounts"]
depends_on:
- mas
volumes:
- ./docker/mas:/config:ro
command: |
manage register-user -c /config/config.yaml -y --ignore-password-complexity
-p user1 -e user1@user1.local -d "User One" user1
synapse:
image: docker.io/matrixdotorg/synapse:latest
user: "1000"
# Since synapse does not retry to connect to the database, restart upon
# failure
restart: unless-stopped
entrypoint: /bin/bash
command: >
-c "nohup bash -c 'sleep 10; /config/delayed_accounts_creation.sh' \&
./start.py"
# See the readme for a full documentation of the environment settings
# NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
environment:
@@ -55,25 +22,25 @@ services:
# - ./files:/data
# - /path/to/ssd:/data/uploads
# - /path/to/large_hdd:/data/media
depends_on:
- db
# In order to expose Synapse, remove one of the following, you might for
# instance expose the TLS port directly:
ports:
- "8448:8448/tcp"
- 8448:8448/tcp
masdb:
image: docker.io/postgres:18-alpine
db:
image: docker.io/postgres:12-alpine
user: "1000"
environment:
- POSTGRES_DB=masdb
- POSTGRES_USER=masdb
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=changeme
# ensure the database gets created correctly
# https://element-hq.github.io/synapse/latest/postgres.html#set-up-database
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
- PGDATA=/data
volumes:
# You may store the database tables in a local folder..
- ./storage/maspostgres:/data
- ./storage/postgres:/var/lib/postgresql/data
# .. or store them on some high performance storage for better results
# - /path/to/ssd/storage:/var/lib/postgresql/data

113
docker/mas/config.yaml
View File

@@ -1,113 +0,0 @@
http:
listeners:
- name: web
resources:
- name: discovery
- name: human
- name: oauth
- name: compat
- name: graphql
- name: assets
binds:
- address: '[::]:8778'
proxy_protocol: false
- name: internal
resources:
- name: health
binds:
- host: localhost
port: 8081
proxy_protocol: false
trusted_proxies:
- 192.168.0.0/16
- 172.16.0.0/12
- 10.0.0.0/10
- 127.0.0.1/8
- fd00::/8
- ::1/128
public_base: http://localhost:8778/
issuer: http://localhost:8778/
database:
uri: postgresql://masdb:changeme@masdb/masdb
max_connections: 10
min_connections: 0
connect_timeout: 30
idle_timeout: 600
max_lifetime: 1800
email:
from: '"Authentication Service" <root@localhost>'
reply_to: '"Authentication Service" <root@localhost>'
transport: blackhole
secrets:
encryption: 12de9ad7bc2bacfa2ab9b1e3f7f1b3feb802195c8ebe66a8293cdb27f00be471
keys:
- kid: Bj2PICQ7mf
key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAsCYCrrCJA7IuGbTYzP5yZN74QszbzudBUCX6MyN/+36HO2r6
xL8x1PRJ+Klx9Y90J9pWuo+cIuEmFLqO+Yfblo9fSQgZVvkWAFpO6Xh8J4z9qg49
M8xm0Ct8EnRDZDCEOBnwoDaAB9RTbpJGa1RPVCiamfi+xU+j47Zl4Er5jvLm81O7
DSlH9eK8Eih8AxuKTkAbKE1zyXquImE26Mj2dmMRfjDrWV/I8oqE3WFViAKR12Av
zw6TUyduiz8nK9pONCF3NIcQvBdHntBz1HlDXv6i0fRvlGIhjNL5LBgo6XQ3rNM1
bW2KYOw/iFP0YbfD4/xRjkBPvK2coQ8aRzK2VwIDAQABAoH/G4XU5Xav8ePlUB7x
wRYAycINCGL59Vos2lkUvujNFn6uopoUlKlLH/sLk87l/3hqrc9vvbayrsB/Mr3z
mQmhReUg/khFrVE+Hs/9hH1O6N8ew3N2HKHTbrNcr4V7AiySfDGRZ3ccihyi7KPu
XNbPjlbJ0UUMicfn06ysPl94nt0So0UAmXg+c7sDDqyzh3cY8emedYZ5FCljo/jA
F8k40rs7CywLJYMJB9O1vtomgt1xkDRO4F8UrZrriMIcYn0iFKe7i4AH8D6nkgNu
/v9Z43Leu8yRKrUvbpH3NaX8DlUSFWAXKpwUWr4sAQgWcLkVgjAXG1v9jCE97qW2
f0nBAoGBAOaKrnY5rWeZ74dERnPhSCsYiqRMneQAh7eJR+Er+xu1yF/bxwkhq2tK
/txheTK448DqhQRtr095t/v7TMZcPl3bSmybT1CQg/wiMJsgDMZqlC9tofvcq6uz
xP8vxMFHd0YSMSP693dkny4MzNY6LuoVWDLT+HxKPJyzGs1alruzAoGBAMOZp5J2
3ODcHQlcsGBtj1yVpQ4UXMvrSZF2ygiGK9bagL/f1iAtwACVOh5rgmbiOLSVgmR2
n4nupTgSAXMYkjmAmDyEh0PDaRl4WWvYEKp8GMvTPVPvjc6N0dT+y8Mf9bu+LcEt
+uZqPOZNbO5Vi+UgGeM9zZpxq/K7dpJmM/jNAoGBALsYHRGxKTsEwFEkZZCxaWIg
HpPL4e8hRwL6FC13BeitFBpHQDX27yi5yi+Lo1I4ngz3xk+bvERhYaDLhrkML0j4
KGQPfsTBI3vBO3UJA5Ua9XuwG19M7L0BvYPjfmfk2bUyGlM63w4zyMMUfD/3JA+w
ls1ZHTWxAZOh/sRdGirlAoGAX16B1+XgmDp6ZeAtlzaUGd5U1eKTxFF6U1SJ+VIB
+gYblHI84v+riB06cy6ULDnM0C+9neJAs24KXKZa0pV+Zk8O6yLrGN0kV2jYoL5+
kcFkDa13T3+TssxvLNz22LKyi9GUWYZjuQi/nMLPg/1t8k+Oj7/Iia822WkRzRvL
51kCgYEAwrN5Us8LR+fThm3C0vhvwv2wap6ccw0qq5+FTN+igAZAmmvKKvhow2Vi
LnPKBkc7QvxvQSNoXkdUo4qs3zOQ7DGvJLqSG9pwxFW5X1+78pNEm5OWe8AlT1uZ
Jz8Z1/Ae7fr/fFaucW9LkWjcuoPwPLiZ3b7ZQ6phs8qzoL+FpBI=
-----END RSA PRIVATE KEY-----
- kid: HcRvLHat12
key: |
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIOCCFSnkfz1ksln6kus8enQstBTu0q62IGJVzuX0WiXPoAoGCCqGSM49
AwEHoUQDQgAEVWPLbvSdxquLAjU3zJLcCWdaxr6QK1tPVbV1IS+87QUMv/zKiCMa
fNpwgBXwU7dF0gY507R2yY9pcdTmRtnRug==
-----END EC PRIVATE KEY-----
- kid: YjMITk5VSn
key: |
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDCoPSjaN7qqnPz+vdzHeIy8RZCCtFOqLTkvylM1gz6xOGaVsS63VJw9
Td9BtpolZ0egBwYFK4EEACKhZANiAAT8tH88HYBHNiQTSqZzlxElSuSDC0+Xn0O9
ukj0xTTVBp8rUM9lCJQAlB8PjS2XK/n0YvYdzysQb3AYqszJa45/rOGvSar30YNE
gwpJvu36xNIKZT+nHalNwg069FdjNBc=
-----END EC PRIVATE KEY-----
- kid: NvFzzeMRU3
key: |
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEILJEmFPDGFZoBVBQf1P6h4YfasYsFiu8a6FrFxiJvKXPoAcGBSuBBAAK
oUQDQgAE4NY5H3+D8r9GNOhrpbUn2dvLZIzi4A+SiwfqvtvPEmZkW+KDbd2tzKmx
maydZBn52QWedVY65snGAEoh9mV1TQ==
-----END EC PRIVATE KEY-----
passwords:
enabled: true
schemes:
- version: 1
algorithm: argon2id
minimum_complexity: 0
account:
password_registration_enabled: true
password_registration_email_required: false
matrix:
kind: synapse
homeserver: localhost
secret: IhKoLn6jWf1qRRZWvqgaKuIdwD6H0Mvx
endpoint: http://synapse:8448/
policy:
data:
client_registration:
allow_insecure_uris: true

2
docker/synapse/delayed_accounts_creation.sh Executable file
View File

@@ -0,0 +1,2 @@
register_new_matrix_user -a --user admin1 --password admin1 --config /config/homeserver.yaml;
register_new_matrix_user --no-admin --user user1 --password user1 --config /config/homeserver.yaml;

6
docker/synapse/homeserver.yaml
View File

@@ -33,9 +33,3 @@ signing_key_path: "/config/localhost.signing.key"
trusted_key_servers:
- server_name: "matrix.org"
# vim:ft=yaml
matrix_authentication_service:
enabled: true
endpoint: http://mas:8778/
secret: "IhKoLn6jWf1qRRZWvqgaKuIdwD6H0Mvx"
# Alternatively, using a file:
#secret_file: /path/to/secret.txt

10
renovate.json
View File

@@ -1,3 +1,9 @@
{
"extends": ["local>renovate/presets"]
}
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"packageRules": [
{
"matchUpdateTypes": ["major", "minor", "patch"],
"automerge": true
}
]
}

2
src/app_config.rs
View File

@@ -2,7 +2,7 @@ use clap::Parser;
use s3::creds::Credentials;
use s3::{Bucket, Region};
/// Matrix gateway backend API
/// GeneIT backend API
#[derive(Parser, Debug, Clone)]
#[clap(author, version, about, long_about = None)]
pub struct AppConfig {

2
src/broadcast_messages.rs
View File

@@ -42,5 +42,5 @@ pub enum BroadcastMessage {
/// Stop a client with a given client ID
StopSyncClient(SyncClientID),
/// Propagate a new sync event
SyncEvent(UserID, Box<SyncEvent>),
SyncEvent(UserID, SyncEvent),
}

6
src/server/api/ws.rs
View File

@@ -34,7 +34,7 @@ pub async fn ws(
if let Err(e) = tx.send(BroadcastMessage::StartSyncTaskForUser(
auth.user.user_id.clone(),
)) {
log::error!("Failed to send StartSyncTaskForUser: {e}");
log::error!("Failed to send StartSyncTaskForUser: {}", e);
}
let rx = tx.subscribe();
@@ -94,9 +94,9 @@ pub async fn ws_handler(
}
// Send the message to the websocket
if let Ok(msg) = serde_json::to_string(&WsMessage::Sync(*event)) {
if let Ok(msg) = serde_json::to_string(&WsMessage::Sync(event)) {
if let Err(e) = session.text(msg).await {
log::error!("Failed to send SyncEvent: {e}");
log::error!("Failed to send SyncEvent: {}", e);
}
}
}

8
src/server/web_ui.rs
View File

@@ -105,12 +105,12 @@ pub async fn home(
// Close sync task
if let Err(e) = tx.send(BroadcastMessage::StopSyncTaskForUser(user.id.clone())) {
log::error!("Failed to send StopSyncClientForUser: {e}");
log::error!("Failed to send StopSyncClientForUser: {}", e);
}
// Invalidate all Ws connections
if let Err(e) = tx.send(BroadcastMessage::CloseAllUserSessions(user.id.clone())) {
log::error!("Failed to send CloseAllUserSessions: {e}");
log::error!("Failed to send CloseAllUserSessions: {}", e);
}
}
}
@@ -145,7 +145,7 @@ pub async fn home(
success_message = Some("The client was successfully deleted!".to_string());
if let Err(e) = tx.send(BroadcastMessage::CloseClientSession(delete_client_id)) {
log::error!("Failed to send CloseClientSession: {e}");
log::error!("Failed to send CloseClientSession: {}", e);
}
}
}
@@ -215,7 +215,7 @@ pub async fn oidc_cb(session: Session, query: web::Query<AuthCallbackQuery>) ->
name: user.name.unwrap_or("no_name".to_string()),
email: user.email.unwrap_or("no@mail.com".to_string()),
};
log::info!("Successful authentication as {user:?}");
log::info!("Successful authentication as {:?}", user);
session.insert(USER_SESSION_KEY, user)?;
Ok(HttpResponse::Found()

8
src/sync_client.rs
View File

@@ -28,7 +28,7 @@ pub async fn sync_client_manager(tx: broadcast::Sender<BroadcastMessage>) -> ! {
continue;
}
log::info!("Start sync task for user {user_id:?}");
log::info!("Start sync task for user {:?}", user_id);
let task_id = SyncClientID(uuid::Uuid::new_v4());
running_tasks.insert(user_id.clone(), task_id.clone());
@@ -41,7 +41,7 @@ pub async fn sync_client_manager(tx: broadcast::Sender<BroadcastMessage>) -> ! {
BroadcastMessage::StopSyncTaskForUser(user_id) => {
// Check if a task is running for this user
if let Some(task_id) = running_tasks.remove(&user_id) {
log::info!("Stop sync task for user {user_id:?}");
log::info!("Stop sync task for user {:?}", user_id);
tx.send(BroadcastMessage::StopSyncClient(task_id)).unwrap();
} else {
log::info!("Not stopping sync task for user {user_id:?}: not running");
@@ -122,12 +122,12 @@ async fn sync_task(
match msg_stream {
Ok(Some(msg)) => {
log::debug!("Received new message from Matrix: {msg:#?}");
if let Err(e) = tx.send(BroadcastMessage::SyncEvent(user_id.clone(), Box::new(SyncEvent {
if let Err(e) = tx.send(BroadcastMessage::SyncEvent(user_id.clone(), SyncEvent {
rooms: msg.rooms,presence: msg.presence,
account_data: msg.account_data,
to_device: msg.to_device,
device_lists: msg.device_lists,
}))) {
})) {
log::error!("Failed to propagate event! {e}");
}
}

2
src/user.rs
View File

@@ -147,7 +147,7 @@ impl UserConfig {
log::warn!("The bucket does not seem to exists, trying to create it!")
}
Err(e) => {
log::error!("Got unexpected error when querying bucket info: {e}");
log::error!("Got unexpected error when querying bucket info: {}", e);
return Err(e.into());
}
}