diff --git a/CHANGES.md b/CHANGES.md index 8052efd8a..384b8fb42 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,37 @@ # Changelog +## Dendrite 0.13.0 (2023-06-30) + +### Features + +- Results in responses to `/search` now highlight words more accurately and not only the search terms as before +- Support for connecting to appservices listening on unix sockets has been added (contributed by [cyberb](https://github.com/cyberb)) +- Admin APIs for token authenticated registration have been added (contributed by [santhoshivan23](https://github.com/santhoshivan23)) +- Initial support for [MSC4014: Pseudonymous Identities](https://github.com/matrix-org/matrix-spec-proposals/blob/kegan/pseudo-ids/proposals/4014-pseudonymous-identities.md) + - This is **highly experimental**, things like changing usernames/avatars, inviting users, upgrading rooms isn't working + +### Fixes + +- `m.upload.size` is now optional, finally allowing uploads with unlimited file size +- A bug while resolving server names has been fixed (contributed by [anton-molyboha](https://github.com/anton-molyboha)) +- Application services should only receive one invitation instead of 2 (or worse), which could result in state resets previously +- Several admin endpoints are now using `POST` instead of `GET` +- `/delete_devices` now uses user-interactive authentication +- Several "membership" (e.g `/kick`, `/ban`) endpoints are using less heavy database queries to check if the user is allowed to perform this action +- `/3pid` endpoints are now available on `/v3` instead of the `/unstable` prefix +- Upgrading rooms ignores state events of other users, which could result in failed upgrades before +- Uploading key backups with a wrong version now returns `M_WRONG_ROOM_KEYS_VERSION` +- A potential state reset when joining the same room multiple times in short sequence has been fixed +- A bug where we returned the full event as `redacted_because` in redaction events has been fixed +- The `displayname` and `avatar_url` can now be set to empty strings +- Unsafe hotserving of files has been fixed (contributed by [joshqou](https://github.com/joshqou)) +- Joining new rooms would potentially return "redacted" events, due to history visibility not being set correctly, this could result in events being rejected +- Backfilling resulting in `unsuported room version ''` should now be solved + +### Other + +- Huge refactoring of Dendrite and gomatrixserverlib + ## Dendrite 0.12.0 (2023-03-13) ### Features diff --git a/helm/cr.yaml b/helm/cr.yaml index 884c2b46b..d39e8bdce 100644 --- a/helm/cr.yaml +++ b/helm/cr.yaml @@ -1,2 +1,3 @@ release-name-template: "helm-{{ .Name }}-{{ .Version }}" -pages-index-path: docs/index.yaml \ No newline at end of file +pages-index-path: docs/index.yaml +make-release-latest: false \ No newline at end of file diff --git a/helm/dendrite/Chart.yaml b/helm/dendrite/Chart.yaml index 182f53c39..668fd84ec 100644 --- a/helm/dendrite/Chart.yaml +++ b/helm/dendrite/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: dendrite -version: "0.12.3" -appVersion: "0.12.0" +version: "0.13.0" +appVersion: "0.13.0" description: Dendrite Matrix Homeserver type: application keywords: diff --git a/helm/dendrite/README.md b/helm/dendrite/README.md index ca5705c03..562d1e235 100644 --- a/helm/dendrite/README.md +++ b/helm/dendrite/README.md @@ -1,7 +1,7 @@ # dendrite -![Version: 0.12.2](https://img.shields.io/badge/Version-0.12.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.12.0](https://img.shields.io/badge/AppVersion-0.12.0-informational?style=flat-square) +![Version: 0.13.0](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.13.0](https://img.shields.io/badge/AppVersion-0.13.0-informational?style=flat-square) Dendrite Matrix Homeserver Status: **NOT PRODUCTION READY** diff --git a/helm/dendrite/templates/ingress.yaml b/helm/dendrite/templates/ingress.yaml index 8f86ad723..9ef413dc9 100644 --- a/helm/dendrite/templates/ingress.yaml +++ b/helm/dendrite/templates/ingress.yaml @@ -1,24 +1,25 @@ {{- if .Values.ingress.enabled -}} - {{- $fullName := include "dendrite.fullname" . -}} - {{- $svcPort := .Values.service.port -}} - {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} - {{- end }} - {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +{{- $fullName := include "dendrite.fullname" . -}} +{{- $serverNameHost := .Values.dendrite_config.global.server_name -}} +{{- $wellKnownServerHost := default $serverNameHost (regexFind "^[^:]+" .Values.dendrite_config.global.well_known_server_name) -}} +{{- $wellKnownClientHost := default $serverNameHost (regexFind "^[^:]+" .Values.dendrite_config.global.well_known_client_name) -}} +{{- $allHosts := list $serverNameHost $wellKnownServerHost $wellKnownClientHost | uniq -}} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 - {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1beta1 - {{- else -}} +{{- else -}} apiVersion: extensions/v1beta1 - {{- end }} +{{- end }} kind: Ingress metadata: name: {{ $fullName }} labels: {{- include "dendrite.labels" . | nindent 4 }} annotations: + {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + kubernetes.io/ingress.class: {{ .Values.ingress.className }} + {{- end }} {{- with .Values.ingress.annotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -26,7 +27,7 @@ spec: {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} ingressClassName: {{ .Values.ingress.className }} {{- end }} - {{- if .Values.ingress.tls }} + {{- if kindIs "slice" .Values.ingress.tls }} tls: {{- range .Values.ingress.tls }} - hosts: @@ -35,8 +36,16 @@ spec: {{- end }} secretName: {{ .secretName }} {{- end }} + {{- else if .Values.ingress.tls.generate }} + tls: + - hosts: + {{- range $allHosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ $fullName }}-ingress-tls {{- end }} rules: + {{- if .Values.ingress.hostName }} - host: {{ .Values.ingress.hostName | quote }} http: paths: @@ -47,9 +56,60 @@ spec: service: name: {{ $fullName }} port: - number: {{ $svcPort }} + name: http {{- else }} serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} + servicePort: http {{- end }} - {{- end }} \ No newline at end of file + {{- else }} + - host: {{ $serverNameHost | quote }} + http: + paths: + - path: /.well-known/matrix + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + name: http + {{- else }} + serviceName: {{ $fullName }} + servicePort: http + {{- end }} + - host: {{ $wellKnownServerHost | quote }} + http: + paths: + {{- range list "/_matrix/key" "/_matrix/federation" }} + - path: {{ . | quote }} + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + name: http + {{- else }} + serviceName: {{ $fullName }} + servicePort: http + {{- end }} + {{- end }} + - host: {{ $wellKnownClientHost | quote }} + http: + paths: + {{- range list "/_matrix/client" "/_matrix/media" }} + - path: {{ . | quote }} + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + name: http + {{- else }} + serviceName: {{ $fullName }} + servicePort: http + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/dendrite/templates/prometheus-rules.yaml b/helm/dendrite/templates/prometheus-rules.yaml index 6693a4ed9..dc6c12cf9 100644 --- a/helm/dendrite/templates/prometheus-rules.yaml +++ b/helm/dendrite/templates/prometheus-rules.yaml @@ -6,7 +6,9 @@ metadata: name: {{ include "dendrite.fullname" . }} labels: {{- include "dendrite.labels" . | nindent 4 }} - {{- toYaml .Values.prometheus.rules.labels | nindent 4 }} + {{- with .Values.prometheus.rules.labels }} + {{- . | toYaml | nindent 4 }} + {{- end }} spec: groups: {{- if .Values.prometheus.rules.additionalRules }} diff --git a/helm/dendrite/templates/pvc.yaml b/helm/dendrite/templates/pvc.yaml index 897957e60..88eff3bed 100644 --- a/helm/dendrite/templates/pvc.yaml +++ b/helm/dendrite/templates/pvc.yaml @@ -12,7 +12,7 @@ spec: resources: requests: storage: {{ .Values.persistence.media.capacity }} - storageClassName: {{ .Values.persistence.storageClass }} + storageClassName: {{ default .Values.persistence.storageClass .Values.persistence.media.storageClass }} {{ end }} {{ if not .Values.persistence.jetstream.existingClaim }} --- @@ -28,7 +28,7 @@ spec: resources: requests: storage: {{ .Values.persistence.jetstream.capacity }} - storageClassName: {{ .Values.persistence.storageClass }} + storageClassName: {{ default .Values.persistence.storageClass .Values.persistence.jetstream.storageClass }} {{ end }} {{ if not .Values.persistence.search.existingClaim }} --- @@ -44,5 +44,5 @@ spec: resources: requests: storage: {{ .Values.persistence.search.capacity }} - storageClassName: {{ .Values.persistence.storageClass }} -{{ end }} \ No newline at end of file + storageClassName: {{ default .Values.persistence.storageClass .Values.persistence.search.storageClass }} +{{ end }} diff --git a/helm/dendrite/templates/servicemonitor.yaml b/helm/dendrite/templates/servicemonitor.yaml index 3819c7d02..4602140f8 100644 --- a/helm/dendrite/templates/servicemonitor.yaml +++ b/helm/dendrite/templates/servicemonitor.yaml @@ -9,7 +9,9 @@ metadata: name: {{ include "dendrite.fullname" . }} labels: {{- include "dendrite.labels" . | nindent 4 }} - {{- toYaml .Values.prometheus.servicemonitor.labels | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- . | toYaml | nindent 4 }} + {{- end }} spec: endpoints: - port: http diff --git a/helm/dendrite/values.yaml b/helm/dendrite/values.yaml index 41ec1c390..2b009c7d6 100644 --- a/helm/dendrite/values.yaml +++ b/helm/dendrite/values.yaml @@ -19,29 +19,38 @@ signing_key: resources: requests: memory: "512Mi" - limits: memory: "4096Mi" persistence: - # -- The storage class to use for volume claims. Defaults to the - # cluster default storage class. + # -- The storage class to use for volume claims. + # Used unless specified at the specific component. + # Defaults to the cluster default storage class. storageClass: "" jetstream: # -- Use an existing volume claim for jetstream existingClaim: "" # -- PVC Storage Request for the jetstream volume capacity: "1Gi" + # -- The storage class to use for volume claims. + # Defaults to persistence.storageClass + storageClass: "" media: # -- Use an existing volume claim for media files existingClaim: "" # -- PVC Storage Request for the media volume capacity: "1Gi" + # -- The storage class to use for volume claims. + # Defaults to persistence.storageClass + storageClass: "" search: # -- Use an existing volume claim for the fulltext search index existingClaim: "" # -- PVC Storage Request for the search volume capacity: "1Gi" + # -- The storage class to use for volume claims. + # Defaults to persistence.storageClass + storageClass: "" # -- Add additional volumes to the Dendrite Pod extraVolumes: [] @@ -50,7 +59,6 @@ extraVolumes: [] # secret: # secretName: extra-config - # -- Configure additional mount points volumes in the Dendrite Pod extraVolumeMounts: [] # ex. @@ -212,7 +220,6 @@ dendrite_config: # - msc2836 (Threading, see https://github.com/matrix-org/matrix-doc/pull/2836) # - msc2946 (Spaces Summary, see https://github.com/matrix-org/matrix-doc/pull/2946) - app_service_api: # -- Disable the validation of TLS certificates of appservices. This is # not recommended in production since it may allow appservice traffic @@ -359,14 +366,18 @@ postgresql: enabled: false ingress: - # -- Create an ingress for a monolith deployment + # -- Create an ingress for the deployment enabled: false - hosts: [] + # -- The ingressClass to use. Will be converted to annotation if not yet supported. className: "" - hostName: "" # -- Extra, custom annotations annotations: {} - + # -- The ingress hostname for your matrix server. + # Should align with the server_name and well_known_* hosts. + # If not set, generated from the dendrite_config values. + hostName: "" + # -- TLS configuration. Should contain information for the server_name and well-known hosts. + # Alternatively, set tls.generate=true to generate defaults based on the dendrite_config. tls: [] service: diff --git a/internal/version.go b/internal/version.go index 907547589..56d61d7bb 100644 --- a/internal/version.go +++ b/internal/version.go @@ -16,7 +16,7 @@ var build string const ( VersionMajor = 0 - VersionMinor = 12 + VersionMinor = 13 VersionPatch = 0 VersionTag = "" // example: "rc1" )