aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* mod_storage_sql: Don't treat Enter or Ctrl-C as yes in upgrade commandKim Alvefur4 days1-1/+1
| | | | | It seems to imply that No is the default, so it shouldn't continue doing the Yes action unless you actually press Y
* mod_storage_sql: Detect SQLite3 without UPSERT (or SQLCipher 3.x)Kim Alvefur4 days1-1/+23
| | | | | | | | | | | | | | | | | | SQLCipher v3.4.1 (the version in Debian 12) is based on SQLite3 v3.15.2, while UPSERT support was introduced in SQLite3 v3.24.0 This check was not needed before because we v3.24.0 has not been in a version of Debian we support for a long, long time. Note however that SQLCipher databases are not compatible across major versions, upgrading from v3.x to v4.x requires executing a migration. Attempts at making `prosodyctl mod_storage_sql upgrade` perform such a migration has not been successful. Executing the following in the `sqlcipher` tool should do the migration: PRAGMA key = '<key material>'; PRAGMA cipher_migrate;
* util.sql: SQLCipher supportKim Alvefur4 days3-0/+13
| | | | | | | This enables use of encrypted databases if LuaDBI or LuaSQLite3 has been linked against SQLCipher. Using `LD_PRELOAD` may work as well. Requires SQLCipher >= 4.0.0 due to the use of UPSERT
* core.configmanager: Remove compatKim Alvefur6 days1-2/+0
| | | | I have updated my config now, have you? :)
* util.startup: Rename credentials path variable tooKim Alvefur9 days2-3/+3
|
* luacheck: Declare new config globalsKim Alvefur9 days1-0/+4
|
* core.configmanager: Rename Secret to CredentialKim Alvefur9 days1-4/+6
| | | | To match the variable name and what systemd calls them.
* core.configmanager: Add function for getting secrets from separate filesKim Alvefur11 days3-3/+22
| | | | | | | | | | | | Idea is to enable easily retrieving of secret values from files outside of the config, e.g. via the method used by systemd credentials. CREDENTIALS_DIRECTORY is expected to be set by the process manager invoking Prosody, so being unset and unavailable from prosodyctl is going to be normal and a warning is reported in that case. Care will have to be taken to make it clear that prosodyctl check will not work with such values. An error is thrown if the directory is unavailable when running under Prosody.
* core.configmanager: Add ways to read config values from filesKim Alvefur11 days4-4/+37
| | | | | | | | | | | | Inspired by something MattJ said Allows retrieving config values from files which are expected to be relative to the config directory, extending on the ENV_ method of retrieving config values from outside the config file. - FileLine retrieves the first line, stripping any trailing newline - FileContents reads the whole file - FileLines reads lines into an array
* mod_admin_shell: Remove log statement intended for development onlyMatthew Wild11 days1-1/+0
|
* util.bitcompat: Avoid potential noise from global metatableKim Alvefur12 days1-1/+1
| | | | | If this module is require'd from a plugin on a Lua version without the global bit32 library, it may trip a warning about accessing globals.
* mod_pubsub: Remove duplicate create_node commandMatthew Wild13 days1-16/+0
| | | | Removed the one without error handling.
* features: Add feature for bundled mod_cloud_notifyMatthew Wild13 days1-0/+2
| | | | Was supposed to be part of commit 2f38f3275a74.
* mod_authz_internal: Make host considered the parent configurableKim Alvefur2025-01-131-1/+1
| | | | | | | | | | | | This bestows the role specified by the 'host_user_role' setting onto users of that host. For simplicity, only a single host can be specified. Making it configurable allows for setups where VirtualHost and related Components may be siblings instead of having a subdomain relationship. For setups with many VirtualHosts sharing a single Component, the 'server_user_role' setting is more appropriate. Even more complicated setups would have to resort to mod_firewall or similar.
* luacheckrc: Add module.ready()Kim Alvefur2025-01-101-0/+1
|
* luacheckrc: Reorder module API methods for consistency with prosody-modulesKim Alvefur2025-01-101-1/+1
| | | | Makes it easier to keep them in sync when the diff is smaller
* util.signal: Factor out single #define that enables signalfd(2) useKim Alvefur2025-01-101-6/+10
| | | | Makes it easier to test by disabling this #define
* util.signal: Implement signalfd for *BSDKim Alvefur2025-01-101-8/+73
| | | | | | The Lua hook based signal handling does not work correctly if signal handling is setup in a coroutine. signalfd solves that in a nice way, but is Linux-only.
* mod_cloud_notify: Merge from prosody-modules@fc521fb5ffa0Matthew Wild2025-01-091-0/+653
| | | | | | Many thanks to Thilo Molitor and Kim Alvefur for their work on this module while it was in the community repository. It has been stable for some time, is widely used, and provides a feature that is important to most deployments.
* modulemanager: Allow modules to specify supported Lua versions in metadataMatthew Wild2025-01-091-0/+14
|
* modulemanager: Handle multiple digits in Lua version numberMatthew Wild2025-01-091-1/+1
| | | | | Lua has a slow release cycle, but it would be nice if Prosody doesn't break unnecessarily with 5.10 :)
* mod_invites: Add support for invites_page option to use external invites pagesMatthew Wild2025-01-091-0/+36
| | | | | | | | | | | This allows Prosody to easily provide friendly invitation links, even without setting up mod_invites_page (which is a community module). Admins can configure it to use a third-party deployment such as https://xmpp.link or they can deploy their own based on https://github.com/modernxmpp/easy-xmpp-invitation Alternatively they can just install mod_invites_page and this will all be handled automatically by that.
* prosodyctl: Hide the 'lua_paths' command from default command listingKim Alvefur2025-01-081-1/+1
| | | | | | All commands are called with a '-h' argument, but this one doesn't have that. Since it's meant to be machine readable, hiding it seems marginally more sensible than implementing '-h'.
* mod_storage_sql: Remove the word 'error' from debug messagesKim Alvefur2025-01-081-2/+2
| | | | | | The word 'error' anywhere, especially in harmless debug messages, are too often interpreted as fatal errors my some users, so best avoid that word. These look too scary as it is, being tracebacks.
* prosodyctl: Add lua_paths command to print the LUA_PATH and LUA_CPATH usedMatthew Wild2025-01-081-0/+9
| | | | | This can be useful to run scripts and stuff with access to the same Lua paths as Prosody uses.
* prosodyctl: 'about' becomes 'version -v', 'version' prints only versionMatthew Wild2025-01-081-2/+15
| | | | The 'about' command remains for backwards compatibility, but hidden.
* mod_pubsub: Remove unused loop variable [luacheck]Kim Alvefur2025-01-081-1/+1
|
* util.prosodyctl.shell: Remove non-existent export [luacheck]Kim Alvefur2025-01-081-1/+0
|
* prosodyctl: Remove unused importKim Alvefur2025-01-081-2/+0
| | | | Leftover after 854df134274f
* mod_admin_shell: Remove redundant 'mod_' prefix from debug messageKim Alvefur2025-01-081-1/+1
|
* core.moduleapi: Include source modules when handling itemsKim Alvefur2025-01-081-2/+10
| | | | | | | | | This improves consistency. Previously the 'source' field was only provided in the original event when an item was added. It is used to report the name of the module providing the item in a few places. Also considered adding a new API to modulemanager returning a mapping of items per module and then using that here.
* mod_admin_shell: Fix reporting origin module for commandsKim Alvefur2025-01-081-1/+1
| | | | | | | The field `_provided_by` comes from module:provides(), but these items comes from moduel:add_item(), which include the originating module as a 'source' field of the event. However, this is absent when items are retrieved at a later time than the initial event.
* mod_pubsub: Quiet down check for service adminKim Alvefur2025-01-071-1/+1
| | | | This produced a *lot* of noise, especially listing items.
* mod_pubsub: Limit node listing based on new ACL-aware metadata methodKim Alvefur2025-01-071-1/+4
| | | | | | | Ensures that nodes that one does not have metadata access to are hidden from view. This follows from the new ACL-aware method added in 3b357ab6b6eb.
* prosodyctl: deluser: Use user:delete() shell command for implementationMatthew Wild2025-01-071-27/+2
|
* prosodyctl: passwd: Use user:password() shell command for implementationMatthew Wild2025-01-071-31/+2
|
* mod_admin_shell: user:password(): Support prompting for password if none givenMatthew Wild2025-01-071-6/+9
|
* mod_admin_shell: user:create(): Reject promise with error message on failureMatthew Wild2025-01-071-1/+1
|
* mod_admin_shell: Mark event as handled when requested input is submittedMatthew Wild2025-01-071-0/+1
|
* prosodyctl: adduser: use shell user:create() to provide the implementationMatthew Wild2025-01-071-31/+2
| | | | | | | | | This allows user creation to happen inside the running Prosody process, which improves a number of things - such as executing event handlers for user creation, fixing issues and race conditions with some storage drivers, etc. The intent is to do the same for the other prosodyctl commands, but this is the first proof of concept for the approach.
* mod_admin_shell: user:create(): request password via prompt if none givenMatthew Wild2025-01-071-6/+7
|
* mod_admin_shell: Add session method to request (password) input from shell ↵Matthew Wild2025-01-071-0/+46
| | | | client
* mod_admin_socket: Fire event on admin client disconnectMatthew Wild2025-01-071-1/+6
|
* mod_admin_shell: Don't pause async thread while waiting for promise resultMatthew Wild2025-01-071-14/+22
| | | | | | | | | | | This allows us to continue sending/receiving on the session, for example if the promise will be resolved by other data that the client is going to send. Specifically, this allows the repl-request-input to work without a deadlock. It does open the door to interleaved commands/results, which may not be a good thing overall, but can be restricted separately if necessary (e.g. a flag on the session).
* util.prosodyctl.shell: Support for requesting special inputs, e.g. passwordsMatthew Wild2025-01-071-0/+17
| | | | | This lets the server signal to the client that a special input is requested. Currently we support the "password" type only.
* util.adminstream: Expose session events (specifically "disconnected")Matthew Wild2025-01-071-8/+10
| | | | Currently there is no way to get this info and perform cleanup tasks.
* mod_cron: Don't run tasks if loaded inside prosodyctlMatthew Wild2025-01-071-0/+4
| | | | | It's common for modules to depend on mod_cron, and this can lead to it loading inside prosodyctl, where we don't really want to run any cron tasks.
* mod_authz_internal: Make 'prosody:guest' default role for all unknown JIDsMatthew Wild2025-01-071-2/+2
| | | | | | | | | | | | | | | This fixes an issue where e.g. remote users or even other users on the server were unable to list MUC rooms. We want to define a permission to list MUC rooms, but we want it to be available to everyone by default (the traditional behaviour). prosody:guest is the lowest role we have. I ran a quick check and it isn't really used for anything right now that would be concerning. It was originally designed for anonymous logins. I think it's safe to treat remote JIDs as equivalent, since we have no trust relationship with anonymous users either.
* mod_pep: Support for node/item management commandsMatthew Wild2025-01-071-0/+3
|
* mod_pubsub: Expand shell commands to include node/item managementMatthew Wild2025-01-072-38/+256
|