Version 1.38.1

CHANGELOG

@@ -172,3 +172,367 @@
 * Fixes a long standing bug in worker mode where worker information was saved in the devices table instead of the original IP address and user agent. (#7797)
 * Fix 'stuck invites' which happen when we are unable to reject a room invite received over federation. (#7804, #7809, #7810)
 
+[1.8.0]
+* Update Synapse to 1.18.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.18.0)
+* Include room states on invite events that are sent to application services. Contributed by @Sorunome. (#6455)
+* Add delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete). Contributed by @dklimpel. (#7613, #7953)
+* Add experimental support for running multiple federation sender processes. (#7798)
+* Add the option to validate the iss and aud claims for JWT logins. (#7827)
+* Add support for handling registration requests across multiple client reader workers. (#7830)
+* Add an admin API to list the users in a room. Contributed by Awesome Technologies Innovationslabor GmbH. (#7842)
+* Allow email subjects to be customised through Synapse's configuration. (#7846)
+* Add the ability to re-activate an account from the admin API. (#7847, #7908)
+* Support oEmbed for media previews. (#7920)
+
+[1.9.0]
+* Update Synapse to 1.19.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.19.0)
+* Add option to allow server admins to join rooms which fail complexity checks. Contributed by @lugino-emeritus. (#7902)
+* Add an option to purge room or not with delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete). Contributed by @dklimpel. (#7964)
+* Add rate limiting to users joining rooms. (#8008)
+* Add a /health endpoint to every configured HTTP listener that can be used as a health check endpoint by load balancers. (#8048)
+* Allow login to be blocked based on the values of SAML attributes. (#8052)
+* Allow guest access to the GET /_matrix/client/r0/rooms/{room_id}/members endpoint, according to MSC2689. Contributed by Awesome Technologies Innovationslabor GmbH. (#7314)
+
+[1.9.1]
+* Update Synapse to 1.19.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.19.1)
+* Fix a bug introduced in v1.19.0 where appservices with ratelimiting disabled would still be ratelimited when joining rooms. (#8139)
+* Fix a bug introduced in v1.19.0 that would cause e.g. profile updates to fail due to incorrect application of rate limits on join requests. (#8153)
+
+[1.10.0]
+* Update Synapse to 1.19.3
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.19.3)
+* Partially mitigate bug where newly joined servers couldn't get past events in a room when there is a malformed event. (#8350)
+* Make index.html customizable
+
+[1.11.0]
+* Update Synapse to 1.20.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.20.0)
+* Add an endpoint to query your shared rooms with another user as an implementation of MSC2666. (#7785)
+* Iteratively encode JSON to avoid blocking the reactor. (#8013, #8116)
+* Add support for shadow-banning users (ignoring any message send requests). (#8034, #8092, #8095, #8142, #8152, #8157, #8158, #8176)
+* Use the default template file when its equivalent is not found in a custom template directory. (#8037, #8107, #8252)
+* Add unread messages count to sync responses, as specified in MSC2654. (#8059, #8254, #8270, #8274)
+* Optimise /federation/v1/user/devices/ API by only returning devices with encryption keys. (#8198)
+
+[1.12.0]
+* Update Synapse to 1.21.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.21.0)
+* Require the user to confirm that their password should be reset after clicking the email confirmation link. (#8004)
+* Add an admin API GET /_synapse/admin/v1/event_reports to read entries of table event_reports. Contributed by @dklimpel. (#8217)
+* Consolidate the SSO error template across all configuration. (#8248, #8405)
+* Add a configuration option to specify a whitelist of domains that a user can be redirected to after validating their email or phone number. (#8275, #8417)
+* Add experimental support for sharding event persister. (#8294, #8387, #8396, #8419)
+* Add the room topic and avatar to the room details admin API. (#8305)
+* Add an admin API for querying rooms where a user is a member. Contributed by @dklimpel. (#8306)
+
+[1.12.1]
+* Updat Synapse to 1.21.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.21.1)
+
+[1.12.2]
+* Update Synapse to 1.21.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.21.2)
+* Security: HTML pages served via Synapse were vulnerable to cross-site scripting (XSS) attacks. All server administrators are encouraged to upgrade
+* Fix rare bug where sending an event would fail due to a racey assertion. (#8530)
+
+[1.13.0]
+* Update Synapse to 1.22.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.22.0)
+* Add ability for ThirdPartyEventRules modules to query and manipulate whether a room is in the public rooms directory. (#8292, #8467)
+* Add support for olm fallback keys (MSC2732). (#8312, #8501)
+* Add support for running background tasks in a separate worker process. (#8369, #8458, #8489, #8513, #8544, #8599)
+* Add support for device dehydration (MSC2697). (#8380)
+* Add support for MSC2409, which allows sending typing, read receipts, and presence events to appservices. (#8437, #8590)
+* Change default room version to "6", per MSC2788. (#8461)
+* Add the ability to send non-membership events into a room via the ModuleApi. (#8479)
+* Increase default upload size limit from 10M to 50M. Contributed by @Akkowicz. (#8502)
+* Add support for modifying event content in ThirdPartyRules modules. (#8535, #8564)
+
+[1.13.1]
+* Update Synapse to 1.22.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.22.1)
+* Fix a bug where an appservice may not be forwarded events for a room it was recently invited to. Broke in v1.22.0. (#8676)
+* Fix Object of type frozendict is not JSON serializable exceptions when using third-party event rules. Broke in v1.22.0. (#8678)
+
+[1.14.0]
+* Update Synapse to 1.23.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.23.0)
+* Add a push rule that highlights when a jitsi conference is created in a room. (#8286)
+* Add an admin api to delete a single file or files that were not used for a defined time from server. Contributed by @dklimpel. (#8519)
+* Split admin API for reported events (GET /_synapse/admin/v1/event_reports) into detail and list endpoints. This is a breaking change to #8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts. Contributed by @dklimpel. (#8539)
+* Support generating structured logs via the standard logging configuration. (#8607, #8685)
+* Add an admin API to allow server admins to list users' pushers. Contributed by @dklimpel. (#8610, #8689)
+* Add an admin API GET /_synapse/admin/v1/users/<user_id>/media to get information about uploaded media. Contributed by @dklimpel. (#8647)
+* Add an admin API for local user media statistics. Contributed by @dklimpel. (#8700)
+* Add displayname to Shared-Secret Registration for admins. (#8722)
+
+[1.14.1]
+* Update Synapse to 1.23.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.23.1)
+* There is a denial of service attack (CVE-2020-26257) against the federation APIs in which future events will not be correctly sent to other servers over federation. This affects all servers that participate in open federation. (Fixed in #8776).
+
+[1.15.0]
+* Update Synapse to 1.24.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.24.0)
+* Add a maximum version for pysaml2 on Python 3.5
+
+[1.16.0]
+* Update Synapse to 1.25.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.25.0)
+* Add an admin API that lets server admins get power in rooms in which local users have power. (#8756)
+* Add optional HTTP authentication to replication endpoints. (#8853)
+* Improve the error messages printed as a result of configuration problems for extension modules. (#8874)
+* Add the number of local devices to Room Details Admin API. Contributed by @dklimpel. (#8886)
+* Add X-Robots-Tag header to stop web crawlers from indexing media. Contributed by Aaron Raimist. (#8887)
+* Spam-checkers may now define their methods as async. (#8890)
+* Add support for allowing users to pick their own user ID during a single-sign-on login. (#8897, #8900, #8911, #8938, #8941, #8942, #8951)
+* Add an email.invite_client_location configuration option to send a web client location to the invite endpoint on the identity server which allows customisation of the email template. (#8930)
+* The search term in the list room and list user Admin APIs is now treated as case-insensitive. (#8931)
+* Apply an IP range blacklist to push and key revocation requests. (#8821, #8870, #8954)
+* Add an option to allow re-use of user-interactive authentication sessions for a period of time. (#8970)
+* Allow running the redact endpoint on workers. (#8994)
+
+[1.17.0]
+* Update Synapse to 1.26.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.26.0)
+* During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. (#9091)
+* Give the public_baseurl a default value, if it is not explicitly set in the configuration file. (#9159)
+* Improve performance when calculating ignored users in large rooms. (#9024)
+* Implement MSC2176 in an experimental room version. (#8984)
+* Add an admin API for protecting local media from quarantine. (#9086)
+* Remove a user's avatar URL and display name when deactivated with the Admin API. (#8932)
+
+[1.18.0]
+* Update Synapse to 1.27.0
+* Use base image v3
+* Update python to 3.8
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.27.0)
+* Add an admin API for getting and deleting forward extremities for a room. (#9062)
+* Add an admin API for retrieving the current room state of a room. (#9168)
+* Add an admin API endpoint for shadow-banning users. (#9209)
+
+[1.19.0]
+* Update Synapse to 1.28.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.28.0)
+* New admin API to get the context of an event: /_synapse/admin/rooms/{roomId}/context/{eventId}. (#9150)
+* Further improvements to the user experience of registration via single sign-on. (#9300, #9301)
+* Add hook to spam checker modules that allow checking file uploads and remote downloads. (#9311)
+* Add support for receiving OpenID Connect authentication responses via form POSTs rather than GETs. (#9376)
+* Add the shadow-banning status to the admin API for user info. (#9400)
+
+[1.20.0]
+* Update Synapse to 1.29.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.29.0)
+* Add rate limiters to cross-user key sharing requests. (#8957)
+* Add order_by to the admin API GET /_synapse/admin/v1/users/<user_id>/media. Contributed by @dklimpel. (#8978)
+* Add some configuration settings to make users' profile data more private. (#9203)
+* The no_proxy and NO_PROXY environment variables are now respected in proxied HTTP clients with the lowercase form taking precedence if both are present. Additionally, the lowercase https_proxy environment variable is now respected in proxied HTTP clients on top of existing support for the uppercase HTTPS_PROXY form and takes precedence if both are present. Contributed by Timothy Leung. (#9372)
+* Add a configuration option, user_directory.prefer_local_users, which when enabled will make it more likely for users on the same server as you to appear above other users. (#9383, #9385)
+* Add support for regenerating thumbnails if they have been deleted but the original image is still stored. (#9438)
+
+[1.21.0]
+* Update Synapse to 1.30.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.30.0)
+* Add prometheus metrics for number of users successfully registering and logging in. (#9510, #9511, #9573)
+* Add synapse_federation_last_sent_pdu_time and synapse_federation_last_received_pdu_time prometheus metrics, which monitor federation delays by reporting the timestamps of messages sent and received to a set of remote servers. (#9540)
+* Add support for generating JSON Web Tokens dynamically for use as OIDC client secrets. (#9549)
+* Optimise handling of incomplete room history for incoming federation. (#9601)
+* Finalise support for allowing clients to pick an SSO Identity Provider (MSC2858). (#9617)
+* Tell spam checker modules about the SSO IdP a user registered through if one was used. (#9626)
+
+[1.21.1]
+* Update Synapse to 1.30.1
+
+[1.22.0]
+* Update Synapse to 1.31.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.31.0)
+* Add support to OpenID Connect login for requiring attributes on the userinfo response. Contributed by Hubbe King. (#9609)
+* Add initial experimental support for a "space summary" API. (#9643, #9652, #9653)
+* Add support for the busy presence state as described in MSC3026. (#9644)
+* Add support for credentials for proxy authentication in the HTTPS_PROXY environment variable. (#9657)
+
+[1.22.1]
+* Update Synapse to 1.32.0
+* Add a Synapse module for routing presence updates between users. (#9491)
+* Add an admin API to manage ratelimit for a specific user. (#9648)
+* Include request information in structured logging output. (#9654)
+* Add order_by to the admin API GET /_synapse/admin/v2/users. Contributed by @dklimpel. (#9691)
+* Replace the room_invite_state_types configuration setting with room_prejoin_state. (#9700)
+* Add experimental support for MSC3083: restricting room access via group membership. (#9717, #9735)
+* Update experimental support for Spaces: include m.room.create in the room state sent with room-invites. (#9710)
+* Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
+* Prevent synapse_forward_extremities and synapse_excess_extremity_events Prometheus metrics from initially reporting zero-values after startup. (#8926)
+* Fix recently added ratelimits to correctly honour the application service rate_limited flag. (#9711)
+* Fix longstanding bug which caused duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key" errors. (#9725)
+* Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. (#9770)
+* Fix duplicate logging of exceptions thrown during federation transaction processing. (#9780)
+
+[1.22.2]
+* Update Synapse to 1.32.0
+* Add a Synapse module for routing presence updates between users. (#9491)
+* Add an admin API to manage ratelimit for a specific user. (#9648)
+* Include request information in structured logging output. (#9654)
+* Add order_by to the admin API GET /_synapse/admin/v2/users. Contributed by @dklimpel. (#9691)
+* Replace the room_invite_state_types configuration setting with room_prejoin_state. (#9700)
+* Add experimental support for MSC3083: restricting room access via group membership. (#9717, #9735)
+* Update experimental support for Spaces: include m.room.create in the room state sent with room-invites. (#9710)
+* Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
+* Prevent synapse_forward_extremities and synapse_excess_extremity_events Prometheus metrics from initially reporting zero-values after startup. (#8926)
+* Fix recently added ratelimits to correctly honour the application service rate_limited flag. (#9711)
+* Fix longstanding bug which caused duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key" errors. (#9725)
+* Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. (#9770)
+* Fix duplicate logging of exceptions thrown during federation transaction processing. (#9780)
+
+[1.22.3]
+* Update Synapse to 1.32.1
+* Fix a regression in Synapse 1.32.0 which caused Synapse to report large numbers of Prometheus time series, potentially overwhelming Prometheus instances. (#9854)
+
+[1.22.4]
+* Update Synapse to 1.32.2
+* Fix a regression in Synapse 1.32.0 and 1.32.1 which caused LoggingContext errors in plugins. (#9857)
+
+[1.23.0]
+* Update Synapse to 1.33.0
+* Update experimental support for MSC3083: restricting room access via group membership. (#9800, #9814)
+* Add experimental support for handling presence on a worker. (#9819, #9820, #9828, #9850)
+* Return a new template when an user attempts to renew their account multiple times with the same token, stating that their account is set to expire. This replaces the invalid token template that would previously be shown in this case. This change concerns the optional account validity feature. (#9832)
+* Fixes the OIDC SSO flow when using a public_baseurl value including a non-root URL path. (#9726)
+* Fix thumbnail generation for some sites with non-standard content types. Contributed by @rkfg. (#9788)
+* Add some sanity checks to identity server passed to 3PID bind/unbind endpoints. (#9802)
+* Limit the size of HTTP responses read over federation. (#9833)
+* Fix a bug which could cause Synapse to get stuck in a loop of resyncing device lists. (#9867)
+* Fix a long-standing bug where errors from federation did not propagate to the client. (#9868)
+
+[1.23.1]
+* Update Synapse to 1.33.1
+* Fix bug where /sync would break if using the latest version of attrs dependency, by pinning to a previous version. (#9937)
+
+[1.23.2]
+* Update Synapse to 1.33.2
+* This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation.
+
+[1.24.0]
+* Update Synapse to 1.34.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.34.0)
+* Add support for DELETE /_synapse/admin/v1/rooms/<room_id>. (#9889)
+* Improve performance after joining a large room when presence is enabled. (#9910, #9916)
+* Support stable identifiers for MSC1772 Spaces. m.space.child events will now be taken into account when populating the experimental spaces summary response. Please see the upgrade notes if you have customised room_invite_state_types in your configuration. (#9915, #9966)
+* Improve performance of backfilling in large rooms. (#9935)
+
+[1.25.0]
+* Update Synapse to 1.35.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.35.0)
+* Add experimental support to allow a user who could join a restricted room to view it in the spaces summary. (#9922, #10007, #10038)
+* Reduce memory usage when joining very large rooms over federation. (#9958)
+* Add a configuration option which allows enabling opentracing by user id. (#9978)
+* Enable experimental support for MSC2946 (spaces summary API) and MSC3083 (restricted join rules) by default. (#10011)
+
+[1.25.1]
+* Update Synapse to 1.35.1
+* Fix a bug introduced in v1.35.0 where invite-only rooms would be shown to all users in a space, regardless of if the user had access to it. (#10109)
+
+[1.26.0]
+* Update Synapse to 1.36.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.36.0)
+
+[1.27.0]
+* Update Synapse to 1.38.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.38.0)
+* Implement refresh tokens as specified by MSC2918. (#9450)
+* Add support for evicting cache entries based on last access time. (#10205)
+* Omit empty fields from the /sync response. Contributed by @deepbluev7. (#10214)
+* Improve validation on federation send_{join,leave,knock} endpoints. (#10225, #10243)
+* Mark events received over federation which fail a spam check as "soft-failed". (#10263)
+* Add metrics for new inbound federation staging area. (#10284)
+* Add script to print information about recently registered users. (#10290)
+
+[1.27.1]
+* Update Synapse to 1.38.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.38.1)
+
+[1.28.0]
+* Update Synapse to 1.39.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.39.0)
+
+[1.29.0]
+* Update Synapse to 1.40.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.40.0)
+
+[1.30.0]
+* Update Synapse to 1.41.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.41.0)
+
+[1.30.1]
+* Send logs to the console
+* Fix postinstall message about federation
+
+[1.30.2]
+* Update Synapse to 1.41.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.41.1)
+* GHSA-3x4c-pq33-4w3q / CVE-2021-39164: Enumerating a private room's list of members and their display names.
+* GHSA-jj53-8fmw-f2w2 / CVE-2021-39163: Disclosing a private room's name, avatar, topic, and number of members.
+
+[1.31.0]
+* Update Synapse to 1.42.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.42.0)
+* Support room version 9 from MSC3375. (#10747)
+* Add support for MSC3231: Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. (#10142)
+* Add support for MSC3283: Expose enable_set_displayname in capabilities. (#10452)
+* Port the PresenceRouter module interface to the new generic interface. (#10524)
+* Add pagination to the spaces summary based on updates to MSC2946. (#10613, #10725)
+
+[1.32.0]
+* Update Synapse to 1.43.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.43.0)
+
+[1.33.0]
+* Update Synapse to 1.44.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.44.0)
+* Only allow the MSC2716 /batch_send?chunk_id=xxx endpoint to connect to an already existing insertion event. (#10776)
+* Improve oEmbed URL previews by processing the author name, photo, and video information. (#10814, #10819)
+* Speed up responding with large JSON objects to requests. (#10868, #10905)
+* Add a user_may_create_room_with_invites spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. (#10898)
+
+[1.34.0]
+* Update Synapse to 1.45.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.45.0)
+* Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down /sync due to a race. (#11045)
+* Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a user not in the users table. (#11053)
+* Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. (#11061)
+
+[1.34.1]
+* Update Synapse to 1.45.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.45.1)
+* Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. (#11127)
+
+[1.35.0]
+* Update Synapse to 1.46.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.46.0)
+* Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. (#11196)
+
+[1.36.0]
+* Update Synapse to 1.47.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.47.0)
+* Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. (#11346)
+* Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from device_inbox column' background process from running when updating from a recent Synapse version. (#11303, #11353)
+
+[1.36.1]
+* Update Synapse to 1.47.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.47.1)
+* GHSA-3hfw-x7gx-437c / CVE-2021-41281: Path traversal when downloading remote media.
+
+[1.37.0]
+* Update Synapse to 1.48.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.48.0)
+
+[1.38.0]
+* Update Synapse to 1.49.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.49.0)
+
+[1.38.1]
+* Update Synapse to 1.49.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.49.2)
+

CloudronManifest.json

@@ -5,7 +5,7 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG",
   "tagline": "Secure & decentralized communication",
-  "version": "1.7.0",
+  "version": "1.38.1",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,
@@ -21,17 +21,17 @@
   "contactEmail": "support@cloudron.io",
   "icon": "file://logo.png",
   "tags": [
-    "im", "collaboration", "voip", "videochat", "chat", "slack"
+    "im", "collaboration", "voip", "videochat", "chat", "slack", "zulip", "federated"
   ],
   "mediaLinks": [
-    "https://cloudron-app-screenshots.s3.amazonaws.com/org.matrix.synapse/606cd9d4ccc3bee11a49f91444a2dad8947cbc7c/1.png",
-    "https://cloudron-app-screenshots.s3.amazonaws.com/org.matrix.synapse/606cd9d4ccc3bee11a49f91444a2dad8947cbc7c/2.png",
-    "https://cloudron-app-screenshots.s3.amazonaws.com/org.matrix.synapse/606cd9d4ccc3bee11a49f91444a2dad8947cbc7c/3.png"
+    "https://screenshots.cloudron.io/org.matrix.synapse/1.png",
+    "https://screenshots.cloudron.io/org.matrix.synapse/2.png",
+    "https://screenshots.cloudron.io/org.matrix.synapse/3.png"
   ],
   "changelog": "file://CHANGELOG",
   "postInstallMessage": "file://POSTINSTALL.md",
   "minBoxVersion": "5.3.0",
   "forumUrl": "https://forum.cloudron.io/category/50/matrix-synapse-riot",
-  "documentationUrl": "https://cloudron.io/documentation/apps/synapse/",
+  "documentationUrl": "https://docs.cloudron.io/apps/synapse/",
   "optionalSso": true
 }

DESCRIPTION.md

@@ -1,4 +1,4 @@
-This app packages Synapse <upstream>1.17.0</upstream>.
+This app packages Synapse <upstream>1.49.2</upstream>.
 
 **This package only provides the Matrix backend. A variety of clients are available
 [here](https://matrix.org/clients/). Riot is a popular web frontend for Matrix and

Dockerfile

@@ -1,27 +1,26 @@
-FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7f8833edf0eb5a4f4
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
  
 RUN mkdir -p /app/pkg
 
 WORKDIR /app/code
 
-ARG VERSION=v1.17.0
-
 # https://pythonspeed.com/articles/activate-virtualenv-dockerfile/
 RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
+ARG VERSION=v1.49.2
+
 # Synapse (https://github.com/matrix-org/synapse/blob/master/INSTALL.md)
 # lxml - required for previews
 RUN pip install --upgrade pip && \
     pip install --upgrade setuptools && \
     pip install matrix-synapse==${VERSION} psycopg2-binary python-ldap matrix-synapse-ldap3 lxml publicsuffix2
 
-RUN curl -sL https://github.com/mikefarah/yq/releases/download/3.2.1/yq_linux_amd64 -o /usr/bin/yq && \
-    chmod +x /usr/bin/yq
+RUN ln -sf /app/data/index.html /app/code/env/lib/python3.8/site-packages/synapse/static/index.html
 
 RUN chown -R cloudron.cloudron /app/code
 
-ADD homeserver.yaml.template start.sh /app/pkg/
+ADD index.html homeserver.yaml.template start.sh /app/pkg/
 
 CMD [ "/app/pkg/start.sh" ]

POSTINSTALL.md

@@ -1,8 +1,7 @@
 Account ids are created with the username and the second level domain under which the
-app is installed e.g. `@username@domain.com`.
+app is installed e.g. `@$CLOUDRON-USERNAME@$CLOUDRON-APP-DOMAIN`.
 
-For federation to work, the second level domain has to be configured to serve up the
-`.well-known/domain.com/matrix` URI. See the 
-[federation docs](https://cloudron.io/documentation/apps/synapse/) on
+For federation to work, the second level domain (`$CLOUDRON-APP-DOMAIN`) has to be configured to serve up the
+`.well-known/matrix/server` URI. See the [federation docs](https://cloudron.io/documentation/apps/synapse/) on
 how to do this.
 

index.html

@@ -0,0 +1,68 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+   <title>Synapse is running</title>
+   <style>
+       body {
+         font-family: -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",sans-serif;
+         max-width: 40em;
+         margin: auto;
+         text-align: center;
+       }
+       h1, p {
+         margin: 1.5em;
+       }
+       hr {
+        border: none;
+        background-color: #ccc;
+        color: #ccc;
+        height: 1px;
+        width: 7em;
+        margin-top: 4em;
+      }
+       .logo {
+         display: block;
+         width: 12em;
+         margin: 4em auto;
+       }
+   </style>
+  </head>
+  <body>
+    <div class="logo">
+       <svg role="img" aria-label="[Matrix logo]" viewBox="0 0 200 85" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+          <g id="parent" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
+              <g id="child" transform="translate(-122.000000, -6.000000)" fill="#000000" fill-rule="nonzero">
+                  <g id="matrix-logo" transform="translate(122.000000, 6.000000)">
+                      <polygon id="left-bracket" points="2.24708861 1.93811009 2.24708861 82.7268844 8.10278481 82.7268844 8.10278481 84.6652459 0 84.6652459 0 0 8.10278481 0 8.10278481 1.93811009"></polygon>
+                      <path d="M24.8073418,27.5493174 L24.8073418,31.6376991 L24.924557,31.6376991 C26.0227848,30.0814294 27.3455696,28.8730642 28.8951899,28.0163743 C30.4437975,27.1611927 32.2189873,26.7318422 34.218481,26.7318422 C36.1394937,26.7318422 37.8946835,27.102622 39.4825316,27.8416679 C41.0708861,28.5819706 42.276962,29.8856073 43.1005063,31.7548404 C44.0017722,30.431345 45.2270886,29.2629486 46.7767089,28.2506569 C48.3253165,27.2388679 50.158481,26.7318422 52.2764557,26.7318422 C53.8843038,26.7318422 55.3736709,26.9269101 56.7473418,27.3162917 C58.1189873,27.7056734 59.295443,28.3285835 60.2759494,29.185022 C61.255443,30.0422147 62.02,31.1615927 62.5701266,32.5426532 C63.1187342,33.9262275 63.3936709,35.5898349 63.3936709,37.5372459 L63.3936709,57.7443688 L55.0410127,57.7441174 L55.0410127,40.6319376 C55.0410127,39.6201486 55.0020253,38.6661761 54.9232911,37.7700202 C54.8440506,36.8751211 54.6293671,36.0968606 54.2764557,35.4339817 C53.9232911,34.772611 53.403038,34.2464807 52.7177215,33.8568477 C52.0313924,33.4689743 51.0997468,33.2731523 49.9235443,33.2731523 C48.7473418,33.2731523 47.7962025,33.4983853 47.0706329,33.944578 C46.344557,34.393033 45.7764557,34.9774826 45.3650633,35.6969211 C44.9534177,36.4181193 44.6787342,37.2353431 44.5417722,38.150855 C44.4037975,39.0653615 44.3356962,39.9904257 44.3356962,40.9247908 L44.3356962,57.7443688 L35.9835443,57.7443688 L35.9835443,40.8079009 C35.9835443,39.9124991 35.963038,39.0263982 35.9253165,38.150855 C35.8853165,37.2743064 35.7192405,36.4666349 35.424557,35.7263321 C35.1303797,34.9872862 34.64,34.393033 33.9539241,33.944578 C33.2675949,33.4983853 32.2579747,33.2731523 30.9248101,33.2731523 C30.5321519,33.2731523 30.0126582,33.3608826 29.3663291,33.5365945 C28.7192405,33.7118037 28.0913924,34.0433688 27.4840506,34.5292789 C26.875443,35.0164459 26.3564557,35.7172826 25.9250633,36.6315376 C25.4934177,37.5470495 25.2779747,38.7436 25.2779747,40.2229486 L25.2779747,57.7441174 L16.9260759,57.7443688 L16.9260759,27.5493174 L24.8073418,27.5493174 Z" id="m"></path>
+                      <path d="M68.7455696,31.9886202 C69.6075949,30.7033339 70.7060759,29.672189 72.0397468,28.8926716 C73.3724051,28.1141596 74.8716456,27.5596239 76.5387342,27.2283101 C78.2050633,26.8977505 79.8817722,26.7315908 81.5678481,26.7315908 C83.0974684,26.7315908 84.6458228,26.8391798 86.2144304,27.0525982 C87.7827848,27.2675248 89.2144304,27.6865688 90.5086076,28.3087248 C91.8025316,28.9313835 92.8610127,29.7983798 93.6848101,30.9074514 C94.5083544,32.0170257 94.92,33.4870734 94.92,35.3173431 L94.92,51.026844 C94.92,52.3913138 94.998481,53.6941963 95.1556962,54.9400165 C95.3113924,56.1865908 95.5863291,57.120956 95.9787342,57.7436147 L87.5091139,57.7436147 C87.3518987,57.276055 87.2240506,56.7996972 87.1265823,56.3125303 C87.0278481,55.8266202 86.9592405,55.3301523 86.9207595,54.8236294 C85.5873418,56.1865908 84.0182278,57.1405633 82.2156962,57.6857982 C80.4113924,58.2295248 78.5683544,58.503022 76.6860759,58.503022 C75.2346835,58.503022 73.8817722,58.3275615 72.6270886,57.9776459 C71.3718987,57.6269761 70.2744304,57.082244 69.3334177,56.3411872 C68.3921519,55.602644 67.656962,54.6680275 67.1275949,53.5390972 C66.5982278,52.410167 66.3331646,51.065556 66.3331646,49.5087835 C66.3331646,47.7961578 66.6367089,46.384178 67.2455696,45.2756092 C67.8529114,44.1652807 68.6367089,43.2799339 69.5987342,42.6173064 C70.5589873,41.9556844 71.6567089,41.4592165 72.8924051,41.1284055 C74.1273418,40.7978459 75.3721519,40.5356606 76.6270886,40.3398385 C77.8820253,40.1457761 79.116962,39.9896716 80.3329114,39.873033 C81.5483544,39.7558917 82.6270886,39.5804312 83.5681013,39.3469028 C84.5093671,39.1133743 85.2536709,38.7732624 85.8032911,38.3250587 C86.3513924,37.8773578 86.6063291,37.2252881 86.5678481,36.3680954 C86.5678481,35.4731963 86.4210127,34.7620532 86.1268354,34.2366771 C85.8329114,33.7113009 85.4405063,33.3018092 84.9506329,33.0099615 C84.4602532,32.7181138 83.8916456,32.5232972 83.2450633,32.4255119 C82.5977215,32.3294862 81.9010127,32.2797138 81.156962,32.2797138 C79.5098734,32.2797138 78.2159494,32.6303835 77.2746835,33.3312202 C76.3339241,34.0320569 75.7837975,35.2007046 75.6275949,36.8354037 L67.275443,36.8354037 C67.3924051,34.8892495 67.8817722,33.2726495 68.7455696,31.9886202 Z M85.2440506,43.6984752 C84.7149367,43.873433 84.1460759,44.0189798 83.5387342,44.1361211 C82.9306329,44.253011 82.2936709,44.350545 81.6270886,44.4279688 C80.96,44.5066495 80.2934177,44.6034294 79.6273418,44.7203193 C78.9994937,44.8362037 78.3820253,44.9933138 77.7749367,45.1871248 C77.1663291,45.3829468 76.636962,45.6451321 76.1865823,45.9759431 C75.7349367,46.3070055 75.3724051,46.7263009 75.0979747,47.2313156 C74.8232911,47.7375872 74.6863291,48.380356 74.6863291,49.1588679 C74.6863291,49.8979138 74.8232911,50.5218294 75.0979747,51.026844 C75.3724051,51.5338697 75.7455696,51.9328037 76.2159494,52.2246514 C76.6863291,52.5164991 77.2349367,52.7213706 77.8632911,52.8375064 C78.4898734,52.9546477 79.136962,53.012967 79.8037975,53.012967 C81.4506329,53.012967 82.724557,52.740978 83.6273418,52.1952404 C84.5288608,51.6507596 85.1949367,50.9981872 85.6270886,50.2382771 C86.0579747,49.4793725 86.323038,48.7119211 86.4212658,47.9321523 C86.518481,47.1536404 86.5681013,46.5304789 86.5681013,46.063422 L86.5681013,42.9677248 C86.2146835,43.2799339 85.7736709,43.5230147 85.2440506,43.6984752 Z" id="a"></path>
+                      <path d="M116.917975,27.5493174 L116.917975,33.0976917 L110.801266,33.0976917 L110.801266,48.0492936 C110.801266,49.4502128 111.036203,50.3850807 111.507089,50.8518862 C111.976962,51.3191945 112.918734,51.5527229 114.33038,51.5527229 C114.801013,51.5527229 115.251392,51.5336183 115.683038,51.4944037 C116.114177,51.4561945 116.526076,51.3968697 116.917975,51.3194459 L116.917975,57.7438661 C116.212152,57.860756 115.427595,57.9381798 114.565316,57.9778972 C113.702785,58.0153523 112.859747,58.0357138 112.036203,58.0357138 C110.742278,58.0357138 109.516456,57.9477321 108.36,57.7722716 C107.202785,57.5975651 106.183544,57.2577046 105.301519,56.7509303 C104.418987,56.2454128 103.722785,55.5242147 103.213418,54.5898495 C102.703038,53.6562385 102.448608,52.4292716 102.448608,50.9099541 L102.448608,33.0976917 L97.3903797,33.0976917 L97.3903797,27.5493174 L102.448608,27.5493174 L102.448608,18.4967596 L110.801013,18.4967596 L110.801013,27.5493174 L116.917975,27.5493174 Z" id="t"></path>
+                      <path d="M128.857975,27.5493174 L128.857975,33.1565138 L128.975696,33.1565138 C129.367089,32.2213945 129.896203,31.3559064 130.563544,30.557033 C131.23038,29.7596679 131.99443,29.0776844 132.857215,28.5130936 C133.719241,27.9495083 134.641266,27.5113596 135.622532,27.1988991 C136.601772,26.8879468 137.622025,26.7315908 138.681013,26.7315908 C139.229873,26.7315908 139.836962,26.8296275 140.504304,27.0239413 L140.504304,34.7336477 C140.111646,34.6552183 139.641013,34.586844 139.092658,34.5290275 C138.543291,34.4704569 138.014177,34.4410459 137.504304,34.4410459 C135.974937,34.4410459 134.681013,34.6949358 133.622785,35.2004532 C132.564051,35.7067248 131.711392,36.397255 131.064051,37.2735523 C130.417215,38.1501009 129.955443,39.1714422 129.681266,40.3398385 C129.407089,41.5074807 129.269873,42.7736624 129.269873,44.1361211 L129.269873,57.7438661 L120.917722,57.7438661 L120.917722,27.5493174 L128.857975,27.5493174 Z" id="r"></path>
+                      <path d="M144.033165,22.8767376 L144.033165,16.0435798 L152.386076,16.0435798 L152.386076,22.8767376 L144.033165,22.8767376 Z M152.386076,27.5493174 L152.386076,57.7438661 L144.033165,57.7438661 L144.033165,27.5493174 L152.386076,27.5493174 Z" id="i"></path>
+                      <polygon id="x" points="156.738228 27.5493174 166.266582 27.5493174 171.619494 35.4337303 176.913418 27.5493174 186.147848 27.5493174 176.148861 41.6831927 187.383544 57.7441174 177.85443 57.7441174 171.501772 48.2245028 165.148861 57.7441174 155.797468 57.7441174 166.737468 41.8589046"></polygon>
+                      <polygon id="right-bracket" points="197.580759 82.7268844 197.580759 1.93811009 191.725063 1.93811009 191.725063 0 199.828354 0 199.828354 84.6652459 191.725063 84.6652459 191.725063 82.7268844"></polygon>
+                  </g>
+              </g>
+          </g>
+      </svg>
+    </div>
+    <h1>Synapse is running</h1>
+    <p>Your Synapse server is ready for messages.</p>
+    <p>To use this server you'll need <a href="https://matrix.org/docs/projects/try-matrix-now.html#clients" target="_blank" rel="noopener noreferrer">a Matrix client</a>.
+    </p>
+    <p>Welcome to the Matrix universe :)</p>
+    <hr>
+    <p>
+      <small>
+        <a href="https://matrix.org" target="_blank" rel="noopener noreferrer">
+          matrix.org
+        </a>
+        &nbsp; - &nbsp;
+        <a href="https://cloudron.io" target="_blank" rel="noopener noreferrer">
+          cloudron.io
+        </a>
+      </small>
+    </p>
+  </body>
+</html>
+

start.sh

@@ -21,60 +21,74 @@ if [[ ! -f /app/data/configs/homeserver.yaml ]]; then
     # fix logging configuration
     cp /app/pkg/homeserver.yaml.template /app/data/configs/homeserver.yaml
     mv /app/data/configs/${server_name}.log.config /app/data/configs/log.config
-    yq w -i /app/data/configs/homeserver.yaml log_config /app/data/configs/log.config
-    yq w -i /app/data/configs/log.config handlers.file.filename /run/synapse/homeserver.log
+    yq eval -i ".log_config=\"/app/data/configs/log.config\"" /app/data/configs/homeserver.yaml
+
+    # delete default file and buffer handlers
+    yq eval -i "del(.handlers.file)" /app/data/configs/log.config
+    yq eval -i "del(.handlers.buffer)" /app/data/configs/log.config
 
     mv /app/data/configs/${server_name}.signing.key /app/data/configs/signing.key
 
-    yq w -i /app/data/configs/homeserver.yaml server_name "${server_name}"
-    yq w -i /app/data/configs/homeserver.yaml registration_shared_secret "$(pwgen -1s 64)"
+    yq eval -i ".server_name=\"${server_name}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".registration_shared_secret=\"$(pwgen -1s 64)\"" /app/data/configs/homeserver.yaml
 
-    yq w -i /app/data/configs/homeserver.yaml auto_join_rooms "[]"
-    yq w -i /app/data/configs/homeserver.yaml auto_join_rooms\[0\] "#discuss:${server_name}"
+    yq eval -i ".auto_join_rooms=[]" /app/data/configs/homeserver.yaml
+    yq eval -i ".auto_join_rooms[0]=\"#discuss:${server_name}\"" /app/data/configs/homeserver.yaml
 
     if [[ -z "${CLOUDRON_LDAP_SERVER:-}" ]]; then
-        yq w -i /app/data/configs/homeserver.yaml enable_registration true
-        yq w -i /app/data/configs/homeserver.yaml password_config.pepper "$(pwgen -1s 12)"
+        yq eval -i ".enable_registration=true" /app/data/configs/homeserver.yaml
+        yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml
+        # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
+        yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
     fi
 fi
 
+echo "==> Ensure we log to console"
+yq eval -i ".root.handlers=[\"console\"]" /app/data/configs/log.config
+yq eval -i ".loggers.twisted.handlers=[\"console\"]" /app/data/configs/log.config
+
+[[ ! -f /app/data/index.html ]] && cp /app/pkg/index.html /app/data/index.html
+
 echo "==> Configuring synapse"
-yq w -i /app/data/configs/homeserver.yaml public_baseurl "${CLOUDRON_APP_ORIGIN}"
+yq eval -i ".public_baseurl=\"${CLOUDRON_APP_ORIGIN}\"" /app/data/configs/homeserver.yaml
 
 # database
-yq w -i /app/data/configs/homeserver.yaml database.args.user "${CLOUDRON_POSTGRESQL_USERNAME}"
-yq w -i /app/data/configs/homeserver.yaml database.args.password "${CLOUDRON_POSTGRESQL_PASSWORD}"
-yq w -i /app/data/configs/homeserver.yaml database.args.database "${CLOUDRON_POSTGRESQL_DATABASE}"
-yq w -i /app/data/configs/homeserver.yaml database.args.host "${CLOUDRON_POSTGRESQL_HOST}"
+yq eval -i ".database.args.user=\"${CLOUDRON_POSTGRESQL_USERNAME}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.password=\"${CLOUDRON_POSTGRESQL_PASSWORD}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.database=\"${CLOUDRON_POSTGRESQL_DATABASE}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.host=\"${CLOUDRON_POSTGRESQL_HOST}\"" /app/data/configs/homeserver.yaml
 
 # email
-yq w -i /app/data/configs/homeserver.yaml email.smtp_host "${CLOUDRON_MAIL_SMTP_SERVER}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_port "${CLOUDRON_MAIL_SMTP_PORT}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_user "${CLOUDRON_MAIL_SMTP_USERNAME}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_pass "${CLOUDRON_MAIL_SMTP_PASSWORD}"
-yq w -i /app/data/configs/homeserver.yaml email.notif_from "%(app)s <${CLOUDRON_MAIL_FROM}>"
+yq eval -i ".email.smtp_host=\"${CLOUDRON_MAIL_SMTP_SERVER}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_port=${CLOUDRON_MAIL_SMTP_PORT}" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_user=\"${CLOUDRON_MAIL_SMTP_USERNAME}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_pass=\"${CLOUDRON_MAIL_SMTP_PASSWORD}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.notif_from=\"%(app)s <${CLOUDRON_MAIL_FROM}>\"" /app/data/configs/homeserver.yaml
 
 # ldap
 if [[ -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.uri' "${CLOUDRON_LDAP_URL}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.start_tls' false
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.base' "${CLOUDRON_LDAP_USERS_BASE_DN}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.bind_dn' "${CLOUDRON_LDAP_BIND_DN}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.bind_password' "${CLOUDRON_LDAP_BIND_PASSWORD}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.filter' "(objectClass=user)"
+    yq eval -i ".password_providers[0].config.uri=\"${CLOUDRON_LDAP_URL}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.start_tls=false" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.base=\"${CLOUDRON_LDAP_USERS_BASE_DN}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.bind_dn=\"${CLOUDRON_LDAP_BIND_DN}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.bind_password=\"${CLOUDRON_LDAP_BIND_PASSWORD}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.filter=\"(objectClass=user)\"" /app/data/configs/homeserver.yaml
+
 else
-    yq w -i /app/data/configs/homeserver.yaml password_config.localdb_enabled true
+    yq eval -i ".password_config.localdb_enabled=true" /app/data/configs/homeserver.yaml
+    # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
+    yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
 fi
 
 # turn (https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md#synapse-setup)
-yq w -i /app/data/configs/homeserver.yaml turn_uris "[]"
-yq w -i /app/data/configs/homeserver.yaml turn_uris\[0\] "turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp"
-yq w -i /app/data/configs/homeserver.yaml turn_uris\[1\] "turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp"
-yq w -i /app/data/configs/homeserver.yaml turn_shared_secret "${CLOUDRON_TURN_SECRET}"
+yq eval -i ".turn_uris=[]" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_uris[0]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp\"" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_uris[1]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp\"" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_shared_secret=\"${CLOUDRON_TURN_SECRET}\"" /app/data/configs/homeserver.yaml
 
 # fix permissions
 echo "==> Fixing permissions"
 chown -R cloudron.cloudron /app/data /run/synapse
 
 echo "==> Starting synapse"
-gosu cloudron:cloudron python3 -m synapse.app.homeserver --config-path /app/data/configs/homeserver.yaml
+gosu cloudron:cloudron python3 -m synapse.app.homeserver --config-path /app/data/configs/homeserver.yaml -n

test/package.json

@@ -9,14 +9,11 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^83.0.1",
-    "ejs": "^3.1.3",
+    "chromedriver": "^96.0.0",
     "expect.js": "^0.3.1",
-    "mkdirp": "^1.0.4",
-    "mocha": "^8.0.1",
-    "rimraf": "^3.0.2",
+    "mocha": "^9.1.3",
     "selenium-server-standalone-jar": "^3.141.59",
-    "selenium-webdriver": "^3.6.0",
-    "superagent": "^5.3.1"
+    "selenium-webdriver": "^4.1.0",
+    "superagent": "^6.1.0"
   }
 }

test/test.js

@@ -1,11 +1,11 @@
 #!/usr/bin/env node
 
-/* jslint node:true */
-/* global it:false */
-/* global xit:false */
-/* global describe:false */
-/* global before:false */
-/* global after:false */
+/* jshint esversion: 8 */
+/* global describe */
+/* global before */
+/* global after */
+/* global it */
+/* global xit */
 
 'use strict';
 
@@ -15,47 +15,42 @@ var execSync = require('child_process').execSync,
     expect = require('expect.js'),
     path = require('path'),
     superagent = require('superagent'),
-    webdriver = require('selenium-webdriver');
-
-var by = require('selenium-webdriver').By,
-    until = require('selenium-webdriver').until,
-    Key = require('selenium-webdriver').Key;
+    { Builder, By, Key, until } = require('selenium-webdriver'),
+    { Options } = require('selenium-webdriver/chrome');
 
 describe('Application life cycle test', function () {
     this.timeout(0);
-    var server, browser = new webdriver.Builder().forBrowser('chrome').build();
 
-    var LOCATION = 'test';
-    var app;
-    var username = process.env.USERNAME;
-    var password = process.env.PASSWORD;
-    var TIMEOUT = process.env.TIMEOUT | 30000;
+    const LOCATION = 'test';
+    const TEST_TIMEOUT = 10000;
+    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
+
+    const username = process.env.USERNAME;
+    const password = process.env.PASSWORD;
+
+    var app, browser;
     var token, roomId;
 
-    before(function (done) {
-        if (!process.env.USERNAME) return done(new Error('USERNAME env var not set'));
-        if (!process.env.PASSWORD) return done(new Error('PASSWORD env var not set'));
+    before(function () {
+        if (!process.env.USERNAME) throw new Error('USERNAME env var not set');
+        if (!process.env.PASSWORD) throw new Error('PASSWORD env var not set');
 
-        var seleniumJar= require('selenium-server-standalone-jar');
-        var SeleniumServer = require('selenium-webdriver/remote').SeleniumServer;
-        server = new SeleniumServer(seleniumJar.path, { port: 4444 });
-        server.start();
-
-        done();
+        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
     });
 
-    after(function (done) {
+    after(function () {
         browser.quit();
-        server.stop();
-        done();
     });
 
-    function checkLandingPage(done) {
-        browser.get('https://' + app.fqdn).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//h1[contains(text(),"Synapse is running")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    function getAppInfo() {
+        var inspect = JSON.parse(execSync('cloudron inspect'));
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
+        expect(app).to.be.an('object');
+    }
+
+    async function checkLandingPage() {
+        await browser.get(`https://${app.fqdn}`);
+        await browser.wait(until.elementLocated(By.xpath('//h1[contains(text(),"Synapse is running")]')), TEST_TIMEOUT);
     }
 
     // https://matrix.org/docs/spec/client_server/latest#user-interactive-api-in-the-rest-api
@@ -82,7 +77,7 @@ describe('Application life cycle test', function () {
                 if (error) return done(error);
                 if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
 
-                console.log('registered user with id', result.user_id);
+                console.log('registered user with id', result.body.user_id);
 
                 done();
             });
@@ -141,22 +136,12 @@ describe('Application life cycle test', function () {
         });
     }
 
-    xit('build app', function () {
-        execSync('cloudron build', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
 
     // No SSO
-    it('install app (no sso)', function () {
-        execSync('cloudron install --no-sso --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('install app (no sso)', function () { execSync('cloudron install --no-sso --location ' + LOCATION, EXEC_ARGS); });
 
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can register new user', registerUser);
@@ -165,22 +150,12 @@ describe('Application life cycle test', function () {
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // SSO
-    it('install app', function () {
-        execSync('cloudron install --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
 
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can login', checkLogin);
@@ -188,23 +163,22 @@ describe('Application life cycle test', function () {
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('can restart app', function (done) {
-        execSync('cloudron restart');
-        done();
-    });
+    it('can restart app', function () { execSync('cloudron restart'); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
-    it('backup app', function () {
-        execSync('cloudron backup create --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
     it('restore app', function () {
-        execSync('cloudron restore --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        const backups = JSON.parse(execSync('cloudron backup list --raw'));
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+        execSync('cloudron install --location ' + LOCATION, EXEC_ARGS);
+        getAppInfo();
+        execSync(`cloudron restore --backup ${backups[0].id} --app ${app.id}`, EXEC_ARGS);
     });
 
     it('check landing page', checkLandingPage);
@@ -212,40 +186,29 @@ describe('Application life cycle test', function () {
 
     it('move to different location', function () {
         browser.manage().deleteAllCookies();
-        execSync('cloudron configure --location ' + LOCATION + '2', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-        expect(app).to.be.an('object');
+        execSync('cloudron configure --location ' + LOCATION + '2', EXEC_ARGS);
+        getAppInfo();
     });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // test update
-    it('can install app', function () {
-        execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        expect(app).to.be.an('object');
-    });
+    it('can install app', function () { execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can login', checkLogin);
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('can update', function () {
-        execSync('cloudron update --app ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('can update', function () { execSync('cloudron update --app ' + LOCATION, EXEC_ARGS); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-});
 
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
+});