Idea is to enable easily retrieving of secret values from files outside
of the config, e.g. via the method used by systemd credentials.
CREDENTIALS_DIRECTORY is expected to be set by the process manager
invoking Prosody, so being unset and unavailable from prosodyctl is
going to be normal and a warning is reported in that case. Care will
have to be taken to make it clear that prosodyctl check will not work
with such values. An error is thrown if the directory is unavailable
when running under Prosody.
Inspired by something MattJ said
Allows retrieving config values from files which are expected to be
relative to the config directory, extending on the ENV_ method of
retrieving config values from outside the config file.
- FileLine retrieves the first line, stripping any trailing newline
- FileContents reads the whole file
- FileLines reads lines into an array
This bestows the role specified by the 'host_user_role' setting onto
users of that host. For simplicity, only a single host can be specified.
Making it configurable allows for setups where VirtualHost and related
Components may be siblings instead of having a subdomain relationship.
For setups with many VirtualHosts sharing a single Component, the
'server_user_role' setting is more appropriate. Even more complicated
setups would have to resort to mod_firewall or similar.
The Lua hook based signal handling does not work correctly if signal
handling is setup in a coroutine. signalfd solves that in a nice way,
but is Linux-only.
Many thanks to Thilo Molitor and Kim Alvefur for their work on this module
while it was in the community repository. It has been stable for some time, is
widely used, and provides a feature that is important to most deployments.
This allows Prosody to easily provide friendly invitation links, even without
setting up mod_invites_page (which is a community module). Admins can
configure it to use a third-party deployment such as https://xmpp.link or they
can deploy their own based on
https://github.com/modernxmpp/easy-xmpp-invitation
Alternatively they can just install mod_invites_page and this will all be
handled automatically by that.
All commands are called with a '-h' argument, but this one doesn't have
that. Since it's meant to be machine readable, hiding it seems
marginally more sensible than implementing '-h'.
The word 'error' anywhere, especially in harmless debug messages, are
too often interpreted as fatal errors my some users, so best avoid that
word. These look too scary as it is, being tracebacks.
This improves consistency. Previously the 'source' field was only
provided in the original event when an item was added. It is used to
report the name of the module providing the item in a few places.
Also considered adding a new API to modulemanager returning a mapping
of items per module and then using that here.
The field `_provided_by` comes from module:provides(), but these items
comes from moduel:add_item(), which include the originating module as a
'source' field of the event. However, this is absent when items are
retrieved at a later time than the initial event.
This allows user creation to happen inside the running Prosody process, which
improves a number of things - such as executing event handlers for user
creation, fixing issues and race conditions with some storage drivers, etc.
The intent is to do the same for the other prosodyctl commands, but this is
the first proof of concept for the approach.
This allows us to continue sending/receiving on the session, for example if
the promise will be resolved by other data that the client is going to send.
Specifically, this allows the repl-request-input to work without a deadlock.
It does open the door to interleaved commands/results, which may not be a good
thing overall, but can be restricted separately if necessary (e.g. a flag on
the session).
This fixes an issue where e.g. remote users or even other users on the server
were unable to list MUC rooms.
We want to define a permission to list MUC rooms, but we want it to be
available to everyone by default (the traditional behaviour).
prosody:guest is the lowest role we have. I ran a quick check and it isn't
really used for anything right now that would be concerning.
It was originally designed for anonymous logins. I think it's safe to treat
remote JIDs as equivalent, since we have no trust relationship with anonymous
users either.
