Commit Graph

3100 Commits

Author SHA1 Message Date
xpufx e1283f6dc3 docs: Add instructions for configuring the Authentik SAML IdP. 2023-10-02 09:19:25 -07:00
Arnold Mwesigye 54d2215f1b
docs: Improve punctuation on remote.md. 2023-10-01 18:31:34 -07:00
Mateusz Mandera 19a253c47b ldap: Improve doc on AUTH_LDAP_ADVANCED_REALM_ACCESS_CONTROL.
This fixes the explanation of the setting's syntax to be more precise
(which doesn't mean "easily understandable" - because the setting is
a bit tricky) as well as an example to illustrate it.
2023-09-28 17:26:57 -07:00
Karl Stolley b70dc23a47 view_labels: Change 'Direct messages' to 'All direct messages'. 2023-09-27 12:48:06 -07:00
David Rosa e60a4c4d01 help: Document `unarchive_stream` management command.
- Adds "Unarchiving archived streams" section to "Archive a stream".
- Adds `./manage.py unarchive_stream` to contributor docs.
2023-09-19 15:04:07 -07:00
Tim Abbott a4e0abb216 version: Update version and changelog after 7.4 release. 2023-09-15 18:04:42 -07:00
Karl Stolley c49ab123b2 icons: Remove unused move and source icons.
These were early candidates in the hover-controls work, but were
superseded by their "alt" counterparts.
2023-09-15 13:17:22 -07:00
Karl Stolley 3fe6cc18ff icons: Remove last vestiges of ellipsis-v-solid.
The deleted CSS around the `.zulip-icon-ellipsis-v-solid` class
has no impact on the hover controls, as flexbox and grid are
handling baseline alignment, not this one-off line-height.
2023-09-15 13:17:22 -07:00
Anders Kaseorg 2665a3ce2b python: Elide unnecessary list wrappers.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-13 12:41:23 -07:00
Karl Stolley f4fdc5c97c thirdparty: Add Feather Icon credits.
All of these files were introduced in #26283.
2023-09-12 13:08:18 -07:00
Karl Stolley b5bd439769 thirdparty: Use hyphen in date ranges.
While an en dash--as replaced here with a hyphen--is sounder
typographically, the other ranges in the file use a hyphen, which
is arguably also more interoperable in a plain-text file such as
this (though other en dashes live on in the file, as part of the
original licensing text).
2023-09-12 13:08:18 -07:00
Karl Stolley d870f2af24 thirdparty: Add period after Twitter, Inc.
This makes all shortened forms of "incorporated" uniform across
the file, and matches how "Twitter, Inc." is presented in the files
in question, e.g., atop `web/third/bootstrap/js/bootstrap.js`.
2023-09-12 13:08:18 -07:00
Karl Stolley 0d3f475a91 thirdparty: Uniformly present copyright years without commas.
While the spec permits forms both with and without a comma,
https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#copyright-field,
this corrects a small number of licensing lines in the file to
match the comma-less form used in the majority of other lines.
2023-09-12 13:08:18 -07:00
Karl Stolley 0c9701b921 thirdparty: Update current year on Kandra copyright. 2023-09-12 13:08:18 -07:00
Karl Stolley 8c0c2c7da6 thirdparty: Add missing comma after Kandra Labs. 2023-09-12 13:08:18 -07:00
Karl Stolley 35730f0291 thirdparty: Alphabetize entries by path. 2023-09-12 13:08:18 -07:00
Anders Kaseorg 9abb850cd9 docs: Use MyST syntax for Sphinx metadata.
https://myst-parser.readthedocs.io/en/latest/faq/index.html#sphinx-specific-page-front-matter

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-12 10:34:03 -07:00
Anders Kaseorg 31b5879242 docs: Remove obsolete mentions of reStructuredText.
Commit b53e676860 (#19600) removed the
last of our reST.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-09 01:56:16 -07:00
Mateusz Mandera b6cce494a8 docs: Add a warning about restarting individual services.
restart-server is almost always the way to go, so we can be clearer
about it.
2023-09-08 16:22:50 -07:00
Anders Kaseorg 48a3588cdb docs: Fix typos caught by ‘typos’.
https://github.com/crate-ci/typos

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-06 18:59:05 -07:00
Alex Vandiver 5ca15a36ba version: Update version and changelog after 7.3 release. 2023-08-25 18:21:10 +00:00
Lauryn Menard 29bb346480 typing: Update main typing notifications protocol documentation.
Updates the main description of the `api/set-typing-status` endpoint
for the new fields in the register response for the typing start,
stop, expired time intervals. Previously these were hardcoded by
the client side code and not the server side code.

Also updates the developer documentation for typing indicators in
the subsystems docs. This refreshes a few parts of that doc that
were already out of date, as well as adds the information about
the new register response fields noted above.
2023-08-23 16:38:59 -07:00
Greg Price bb6fe0385e docs: Consistently say "18 months" on compatibility, no specific version numbers.
Previously I've wanted to have this page spell out the concrete
version number that our clients support, rather than the policy we
use for determining that version number, because that's the sort of
question that I feel like as a user I'd want a straight answer to
and would be annoyed if I couldn't get one.

But as the text stands, it's come to look more like it's the policy
(something that's heavyweight to change) than like the value that
the policy currently happens to work out to.  Also, because this page
is kind of chaotically organized (and fixing that is a bigger yak
than I want to shave right now), it repeats the 18-month rule in
three separate places and the current value (version 4.0) is in
a fourth separate place, so it looks internally inconsistent.

Let's therefore take a different tack: like in those other three
spots on this page, state just the policy instead of the value it
currently works out to; but also add a link to help the reader
pin down for themselves what value that does work out to.

This also means we no longer need to update this page as old releases
age and that value advances.

Also fix a typo, and cut the reference to working degraded on
older releases.  Starting earlier this year we finally started
hard-refusing such connections:
  https://github.com/zulip/zulip-mobile/issues/5102
  https://github.com/zulip/zulip-mobile/pull/5633
(which was because there were some swathes of compatibility code
that we could only cut if we completely broke the handling of
ancient servers, and so we preferred to have the app communicate
that break clearly up front.)
2023-08-22 11:29:19 -07:00
shu.chen 321776ac49
provision: Add provision support for Fedora 38.
Tweaked provision script to run successfully in Fedora 38 and
included a script to build the groonga libs from source because
the packages in Fedora repos are outdated.

There is a major version jump from the last supported version (F34)
which is EOL so references and support for older versions were
removed.

Fixes: #20635
2023-08-22 11:26:29 -07:00
bjorn3 78176d8982 openapi: Move description from SuccessDescription to JsonSuccessBase.
Almost all users of JsonSuccessBase seem to also include
SuccessDescription. /server_settings used a different description from
the rest of the JsonSuccessBase users, but the difference is small
enough that using the generic description of the former
SuccessDescription is fine.
2023-08-21 11:26:19 -07:00
Lauryn Menard 5e29e025c5 email-templates: Add zulip_onboarding_topics email templates.
The "followup_day2" email template name is not clear or descriptive
about the purpose of the email. Creates a duplicate of those email
template files with the template name "zulip_onboarding_topics".

Because any existing scheduled emails that use the "followup_day2"
templates will need to be updated before the current templates can
be removed, we don't do a simple file rename here.
2023-08-18 16:25:48 -07:00
Alex Vandiver ae3458a294 docs: Fix link to "Uprading PostgreSQL" section. 2023-08-14 22:57:59 +00:00
David Rosa d205850d54 docs: Update .html links pointing to "Upgrade Zulip" or "Modify Zulip".
Follow-up to #24089.
2023-08-11 16:49:32 -07:00
Lauryn Menard 3d997c4af2 docs: Add multiple-organizations.md to production section of TOC.
Adds the existing article about hosting multiple Zulip organizations
to the production section of the table of contents.
2023-08-11 11:11:44 -07:00
Steve Howell 51db22c86c per-request caches: Add per_request_cache library.
We have historically cached two types of values
on a per-request basis inside of memory:

    * linkifiers
    * display recipients

Both of these caches were hand-written, and they
both actually cache values that are also in memcached,
so the per-request cache essentially only saves us
from a few memcached hits.

I think the linkifier per-request cache is a necessary
evil. It's an important part of message rendering, and
it's not super easy to structure the code to just get
a single value up front and pass it down the stack.

I'm not so sure we even need the display recipient
per-request cache any more, as we are generally pretty
smart now about hydrating recipient data in terms of
how the code is organized. But I haven't done thorough
research on that hypotheseis.

Fortunately, it's not rocket science to just write
a glorified memoize decorator and tie it into key
places in the code:

    * middleware
    * tests (e.g. asserting db counts)
    * queue processors

That's what I did in this commit.

This commit definitely reduces the amount of code
to maintain. I think it also gets us closer to
possibly phasing out this whole technique, but that
effort is beyond the scope of this PR. We could
add some instrumentation to the decorator to see
how often we get a non-trivial number of saved
round trips to memcached.

Note that when we flush linkifiers, we just use
a big hammer and flush the entire per-request
cache for linkifiers, since there is only ever
one realm in the cache.
2023-08-11 11:09:34 -07:00
Steve Howell 031e3ae3f0 caching docs: Tweak a few things.
Some claims seemed a little exaggerated or overly
precise.
2023-08-11 10:57:42 -07:00
Sahil Batra c843600d76 docs: Fix get_user function in caching documentation.
This commit fixes the get_user function code to be same
as that of the original function in models.py.
2023-08-10 17:35:43 -07:00
Anders Kaseorg b386cb5347 setup-recommended: Fix typographical issues.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-08-07 13:04:01 -07:00
n0099 2b1d250154 nginx: Switch from `$host` to `$http_host` for HTTP/3 compatibility.
nginx sets the value of the `$http_host` variable to the empty string
when using http/3, as there is technically no `Host:` header sent:
https://github.com/nginx-quic/nginx-quic/issues/3

Users with a browser that support http/3 will send their first request
to nginx with http/2, and get an expected HTTP 200 -- but any
subsequent requests will fail with am HTTP 400, since the browser will
have upgraded to http/3, which has an empty `Host` header, which Zulip
rejects.

Switch to the `$host` variable, which works for all HTTP versions.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-07-25 18:20:34 -04:00
Ishita Gupta aa86533f22 UI redesign: more-less message interaction.
This commit encompasses the following changes:
* Replace the [More...] link with a button titled "Show more".
* Replace the [Show Less...] link with a button titled "Show less".
* Add various on-hover interactions to the buttons.
* In the condensed view, add fading to the bottom of the message to
  visually communicate that the message is truncated.
* Update /help/ description.

Fixes #22801.

Co-authored-by: Evy Kassirer <evy.kassirer@gmail.com>
2023-07-24 17:42:08 -07:00
Anders Kaseorg b285813beb error_notify: Remove custom email error reporting handler.
Restore the default django.utils.log.AdminEmailHandler when
ERROR_REPORTING is enabled.  Those with more sophisticated needs can
turn it off and use Sentry or a Sentry-compatible system.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-20 11:00:09 -07:00
Alex Vandiver d957559371 uploads: Allow uploads to set storage class.
Uploads are well-positioned to use S3's "intelligent tiering" storage
class.  Add a setting to let uploaded files to declare their desired
storage class at upload time, and document how to move existing files
to the same storage class.
2023-07-19 16:19:34 -07:00
Alex Vandiver 5a26237b54 wal-g: Support alternate S3 storage classes. 2023-07-19 10:55:18 -07:00
Anders Kaseorg 052984bc14 utils: Remove make_safe_digest wrapper.
It’s unclear what was supposed to be “safe” about this wrapper.  The
hashlib API is fine without it, and we don’t want to encourage further
use of SHA-1.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-19 10:54:05 -07:00
nimish c238327899 settings: Change "Display settings" to "Preferences".
This includes changing the URL to #settings/preferences, with a
transparent redirect so that existing links, like the one from Welcome
Bot, continue to work.
2023-07-12 07:09:03 -07:00
Alex Vandiver a7b9e67c06 docs: Mention the PostgreSQL upgrade in the release upgrade section.
Users can, quite understandably, assume that upgrading Zulip upgraded
the underlying PostgreSQL version.  Though it is mentioned at the top
of the page, mentioning it here clarifies that it is an additional
step.
2023-07-11 17:27:57 -07:00
Aman Agrawal 9dc66f35da architecture_simple: Use 400 instead 500 for font-weight.
Since https://zulip.readthedocs.io/ doesn't render 500 font-weight
and falls back to 400 for for rendering, it makes sense to just
keep them at 400.
2023-07-06 17:57:37 -07:00
Alex Vandiver 9bd340957f changelog: Retitle sections, to allow section anchors. 2023-07-06 16:16:11 -07:00
Alex Vandiver e18d0e3331 docs: Reference PostgreSQL version in "Restoring backups" section.
This extends 8ede54fb1b, in the specific backups section, rather
than just in the overview.
2023-07-05 14:53:24 -07:00
Mateusz Mandera 8c530f30e3 docs: Update SCIM doc to not mention add_scim_client.
add_scim_client was removed in 55342efd33.
2023-07-05 14:36:22 -07:00
Alex Vandiver 76b767b154 version: Update version and changelog after 7.2 release. 2023-07-05 20:27:54 +00:00
Karl Stolley 0b596159c1 docs: Adjust wording and phrasing for clarity. 2023-06-27 09:43:22 -05:00
Karl Stolley 2720e0e35a docs: Correct minor wording and mechanics. 2023-06-27 09:43:22 -05:00
Matthew Volpe 466db56118
docs: Fix missing space in setup-recommended.md.
Previously, there was a missing space in setup-recommended.md that I noticed when reading it.
2023-06-26 11:10:29 -07:00
David Rosa ca4e73b663 docs: Rename private message -> direct message in Spanish style guide.
- Updates instances of "private message" and "PM", improving wording
  and translating to Spanish where needed.
2023-06-26 11:02:34 -07:00
David Rosa 513eb510aa docs: Rename "private message" -> "direct message".
- Updates instances of "private message", "PM", and "private_message",
  excluding historical references in `overview/changelog.md`.
- Also excludes `/docs/translating` since we would need new
  translations for "direct messages" and "DMs".
2023-06-23 14:36:16 -07:00
Alex Vandiver d46279c41e docs: Clarify that trust of X-Fowarded-Proto is also necessary.
Previously, `X-Forwarded-Proto` did not need to be set, and failure to
set `loadbalancer.ips` would merely result in bad IP-address
rate-limiting and incorrect access logs; after 0935d388f0, however,
failure to do either of those, if Zulip is deployed with `http_only`,
will lead to infinite redirect loops after login.  These are
accompanied by a misleading error, from Tornado, of:

    Forbidden (Origin checking failed - https://zulip.example.com does not match any trusted origins.): /json/events

This is most common with Docker deployments, where deployments use
another docker container, such as nginx or Traefik, to do SSL
termination.  See zulip/docker-zulip#403.

Update the documentation to reinforce that `loadbalancer.ips` also
controls trust of `X-Forwarded-Proto`, and that failure to set it will
cause the application to not function correctly.
2023-06-23 10:47:14 -07:00
Alex Vandiver e222b53d8a version: Update version and changelog after 7.1 release. 2023-06-13 18:17:04 +00:00
Anders Kaseorg 639efc5ce1 docs: Update Transifex URLs.
https://help.transifex.com/en/articles/7171815-web-application-s-domain-change

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-06-12 17:38:41 -07:00
Alex Vandiver f4b20337a7 docs: Document supported versions of PostgreSQL.
Fixes: #25853.
2023-06-12 16:37:55 -07:00
Alya Abbott 9ee5a5a70e docs: Add a guide on suggesting features and improvements.
Similar to the guide on reporting bugs.
2023-06-12 16:04:00 -07:00
Alya Abbott 052a109ba4 docs: Improve instructions for reporting bugs.
- Create a dedicated "Reporting bugs" page to learly document
where and how bugs should be reported.
- Drop "Reporting issues" section from the Contributing guide.
- Delete "Bug report guidelines" page.
2023-06-12 14:31:45 -07:00
Alex Vandiver bd217ad31b puppet: Read resolver from /etc/resolv.conf.
04cf68b45e make nginx responsible for downloading (and caching)
files from S3.  As noted in that commit, nginx implements its own
non-blocking DNS resolver, since the base syscall is blocking, so
requires an explicit nameserver configuration.  That commit used
127.0.0.53, which is provided by systemd-resolved, as the resolver.

However, that service may not always be enabled and running, and may
in fact not even be installed (e.g. on Docker).  Switch to parsing
`/etc/resolv.conf` and using the first-provided nameserver.  In many
deployments, this will still be `127.0.0.53`, but for others it will
provide a working DNS server which is external to the host.

In the event that a server is misconfigured and has no resolvers in
`/etc/resolv.conf`, it will error out:
```console
Error: Evaluation Error: Error while evaluating a Function Call, No nameservers found in /etc/resolv.conf!  Configure one by setting application_server.nameserver in /etc/zulip/zulip.conf (file: /home/zulip/deployments/current/puppet/zulip/manifests/app_frontend_base.pp, line: 76, column: 70) on node example.zulipdev.org
```
2023-06-12 20:18:28 +00:00
Tim Abbott 6ca5130cd8 docs: Improve troubleshooting overview intro. 2023-06-12 13:01:50 -07:00
Alya Abbott 582e88544c docs: Clarify instructions for getting help with self-hosting. 2023-06-12 13:01:50 -07:00
Zixuan James Li 4a18552ff8 docs: Document and advocate systemd for WSL 2.
systemd makes it a lot convenient to run services required for Zulip's
development environment on WSL 2. Once enabled, `tools/start_service`
becomes unnecessary.

More info:
https://devblogs.microsoft.com/commandline/systemd-support-is-now-available-in-wsl/

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-06-12 10:58:11 -07:00
Lauryn Menard dfb34875f1 docs: Update first point in outreach prioritization section. 2023-06-12 10:54:32 -07:00
Tim Abbott 5e5d151c0c docs: Tweak a few details on the release checklist. 2023-06-07 12:48:25 -07:00
Alex Vandiver bad600e731 docs: Clarify access to port 25 is needed for local email delivery. 2023-06-07 08:56:01 -07:00
Tim Abbott 0a7d3d3fe2 Update version following 7.0 release. 2023-05-31 13:04:44 -07:00
Tim Abbott b00ce1bad1 Release Zulip Server 7.0. 2023-05-31 08:48:02 -07:00
Alex Vandiver 9a6529f86a docs: Add language to code blocks. 2023-05-31 08:18:03 -07:00
Alex Vandiver adb30c4d18 docs: Remove unused link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver 8212dccc91 docs: Fix missing and typo'd link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver 679591ccce docs: Document postgresql.missing_dictionaries. 2023-05-31 08:18:03 -07:00
Alya Abbott 660ccccf68 docs: Add section about mentioning others to commit discipline doc. 2023-05-30 14:55:09 -07:00
Karl Stolley 38c8c374d5 docs: Introduce headings on commit discipline. 2023-05-30 14:54:49 -07:00
Alex Vandiver d058188fa8 docs: Update documentation for deploy hooks.
ecfb12404a updated how values were passed to hooks, but did not
update the documentation.
2023-05-30 14:52:01 -07:00
Alex Vandiver 9ca4574fae docs: Document zulip_notify deploy hook. 2023-05-30 14:52:01 -07:00
Alex Vandiver f45a6a6d99 docs: Add missing link in Sentry deploy docs. 2023-05-30 11:25:43 -07:00
Alex Vandiver 54590e67f2 docs: Fix link to sentry deploy hook. 2023-05-30 11:25:43 -07:00
Anders Kaseorg dc158b18f2 release-checklist: Purge unneeded beta branch.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 18:07:54 -07:00
Anders Kaseorg e3e2691124 Update version following 7.0-beta3 release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 17:14:15 -07:00
Tim Abbott 1af16642d9 Release Zulip Server 7.0-beta3. 2023-05-29 16:35:59 -07:00
Tim Abbott 5f7727888c docs: Fix changelog link to preferred markdown style. 2023-05-29 16:35:19 -07:00
Tim Abbott 00accdc86b docs: Update changelog for changes since 7.0-beta2. 2023-05-29 16:27:29 -07:00
Tim Abbott e26f9180c1 docs: Remove a duplicate changelog line.
This same line appears near the end of the 7.0 list.
2023-05-29 12:25:47 -07:00
Karl Stolley 4bfbec48dd docs: Clarify where labels are noted.
This will prevent curious readers from scrolling in search of a list
of labels below (as I did initially).
2023-05-29 11:21:51 -07:00
Karl Stolley a164173acf docs: Close up instances of 'codebase'. 2023-05-29 11:21:51 -07:00
Alya Abbott fc0f73c1db docs: Link to new PR review process doc from /contributing/reviewable-prs.md. 2023-05-25 13:16:56 -07:00
Alya Abbott 1456691d56 docs: Link to new PR review process doc from /contributing/code-reviewing.md.
Also drop redundant points in "Asking for a code review" section.
2023-05-25 13:16:56 -07:00
Alya Abbott afc016c0f0 docs: Add a page documenting review process for pull requests.
- Move the "Submitting a pull request" and "Stages of a pull
request" sections of the contributing guide to a dedicated page.
- Add more detail.
2023-05-25 13:16:56 -07:00
Karl Stolley 30782f7aa4 docs: Remove zid reference.
@timabbott note that it's been years since this has posed any problems:
https://github.com/zulip/zulip/pull/25733#discussion_r1203144805
2023-05-24 12:31:11 -07:00
Karl Stolley 04656bf16f docs: Provide an example of dynamic styling. 2023-05-24 12:31:11 -07:00
Karl Stolley ee7b6f476d docs: Add testing example and supporting links. 2023-05-24 12:31:11 -07:00
Karl Stolley fe1b7a9bb3 docs: Integrate HTML and CSS style with subsystem doc. 2023-05-24 12:31:11 -07:00
Karl Stolley 735618b9db docs: Restructure CSS introduction.
This better presents the CSS organization for readers, and also
removes a stale reference and link to Bootstrap.

Because postcss-nesting's spec-aligned syntax has tripped up some
contributors, the mention of PostCSS now includes a link to the
postcss-nesting README and the CSS Nesting spec from the W3C, which
PostCSS Nesting attempts to adhere to.
2023-05-24 12:31:11 -07:00
Karl Stolley 3fd621b608 docs: Correct stale Chrome and Handlebars links. 2023-05-24 12:31:11 -07:00
Karl Stolley 3443e1d479 docs: Make surface edits to dangerous constructs. 2023-05-24 12:31:11 -07:00
Karl Stolley bb78c21fda docs: Rewrite and update JavaScript guidance. 2023-05-24 12:31:11 -07:00
Karl Stolley 5ff853fa71 docs: Update Python guidance in code style. 2023-05-24 12:31:11 -07:00
Karl Stolley 72b16e2fe7 docs: Edit and tighten opening sections. 2023-05-24 12:31:11 -07:00
Karl Stolley 761ae28551 docs: Rewrite and restructure introduction to code style. 2023-05-24 12:31:11 -07:00
Karl Stolley 827dd22fe1 docs: Restructure and rewrite style and conventions headings. 2023-05-24 12:31:11 -07:00
Karl Stolley c7c9322651 docs: Reorganize code style and conventions doc.
This commit represents an in-place reordering of the document. No
headings or content has been changed (that will happen in subsequent
commits).

The goal is to open the document with generic advice and guidance
applicable to all Zulip developers across all languages:

1. Consistency, enforced by linters and automated tests, opens the
   document.
2. General, largely language-neutral advice about line length,
   third-party code, translation, paths, and secrets come next.
3. Next up is language-specific advice and conventions: Python,
   followed by JavaScript and TypeScript, followed by HTML and CSS
   (although the HTML and CSS will be moved in a subsequent commit
   to their own file).
4. Closing the file, rather than opening it, is the section on
   Dangerous constructs. Some of these are fairly specialized, so
   it makes sense not to ask readers to read through them before
   presenting, say, our philosophy on line length.

Finally, in trying to come up with a sensible order for all sections
of this document, the "More arbitrary style things" heading has been
removed.
2023-05-24 12:31:11 -07:00
Mateusz Mandera 8fb0fe96c6 saml: Save SessionIndex in session and use when making a LogoutRequest.
This is a useful improvement in general for making correct
LogoutRequests to Idps and a necessary one to make SP-initiated logout
fully work properly in the desktop application. During desktop auth
flow, the user goes through the browser, where they log in through their
IdP. This gives them a logged in  browser session at the IdP. However,
SAML SP-initiated logout is fully conducted within the desktop
application. This means that proper information needs to be given to the
the IdP in the LogoutRequest to let it associate the LogoutRequest with
that logged in session that was established in the browser. SessionIndex
is exactly the tool for that in the SAML spec.
2023-05-23 13:01:15 -07:00
Mateusz Mandera 5dd4dcdebb saml: Make SP-initiated SLO work in the desktop application. 2023-05-23 13:01:15 -07:00
Mateusz Mandera 3f55c10685 saml: Rework SP-initiated logout config to support IdP-level config.
This gives more flexibility on a server with multiple organizations and
SAML IdPs. Such a server can have some organizations handled by IdPs
with SLO set up, and some without it set up. In such a scenario, having
a generic True/False server-wide setting is insufficient and instead
being able to specify the IdPs/orgs for SLO is needed.
2023-05-23 13:01:15 -07:00
Mateusz Mandera 0bb0220ebb saml: Implement SP-initiated Logout.
Closes #20084

This is the flow that this implements:
1. A logged-in user clicks "Logout".
2. If they didn't auth via SAML, just do normal logout. Otherwise:
3. Form a LogoutRequest and redirect the user to
https://idp.example.com/slo-endpoint?SAMLRequest=<LogoutRequest here>
4. The IdP validates the LogoutRequest, terminates its own user session
and redirects the user to
https://thezuliporg.example.com/complete/saml/?SAMLRequest=<LogoutResponse>
with the appropriate LogoutResponse. In case of failure, the
LogoutResponse is expected to express that.
5. Zulip validates the LogoutResponse and if the response is a success
response, it executes the regular Zulip logout and the full flow is
finished.
2023-05-23 13:01:15 -07:00
Alex Vandiver 68722e7d3c release-checklist: Add a mastodon announce step. 2023-05-19 16:55:30 -07:00
Alex Vandiver 68c37c9d7b release-checklist: Adjust for the blogs being in Astro. 2023-05-19 16:55:30 -07:00
Alex Vandiver e6b1384a05 version: Update version and changelog after 6.2 release. 2023-05-19 16:58:55 -04:00
Toyam Cox 650cdc474d docs: Also set X-Forwarded-Proto in proxies.
Django 4.0 and higher began checking the `Origin` header, which made
it important that Zulip know accurately if the request came over HTTPS
or HTTP; failure to do so would result in "CSRF verification failed"
errors.

For Zulip servers which are accessed via proxies, this means that
`X-Fowarded-Proto` must be set accurately.  Adjust the documentation
for the suggested configurations to add the header.

Fixes: #24599.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-05-18 17:17:35 -04:00
Alex Vandiver a95b796a91 supervisor: Drop minfds back down from 1000000 to 40000.
1c76036c61 raised the number of `minfds` in Supervisor from 40k to
1M.  If Supervisor cannot guarantee that number of available file
descriptors, it will fail to start; `/etc/security/limits.conf` was
hence adjusted upwards as well.  However, on some virtualized
environments, including Proxmox LXC, setting
`/etc/security/limits.conf` may not be enough to raise the
system-level limits.  This causes `supervisord` with the larger
`minfds` to fail to start.

The limit of 1000000 was chosen to be arbitrarily high, assuming it
came without cost; it is not expected to ever be reached on any
deployment.  262b19346e already lowered one aspect of that
changeset, upon determining it did come with a cost.  Potentially
breaking virtualized deployments during upgrade is another cost of
that change.

Lower the `minfds` it back down to 40k, partially reverting
1c76036c61, but allow adjusting it upwards for extremely large
deployments.  We do not expect any except the largest deployments to
ever hit the 40k limit, and a frictionless deployment for the
vanishingly small number of huge deployments is not worth the
potential upgrade hiccups for the much more frequent smaller
deployments.
2023-05-18 13:04:33 -07:00
Anders Kaseorg 12310189ed install: Support Debian 12.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-18 11:52:22 -07:00
Alex Vandiver 0117d751c2 docs: Explain Zulip Cloud branch in release lifecycle docs.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver 6cb570f3f0 docs: Upgrade to zulip-cloud-current before exporting to Zulip Cloud.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver e0c05825ed docs: Importing from Zulip Cloud exports should use zulip-cloud-current.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver f4683de742 puppet: Switch the `rolling_restart` setting to use the bool values.
2c5fc1827c standardized which values are "true"; use them.
2023-05-11 15:54:15 -07:00
Alex Vandiver 857f79161f docs: Update documentation on compliance exports. 2023-05-11 12:01:54 -07:00
Tim Abbott 3cc3fbc0c3 docs: Update changelog for changes since 7.0-beta1. 2023-05-10 17:26:02 -07:00
Alex Vandiver f11350f789 puppet: Add PostgreSQL 15 support.
Instead of copying over a mostly-unchanged `postgresql.conf`, we
transition to deploying a `conf.d/zulip.conf` which contains the
only material changes we made to the file, which were previously
appended to the end.

While shipping separate while `postgresql.conf` files for each
supported version is useful if there is large variety in supported
options between versions, there is not no such variation at current,
and the burden of overriding the entire default configuration is that
it must be keep up to date wit the package's version.
2023-05-10 14:06:02 -07:00
Alex Vandiver e5ae55637e install: Remove PostgreSQL 11 support.
Django 4.2 removes this support, so Zulip has not installed with
PostgreSQL 11 since 2c20028aa4.
2023-05-05 13:35:32 -07:00
Tim Abbott 18d8fbc74b docs: Update changelog since 6.0 release. 2023-05-02 17:45:07 -07:00
Karl Stolley aa78d9bf26 docs: Make a few surface fixes. 2023-05-01 16:37:27 -07:00
Karl Stolley 7f06baf360 docs: Polish usage assumptions copy. 2023-05-01 16:37:27 -07:00
Alex Vandiver 8a3236638a docs: Update sharding docs for single-org sharding option.
Co-authored-by: Tim Abbott <tabbott@zulip.com>
2023-05-01 11:28:08 -07:00
Alex Vandiver 510b96046a docs: Update production docs for local S3 caching. 2023-05-01 11:28:08 -07:00
sbansal1999 6b599d521f docs: Update recommended commit summary length to 72 characters.
This commit updates the recommended commit summary length
to 72 characters in the documentation. If the commit message
exceeds this length than GitHub cutoffs the remaining characters.
2023-05-01 10:35:52 -07:00
Karl Stolley b6c656ed73 docs: Clarify python3 installation requirements.
This should help miscueing users into thinking that the provisioning
steps, etc. are a part of the python3 installation--which is now more
explicitly aimed at Centos, Fedora, and RHEL users.
2023-04-27 13:55:59 -07:00
Karl Stolley e9315e67b8 docs: Move uninstall warning up top. 2023-04-27 13:55:59 -07:00
AcKindle3 4544eb4576 email: Replace `uri` with `url` in templates and backend.
In #23380 we want to change all ocurrences of `uri` to `url`. This
commit changes the ocurrences of `uri` appeared in files related to
email, including templates (`.html`, `.txt`) and backend (`.py`)
codes.

In `email.md`, `base_images_uri` is changed to `images_base_url` -
the words `base` and `images` are swapped and plural form is added
for `image`.  This is becasue the former is not found anywhere in
the codebase while the later appears a lot. To reduce confusion,
this doccumentation changed accordingly.
2023-04-26 16:37:16 -07:00
Alex Vandiver b8a6de95d2 pg_backup_and_purge: Allow adjusting the backup concurrency.
SSDs are good at parallel random reads.
2023-04-26 10:54:51 -07:00
Alex Vandiver 19a11c9556 pg_backup_and_purge: Take backups on replicas, if present.
Taking backups on the database primary adds additional disk load,
which can impact the performance of the application.

Switch to taking backups on replicas, if they exist.  Some deployments
may have multiple replicas, and taking backups on all of them is
wasteful and potentially confusing; add a flag to inhibit taking
nightly snapshots on the host.

If the deployment is a single instance of PostgreSQL, with no
replicas, it takes backups as before, modulo the extra flag to allow
skipping taking them.
2023-04-26 10:54:51 -07:00
Hardik Dharmani 06709bc5da icons: Add new unmute icon SVG.
Added unmute.svg in web/shared/icons. Also added
source and license information for the icon in
docs/THIRDPARTY.

Additionally, used unmute icon for unmute option in
topic_sidebar menu for topics in muted stream.

Fixes #25124
2023-04-25 13:35:38 -07:00
Ujjawal Modi 449febf036 streams: Make stream settings and create stream UI more consistent.
This commit make changes in create stream panel by moving
announce stream option below stream description and adds a
"Stream permissions" section heading just above
"Who can access the stream?" and also rewords the text
"Announce stream".

Also now announce stream option is only shown if the user creating
stream have access to the announcement stream name. When option
is not shown, default behaviour is to announce public and
web-public streams.

Fixes #23327.
2023-04-24 17:02:33 -07:00
Lauryn Menard 3c88db9164 docs: Update development version warning text to be more explicit. 2023-04-20 10:37:30 -07:00
Alex Vandiver 2d5c678614 blueslip: Only show in dev mode, or report to Sentry.
This removes the production reporting to `/json/report/error` upon
`blueslip.error`, and replaces it with reporting to Sentry, if
enabled.  Sentry provides better reporting and grouping for exceptions
than the email- and `#errors`-reporting provided by the
`/json/report/error` endpoint.

The development behaviour of rendering `blueslip.error` messages and
stacktraces immediately, and stopping execution, is preserved.

To better chain exception information, the whole previous exception is
passed to `blueslip.error`, not just the stack, and the second
parameter is formalized to be an object to map to Sentry's "context"
concept.
2023-04-13 14:59:58 -07:00
Alex Vandiver f9f7c7b114 docs: Document Sentry frontend reporting. 2023-04-13 14:59:58 -07:00
sayamsamal 9f6f77f6bc icons: Change bot icon from GitHub logo to Google material icon.
We currently use the GitHub logo to show the bots settings in both
personal and organization settings. This icon is not a correct
representation since we use have support for several different bots
including but not limited to a GitHub integration bot.

This commit replaces the GitHub logo with Smart Toy material icon
from Google, while also adding the required licencing details at
docs/THIRDPARTY.

Part of #19797.
2023-04-13 10:47:09 -07:00
Alex Vandiver 7c023042cf puppet: Rotate access log files every day, not at 500M.
Since logrotate runs in a daily cron, this practically means "daily,
but only if it's larger than 500M."  For large installs with large
traffic, this is effectively daily for 10 days; for small installs, it
is an unknown amount of time.

Switch to daily logfiles, defaulting to 14 days to match nginx; this
can be overridden using a zulip.conf setting.  This makes it easier to
ensure that access logs are only kept for a bounded period of time.
2023-04-06 14:31:16 -04:00
Daniil Fadeev 2f203f4de1 emails: Inline CSS in emails in build_email.
Previously, we had an architecture where CSS inlining for emails was
done at provision time in inline_email_css.py. This was necessary
because the library we were using for this, Premailer, was extremely
slow, and doing the inlining for every outgoing email would have been
prohibitively expensive.

Now that we've migrated to a more modern library that inlines the
small amount of CSS we have into emails nearly instantly, we are able
to remove the complex architecture built to work around Premailer
being slow and just do the CSS inlining as the final step in sending
each individual email.

This has several significant benefits:

* Removes a fiddly provisioning step that made the edit/refresh cycle
  for modifying email templates confusing; there's no longer a CSS
  inlining step that, if you forget to do it, results in your testing a
  stale variant of the email templates.
* Fixes internationalization problems related to translators working
  with pre-CSS-inlined emails, and then Django trying to apply the
  translators to the post-CSS-inlined version.
* Makes the send_custom_email pipeline simpler and easier to improve.

Signed-off-by: Daniil Fadeev <fadeevd@zulip.com>
2023-04-05 12:22:29 -07:00
Alex Vandiver a77c89f610 docs: Always suggest start-server, now that it is safer. 2023-04-04 10:58:56 -07:00
Alex Vandiver 5b9fb582e2 docs: Remove now-unnecessary reactivate_realm step after import.
113a8c4782 made this step unnecessary.
2023-04-04 10:58:56 -07:00
Mateusz Mandera 7ca08cb84b docs: Link to SCIM docs from SAML instructions. 2023-04-03 17:06:05 -07:00
Tim Abbott ee673f1f5e docs: Add SCIM page to list of new production/ pages. 2023-04-03 17:06:05 -07:00
Mateusz Mandera 1bfe48bce6 docs: Add ReadTheDocs documentation for SCIM. 2023-04-03 17:01:05 -07:00
Daniil Fadeev 5c6f842b28 emails: Replace Premailer with CSS-inline.
Primary goal of library replacement is improving execution speed.
This commit should not affect the functionality of the system
or make any changes to it.
2023-04-03 15:15:05 -07:00
Tim Abbott 3f199d570d docs: Update changelog to cover changes already staged for 7.0. 2023-04-02 23:28:10 -07:00
Alya Abbott e136636715 docs: Clarify "Should I follow this installation guide?" instructions. 2023-03-30 09:08:48 -07:00
Karl Stolley deabb8ed53 docs: Document preference for hyphenated class and ID values.
This clarifies that kebab case should be the preferred style for
multiword classes in HTML and CSS.
2023-03-27 17:31:31 -07:00
YashRE42 4853a9a736 navbar: Use feathericon close icon.
This uses the new close icon which we prefer over the one made available
from bootstrap. It also adds a reference to the icon in THIRDPARTY.
2023-03-24 16:30:15 -07:00
YashRE42 e3ad9c10bb navbar: Add Ionic search icon and use for navbar search.
This adds a new search icon which we prefer over the one made
available from bootstrap, and replaces search icons in navbar
search with the Ionic icon.
2023-03-24 16:30:15 -07:00
Alex Vandiver 164d58bec9 web: Save a 301 redirect from /help to /help/. 2023-03-24 14:51:01 -07:00
Alex Vandiver 14d19c00d7 web: Save a 301 redirect from /features to /features/. 2023-03-24 14:51:01 -07:00
Alex Vandiver d9daeb13e0 web: Save a needless 301 redirect from /apps to /apps/. 2023-03-24 14:51:01 -07:00
Alex Vandiver 61adc9cfcc web: Save a needless 301 redirect from /team to /team/. 2023-03-24 14:51:01 -07:00
Alex Vandiver c686c5ed0f web: Save a needless 301 redirect from /plans to /plans/. 2023-03-24 14:51:01 -07:00
Alex Vandiver a1570ff3dd web: Save a needless 301 redirect from /integrations to /integrations/. 2023-03-24 14:51:01 -07:00
oribe1115 26691a3bd1
docs: Add a Japanese translation style guide.
Co-authored-by: Sutou Kouhei <kou@cozmixng.org>
Co-authored-by: Greg Price <gnprice@gmail.com>
2023-03-24 12:36:48 -07:00
Alex Vandiver 262b19346e puppet: Decrease default nginx worker_connections.
Increasing worker_connections has a memory cost, unlike the rest of
the changes in 1c76036c61d8; setting it to 1 million caused nginx to
consume several GB of memory.

Reduce the default down to 10k, and allow deploys to configure it up
if necessary.  `worker_rlimit_nofile` is left at 1M, since it has no
impact on memory consumption.
2023-03-23 15:59:23 -07:00
Lauryn Menard 41ac95fe52 docs: Update "How it works" section in Documenting REST API endpoints.
Updates this section to use the shared `api-doc-template.md` as a
guide, as well as the current documentation for the `render-message`
endpoint. Previously, this section referred to a file that had been
removed with the transition to a shared template file.

Fixes #24485.
2023-03-20 17:42:04 -07:00
Alya Abbott 13680651c5
docs: Rewrite guidelines for writing commit messages.
The focus is on making the instructions more specific and organized,
so that they are easier to follow.

Co-authored-by: Tim Abbott <tabbott@zulip.com>
2023-03-20 16:25:20 -07:00
Anders Kaseorg 3a27b12a7d dependencies: Switch to pnpm.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-20 15:48:29 -07:00
Lauryn Menard 8fb001ce92 docs: Add tip about cross-linking between GitHub and dev community.
Adds a point in the "Tips and best practices" section of the
article on writing reviewable pull requests about cross-linking
between GitHub pull requests and conversations in the Zulip
development community.
2023-03-20 11:33:44 -07:00
Anders Kaseorg ba5a2c8866 templates: Support context variables in Handlebars {{t}} helper.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-16 11:26:45 -07:00
Lauryn Menard b9dd109e93 docs: Edit `pull-requests.md` and `reviewable-prs.md`.
Fixes a few typos / errors in commit a633890d8 that updated
these documentation articles on pull requests.

Also adjusts language around screenshots to match what we use
in the pull request template on GitHub for the zulip server and
web app repository.
2023-03-14 13:24:18 -07:00
Chris Bobbe 2a6c423d35 docs: Update mobile/desktop apps' compatability threshold to 4.0, from 3.0
Zulip Server 4.0 is now 22 months old, which is more than 18 months.
Per the general policy in the "Client apps" section below, that
means it's time to drop support for older versions.

We released 5.0 near the end of 2022-03, so near the end of 2023-09
we can update this further to say 5.0.
2023-03-13 22:08:20 -07:00
sbansal1999 9e4529c48b docs: Change extensions from .js to .ts for some filenames.
Since we are migrating from JavaScript to TypeScript
some files in the documentation are still with their
old extension. This commit changes those file extensions.
2023-03-12 15:17:53 -07:00
Lauryn Menard a633890d87 docs: Update documentation for tips when writing pull request comments.
Adds a 'Tips and best practices' section to the documentation on
writing reviewable pull requests.

Also, updates step 3 of the documentation on creating pull requests
to link to the new section and to not have an out-of-date screenshot
of the GitHub pull request template.
2023-03-07 15:40:04 -08:00
Anders Kaseorg c382904638 docs: Remove bad advice about pinning versions.
Because `yarn.lock` includes transitive dependencies, it already pins
our dependencies more comprehensively than `package.json` would if we
followed this bad advice, which we don’t, as of commit
9b0401b76d (#13118).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-05 21:26:55 -08:00
Anders Kaseorg cca8417ad4 docs: Add missing link to outreach TOC.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-03 23:06:58 -08:00
Anders Kaseorg 7b47b6a311 docs: Move homepage link to TOC tree.
This lets us avoid maintaining a forked copy of sphinx_rtd_theme’s
sidebartitle block.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-03 23:06:17 -08:00
Anders Kaseorg 43b4f10578 run-dev: Drop .py from script name.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-03 18:02:37 -08:00
Lakshay Mittal 9be35d2447
docs: Fix outdated description of where stats views are. 2023-03-02 13:38:08 -08:00
Alex Vandiver 015a10637b docs: Document how to use SMTP without authentication.
This is the behaviour inherited from Django[^1].  While setting the
password to empty (`email_password = `) in
`/etc/zulip/zulip-secrets.conf` also would suffice, it's unclear what
the user would have been putting into `EMAIL_HOST_USER` in that
context.

Because we previously did not warn when `email_password` was not
present in `zulip-secrets.conf`, having the error message clarify the
correct configuration for disabling SMTP auth is important.

Fixes: #23938.

[^1]: https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-EMAIL_HOST_USER
2023-02-27 11:59:48 -08:00
Alya Abbott a4265a0c2a docs: Clarify where GSoC/Outreachy applicants should post intros. 2023-02-27 11:49:56 -08:00
Alex Vandiver 6969a6a92d docs: Update instructions for realm deletion to use management command.
This documentation was written in 9ece4c9f51, which predated the
`./manage delete_realm` command added in bff503feb4.
2023-02-26 17:11:07 -08:00
Alex Vandiver 8ede54fb1b docs: Add a link to installer flag docs from backup instructions.
The documentation for restoring backups referenced that it needed to
be to the same version of PostgreSQL, but did not explain how to do
that.

Link to the relevant section of the installer documentation, and name
the flag explicitly.

Fixes: #23691
2023-02-24 12:25:48 -05:00
Anders Kaseorg 0ef8e88b17 webpack: Move webpack configuration to web.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-24 06:35:58 -08:00
Anders Kaseorg 377b8b22c0 puppeteer_tests: Move to web/e2e-tests.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-23 16:04:17 -08:00
Anders Kaseorg cea1119423 node_tests: Move to web/tests.
This lets us simplify the long-ish ‘../../static/js’ paths, and will
remove the need for the ‘zrequire’ wrapper.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-23 16:04:17 -08:00
Anders Kaseorg c1675913a2 web: Move web app to ‘web’ directory.
Ever since we started bundling the app with webpack, there’s been less
and less overlap between our ‘static’ directory (files belonging to
the frontend app) and Django’s interpretation of the ‘static’
directory (files served directly to the web).

Split the app out to its own ‘web’ directory outside of ‘static’, and
remove all the custom collectstatic --ignore rules.  This makes it
much clearer what’s actually being served to the web, and what’s being
bundled by webpack.  It also shrinks the release tarball by 3%.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-23 16:04:17 -08:00
Anders Kaseorg ed069ebe0e docs: Remove spaces before commas.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-22 17:17:25 -08:00
Alya Abbott 3e7de4cc64 docs: Fix typo on Design discussions doc. 2023-02-22 12:00:24 -08:00
Anders Kaseorg e0e17d2391 docs: Update frontend_tests/puppeteer_lib/common.ts path.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-14 13:39:41 -08:00
David Rosa 3254023fa3 help: Update URLs to match "Restrict message editing and deletion" title.
Updates all references to the new URL and adds a URL redirect.

Follow up to #24329.
2023-02-10 15:56:16 -08:00
Alex Vandiver 3109d40b21 puppet: Add a sentry release class.
This installs the Sentry CLI, and uses it to send API events to Sentry
when a release is started and completed.
2023-02-10 15:53:10 -08:00
Alex Vandiver bcd190ecf2 docs: Document backend Sentry error logging. 2023-02-10 15:53:10 -08:00
Alex Vandiver 840884ec89 upgrade-zulip: Provide directories to run hooks before/after upgrade.
These hooks are run immediately around the critical section of the
upgrade.  If the upgrade fails for preparatory reasons, the pre-deploy
hook may not be run; if it fails during the upgrade, the post-deploy
hook will not be run.  Hooks are called from the CWD of the new
deploy, with arguments of the old version and the new version.  If
they exit with non-0 exit code, the deploy aborts.
2023-02-10 15:53:10 -08:00
Anders Kaseorg ec58b6790d install-node: Upgrade Node.js to 18.14.0; manage Yarn with Corepack.
Corepack manages multiple per-project version of Yarn and PNPM, which
means we have to maintain less installation code, and could help us
switch away from Yarn 1 without making the system unusable for
development of other Yarn 1 projects.

https://nodejs.org/api/corepack.html

The Unicode spaces in the timerender test resulted from an ICU
upgrade: https://github.com/nodejs/node/pull/45068.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-09 15:50:47 -08:00
Anders Kaseorg 7eb2cffcb4 templates: Update comments referencing Mustache to Handlebars.
(We switched to Handlebars very early in commit
4793cee888431b41f0aaf5341e2d8c77a155e8b8.)

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-09 14:12:54 -08:00
Alex Vandiver 7ab4fdf250 memcached: Allow overriding the max-item-size.
This is necessary for organizations with extremely large numbers of
members (20k+).
2023-02-09 12:04:29 -08:00
Mateusz Mandera d23b0a1f08 docs: Document how LDAP email address changes work (manually).
We will hopefully be able to just this in #16208 to document what
users need to configure in order to do this manually, but the content
here will be useful for anyone who hasn't set that up regardless.
2023-02-06 15:57:44 -08:00
Alya Abbott c78218d88b docs: Update project ideas list for GSoC 2023.
Co-authored-by: Tim Abbott <tabbott@zulip.com>
2023-02-06 15:12:14 -08:00
Anders Kaseorg b4ee94e758 readthedocs: Add a configuration file.
This overrides the settings in the web interface, and enables much
more flexible configuration of the build environment (which previously
defaulted to Python 3.7).

https://docs.readthedocs.io/en/stable/config-file/v2.html

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-03 16:36:54 -08:00
Alessandro Toppi ff89590558 auth: Add JWT-based user API key fetch.
This adds a new endpoint /jwt/fetch_api_key that accepts a JWT and can
be used to fetch API keys for a certain user. The target realm is
inferred from the request and the user email is part of the JWT.

A JSON containing an user API key, delivery email and (optionally)
raw user profile data is returned in response.
The profile data in the response is optional and can be retrieved by
setting the POST param "include_profile" to "true" (default=false).

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2023-02-03 15:23:35 -08:00
Lauryn Menard dbacc00f0f api-docs: Move markdown files to top level directory.
- Updates `.prettierignore` for the new directory.
- Updates any reference to the API documentation directory for
  markdown files to be `api_docs/` instead of `zerver/api/`.
- Removes a reference link from `docs/documentation/api.md` that
  hasn't referenced anything in the text since commit 0542c60.
- Update rendering of API documentation for new directory.
2023-02-02 17:25:40 -08:00
Alex Vandiver 68f4071873 puppet: Allow choice of timesync tool. 2023-01-31 14:20:41 -08:00
Dhruv Gupta 03c70cbed5
docs: Spell out `./tools/run-dev.py` in setup instructions.
This location in the documentation, in particular, is one where it's likely
to be helpful to spell the full path to the command when explaining it.
2023-01-30 14:32:53 -08:00
David Rosa a6abf959bb contributor docs: Improve the first sentence in "Upgrade Zulip". 2023-01-27 12:41:56 -08:00
David Rosa 538801c651 contributor docs: Rename "Customize Zulip" -> "Server configuration".
- Renames "Customize Zulip" to "Server configuration".
- Cross-links "Server configuration" with "System and deployment
configuration".

Fixes part of #23984.
2023-01-27 12:41:56 -08:00
David Rosa 08e9686cd2 contributor docs: Rename "Upgrade or modify Zulip" -> "Upgrade Zulip".
Fixes part of #23984.
2023-01-27 12:41:56 -08:00
David Rosa af39a1a554 contributor docs: Migrate "Modify Zulip" to its own page.
Splits /production/upgrade-or-modify.md to improve the organization
of production documentation.

Fixes #23984.
2023-01-27 12:41:56 -08:00
Tran Sang 3bea65b39c puppet: Set /etc/mailname based on postfix.mailname configuration.
The `postfix.mailname` setting in `/etc/zulip.conf` was previously
only used for incoming mail, to identify in Postfix configuration
which messages were "local."

Also set `/etc/mailname`, which is used by Postfix to set how it
identifies to other hosts when sending outgoing email.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-01-27 15:08:22 -05:00
Lauryn Menard dedea23745
help-docs: Move help center documentation to top level directory.
These files are not Jinja2 templates, so there's no reason that they needed
to be inside `templates/zerver`. Moving them to the top level reflects their
importance and also makes it feel nicer to work on editing the help center content, 
without it being unnecessary buried deep in the codebase.
2023-01-25 14:08:29 -08:00
Alex Vandiver 25c9fcdb4e changelog: Tweak wording to clarify impact to Safari. 2023-01-23 15:07:02 -05:00
David Rosa 50cf9bc4b8 contributor docs: Document bold formatting for help center inline icons.
Updates "Icons" section of the "Writing help center articles" page
to be consistent with current help center documentation patterns.
2023-01-23 11:15:51 -08:00
Alex Vandiver d38b3ad09c changelog: Fix the link from `.html#` to `.md#`. 2023-01-23 18:58:26 +00:00
Alex Vandiver 4226026dbc version: Update version and changelog after 6.1 release. 2023-01-23 18:52:47 +00:00
Sahil Batra bc5f0e881e settings: Rename IDs of waiting-period-threshold setting elements. 2023-01-20 12:45:53 -08:00
Alex Vandiver e19d4e5e0a docs: Mention probably needing to allow port 22 for SSH access. 2023-01-19 17:31:13 -08:00
Alya Abbott f26260c52a contributor docs: Refer to How we communicate in Design discussions. 2023-01-18 16:07:49 -08:00
Alya Abbott 1e3fb6a149 contributor docs: Add How we communicate page. 2023-01-18 16:07:49 -08:00
Lauryn Menard c2bcfb52aa api-tests: Reduce error output for `/register` openapi validation.
For descriptive endpoints, such as `/register`, that might raise
Schema Validation errors via `validate_against_openapi_schema`,
omits the OpenAPI schema definition in the error output.

Also omits the error instance definition in the error output
when it is a jsonschema object with over 100 properties. This
means that the test instance for objects, like user settings,
will be printed in the error output, but the test instance for
the entire endpoint will not be printed to the console.

The omitted output can be thousands of lines long making it
difficult to find the initial console output that actually helps
the contributor with debugging.

Adds a section in "Documenting REST API endpoints" about
debugging and understanding these errors that is linked to
in the error console output.
2023-01-17 14:50:42 -08:00
Alex Vandiver e351df4095 changelog: Add entry for S3 nginx proxying. 2023-01-10 15:30:57 -08:00
Alex Vandiver 04cf68b45e uploads: Serve S3 uploads directly from nginx.
When file uploads are stored in S3, this means that Zulip serves as a
302 to S3.  Because browsers do not cache redirects, this means that
no image contents can be cached -- and upon every page load or reload,
every recently-posted image must be re-fetched.  This incurs extra
load on the Zulip server, as well as potentially excessive bandwidth
usage from S3, and on the client's connection.

Switch to fetching the content from S3 in nginx, and serving the
content from nginx.  These have `Cache-control: private, immutable`
headers set on the response, allowing browsers to cache them locally.

Because nginx fetching from S3 can be slow, and requests for uploads
will generally be bunched around when a message containing them are
first posted, we instruct nginx to cache the contents locally.  This
is safe because uploaded file contents are immutable; access control
is still mediated by Django.  The nginx cache key is the URL without
query parameters, as those parameters include a time-limited signed
authentication parameter which lets nginx fetch the non-public file.

This adds a number of nginx-level configuration parameters to control
the caching which nginx performs, including the amount of in-memory
index for he cache, the maximum storage of the cache on disk, and how
long data is retained in the cache.  The currently-chosen figures are
reasonable for small to medium deployments.

The most notable effect of this change is in allowing browsers to
cache uploaded image content; however, while there will be many fewer
requests, it also has an improvement on request latency.  The
following tests were done with a non-AWS client in SFO, a server and
S3 storage in us-east-1, and with 100 requests after 10 requests of
warm-up (to fill the nginx cache).  The mean and standard deviation
are shown.

|                   | Redirect to S3      | Caching proxy, hot  | Caching proxy, cold |
| ----------------- | ------------------- | ------------------- | ------------------- |
| Time in Django    | 263.0 ms ±  28.3 ms | 258.0 ms ±  12.3 ms | 258.0 ms ±  12.3 ms |
| Small file (842b) | 586.1 ms ±  21.1 ms | 266.1 ms ±  67.4 ms | 288.6 ms ±  17.7 ms |
| Large file (660k) | 959.6 ms ± 137.9 ms | 609.5 ms ±  13.0 ms | 648.1 ms ±  43.2 ms |

The hot-cache performance is faster for both large and small files,
since it saves the client the time having to make a second request to
a separate host.  This performance improvement remains at least 100ms
even if the client is on the same coast as the server.

Cold nginx caches are only slightly slower than hot caches, because
VPC access to S3 endpoints is extremely fast (assuming it is in the
same region as the host), and nginx can pool connections to S3 and
reuse them.

However, all of the 648ms taken to serve a cold-cache large file is
occupied in nginx, as opposed to the only 263ms which was spent in
nginx when using redirects to S3.  This means that to overall spend
less time responding to uploaded-file requests in nginx, clients will
need to find files in their local cache, and skip making an
uploaded-file request, at least 60% of the time.  Modeling shows a
reduction in the number of client requests by about 70% - 80%.

The `Content-Disposition` header logic can now also be entirely shared
with the local-file codepath, as can the `url_only` path used by
mobile clients.  While we could provide the direct-to-S3 temporary
signed URL to mobile clients, we choose to provide the
served-from-Zulip signed URL, to better control caching headers on it,
and greater consistency.  In doing so, we adjust the salt used for the
URL; since these URLs are only valid for 60s, the effect of this salt
change is minimal.
2023-01-09 18:23:58 -05:00
Alex Vandiver ed6d62a9e7 avatars: Serve /user_avatars/ through Django, which offloads to nginx.
Moving `/user_avatars/` to being served partially through Django
removes the need for the `no_serve_uploads` nginx reconfiguring when
switching between S3 and local backends.  This is important because a
subsequent commit will move S3 attachments to being served through
nginx, which would make `no_serve_uploads` entirely nonsensical of a
name.

Serve the files through Django, with an offload for the actual image
response to an internal nginx route.  In development, serve the files
directly in Django.

We do _not_ mark the contents as immutable for caching purposes, since
the path for avatar images is hashed only by their user-id and a salt,
and as such are reused when a user's avatar is updated.
2023-01-09 18:23:58 -05:00
Alya Abbott 6fb4f10abb docs: Add communication guidance to mentor guide.
Also link to GSoC's mentor guide.
2023-01-06 11:05:51 -08:00
Alya Abbott 358a0dda5b docs: Clarify --email installation option. 2023-01-05 16:10:34 -08:00
Alya Abbott 17ee697e37 contributor docs: Link to GitHub's blog post on commit discipline. 2023-01-05 16:09:43 -08:00
Alya Abbott b25f149b82 contributor docs: Add section on machine translation in Transifex. 2023-01-04 11:01:48 -08:00
Anders Kaseorg bd884c88ed Fix typos caught by typos.
https://github.com/crate-ci/typos

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-03 11:09:50 -08:00
khadeom 9c18641ec4
docs: Fix variable name typo in code-style.md. 2022-12-27 10:43:52 -08:00
Mateusz Mandera b6067b63b8 docs: Mention the reset_authentication_attempt_count command.
The authenticate_by_username limit of 5 attempts per 30 minutes can get
annoying in some cases where the user really forgot their password and
should be allowed to keep trying with admin approvial - so we should
document the command that allows unblocking them.
2022-12-15 12:56:51 -08:00
Josh Klar a1bc9adefc docs: Use API Tokens instead of raw creds for Transifex. 2022-12-13 12:34:08 -08:00
David Rosa 4ad47fd550 docs: Rename "operators" to "filters".
Changes all the uses of the word "operators" to "filters" in
contributor docs, help center, and landing page to align with
the updated help center documentation.
2022-12-09 13:52:13 -08:00
Lauryn Menard 6759767b14 api-docs: Move include markdown macro files for API documentation.
Moves files in `templates/zerver/help/include` that are used
specifically for API documentation pages to be in a new directory:
`templates/zerver/api/include`.

Adds a boolean parameter to `render_markdown_path` to be used
for help center documentation articles.

Also moves the test file `empty.md` to the new directory since
this is the default directory for these special include macros
that are used in documentation pages.
2022-12-08 12:58:11 -08:00
Lauryn Menard 5f9dc76d54 integrations-docs: Move markdown macros include files.
Moves files in `templates/zerver/help/include` that are used
specifically for integrations documentation to be in a new
directory: `templates/zerver/integrations/include`.

Adds a boolean parameter to `render_markdown_path` to be used
for integrations documentation pages.
2022-12-08 12:58:11 -08:00
Anders Kaseorg 92251a7cf6 release-checklist: Update blog post checklist for Astro.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-12-07 17:41:21 -08:00
David Rosa e78ae9463d contributor docs: Rename "Version Control" to "Commit Discipline". 2022-12-07 10:19:07 -08:00
Alya Abbott 3fe028f2f7 contributor docs: Add formatting instructions for streams and topics. 2022-12-02 18:00:12 -08:00
David Rosa 0375dbc5e9 docs: Fix link to "Custom profile fields".
Follow-up to PR #23264.
2022-11-28 12:16:32 -08:00
Alya Abbott bcaaae7e82 contributor docs: Add links to more info about GSoC with Zulip. 2022-11-24 09:16:30 -08:00
Tim Abbott 9b40bf804c docs: Clarify opening of direct installation section.
Fixes #23615.
2022-11-22 15:54:09 -08:00
Alex Vandiver b8ab02022c docs: Renumber unique IDs on policies for easier uniqueness. 2022-11-18 10:24:42 -08:00
Alex Vandiver 183653df9f docs: Include full policy for avatars and uploads buckets.
The documentation included the full policy for the file uploads
bucket, but only one additional statement for the avatars bucket; the
reader needed to assemble the full policy themselves.

Switch to explicitly providing the full policy for both.

Fixes #23110.
2022-11-18 10:24:42 -08:00
Alex Vandiver 68173d2212 docs: Remove a now-unused link reference.
031260573f removed the use of this.
2022-11-18 10:24:42 -08:00
Tim Abbott 88873138ac Update version following 6.0 release. 2022-11-17 16:42:36 -08:00
Tim Abbott f0e5f69c01 Release Zulip Server 6.0. 2022-11-17 11:44:45 -08:00
Alex Vandiver bf00e44bde docs: Document the `export_search` compliance export tool. 2022-11-17 11:19:59 -08:00
Alex Vandiver 809246e1dc docs: Fix a typo in a link anchor. 2022-11-17 11:19:59 -08:00
Alex Vandiver ab71e97f1c docs: Remove an unused link anchor. 2022-11-17 11:19:59 -08:00
Tim Abbott d488ca42e6 docs: Update changelog with commits staged for 6.0. 2022-11-16 22:21:18 -08:00
Alex Vandiver 2c2afddf1e release-checklist: Clarify main changes are one commit, not two. 2022-11-16 14:37:07 -08:00
Alex Vandiver dd8ff7e22b release-checklist: Remove duplicated words.
A classic "I love paris in the the springtime" bug.
2022-11-16 14:37:07 -08:00
Alex Vandiver 6be6bcc5e3 release-checklist: Update and clarify the Docker / Helm steps. 2022-11-16 14:37:07 -08:00
Alex Vandiver fac4c38404 release-checklist: Note that we can test on 22.04 as well. 2022-11-16 14:37:07 -08:00
Alex Vandiver c4e5ddd67f version: Update version and changelog after 5.7 release. 2022-11-16 16:03:05 +00:00
Aman Agrawal fbe9a9e539 left_side_userlist: Remove feature from frontend.
Fixes #23517.

While this feature was added to Zulip very early, it has been troubled
for most of that time; it never looked great visually, had a lot of
implementation complexity around resize.js, and has a weird model (a
setting that changes the UI only in certain window sizes).

This option is not commonly used; while a significant portion of users
have it enabled, many of them just don't use window sizes where it
actually has an effect. So it's not clear that it will be missed if
removed; we got very few bug reports when it was completely broken for
a few days after we first integrated the new left sidebar private
messages design.

Even with it no longer being broken, it does not work very well with
the addition of the new PMs section in the left sidebar. (Having two
scrollbars in the sidebar looks quite awkward.) The new private
messages section in the left sidebar also addresses some of the use
cases for always keeping the Users list always visible, even in narrow
windows.

This option is only removed from frontend for now. To make this
decision easily reversible, the backend code of this feature
is still kept.
2022-11-14 12:23:55 -08:00
Tim Abbott 72b5af2260 docs: Clarify the http_only parameter.
Previously, the http_only parameter could have been misread as
allowing clients to connect to a Zulip server over HTTP directly.

Fixes #23506.
2022-11-09 17:05:15 -08:00
Eric Smith c7ce20283b docs: Update to match current admin.js
Made some small changes to documentation to match the code in the
current admin.js

Fixes: There was no related issue for this fix.
2022-11-08 17:41:14 -08:00
Mateusz Mandera 34a0139c2b rate_limit: Add interface to override rate limiting rules. 2022-11-08 08:56:42 -08:00
Eric Smith c4823bfd03
docs: Remove unnecessary type annotations from tutorial.
In 4c3c976174, we removed the need
to explicitly declare types for Django model fields. Here, we update that detail 
in our documentation.
2022-11-04 15:31:42 -07:00
Tim Abbott 426c806a87 docs: Document docker-zulip postgres upgrade requirement.
Since this is a hard requirement for upgrading the Docker image, it's
worth highlighting here.
2022-11-04 15:19:57 -07:00