Commit Graph

620 Commits

Author SHA1 Message Date
Anders Kaseorg ee85ac5433 models: Extract zerver.models.users.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Anders Kaseorg f78d8e13c1 models: Rename zerver/models.py to zerver/models/__init__.py.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-05 10:32:54 -05:00
Tim Abbott 9423ccecd4 docs: Document plan management login tips. 2023-12-15 11:03:42 -08:00
Tim Abbott ace8344b5a docs: Document manual update_analytics_counts. 2023-12-15 10:13:35 -08:00
Anders Kaseorg a13e42f18a docs: Add missing spaces around code spans.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 00:05:44 -08:00
Tim Abbott b4b9f29e21 docs: Tweak mobile push notifications privacy text.
The "nothing else" line is accurate at a high level but more ambigious
than I'd like for sensitive documentation -- we're not trying to make
an extreme claim that we've disabled all forms of short-term logging.
2023-12-08 23:37:21 -08:00
Tim Abbott 7db15176f3 push bouncer: Submit basic metadata unconditionally.
These metadata are essentially all publicily available anyway, and
making uploading them unconditional will simplify some things.

The documentation is not quite accurate in that it claims the server
will upload some metadata that is not actually uploaded yet (but will
by soon). This seems harmless.
2023-11-29 14:45:53 -08:00
Tim Abbott 06ebc39e04 docs: Clarify the sync_ldap_user_data semantics.
The other option would be to run the cron job ourselves, but I feel
like different organizations with different policies might prefer very
different frequencies; daily/hourly, and it's not easy to make that
configurable with a cron file declared in puppet.

Fixes #27866.
2023-11-27 16:34:31 -08:00
Mateusz Mandera 1800b2c797 ldap: Tweak AUTH_LDAP_ADVANCED_REALM_ACCESS_CONTROL behavior.
The original behavior of this setting was to disable LDAP
authentication for any realms not configured to use it. This was an
arbitrary choice, and its only value was to potentially help catch
typos for users who are lazy about testing their configuration.

Since it makes it a very inconvenient to potentially host multiple
organizations with different LDAP configurations, remove that
behavior.
2023-11-17 14:40:26 -08:00
Greg Price 528a76a419 push_notifs: Set APNs topic individually on each notification.
This makes it possible to send notifications to more than one app ID
from the same server: for example, the main Zulip mobile app and the
new Flutter-based app, which has a separate app ID for use through its
beta period so that it can be installed alongside the existing app.
2023-11-16 12:03:30 -08:00
Greg Price ff32d51700 push_notifs: Support APNs token auth, as well as cert auth.
This will make it possible to send notifications to multiple
distinct app IDs over the same connection.
2023-11-16 12:03:30 -08:00
Alya Abbott cc4c672773 docs: Improve Mobile push notification service documentation. 2023-11-14 17:16:31 -08:00
Greg Price 9072ddda05 push_notifs: Remove remaining references to ZULIP_IOS_APP_ID setting. 2023-11-07 16:19:42 -08:00
Anders Kaseorg 4cb2eded68 typos: Fix typos caught by typos.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 11:55:16 -07:00
Anders Kaseorg 7b4a74cc4d codespell: Fix typos caught by codespell.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 11:55:15 -07:00
Simon Michalke b6a25840a1 zerver: Implement ldap group synchronization.
Fixes #9957.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2023-10-05 16:12:52 -07:00
Anders Kaseorg 1db4174319 docs: Remove long-obsolete REALMS_HAVE_SUBDOMAINS documentation.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 14:14:12 -07:00
xpufx e1283f6dc3 docs: Add instructions for configuring the Authentik SAML IdP. 2023-10-02 09:19:25 -07:00
Mateusz Mandera 19a253c47b ldap: Improve doc on AUTH_LDAP_ADVANCED_REALM_ACCESS_CONTROL.
This fixes the explanation of the setting's syntax to be more precise
(which doesn't mean "easily understandable" - because the setting is
a bit tricky) as well as an example to illustrate it.
2023-09-28 17:26:57 -07:00
David Rosa e60a4c4d01 help: Document `unarchive_stream` management command.
- Adds "Unarchiving archived streams" section to "Archive a stream".
- Adds `./manage.py unarchive_stream` to contributor docs.
2023-09-19 15:04:07 -07:00
Anders Kaseorg 9abb850cd9 docs: Use MyST syntax for Sphinx metadata.
https://myst-parser.readthedocs.io/en/latest/faq/index.html#sphinx-specific-page-front-matter

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-12 10:34:03 -07:00
Mateusz Mandera b6cce494a8 docs: Add a warning about restarting individual services.
restart-server is almost always the way to go, so we can be clearer
about it.
2023-09-08 16:22:50 -07:00
Alex Vandiver ae3458a294 docs: Fix link to "Uprading PostgreSQL" section. 2023-08-14 22:57:59 +00:00
Lauryn Menard 3d997c4af2 docs: Add multiple-organizations.md to production section of TOC.
Adds the existing article about hosting multiple Zulip organizations
to the production section of the table of contents.
2023-08-11 11:11:44 -07:00
n0099 2b1d250154 nginx: Switch from `$host` to `$http_host` for HTTP/3 compatibility.
nginx sets the value of the `$http_host` variable to the empty string
when using http/3, as there is technically no `Host:` header sent:
https://github.com/nginx-quic/nginx-quic/issues/3

Users with a browser that support http/3 will send their first request
to nginx with http/2, and get an expected HTTP 200 -- but any
subsequent requests will fail with am HTTP 400, since the browser will
have upgraded to http/3, which has an empty `Host` header, which Zulip
rejects.

Switch to the `$host` variable, which works for all HTTP versions.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-07-25 18:20:34 -04:00
Anders Kaseorg b285813beb error_notify: Remove custom email error reporting handler.
Restore the default django.utils.log.AdminEmailHandler when
ERROR_REPORTING is enabled.  Those with more sophisticated needs can
turn it off and use Sentry or a Sentry-compatible system.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-20 11:00:09 -07:00
Alex Vandiver d957559371 uploads: Allow uploads to set storage class.
Uploads are well-positioned to use S3's "intelligent tiering" storage
class.  Add a setting to let uploaded files to declare their desired
storage class at upload time, and document how to move existing files
to the same storage class.
2023-07-19 16:19:34 -07:00
Alex Vandiver 5a26237b54 wal-g: Support alternate S3 storage classes. 2023-07-19 10:55:18 -07:00
Alex Vandiver a7b9e67c06 docs: Mention the PostgreSQL upgrade in the release upgrade section.
Users can, quite understandably, assume that upgrading Zulip upgraded
the underlying PostgreSQL version.  Though it is mentioned at the top
of the page, mentioning it here clarifies that it is an additional
step.
2023-07-11 17:27:57 -07:00
Alex Vandiver e18d0e3331 docs: Reference PostgreSQL version in "Restoring backups" section.
This extends 8ede54fb1b, in the specific backups section, rather
than just in the overview.
2023-07-05 14:53:24 -07:00
Mateusz Mandera 8c530f30e3 docs: Update SCIM doc to not mention add_scim_client.
add_scim_client was removed in 55342efd33.
2023-07-05 14:36:22 -07:00
David Rosa 513eb510aa docs: Rename "private message" -> "direct message".
- Updates instances of "private message", "PM", and "private_message",
  excluding historical references in `overview/changelog.md`.
- Also excludes `/docs/translating` since we would need new
  translations for "direct messages" and "DMs".
2023-06-23 14:36:16 -07:00
Alex Vandiver d46279c41e docs: Clarify that trust of X-Fowarded-Proto is also necessary.
Previously, `X-Forwarded-Proto` did not need to be set, and failure to
set `loadbalancer.ips` would merely result in bad IP-address
rate-limiting and incorrect access logs; after 0935d388f0, however,
failure to do either of those, if Zulip is deployed with `http_only`,
will lead to infinite redirect loops after login.  These are
accompanied by a misleading error, from Tornado, of:

    Forbidden (Origin checking failed - https://zulip.example.com does not match any trusted origins.): /json/events

This is most common with Docker deployments, where deployments use
another docker container, such as nginx or Traefik, to do SSL
termination.  See zulip/docker-zulip#403.

Update the documentation to reinforce that `loadbalancer.ips` also
controls trust of `X-Forwarded-Proto`, and that failure to set it will
cause the application to not function correctly.
2023-06-23 10:47:14 -07:00
Alex Vandiver f4b20337a7 docs: Document supported versions of PostgreSQL.
Fixes: #25853.
2023-06-12 16:37:55 -07:00
Alex Vandiver bd217ad31b puppet: Read resolver from /etc/resolv.conf.
04cf68b45e make nginx responsible for downloading (and caching)
files from S3.  As noted in that commit, nginx implements its own
non-blocking DNS resolver, since the base syscall is blocking, so
requires an explicit nameserver configuration.  That commit used
127.0.0.53, which is provided by systemd-resolved, as the resolver.

However, that service may not always be enabled and running, and may
in fact not even be installed (e.g. on Docker).  Switch to parsing
`/etc/resolv.conf` and using the first-provided nameserver.  In many
deployments, this will still be `127.0.0.53`, but for others it will
provide a working DNS server which is external to the host.

In the event that a server is misconfigured and has no resolvers in
`/etc/resolv.conf`, it will error out:
```console
Error: Evaluation Error: Error while evaluating a Function Call, No nameservers found in /etc/resolv.conf!  Configure one by setting application_server.nameserver in /etc/zulip/zulip.conf (file: /home/zulip/deployments/current/puppet/zulip/manifests/app_frontend_base.pp, line: 76, column: 70) on node example.zulipdev.org
```
2023-06-12 20:18:28 +00:00
Tim Abbott 6ca5130cd8 docs: Improve troubleshooting overview intro. 2023-06-12 13:01:50 -07:00
Alya Abbott 582e88544c docs: Clarify instructions for getting help with self-hosting. 2023-06-12 13:01:50 -07:00
Alex Vandiver bad600e731 docs: Clarify access to port 25 is needed for local email delivery. 2023-06-07 08:56:01 -07:00
Alex Vandiver 9a6529f86a docs: Add language to code blocks. 2023-05-31 08:18:03 -07:00
Alex Vandiver adb30c4d18 docs: Remove unused link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver 8212dccc91 docs: Fix missing and typo'd link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver 679591ccce docs: Document postgresql.missing_dictionaries. 2023-05-31 08:18:03 -07:00
Alex Vandiver d058188fa8 docs: Update documentation for deploy hooks.
ecfb12404a updated how values were passed to hooks, but did not
update the documentation.
2023-05-30 14:52:01 -07:00
Alex Vandiver 9ca4574fae docs: Document zulip_notify deploy hook. 2023-05-30 14:52:01 -07:00
Alex Vandiver f45a6a6d99 docs: Add missing link in Sentry deploy docs. 2023-05-30 11:25:43 -07:00
Mateusz Mandera 8fb0fe96c6 saml: Save SessionIndex in session and use when making a LogoutRequest.
This is a useful improvement in general for making correct
LogoutRequests to Idps and a necessary one to make SP-initiated logout
fully work properly in the desktop application. During desktop auth
flow, the user goes through the browser, where they log in through their
IdP. This gives them a logged in  browser session at the IdP. However,
SAML SP-initiated logout is fully conducted within the desktop
application. This means that proper information needs to be given to the
the IdP in the LogoutRequest to let it associate the LogoutRequest with
that logged in session that was established in the browser. SessionIndex
is exactly the tool for that in the SAML spec.
2023-05-23 13:01:15 -07:00
Mateusz Mandera 5dd4dcdebb saml: Make SP-initiated SLO work in the desktop application. 2023-05-23 13:01:15 -07:00
Mateusz Mandera 3f55c10685 saml: Rework SP-initiated logout config to support IdP-level config.
This gives more flexibility on a server with multiple organizations and
SAML IdPs. Such a server can have some organizations handled by IdPs
with SLO set up, and some without it set up. In such a scenario, having
a generic True/False server-wide setting is insufficient and instead
being able to specify the IdPs/orgs for SLO is needed.
2023-05-23 13:01:15 -07:00
Mateusz Mandera 0bb0220ebb saml: Implement SP-initiated Logout.
Closes #20084

This is the flow that this implements:
1. A logged-in user clicks "Logout".
2. If they didn't auth via SAML, just do normal logout. Otherwise:
3. Form a LogoutRequest and redirect the user to
https://idp.example.com/slo-endpoint?SAMLRequest=<LogoutRequest here>
4. The IdP validates the LogoutRequest, terminates its own user session
and redirects the user to
https://thezuliporg.example.com/complete/saml/?SAMLRequest=<LogoutResponse>
with the appropriate LogoutResponse. In case of failure, the
LogoutResponse is expected to express that.
5. Zulip validates the LogoutResponse and if the response is a success
response, it executes the regular Zulip logout and the full flow is
finished.
2023-05-23 13:01:15 -07:00
Toyam Cox 650cdc474d docs: Also set X-Forwarded-Proto in proxies.
Django 4.0 and higher began checking the `Origin` header, which made
it important that Zulip know accurately if the request came over HTTPS
or HTTP; failure to do so would result in "CSRF verification failed"
errors.

For Zulip servers which are accessed via proxies, this means that
`X-Fowarded-Proto` must be set accurately.  Adjust the documentation
for the suggested configurations to add the header.

Fixes: #24599.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-05-18 17:17:35 -04:00