Commit Graph

1945 Commits

Author SHA1 Message Date
Alex Vandiver 31f1f10501 installer: Halt if wrong version of PostgreSQL is already installed.
49a7a66004 and immediately previous commits began installing
PostgreSQL 12 from their apt repository.  On machines which already
have the distribution-provided version of PostgreSQL installed,
however, this leads to failure to apply puppet when restarting
PostgreSQL 12, as both attempt to claim the same port.

During installation, if we will be installing PostgreSQL, look for
other versions than what we will install, and abort if they are
found.  This is safer than attempting to automatically uninstall or
reconfigure existing databases.
2020-06-24 12:57:38 -07:00
Alex Vandiver 58cb7cecd8 installer: Remove `--remote-postgres`, redundant with `--no-init-db`.
The previous commit removed the only behavior difference between the
two flags; both of them skip user/database creation, and the tables
therein.

Of the two options `--no-init-db` is more explicit as to what it does,
as opposed to just one facet of when it might be used; remove
`--remote-postgres`.
2020-06-24 12:57:38 -07:00
Tim Abbott ac9ecbe8de docs: Clarify variable variants in translating docs. 2020-06-24 11:34:00 -07:00
Vishnu KS 138a0cb073 docs: Use modern django URL patterns in examples. 2020-06-24 09:57:43 -07:00
Greg Price baa09f0518 docs: Clarify instructions on setting up email for Apple auth.
This comes after I read through all the linked docs, and went through
the UI to do this registration.
2020-06-23 19:04:26 -07:00
Greg Price 71c995d50d docs: Explain a bit more explicitly how to configure Apple auth.
In particular the Services ID and Bundle ID each have one of Apple's
random-looking 10-character identifiers, in addition to the Java-style
names the admin chooses.  Best to be clear about what names are
supposed to be the chosen names and which are supposed to be the
random-looking assigned names.

(I don't know of any docs elsewhere making this clear -- but I guessed
it'd be this way, and empirically it works.)

Also mention you need to enable the backend. :-)
2020-06-23 19:04:26 -07:00
Greg Price 0021dfe8e7 auth settings: Put Apple "Team ID" before the things it namespaces.
I believe the Bundle ID (aka App ID) and Services ID have meaning only
relative to a specific Team ID.  In particular, in some places in the
developer.apple.com UI, they're displayed in a fully-qualified form
like "ABCDE12345.com.example.app", where "com.example.app" is the
App ID or Services ID and ABCDE12345 is the Team ID.
2020-06-23 19:04:26 -07:00
Greg Price 9b620dfe6c docs: Break up a long sentence in Apple auth instructions.
This also helps keep the actionable part short, by separating
the actionable instruction from the longer parenthetical
explaining what it's for.
2020-06-23 19:04:26 -07:00
Brainrecursion 30eaed0378 saml: Add option to restrict subdomain access based on SAML attributes.
Adds the ability to set a SAML attribute which contains a
list of subdomains the user is allowed to access. This allows a Zulip
server with multiple organizations to filter using SAML attributes
which organization each user can access.

Cleaned up and adapted by Mateusz Mandera to fit our conventions and
needs more.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2020-06-23 17:14:31 -07:00
Felix a389c7390d calls: Add Big Blue Button as a Video Call Provider.
Big Blue Button needs an API secret so communication to creating a
room has to be done server side.

Fixes #14763.
2020-06-22 16:19:07 -07:00
Tim Abbott 077c741ef4 docs: Simplify reviewing upgrade notes before upgrading.
This adds a convenient way to review the upgrade notes for all Zulip
releases that one is upgrading across.

I thought about moving all the upgrade notes to a common section, but
in some cases the language is clearly explaining changes in the
release that are not duplicated elsewhere, and I think it reads better
having them inline alongisde related changes.
2020-06-22 15:58:52 -07:00
Tim Abbott 5d6f3d0e3a docs: Fix typo in 'substituted'. 2020-06-21 10:56:40 -07:00
Tim Abbott dc2a045d3b docs: Add documentation on mypy @overload.
We only use this in a few places, but they're really important places
for understanding the types in the codebase, and so it's worth having
a bit of expository documentation explaining how we use it.

(And I expect we'll add more with time).
2020-06-21 10:51:47 -07:00
Tim Abbott f1707cfec6 docs: Remove translating guide 'realm' details.
We now have linters that ensure "realm" never leaks into user-facing
strings, preferring "organization" instead.
2020-06-20 20:41:46 -07:00
apxwn 027e56e9b9 docs: Improve Russian translating guide. 2020-06-20 20:39:37 -07:00
Tim Abbott 0542c60466 docs: Do a general update pass on OpenAPI developer docs. 2020-06-20 19:06:07 -07:00
SiddharthVarshney c80ab21a24 docs: Add "ellipsis" in Glossary.
We have migrated ellipsis-v from chevron for sidebars,
it would be better to define it in glossary as it is gonna replace
"chevron" during conversations.
2020-06-20 16:47:43 -07:00
Onur Temiz eae6c039d2
docs: Fix typo using.md. 2020-06-18 13:16:43 -07:00
SiddharthVarshney cbf592b6ac docs: Update testing list for Popover menus.
Replace word 'chevron' with 'ellipsis'(because of the
recent migration to ellipsis for sidebars menu icons)
and mention where to click more specifically for sidebar
popover testing.
2020-06-18 00:54:18 -07:00
Tim Abbott a0eb26951c docs: Update changelog for Zulip Server 2.1.6 release. 2020-06-17 00:42:28 -07:00
Tim Abbott 7872b197c2 docs: Update changelog for 2.1.5 release. 2020-06-16 23:35:39 -07:00
Alex Vandiver 5f433d6eeb puppet: Remove vestigial check_postgres.pl.
65774e1c4f switched from using the bundled check_postgres.pl to using
the version from packages; the file itself remained, however.

Remove it, and clean up references to it.

Fixes #15389.
2020-06-15 16:18:07 -07:00
Anders Kaseorg 62f1a9da26 docs: Use Mozilla recommended SSL settings for Apache.
• Specify disabled rather than enabled protocols, so as not to disable
  TLS 1.3.
• Provide an explicit cipher suite list (Mozilla intermediate config
  version 5.4).
• Respect the browser’s preferred cipher suite ordering over the
  server’s.
• Use FFDHE2048 Diffie-Hellman parameters.
• Disable SSL session tickets.

(SSL stapling is also recommended but SSLStaplingCache cannot be
configured inside a <VirtualHost> block.)

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-14 20:17:12 -07:00
Tim Abbott 365fed531a docs: Remove nginx reverse proxy websockets documentation.
Zulip no longer uses websockets in production, so this code was
unnecessary.
2020-06-14 15:17:32 -07:00
qnxor 6399bccc07 docs: Add Apache2 reverse proxy instructions and example.
Tweaked by tabbott to disable older SSL and remove websockets logic,
which isn't relevant in master.
2020-06-14 15:15:23 -07:00
Tim Abbott a361646221 docs: Fix references to removed puppet rules. 2020-06-14 12:47:22 -07:00
SiddharthVarshney 60010449d2 icon: Import a font-awesome 5 third party icon.
This is a prep commit for replacement of chevron
from sidebars.

This commit will add ellipsis-v icon in svg format downloaded
from font-awesome 5. This has to be done because font-awesome 4.7
(the version we are using) does not have this icon with
circular dots.

And font-awesome 5 as a whole doesn't make sense to upgrade to because
it's intentionally semi-crippled as part of their business plan.

Also include entry in THIRDYPARTY and Licence details.
2020-06-11 17:15:55 -07:00
Anders Kaseorg 365fe0b3d5 python: Sort imports with isort.
Fixes #2665.

Regenerated by tabbott with `lint --fix` after a rebase and change in
parameters.

Note from tabbott: In a few cases, this converts technical debt in the
form of unsorted imports into different technical debt in the form of
our largest files having very long, ugly import sequences at the
start.  I expect this change will increase pressure for us to split
those files, which isn't a bad thing.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 16:45:32 -07:00
Anders Kaseorg 69730a78cc python: Use trailing commas consistently.
Automatically generated by the following script, based on the output
of lint with flake8-comma:

import re
import sys

last_filename = None
last_row = None
lines = []

for msg in sys.stdin:
    m = re.match(
        r"\x1b\[35mflake8    \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg
    )
    if m:
        filename, row_str, col_str, err = m.groups()
        row, col = int(row_str), int(col_str)

        if filename == last_filename:
            assert last_row != row
        else:
            if last_filename is not None:
                with open(last_filename, "w") as f:
                    f.writelines(lines)

            with open(filename) as f:
                lines = f.readlines()
            last_filename = filename
        last_row = row

        line = lines[row - 1]
        if err in ["C812", "C815"]:
            lines[row - 1] = line[: col - 1] + "," + line[col - 1 :]
        elif err in ["C819"]:
            assert line[col - 2] == ","
            lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ")

if last_filename is not None:
    with open(last_filename, "w") as f:
        f.writelines(lines)

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-06-11 16:04:12 -07:00
Alex Vandiver 4fe0444108 puppet: Install wal-g, not wal-e. 2020-06-11 15:52:43 -07:00
Tim Abbott f0d8f60b66 help: Add basic documentation of organization owners. 2020-06-10 14:07:46 -07:00
Anders Kaseorg 3a15e4b51d settings: Extract most of test_settings to test_extra_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:29:50 -07:00
Anders Kaseorg 5546762bd9 settings: Extract computed settings to computed_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:29:50 -07:00
Anders Kaseorg c45962785c settings: Group {default,prod,dev}_settings as configured_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:20:42 -07:00
Anders Kaseorg 9cb6a75da5 docs: Fix location of default settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:15:34 -07:00
Anders Kaseorg a7a207d5d9 docs: Add missing code markers to settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:15:34 -07:00
Dinesh dc90d54b08 auth: Add Sign in with Apple support.
This implementation overrides some of PSA's internal backend
functions to handle `state` value with redis as the standard
way doesn't work because of apple sending required details
in the form of POST request.

Includes a mixin test class that'll be useful for testing
Native auth flow.

Thanks to Mateusz Mandera for the idea of using redis and
other important work on this.

Documentation rewritten by tabbott.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2020-06-09 17:29:35 -07:00
Tim Abbott 5deaae14b3 docs: Update changelog.
This now covers most features that will be in the Zulip 2.2 release.
2020-06-09 00:32:07 -07:00
Tim Abbott 5154ddafca docs: Update production supported releases.
Now that we have production support for Ubuntu Focal, we update the
documentation to state our support for it.

(We also drop deprecated Xenial and Stretch from supported platforms).
2020-06-08 22:11:28 -07:00
Tim Abbott 7b8ba5ebd9 docs: Update most remaining references to zulipchat.com.
In some cases, the cleanest tweak is to replace references to the
domain with Zulip Cloud, the product.
2020-06-08 18:10:45 -07:00
Tim Abbott 71078adc50 docs: Update URLs to use https://zulip.com.
We're migrating to using the cleaner zulip.com domain, which involves
changing all of our links from ReadTheDocs and other places to point
to the cleaner URL.
2020-06-08 18:10:45 -07:00
Anders Kaseorg 08ddeca8a5 docs: Fix an incorrect use of i.e.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 16:28:05 -07:00
Anders Kaseorg 8e4f22c184 auth: Require algorithms setting for JWT auth.
Calling jwt.decode without an algorithms list raises a
DeprecationWarning.  This is for protecting against
symmetric/asymmetric key confusion attacks.

This is a backwards-incompatible configuration change.

Fixes #15207.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 16:22:25 -07:00
Sharif Naas 29ef37d03b docs: Fix broken wording in testing/philosophy.md. 2020-06-08 11:13:32 -07:00
Sharif Naas 3b120220a7 docs: Reword sentence to be more concise while fixing broken wording.
The previous wording was slightly broken, but this commit changes the
wording beyond just fixing that issue, to be more concise.
2020-06-08 11:13:32 -07:00
Sharif Naas 37be21cebe docs: Improve readability of a sentence in testing/philosophy.md.
Previously, it was unnecessarily difficult to parse the sentence to
determine that "HTTP response" and "internal state of the server
following the request" are the coherent ideas. Even if length wasn't
an issue, e.g. "... and checking both the A and B are correct", the
sentence still feels a bit fragile without a "that".

Since the second phrase is indeed relatively long, and "internal state
of the server" is a reasonable guess for the second coherent idea, the
"the" helps to reset the reader's expectation about where the next
coherent idea starts, and ends.

Lastly, having "both" in front of the two phrases encourages an
assumption that they're shorter (which is especially problematic for
the second phrase), while having it at the end of the sentence helps
to anchor the end of the second phrase; this is especially true since
the absence of "both" before that point encourages an assumption that
you haven't finished reading yet, given that two things have been
mentioned.
2020-06-08 11:13:32 -07:00
Sharif Naas fb969de765 docs: Fix typos in testing/philosophy.md. 2020-06-08 11:13:32 -07:00
Sharif Naas 17afd460bc docs: Fix typos in contributing/code-style.md. 2020-06-08 11:13:32 -07:00
Anders Kaseorg ad24eef6ee circleci: Drop -python3.X suffixes from job names.
The workflow names should be sufficient.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 11:04:40 -07:00
Anders Kaseorg 1f565a9f41 timezone: Use standard library datetime.timezone.utc consistently.
datetime.timezone is available in Python ≥ 3.2.  This also lets us
remove a pytz dependency from the PostgreSQL scripts.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-05 09:34:17 -07:00