Use direct references for configuration variables (part 4). (#10893)

3 years ago · 47854c71e9
parent a10988983a
commit 47854c71e9
32 changed files with 77 additions and 64 deletions
--- a/changelog.d/10893.misc
+++ b/changelog.d/10893.misc
@ -0,0 +1 @@
+Use direct references to config flags.
--- a/synapse/api/urls.py
+++ b/synapse/api/urls.py
@ -39,12 +39,12 @@ class ConsentURIBuilder:
        Args:
            hs_config (synapse.config.homeserver.HomeServerConfig):
        """
-        if hs_config.form_secret is None:
+        if hs_config.key.form_secret is None:
            raise ConfigError("form_secret not set in config")
        if hs_config.server.public_baseurl is None:
            raise ConfigError("public_baseurl not set in config")

-        self._hmac_secret = hs_config.form_secret.encode("utf-8")
+        self._hmac_secret = hs_config.key.form_secret.encode("utf-8")
        self._public_baseurl = hs_config.server.public_baseurl

    def build_user_consent_uri(self, user_id):
--- a/synapse/app/_base.py
+++ b/synapse/app/_base.py
@ -424,12 +424,14 @@ def setup_sentry(hs):
        hs (synapse.server.HomeServer)
    """

-    if not hs.config.sentry_enabled:
+    if not hs.config.metrics.sentry_enabled:
        return

    import sentry_sdk

-    sentry_sdk.init(dsn=hs.config.sentry_dsn, release=get_version_string(synapse))
+    sentry_sdk.init(
+        dsn=hs.config.metrics.sentry_dsn, release=get_version_string(synapse)
+    )

    # We set some default tags that give some context to this instance
    with sentry_sdk.configure_scope() as scope:
--- a/synapse/app/admin_cmd.py
+++ b/synapse/app/admin_cmd.py
@ -192,7 +192,7 @@ def start(config_options):
    ):
        # Since we're meant to be run as a "command" let's not redirect stdio
        # unless we've actually set log config.
-        config.no_redirect_stdio = True
+        config.logging.no_redirect_stdio = True

    # Explicitly disable background processes
    config.update_user_directory = False
--- a/synapse/app/generic_worker.py
+++ b/synapse/app/generic_worker.py
@ -395,7 +395,7 @@ class GenericWorkerServer(HomeServer):
                    manhole_globals={"hs": self},
                )
            elif listener.type == "metrics":
-                if not self.config.enable_metrics:
+                if not self.config.metrics.enable_metrics:
                    logger.warning(
                        "Metrics listener configured, but "
                        "enable_metrics is not True!"
@ -488,7 +488,7 @@ def start(config_options):
    register_start(_base.start, hs)

    # redirect stdio to the logs, if configured.
-    if not hs.config.no_redirect_stdio:
+    if not hs.config.logging.no_redirect_stdio:
        redirect_stdio_to_logs()

    _base.start_worker_reactor("synapse-generic-worker", config)
--- a/synapse/app/homeserver.py
+++ b/synapse/app/homeserver.py
@ -269,7 +269,7 @@ class SynapseHomeServer(HomeServer):
                # https://twistedmatrix.com/trac/ticket/7678
                resources[WEB_CLIENT_PREFIX] = File(webclient_loc)

-        if name == "metrics" and self.config.enable_metrics:
+        if name == "metrics" and self.config.metrics.enable_metrics:
            resources[METRICS_PREFIX] = MetricsResource(RegistryProxy)

        if name == "replication":
@ -278,7 +278,7 @@ class SynapseHomeServer(HomeServer):
        return resources

    def start_listening(self):
-        if self.config.redis_enabled:
+        if self.config.redis.redis_enabled:
            # If redis is enabled we connect via the replication command handler
            # in the same way as the workers (since we're effectively a client
            # rather than a server).
@ -305,7 +305,7 @@ class SynapseHomeServer(HomeServer):
                for s in services:
                    reactor.addSystemEventTrigger("before", "shutdown", s.stopListening)
            elif listener.type == "metrics":
-                if not self.config.enable_metrics:
+                if not self.config.metrics.enable_metrics:
                    logger.warning(
                        "Metrics listener configured, but "
                        "enable_metrics is not True!"
@ -366,7 +366,7 @@ def setup(config_options):

    async def start():
        # Load the OIDC provider metadatas, if OIDC is enabled.
-        if hs.config.oidc_enabled:
+        if hs.config.oidc.oidc_enabled:
            oidc = hs.get_oidc_handler()
            # Loading the provider metadata also ensures the provider config is valid.
            await oidc.load_metadata()
@ -455,7 +455,7 @@ def main():
        hs = setup(sys.argv[1:])

        # redirect stdio to the logs, if configured.
-        if not hs.config.no_redirect_stdio:
+        if not hs.config.logging.no_redirect_stdio:
            redirect_stdio_to_logs()

        run(hs)
--- a/synapse/app/phone_stats_home.py
+++ b/synapse/app/phone_stats_home.py
@ -131,10 +131,12 @@ async def phone_stats_home(hs, stats, stats_process=_stats_process):
    log_level = synapse_logger.getEffectiveLevel()
    stats["log_level"] = logging.getLevelName(log_level)

-    logger.info("Reporting stats to %s: %s" % (hs.config.report_stats_endpoint, stats))
+    logger.info(
+        "Reporting stats to %s: %s" % (hs.config.metrics.report_stats_endpoint, stats)
+    )
    try:
        await hs.get_proxied_http_client().put_json(
-            hs.config.report_stats_endpoint, stats
+            hs.config.metrics.report_stats_endpoint, stats
        )
    except Exception as e:
        logger.warning("Error reporting stats: %s", e)
@ -188,7 +190,7 @@ def start_phone_stats_home(hs):
        clock.looping_call(generate_monthly_active_users, 5 * 60 * 1000)
    # End of monthly active user settings

-    if hs.config.report_stats:
+    if hs.config.metrics.report_stats:
        logger.info("Scheduling stats reporting for 3 hour intervals")
        clock.looping_call(phone_stats_home, 3 * 60 * 60 * 1000, hs, stats)

--- a/synapse/config/logger.py
+++ b/synapse/config/logger.py
@ -322,7 +322,7 @@ def setup_logging(

    """
    log_config_path = (
-        config.worker_log_config if use_worker_options else config.log_config
+        config.worker_log_config if use_worker_options else config.logging.log_config
    )

    # Perform one-time logging configuration.
--- a/synapse/federation/transport/server/_base.py
+++ b/synapse/federation/transport/server/_base.py
@ -49,7 +49,9 @@ class Authenticator:
        self.keyring = hs.get_keyring()
        self.server_name = hs.hostname
        self.store = hs.get_datastore()
-        self.federation_domain_whitelist = hs.config.federation_domain_whitelist
+        self.federation_domain_whitelist = (
+            hs.config.federation.federation_domain_whitelist
+        )
        self.notifier = hs.get_notifier()

        self.replication_client = None
--- a/synapse/groups/groups_server.py
+++ b/synapse/groups/groups_server.py
@ -847,16 +847,16 @@ class GroupsServerHandler(GroupsServerWorkerHandler):
            UserID.from_string(requester_user_id)
        )
        if not is_admin:
-            if not self.hs.config.enable_group_creation:
+            if not self.hs.config.groups.enable_group_creation:
                raise SynapseError(
                    403, "Only a server admin can create groups on this server"
                )
            localpart = group_id_obj.localpart
-            if not localpart.startswith(self.hs.config.group_creation_prefix):
+            if not localpart.startswith(self.hs.config.groups.group_creation_prefix):
                raise SynapseError(
                    400,
                    "Can only create groups with prefix %r on this server"
-                    % (self.hs.config.group_creation_prefix,),
+                    % (self.hs.config.groups.group_creation_prefix,),
                )

        profile = content.get("profile", {})
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -1802,7 +1802,7 @@ class MacaroonGenerator:
        macaroon = pymacaroons.Macaroon(
            location=self.hs.config.server.server_name,
            identifier="key",
-            key=self.hs.config.macaroon_secret_key,
+            key=self.hs.config.key.macaroon_secret_key,
        )
        macaroon.add_first_party_caveat("gen = 1")
        macaroon.add_first_party_caveat("user_id = %s" % (user_id,))
--- a/synapse/handlers/oidc.py
+++ b/synapse/handlers/oidc.py
@ -277,7 +277,7 @@ class OidcProvider:
        self._token_generator = token_generator

        self._config = provider
-        self._callback_url: str = hs.config.oidc_callback_url
+        self._callback_url: str = hs.config.oidc.oidc_callback_url

        # Calculate the prefix for OIDC callback paths based on the public_baseurl.
        # We'll insert this into the Path= parameter of any session cookies we set.
--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@ -309,7 +309,7 @@ class ProfileHandler(BaseHandler):
    async def on_profile_query(self, args: JsonDict) -> JsonDict:
        """Handles federation profile query requests."""

-        if not self.hs.config.allow_profile_lookup_over_federation:
+        if not self.hs.config.federation.allow_profile_lookup_over_federation:
            raise SynapseError(
                403,
                "Profile lookup over federation is disabled on this homeserver",
--- a/synapse/http/matrixfederationclient.py
+++ b/synapse/http/matrixfederationclient.py
@ -465,8 +465,9 @@ class MatrixFederationHttpClient:
            _sec_timeout = self.default_timeout

        if (
-            self.hs.config.federation_domain_whitelist is not None
-            and request.destination not in self.hs.config.federation_domain_whitelist
+            self.hs.config.federation.federation_domain_whitelist is not None
+            and request.destination
+            not in self.hs.config.federation.federation_domain_whitelist
        ):
            raise FederationDeniedError(request.destination)

--- a/synapse/push/httppusher.py
+++ b/synapse/push/httppusher.py
@ -73,7 +73,9 @@ class HttpPusher(Pusher):
        self.failing_since = pusher_config.failing_since
        self.timed_call: Optional[IDelayedCall] = None
        self._is_processing = False
-        self._group_unread_count_by_room = hs.config.push_group_unread_count_by_room
+        self._group_unread_count_by_room = (
+            hs.config.push.push_group_unread_count_by_room
+        )
        self._pusherpool = hs.get_pusherpool()

        self.data = pusher_config.data
--- a/synapse/rest/client/login.py
+++ b/synapse/rest/client/login.py
@ -69,16 +69,16 @@ class LoginRestServlet(RestServlet):
        self.hs = hs

        # JWT configuration variables.
-        self.jwt_enabled = hs.config.jwt_enabled
-        self.jwt_secret = hs.config.jwt_secret
-        self.jwt_algorithm = hs.config.jwt_algorithm
-        self.jwt_issuer = hs.config.jwt_issuer
-        self.jwt_audiences = hs.config.jwt_audiences
+        self.jwt_enabled = hs.config.jwt.jwt_enabled
+        self.jwt_secret = hs.config.jwt.jwt_secret
+        self.jwt_algorithm = hs.config.jwt.jwt_algorithm
+        self.jwt_issuer = hs.config.jwt.jwt_issuer
+        self.jwt_audiences = hs.config.jwt.jwt_audiences

        # SSO configuration.
        self.saml2_enabled = hs.config.saml2_enabled
        self.cas_enabled = hs.config.cas.cas_enabled
-        self.oidc_enabled = hs.config.oidc_enabled
+        self.oidc_enabled = hs.config.oidc.oidc_enabled
        self._msc2918_enabled = hs.config.access_token_lifetime is not None

        self.auth = hs.get_auth()
--- a/synapse/rest/consent/consent_resource.py
+++ b/synapse/rest/consent/consent_resource.py
@ -100,13 +100,13 @@ class ConsentResource(DirectServeHtmlResource):
            loader=loader, autoescape=jinja2.select_autoescape(["html", "htm", "xml"])
        )

-        if hs.config.form_secret is None:
+        if hs.config.key.form_secret is None:
            raise ConfigError(
                "Consent resource is enabled but form_secret is not set in "
                "config file. It should be set to an arbitrary secret string."
            )

-        self._hmac_secret = hs.config.form_secret.encode("utf-8")
+        self._hmac_secret = hs.config.key.form_secret.encode("utf-8")

    async def _async_render_GET(self, request: Request) -> None:
        version = parse_string(request, "v", default=self._default_consent_version)
--- a/synapse/rest/key/v2/local_key_resource.py
+++ b/synapse/rest/key/v2/local_key_resource.py
@ -70,19 +70,19 @@ class LocalKey(Resource):
        Resource.__init__(self)

    def update_response_body(self, time_now_msec: int) -> None:
-        refresh_interval = self.config.key_refresh_interval
+        refresh_interval = self.config.key.key_refresh_interval
        self.valid_until_ts = int(time_now_msec + refresh_interval)
        self.response_body = encode_canonical_json(self.response_json_object())

    def response_json_object(self) -> JsonDict:
        verify_keys = {}
-        for key in self.config.signing_key:
+        for key in self.config.key.signing_key:
            verify_key_bytes = key.verify_key.encode()
            key_id = "%s:%s" % (key.alg, key.version)
            verify_keys[key_id] = {"key": encode_base64(verify_key_bytes)}

        old_verify_keys = {}
-        for key_id, key in self.config.old_signing_keys.items():
+        for key_id, key in self.config.key.old_signing_keys.items():
            verify_key_bytes = key.encode()
            old_verify_keys[key_id] = {
                "key": encode_base64(verify_key_bytes),
@ -95,13 +95,13 @@ class LocalKey(Resource):
            "verify_keys": verify_keys,
            "old_verify_keys": old_verify_keys,
        }
-        for key in self.config.signing_key:
+        for key in self.config.key.signing_key:
            json_object = sign_json(json_object, self.config.server.server_name, key)
        return json_object

    def render_GET(self, request: Request) -> int:
        time_now = self.clock.time_msec()
        # Update the expiry time if less than half the interval remains.
-        if time_now + self.config.key_refresh_interval / 2 > self.valid_until_ts:
+        if time_now + self.config.key.key_refresh_interval / 2 > self.valid_until_ts:
            self.update_response_body(time_now)
        return respond_with_json_bytes(request, 200, self.response_body)
--- a/synapse/rest/key/v2/remote_key_resource.py
+++ b/synapse/rest/key/v2/remote_key_resource.py
@ -97,7 +97,9 @@ class RemoteKey(DirectServeJsonResource):
        self.fetcher = ServerKeyFetcher(hs)
        self.store = hs.get_datastore()
        self.clock = hs.get_clock()
-        self.federation_domain_whitelist = hs.config.federation_domain_whitelist
+        self.federation_domain_whitelist = (
+            hs.config.federation.federation_domain_whitelist
+        )
        self.config = hs.config

    async def _async_render_GET(self, request: Request) -> None:
@ -235,7 +237,7 @@ class RemoteKey(DirectServeJsonResource):
            signed_keys = []
            for key_json in json_results:
                key_json = json_decoder.decode(key_json.decode("utf-8"))
-                for signing_key in self.config.key_server_signing_keys:
+                for signing_key in self.config.key.key_server_signing_keys:
                    key_json = sign_json(
                        key_json, self.config.server.server_name, signing_key
                    )
--- a/synapse/rest/media/v1/media_repository.py
+++ b/synapse/rest/media/v1/media_repository.py
@ -92,7 +92,9 @@ class MediaRepository:
        self.recently_accessed_remotes: Set[Tuple[str, str]] = set()
        self.recently_accessed_locals: Set[str] = set()

-        self.federation_domain_whitelist = hs.config.federation_domain_whitelist
+        self.federation_domain_whitelist = (
+            hs.config.federation.federation_domain_whitelist
+        )

        # List of StorageProviders where we should search for media and
        # potentially upload to.
--- a/synapse/rest/synapse/client/init.py
+++ b/synapse/rest/synapse/client/init.py
@ -45,7 +45,7 @@ def build_synapse_client_resource_tree(hs: "HomeServer") -> Mapping[str, Resourc

    # provider-specific SSO bits. Only load these if they are enabled, since they
    # rely on optional dependencies.
-    if hs.config.oidc_enabled:
+    if hs.config.oidc.oidc_enabled:
        from synapse.rest.synapse.client.oidc import OIDCResource

        resources["/_synapse/client/oidc"] = OIDCResource(hs)
--- a/synapse/storage/databases/main/roommember.py
+++ b/synapse/storage/databases/main/roommember.py
@ -82,7 +82,7 @@ class RoomMemberWorkerStore(EventsWorkerStore):

        if (
            self.hs.config.worker.run_background_tasks
-            and self.hs.config.metrics_flags.known_servers
+            and self.hs.config.metrics.metrics_flags.known_servers
        ):
            self._known_servers_count = 1
            self.hs.get_clock().looping_call(
--- a/tests/api/test_auth.py
+++ b/tests/api/test_auth.py
@ -217,7 +217,7 @@ class AuthTestCase(unittest.HomeserverTestCase):
        macaroon = pymacaroons.Macaroon(
            location=self.hs.config.server_name,
            identifier="key",
-            key=self.hs.config.macaroon_secret_key,
+            key=self.hs.config.key.macaroon_secret_key,
        )
        macaroon.add_first_party_caveat("gen = 1")
        macaroon.add_first_party_caveat("type = access")
@ -239,7 +239,7 @@ class AuthTestCase(unittest.HomeserverTestCase):
        macaroon = pymacaroons.Macaroon(
            location=self.hs.config.server_name,
            identifier="key",
-            key=self.hs.config.macaroon_secret_key,
+            key=self.hs.config.key.macaroon_secret_key,
        )
        macaroon.add_first_party_caveat("gen = 1")
        macaroon.add_first_party_caveat("type = access")
--- a/tests/app/test_phone_stats_home.py
+++ b/tests/app/test_phone_stats_home.py
@ -172,7 +172,7 @@ class PhoneHomeR30V2TestCase(HomeserverTestCase):

        # We don't want our tests to actually report statistics, so check
        # that it's not enabled
-        assert not hs.config.report_stats
+        assert not hs.config.metrics.report_stats

        # This starts the needed data collection that we rely on to calculate
        # R30v2 metrics.
--- a/tests/config/test_load.py
+++ b/tests/config/test_load.py
@ -52,10 +52,10 @@ class ConfigLoadingTestCase(unittest.TestCase):
            hasattr(config, "macaroon_secret_key"),
            "Want config to have attr macaroon_secret_key",
        )
-        if len(config.macaroon_secret_key) < 5:
+        if len(config.key.macaroon_secret_key) < 5:
            self.fail(
                "Want macaroon secret key to be string of at least length 5,"
-                "was: %r" % (config.macaroon_secret_key,)
+                "was: %r" % (config.key.macaroon_secret_key,)
            )

        config = HomeServerConfig.load_or_generate_config("", ["-c", self.file])
@ -63,10 +63,10 @@ class ConfigLoadingTestCase(unittest.TestCase):
            hasattr(config, "macaroon_secret_key"),
            "Want config to have attr macaroon_secret_key",
        )
-        if len(config.macaroon_secret_key) < 5:
+        if len(config.key.macaroon_secret_key) < 5:
            self.fail(
                "Want macaroon secret key to be string of at least length 5,"
-                "was: %r" % (config.macaroon_secret_key,)
+                "was: %r" % (config.key.macaroon_secret_key,)
            )

    def test_load_succeeds_if_macaroon_secret_key_missing(self):
@ -101,7 +101,7 @@ class ConfigLoadingTestCase(unittest.TestCase):

        # The default Metrics Flags are off by default.
        config = HomeServerConfig.load_config("", ["-c", self.file])
-        self.assertFalse(config.metrics_flags.known_servers)
+        self.assertFalse(config.metrics.metrics_flags.known_servers)

    def generate_config(self):
        with redirect_stdout(StringIO()):
--- a/tests/config/test_ratelimiting.py
+++ b/tests/config/test_ratelimiting.py
@ -30,7 +30,7 @@ class RatelimitConfigTestCase(TestCase):

        config = HomeServerConfig()
        config.parse_config_dict(config_dict, "", "")
-        config_obj = config.rc_federation
+        config_obj = config.ratelimiting.rc_federation

        self.assertEqual(config_obj.window_size, 20000)
        self.assertEqual(config_obj.sleep_limit, 693)
--- a/tests/handlers/test_auth.py
+++ b/tests/handlers/test_auth.py
@ -67,7 +67,7 @@ class AuthTestCase(unittest.HomeserverTestCase):
        v.satisfy_general(verify_type)
        v.satisfy_general(verify_nonce)
        v.satisfy_general(verify_guest)
-        v.verify(macaroon, self.hs.config.macaroon_secret_key)
+        v.verify(macaroon, self.hs.config.key.macaroon_secret_key)

    def test_short_term_login_token_gives_user_id(self):
        token = self.macaroon_generator.generate_short_term_login_token(
--- a/tests/replication/_base.py
+++ b/tests/replication/_base.py
@ -328,7 +328,7 @@ class BaseMultiWorkerStreamTestCase(unittest.HomeserverTestCase):

        # Set up TCP replication between master and the new worker if we don't
        # have Redis support enabled.
-        if not worker_hs.config.redis_enabled:
+        if not worker_hs.config.redis.redis_enabled:
            repl_handler = ReplicationCommandHandler(worker_hs)
            client = ClientReplicationStreamProtocol(
                worker_hs,
--- a/tests/rest/client/test_login.py
+++ b/tests/rest/client/test_login.py
@ -815,9 +815,9 @@ class JWTTestCase(unittest.HomeserverTestCase):

    def make_homeserver(self, reactor, clock):
        self.hs = self.setup_test_homeserver()
-        self.hs.config.jwt_enabled = True
-        self.hs.config.jwt_secret = self.jwt_secret
-        self.hs.config.jwt_algorithm = self.jwt_algorithm
+        self.hs.config.jwt.jwt_enabled = True
+        self.hs.config.jwt.jwt_secret = self.jwt_secret
+        self.hs.config.jwt.jwt_algorithm = self.jwt_algorithm
        return self.hs

    def jwt_encode(self, payload: Dict[str, Any], secret: str = jwt_secret) -> str:
@ -1023,9 +1023,9 @@ class JWTPubKeyTestCase(unittest.HomeserverTestCase):

    def make_homeserver(self, reactor, clock):
        self.hs = self.setup_test_homeserver()
-        self.hs.config.jwt_enabled = True
-        self.hs.config.jwt_secret = self.jwt_pubkey
-        self.hs.config.jwt_algorithm = "RS256"
+        self.hs.config.jwt.jwt_enabled = True
+        self.hs.config.jwt.jwt_secret = self.jwt_pubkey
+        self.hs.config.jwt.jwt_algorithm = "RS256"
        return self.hs

    def jwt_encode(self, payload: Dict[str, Any], secret: str = jwt_privatekey) -> str:
--- a/tests/rest/client/test_register.py
+++ b/tests/rest/client/test_register.py
@ -146,7 +146,7 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):
        self.assertEquals(channel.json_body["errcode"], "M_FORBIDDEN")

    def test_POST_guest_registration(self):
-        self.hs.config.macaroon_secret_key = "test"
+        self.hs.config.key.macaroon_secret_key = "test"
        self.hs.config.allow_guest_access = True

        channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
--- a/tests/storage/test_appservice.py
+++ b/tests/storage/test_appservice.py
@ -513,7 +513,6 @@ class ApplicationServiceStoreConfigTestCase(unittest.TestCase):

        hs.config.appservice.app_service_config_files = [f1, f2]
        hs.config.caches.event_cache_size = 1
-        hs.config.password_providers = []

        with self.assertRaises(ConfigError) as cm:
            database = hs.get_datastores().databases[0]
--- a/tests/util/test_ratelimitutils.py
+++ b/tests/util/test_ratelimitutils.py
@ -95,4 +95,4 @@ def build_rc_config(settings: Optional[dict] = None):
    config_dict.update(settings or {})
    config = HomeServerConfig()
    config.parse_config_dict(config_dict, "", "")
-    return config.rc_federation
+    return config.ratelimiting.rc_federation