Commit Graph

88 Commits

Author SHA1 Message Date
Simon Ser
24cae474db Add support for PAM authentication 2023-01-30 11:55:43 +01:00
Simon Ser
ca2d666056 Auto-create users after external auth when enable-user-on-auth is on 2023-01-30 11:53:01 +01:00
Simon Ser
22a88079c2 Add support for external OAuth 2.0 authentication 2023-01-30 11:53:01 +01:00
Simon Ser
63ca247354 Add infrastructure for external authentication 2023-01-30 11:53:01 +01:00
Simon Ser
979fb319fe service: add -disable-password
This can be used to disable password authentication for a user.
This is useful to prevent a disabled user account from being
auto-enabled when enable-user-on-auth is on.
2023-01-26 20:03:37 +01:00
Simon Ser
db49bc120f Add enable-user-on-auth config directive 2023-01-26 19:51:35 +01:00
Simon Ser
9df9880301 Add disable-inactive-user config option
This can be used to automatically disable users if they don't
actively use the bouncer for a while.
2023-01-26 19:42:29 +01:00
Simon Ser
d7d9d45b45 Add a flag to disable users
Add a new flag to disable users. This can be useful to temporarily
deactivate an account without erasing data.

The user goroutine is kept alive for simplicity's sake. Most of the
infrastructure assumes that each user always has a running goroutine.
A disabled user's goroutine is responsible for sending back an error
to downstream connections, and listening for potential events to
re-enable the account.
2023-01-26 18:33:55 +01:00
delthas
959baa964f service: add user status
This lists all the users of the instances, along with the number
of networks they have.

Limited to 50 users to avoid flooding with thousands of messages
on large instances.
2023-01-18 16:24:12 +01:00
Simon Ser
bdb470484f doc: add "user run" to man page 2023-01-18 16:04:54 +01:00
Simon Ser
6734c5f8f0 doc: document command parsing rules for the service 2023-01-09 18:31:19 +01:00
rj1
be185fba33 Implement TLS fingerprint pinning
Closes: https://todo.sr.ht/~emersion/soju/56
2022-12-16 17:44:14 +01:00
Simon Ser
0edf3a40c2 service: add channel delete command 2022-12-08 16:00:00 +01:00
Sandra Snan
87b2d32682 Be more clear that -connect-command needs quotes 2022-11-28 15:10:39 +01:00
zsrv
926dcb37ac Make the auto-away functionality configurable 2022-09-26 19:52:07 +02:00
Simon Ser
dde4ee9518 config: drop multi-upstream-mode 2022-09-26 16:57:05 +02:00
Simon Ser
085f5c17a4 doc: drop multi-upstream mode bits 2022-09-26 16:57:05 +02:00
gildarts
0777ca0d29 Add ability for a user to delete themselves
Adds user self delete
Adds confirmation of user deletion
2022-07-12 18:14:11 +02:00
Simon Ser
dc0a847240 Add per-user default nickname
The soju username is immutable. Add a separate nickname setting so
that users can change their nickname for all networks.

References: https://todo.sr.ht/~emersion/soju/110
2022-07-08 18:01:05 +02:00
gildarts
4bc9aaf659 Add detach option to channel update
Add `-detached` to `channel update` command

Co-authored-by: Simon Ser <contact@emersion.fr>
Closes: https://todo.sr.ht/~emersion/soju/140
2022-06-24 22:04:12 +02:00
Simon Ser
e2e232fa9c config: add message-store memory
The old way to do this was `message-store fs ""`, which is
misleading.
2022-05-09 16:59:27 +02:00
Simon Ser
80ed0d2a6c Rename "log" config directive to "message-store"
This is more explicit and removes the ambiguity with error logging.
2022-05-09 16:41:41 +02:00
Simon Ser
86f08ec35d doc/soju.1: fix syntax error 2022-03-21 16:11:11 +01:00
delthas
2ac9bd9c94 Require an explicit * network suffix for multi-upstream
Most users will connect to their server with `<username>` as their
username in order to configure their upstreams.

Multi-upstream can be unintuitive to them and should not be enabled on
that first connection that is usually used for upstream configuration.

Multi-upstream is instead a power-user feature that should be explicitly
enabled with a specific network suffix.

We reserve the network suffix `*` and use it a special case to mean that
it requests multi-upstream mode.
2022-03-21 09:56:20 +01:00
Simon Ser
5feae506d4 doc/soju.1: recommend using a FQDN for the hostname 2022-03-15 23:01:08 +01:00
Simon Ser
3f91cfb8c3 service: make name arg optional for network commands
Makes commands less verbose.
2022-02-07 21:33:16 +01:00
Simon Ser
57715d8ce2 service: switch to -network flag for certfp and sasl commands
Instead of always requiring users to explicitly specify the network
name, guess it from the downstream connection.

Network commands are left as-is because it's not yet clear how to
handle them.
2022-02-04 16:47:34 +01:00
Simon Ser
43c440e600 Add "sasl status" command 2021-12-01 11:03:27 +01:00
Simon Ser
e42b507377 doc/soju.1: add network create example 2021-11-30 09:26:07 +01:00
Simon Ser
d722f56000 Add pprof HTTP server
This enables production debugging of the bouncer.

Closes: https://todo.sr.ht/~emersion/soju/155
2021-11-17 16:18:52 +01:00
Simon Ser
8f8d7aab0e Add basic Prometheus metrics exporter
This only exports the default metrics for now.

References: https://todo.sr.ht/~emersion/soju/142
2021-11-17 15:58:18 +01:00
Simon Ser
55840312b4 Add per-user IP addresses
The new upstream-user-ip directive allows bouncer operators to
assign one IP address per user.
2021-11-17 15:07:58 +01:00
Simon Ser
3941f67380 Add config option to globally disable multi-upstream mode
Closes: https://todo.sr.ht/~emersion/soju/122
2021-11-17 11:41:11 +01:00
Simon Ser
73295e4fa7 Allow most config options to be reloaded
Closes: https://todo.sr.ht/~emersion/soju/42
2021-11-16 00:38:04 +01:00
Simon Ser
07c962018d Add title config option
Closes: https://todo.sr.ht/~emersion/soju/146
2021-11-02 22:38:07 +01:00
Simon Ser
a9a066faac Add bouncer MOTD
Closes: https://todo.sr.ht/~emersion/soju/137
2021-10-13 10:58:34 +02:00
Simon Ser
c8aba6286f doc.soju.1: fix typo and improve formatting for "certfp generate" 2021-10-12 21:34:25 +02:00
Simon Ser
8ef2de196d doc/soju.1: add descriptions for all flags for "user create" 2021-10-12 21:31:12 +02:00
Simon Ser
96f8751e3d doc/soju.1: use angle-brackets for URL
Helps a bit terminal emulators to recognize the link.
2021-10-12 21:27:48 +02:00
Simon Ser
4e9ddf78ab service: allow updating other users 2021-10-12 09:11:14 +02:00
Hubert Hirtz
6e06663615 PostgreSQL support 2021-10-11 15:21:04 +02:00
Simon Ser
5a2d6246ec Add "server notice" command 2021-10-08 10:52:03 +02:00
Simon Ser
94dbfff11d Add max-user-networks config option 2021-10-07 20:43:10 +02:00
Simon Ser
9f021ba9a9 doc/soju.1: mention that accept-proxy-ip affects PROXY proto 2021-10-07 20:04:20 +02:00
Simon Ser
f93616fb41 Add "server status" command
Right now, it prints the number of active users and number of
downstream connections.
2021-10-05 19:13:53 +02:00
delthas
896caebfcf service: Introduce network quote
This command enables sending a raw line to a specific network.
2021-07-07 10:34:46 +02:00
Simon Ser
00538e7028 doc/soju.1: improve "user create" docs 2021-06-28 16:55:49 +02:00
Simon Ser
09b04792b9 Merge "change-password" into "user update"
Add a -password flag to the "user update" command.
2021-06-28 16:55:44 +02:00
Simon Ser
a14f646135 Add per-user realname setting
This allows users to set a default realname used if the per-network
realname isn't set.

A new "user update" command is introduced and can be extended to edit
other user properties and other users in the future.
2021-06-25 20:33:13 +02:00
Simon Ser
089608409e doc/soju.1: document bouncer-wide broadcasts 2021-06-23 19:30:47 +02:00