tanggen 2 years ago
commit
dd9b7d97ae
100 changed files with 9891 additions and 0 deletions
  1. 90 0
      CODE_STYLE.md
  2. 48 0
      CONTRIBUTING.md
  3. 140 0
      DESIGN.md
  4. 15 0
      Dockerfile
  5. 13 0
      Dockerfile-release
  6. 255 0
      INSTALL.md
  7. 177 0
      LICENSE
  8. 24 0
      README.md
  9. 192 0
      WIRING.md
  10. 15 0
      build.bat
  11. 29 0
      build.sh
  12. 48 0
      config/as-registration.tmpl
  13. 17 0
      config/as-registration.yaml
  14. 48 0
      config/as-registration2.tmpl
  15. 18 0
      config/as-registration2.yaml
  16. 173 0
      config/dendrite-release.yaml
  17. 350 0
      config/dendrite.tmpl
  18. 295 0
      config/dendrite.yaml
  19. 385 0
      config/env.sh
  20. 60 0
      config/fed-local-test-env.sh
  21. 163 0
      config/gfam.yaml
  22. 675 0
      config/pgpool.conf
  23. 67 0
      config/pool_hba.conf
  24. 1 0
      config/pool_passwd
  25. 69 0
      demo.yaml
  26. 195 0
      docker-compose-cluster.yml
  27. 47 0
      docker-compose-dbs.yml
  28. 124 0
      docker-compose-dendrite-inner.yml
  29. 89 0
      docker-compose-dendrite.yml
  30. 100 0
      docker-compose-dev.yml
  31. 61 0
      docker-compose-gateway.yml
  32. 108 0
      docker-compose-kafka-cluster.yml
  33. 19 0
      docker-compose-kafka.yml
  34. 107 0
      docker-compose-local.yml
  35. 30 0
      docker-compose-monitor.yml
  36. 6 0
      docker-compose-nats.yml
  37. 9 0
      docker-compose-redis.yml
  38. 41 0
      docker-compose-synapse.yml
  39. 152 0
      docker-compose.yml
  40. 10 0
      docker/Dockerfile
  41. 3 0
      docker/Dockerfile.pg
  42. 6 0
      docker/Dockerfile.redis
  43. 101 0
      docker/README.md
  44. 18 0
      docker/build.sh
  45. 133 0
      docker/dendrite-docker.yml
  46. 186 0
      docker/docker-compose.yml
  47. 11 0
      docker/postgres/clear.sh
  48. 56 0
      docker/postgres/initdb.sh
  49. 67 0
      docker/postgres/sqls/account.sql
  50. 14 0
      docker/postgres/sqls/application.sql
  51. 23 0
      docker/postgres/sqls/device.sql
  52. 38 0
      docker/postgres/sqls/encryptapi.sql
  53. 33 0
      docker/postgres/sqls/federationsender.sql
  54. 11 0
      docker/postgres/sqls/presence.sql
  55. 27 0
      docker/postgres/sqls/publicroomapi.sql
  56. 40 0
      docker/postgres/sqls/pushapi.sql
  57. 93 0
      docker/postgres/sqls/roomserver.sql
  58. 20 0
      docker/postgres/sqls/serverkey.sql
  59. 147 0
      docker/postgres/sqls/syncapi.sql
  60. 1293 0
      docker/redis/redis.conf
  61. 10 0
      docker/services/client-api-proxy.sh
  62. 5 0
      docker/services/client-api.sh
  63. 7 0
      docker/services/federation-api-proxy.sh
  64. 5 0
      docker/services/federation-api.sh
  65. 5 0
      docker/services/federation-sender.sh
  66. 5 0
      docker/services/media-api.sh
  67. 5 0
      docker/services/monolith.sh
  68. 5 0
      docker/services/public-rooms-api.sh
  69. 5 0
      docker/services/push-api.sh
  70. 5 0
      docker/services/room-server.sh
  71. 5 0
      docker/services/sync-api.sh
  72. 12 0
      docs/appservice.md
  73. 112 0
      docs/opentracing.md
  74. 59 0
      docs/structures.go
  75. 112 0
      docs/synapse.txt
  76. 101 0
      fed-test/fed1/docker-compose-env1.yml
  77. 36 0
      fed-test/fed1/docker-compose-fed1.yml
  78. 101 0
      fed-test/fed2/docker-compose-env2.yml
  79. 37 0
      fed-test/fed2/docker-compose-fed2.yml
  80. 5 0
      hooks/install.sh
  81. 22 0
      hooks/pre-commit
  82. 18 0
      init-user-db.sh
  83. 13 0
      jenkins/prepare-dendrite.sh
  84. 35 0
      jenkins/test-monolith.sh
  85. 16 0
      linter-fast.json
  86. 21 0
      linter.json
  87. 2 0
      monitor/grafana/config.monitoring
  88. 11 0
      monitor/grafana/provisioning/dashboards/dashboard.yml
  89. 2205 0
      monitor/grafana/provisioning/dashboards/dendrite-1533869756555.json
  90. 50 0
      monitor/grafana/provisioning/datasources/datasource.yml
  91. 36 0
      monitor/prometheus/prometheus.yml
  92. 4 0
      run-cache-loader.sh
  93. 8 0
      run-fed-local-test1.sh
  94. 8 0
      run-fed-local-test2.sh
  95. 4 0
      run-front-server.sh
  96. 4 0
      run-migration.sh
  97. 4 0
      run-persist-server.sh
  98. 4 0
      run-push-sender.sh
  99. 4 0
      run-pushapi-server.sh
  100. 0 0
      run-sync-server.sh

+ 90 - 0
CODE_STYLE.md

@@ -0,0 +1,90 @@
+# Code Style
+
+We follow the standard Go style using gofmt, but with a few extra
+considerations.
+
+## Linters
+
+We use `gometalinter` to run a number of linters, the exact list can be found
+in [linter.json](linter.json). Some of these are slow and expensive to run, but
+a subset can be found in [linter-fast.json](linter-fast.json) that run quickly
+enough to be run as part of an IDE.
+
+For rare cases where a linter is giving a spurious warning, it can be disabled
+for that line or statement using a [comment directive](https://github.com/alecthomas/gometalinter#comment-directives), e.g.
+`// nolint: gocyclo`. This should be used sparingly and only when its clear
+that the lint warning is spurious.
+
+The linters are vendored, and can be run using [scripts/find-lint.sh](scripts/find-lint.sh)
+(see file for docs) or as part of a build/test/lint cycle using
+[scripts/build-test-lint.sh](scripts/build-test-lint.sh).
+
+
+## HTTP Error Handling
+
+Unfortunately, converting errors into HTTP responses with the correct status
+code and message can be done in a number of ways in golang:
+
+1. Having functions return `JSONResponse` directly, which can then either set
+   it to an error response or a `200 OK`.
+2. Have the HTTP handler try and cast error values to types that are handled
+   differently.
+3. Have the HTTP handler call functions whose errors can only be interpreted
+   one way, for example if a `validate(...)` call returns an error then handler
+   knows to respond with a `400 Bad Request`.
+
+We attempt to always use option #3, as it more naturally fits with the way that
+golang generally does error handling. In particular, option #1 effectively
+requires reinventing a new error handling scheme just for HTTP handlers.
+
+
+## Line length
+
+We strive for a line length of roughly 80 characters, though less than 100 is
+acceptable if necessary. Longer lines are fine if there is nothing of interest
+after the first 80-100 characters (e.g. long string literals).
+
+
+## TODOs and FIXMEs
+
+The majority of TODOs and FIXMEs should have an associated tracking issue on
+github. These can be added just before merging of the PR to master, and the
+issue number should be added to the comment, e.g. `// TODO(#324): ...`
+
+
+## Logging
+
+We generally prefer to log with static log messages and include any dynamic
+information in fields.
+
+```golang
+logger := util.GetLogger(ctx)
+
+// Not recommended
+logger.Infof("Finished processing keys for %s, number of keys %d", name, numKeys)
+
+// Recommended
+logger.WithFields(logrus.Fields{
+    "numberOfKeys": numKeys,
+    "entityName":   name,
+}).Info("Finished processing keys")
+```
+
+This is useful when logging to systems that natively understand log fields, as
+it allows people to search and process the fields without having to parse the
+log message.
+
+
+## Visual Studio Code
+
+If you use VSCode then the following is an example of a workspace setting that
+sets up linting correctly:
+
+```json
+{
+    "go.gopath": "${workspaceRoot}:${workspaceRoot}/vendor",
+    "go.lintOnSave": "workspace",
+    "go.lintTool": "gometalinter",
+    "go.lintFlags": ["--config=linter-fast.json", "--concurrency=5"]
+}
+```

+ 48 - 0
CONTRIBUTING.md

@@ -0,0 +1,48 @@
+# Contributing to Dendrite
+
+Everyone is welcome to contribute to Dendrite! We aim to make it as easy as
+possible to get started.
+
+Please ensure that you sign off your contributions! See [Sign Off](#sign-off)
+section below.
+
+## Getting up and running
+
+See [INSTALL.md](INSTALL.md) for instructions on setting up a running dev
+instance of dendrite, and [CODE_STYLE.md](CODE_STYLE.md) for the code style
+guide.
+
+We use `gb` for managing our dependencies, so `gb build` and `gb test` is how
+to build dendrite and run the unit tests respectively. Be aware that a list of
+all dendrite packages is the expected output for all tests succeeding with `gb
+test`. There are also [scripts](scripts) for [linting](scripts/find-lint.sh)
+and doing a [build/test/lint run](scripts/build-test-lint.sh).
+
+
+## Picking Things To Do
+
+If you're new then feel free to pick up an issue labelled [good first issue](https://github.com/matrix-org/dendrite/labels/good%20first%20issue).
+These should be well-contained, small pieces of work that can be picked up to
+help you get familiar with the code base.
+
+Once you're comfortable with hacking on Dendrite there are issues lablled as
+[help wanted](https://github.com/matrix-org/dendrite/labels/help%20wanted), these
+are often slightly larger or more complicated pieces of work but are hopefully
+nonetheless fairly well-contained.
+
+We ask people who are familiar with Dendrite to leave the [good first issue](https://github.com/matrix-org/dendrite/labels/good%20first%20issue)
+issues so that there is always a way for new people to come and get involved.
+
+## Getting Help
+
+For questions related to developing on Dendrite we have a dedicated room on
+Matrix [#dendrite-dev:matrix.org](https://riot.im/develop/#/room/#dendrite-dev:matrix.org)
+where we're happy to help.
+
+For more general questions please use [#dendrite:matrix.org](https://riot.im/develop/#/room/#dendrite:matrix.org).
+
+## Sign off
+
+We ask that everyone who contributes to the project signs off their
+contributions, in accordance with the [DCO](https://github.com/matrix-org/matrix-doc/blob/master/CONTRIBUTING.rst#sign-off).
+

+ 140 - 0
DESIGN.md

@@ -0,0 +1,140 @@
+# Design
+
+## Log Based Architecture
+
+### Decomposition and Decoupling
+
+A matrix homeserver can be built around append-only event logs built from the
+messages, receipts, presence, typing notifications, device messages and other
+events sent by users on the homeservers or by other homeservers.
+
+The server would then decompose into two categories: writers that add new
+entries to the logs and readers that read those entries.
+
+The event logs then serve to decouple the two components, the writers and
+readers need only agree on the format of the entries in the event log.
+This format could be largely derived from the wire format of the events used
+in the client and federation protocols:
+
+
+     C-S API   +---------+    Event Log    +---------+   C-S API
+    ---------> |         |+  (e.g. kafka)  |         |+ --------->
+               | Writers || =============> | Readers ||
+    ---------> |         ||                |         || --------->
+     S-S API   +---------+|                +---------+|   S-S API
+                +---------+                 +---------+
+
+However the way matrix handles state events in a room creates a few
+complications for this model.
+
+ 1) Writers require the room state at an event to check if it is allowed.
+ 2) Readers require the room state at an event to determine the users and
+    servers that are allowed to see the event.
+ 3) A client can query the current state of the room from a reader.
+
+The writers and readers cannot extract the necessary information directly from
+the event logs because it would take too long to extract the information as the
+state is built up by collecting individual state events from the event history.
+
+The writers and readers therefore need access to something that stores copies
+of the event state in a form that can be efficiently queried. One possibility
+would be for the readers and writers to maintain copies of the current state
+in local databases. A second possibility would be to add a dedicated component
+that maintained the state of the room and exposed an API that the readers and
+writers could query to get the state. The second has the advantage that the
+state is calculated and stored in a single location.
+
+
+     C-S API   +---------+    Log   +--------+   Log   +---------+   C-S API
+    ---------> |         |+ ======> |        | ======> |         |+ --------->
+               | Writers ||         |  Room  |         | Readers ||
+    ---------> |         || <------ | Server | ------> |         || --------->
+     S-S API   +---------+|  Query  |        |  Query  +---------+|  S-S API
+                +---------+         +--------+          +---------+
+
+
+The room server can annotate the events it logs to the readers with room state
+so that the readers can avoid querying the room server unnecessarily.
+
+[This architecture can be extended to cover most of the APIs.](WIRING.md)
+
+## How things are supposed to work.
+
+### Local client sends an event in an existing room.
+
+  0) The client sends a PUT `/_matrix/client/r0/rooms/{roomId}/send` request
+    and an HTTP loadbalancer routes the request to a ClientAPI.
+
+  1) The ClientAPI:
+
+    * Authenticates the local user using the `access_token` sent in the HTTP
+      request.
+    * Checks if it has already processed or is processing a request with the
+      same `txnID`.
+    * Calculates which state events are needed to auth the request.
+    * Queries the necessary state events and the latest events in the room
+      from the RoomServer.
+    * Confirms that the room exists and checks whether the event is allowed by
+      the auth checks.
+    * Builds and signs the events.
+    * Writes the event to a "InputRoomEvent" kafka topic.
+    * Send a `200 OK` response to the client.
+
+  2) The RoomServer reads the event from "InputRoomEvent" kafka topic:
+
+    * Checks if it has already has a copy of the event.
+    * Checks if the event is allowed by the auth checks using the auth events
+      at the event.
+    * Calculates the room state at the event.
+    * Works out what the latest events in the room after processing this event
+      are.
+    * Calculate how the changes in the latest events affect the current state
+      of the room.
+    * TODO: Workout what events determine the visibility of this event to other
+      users
+    * Writes the event along with the changes in current state to an
+      "OutputRoomEvent" kafka topic. It writes all the events for a room to
+      the same kafka partition.
+
+  3a) The ClientSync reads the event from the "OutputRoomEvent" kafka topic:
+
+    * Updates its copy of the current state for the room.
+    * Works out which users need to be notified about the event.
+    * Wakes up any pending `/_matrix/client/r0/sync` requests for those users.
+    * Adds the event to the recent timeline events for the room.
+
+  3b) The FederationSender reads the event from the "OutputRoomEvent" kafka topic:
+
+    * Updates its copy of the current state for the room.
+    * Works out which remote servers need to be notified about the event.
+    * Sends a `/_matrix/federation/v1/send` request to those servers.
+    * Or if there is a request in progress then add the event to a queue to be
+      sent when the previous request finishes.
+
+### Remote server sends an event in an existing room.
+
+  0) The remote server sends a `PUT /_matrix/federation/v1/send` request and an
+    HTTP loadbalancer routes the request to a FederationReceiver.
+
+  1) The FederationReceiver:
+
+    * Authenticates the remote server using the "X-Matrix" authorisation header.
+    * Checks if it has already processed or is processing a request with the
+      same `txnID`.
+    * Checks the signatures for the events.
+      Fetches the ed25519 keys for the event senders if necessary.
+    * Queries the RoomServer for a copy of the state of the room at each event.
+    * If the RoomServer doesn't know the state of the room at an event then
+      query the state of the room at the event from the remote server using
+      `GET /_matrix/federation/v1/state_ids` falling back to
+      `GET /_matrix/federation/v1/state` if necessary.
+    * Once the state at each event is known check whether the events are
+      allowed by the auth checks against the state at each event.
+    * For each event that is allowed write the event to the "InputRoomEvent"
+      kafka topic.
+    * Send a 200 OK response to the remote server listing which events were
+      successfully processed and which events failed
+
+  2) The RoomServer processes the event the same as it would a local event.
+
+  3a) The ClientSync processes the event the same as it would a local event.

+ 15 - 0
Dockerfile

@@ -0,0 +1,15 @@
+FROM docker.finogeeks.club/finochat/dendrite_runtime
+
+RUN mkdir -p /mnt/data/logs
+RUN mkdir -p /opt/dendrite/log
+ENV LOG_DIR=/mnt/data/logs
+
+ADD ./config /opt/dendrite/config
+ADD ./bin /opt/dendrite/bin
+ADD ./start.sh /opt/dendrite/start.sh
+
+#EXPOSE 8008 8448 7000
+EXPOSE 8008 8448 7000 18008 18448
+
+WORKDIR /opt/dendrite
+CMD ./start.sh

+ 13 - 0
Dockerfile-release

@@ -0,0 +1,13 @@
+FROM docker.finogeeks.club/base/alpine
+
+RUN mkdir -p /opt/dendrite/log
+ENV LOG_DIR=/opt/dendrite/log
+
+ADD ./config /opt/dendrite/config
+ADD ./bin /opt/dendrite/bin
+
+EXPOSE 8008 8448
+
+WORKDIR /opt/dendrite
+CMD ./bin/dendrite-monolith-server --config=./config/dendrite-release.yaml --tls-cert=./config/server.crt --tls-key=./config/server.key >> /opt/dendrite/log/out.log 2>&1
+#CMD ./bin/dendrite-monolith-server --config=./config/dendrite-test.yaml --tls-cert=./config/server.crt --tls-key=./config/server.key >> /dev/null 2>&1

+ 255 - 0
INSTALL.md

@@ -0,0 +1,255 @@
+# Installing Dendrite
+
+Dendrite can be run in one of two configurations:
+
+ * A cluster of individual components, dealing with different aspects of the
+   Matrix protocol (see [WIRING.md](./WIRING.md)). Components communicate with
+   one another via [Apache Kafka](https://kafka.apache.org).
+
+ * A monolith server, in which all components run in the same process. In this
+   configuration, Kafka can be replaced with an in-process implementation
+   called [naffka](https://github.com/matrix-org/naffka).
+
+## Requirements
+
+ - Go 1.8+
+ - Postgres 9.5+
+ - For Kafka (optional if using the monolith server):
+   - Unix-based system (https://kafka.apache.org/documentation/#os)
+   - JDK 1.8+ / OpenJDK 1.8+
+   - Apache Kafka 0.10.2+ (see [scripts/install-local-kafka.sh](scripts/install-local-kafka.sh) for up-to-date version numbers)
+
+
+## Setting up a development environment
+
+Assumes Go 1.8 and JDK 1.8 are already installed and are on PATH.
+
+```bash
+# Get the code
+git clone https://github.com/matrix-org/dendrite
+cd dendrite
+
+# Build it
+go get github.com/constabulary/gb/...
+gb build
+```
+
+If using Kafka, install and start it (c.f. [scripts/install-local-kafka.sh](scripts/install-local-kafka.sh)):
+```bash
+MIRROR=http://apache.mirror.anlx.net/kafka/0.10.2.0/kafka_2.11-0.10.2.0.tgz
+
+# Only download the kafka if it isn't already downloaded.
+test -f kafka.tgz || wget $MIRROR -O kafka.tgz
+# Unpack the kafka over the top of any existing installation
+mkdir -p kafka && tar xzf kafka.tgz -C kafka --strip-components 1
+
+# Start the zookeeper running in the background.
+# By default the zookeeper listens on localhost:2181
+kafka/bin/zookeeper-server-start.sh -daemon kafka/config/zookeeper.properties
+
+# Start the kafka server running in the background.
+# By default the kafka listens on localhost:9092
+kafka/bin/kafka-server-start.sh -daemon kafka/config/server.properties
+```
+
+On MacOS, you can use [homebrew](https://brew.sh/) for easier setup of kafka
+
+```bash
+brew install kafka
+brew services start zookeeper
+brew services start kafka
+```
+
+## Configuration
+
+### Postgres database setup
+
+Dendrite requires a postgres database engine, version 9.5 or later.
+
+* Create role:
+  ```bash
+  sudo -u postgres createuser -P dendrite     # prompts for password
+  ```
+* Create databases:
+  ```bash
+  for i in account device mediaapi syncapi roomserver serverkey federationsender publicroomsapi naffka; do
+      sudo -u postgres createdb -O dendrite dendrite_$i
+  done
+  ```
+
+(On macOS, omit `sudo -u postgres` from the above commands.)
+
+### Crypto key generation
+
+Generate the keys:
+
+```bash
+# Generate a self-signed SSL cert for federation:
+test -f server.key || openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 3650 -nodes -subj /CN=localhost
+
+# generate ed25519 signing key
+test -f matrix_key.pem || ./bin/generate-keys -private-key matrix_key.pem
+```
+
+### Configuration
+
+Create config file, based on `dendrite-config.yaml`. Call it `dendrite.yaml`. Things that will need editing include *at least*:
+* `server_name`
+* `database/*`
+
+
+## Starting a monolith server
+
+It is possible to use 'naffka' as an in-process replacement to Kafka when using
+the monolith server. To do this, set `use_naffka: true` in `dendrite.yaml`.
+
+The monolith server can be started as shown below. By default it listens for
+HTTP connections on port 8008, so point your client at
+`http://localhost:8008`. If you set `--tls-cert` and `--tls-key` as shown
+below, it will also listen for HTTPS connections on port 8448.
+
+```bash
+./bin/dendrite-monolith-server --tls-cert=server.crt --tls-key=server.key
+```
+
+## Starting a multiprocess server
+
+The following contains scripts which will run all the required processes in order to point a Matrix client at Dendrite. Conceptually, you are wiring together to form the following diagram:
+
+```
+
+                                         /media   +---------------------------+
+                      +----------->+------------->| dendrite-media-api-server |
+                      ^            ^              +---------------------------+
+                      |            |            :7774
+                      |            |
+                      |            |
+                      |            |   /directory +----------------------------------+
+                      |            |   +--------->| dendrite-public-rooms-api-server |<========++
+                      |            |   |          +----------------------------------+         ||
+                      |            |   |        :7775    |                                     ||
+                      |            |   |    +<-----------+                                     ||
+                      |            |   |    |                                                  ||
+                      |            |   | /sync    +--------------------------+                 ||
+                      |            |   +--------->| dendrite-sync-api-server |<================++
+                      |            |   |    |     +--------------------------+                 ||
+                      |            |   |    |   :7773    |         ^^                          ||
+Matrix      +------------------+   |   |    |            |         ||    client_data           ||
+Clients --->| client-api-proxy |-------+    +<-----------+         ++=============++           ||
+            +------------------+   |   |    |                                     ||           ||
+          :8008                    |   | CS API   +----------------------------+  ||           ||
+                                   |   +--------->| dendrite-client-api-server |==++           ||
+                                   |        |     +----------------------------+               ||
+                                   |        |   :7771    |                                     ||
+                                   |        |            |                                     ||
+                                   |        +<-----------+                                     ||
+                                   |        |                                                  ||
+                                   |        |                                                  ||
+                                   |        |           +----------------------+    room_event ||
+                                   |        +---------->| dendrite-room-server |===============++
+                                   |        |           +----------------------+               ||
+                                   |        |         :7770                                    ||
+                                   |        |                      ++==========================++
+                                   |        +<------------+        ||
+                                   |        |             |        VV
+                                   |        |     +-----------------------------------+              Matrix
+                                   |        |     | dendrite-federation-sender-server |------------> Servers
+                                   |        |     +-----------------------------------+
+                                   |        |   :7776
+                                   |        |
+                       +---------->+        +<-----------+
+                       |                                 |
+Matrix      +----------------------+  SS API  +--------------------------------+
+Servers --->| federation-api-proxy |--------->| dendrite-federation-api-server |
+            +----------------------+          +--------------------------------+
+          :8448                             :7772
+
+
+   A --> B  = HTTP requests (A = client, B = server)
+   A ==> B  = Kafka (A = producer, B = consumer)
+```
+
+### Run a client api proxy
+
+This is what Matrix clients will talk to. If you use the script below, point your client at `http://localhost:8008`.
+
+```bash
+./bin/client-api-proxy \
+--bind-address ":8008" \
+--client-api-server-url "http://localhost:7771" \
+--sync-api-server-url "http://localhost:7773" \
+--media-api-server-url "http://localhost:7774" \
+--public-rooms-api-server-url "http://localhost:7775" \
+```
+
+### Run a client api
+
+This is what implements message sending. Clients talk to this via the proxy in order to send messages.
+
+```bash
+./bin/dendrite-client-api-server --config=dendrite.yaml
+```
+
+(If this fails with `pq: syntax error at or near "ON"`, check you are using at least postgres 9.5.)
+
+### Run a room server
+
+This is what implements the room DAG. Clients do not talk to this.
+
+```bash
+./bin/dendrite-room-server --config=dendrite.yaml
+```
+
+### Run a sync server
+
+This is what implements `/sync` requests. Clients talk to this via the proxy in order to receive messages.
+
+```bash
+./bin/dendrite-sync-api-server --config dendrite.yaml
+```
+
+### Run a media server
+
+This implements `/media` requests. Clients talk to this via the proxy in order to upload and retrieve media.
+
+```bash
+./bin/dendrite-media-api-server --config dendrite.yaml
+```
+
+### Run public room server
+
+This implements `/directory` requests. Clients talk to this via the proxy in order to retrieve room directory listings.
+
+```bash
+./bin/dendrite-public-rooms-api-server --config dendrite.yaml
+```
+
+### Run a federation api proxy
+
+This is what Matrix servers will talk to. This is only required if you want to support federation.
+
+```bash
+./bin/federation-api-proxy \
+--bind-address ":8448" \
+--federation-api-url "http://localhost:7772" \
+--media-api-server-url "http://localhost:7774" \
+```
+
+### Run a federation api server
+
+This implements federation requests. Servers talk to this via the proxy in
+order to send transactions.  This is only required if you want to support
+federation.
+
+```bash
+./bin/dendrite-federation-api-server --config dendrite.yaml
+```
+
+### Run a federation sender server
+
+This sends events from our users to other servers.  This is only required if
+you want to support federation.
+
+```bash
+./bin/dendrite-federation-sender-server --config dendrite.yaml
+```

+ 177 - 0
LICENSE

@@ -0,0 +1,177 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS

+ 24 - 0
README.md

@@ -0,0 +1,24 @@
+[![Build Status](https://drone.finogeeks.club/api/badges/finochat/dendrite/status.svg)](https://drone.finogeeks.club/finochat/dendrite)
+# dendrite
+
+树枝晶,越王勾践剑的微观纹路,finochat的聊天消息基站
+
+# 配置文件
+config/dendrite-env.yaml
+
+# 开发运行
+*  编译
+`./build.sh`
+* 运行
+`./run.sh`
+
+# 测试环境启动
+在docker-compose.yml文件所在目录执行
+
+`docker-compose up -d `
+
+# 测试
+curl http://localhost:8008/_matrix/client/versions
+
+# 接口测试
+* matrix-api-test: [@report](https://case.finogeeks.club/finochat/reports/matrix-api-reports/Report.html)

+ 192 - 0
WIRING.md

@@ -0,0 +1,192 @@
+# Wiring
+
+The diagram is incomplete. The following things aren't shown on the diagram:
+
+ - [ ] Device Messages
+ - [ ] User Profiles
+ - [ ] Notification Counts
+ - [ ] Sending federation.
+ - [ ] Querying federation.
+ - [ ] Other things that aren't shown on the diagram.
+
+Diagram:
+
+
+    W -> Writer
+    S -> Server/Store/Service/Something/Stuff
+    R -> Reader
+
+               +---+                                                    +---+                              +---+
+    +----------| W |                                         +----------| S |                     +--------| R |
+    |          +---+                                         | Receipts +---+                     | Client +---+
+    | Federation |>=========================================>| Server     |>=====================>| Sync     |
+    | Receiver   |                                           |            |                       |          |
+    |            |                                 +---+     |            |                       |          |
+    |            |                        +--------| W |     |            |                       |          |
+    |            |                        | Client +---+     |            |                       |          |
+    |            |                        | Receipt  |>=====>|            |                       |          |
+    |            |                        | Updater  |       |            |                       |          |
+    |            |                        +----------+       |            |                       |          |
+    |            |                                           |            |                       |          |
+    |            |                +---+            +---+     |            |                +---+  |          |
+    |            |   +------------| W |     +------| S |     |            |       +--------| R |  |          |
+    |            |   | Federation +---+     | Room +---+     |            |       | Client +---+  |          |
+    |            |   | Backfill     |>=====>| Server |>=====>|            |>=====>| Push     |    |          |
+    |            |   +--------------+       |        |       +------------+       |          |    |          |
+    |            |                          |        |                            |          |    |          |
+    |            |                          |        |>==========================>|          |    |          |
+    |            |                          |        |                            +----------+    |          |
+    |            |                          |        |                                            |          |
+    |            |                          |        |                                     +---+  |          |
+    |            |                          |        |                            +--------| R |  |          |
+    |            |                          |        |                            | Client +---+  |          |
+    |            |>========================>|        |>==========================>| Search   |    |          |
+    |            |                          |        |                            |          |    |          |
+    |            |                          |        |                            +----------+    |          |
+    |            |                          |        |                                            |          |
+    |            |                          |        |>==========================================>|          |
+    |            |                          |        |                                            |          |
+    |            |                +---+     |        |                  +---+                     |          |
+    |            |       +--------| W |     |        |       +----------| S |                     |          |
+    |            |       | Client +---+     |        |       | Presence +---+                     |          |
+    |            |       | API      |>=====>|        |>=====>| Server     |>=====================>|          |
+    |            |       | /send    |       +--------+       |            |                       |          |
+    |            |       |          |                        |            |                       |          |
+    |            |       |          |>======================>|            |<=====================<|          |
+    |            |       +----------+                        |            |                       |          |
+    |            |                                           |            |                       |          |
+    |            |                                 +---+     |            |                       |          |
+    |            |                        +--------| W |     |            |                       |          |
+    |            |                        | Client +---+     |            |                       |          |
+    |            |                        | Presence |>=====>|            |                       |          |
+    |            |                        | Setter   |       |            |                       |          |
+    |            |                        +----------+       |            |                       |          |
+    |            |                                           |            |                       |          |
+    |            |                                           |            |                       |          |
+    |            |>=========================================>|            |                       |          |
+    |            |                                           +------------+                       |          |
+    |            |                                                                                |          |
+    |            |                                                      +---+                     |          |
+    |            |                                           +----------| S |                     |          |
+    |            |                                           | Typing   +---+                     |          |
+    |            |>=========================================>| Server     |>=====================>|          |
+    +------------+                                           |            |                       +----------+
+                                                   +---+     |            |
+                                          +--------| W |     |            |
+                                          | Client +---+     |            |
+                                          | Typing   |>=====>|            |
+                                          | Setter   |       |            |
+                                          +----------+       +------------+
+
+
+# Component Descriptions
+
+Many of the components are logical rather than physical. For example it is
+possible that all of the client API writers will end up being glued together
+and always deployed as a single unit.
+
+Outbound federation requests will probably need to be funnelled through a
+choke-point to implement ratelimiting and backoff correctly.
+
+## Federation Send
+
+ * Handles `/federation/v1/send/` requests.
+ * Fetches missing ``prev_events`` from the remote server if needed.
+ * Fetches missing room state from the remote server if needed.
+ * Checks signatures on remote events, downloading keys if needed.
+ * Queries information needed to process events from the Room Server.
+ * Writes room events to logs.
+ * Writes presence updates to logs.
+ * Writes receipt updates to logs.
+ * Writes typing updates to logs.
+ * Writes other updates to logs.
+
+## Client API /send
+
+ * Handles puts to `/client/v1/rooms/` that create room events.
+ * Queries information needed to process events from the Room Server.
+ * Talks to remote servers if needed for joins and invites.
+ * Writes room event pdus.
+ * Writes presence updates to logs.
+
+## Client Presence Setter
+
+ * Handles puts to whatever the client API path for presence is?
+ * Writes presence updates to logs.
+
+## Client Typing Setter
+
+ * Handles puts to whatever the client API path for typing is?
+ * Writes typing updates to logs.
+
+## Client Receipt Updater
+
+ * Handles puts to whatever the client API path for receipts is?
+ * Writes typing updates to logs.
+
+## Federation Backfill
+
+ * Backfills events from other servers
+ * Writes the resulting room events to logs.
+ * Is a different component from the room server itself cause it'll
+   be easier if the room server component isn't making outbound HTTP requests
+   to remote servers
+
+## Room Server
+
+ * Reads new and backfilled room events from the logs written by FS, FB and CRS.
+ * Tracks the current state of the room and the state at each event.
+ * Probably does auth checks on the incoming events.
+ * Handles state resolution as part of working out the current state and the
+ * state at each event.
+ * Writes updates to the current state and new events to logs.
+ * Shards by room ID.
+
+## Receipt Server
+
+ * Reads new updates to receipts from the logs written by the FS and CRU.
+ * Somehow learns enough information from the room server to workout how the
+   current receipt markers move with each update.
+ * Writes the new marker positions to logs
+ * Shards by room ID?
+ * It may be impossible to implement without folding it into the Room Server
+   forever coupling the components together.
+
+## Typing Server
+
+ * Reads new updates to typing from the logs written by the FS and CTS.
+ * Updates the current list of people typing in a room.
+ * Writes the current list of people typing in a room to the logs.
+ * Shards by room ID?
+
+## Presence Server
+
+ * Reads the current state of the rooms from the logs to track the intersection
+   of room membership between users.
+ * Reads updates to presence from the logs written by the FS and the CPS.
+ * Reads when clients sync from the logs from the Client Sync.
+ * Tracks any timers for users.
+ * Writes the changes to presence state to the logs.
+ * Shards by user ID somehow?
+
+## Client Sync
+
+ * Handle /client/v2/sync requests.
+ * Reads new events and the current state of the rooms from logs written by the Room Server.
+ * Reads new receipts positions from the logs written by the Receipts Server.
+ * Reads changes to presence from the logs written by the Presence Server.
+ * Reads changes to typing from the logs written by the Typing Server.
+ * Writes when a client starts and stops syncing to the logs.
+
+## Client Search
+
+ * Handle whatever the client API path for event search is?
+ * Reads new events and the current state of the rooms from logs writeen by the Room Server.
+ * Maintains a full text search index of somekind.
+
+## Client Push
+
+ * Pushes unread messages to remote push servers.
+ * Reads new events and the current state of the rooms from logs writeen by the Room Server.
+ * Reads the position of the read marker from the Receipts Server.
+ * Makes outbound HTTP hits to the push server for the client device.

+ 15 - 0
build.bat

@@ -0,0 +1,15 @@
+::set /a HERE=`cd`
+@echo off
+for /f "delims=" %%i in ('cd') do set HERE=%%i
+echo HERE is:
+echo %HERE%
+set GOPATH=%HERE%\vendor;%HERE%
+echo GOPATH is:
+echo %GOPATH%
+set PATH=%PATH%;%HERE%\vendor\bin
+echo %PATH%
+@echo on
+echo install gb...
+go get github.com/constabulary/gb/...
+echo build...
+gb build all

+ 29 - 0
build.sh

@@ -0,0 +1,29 @@
+HERE=`pwd`
+export GOPATH=$HERE/vendor
+export PATH=$PATH:$HERE/vendor/bin
+echo "fmt"
+gofmt -s -w .
+echo "install gb..."
+go get github.com/constabulary/gb/...
+#gb vendor purge
+#gb vendor fetch github.com/uber/jaeger-client-go
+#gb vendor fetch git.finogeeks.club/skunkworks/gomatrixutil
+#gb vendor fetch github.com/eapache/queue
+#echo "restore vendors..."
+#gb vendor restore
+echo clean
+find . -name "*.a"|xargs rm -rf
+export GOPATH=$HERE
+echo "build..."
+#gb build -race github.com/matrix-org/dendrite/cmd/...
+gb build github.com/matrix-org/dendrite/cmd/...
+gb build github.com/matrix-org/dendrite/message/...
+gb build github.com/matrix-org/dendrite/proxy/...
+#gb build github.com/matrix-org/dendrite/cmd/dendrite-sync-api-server/...
+#gb build github.com/matrix-org/dendrite/cmd/front-server/...
+#gb build github.com/matrix-org/dendrite/cmd/persist-server/...
+#gb build github.com/matrix-org/dendrite/cmd/push-sender/...
+#gb build github.com/matrix-org/dendrite/cmd/cache-loader-server/...
+
+#gb vendor purge
+#gb vendor delete gopkg.in/Shopify/sarama.v1

+ 48 - 0
config/as-registration.tmpl

@@ -0,0 +1,48 @@
+id: {{ or .Env.AS_ID "c926d15647f726af15d502510a1bf61918b1727958a6ac06e24bdee2803dc7cf" }}
+url: {{ or .Env.AS_URL "" }}
+as_token: {{ or .Env.AS_TOKEN "367bff1051f6d7093108c1bb2291793bb3c3c34ee63e71ded201a2ba7c0b0db6" }}
+hs_token: {{ or .Env.HS_TOKEN "fdc69caa903b676acf05b0ec8f8da063f62739a255e982966a1d65235153e137" }}
+sender_localpart: {{ or .Env.AS_SENDER_LOCALPART "" }}
+interested_all: {{ or .Env.AS_INTERESTED_ALL true }}
+namespaces: 
+    {{ if .Env.AS_NAMESPACE_USERS }}
+    users: 
+    {{ $users := split .Env.AS_NAMESPACE_USERS ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    users: []
+    {{end}}
+
+    {{ if .Env.AS_NAMESPACE_ALIASES }}
+    aliases: 
+    {{ $users := split .Env.AS_NAMESPACE_ALIASES ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    aliases: []
+    {{end}}
+
+    {{ if .Env.AS_NAMESPACE_ROOMS }}
+    rooms: 
+    {{ $users := split .Env.AS_NAMESPACE_ROOMS ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    rooms: []
+    {{end}}

+ 17 - 0
config/as-registration.yaml

@@ -0,0 +1,17 @@
+id: c926d15647f726af15d502510a1bf61918b1727958a6ac06e24bdee2803dc7cf
+url:
+as_token: 367bff1051f6d7093108c1bb2291793bb3c3c34ee63e71ded201a2ba7c0b0db6
+hs_token: fdc69caa903b676acf05b0ec8f8da063f62739a255e982966a1d65235153e137
+sender_localpart:
+interested_all: true
+namespaces: 
+    
+    users: []
+    
+
+    
+    aliases: []
+    
+
+    
+    rooms: []

+ 48 - 0
config/as-registration2.tmpl

@@ -0,0 +1,48 @@
+id: {{ or .Env.AS_ID2 "d926d15647f726af15d502510a1bf61918b1727958a6ac06e24bdee2803dc7cf" }}
+url: {{ or .Env.AS_URL2 "" }}
+as_token: {{ or .Env.AS_TOKEN "367bff1051f6d7093108c1bb2291793bb3c3c34ee63e71ded201a2ba7c0b0db6" }}
+hs_token: {{ or .Env.HS_TOKEN "fdc69caa903b676acf05b0ec8f8da063f62739a255e982966a1d65235153e137" }}
+sender_localpart: {{ or .Env.AS_SENDER_LOCALPART "" }}
+interested_all: {{ or .Env.AS_INTERESTED_ALL true }}
+namespaces: 
+    {{ if .Env.AS_NAMESPACE_USERS }}
+    users: 
+    {{ $users := split .Env.AS_NAMESPACE_USERS ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    users: []
+    {{end}}
+
+    {{ if .Env.AS_NAMESPACE_ALIASES }}
+    aliases: 
+    {{ $users := split .Env.AS_NAMESPACE_ALIASES ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    aliases: []
+    {{end}}
+
+    {{ if .Env.AS_NAMESPACE_ROOMS }}
+    rooms: 
+    {{ $users := split .Env.AS_NAMESPACE_ROOMS ";" }}
+    {{ range $i, $item := $users}}
+    {{ $items := split $item "|" }}
+    {{ $exec := index $items 0}}
+    {{ (print "  - exclusive: " $exec) }}
+    {{ $reg := index $items 1}}
+    {{ (print "    regex: " $reg) }}
+    {{ end }}
+    {{else}}
+    rooms: []
+    {{end}}

+ 18 - 0
config/as-registration2.yaml

@@ -0,0 +1,18 @@
+id: d926d15647f726af15d502510a1bf61918b1727958a6ac06e24bdee2803dc7cf
+url: 
+as_token: 367bff1051f6d7093108c1bb2291793bb3c3c34ee63e71ded201a2ba7c0b0db6
+hs_token: fdc69caa903b676acf05b0ec8f8da063f62739a255e982966a1d65235153e137
+sender_localpart:
+interested_all: true
+namespaces: 
+    
+    users: []
+    
+
+    
+    aliases: []
+    
+
+    
+    rooms: []
+    

+ 173 - 0
config/dendrite-release.yaml

@@ -0,0 +1,173 @@
+# The config file format version
+# This is used by dendrite to tell if it understands the config format.
+# This will change if the structure of the config file changes or if the meaning
+# of an existing config key changes.
+version: 0
+
+# The matrix specific config
+matrix:
+    # The name of the server. This is usually the domain name, e.g 'matrix.org', 'localhost'.
+    server_name: "finogeeks.club"
+    # The path to the PEM formatted matrix private key.
+    private_key: "/root/dendrite/dendrite/config/matrix_key.pem"
+    # The x509 certificates used by the federation listeners for this server
+    federation_certificates: ["/root/dendrite/dendrite/config/server.crt"]
+    # The list of identity servers trusted to verify third party identifiers by this server.
+    registration_shared_secret: "finochat"
+    # Defaults to no trusted servers.
+    trusted_third_party_id_servers:
+      - vector.im
+      - matrix.org
+      - riot.im
+
+# The media repository config
+media:
+    # The configuration for net disk url
+    upload_url: "http://netdisk:9999/api/v1/netdisk/upload/self?type=%s&thumbnail=%s"
+    download_url: "http://netdisk:9999/api/v1/netdisk/download/%s"
+    thumbnail_url: "http://netdisk:9999/api/v1/netdisk/thumbnail/%s?type=%s"
+
+# The config for the TURN server
+turn:
+    # Whether or not guests can request TURN credentials
+    turn_allow_guests: true
+    # How long the authorization should last
+    turn_user_lifetime: "1h"
+    # The list of TURN URIs to pass to clients
+    turn_uris: ["turn:turn.finogeeks.club:3478?transport=udp", "turn:turn.finogeeks.club:3478?transport=tcp"]
+
+    # Authorization via Shared Secret
+    # The shared secret from coturn
+    turn_shared_secret: "<SECRET STRING GOES HERE>"
+
+    # Authorization via Static Username & Password
+    # Hardcoded Username and Password
+    turn_username: "finchat"
+    turn_password: "fin123321"
+
+# The config for communicating with kafka
+kafka:
+    # Where the kafka servers are running.
+    addresses: ["kafka:9092"]
+    # Whether to use naffka instead of kafka.
+    # Naffka can only be used when running dendrite as a single monolithic server.
+    # Kafka can be used both with a monolithic server and when running the
+    # components as separate servers.
+    # If enabled database.naffka must also be specified.
+    use_naffka: false
+    # The names of the kafka topics to use.
+    topics:
+        keyUpdate: keyUpdate
+        output_room_event: roomserverOutput
+        output_room_event_federation: roomserverOutput
+        output_room_event_appservice: roomserverOutput
+        output_room_event_syncserver: roomserverOutput
+        input_room_event: roomserverInput
+        output_client_data: clientapiOutput
+        db_updates: dbUpdates
+
+kafka2:
+    # Where the kafka servers are running.
+    addresses: "kafka:9092"
+    # The names of the kafka topics to use.
+    producers:
+        keyUpdate: 
+            topic: keyUpdate
+        output_room_event: 
+            topic: roomserverOutput
+        input_room_event: 
+            topic: roomserverInput
+        output_client_data: 
+            topic: clientapiOutput
+        db_updates: 
+            topic: dbUpdates
+# The config for cache server redis
+redis:
+    uris: ["redis://user:finochat@codis:6379/0","redis://user:finochat@codis:6380/0"]
+# The config for nats server
+nats:
+    uri: "nats://nats:4222"
+# The postgres connection configs for connecting to the databases e.g a postgres:// URI
+database:
+    account: "postgres://dendrite:finochat@postgres:15432/dendrite_account?sslmode=disable"
+    device: "postgres://dendrite:finochat@postgres:15432/dendrite_device?sslmode=disable"
+    sync_api: "postgres://dendrite:finochat@postgres:15432/dendrite_syncapi?sslmode=disable"
+    room_server: "postgres://dendrite:finochat@postgres:15432/dendrite_roomserver?sslmode=disable"
+    server_key: "postgres://dendrite:finochat@postgres:15432/dendrite_serverkey?sslmode=disable"
+    federation_sender: "postgres://dendrite:finochat@postgres:15432/dendrite_federationsender?sslmode=disable"
+    public_rooms_api: "postgres://dendrite:finochat@postgres:15432/dendrite_publicroomsapi?sslmode=disable"
+    # If using naffka you need to specify a naffka database
+    naffka: "postgres://dendrite:finochat@postgres:15432/dendrite_naffka?sslmode=disable"
+    push_api: "postgres://dendrite:finochat@postgres:15432/dendrite_pushapi?sslmode=disable"
+    application_service: "postgres://dendrite:finochat@postgres:15432/dendrite_applicationservice?sslmode=disable"
+    encrypt_api: "postgres://dendrite:finochat@postgres:15432/dendrite_encryptapi?sslmode=disable"
+
+# The TCP host:port pairs to bind the internal HTTP APIs to.
+# These shouldn't be exposed to the public internet.
+# These aren't needed when running dendrite as a monolithic server.
+listen:
+    room_server: "localhost:7770"
+    client_api: "localhost:7771"
+    federation_api: "localhost:7772"
+    sync_api: "localhost:7773"
+    media_api: "localhost:7774"
+    public_rooms_api: "localhost:7775"
+    federation_sender: "localhost:7776"
+    push_api: "localhost:7777"
+
+# The configuration for tracing the dendrite components.
+tracing:
+    # Config for the jaeger opentracing reporter.
+    # See https://godoc.org/github.com/uber/jaeger-client-go/config#Configuration
+    # for documtation.
+    jaeger:
+        disabled: true
+
+# The configuration for authorization
+authorization:
+    # Config for the login authorize model, if "provider", will not check password or access token
+    login_authorize_mode: "provider"
+    login_authorize_code: "ftjkv587@@dendrite"
+
+# A list of application service config file to use
+application_services:
+   config_files: ["./config/as-registration.yaml","./config/as-registration2.yaml"]
+
+# The configuration for push service
+push_service:
+    # Config for delete pusher
+    remove_fail_times: 3
+
+# panic, fatal, error, warn, info. debug
+log_level: info
+
+cache:
+    durationDefault: 1800
+    durationRefresh: 1800
+
+macaroon:
+    macaroonKey: "=1lYIRf6I64~uBRE5IEj0il0Tm9f3Qc3OZom-5p:XmraL=K,KY"
+    macaroonId: "key"
+
+eventskip:
+    skip_item_list: [
+        {patten: "(^m\\.modular\\.).*", is_reg: true},
+    ]
+
+compress_length: 1024
+
+lru:
+  max_entries: 10240
+  gc_per_num: 100
+
+flush_delay: 30000
+
+recover_path: /root/dendrite/dendrite/
+
+send_member_event: false
+
+use_message_filter: true
+
+calculate_read_count: true
+
+retry_flush_db: true

+ 350 - 0
config/dendrite.tmpl

@@ -0,0 +1,350 @@
+version: 0
+
+matrix: 
+    server_name: [{{ or .Env.SERVER_NAME "finogeeks.club" }}]
+    homeserver_url: {{ or .Env.HOMESERVER_URL "http://127.0.0.1:8008" }}
+    identity_server_url: {{ or .Env.IDENTITY_SERVER_URL "https://vector.im" }}
+    private_key: {{ or .Env.SERVER_PRIVATE_KEY "/root/dendrite/dendrite/config/matrix_key.pem" }}
+    {{ if .Env.SERVER_FED_CERT }}
+    federation_certificates: 
+    {{ $feds := split .Env.SERVER_FED_CERT ";" }}
+    {{ range $i, $v := $feds}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    federation_certificates: 
+      - /root/dendrite/dendrite/config/server.crt 
+    {{end}}
+    registration_shared_secret: {{ or .Env.SERVER_REG_SEC "finochat" }}
+    {{ if .Env.TRUST_SERVER }}
+    trusted_third_party_id_servers: 
+    {{ $servers := split .Env.TRUST_SERVER ";" }}
+    {{ range $i, $v := $servers}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    trusted_third_party_id_servers: 
+      - vector.im
+      - matrix.org
+      - riot.im
+    {{end}}
+    server_from_db: {{ or .Env.SERVER_FROM_DB false }}
+
+media:
+    upload_url: {{ or .Env.MEDIA_UPLOAD_URL "http://netdisk:9999/api/v1/netdisk/upload/self?type=%s&thumbnail=%s" }}
+    download_url: {{ or .Env.MEDIA_DOWNLOAD_URL "http://netdisk:9999/api/v1/netdisk/download/%s" }}
+    thumbnail_url: {{ or .Env.MEDIA_THUNBNAIL_URL "http://netdisk:9999/api/v1/netdisk/thumbnail/%s?type=%s" }}
+
+turn:
+    turn_allow_guests: {{ or .Env.TURN_ALLOW_GUESTS true }}
+    turn_user_lifetime: {{ or .Env.TURN_USER_TTL "1h" }}
+    {{ if .Env.TURN_URIS }}
+    turn_uris:
+    {{ $turns := split .Env.TRUN_URIS ";" }}
+    {{ range $i, $v := $turns}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    turn_uris: 
+      - turn:turn.finogeeks.club:3478?transport=udp
+      - turn:turn.finogeeks.club:3478?transport=tcp
+    {{end}}
+    turn_shared_secret: {{ or .Env.TURN_SHARED_SEC "TEST" }}
+    turn_username: {{ or .Env.TURN_USERNAME "finchat" }}
+    turn_password: {{ or .Env.TURN_PASSWORD "fin123321" }}
+
+kafka:
+    producers:
+        keyUpdate: 
+            topic: {{ or .Env.KAFKA_KEY_UPDATE_TOPIC "keyUpdate" }}
+            underlying: {{ or .Env.KAFKA_KEY_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_KEY_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_event: 
+            topic: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_TOPIC "roomserverOutput" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        input_room_event: 
+            topic: {{ or .Env.KAFKA_ROOMSERVER_INPUT_TOPIC "roomserverInput" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_INPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_INPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_client_data: 
+            topic: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_TOPIC "clientapiOutput" }}
+            underlying: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        db_updates: 
+            topic: {{ or .Env.KAFKA_DB_UPDATE_TOPIC "dbUpdates" }}
+            underlying: {{ or .Env.KAFKA_DB_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_DB_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        get_visibility_range: 
+            topic: {{ or .Env.KAFKA_GET_VISIBILITY_RANGE_TOPIC "getVisibilityRange" }}
+            underlying: {{ or .Env.KAFKA_GET_VISIBILITY_RANGE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_GET_VISIBILITY_RANGE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_fed_event: 
+            topic: {{ or .Env.KAFKA_OUTPUT_ROOM_FED_EVENT_TOPIC "rfe" }}
+            underlying: {{ or .Env.KAFKA_OUTPUT_ROOM_FED_EVENT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_OUTPUT_ROOM_FED_EVENT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_event_recover:
+            topic: {{ or .Env.KAFKA_OUTPUT_ROOM_EVENT_RECOVER_TOPIC "roomserverOutputRecover" }}
+            underlying: {{ or .Env.KAFKA_OUTPUT_ROOM_EVENT_RECOVER_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_OUTPUT_ROOM_EVENT_RECOVER_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        setting_update:
+            topic: {{ or .Env.KAFKA_SETTING_UPDATE_TOPIC "settingUpdate" }}
+            underlying: {{ or .Env.KAFKA_SETTING_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_SETTING_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_device_state_update:
+            topic: {{ or .Env.KAFKA_OUTPUT_DEVICE_STATE_UPDATE_TOPIC "deviceStateUpdate" }}
+            underlying: {{ or .Env.KAFKA_OUTPUT_DEVICE_STATE_CHANGE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_OUTPUT_DEVICE_STATE_CHANGE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+    consumers:
+        keyUpdate:
+            topic: {{ or .Env.KAFKA_KEY_UPDATE_TOPIC "keyUpdate" }}
+            group: {{ or .Env.KAFKA_CONSUMER_KEY_UPDATE_GROUP "key_sync" }}
+            underlying: {{ or .Env.KAFKA_KEY_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_KEY_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_event_publicroom:
+            topic: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_TOPIC "roomserverOutput" }}
+            group: {{ or .Env.KAFKA_CONSUMER_OUTPUT_PUBLIC_ROOM_GROUP "public-rooms" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_event_appservice:
+            topic: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_TOPIC "roomserverOutput" }}
+            group: {{ or .Env.KAFKA_CONSUMER_OUTPUT_AS_GROUP "applicationService" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_room_event_syncserver:
+            topic: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_TOPIC "roomserverOutput" }}
+            group: {{ or .Env.KAFKA_CONSUMER_OUTPUT_SYNC_GROUP "sync-api" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_OUTPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        input_room_event:
+            topic: {{ or .Env.KAFKA_ROOMSERVER_INPUT_TOPIC "roomserverInput" }}
+            group: {{ or .Env.KAFKA_CONSUMER_ROOMSERVER_INPUT_GROUP "roomserver" }}
+            underlying: {{ or .Env.KAFKA_ROOMSERVER_INPUT_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_ROOMSERVER_INPUT_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        output_client_data:
+            topic: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_TOPIC "clientapiOutput" }}
+            group: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_GROUP "sync-api" }}
+            underlying: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_OUTPUT_CLIENT_DATA_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        cache_updates:
+            topic: {{ or .Env.KAFKA_DB_UPDATE_TOPIC "dbUpdates" }}
+            group: {{ or .Env.KAFKA_CACHE_UPDATE_GROUP "persist-cache" }}
+            underlying: {{ or .Env.KAFKA_DB_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_DB_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        db_updates:
+            topic: {{ or .Env.KAFKA_DB_UPDATE_TOPIC "dbUpdates" }}
+            group: {{ or .Env.KAFKA_DB_UPDATE_GROUP "persist-db" }}
+            underlying: {{ or .Env.KAFKA_DB_UPDATE_UNDERLYING .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_DB_UPDATE_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+        setting_update:
+            topic: {{ or .Env.KAFKA_SETTING_UPDATE_TOPIC  "settingUpdate" }}
+            group: {{ or .Env.KAFKA_SETTING_UPDATE_GROUP "settingUpdate" }}
+            underlying: {{ or .Env.KAFKA_SETTING_UPDATE_UNDERLYING  .Env.KAFKA_UNDERLYING "kafka" }}
+            addresses: {{ or .Env.KAFKA_SETTING_UPDATE_CONSUMER_ADDRS .Env.KAFKA_ADDRS "kafka:9092" }}
+rpc:
+    rs_qry_topic: {{ or .Env.RPC_RS_QRY_TOPIC "roomserver_query" }}
+    alias_topic: {{ or .Env.RPC_ALIAS_TOPIC "roomserver_alias" }}
+    room_input_topic: {{ or .Env.RPC_ROOM_INPUT_TOPIC "roomserver_input" }}
+    fed_topic: {{ or .Env.RPC_FED_TOPIC "fed" }}
+    fed_alias_topic: {{ or .Env.RPC_FED_ALIAS_TOPIC "fed.roomserver_alias" }}
+    fed_profile_topic: {{ or .Env.RPC_FED_PROFILE_TOPIC "fed.profile" }}
+    fed_avatar_topic: {{ or .Env.RPC_FED_AVATAR_TOPIC "fed.avatar" }}
+    fed_displayname_topic: {{ or .Env.RPC_FED_DISPLAYNAME_TOPIC "fed.displayname" }}
+
+redis:
+    {{ if .Env.REDIS_ADDRS }}
+    uris:
+    {{ $rediss := split .Env.REDIS_ADDRS ";" }}
+    {{ range $i, $v := $rediss}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    uris: 
+      - redis://user:finochat@codis:6379/0
+      - redis://user:finochat@codis:6380/0,
+    {{end}}
+
+nats:
+    uri: {{ or .Env.NATS_ADDRS "nats://nats:4222" }}
+
+database:
+    create_db: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/postgres?sslmode=disable") }}
+    account: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_account?sslmode=disable") }}
+    device: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_device?sslmode=disable") }}
+    sync_api: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_syncapi?sslmode=disable") }}
+    room_server: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_roomserver?sslmode=disable") }}
+    server_key: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_serverkey?sslmode=disable") }}
+    federation_sender: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_federationsender?sslmode=disable") }}
+    public_rooms_api: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_publicroomsapi?sslmode=disable") }}
+    push_api: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_pushapi?sslmode=disable") }}
+    application_service: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_applicationservice?sslmode=disable") }}
+    encrypt_api: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_encryptapi?sslmode=disable") }}
+    presence: 
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_presence?sslmode=disable") }}
+    server_conf:
+        driver: {{ or .Env.DB_DRIVER "postgres" }}
+        addresses: {{ (print .Env.DB_URI "/dendrite_serverconf?sslmode=disable") }}
+    use_sync: {{ or .Env.DB_USE_SYNC_RW false }}
+
+listen:
+    room_server: localhost:7770
+    client_api: localhost:7771
+    federation_api: localhost:7772
+    sync_api: localhost:7773
+    media_api: localhost:7774
+    public_rooms_api: localost:7775
+    federation_sender: localhost:7776
+    push_api: localhost:7777
+
+tracing:
+    jaeger:
+        disabled: true
+     
+authorization:
+    login_authorize_mode: {{ or .Env.LOGIN_AUTH_MODE "provider"}}
+    login_authorize_code: {{ or .Env.LOGIN_AUTH_CODE "ftjkv587@@dendrite"}}
+
+application_services:
+    {{ if .Env.AS_CONFIG_FILE }}
+    config_files:
+    {{ $as := split .Env.AS_CONFIG_FILE ";" }}
+    {{ range $i, $v := $as}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    config_files: [./config/as-registration.yaml,./config/as-registration2.yaml]
+    {{end}}
+      
+push_service:
+    remove_fail_times: {{ or .Env.PUSH_REMOVE_FAIL_TIME 3}}
+    push_server_url: {{ or .Env.PUSH_SERVER_URL "http://push-service:5000/_matrix/push/v1/notify"}}
+
+log:
+    level: {{ or .Env.LOG_LEVEL "info"}}
+    files: [{{ or .Env.LOG_DIR "./log"}}/{{ or .Env.SERVICE_NAME "dendrite"}}.log]
+    underlying: zap
+    redirect_stderr: false
+    write_to_stdout: true
+    zap_config:
+        max_size: {{ or .Env.LOG_MAX_SIZE_IN_MB 100}}
+        max_age: {{ or .Env.LOG_MAX_DAYS_TO_RETAIN_FILES 3}}
+        max_backups: {{ or .Env.LOG_MAX_TO_RETAIN_FILES 300}}
+        localtime: true
+        compress: true
+        json_format: false
+        bt_enabled: false
+        bt_level: error
+
+migration:
+    domain_name: {{ or .Env.MIG_DOMAIN_NAME ""}}
+    update_avatar: {{ or .Env.MIG_UPDATE_AVATAR true}}
+    process_device: {{ or .Env.MIG_PROCESS_DEVICE false}}
+    append_when_room_exist: {{ or .Env.MIG_APPEND_WHEN_ROOM_EXIST false}}
+    synapse_db: {{ or .Env.MIG_SYNAPSE_DB_URI "postgres://matrix:mm123321@119.29.136.81:6432/matrix?sslmode=disable"}}
+    synapse_url: {{ or .Env.MIG_SYNAPSE_URL "https://api.finogeeks.club/_matrix/media/v1/thumbnail/%s/%s?width=36&height=36&method=crop"}}
+    go_room_db: {{ or .Env.MIG_GO_ROOM_DB_URI "postgres://dendrite:finochat@localhost:5432/dendrite_roomserver?sslmode=disable"}}
+    go_account_db: {{ or .Env.MIG_GO_ACCOUNT_DB_URI "postgres://dendrite:finochat@localhost:15432/dendrite_account?sslmode=disable"}}
+    {{ if .Env.MIG_LIST }}
+    migration_list:
+    {{ $migl := split .Env.MIG_LIST ";" }}
+    {{ range $i, $v := $migl}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    migration_list:
+      - events
+      - appEventTag
+      - account
+      - profile
+      - pushRule
+      - checkResult
+    {{end}}
+    {{ if .Env.MIG_IGNORE_ROOMS }}
+    ignore_rooms:
+    {{ $igl := split .Env.MIG_IGNORE_ROOMS ";" }}
+    {{ range $i, $v := $igl}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    ignore_rooms: []
+    {{end}}
+    {{ if .Env.MIG_ROOM_LIST }}
+    room_list:
+    {{ $rl := split .Env.MIG_ROOM_LIST ";" }}
+    {{ range $i, $v := $rl}}
+    {{ (print "  - " $v) }}
+    {{ end }}
+    {{else}}
+    room_list: []
+    {{end}}
+
+cache:
+    durationDefault: {{ or .Env.DB_CACHE_DURATION 900}}
+    durationRefresh: {{ or .Env.DB_CACHE_DURATION 900}}
+
+macaroon:
+    macaroonKey: {{ or .Env.MACAROON_KEY  "=1lYIRf6I64~uBRE5IEj0il0Tm9f3Qc3OZom-5p:XmraL=K,KY"   }}
+    macaroonId: {{ or .Env.MACAROON_ID "key" }}
+    macaroonLoc: {{ or .Env.MACAROON_LOC "dendrite" }}
+
+eventskip:
+    skip_item_list: {{ or .Env.EVENT_SKIP `[{patten: "(^m\\.modular\\.).*", is_reg: true},]`}}
+
+compress_length: {{ or .Env.COMPRESS_LENGTH 0}}
+
+lru:
+    max_entries: {{ or .Env.MAX_ENTRIES 30720}}
+    gc_per_num: {{ or .Env.GC_PER_NUM 100}}
+
+sync_mng_chan_num: {{ or .Env.SYNC_MNG_CHAN_NUM 64}}
+
+flush_delay: {{ or .Env.FLUSH_DELAY 30000}}
+
+recover_path: {{ or .Env.RECOVER_PATH "/opt/dendrite"}}
+
+send_member_event: {{ or .Env.SEND_MEMBER_EVENT false}}
+
+use_message_filter: {{ or .Env.USE_MESSAGE_FILTER true}}
+
+calculate_read_count: {{ or .Env.CALCULATE_READ_COUNT true}}
+
+retry_flush_db: {{ or .Env.RETRY_FLUSH_DB true}}
+
+pub_login_info: {{ or .Env.PUB_LOGIN_INFO false}}
+
+use_encrypt: {{ or .Env.USE_ENCRYPT true}}
+
+default_avatar: {{ or .Env.DEFAULT_AVATAR ""}}
+
+token_rewrite:
+    staff_domain: {{ or .Env.TOKEN_STAFF_DOMAIN "" }}
+    retail_domain: {{ or .Env.TOKEN_RETAIL_DOMAIN "" }}
+    staff_db: {{ or .Env.TOKEN_STAFF_DB "" }}
+    retail_db: {{ or .Env.TOKEN_RETAIL_DB "" }}
+
+state_mgr:
+    state_notify: {{ or .Env.STATE_NOTIFY false }}
+    state_offline: {{ or .Env.STATE_OFFLINE 120 }}

+ 295 - 0
config/dendrite.yaml

@@ -0,0 +1,295 @@
+version: 0
+
+matrix: 
+    server_name: [dendrite]
+    homeserver_url: http://127.0.0.1:8008
+    identity_server_url: https://vector.im
+    private_key: /Users/joey/gows/src/finochat/lastest_dendrite/dendrite/config/matrix_key.pem
+    
+    federation_certificates: 
+    
+    
+      - /Users/joey/gows/src/finochat/lastest_dendrite/dendrite/config/server.crt
+    
+    
+    registration_shared_secret: finochat
+    
+    trusted_third_party_id_servers: 
+      - vector.im
+      - matrix.org
+      - riot.im
+
+    server_from_db: false
+
+media:
+    upload_url: https://api.finogeeks.club/api/v1/netdisk/upload/self?type=m.image&thumbnail=true
+    download_url: https://api.finogeeks.club/api/v1/netdisk/download/%s
+    thumbnail_url: https://api.finogeeks.club/api/v1/netdisk/thumbnail/%s?type=%s
+
+turn:
+    turn_allow_guests: true
+    turn_user_lifetime: 1h
+    
+    turn_uris: 
+      - turn:turn.finogeeks.club:3478?transport=udp
+      - turn:turn.finogeeks.club:3478?transport=tcp
+    
+    turn_shared_secret: TEST
+    turn_username: finchat
+    turn_password: fin123321
+
+kafka:
+    producers:
+        keyUpdate: 
+            topic: keyUpdate
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_event: 
+            topic: roomserverOutput
+            underlying: kafka
+            addresses: kafka:9092
+        input_room_event: 
+            topic: roomserverInput
+            underlying: kafka
+            addresses: kafka:9092
+        output_client_data: 
+            topic: clientapiOutput
+            underlying: kafka
+            addresses: kafka:9092
+        db_updates: 
+            topic: dbUpdates
+            underlying: kafka
+            addresses: kafka:9092
+        get_visibility_range: 
+            topic: getVisibilityRange
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_fed_event: 
+            topic: fed
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_event_recover:
+          topic: roomserverOutputRecover
+          underlying: kafka
+          addresses: kafka:9092
+        output_device_state_update:
+          topic: deviceStateUpdate
+          underlying: kafka
+          addresses: kafka:9092
+    consumers:
+        keyUpdate:
+            topic: keyUpdate
+            group: key_sync
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_event_publicroom:
+            topic: roomserverOutput
+            group: public-rooms
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_event_appservice:
+            topic: roomserverOutput
+            group: applicationService
+            underlying: kafka
+            addresses: kafka:9092
+        output_room_event_syncserver:
+            topic: roomserverOutput
+            group: sync-api
+            underlying: kafka
+            addresses: kafka:9092
+        input_room_event:
+            topic: roomserverInput
+            group: roomserver
+            underlying: kafka
+            addresses: kafka:9092
+        output_client_data:
+            topic: clientapiOutput
+            group: sync-api
+            underlying: kafka
+            addresses: kafka:9092
+        cache_updates:
+            topic: dbUpdates
+            group: persist-cache
+            underlying: kafka
+            addresses: kafka:9092
+        db_updates:
+            topic: dbUpdates
+            group: persist-db
+            underlying: kafka
+            addresses: kafka:9092
+rpc:
+    rs_qry_topic: roomserver_query
+    alias_topic: roomserver_alias
+    room_input_topic: roomserver_input
+    fed_alias_topic: fed_roomserver_alias
+
+
+redis:
+    
+    uris:
+    
+    
+      - redis://user:finochat@localhost:6379/0
+    
+    
+
+nats:
+    uri: nats://nats:4222
+
+database:
+    create_db: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/postgres?sslmode=disable
+    account: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_account?sslmode=disable
+    device: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_device?sslmode=disable
+    sync_api: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_syncapi?sslmode=disable
+    room_server: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_roomserver?sslmode=disable
+    server_key: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_serverkey?sslmode=disable
+    federation_sender: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_federationsender?sslmode=disable
+    public_rooms_api: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_publicroomsapi?sslmode=disable
+    push_api: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_pushapi?sslmode=disable
+    application_service: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_applicationservice?sslmode=disable
+    encrypt_api: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_encryptapi?sslmode=disable
+    presence: 
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_presence?sslmode=disable
+    server_conf:
+        driver: postgres
+        addresses: postgres://dendrite:finochat@localhost:15432/dendrite_serverconf?sslmode=disable
+    use_sync: false
+
+listen:
+    room_server: localhost:7770
+    client_api: localhost:7771
+    federation_api: localhost:7772
+    sync_api: localhost:7773
+    media_api: localhost:7774
+    public_rooms_api: localost:7775
+    federation_sender: localhost:7776
+    push_api: localhost:7777
+
+tracing:
+    jaeger:
+        disabled: true
+     
+authorization:
+    login_authorize_mode: provider
+    login_authorize_code: ftjkv587@@dendrite
+
+application_services:
+    
+    config_files:
+    
+    
+      - /Users/joey/gows/src/finochat/lastest_dendrite/dendrite/config/as-registration.yaml
+    
+    
+      
+push_service:
+    remove_fail_times: 3
+    push_server_url: http://push-service:5000/_matrix/push/v1/notify
+
+log:
+    level: info
+    files: [./log/dendrite.log]
+    underlying: zap
+    redirect_stderr: true
+    write_to_stdout: true
+    zap_config:
+        max_size: 100
+        max_age: 0
+        max_backups: 0
+        localtime: true
+        compress: true
+        json_format: false
+        bt_enabled: false
+        bt_level: error
+
+migration:
+    domain_name: 
+    update_avatar: true
+    process_device: false
+    append_when_room_exist: false
+    synapse_db: postgres://matrix:mm123321@119.29.136.81:6432/matrix?sslmode=disable
+    synapse_url: https://api.finogeeks.club/_matrix/media/v1/thumbnail/%s/%s?width=36&height=36&method=crop
+    go_room_db: postgres://dendrite:finochat@localhost:5432/dendrite_roomserver?sslmode=disable
+    go_account_db: postgres://dendrite:finochat@localhost:15432/dendrite_account?sslmode=disable
+
+    migration_list:
+      - events
+      - appEventTag
+      - account
+      - profile
+      - pushRule
+      - checkResult
+    
+    
+    ignore_rooms: []
+    
+    
+    room_list: []
+    
+
+cache:
+    durationDefault: 900
+    durationRefresh: 900
+
+macaroon:
+    macaroonKey: =1lYIRf6I64~uBRE5IEj0il0Tm9f3Qc3OZom-5p:XmraL=K,KY
+    macaroonId: key
+    macaroonLoc: dendrite
+
+eventskip:
+    skip_item_list: [{patten: "(^m\\.modular\\.).*", is_reg: true},]
+
+compress_length: 0
+
+lru:
+    max_entries: 30720
+    gc_per_num: 100
+
+flush_delay: 30000
+
+recover_path: /opt/dendrite
+
+send_member_event: false
+
+use_message_filter: true
+
+calculate_read_count: true
+
+retry_flush_db: true
+
+pub_login_info: false
+
+use_encrypt: true
+
+token_rewrite:
+    staff_domain: 
+    retail_domain: 
+    staff_db: 
+    retail_db:
+
+state_mgr:
+    state_notify: false
+    state_offline: 120

File diff suppressed because it is too large
+ 385 - 0
config/env.sh


+ 60 - 0
config/fed-local-test-env.sh

@@ -0,0 +1,60 @@
+basepath=$(cd `dirname $0`; pwd)
+
+if [ "$RUN_ENV" = "fed1" ]; then
+	echo "fed1"
+
+    [ -z "$SERVER_NAME" ] && export SERVER_NAME="dendrite"
+    [ -z "$SERVER_PRIVATE_KEY" ] && export SERVER_PRIVATE_KEY=$basepath"/matrix_key.pem"
+    [ -z "$SERVER_FED_CERT" ] && export SERVER_FED_CERT=$basepath"/server.crt"
+    [ -z "$MEDIA_UPLOAD_URL" ] && export MEDIA_UPLOAD_URL="https://api.finogeeks.club/api/v1/netdisk/upload/self?type=m.image&thumbnail=true"
+    [ -z "$MEDIA_DOWNLOAD_URL" ] && export MEDIA_DOWNLOAD_URL="https://api.finogeeks.club/api/v1/netdisk/download/%s"
+    [ -z "$MEDIA_THUNBNAIL_URL" ] && export MEDIA_THUNBNAIL_URL="https://api.finogeeks.club/api/v1/netdisk/thumbnail/%s?type=%s"
+    [ -z "$KAFKA_ADDRS" ] && export KAFKA_ADDRS="kafka:9092"
+    [ -z "$REDIS_ADDRS" ] && export REDIS_ADDRS="redis://user:finochat@localhost:6379/0"
+    [ -z "$DB_URI" ] && export DB_URI="postgres://dendrite:finochat@localhost:15432"
+    [ -z "$AS_CONFIG_FILE" ] && export AS_CONFIG_FILE=$basepath"/as-registration.yaml"
+    [ -z "$NATS_ADDRS" ] && export NATS_ADDRS="nats://nats:4222"
+
+	dockerize -template $basepath/dendrite.tmpl:$basepath/dendrite.yaml pwd
+elif [ "$RUN_ENV" = "fed2" ]; then
+	echo "fed2"
+
+    [ -z "$SERVER_NAME" ] && export SERVER_NAME="fedhost"
+    [ -z "$SERVER_PRIVATE_KEY" ] && export SERVER_PRIVATE_KEY=$basepath"/matrix_key.pem"
+    [ -z "$SERVER_FED_CERT" ] && export SERVER_FED_CERT=$basepath"/server.crt"
+    [ -z "$MEDIA_UPLOAD_URL" ] && export MEDIA_UPLOAD_URL="https://api.finogeeks.club/api/v1/netdisk/upload/self?type=m.image&thumbnail=true"
+    [ -z "$MEDIA_DOWNLOAD_URL" ] && export MEDIA_DOWNLOAD_URL="https://api.finogeeks.club/api/v1/netdisk/download/%s"
+    [ -z "$MEDIA_THUNBNAIL_URL" ] && export MEDIA_THUNBNAIL_URL="https://api.finogeeks.club/api/v1/netdisk/thumbnail/%s?type=%s"
+    [ -z "$KAFKA_ADDRS" ] && export KAFKA_ADDRS="kafka:19092"
+    [ -z "$REDIS_ADDRS" ] && export REDIS_ADDRS="redis://user:finochat@localhost:6379/0"
+    [ -z "$DB_URI" ] && export DB_URI="postgres://dendrite:finochat@localhost:25432"
+    [ -z "$AS_CONFIG_FILE" ] && export AS_CONFIG_FILE=$basepath"/as-registration.yaml"
+    [ -z "$NATS_ADDRS" ] && export NATS_ADDRS="nats://nats:14222"
+
+	dockerize -template $basepath/dendrite.tmpl:$basepath/dendrite.yaml pwd
+else
+	echo "clean"
+	unset SERVER_NAME
+	unset SERVER_PRIVATE_KEY
+	unset SERVER_FED_CERT
+	unset MEDIA_UPLOAD_URL
+	unset MEDIA_DOWNLOAD_URL
+	unset MEDIA_THUNBNAIL_URL
+	unset KAFKA_ADDRS
+	unset REDIS_ADDRS
+	unset DB_URI
+	unset AS_CONFIG_FILE
+    unset AS_ID
+    unset AS_URL
+    unset AS_TOKEN
+    unset HS_TOKEN
+    unset AS_SENDER_LOCALPART
+    unset AS_NAMESPACE_USERS
+    unset AS_NAMESPACE_ALIASES
+    unset AS_NAMESPACE_ROOMS
+    unset AS_ID2
+    unset AS_URL2
+fi
+
+dockerize -template $basepath/as-registration.tmpl:$basepath/as-registration.yaml pwd
+dockerize -template $basepath/as-registration2.tmpl:$basepath/as-registration2.yaml pwd

+ 163 - 0
config/gfam.yaml

@@ -0,0 +1,163 @@
+# The config file format version
+# This is used by dendrite to tell if it understands the config format.
+# This will change if the structure of the config file changes or if the meaning
+# of an existing config key changes.
+version: 0
+
+# The matrix specific config
+matrix:
+    # The name of the server. This is usually the domain name, e.g 'matrix.org', 'localhost'.
+    server_name: "im.gfam.com.cn"
+    # The path to the PEM formatted matrix private key.
+    private_key: "/opt/dendrite/config/matrix_key.pem"
+    # The x509 certificates used by the federation listeners for this server
+    federation_certificates: ["/opt/dendrite/config/server.crt"]
+    # The list of identity servers trusted to verify third party identifiers by this server.
+    registration_shared_secret: "finochat"
+    # Defaults to no trusted servers.
+    trusted_third_party_id_servers:
+      - vector.im
+      - matrix.org
+      - riot.im
+      - api.finogeeks.club
+
+# The media repository config
+media:
+    # The configuration for net disk url
+    upload_url: "http://netdisk.storage:9999/api/v1/netdisk/upload/self?type=m.image&thumbnail=true"
+    download_url: "http://netdisk.storage:9999/api/v1/netdisk/download/%s"
+    thumbnail_url: "http://netdisk.storage:9999/api/v1/netdisk/thumbnail/%s?type=%s"
+
+# The config for the TURN server
+turn:
+    # Whether or not guests can request TURN credentials
+    turn_allow_guests: true
+    # How long the authorization should last
+    turn_user_lifetime: "1h"
+    # The list of TURN URIs to pass to clients
+    turn_uris: ["turn:turn.finogeeks.club:3478?transport=udp", "turn:turn.finogeeks.club:3478?transport=tcp"]
+
+    # Authorization via Shared Secret
+    # The shared secret from coturn
+    turn_shared_secret: "<SECRET STRING GOES HERE>"
+
+    # Authorization via Static Username & Password
+    # Hardcoded Username and Password
+    turn_username: "finchat"
+    turn_password: "fin123321"
+
+# The config for communicating with kafka
+kafka:
+    # Where the kafka servers are running.
+    addresses: ["broker.kafka-cluster:9082"]
+    # Whether to use naffka instead of kafka.
+    # Naffka can only be used when running dendrite as a single monolithic server.
+    # Kafka can be used both with a monolithic server and when running the
+    # components as separate servers.
+    # If enabled database.naffka must also be specified.
+    use_naffka: false
+    # The names of the kafka topics to use.
+    topics:
+        keyUpdate: keyUpdate
+        output_room_event: roomserverOutput
+        output_room_event_federation: roomserverOutput
+        output_room_event_appservice: roomserverOutput
+        output_room_event_pushserver: roomserverOutput
+        output_room_event_pushout: roomserverOutput-push
+        output_room_event_syncserver: roomserverOutput-push
+        input_room_event: roomserverInput
+        output_client_data: clientapiOutput
+        db_updates: dbUpdates
+        receipt_update: receiptUpdate
+
+kafka2:
+    # Where the kafka servers are running.
+    addresses: "broker.kafka-cluster:9082"
+    # The names of the kafka topics to use.
+    producers:
+        keyUpdate: 
+            topic: keyUpdate
+        output_room_event: 
+            topic: roomserverOutput
+        output_room_event_pushout: 
+            topic: roomserverOutput-push
+        input_room_event: 
+            topic: roomserverInput
+        output_client_data: 
+            topic: clientapiOutput
+        db_updates: 
+            topic: dbUpdates
+        receipt_update: 
+            topic: receiptUpdate
+# The config for cache server redis
+redis:
+    uris: ["redis://user:finochat@redis:6379/0"]
+# The config for nats server
+nats:
+    uri: "nats://nats:4222"
+# The postgres connection configs for connecting to the databases e.g a postgres:// URI
+database:
+    account: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_account?sslmode=disable"
+    device: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_device?sslmode=disable"
+    sync_api: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_syncapi?sslmode=disable"
+    room_server: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_roomserver?sslmode=disable"
+    server_key: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_serverkey?sslmode=disable"
+    federation_sender: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_federationsender?sslmode=disable"
+    public_rooms_api: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_publicroomsapi?sslmode=disable"
+    # If using naffka you need to specify a naffka database
+    naffka: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_naffka?sslmode=disable"
+    push_api: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_pushapi?sslmode=disable"
+    application_service: "postgres://dendrite:pg-master.storage@postgres:5432/dendrite_applicationservice?sslmode=disable"
+    encrypt_api: "postgres://dendrite:finochat@pg-master.storage:5432/dendrite_encryptapi?sslmode=disable"
+
+# The TCP host:port pairs to bind the internal HTTP APIs to.
+# These shouldn't be exposed to the public internet.
+# These aren't needed when running dendrite as a monolithic server.
+listen:
+    room_server: "localhost:7770"
+    client_api: "localhost:7771"
+    federation_api: "localhost:7772"
+    sync_api: "localhost:7773"
+    media_api: "localhost:7774"
+    public_rooms_api: "localhost:7775"
+    federation_sender: "localhost:7776"
+    push_api: "localhost:7777"
+
+# The configuration for tracing the dendrite components.
+tracing:
+    # Config for the jaeger opentracing reporter.
+    # See https://godoc.org/github.com/uber/jaeger-client-go/config#Configuration
+    # for documtation.
+    jaeger:
+        disabled: true
+
+# The configuration for authorization
+authorization:
+    # Config for the login authorize model, if "provider", will not check password or access token
+    login_authorize_mode: "provider"
+    login_authorize_code: "ftjkv587@@dendrite"
+
+# A list of application service config file to use
+application_services:
+   config_files: ["/opt/dendrite/config/as-registration.yaml",]
+
+# The configuration for push service
+push_service:
+    # Config for delete pusher
+    remove_fail_times: 3
+
+# panic, fatal, error, warn, info. debug
+log_level: info
+
+cache:
+    durationDefault: 300
+    durationRefresh: 180
+
+macaroon:
+    macaroonKey: "=1lYIRf6I64~uBRE5IEj0il0Tm9f3Qc3OZom-5p:XmraL=K,KY"
+    macaroonId: "key"
+
+eventskip:
+    skip_item_list: [
+        {patten: "(^m\\.modular\\.).*", is_reg: true},
+    ]

+ 675 - 0
config/pgpool.conf

@@ -0,0 +1,675 @@
+# ----------------------------
+# pgPool-II configuration file
+# ----------------------------
+#
+# This file consists of lines of the form:
+#
+#   name = value
+#
+# Whitespace may be used.  Comments are introduced with "#" anywhere on a line.
+# The complete list of parameter names and allowed values can be found in the
+# pgPool-II documentation.
+#
+# This file is read on server startup and when the server receives a SIGHUP
+# signal.  If you edit the file on a running system, you have to SIGHUP the
+# server for the changes to take effect, or use "pgpool reload".  Some
+# parameters, which are marked below, require a server shutdown and restart to
+# take effect.
+#
+
+
+#------------------------------------------------------------------------------
+# CONNECTIONS
+#------------------------------------------------------------------------------
+
+# - pgpool Connection Settings -
+
+listen_addresses = '*'
+                                   # Host name or IP address to listen on:
+                                   # '*' for all, '' for no TCP/IP connections
+                                   # (change requires restart)
+#port = 9999
+port = 5432
+                                   # Port number
+                                   # (change requires restart)
+socket_dir = '/tmp'
+                                   # Unix domain socket path
+                                   # The Debian package defaults to
+                                   # /var/run/postgresql
+                                   # (change requires restart)
+
+
+# - pgpool Communication Manager Connection Settings -
+
+pcp_port = 9898
+                                   # Port number for pcp
+                                   # (change requires restart)
+pcp_socket_dir = '/tmp'
+                                   # Unix domain socket path for pcp
+                                   # The Debian package defaults to
+                                   # /var/run/postgresql
+                                   # (change requires restart)
+
+# - Backend Connection Settings -
+
+backend_hostname0 = 'pg-master'
+backend_port0 = 5432
+backend_weight0= 1
+backend_flag0= 'ALLOW_TO_FAILOVER'
+
+backend_hostname1 = 'pg-slave'
+backend_port1 = 5432
+backend_weight1= 1
+backend_flag1= 'ALLOW_TO_FAILOVER'
+
+#backend_hostname0 = 'master'
+                                   # Host name or IP address to connect to for backend 0
+#backend_port0 = 5432
+                                   # Port number for backend 0
+#backend_weight0 = 1
+                                   # Weight for backend 0 (only in load balancing mode)
+#backend_data_directory0 = '/data'
+                                   # Data directory for backend 0
+#backend_flag0 = 'ALLOW_TO_FAILOVER'
+                                   # Controls various backend behavior
+                                   # ALLOW_TO_FAILOVER or DISALLOW_TO_FAILOVER
+#backend_hostname1 = 'standby'
+#backend_port1 = 5432
+#backend_weight1 = 1
+#backend_data_directory1 = '/data1'
+#backend_flag1 = 'ALLOW_TO_FAILOVER'
+
+# - Authentication -
+
+enable_pool_hba = on
+                                   # Use pool_hba.conf for client authentication
+pool_passwd = 'pool_passwd'
+                                   # File name of pool_passwd for md5 authentication.
+                                   # "" disables pool_passwd.
+                                   # (change requires restart)
+authentication_timeout = 60
+                                   # Delay in seconds to complete client authentication
+                                   # 0 means no timeout.
+
+# - SSL Connections -
+
+ssl = off
+                                   # Enable SSL support
+                                   # (change requires restart)
+#ssl_key = './server.key'
+                                   # Path to the SSL private key file
+                                   # (change requires restart)
+#ssl_cert = './server.cert'
+                                   # Path to the SSL public certificate file
+                                   # (change requires restart)
+#ssl_ca_cert = ''
+                                   # Path to a single PEM format file
+                                   # containing CA root certificate(s)
+                                   # (change requires restart)
+#ssl_ca_cert_dir = ''
+                                   # Directory containing CA root certificate(s)
+                                   # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# POOLS
+#------------------------------------------------------------------------------
+
+# - Pool size -
+
+num_init_children = 100
+                                   # Number of pools
+                                   # (change requires restart)
+max_pool = 20
+                                   # Number of connections per pool
+                                   # (change requires restart)
+
+# - Life time -
+
+child_life_time = 300
+                                   # Pool exits after being idle for this many seconds
+child_max_connections = 0
+                                   # Pool exits after receiving that many connections
+                                   # 0 means no exit
+connection_life_time = 0
+                                   # Connection to backend closes after being idle for this many seconds
+                                   # 0 means no close
+client_idle_limit = 0
+                                   # Client is disconnected after being idle for that many seconds
+                                   # (even inside an explicit transactions!)
+                                   # 0 means no disconnection
+
+
+#------------------------------------------------------------------------------
+# LOGS
+#------------------------------------------------------------------------------
+
+# - Where to log -
+
+log_destination = 'stderr'
+                                   # Where to log
+                                   # Valid values are combinations of stderr,
+                                   # and syslog. Default to stderr.
+
+# - What to log -
+
+print_timestamp = on
+                                   # Print timestamp on each line
+                                   # (change requires restart)
+
+log_connections = on
+                                   # Log connections
+log_hostname = on
+                                   # Hostname will be shown in ps status
+                                   # and in logs if connections are logged
+log_statement = on
+                                   # Log all statements
+log_per_node_statement = on
+                                   # Log all statements
+                                   # with node and backend informations
+log_standby_delay = 'if_over_threshold'
+                                   # Log standby delay
+                                   # Valid values are combinations of always,
+                                   # if_over_threshold, none
+
+# - Syslog specific -
+
+syslog_facility = 'LOCAL0'
+                                   # Syslog local facility. Default to LOCAL0
+syslog_ident = 'pgpool'
+                                   # Syslog program identification string
+                                   # Default to 'pgpool'
+
+# - Debug -
+
+debug_level = 1
+                                   # Debug message verbosity level
+                                   # 0 means no message, 1 or more mean verbose
+
+
+#------------------------------------------------------------------------------
+# FILE LOCATIONS
+#------------------------------------------------------------------------------
+
+pid_file_name = '/tmp/pgpool.pid'
+                                   # PID file name
+                                   # (change requires restart)
+logdir = '/tmp'
+                                   # Directory of pgPool status file
+                                   # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# CONNECTION POOLING
+#------------------------------------------------------------------------------
+
+connection_cache = on
+                                   # Activate connection pools
+                                   # (change requires restart)
+
+                                   # Semicolon separated list of queries
+                                   # to be issued at the end of a session
+                                   # The default is for 8.3 and later
+reset_query_list = 'ABORT; DISCARD ALL'
+                                   # The following one is for 8.2 and before
+#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT'
+
+
+#------------------------------------------------------------------------------
+# REPLICATION MODE
+#------------------------------------------------------------------------------
+
+replication_mode = off
+                                   # Activate replication mode
+                                   # (change requires restart)
+replicate_select = off
+                                   # Replicate SELECT statements
+                                   # when in replication or parallel mode
+                                   # replicate_select is higher priority than
+                                   # load_balance_mode.
+
+insert_lock = off
+                                   # Automatically locks a dummy row or a table
+                                   # with INSERT statements to keep SERIAL data
+                                   # consistency
+                                   # Without SERIAL, no lock will be issued
+lobj_lock_table = ''
+                                   # When rewriting lo_creat command in
+                                   # replication mode, specify table name to
+                                   # lock
+
+# - Degenerate handling -
+
+replication_stop_on_mismatch = off
+                                   # On disagreement with the packet kind
+                                   # sent from backend, degenerate the node
+                                   # which is most likely "minority"
+                                   # If off, just force to exit this session
+
+failover_if_affected_tuples_mismatch = off
+                                   # On disagreement with the number of affected
+                                   # tuples in UPDATE/DELETE queries, then
+                                   # degenerate the node which is most likely
+                                   # "minority".
+                                   # If off, just abort the transaction to
+                                   # keep the consistency
+
+
+#------------------------------------------------------------------------------
+# LOAD BALANCING MODE
+#------------------------------------------------------------------------------
+
+load_balance_mode = on
+                                   # Activate load balancing mode
+                                   # (change requires restart)
+ignore_leading_white_space = on
+                                   # Ignore leading white spaces of each query
+white_function_list = ''
+                                   # Comma separated list of function names
+                                   # that don't write to database
+                                   # Regexp are accepted
+black_function_list = 'currval,lastval,nextval,setval'
+                                   # Comma separated list of function names
+                                   # that write to database
+                                   # Regexp are accepted
+
+
+#------------------------------------------------------------------------------
+# MASTER/SLAVE MODE
+#------------------------------------------------------------------------------
+
+master_slave_mode = on
+                                   # Activate master/slave mode
+                                   # (change requires restart)
+master_slave_sub_mode = 'stream'
+                                   # Master/slave sub mode
+                                   # Valid values are combinations slony or
+                                   # stream. Default is slony.
+                                   # (change requires restart)
+
+# - Streaming -
+
+sr_check_period = 10
+                                   # Streaming replication check period
+                                   # Disabled (0) by default
+sr_check_user = 'dendrite'
+                                   # Streaming replication check user
+                                   # This is neccessary even if you disable streaming
+                                   # replication delay check by sr_check_period = 0
+sr_check_password = 'finochat'
+                                   # Password for streaming replication check user
+delay_threshold = 10000000
+                                   # Threshold before not dispatching query to standby node
+                                   # Unit is in bytes
+                                   # Disabled (0) by default
+
+# - Special commands -
+
+follow_master_command = ''
+                                   # Executes this command after master failover
+                                   # Special values:
+                                   #   %d = node id
+                                   #   %h = host name
+                                   #   %p = port number
+                                   #   %D = database cluster path
+                                   #   %m = new master node id
+                                   #   %H = hostname of the new master node
+                                   #   %M = old master node id
+                                   #   %P = old primary node id
+								   #   %r = new master port number
+								   #   %R = new master database cluster path
+                                   #   %% = '%' character
+
+
+#------------------------------------------------------------------------------
+# PARALLEL MODE
+#------------------------------------------------------------------------------
+
+parallel_mode = off
+                                   # Activates parallel query mode
+                                   # (change requires restart)
+pgpool2_hostname = ''
+                                   # Set pgpool2 hostname
+                                   # (change requires restart)
+
+# - System DB info -
+
+#system_db_hostname  = 'localhost'
+                                   # (change requires restart)
+#system_db_port = 5432
+                                   # (change requires restart)
+#system_db_dbname = 'pgpool'
+                                   # (change requires restart)
+#system_db_schema = 'pgpool_catalog'
+                                   # (change requires restart)
+#system_db_user = 'pgpool'
+                                   # (change requires restart)
+#system_db_password = ''
+                                   # (change requires restart)
+
+
+#------------------------------------------------------------------------------
+# HEALTH CHECK
+#------------------------------------------------------------------------------
+
+health_check_period = 0
+                                   # Health check period
+                                   # Disabled (0) by default
+health_check_timeout = 20
+                                   # Health check timeout
+                                   # 0 means no timeout
+health_check_user = 'dendrite'
+                                   # Health check user
+health_check_password = 'finochat'
+                                   # Password for health check user
+health_check_max_retries = 0
+                                   # Maximum number of times to retry a failed health check before giving up.
+health_check_retry_delay = 1
+                                   # Amount of time to wait (in seconds) between retries.
+
+
+#------------------------------------------------------------------------------
+# FAILOVER AND FAILBACK
+#------------------------------------------------------------------------------
+
+failover_command = ''
+                                   # Executes this command at failover
+                                   # Special values:
+                                   #   %d = node id
+                                   #   %h = host name
+                                   #   %p = port number
+                                   #   %D = database cluster path
+                                   #   %m = new master node id
+                                   #   %H = hostname of the new master node
+                                   #   %M = old master node id
+                                   #   %P = old primary node id
+								   #   %r = new master port number
+								   #   %R = new master database cluster path
+                                   #   %% = '%' character
+failback_command = ''
+                                   # Executes this command at failback.
+                                   # Special values:
+                                   #   %d = node id
+                                   #   %h = host name
+                                   #   %p = port number
+                                   #   %D = database cluster path
+                                   #   %m = new master node id
+                                   #   %H = hostname of the new master node
+                                   #   %M = old master node id
+                                   #   %P = old primary node id
+								   #   %r = new master port number
+								   #   %R = new master database cluster path
+                                   #   %% = '%' character
+
+fail_over_on_backend_error = on
+                                   # Initiates failover when reading/writing to the
+                                   # backend communication socket fails
+                                   # If set to off, pgpool will report an
+                                   # error and disconnect the session.
+
+search_primary_node_timeout = 10
+                                   # Timeout in seconds to search for the
+                                   # primary node when a failover occurs.
+                                   # 0 means no timeout, keep searching
+                                   # for a primary node forever.
+
+#------------------------------------------------------------------------------
+# ONLINE RECOVERY
+#------------------------------------------------------------------------------
+
+recovery_user = 'dendrite'
+                                   # Online recovery user
+recovery_password = 'finochat'
+                                   # Online recovery password
+recovery_1st_stage_command = ''
+                                   # Executes a command in first stage
+recovery_2nd_stage_command = ''
+                                   # Executes a command in second stage
+recovery_timeout = 90
+                                   # Timeout in seconds to wait for the
+                                   # recovering node's postmaster to start up
+                                   # 0 means no wait
+client_idle_limit_in_recovery = 0
+                                   # Client is disconnected after being idle
+                                   # for that many seconds in the second stage
+                                   # of online recovery
+                                   # 0 means no disconnection
+                                   # -1 means immediate disconnection
+
+
+#------------------------------------------------------------------------------
+# WATCHDOG
+#------------------------------------------------------------------------------
+
+# - Enabling -
+
+use_watchdog = off
+                                    # Activates watchdog
+                                    # (change requires restart)
+
+# -Connection to up stream servers -
+
+trusted_servers = ''
+                                    # trusted server list which are used
+                                    # to confirm network connection
+                                    # (hostA,hostB,hostC,...)
+                                    # (change requires restart)
+ping_path = '/bin'
+                                    # ping command path
+                                    # (change requires restart)
+
+# - Watchdog communication Settings -
+
+wd_hostname = ''
+                                    # Host name or IP address of this watchdog
+                                    # (change requires restart)
+wd_port = 9000
+                                    # port number for watchdog service
+                                    # (change requires restart)
+wd_authkey = ''
+                                    # Authentication key for watchdog communication
+                                    # (change requires restart)
+
+# - Virtual IP control Setting -
+
+delegate_IP = ''
+                                    # delegate IP address
+                                    # If this is empty, virtual IP never bring up.
+                                    # (change requires restart)
+ifconfig_path = '/sbin'
+                                    # ifconfig command path
+                                    # (change requires restart)
+if_up_cmd = 'ifconfig eth0:0 inet $_IP_$ netmask 255.255.255.0'
+                                    # startup delegate IP command
+                                    # (change requires restart)
+if_down_cmd = 'ifconfig eth0:0 down'
+                                    # shutdown delegate IP command
+                                    # (change requires restart)
+
+arping_path = '/usr/sbin'           # arping command path
+                                    # (change requires restart)
+
+arping_cmd = 'arping -U $_IP_$ -w 1'
+                                    # arping command
+                                    # (change requires restart)
+
+# - Behaivor on escalation Setting -
+
+clear_memqcache_on_escalation = on
+                                    # Clear all the query cache on shared memory
+                                    # when standby pgpool escalate to active pgpool
+                                    # (= virtual IP holder).
+                                    # This should be off if client connects to pgpool
+                                    # not using virtual IP.
+                                    # (change requires restart)
+wd_escalation_command = ''
+                                    # Executes this command at escalation on new active pgpool.
+                                    # (change requires restart)
+
+# - Lifecheck Setting -
+
+# -- common --
+
+wd_lifecheck_method = 'heartbeat'
+                                    # Method of watchdog lifecheck ('heartbeat' or 'query')
+                                    # (change requires restart)
+wd_interval = 10
+                                    # lifecheck interval (sec) > 0
+                                    # (change requires restart)
+
+# -- heartbeat mode --
+
+wd_heartbeat_port = 9694
+                                    # Port number for receiving heartbeat signal
+                                    # (change requires restart)
+wd_heartbeat_keepalive = 2
+                                    # Interval time of sending heartbeat signal (sec)
+                                    # (change requires restart)
+wd_heartbeat_deadtime = 30
+                                    # Deadtime interval for heartbeat signal (sec)
+                                    # (change requires restart)
+heartbeat_destination0 = 'host0_ip1'
+                                    # Host name or IP address of destination 0
+                                    # for sending heartbeat signal.
+                                    # (change requires restart)
+heartbeat_destination_port0 = 9694
+                                    # Port number of destination 0 for sending
+                                    # heartbeat signal. Usually this is the
+                                    # same as wd_heartbeat_port.
+                                    # (change requires restart)