Commit Graph

10888 Commits

Author SHA1 Message Date
rinpatch
a705637dcf Connection Pool: fix LRFU implementation to not actually be LRU
The numbers of the native time unit were so small the CRF was always 1,
making it an LRU. This commit switches the time to miliseconds and changes
the time delta multiplier to the one yielding mostly highest hit rates according
to the paper
2020-07-15 15:26:35 +03:00
rinpatch
9b73c35ca8 Request limiter setup: consider {:error, :existing} a success
When the application restarts (which happens after certain config
changes), the limiters are not destroyed, so `ConcurrentLimiter.new`
will produce {:error, :existing}
2020-07-15 15:26:35 +03:00
rinpatch
12fa5541f0 FollowRedirects: Unconditionally release the connection if there is an error
There is no need for streaming the body if there is no body
2020-07-15 15:26:35 +03:00
rinpatch
9df5918974 config.exs: make gun the default again 2020-07-15 15:26:35 +03:00
rinpatch
37f1e781cb Gun adapter helper: fix wildcard cert issues on OTP 23
See https://bugs.erlang.org/browse/ERL-1260 for more info.

The ssl match function is basically copied from mint, except
that `:string.lowercase/1` was replaced by `:string.casefold`.
It was a TODO in mint's code, so might as well do it since we don't need
to support OTP <20.

Closes #1834
2020-07-15 15:26:35 +03:00
rinpatch
007843b75e Add documentation for new connection pool settings and remove some
`:retry_timeout` and `:retry` got removed because reconnecting on failure is
something the new pool intentionally doesn't do.

`:max_overflow` had to go in favor of `:max_waiting`, I didn't reuse the key because
the settings are very different in their behaviour.

`:checkin_timeout` got removed in favor of `:connection_acquisition_wait`,
I didn't reuse the key because the settings are somewhat different.

I didn't do any migrations/deprecation warnings/changelog entries because
these settings were never in stable.
2020-07-15 15:26:35 +03:00
rinpatch
7882f28569 Use erlang monotonic time for CRF calculation 2020-07-15 15:26:35 +03:00
rinpatch
00926a63fb Adapter Helper: Use built-in ip address type 2020-07-15 15:26:35 +03:00
rinpatch
bf3492ceb3 Connection Pool: add tests 2020-07-15 15:26:35 +03:00
rinpatch
721e89e88b Remove tests for old pool 2020-07-15 15:26:35 +03:00
rinpatch
4128e3a84a HTTP: Implement max request limits 2020-07-15 15:26:35 +03:00
rinpatch
94c8f3cfaf Use a custom pool-aware FollowRedirects middleware 2020-07-15 15:26:35 +03:00
rinpatch
281ddd5e37 Connection pool: fix connections being supervised by gun_sup 2020-07-15 15:26:35 +03:00
rinpatch
1b15cb066c Connection pool: Add client death tracking
While running this in production I noticed a number of ghost
processes with all their clients dead before they released the connection,
so let's track them to log it and remove them from clients
2020-07-15 15:26:35 +03:00
rinpatch
e94ba05e52 Connection pool: Fix a possible infinite recursion if the pool is exhausted 2020-07-15 15:26:35 +03:00
rinpatch
7738fbbaf5 Connection pool: implement logging and telemetry events 2020-07-15 15:26:25 +03:00
rinpatch
0ffde499b8 Connection Pool: register workers using :via 2020-07-15 15:24:47 +03:00
rinpatch
ec9d0d146b Connection pool: Fix race conditions in limit enforcement
Fixes race conditions in limit enforcement by putting worker processes
in a DynamicSupervisor
2020-07-15 15:17:27 +03:00
rinpatch
d08b157699 Connection pool: check that there actually is a result
Sometimes connections died before being released to the pool, resulting
in MatchErrors
2020-07-15 15:17:27 +03:00
rinpatch
fffbcffb8c Connection Pool: don't enforce pool limits if no new connection needs to be opened 2020-07-15 15:17:27 +03:00
rinpatch
58a4f350a8 Refactor gun pooling and simplify adapter option insertion
This patch refactors gun pooling to use Elixir process registry and
simplifies adapter option insertion.

Having the pool use process registry instead of a GenServer has a number of advantages:
- Simpler code: the initial implementation adds about half the lines of code it deletes
- Concurrency: unlike a GenServer, ETS-based registry can handle multiple checkout/checkin
requests at the same time
- Precise and easy idle connection clousure: current proposal for closing idle connections in
the GenServer-based pool needs to filter through all connections once a minute and compare their
last active time with closing time. With Elixir process registry this can be done
by just using `Process.send_after`/`Process.cancel_timer` in the worker process.
- Lower memory footprint: In my tests `gun-memory-leak` branch uses about 290mb on peak load (250 connections)
and 235mb on idle (5-10 connections). Registry-based pool uses 210mb on idle and 240mb on peak load
2020-07-15 15:17:27 +03:00
lain
040524c09f Merge branch 'tests/apc2s-update_outbox' into 'develop'
AP C2S tests: Make sure you can't use another user's AP id

See merge request pleroma/pleroma!2767
2020-07-15 10:12:44 +00:00
Haelwenn (lanodan) Monnier
6d8427cca2
AP C2S tests: Make sure you can't use another user's AP id 2020-07-15 09:59:24 +02:00
Alex Gleason
0d004a9d04
Email admins when a new unapproved account is up for review 2020-07-14 20:31:20 -05:00
Alex Gleason
48983e9421
Merge remote-tracking branch 'upstream/develop' into by-approval 2020-07-14 18:56:40 -05:00
Alex Gleason
df3d1bf5e5
Add :approval_pending to User @type account_status 2020-07-14 18:56:36 -05:00
Alex Gleason
e82060c472
Update CHANGELOG.md 2020-07-14 18:47:23 -05:00
Alex Gleason
fab44f6970
Test User with confirmation_pending: true, approval_pending: true 2020-07-14 18:46:57 -05:00
Alex Gleason
20d24741af
AdminAPI: Add PATCH /api/pleroma/admin/users/approve endpoint 2020-07-14 18:02:44 -05:00
Alex Gleason
33f1b29b2c
AdminAPI: Filter users by need_approval 2020-07-14 14:29:03 -05:00
Alex Gleason
b750129da1
AdminAPI: Return approval_pending with users 2020-07-14 13:47:05 -05:00
Maksim Pechnikov
1dd767b8c7 Include port in host for signatures 2020-07-14 21:44:08 +03:00
Mark Felder
777a7edc6b Lint and fix test to match new log message 2020-07-14 13:15:37 -05:00
Mark Felder
37297a8482 Improve error messages 2020-07-14 13:12:16 -05:00
Alex Gleason
a1570ba6ad
AdminAPI: Return registration_reason with users 2020-07-14 13:08:39 -05:00
feld
3f65f2ea79 Merge branch 'feature/1922-media-proxy-whitelist' into 'develop'
Support for hosts with scheme in MediaProxy whitelist setting

Closes #1922

See merge request pleroma/pleroma!2754
2020-07-14 18:07:44 +00:00
feld
63798e89de Merge branch 'fix/scrubber-recompile-warnings-as-errors' into 'develop'
Fix in-db configuration in dev environment

See merge request pleroma/pleroma!2764
2020-07-14 18:05:36 +00:00
feld
2909dc873b Merge branch '1940-admin-token-oauthless-auth' into 'develop'
[#1940] Reinstated OAuth-less `admin_token` authentication

Closes #1940

See merge request pleroma/pleroma!2760
2020-07-14 16:48:26 +00:00
Ivan Tashkinov
124b4709dc [#1940] Added admin_token param (as admin_api_params/0) to existing Admin API OpenAPI operations. 2020-07-14 19:31:05 +03:00
Mark Felder
ce314e6fe2 Clarify description and suggestion 2020-07-14 11:24:58 -05:00
feld
246f49d685 Merge branch '1916-transmogrifier-skipping-oddities-in-address-fields' into 'develop'
Transmogrifier: filtering weirdness in address fields

Closes #1916

See merge request pleroma/pleroma!2762
2020-07-14 15:17:25 +00:00
rinpatch
2d5e96ea8b Merge branch 'fix/oban-2.0-in-db-config' into 'develop'
Migrate in-db config after updating to Oban 2.0

See merge request pleroma/pleroma!2765
2020-07-14 10:39:08 +00:00
rinpatch
e6ccc25565 Fix in-db configuration in dev environment
Previously, in-db configuration only worked when `warnings_as_errors`
was disabled because re-compiling scrubbers on application restart
created a warning about module conflicts. This patch fixes that
by enabling `ignore_module_conflict` option of the compiler at runtime,
and enables `warnings_as_errors` in prod since there is no reason
to keep it disabled anymore.
2020-07-14 13:16:54 +03:00
rinpatch
8d56fb6d22 Migrate in-db config after updating to Oban 2.0 2020-07-14 13:15:46 +03:00
Haelwenn (lanodan) Monnier
858d9fc7e8
MRF Policies: Return a {:reject, reason} instead of {:reject, nil} 2020-07-14 11:04:16 +02:00
Ivan Tashkinov
9b225db7d8 [#1940] Applied rate limit for requests with bad admin_token. Added doc warnings on admin_token setting. 2020-07-14 11:58:41 +03:00
Ivan Tashkinov
cf3f8cb72a [#1940] Reinstated OAuth-less admin_token authentication. Refactored UserIsAdminPlug (freed from checking admin scopes presence). 2020-07-19 21:35:57 +03:00
Maksim Pechnikov
3062f86613 added generated pleroma.env 2020-07-14 09:05:34 +03:00
Alex Gleason
5ddf0415c4
Accept reason in POST /api/v1/accounts and store in DB 2020-07-14 00:22:12 -05:00
=
b221b640a2 Transmogrifier: filtering weirdness in address fields 2020-07-13 22:43:21 +03:00