Merge federationapi, federationsender, signingkeyserver components (#2055)

* Initial federation sender -> federation API refactoring * Move base into own package, avoids import cycle * Fix build errors * Fix tests * Add signing key server tables * Try to fold signing key server into federation API * Fix dendritejs builds * Update embedded interfaces * Fix panic, fix lint error * Update configs, docker * Rename some things * Reuse same keyring on the implementing side * Fix federation tests, `NewBaseDendrite` can accept freeform options * Fix build * Update create_db, configs * Name tables back * Don't rename federationsender consumer for now
2025-07-31 13:22:46 +00:00 · 2021-11-24 10:45:23 +00:00 · 2021-11-24 10:45:23 +00:00 · ec716793eb
commit ec716793eb
parent 6e93531e94
136 changed files with 1211 additions and 1786 deletions
--- a/setup/base/base.go
+++ b/setup/base/base.go
@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-package setup
+package base

 import (
 	"context"
@ -47,15 +47,13 @@ import (
 	asinthttp "github.com/matrix-org/dendrite/appservice/inthttp"
 	eduServerAPI "github.com/matrix-org/dendrite/eduserver/api"
 	eduinthttp "github.com/matrix-org/dendrite/eduserver/inthttp"
-	federationSenderAPI "github.com/matrix-org/dendrite/federationsender/api"
-	fsinthttp "github.com/matrix-org/dendrite/federationsender/inthttp"
+	federationAPI "github.com/matrix-org/dendrite/federationapi/api"
+	federationIntHTTP "github.com/matrix-org/dendrite/federationapi/inthttp"
 	keyserverAPI "github.com/matrix-org/dendrite/keyserver/api"
 	keyinthttp "github.com/matrix-org/dendrite/keyserver/inthttp"
 	roomserverAPI "github.com/matrix-org/dendrite/roomserver/api"
 	rsinthttp "github.com/matrix-org/dendrite/roomserver/inthttp"
 	"github.com/matrix-org/dendrite/setup/config"
-	skapi "github.com/matrix-org/dendrite/signingkeyserver/api"
-	skinthttp "github.com/matrix-org/dendrite/signingkeyserver/inthttp"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
 	userapiinthttp "github.com/matrix-org/dendrite/userapi/inthttp"
 	"github.com/sirupsen/logrus"
@ -89,15 +87,33 @@ type BaseDendrite struct {
 	//	KafkaProducer          sarama.SyncProducer
 }

+const NoListener = ""
+
 const HTTPServerTimeout = time.Minute * 5
 const HTTPClientTimeout = time.Second * 30

-const NoListener = ""
+type BaseDendriteOptions int
+
+const (
+	NoCacheMetrics BaseDendriteOptions = iota
+	UseHTTPAPIs
+)

 // NewBaseDendrite creates a new instance to be used by a component.
 // The componentName is used for logging purposes, and should be a friendly name
 // of the compontent running, e.g. "SyncAPI"
-func NewBaseDendrite(cfg *config.Dendrite, componentName string, useHTTPAPIs bool) *BaseDendrite {
+func NewBaseDendrite(cfg *config.Dendrite, componentName string, options ...BaseDendriteOptions) *BaseDendrite {
+	useHTTPAPIs := false
+	cacheMetrics := true
+	for _, opt := range options {
+		switch opt {
+		case NoCacheMetrics:
+			cacheMetrics = false
+		case UseHTTPAPIs:
+			useHTTPAPIs = true
+		}
+	}
+
 	configErrors := &config.ConfigErrors{}
 	cfg.Verify(configErrors, componentName == "Monolith") // TODO: better way?
 	if len(*configErrors) > 0 {
@ -133,7 +149,7 @@ func NewBaseDendrite(cfg *config.Dendrite, componentName string, useHTTPAPIs boo
 		}
 	}

-	cache, err := caching.NewInMemoryLRUCache(true)
+	cache, err := caching.NewInMemoryLRUCache(cacheMetrics)
 	if err != nil {
 		logrus.WithError(err).Warnf("Failed to create cache")
 	}
@ -168,10 +184,10 @@ func NewBaseDendrite(cfg *config.Dendrite, componentName string, useHTTPAPIs boo
 		},
 	}
 	client := http.Client{Timeout: HTTPClientTimeout}
-	if cfg.FederationSender.Proxy.Enabled {
+	if cfg.FederationAPI.Proxy.Enabled {
 		client.Transport = &http.Transport{Proxy: http.ProxyURL(&url.URL{
-			Scheme: cfg.FederationSender.Proxy.Protocol,
-			Host:   fmt.Sprintf("%s:%d", cfg.FederationSender.Proxy.Host, cfg.FederationSender.Proxy.Port),
+			Scheme: cfg.FederationAPI.Proxy.Protocol,
+			Host:   fmt.Sprintf("%s:%d", cfg.FederationAPI.Proxy.Host, cfg.FederationAPI.Proxy.Port),
 		})}
 	}

@ -248,25 +264,12 @@ func (b *BaseDendrite) EDUServerClient() eduServerAPI.EDUServerInputAPI {
 	return e
 }

-// FederationSenderHTTPClient returns FederationSenderInternalAPI for hitting
-// the federation sender over HTTP
-func (b *BaseDendrite) FederationSenderHTTPClient() federationSenderAPI.FederationSenderInternalAPI {
-	f, err := fsinthttp.NewFederationSenderClient(b.Cfg.FederationSenderURL(), b.apiHttpClient)
+// FederationAPIHTTPClient returns FederationInternalAPI for hitting
+// the federation API server over HTTP
+func (b *BaseDendrite) FederationAPIHTTPClient() federationAPI.FederationInternalAPI {
+	f, err := federationIntHTTP.NewFederationAPIClient(b.Cfg.FederationAPIURL(), b.apiHttpClient, b.Caches)
 	if err != nil {
-		logrus.WithError(err).Panic("FederationSenderHTTPClient failed", b.apiHttpClient)
-	}
-	return f
-}
-
-// SigningKeyServerHTTPClient returns SigningKeyServer for hitting the signing key server over HTTP
-func (b *BaseDendrite) SigningKeyServerHTTPClient() skapi.SigningKeyServerAPI {
-	f, err := skinthttp.NewSigningKeyServerClient(
-		b.Cfg.SigningKeyServerURL(),
-		b.apiHttpClient,
-		b.Caches,
-	)
-	if err != nil {
-		logrus.WithError(err).Panic("SigningKeyServerHTTPClient failed", b.httpClient)
+		logrus.WithError(err).Panic("FederationAPIHTTPClient failed", b.apiHttpClient)
 	}
 	return f
 }
@ -300,7 +303,7 @@ func (b *BaseDendrite) CreateClient() *gomatrixserverlib.Client {
 		)
 	}
 	opts := []gomatrixserverlib.ClientOption{
-		gomatrixserverlib.WithSkipVerify(b.Cfg.FederationSender.DisableTLSValidation),
+		gomatrixserverlib.WithSkipVerify(b.Cfg.FederationAPI.DisableTLSValidation),
 	}
 	if b.Cfg.Global.DNSCache.Enabled {
 		opts = append(opts, gomatrixserverlib.WithDNSCache(b.DNSCache))
@ -321,7 +324,7 @@ func (b *BaseDendrite) CreateFederationClient() *gomatrixserverlib.FederationCli
 	}
 	opts := []gomatrixserverlib.ClientOption{
 		gomatrixserverlib.WithTimeout(time.Minute * 5),
-		gomatrixserverlib.WithSkipVerify(b.Cfg.FederationSender.DisableTLSValidation),
+		gomatrixserverlib.WithSkipVerify(b.Cfg.FederationAPI.DisableTLSValidation),
 	}
 	if b.Cfg.Global.DNSCache.Enabled {
 		opts = append(opts, gomatrixserverlib.WithDNSCache(b.DNSCache))
--- a/setup/base/federation.go
+++ b/setup/base/federation.go
@ -1,4 +1,4 @@
-package setup
+package base

 import (
 	"context"
--- a/setup/config/config.go
+++ b/setup/config/config.go
@ -53,18 +53,16 @@ type Dendrite struct {
 	// been a breaking change to the config file format.
 	Version int `yaml:"version"`

-	Global           Global           `yaml:"global"`
-	AppServiceAPI    AppServiceAPI    `yaml:"app_service_api"`
-	ClientAPI        ClientAPI        `yaml:"client_api"`
-	EDUServer        EDUServer        `yaml:"edu_server"`
-	FederationAPI    FederationAPI    `yaml:"federation_api"`
-	FederationSender FederationSender `yaml:"federation_sender"`
-	KeyServer        KeyServer        `yaml:"key_server"`
-	MediaAPI         MediaAPI         `yaml:"media_api"`
-	RoomServer       RoomServer       `yaml:"room_server"`
-	SigningKeyServer SigningKeyServer `yaml:"signing_key_server"`
-	SyncAPI          SyncAPI          `yaml:"sync_api"`
-	UserAPI          UserAPI          `yaml:"user_api"`
+	Global        Global        `yaml:"global"`
+	AppServiceAPI AppServiceAPI `yaml:"app_service_api"`
+	ClientAPI     ClientAPI     `yaml:"client_api"`
+	EDUServer     EDUServer     `yaml:"edu_server"`
+	FederationAPI FederationAPI `yaml:"federation_api"`
+	KeyServer     KeyServer     `yaml:"key_server"`
+	MediaAPI      MediaAPI      `yaml:"media_api"`
+	RoomServer    RoomServer    `yaml:"room_server"`
+	SyncAPI       SyncAPI       `yaml:"sync_api"`
+	UserAPI       UserAPI       `yaml:"user_api"`

 	MSCs MSCs `yaml:"mscs"`

@ -300,11 +298,9 @@ func (c *Dendrite) Defaults() {
 	c.ClientAPI.Defaults()
 	c.EDUServer.Defaults()
 	c.FederationAPI.Defaults()
-	c.FederationSender.Defaults()
 	c.KeyServer.Defaults()
 	c.MediaAPI.Defaults()
 	c.RoomServer.Defaults()
-	c.SigningKeyServer.Defaults()
 	c.SyncAPI.Defaults()
 	c.UserAPI.Defaults()
 	c.AppServiceAPI.Defaults()
@ -319,9 +315,9 @@ func (c *Dendrite) Verify(configErrs *ConfigErrors, isMonolith bool) {
 	}
 	for _, c := range []verifiable{
 		&c.Global, &c.ClientAPI,
-		&c.EDUServer, &c.FederationAPI, &c.FederationSender,
+		&c.EDUServer, &c.FederationAPI,
 		&c.KeyServer, &c.MediaAPI, &c.RoomServer,
-		&c.SigningKeyServer, &c.SyncAPI, &c.UserAPI,
+		&c.SyncAPI, &c.UserAPI,
 		&c.AppServiceAPI, &c.MSCs,
 	} {
 		c.Verify(configErrs, isMonolith)
@ -332,11 +328,9 @@ func (c *Dendrite) Wiring() {
 	c.ClientAPI.Matrix = &c.Global
 	c.EDUServer.Matrix = &c.Global
 	c.FederationAPI.Matrix = &c.Global
-	c.FederationSender.Matrix = &c.Global
 	c.KeyServer.Matrix = &c.Global
 	c.MediaAPI.Matrix = &c.Global
 	c.RoomServer.Matrix = &c.Global
-	c.SigningKeyServer.Matrix = &c.Global
 	c.SyncAPI.Matrix = &c.Global
 	c.UserAPI.Matrix = &c.Global
 	c.AppServiceAPI.Matrix = &c.Global
@ -493,6 +487,15 @@ func (config *Dendrite) AppServiceURL() string {
 	return string(config.AppServiceAPI.InternalAPI.Connect)
 }

+// FederationAPIURL returns an HTTP URL for where the federation API is listening.
+func (config *Dendrite) FederationAPIURL() string {
+	// Hard code the federationapi to talk HTTP for now.
+	// If we support HTTPS we need to think of a practical way to do certificate validation.
+	// People setting up servers shouldn't need to get a certificate valid for the public
+	// internet for an internal API.
+	return string(config.FederationAPI.InternalAPI.Connect)
+}
+
 // RoomServerURL returns an HTTP URL for where the roomserver is listening.
 func (config *Dendrite) RoomServerURL() string {
 	// Hard code the roomserver to talk HTTP for now.
@ -520,24 +523,6 @@ func (config *Dendrite) EDUServerURL() string {
 	return string(config.EDUServer.InternalAPI.Connect)
 }

-// FederationSenderURL returns an HTTP URL for where the federation sender is listening.
-func (config *Dendrite) FederationSenderURL() string {
-	// Hard code the federation sender server to talk HTTP for now.
-	// If we support HTTPS we need to think of a practical way to do certificate validation.
-	// People setting up servers shouldn't need to get a certificate valid for the public
-	// internet for an internal API.
-	return string(config.FederationSender.InternalAPI.Connect)
-}
-
-// SigningKeyServerURL returns an HTTP URL for where the signing key server is listening.
-func (config *Dendrite) SigningKeyServerURL() string {
-	// Hard code the signing key server to talk HTTP for now.
-	// If we support HTTPS we need to think of a practical way to do certificate validation.
-	// People setting up servers shouldn't need to get a certificate valid for the public
-	// internet for an internal API.
-	return string(config.SigningKeyServer.InternalAPI.Connect)
-}
-
 // KeyServerURL returns an HTTP URL for where the key server is listening.
 func (config *Dendrite) KeyServerURL() string {
 	// Hard code the key server to talk HTTP for now.
--- a/setup/config/config_federationapi.go
+++ b/setup/config/config_federationapi.go
@ -1,23 +1,55 @@
 package config

+import "github.com/matrix-org/gomatrixserverlib"
+
 type FederationAPI struct {
 	Matrix *Global `yaml:"-"`

 	InternalAPI InternalAPIOptions `yaml:"internal_api"`
 	ExternalAPI ExternalAPIOptions `yaml:"external_api"`

+	// The database stores information used by the federation destination queues to
+	// send transactions to remote servers.
+	Database DatabaseOptions `yaml:"database"`
+
 	// List of paths to X509 certificates used by the external federation listeners.
 	// These are used to calculate the TLS fingerprints to publish for this server.
 	// Other matrix servers talking to this server will expect the x509 certificate
 	// to match one of these certificates.
 	// The certificates should be in PEM format.
 	FederationCertificatePaths []Path `yaml:"federation_certificates"`
+
+	// Federation failure threshold. How many consecutive failures that we should
+	// tolerate when sending federation requests to a specific server. The backoff
+	// is 2**x seconds, so 1 = 2 seconds, 2 = 4 seconds, 3 = 8 seconds, etc.
+	// The default value is 16 if not specified, which is circa 18 hours.
+	FederationMaxRetries uint32 `yaml:"send_max_retries"`
+
+	// FederationDisableTLSValidation disables the validation of X.509 TLS certs
+	// on remote federation endpoints. This is not recommended in production!
+	DisableTLSValidation bool `yaml:"disable_tls_validation"`
+
+	Proxy Proxy `yaml:"proxy_outbound"`
+
+	// Perspective keyservers, to use as a backup when direct key fetch
+	// requests don't succeed
+	KeyPerspectives KeyPerspectives `yaml:"key_perspectives"`
+
+	// Should we prefer direct key fetches over perspective ones?
+	PreferDirectFetch bool `yaml:"prefer_direct_fetch"`
 }

 func (c *FederationAPI) Defaults() {
 	c.InternalAPI.Listen = "http://localhost:7772"
 	c.InternalAPI.Connect = "http://localhost:7772"
 	c.ExternalAPI.Listen = "http://[::]:8072"
+	c.Database.Defaults(10)
+	c.Database.ConnectionString = "file:federationapi.db"
+
+	c.FederationMaxRetries = 16
+	c.DisableTLSValidation = false
+
+	c.Proxy.Defaults()
 }

 func (c *FederationAPI) Verify(configErrs *ConfigErrors, isMonolith bool) {
@ -26,6 +58,48 @@ func (c *FederationAPI) Verify(configErrs *ConfigErrors, isMonolith bool) {
 	if !isMonolith {
 		checkURL(configErrs, "federation_api.external_api.listen", string(c.ExternalAPI.Listen))
 	}
+	checkNotEmpty(configErrs, "federation_api.database.connection_string", string(c.Database.ConnectionString))
 	// TODO: not applicable always, e.g. in demos
 	//checkNotZero(configErrs, "federation_api.federation_certificates", int64(len(c.FederationCertificatePaths)))
 }
+
+// The config for setting a proxy to use for server->server requests
+type Proxy struct {
+	// Is the proxy enabled?
+	Enabled bool `yaml:"enabled"`
+	// The protocol for the proxy (http / https / socks5)
+	Protocol string `yaml:"protocol"`
+	// The host where the proxy is listening
+	Host string `yaml:"host"`
+	// The port on which the proxy is listening
+	Port uint16 `yaml:"port"`
+}
+
+func (c *Proxy) Defaults() {
+	c.Enabled = false
+	c.Protocol = "http"
+	c.Host = "localhost"
+	c.Port = 8080
+}
+
+func (c *Proxy) Verify(configErrs *ConfigErrors) {
+}
+
+// KeyPerspectives are used to configure perspective key servers for
+// retrieving server keys.
+type KeyPerspectives []KeyPerspective
+
+type KeyPerspective struct {
+	// The server name of the perspective key server
+	ServerName gomatrixserverlib.ServerName `yaml:"server_name"`
+	// Server keys for the perspective user, used to verify the
+	// keys have been signed by the perspective server
+	Keys []KeyPerspectiveTrustKey `yaml:"keys"`
+}
+
+type KeyPerspectiveTrustKey struct {
+	// The key ID, e.g. ed25519:auto
+	KeyID gomatrixserverlib.KeyID `yaml:"key_id"`
+	// The public key in base64 unpadded format
+	PublicKey string `yaml:"public_key"`
+}
--- a/setup/config/config_federationsender.go
+++ b/setup/config/config_federationsender.go
@ -1,63 +0,0 @@
-package config
-
-type FederationSender struct {
-	Matrix *Global `yaml:"-"`
-
-	InternalAPI InternalAPIOptions `yaml:"internal_api"`
-
-	// The FederationSender database stores information used by the FederationSender
-	// It is only accessed by the FederationSender.
-	Database DatabaseOptions `yaml:"database"`
-
-	// Federation failure threshold. How many consecutive failures that we should
-	// tolerate when sending federation requests to a specific server. The backoff
-	// is 2**x seconds, so 1 = 2 seconds, 2 = 4 seconds, 3 = 8 seconds, etc.
-	// The default value is 16 if not specified, which is circa 18 hours.
-	FederationMaxRetries uint32 `yaml:"send_max_retries"`
-
-	// FederationDisableTLSValidation disables the validation of X.509 TLS certs
-	// on remote federation endpoints. This is not recommended in production!
-	DisableTLSValidation bool `yaml:"disable_tls_validation"`
-
-	Proxy Proxy `yaml:"proxy_outbound"`
-}
-
-func (c *FederationSender) Defaults() {
-	c.InternalAPI.Listen = "http://localhost:7775"
-	c.InternalAPI.Connect = "http://localhost:7775"
-	c.Database.Defaults(10)
-	c.Database.ConnectionString = "file:federationsender.db"
-
-	c.FederationMaxRetries = 16
-	c.DisableTLSValidation = false
-
-	c.Proxy.Defaults()
-}
-
-func (c *FederationSender) Verify(configErrs *ConfigErrors, isMonolith bool) {
-	checkURL(configErrs, "federation_sender.internal_api.listen", string(c.InternalAPI.Listen))
-	checkURL(configErrs, "federation_sender.internal_api.connect", string(c.InternalAPI.Connect))
-	checkNotEmpty(configErrs, "federation_sender.database.connection_string", string(c.Database.ConnectionString))
-}
-
-// The config for setting a proxy to use for server->server requests
-type Proxy struct {
-	// Is the proxy enabled?
-	Enabled bool `yaml:"enabled"`
-	// The protocol for the proxy (http / https / socks5)
-	Protocol string `yaml:"protocol"`
-	// The host where the proxy is listening
-	Host string `yaml:"host"`
-	// The port on which the proxy is listening
-	Port uint16 `yaml:"port"`
-}
-
-func (c *Proxy) Defaults() {
-	c.Enabled = false
-	c.Protocol = "http"
-	c.Host = "localhost"
-	c.Port = 8080
-}
-
-func (c *Proxy) Verify(configErrs *ConfigErrors) {
-}
--- a/setup/config/config_signingkeyserver.go
+++ b/setup/config/config_signingkeyserver.go
@ -1,52 +0,0 @@
-package config
-
-import "github.com/matrix-org/gomatrixserverlib"
-
-type SigningKeyServer struct {
-	Matrix *Global `yaml:"-"`
-
-	InternalAPI InternalAPIOptions `yaml:"internal_api"`
-
-	// The SigningKeyServer database caches the public keys of remote servers.
-	// It may be accessed by the FederationAPI, the ClientAPI, and the MediaAPI.
-	Database DatabaseOptions `yaml:"database"`
-
-	// Perspective keyservers, to use as a backup when direct key fetch
-	// requests don't succeed
-	KeyPerspectives KeyPerspectives `yaml:"key_perspectives"`
-
-	// Should we prefer direct key fetches over perspective ones?
-	PreferDirectFetch bool `yaml:"prefer_direct_fetch"`
-}
-
-func (c *SigningKeyServer) Defaults() {
-	c.InternalAPI.Listen = "http://localhost:7780"
-	c.InternalAPI.Connect = "http://localhost:7780"
-	c.Database.Defaults(10)
-	c.Database.ConnectionString = "file:signingkeyserver.db"
-}
-
-func (c *SigningKeyServer) Verify(configErrs *ConfigErrors, isMonolith bool) {
-	checkURL(configErrs, "signing_key_server.internal_api.listen", string(c.InternalAPI.Listen))
-	checkURL(configErrs, "signing_key_server.internal_api.bind", string(c.InternalAPI.Connect))
-	checkNotEmpty(configErrs, "signing_key_server.database.connection_string", string(c.Database.ConnectionString))
-}
-
-// KeyPerspectives are used to configure perspective key servers for
-// retrieving server keys.
-type KeyPerspectives []KeyPerspective
-
-type KeyPerspective struct {
-	// The server name of the perspective key server
-	ServerName gomatrixserverlib.ServerName `yaml:"server_name"`
-	// Server keys for the perspective user, used to verify the
-	// keys have been signed by the perspective server
-	Keys []KeyPerspectiveTrustKey `yaml:"keys"`
-}
-
-type KeyPerspectiveTrustKey struct {
-	// The key ID, e.g. ed25519:auto
-	KeyID gomatrixserverlib.KeyID `yaml:"key_id"`
-	// The public key in base64 unpadded format
-	PublicKey string `yaml:"public_key"`
-}
--- a/setup/config/config_test.go
+++ b/setup/config/config_test.go
@ -112,7 +112,7 @@ federation_sender:
    listen: http://localhost:7775
    connect: http://localhost:7775
  database:
-    connection_string: file:federationsender.db
+    connection_string: file:federationapi.db
    max_open_conns: 100
    max_idle_conns: 2
    conn_max_lifetime: -1
--- a/setup/monolith.go
+++ b/setup/monolith.go
@ -21,14 +21,13 @@ import (
 	"github.com/matrix-org/dendrite/clientapi/api"
 	eduServerAPI "github.com/matrix-org/dendrite/eduserver/api"
 	"github.com/matrix-org/dendrite/federationapi"
-	federationSenderAPI "github.com/matrix-org/dendrite/federationsender/api"
+	federationAPI "github.com/matrix-org/dendrite/federationapi/api"
 	"github.com/matrix-org/dendrite/internal/transactions"
 	keyAPI "github.com/matrix-org/dendrite/keyserver/api"
 	"github.com/matrix-org/dendrite/mediaapi"
 	roomserverAPI "github.com/matrix-org/dendrite/roomserver/api"
 	"github.com/matrix-org/dendrite/setup/config"
 	"github.com/matrix-org/dendrite/setup/process"
-	serverKeyAPI "github.com/matrix-org/dendrite/signingkeyserver/api"
 	"github.com/matrix-org/dendrite/syncapi"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
 	"github.com/matrix-org/dendrite/userapi/storage/accounts"
@ -44,13 +43,12 @@ type Monolith struct {
 	Client    *gomatrixserverlib.Client
 	FedClient *gomatrixserverlib.FederationClient

-	AppserviceAPI       appserviceAPI.AppServiceQueryAPI
-	EDUInternalAPI      eduServerAPI.EDUServerInputAPI
-	FederationSenderAPI federationSenderAPI.FederationSenderInternalAPI
-	RoomserverAPI       roomserverAPI.RoomserverInternalAPI
-	ServerKeyAPI        serverKeyAPI.SigningKeyServerAPI
-	UserAPI             userapi.UserInternalAPI
-	KeyAPI              keyAPI.KeyInternalAPI
+	AppserviceAPI  appserviceAPI.AppServiceQueryAPI
+	EDUInternalAPI eduServerAPI.EDUServerInputAPI
+	FederationAPI  federationAPI.FederationInternalAPI
+	RoomserverAPI  roomserverAPI.RoomserverInternalAPI
+	UserAPI        userapi.UserInternalAPI
+	KeyAPI         keyAPI.KeyInternalAPI

 	// Optional
 	ExtPublicRoomsProvider api.ExtraPublicRoomsProvider
@ -62,12 +60,12 @@ func (m *Monolith) AddAllPublicRoutes(process *process.ProcessContext, csMux, ss
 		csMux, synapseMux, &m.Config.ClientAPI, m.AccountDB,
 		m.FedClient, m.RoomserverAPI,
 		m.EDUInternalAPI, m.AppserviceAPI, transactions.New(),
-		m.FederationSenderAPI, m.UserAPI, m.KeyAPI, m.ExtPublicRoomsProvider,
+		m.FederationAPI, m.UserAPI, m.KeyAPI, m.ExtPublicRoomsProvider,
 		&m.Config.MSCs,
 	)
 	federationapi.AddPublicRoutes(
 		ssMux, keyMux, wkMux, &m.Config.FederationAPI, m.UserAPI, m.FedClient,
-		m.KeyRing, m.RoomserverAPI, m.FederationSenderAPI,
+		m.KeyRing, m.RoomserverAPI, m.FederationAPI,
 		m.EDUInternalAPI, m.KeyAPI, &m.Config.MSCs, nil,
 	)
 	mediaapi.AddPublicRoutes(mediaMux, &m.Config.MediaAPI, m.UserAPI, m.Client)
--- a/setup/mscs/msc2836/msc2836.go
+++ b/setup/mscs/msc2836/msc2836.go
@ -28,11 +28,11 @@ import (
 	"time"

 	"github.com/matrix-org/dendrite/clientapi/jsonerror"
-	fs "github.com/matrix-org/dendrite/federationsender/api"
+	fs "github.com/matrix-org/dendrite/federationapi/api"
 	"github.com/matrix-org/dendrite/internal/hooks"
 	"github.com/matrix-org/dendrite/internal/httputil"
 	roomserver "github.com/matrix-org/dendrite/roomserver/api"
-	"github.com/matrix-org/dendrite/setup"
+	"github.com/matrix-org/dendrite/setup/base"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
 	"github.com/matrix-org/gomatrixserverlib"
 	"github.com/matrix-org/util"
@ -93,7 +93,7 @@ func toClientResponse(res *gomatrixserverlib.MSC2836EventRelationshipsResponse)

 // Enable this MSC
 func Enable(
-	base *setup.BaseDendrite, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationSenderInternalAPI,
+	base *base.BaseDendrite, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationInternalAPI,
 	userAPI userapi.UserInternalAPI, keyRing gomatrixserverlib.JSONVerifier,
 ) error {
 	db, err := NewDatabase(&base.Cfg.MSCs.Database)
@ -148,10 +148,10 @@ type reqCtx struct {
 	// federated request args
 	isFederatedRequest bool
 	serverName         gomatrixserverlib.ServerName
-	fsAPI              fs.FederationSenderInternalAPI
+	fsAPI              fs.FederationInternalAPI
 }

-func eventRelationshipHandler(db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationSenderInternalAPI) func(*http.Request, *userapi.Device) util.JSONResponse {
+func eventRelationshipHandler(db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationInternalAPI) func(*http.Request, *userapi.Device) util.JSONResponse {
 	return func(req *http.Request, device *userapi.Device) util.JSONResponse {
 		relation, err := NewEventRelationshipRequest(req.Body)
 		if err != nil {
@ -183,7 +183,7 @@ func eventRelationshipHandler(db Database, rsAPI roomserver.RoomserverInternalAP
 }

 func federatedEventRelationship(
-	ctx context.Context, fedReq *gomatrixserverlib.FederationRequest, db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationSenderInternalAPI,
+	ctx context.Context, fedReq *gomatrixserverlib.FederationRequest, db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationInternalAPI,
 ) util.JSONResponse {
 	relation, err := NewEventRelationshipRequest(bytes.NewBuffer(fedReq.Content()))
 	if err != nil {
--- a/setup/mscs/msc2836/msc2836_test.go
+++ b/setup/mscs/msc2836/msc2836_test.go
@ -19,7 +19,7 @@ import (
 	"github.com/matrix-org/dendrite/internal/hooks"
 	"github.com/matrix-org/dendrite/internal/httputil"
 	roomserver "github.com/matrix-org/dendrite/roomserver/api"
-	"github.com/matrix-org/dendrite/setup"
+	"github.com/matrix-org/dendrite/setup/base"
 	"github.com/matrix-org/dendrite/setup/config"
 	"github.com/matrix-org/dendrite/setup/mscs/msc2836"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
@ -549,7 +549,7 @@ func injectEvents(t *testing.T, userAPI userapi.UserInternalAPI, rsAPI roomserve
 	cfg.Global.ServerName = "localhost"
 	cfg.MSCs.Database.ConnectionString = "file:msc2836_test.db"
 	cfg.MSCs.MSCs = []string{"msc2836"}
-	base := &setup.BaseDendrite{
+	base := &base.BaseDendrite{
 		Cfg:                    cfg,
 		PublicClientAPIMux:     mux.NewRouter().PathPrefix(httputil.PublicClientPathPrefix).Subrouter(),
 		PublicFederationAPIMux: mux.NewRouter().PathPrefix(httputil.PublicFederationPathPrefix).Subrouter(),
--- a/setup/mscs/msc2946/msc2946.go
+++ b/setup/mscs/msc2946/msc2946.go
@ -27,11 +27,11 @@ import (
 	"github.com/gorilla/mux"
 	chttputil "github.com/matrix-org/dendrite/clientapi/httputil"
 	"github.com/matrix-org/dendrite/clientapi/jsonerror"
-	fs "github.com/matrix-org/dendrite/federationsender/api"
+	fs "github.com/matrix-org/dendrite/federationapi/api"
 	"github.com/matrix-org/dendrite/internal/hooks"
 	"github.com/matrix-org/dendrite/internal/httputil"
 	roomserver "github.com/matrix-org/dendrite/roomserver/api"
-	"github.com/matrix-org/dendrite/setup"
+	"github.com/matrix-org/dendrite/setup/base"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
 	"github.com/matrix-org/gomatrixserverlib"
 	"github.com/matrix-org/util"
@ -52,8 +52,8 @@ func Defaults(r *gomatrixserverlib.MSC2946SpacesRequest) {

 // Enable this MSC
 func Enable(
-	base *setup.BaseDendrite, rsAPI roomserver.RoomserverInternalAPI, userAPI userapi.UserInternalAPI,
-	fsAPI fs.FederationSenderInternalAPI, keyRing gomatrixserverlib.JSONVerifier,
+	base *base.BaseDendrite, rsAPI roomserver.RoomserverInternalAPI, userAPI userapi.UserInternalAPI,
+	fsAPI fs.FederationInternalAPI, keyRing gomatrixserverlib.JSONVerifier,
 ) error {
 	db, err := NewDatabase(&base.Cfg.MSCs.Database)
 	if err != nil {
@ -96,7 +96,7 @@ func Enable(

 func federatedSpacesHandler(
 	ctx context.Context, fedReq *gomatrixserverlib.FederationRequest, roomID string, db Database,
-	rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationSenderInternalAPI,
+	rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationInternalAPI,
 	thisServer gomatrixserverlib.ServerName,
 ) util.JSONResponse {
 	inMemoryBatchCache := make(map[string]set)
@ -128,7 +128,7 @@ func federatedSpacesHandler(
 }

 func spacesHandler(
-	db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationSenderInternalAPI,
+	db Database, rsAPI roomserver.RoomserverInternalAPI, fsAPI fs.FederationInternalAPI,
 	thisServer gomatrixserverlib.ServerName,
 ) func(*http.Request, *userapi.Device) util.JSONResponse {
 	return func(req *http.Request, device *userapi.Device) util.JSONResponse {
@ -172,7 +172,7 @@ type walker struct {
 	thisServer gomatrixserverlib.ServerName
 	db         Database
 	rsAPI      roomserver.RoomserverInternalAPI
-	fsAPI      fs.FederationSenderInternalAPI
+	fsAPI      fs.FederationInternalAPI
 	ctx        context.Context

 	// user ID|device ID|batch_num => event/room IDs sent to client
--- a/setup/mscs/msc2946/msc2946_test.go
+++ b/setup/mscs/msc2946/msc2946_test.go
@ -30,7 +30,7 @@ import (
 	"github.com/matrix-org/dendrite/internal/hooks"
 	"github.com/matrix-org/dendrite/internal/httputil"
 	roomserver "github.com/matrix-org/dendrite/roomserver/api"
-	"github.com/matrix-org/dendrite/setup"
+	"github.com/matrix-org/dendrite/setup/base"
 	"github.com/matrix-org/dendrite/setup/config"
 	"github.com/matrix-org/dendrite/setup/mscs/msc2946"
 	userapi "github.com/matrix-org/dendrite/userapi/api"
@ -415,7 +415,7 @@ func injectEvents(t *testing.T, userAPI userapi.UserInternalAPI, rsAPI roomserve
 	cfg.Global.ServerName = "localhost"
 	cfg.MSCs.Database.ConnectionString = "file:msc2946_test.db"
 	cfg.MSCs.MSCs = []string{"msc2946"}
-	base := &setup.BaseDendrite{
+	base := &base.BaseDendrite{
 		Cfg:                    cfg,
 		PublicClientAPIMux:     mux.NewRouter().PathPrefix(httputil.PublicClientPathPrefix).Subrouter(),
 		PublicFederationAPIMux: mux.NewRouter().PathPrefix(httputil.PublicFederationPathPrefix).Subrouter(),
--- a/setup/mscs/mscs.go
+++ b/setup/mscs/mscs.go
@ -20,13 +20,14 @@ import (
 	"fmt"

 	"github.com/matrix-org/dendrite/setup"
+	"github.com/matrix-org/dendrite/setup/base"
 	"github.com/matrix-org/dendrite/setup/mscs/msc2836"
 	"github.com/matrix-org/dendrite/setup/mscs/msc2946"
 	"github.com/matrix-org/util"
 )

 // Enable MSCs - returns an error on unknown MSCs
-func Enable(base *setup.BaseDendrite, monolith *setup.Monolith) error {
+func Enable(base *base.BaseDendrite, monolith *setup.Monolith) error {
 	for _, msc := range base.Cfg.MSCs.MSCs {
 		util.GetLogger(context.Background()).WithField("msc", msc).Info("Enabling MSC")
 		if err := EnableMSC(base, monolith, msc); err != nil {
@ -36,12 +37,12 @@ func Enable(base *setup.BaseDendrite, monolith *setup.Monolith) error {
 	return nil
 }

-func EnableMSC(base *setup.BaseDendrite, monolith *setup.Monolith, msc string) error {
+func EnableMSC(base *base.BaseDendrite, monolith *setup.Monolith, msc string) error {
 	switch msc {
 	case "msc2836":
-		return msc2836.Enable(base, monolith.RoomserverAPI, monolith.FederationSenderAPI, monolith.UserAPI, monolith.KeyRing)
+		return msc2836.Enable(base, monolith.RoomserverAPI, monolith.FederationAPI, monolith.UserAPI, monolith.KeyRing)
 	case "msc2946":
-		return msc2946.Enable(base, monolith.RoomserverAPI, monolith.UserAPI, monolith.FederationSenderAPI, monolith.KeyRing)
+		return msc2946.Enable(base, monolith.RoomserverAPI, monolith.UserAPI, monolith.FederationAPI, monolith.KeyRing)
 	case "msc2444": // enabled inside federationapi
 	case "msc2753": // enabled inside clientapi
 	default: