wireapp · blackheaven · Mar 12, 2026 · Mar 20, 2026 · Mar 24, 2026 · Mar 26, 2026
@@ -0,0 +1,17 @@
+### ConversationSubsystem Migration
+
+* Move conversation-related operations into a unified Polysemy `ConversationSubsystem` effect across the wire-server codebase.
+  This consolidation improves code organization and separation of concerns for conversation logic.
+
+* Chart configuration changes:
+  - Added `global.settings` section to deduplicate shared configuration between galley and background-worker services
+  - Background-worker now requires either `conversationCodeURI` or `multiIngress` to be set in its configuration
+  - Removed duplicate settings previously defined in both galley and background-worker sections
+
+* Library updates:
+  - Introduced dedicated error types for ConversationSubsystem to improve error handling
+  - Consolidated conversation-related operations that were previously scattered across multiple stores and subsystems
+
+**Note:** The background-worker configuration now has a dependency on the shared global settings.
+Deployments that previously set these values in both galley and background-worker sections
+can consolidate them into the global.settings section.
@@ -163,6 +163,180 @@
 {{- end -}}
 {{- end -}}
 
+{{/* SHARED SETTINGS */}}
+{{- define "wire-server.settings.common" -}}
+maxTeamSize: {{ .maxTeamSize }}
+maxConvSize: {{ .maxConvSize }}
+intraListing: {{ .intraListing }}
+{{- if .maxFanoutSize }}
+maxFanoutSize: {{ .maxFanoutSize }}
+{{- end }}
+{{- if .exposeInvitationURLsTeamAllowlist }}
+exposeInvitationURLsTeamAllowlist: {{ toYaml .exposeInvitationURLsTeamAllowlist | nindent 8 }}
+{{- end }}
+{{- if .conversationCodeURI }}
+conversationCodeURI: {{ .conversationCodeURI | quote }}
+{{- else if .multiIngress }}
+multiIngress: {{- toYaml .multiIngress | nindent 8 }}
+{{- else }}
+{{ fail "Either settings.conversationCodeURI or settings.multiIngress have to be set" }}
+{{- end }}
+{{- if (and .conversationCodeURI .multiIngress) }}
+{{ fail "settings.conversationCodeURI and settings.multiIngress are mutually exclusive" }}
+{{- end }}
+{{- if hasKey . "httpPoolSize" }}
+httpPoolSize: {{ .httpPoolSize }}
+{{- end }}
+{{- if hasKey . "federationDomain" }}
+federationDomain: {{ .federationDomain }}
+{{- end }}
+{{- if .federationProtocols }}
+federationProtocols: {{ .federationProtocols | toJson }}
+{{- end }}
+{{- if .mlsPrivateKeyPaths }}
+mlsPrivateKeyPaths: {{- toYaml .mlsPrivateKeyPaths | nindent 8 }}
+{{- end }}
+{{- if .concurrentDeletionEvents }}
+concurrentDeletionEvents: {{ .concurrentDeletionEvents }}
+{{- end }}
+{{- if .deleteConvThrottleMillis }}
+deleteConvThrottleMillis: {{ .deleteConvThrottleMillis }}
+{{- end }}
+{{- if hasKey . "disabledAPIVersions" }}
+disabledAPIVersions: {{ toJson .disabledAPIVersions }}
+{{- end }}
+{{- if .guestLinkTTLSeconds }}
+guestLinkTTLSeconds: {{ .guestLinkTTLSeconds }}
+{{- end }}
+passwordHashingOptions: {{ toYaml .passwordHashingOptions | nindent 8 }}
+passwordHashingRateLimit: {{ toYaml .passwordHashingRateLimit | nindent 8 }}
+{{- if .checkGroupInfo }}
+checkGroupInfo: {{ .checkGroupInfo }}
+{{- end }}
+{{- if hasKey . "meetings" }}
+meetings:
+  {{- toYaml .meetings | nindent 8 }}
+{{- end }}
+{{- if .featureFlags }}
+featureFlags:
+  sso: {{ .featureFlags.sso }}
+  legalhold: {{ .featureFlags.legalhold }}
+  teamSearchVisibility: {{ .featureFlags.teamSearchVisibility }}
+  classifiedDomains:
+    {{- toYaml .featureFlags.classifiedDomains | nindent 10 }}
+  {{- if .featureFlags.fileSharing }}
+  fileSharing:
+    {{- toYaml .featureFlags.fileSharing | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.enforceFileDownloadLocation }}
+  enforceFileDownloadLocation:
+    {{- toYaml .featureFlags.enforceFileDownloadLocation | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.sndFactorPasswordChallenge }}
+  sndFactorPasswordChallenge:
+    {{- toYaml .featureFlags.sndFactorPasswordChallenge | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.searchVisibilityInbound }}
+  searchVisibilityInbound:
+    {{- toYaml .featureFlags.searchVisibilityInbound | nindent 10 }}
+  {{- end }}
+  {{- /* Accept the legacy typo in Helm values, but always render the canonical Galley key. */}}
+  {{- $validateSAMLemails := .featureFlags.validateSAMLemails | default .featureFlags.validateSAMLEmails }}
+  {{- if $validateSAMLemails }}
+  validateSAMLemails:
+    {{- toYaml $validateSAMLemails | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.appLock }}
+  appLock:
+    {{- toYaml .featureFlags.appLock | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.conferenceCalling }}
+  conferenceCalling:
+    {{- toYaml .featureFlags.conferenceCalling | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.selfDeletingMessages }}
+  selfDeletingMessages:
+    {{- toYaml .featureFlags.selfDeletingMessages | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.conversationGuestLinks }}
+  conversationGuestLinks:
+    {{- toYaml .featureFlags.conversationGuestLinks | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.mls }}
+  mls:
+    {{- toYaml .featureFlags.mls | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.outlookCalIntegration }}
+  outlookCalIntegration:
+    {{- toYaml .featureFlags.outlookCalIntegration | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.mlsE2EId }}
+  mlsE2EId:
+    {{- toYaml .featureFlags.mlsE2EId | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.mlsMigration }}
+  mlsMigration:
+    {{- toYaml .featureFlags.mlsMigration | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.limitedEventFanout }}
+  limitedEventFanout:
+    {{- toYaml .featureFlags.limitedEventFanout | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.domainRegistration }}
+  domainRegistration:
+    {{- toYaml .featureFlags.domainRegistration | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.channels }}
+  channels:
+    {{- toYaml .featureFlags.channels | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.cells }}
+  cells:
+    {{- toYaml .featureFlags.cells | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.cellsInternal }}
+  cellsInternal:
+    {{- toYaml .featureFlags.cellsInternal | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.allowedGlobalOperations }}
+  allowedGlobalOperations:
+    {{- toYaml .featureFlags.allowedGlobalOperations | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.assetAuditLog }}
+  assetAuditLog:
+    {{- toYaml .featureFlags.assetAuditLog | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.consumableNotifications }}
+  consumableNotifications:
+    {{- toYaml .featureFlags.consumableNotifications | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.chatBubbles }}
+  chatBubbles:
+    {{- toYaml .featureFlags.chatBubbles | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.apps }}
+  apps:
+    {{- toYaml .featureFlags.apps | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.simplifiedUserConnectionRequestQRCode }}
+  simplifiedUserConnectionRequestQRCode:
+    {{- toYaml .featureFlags.simplifiedUserConnectionRequestQRCode | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.stealthUsers }}
+  stealthUsers:
+    {{- toYaml .featureFlags.stealthUsers | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.meetings }}
+  meetings:
+    {{- toYaml .featureFlags.meetings | nindent 10 }}
+  {{- end }}
+  {{- if .featureFlags.meetingsPremium }}
+  meetingsPremium:
+    {{- toYaml .featureFlags.meetingsPremium | nindent 10 }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
 {{/* Compute the SCIM base URI
 
 The rules are:

@@ -115,4 +115,7 @@ data:
     {{- if .postgresMigration }}
     postgresMigration: {{- toYaml .postgresMigration | nindent 6 }}
     {{- end }}
+
+    settings:
+{{ include "wire-server.settings.common" .settings | indent 6 }}
   {{- end }}
@@ -70,165 +70,5 @@ data:
     postgresMigration: {{- toYaml .postgresMigration | nindent 6 }}
 
     settings:
-      httpPoolSize: {{ .settings.httpPoolSize }}
-      intraListing: {{ .settings.intraListing }}
-      maxTeamSize: {{ .settings.maxTeamSize }}
-      maxConvSize: {{ .settings.maxConvSize }}
-      {{- if .settings.maxFanoutSize }}
-      maxFanoutSize: {{ .settings.maxFanoutSize }}
-      {{- end }}
-      {{- if .settings.exposeInvitationURLsTeamAllowlist }}
-      exposeInvitationURLsTeamAllowlist: {{ .settings.exposeInvitationURLsTeamAllowlist }}
-      {{- end }}
-      {{- if .settings.conversationCodeURI }}
-      conversationCodeURI: {{ .settings.conversationCodeURI | quote }}
-      {{- else if .settings.multiIngress }}
-      multiIngress: {{- toYaml .settings.multiIngress | nindent 8 }}
-      {{- else }}
-      {{ fail "Either settings.conversationCodeURI or settings.multiIngress have to be set"}}
-      {{- end }}
-      {{- if (and .settings.conversationCodeURI .settings.multiIngress) }}
-      {{ fail "settings.conversationCodeURI and settings.multiIngress are mutually exclusive" }}
-      {{- end }}
-      federationDomain: {{ $.Values.galley.config.settings.federationDomain }}
-      {{- if .settings.federationProtocols }}
-      federationProtocols: {{ .settings.federationProtocols }}
-      {{- end }}
-      {{- if $.Values.galley.secrets.mlsPrivateKeys }}
-      mlsPrivateKeyPaths:
-        removal:
-          ed25519: "/etc/wire/galley/secrets/removal_ed25519.pem"
-          ecdsa_secp256r1_sha256: "/etc/wire/galley/secrets/removal_ecdsa_secp256r1_sha256.pem"
-          ecdsa_secp384r1_sha384: "/etc/wire/galley/secrets/removal_ecdsa_secp384r1_sha384.pem"
-          ecdsa_secp521r1_sha512: "/etc/wire/galley/secrets/removal_ecdsa_secp521r1_sha512.pem"
-      {{- end }}
-      disabledAPIVersions: {{ toJson .settings.disabledAPIVersions }}
-      {{- if .settings.featureFlags }}
-      {{- if .settings.guestLinkTTLSeconds }}
-      guestLinkTTLSeconds: {{ .settings.guestLinkTTLSeconds }}
-      {{- end }}
-      passwordHashingOptions: {{ toYaml .settings.passwordHashingOptions | nindent 8 }}
-      passwordHashingRateLimit: {{ toYaml .settings.passwordHashingRateLimit | nindent 8 }}
-      {{- if .settings.checkGroupInfo }}
-      checkGroupInfo: {{ .settings.checkGroupInfo }}
-      {{- end }}
-      meetings:
-        {{- toYaml .settings.meetings | nindent 8 }}
-      featureFlags:
-        sso: {{ .settings.featureFlags.sso }}
-        legalhold: {{ .settings.featureFlags.legalhold }}
-        teamSearchVisibility: {{ .settings.featureFlags.teamSearchVisibility }}
-        classifiedDomains:
-          {{- toYaml .settings.featureFlags.classifiedDomains | nindent 10 }}
-        {{- if .settings.featureFlags.fileSharing }}
-        fileSharing:
-          {{- toYaml .settings.featureFlags.fileSharing | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.enforceFileDownloadLocation }}
-        enforceFileDownloadLocation:
-          {{- toYaml .settings.featureFlags.enforceFileDownloadLocation | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.sndFactorPasswordChallenge }}
-        sndFactorPasswordChallenge:
-          {{- toYaml .settings.featureFlags.sndFactorPasswordChallenge | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.searchVisibilityInbound }}
-        searchVisibilityInbound:
-          {{- toYaml .settings.featureFlags.searchVisibilityInbound | nindent 10 }}
-        {{- end }}
-        {{- /* Accept the legacy typo in Helm values, but always render the canonical Galley key. */}}
-        {{- $validateSAMLemails := .settings.featureFlags.validateSAMLemails | default .settings.featureFlags.validateSAMLEmails }}
-        {{- if $validateSAMLemails }}
-        validateSAMLemails:
-          {{- toYaml $validateSAMLemails | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.appLock }}
-        appLock:
-          {{- toYaml .settings.featureFlags.appLock | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.conferenceCalling }}
-        conferenceCalling:
-          {{- toYaml .settings.featureFlags.conferenceCalling | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.selfDeletingMessages }}
-        selfDeletingMessages:
-          {{- toYaml .settings.featureFlags.selfDeletingMessages | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.conversationGuestLinks }}
-        conversationGuestLinks:
-          {{- toYaml .settings.featureFlags.conversationGuestLinks | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.mls }}
-        mls:
-          {{- toYaml .settings.featureFlags.mls | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.outlookCalIntegration }}
-        outlookCalIntegration:
-          {{- toYaml .settings.featureFlags.outlookCalIntegration | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.mlsE2EId }}
-        mlsE2EId:
-          {{- toYaml .settings.featureFlags.mlsE2EId | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.mlsMigration }}
-        mlsMigration:
-          {{- toYaml .settings.featureFlags.mlsMigration | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.limitedEventFanout }}
-        limitedEventFanout:
-          {{- toYaml .settings.featureFlags.limitedEventFanout | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.domainRegistration }}
-        domainRegistration:
-          {{- toYaml .settings.featureFlags.domainRegistration | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.channels }}
-        channels:
-          {{- toYaml .settings.featureFlags.channels | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.cells }}
-        cells:
-          {{- toYaml .settings.featureFlags.cells | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.cellsInternal }}
-        cellsInternal:
-          {{- toYaml .settings.featureFlags.cellsInternal | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.allowedGlobalOperations }}
-        allowedGlobalOperations:
-          {{- toYaml .settings.featureFlags.allowedGlobalOperations | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.assetAuditLog }}
-        assetAuditLog:
-          {{- toYaml .settings.featureFlags.assetAuditLog | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.consumableNotifications }}
-        consumableNotifications:
-          {{- toYaml .settings.featureFlags.consumableNotifications | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.chatBubbles }}
-        chatBubbles:
-          {{- toYaml .settings.featureFlags.chatBubbles | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.apps }}
-        apps:
-          {{- toYaml .settings.featureFlags.apps | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.simplifiedUserConnectionRequestQRCode }}
-        simplifiedUserConnectionRequestQRCode:
-          {{- toYaml .settings.featureFlags.simplifiedUserConnectionRequestQRCode | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.stealthUsers }}
-        stealthUsers:
-          {{- toYaml .settings.featureFlags.stealthUsers | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.meetings }}
-        meetings:
-          {{- toYaml .settings.featureFlags.meetings | nindent 10 }}
-        {{- end }}
-        {{- if .settings.featureFlags.meetingsPremium }}
-        meetingsPremium:
-          {{- toYaml .settings.featureFlags.meetingsPremium | nindent 10 }}
-        {{- end }}
-      {{- end }}
+{{ include "wire-server.settings.common" .settings | indent 6 }}
   {{- end }}