Comments (10)
Hi!
Congrats on successfully setting up your Matrix server!
It seems like it's configured correctly and should work.. Besides the fact that Federation with other servers may be having problems, because https://perfsys.io/.well-known/matrix/server does not serve a file.
It appears that your SSL certificates on perfsys.io are not configured correctly.
Judging by http://perfsys.io/ (note the HTTP protocol), it seems like the main perfsys.io domain leads to CloudFlare. I guess you have configured Amazon CloudFlare for your domain and that HTTPS doesn't work?
You will need working HTTPS for the base domain (perfsys.io) to be able to serve the well-known files from there (using one of the 2 methods described here)
If you cannot arrange to have HTTPS for the base domain (perfsys.io), you can switch to the other method for Server Delegation: Server Delegation via a DNS SRV record (advanced).
Doing that, you won't be required to set up a /.well-known/matrix/server
on the base domain. Running a self-check would still report a failure because /.well-known/matrix/client
is not configured, but that's not very important. It's an optional thing that can be skipped.
from matrix-docker-ansible-deploy.
perfsys.io is located at AWS
Judging by http://perfsys.io/ (note the HTTP protocol), it seems like the main perfsys.io domain leads to CloudFlare. I guess you have configured Amazon CloudFlare for your domain and that HTTPS doesn't work?
There's an alias that I can change
I'll try to make a copy of /.well-known/matrix/server and /.well-known/matrix/client to S3 bucket and point perfsys.io on it
Where do I get these files?
from matrix-docker-ansible-deploy.
You can find these files at these URLs:
- https://matrix.perfsys.io/.well-known/matrix/server -- although, this file is not accessible right now
- https://matrix.perfsys.io/.well-known/matrix/client
They are also in the /matrix/static-files/.well-known/matrix
directory on the server.
Looks like the server
file is missing for you now, which means you've either not used an up-to-date playbook (us generating the server
file is a fairly new thing) or you've intentionally disabled the generation of the server
file by using matrix_well_known_matrix_server_enabled: false
.
from matrix-docker-ansible-deploy.
Can't find the matrix_well_known_matrix_server_enabled variable in my inventory's vars.yml file. Looks like I miss something. Would you take a brief look at it, please:
`host_specific_matrix_ssl_lets_encrypt_support_email: [email protected]
host_specific_hostname_identity: perfsys.io
matrix_coturn_turn_static_auth_secret: "some_key"
matrix_synapse_macaroon_secret_key: "some_key"
#-------------------- nginx
matrix_nginx_proxy_docker_image: "nginx:1.15.8-alpine"
matrix_nginx_proxy_data_path: "{{ matrix_base_data_path }}/nginx-proxy"
matrix_nginx_proxy_confd_path: "{{ matrix_nginx_proxy_data_path }}/conf.d"
matrix_nginx_proxy_systemd_required_services_list: ['docker.service']
matrix_nginx_proxy_systemd_wanted_services_list: []
matrix_nginx_proxy_container_additional_volumes: []
matrix_nginx_proxy_proxy_riot_enabled: true
matrix_nginx_proxy_proxy_riot_hostname: "{{ hostname_riot }}"
matrix_nginx_proxy_proxy_matrix_enabled: true
matrix_nginx_proxy_proxy_matrix_hostname: "{{ hostname_matrix }}"
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: false
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_sans_container: "127.0.0.1:41081"
matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: false
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "matrix-mxisd:8090"
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "127.0.0.1:8090"
matrix_nginx_proxy_proxy_matrix_identity_api_enabled: false
matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-mxisd:8090"
matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container: "127.0.0.1:8090"
matrix_nginx_proxy_proxy_synapse_metrics: false
matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled: false
matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_key: ""
matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "matrix-synapse:8008"
matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "127.0.0.1:8008"
matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 25
matrix_nginx_proxy_tmp_directory_size_mb: "{{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb * 50 }}"
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: []
matrix_nginx_proxy_reload_cron_time_definition: "20 4 */5 * *"
matrix_nginx_proxy_ssl_protocols: "TLSv1.1 TLSv1.2 TLSv1.3"
matrix_ssl_retrieval_method: "lets-encrypt"
matrix_ssl_domains_to_obtain_certificates_for: []
matrix_ssl_lets_encrypt_staging: false
matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:v0.30.0"
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
matrix_ssl_lets_encrypt_support_email: "{{ host_specific_matrix_ssl_lets_encrypt_support_email }}"
matrix_ssl_base_path: "{{ matrix_base_data_path }}/ssl"
matrix_ssl_config_dir_path: "{{ matrix_ssl_base_path }}/config"
matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log"
#-------------------- mxisd
matrix_mxisd_enabled: true
matrix_mxisd_docker_image: "kamax/mxisd:1.2.2"
matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd"
matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config"
matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data"
matrix_mxisd_container_expose_port: false
matrix_mxisd_systemd_required_services_list: ['docker.service']
matrix_mxisd_systemd_wanted_services_list: []
matrix_mxisd_matrixorg_forwarding_enabled: false
matrix_mxisd_synapsesql_enabled: false
matrix_mxisd_synapsesql_type: ""
matrix_mxisd_synapsesql_connection: ""
matrix_mxisd_threepid_medium_email_identity_from: "matrix@{{ hostname_identity }}"
matrix_mxisd_threepid_medium_email_connectors_smtp_host: "smtp.gmail.com"
matrix_mxisd_threepid_medium_email_connectors_smtp_port: 587
matrix_mxisd_threepid_medium_email_connectors_smtp_tls: 1
matrix_mxisd_threepid_medium_email_connectors_smtp_login: "[email protected]"
matrix_mxisd_threepid_medium_email_connectors_smtp_password: "some_passwd"
matrix_mxisd_dns_overwrite_enabled: false
matrix_mxisd_dns_overwrite_homeserver_client_name: "{{ hostname_matrix }}"
matrix_mxisd_dns_overwrite_homeserver_client_value: "http://matrix-synapse:8008"
matrix_mxisd_configuration_yaml: |
matrix:
domain: {{ hostname_identity }}
server:
name: {{ hostname_matrix }}
key:
path: /var/mxisd/sign.key
storage:
provider:
sqlite:
database: /var/mxisd/mxisd.db
{% if matrix_mxisd_dns_overwrite_enabled %}
dns:
overwrite:
homeserver:
client:
- name: {{ matrix_mxisd_dns_overwrite_homeserver_client_name }}
value: {{ matrix_mxisd_dns_overwrite_homeserver_client_value }}
{% endif %}
{% if matrix_mxisd_matrixorg_forwarding_enabled %}
forward:
servers: ['matrix-org']
{% endif %}
threepid:
medium:
email:
identity:
from: {{ matrix_mxisd_threepid_medium_email_identity_from }}
connectors:
smtp:
host: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_host }}
port: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_port }}
tls: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_tls }}
login: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_login }}
password: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_password }}
synapseSql:
enabled: {{ matrix_mxisd_synapsesql_enabled }}
type: {{ matrix_mxisd_synapsesql_type }}
connection: {{ matrix_mxisd_synapsesql_connection }}
matrix_mxisd_configuration_extension_yaml: |
matrix_mxisd_configuration: "{{ matrix_mxisd_configuration_yaml|from_yaml|combine(matrix_mxisd_configuration_extension, recursive=True) }}"`
from matrix-docker-ansible-deploy.
You should be able to see matrix_well_known_matrix_server_enabled
and its default value (true
) in roles/matrix-base/defaults/main.yml
.
If you don't see it in that file, it means you are running an old version of this playbook.
If so, you should update the playbook. Either git pull
to update (if you got the source code using git
), or download a new archive of the source code and bring your vars.yml
and hosts
files over.
from matrix-docker-ansible-deploy.
I've cloned the spantaleev/matrix-docker-ansible-deploy a few days ago, so it should be fresh enough )
And being shelled on the EC2 instance that hosts the synapse, I can't get into /matrix directory even through sudo
from matrix-docker-ansible-deploy.
Ok, I'll try to PULL tomorrow. Thanks for your time, Slavi
from matrix-docker-ansible-deploy.
If it's from a few days ago, it's not very fresh, because there was a big upgrade just yesterday.
See this changelog entry: Synapse v0.99 support and preparation for Synapse v1.0.
The /.well-known/matrix/server
file is only available from that update, because it's a brand new thing.
That's why you don't have the file. On the other hand, you are reading the most recent docs online, which is confusing. Your setup (made by the old version of the playbook) is outdated compared to the docs.
The solution is to just update the playbook and re-run it.
You can then proceed to figure out how to set up HTTPS at your base domain.. Or go with an alternative method for Server Delegation: Server Delegation via a DNS SRV record (advanced).
from matrix-docker-ansible-deploy.
@spantaleev What would you suggest as a final solution to use Keycloak/SSO together with a Matrix ?
We see several auth options on the link
https://github.com/spantaleev/matrix-docker-ansible-deploy
- (optional, default) an mxisd Matrix Identity server
- (optional, advanced) the matrix-synapse-rest-auth REST authentication password provider module
Another words do we to deploy mxisd
or we need matrix-synapse-rest-auth
?
from matrix-docker-ansible-deploy.
You should be able to see
matrix_well_known_matrix_server_enabled
and its default value (true
) inroles/matrix-base/defaults/main.yml
.If you don't see it in that file, it means you are running an old version of this playbook.
If so, you should update the playbook. Either
git pull
to update (if you got the source code usinggit
), or download a new archive of the source code and bring yourvars.yml
andhosts
files over.
Hello, Slavi!
Playbook is updated, now I'm working on Main Domain's SSL certificate
I think we can close this issue for now
Thanks again!
P.S.: I'm going to move the question about Matrix-Keycloak combination in another issue, if you don't mind
from matrix-docker-ansible-deploy.
Related Issues (20)
- Can't create users - ERROR! Received 500 Internal Server Error HOT 1
- Latest change to static website serving is disabling static website serving
- Synapse Worker Metrics exposed at wrong path since Traefik migration HOT 1
- matrix-traefik.service doesn't start - node: insecure HOT 3
- Cannot run --tags=start after a recent commit HOT 2
- rust-synapse-compress-state no longer works: Error connecting to the database
- Matrix federation API returns '404 page not found' HOT 1
- Playbook adds docker repository even tho it shouldn't install docker HOT 3
- Running Ansible on NixOS (hopefully simple2anwser newbie qeustion) HOT 1
- How to get a `Photoprism` container to be routed through `matrix-traefik`?? HOT 2
- Postgres 14 to 16 update fails. HOT 3
- Authorization via login/password for Coturn HOT 3
- Mautrix Signal version tag does not work with matrix_architecture variable
- Conference Calls Using Jitsi Instead of Element Call UI
- matrix-dendrite.service service fails to start when whatsapp bridge is enabled HOT 5
- Update SchildiChat to v1.11.36 HOT 2
- matrix-cactus-comments-client Service starts, but serve no files
- matrix_ldap_registration_proxy Undefined variable
- '404 page not found' after installation and migration old data HOT 8
- please start and enable {{ matrix_static_files_identifier }}.service if matrix_static_files_container_labels_base_domain_enabled true HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from matrix-docker-ansible-deploy.