matrix.org (communication)
-
I've been looking at matrix-appservice-webhooks a bit and the way it works makes it a good candidate for inclusion.
It works like so:
- a webhooks bot is created
- you invite this bot to a room
- you create a new webhook with the
!webbookcommand - the bot sends you a pm with the credentials for this specific new webhook
- profit
This means that this integrations grants an unlimited amount of webhooks, so it's not a one-time thing.
Would you be willing to look into it?
-
-
Thank you! While at it, check out mautrix-facebook as well, as this seems to work in a similar, multi-user fashion.
-
@msbt I can help test if needed. I use webhooks to filter by keyword and aggregate news articles, forum threads, etc.
The matrix server and riot app work great so far! Just needed a bump in memory limit when exploring the channel list from matrix.org
Recently moved from mattermost -> rocketchat and now excitedly waiting for matrix to go live in the Cloudron app store. Please let me know if there's anything I can do to help!
-
On the topic of App Store inclusion: how relevant is the attack vector of running Matrix and Riot on the same (sub)domain nowadays? I know that the Matrix folks used to recommended against that setup and perhaps they still do.
Is that threat still as relevant with the Cloudron/Docker setup? After all, Cloudron apps are supposed to work out of the box.
-
@kasini during the little time I had to try things out I didn't really get anywhere. I was having a talk with @girish a while ago and they're planning to add matrix to the app store at some point. Maybe they can have another look at it since they actually know what they're doing
And yes, it requires a lot of RAM if you want to join bigger channels, but if you keep to yourself, you should be good to go with less.
@yusf good question, if noone else does it, I'll jump on the matrix network and ask if that's still a thing to worry about
-
In addition to looking up security concerns of bundling Riot with Matrix, putting it in the app store also calls for a solution to a reverse proxy solution often used in federated software.
What I mean is a way of forwarding certain ports from
domain.tldtomatrixserver.domain.tldso that user handles follows convention by ommitting the technical placement of the server itself. (Hosting the server ondomain.tldsucks for obvious reasons
)This solution would also enable more federated software with similar needs to come aboard the Cloudron ecosystem.
-
Is this app officially provided by Cloudron yet? What's the status? I see the gitlab repo but I don't know what that means.
Btw I would also love to see some bridges included as options. Bridging FB Messenger, whatsapp, telegram etc is essential if one is to use it for personal communication purposes.
-
@october As of now you have to build and install using the Cloudron CLI:
- install Cloudron CLI
- Install docker (or use cloudron build service)
git clone repocd repodocker build -t dockerhubusername/projectname .(Period is important at the end!)docker push dockerhubusername/projectnamecloudron logincloudron install --image dockerhubusername/projectname
That's the general way to install apps not in the cloudron app store. - If using the build service provided by cloudron, replace 5 & 6 with
cloudron build -
-
I looked into the possibility of a new try to host Riot and Synapse on the same (sub)domain. Hereβs the reply:
yusf:
Or is there, if itβs decided to host both on same (sub)domain, any method to reduce XSS attack probability?Riot dude:
Basically the attack surface is such that any code which gets executed with access to that subdomain in a browser will have access to that user's matrix access token. So if you run things like synapse or other things on same subdomain and they end up serving malicious code then bad things can happen.It's a very narrow surface, csp can make it even more narrow.
How then to use the CSP setting??
-
Another useful tool to possibly embed in this app package is matrix-corporal, though as an opt-in by default (enabled but void of policy) https://github.com/devture/matrix-corporal
-
just pushed an update for v1.8.0, apparently there were some changes in the config at some point, so when you're using log_file, you might need to remove that in order to be able to start the latest version.
In case it doesn't, jump on a terminal, check if it's actually running (
ps -ax) and if not, manually launch withgosu www-data python3 -m synapse.app.homeserver --config-path homeserver.yamlfrom/app/data/synapseand check the errormessage. -
-
@yusf in earlier versions the homeserver.yaml contained a config item
# File to write logging to. Ignored if log_config is specified. log_file: "/run/synapse/homeserver.log"This got removed by moving it into the log_config itself which is set in
log_config: "/app/data/synapse/..."- apparently the config for my main matrix server had that still in there because it's rather old and always migrated including this setting. Matrix wouldn't start after the latest update if you had this still enabled so I had to #comment it out be able to start afterwards.@girish sure thing, I'll look into it later today
