Has anyone got the Element X App working with Cloudron Matrix?
-
I went down this rabbit hole now to investigate. The docs are hard to understand on the status quo or even where matrix is going and nuggets of information is various GitHub issues. Anyways, a few hours later, the rough summary is this:
-
matrix synapse has built-in OIDC support. This built-in auth of synapse is now considered "legacy" auth. This legacy auth is only supported by the Element app.
-
matrix now has a new authentication spec. This is implemented in MAS - Matrix Authentication Service which has just 43 stars and is in v0.12.0
-
The idea of MAS is to take over user management and authentication. It runs as a separate web service, in it's own domain, has it's own db of users. IOW, with MAS, the users will move from the synapse web service to the MAS. There is a syn2mas migration script to move users.
-
To deploy MAS seems not so hard (is a single rust binary) but configuring it is a beast. See https://element-hq.github.io/matrix-authentication-service/ .
-
The Element X app only works when matrix is deployed with MAS . There is no plan to make it work with non-MAS setups.
I have no idea how stable and production ready all this is. As mentioned, the version is just 0.x and I can't find any information of when this hits 1.0. Reminds of the sliding sync situation. It was hyped up for a while and then later they obsoleted it.
@girish said in Has anyone got the Element X App working with Cloudron Matrix?:
matrix now has a new authentication spec. This is implemented in MAS - Matrix Authentication Service which has just 43 stars and is in v0.12.0
I just realised that 1.0.0 was released 2 days ago!
https://github.com/element-hq/matrix-authentication-service/releases/tag/v1.0.0
-
-
Element X calls seem to require additional well-known configuration for Matrix RTC for calls.
When I tried to make a call with Element X, I got this error:
Error Code: MISSING_MATRIX_RTC_FOCUSThe issue is discussed here with some workarounds: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4224
From what I can gather, it seems you need to configure
/.well-known/matrix/clientor/.well-known/element/element.jsonwith RTC settings, but I'm not sure of the exact setup for Cloudron.Anyone figured this out?
This discussion might be closely related:
https://forum.cloudron.io/topic/13140/ -
on top of everything, Element X require livekit & jwt to work; if you are using OpenID connect - you have to use MAS, as Element X will not work otherwise (not now, nor ever).
-
@scooke What method did you use? Were you able to use the QR? Or did you manually join the server by address without the "selected homeserver doens't support password or oidc login" error?
@ntnsndr I'm not positive as I've not tested it, but my understanding is that Martix on Cloudron without any OIDC works with Element X, but with OIDC it doesn't work because for that we'd need MAS set-up which we don't yet have on Cloudron yet. I think, maybe.
-
@ntnsndr I'm not positive as I've not tested it, but my understanding is that Martix on Cloudron without any OIDC works with Element X, but with OIDC it doesn't work because for that we'd need MAS set-up which we don't yet have on Cloudron yet. I think, maybe.
@jdaviescoates said in Has anyone got the Element X App working with Cloudron Matrix?:
Martix on Cloudron without any OIDC works with Element X, but with OIDC it doesn't work because for that we'd need MAS set-up which we don't yet have on Cloudron yet. I think, maybe.
Correct. Password login works fine, OIDC does not, neither do calls.
-
Thanks for the clarity. Disappointing, since unified login is really crucial for my server.
Again, what an absurd situation: That the flagship app for Matrix doesn't work with SSO. How the heck do they explain that to their government/military customers?
Thanks, team Cloudron!
-
Thanks for the clarity. Disappointing, since unified login is really crucial for my server.
Again, what an absurd situation: That the flagship app for Matrix doesn't work with SSO. How the heck do they explain that to their government/military customers?
Thanks, team Cloudron!
-
@scooke What method did you use? Were you able to use the QR? Or did you manually join the server by address without the "selected homeserver doens't support password or oidc login" error?
@ntnsndr I used my Matrix install with it setup to manage users on its own. I logged into the matrix.example.com site, not the element.example.com site, by entering the Matrix url. And yes, it was just with username and password (which had been setup on the element.example.com site). I hadn't tried the QR code.
-
A customer of mine is having the same issue. For me it works, because I'm not using SSO/OIDC, but they are and are unable to hop on video calls, which is a shame. If what I'm reading is true, the package needs quite a bit of adjustment to make it work
