SOLVED Help making federation work
-
I'm sorry about reviving this thread but could someone please explain to this dummy how to make federation work?
I opened up the terminal of the matrix app in Cloudron and pasted the command as show in the matrix doc page but I get this error: mkdir: cannot create directory '/home/yellowtent': Read-only file system
-
@humptydumpty I created a new topic for your question. Can you tell me what command you are trying and which guide you are following?
I assume it's https://docs.cloudron.io/apps/synapse/#step-2-delegation ? If so, this has to be followed by doing SSH (and not in the web terminal of the app).
-
@girish Yes, that's the one. I'm at Step 2.1: Setup.
When you say SSH, am I browsing to the matrix folder once connected or is it at the main server level? Can I use the SSH window in DigitalOcean's CP?
I'm still not sure of the server_name and app location that I need to replace in the code.
I'm guessing it's:
app location = matrix.mydomain.com
server_name= my.cloudrondomain.comP.S. I didn't get a notification even though you tagged me after moving the post.
-
The steps from https://docs.cloudron.io/apps/synapse/#step-21-setup are done using a regular SSH session to the server (not the one from within the Cloudron web panel). This can also be archived using the VNC/Remote session from your VPS/Root/Cloud provider but real SSH is much more convenient.
If you follow the guide, it should look like this in the end:
root@rootserver:/home/yellowtent/boxdata/well-known/shinywebsite.com/matrix# ll total 12 drwxr-xr-x 2 yellowtent yellowtent 4096 Nov 17 13:24 ./ drwxr-xr-x 3 yellowtent yellowtent 4096 Nov 17 13:04 ../ -rw-rw-r-- 1 yellowtent yellowtent 43 Nov 17 13:09 server root@rootserver:/home/yellowtent/boxdata/well-known/shinywebsite.com/matrix# cat server { "m.server": "matrix.shinywebsite.com:443" } -
@subven That helped tremendously. Thank you! I had to reset the root password in the DO dashboard because I couldn't get my SSH key to work - kept saying "server refused our key" in putty and I gave up on troubleshooting that so went with the nuke option
-
@humptydumpty is the federation working now for you?
-
@nebulon Yes, it is. I confirmed it using that checker website and I'm also able to add my matrix.org account, find matrix rooms, etc.. so I guess it's all good. Thanks for double checking with me.
-
@nebulon Unrelated Q but any idea why my friend (using Element on Android) is getting an "SSL error" when trying to input the homeserver URL?
-
@humptydumpty is there an app installed at shinywebsite.com directly?
-
@nebulon I have the surfer app with a static html page.
-
@humptydumpty that appears to be a WP site.
make sure to have your friend enter the full URL:
https://sub.domain.com -
@robi That's not my actual link. @subven used it as an example if I'm not mistaken.
I have matrix installed at matrix.example.me. At example.me there's the Surfer app with a static html page.
If I run that echo command:
curl https://example.me/.well-known/matrix/serverIt spits back
{ "m.server": "matrix.example.me:443" }If I input example.me at the federation tester website, I get the result shown below.
I used example.me as the server_name & matrix.example.me as the app location.
Cloudron is installed at my.totallydifferentdomain.com. <-- Should this link be used as the server_name?
Arigato!
-
To add to this, I dug up an old Android 5.0 phone and installed Element on it.
I could not replicate the SSL error message that my friend experienced. However, I could not sign in to my homeserver (see attachment for details). If I log into my other account hosted at the Matrix.org homeserver, it works just fine.
I am able to connect and chat between my self-hosted matrix homeserver and the Matrix.org homeserver & accounts so as far as I can tell, federation is working fine.
-
Update: I think it's working now. I was able to sign into my homeserver without any errors this time.
All I had to do was go to my Cloudron server and install Element under element.domain.me.
I thought Element needed to be installed only if you wanted to use the web version in a browser.
-
@humptydumpty said in Help making federation work:
I thought Element needed to be installed only if you wanted to use the web version in a browser.
Mmm, that is indeed the case. Element is just a UI and is not needed to use the mobile apps. Can you uninstall it and try to login on the phone again? I think something else resolved the issue.
-
@girish Just uninstalled Element. I'm still able to log in fine now. My brain hurts.
-
I was chatting with the folks over on #element-web:matrix.org and someone said that I might have fixed an SSL issue for Matrix when I installed Element. It made sense to me but then I remembered that apps are containerized so that shouldn't be the case.
-
@humptydumpty
thanks for your advice, but now i'm totally confused!
if i'm doing it like the cloudron docs, i dont get the expected answer ...mkdir -p /home/yellowtent/boxdata/well-known/example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/example.com/matrix/server
curl https://example.com/.well-known/matrix/server
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>when i use my.example.com then i get the get the expected answer ...
mkdir -p /home/yellowtent/boxdata/well-known/my.example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/my.example.com/matrix/server
curl https://my.example.com/.well-known/matrix/server
{ "m.server": "matrix.example.com.com:443" }Until here i'm fine!
when i try to use the federation tester, i have some errors..
and i cannot connect to federation.
-
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
-
-
@girish said in Help making federation work:
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
Please put that information in the documentation for Matrix.
-
@drpaneas the next Cloudron version will have a feature on the domain settings to fix this. So no need to have an app installed on the bare domain anymore then.
-
@nebulon said in Help making federation work:
So no need to have an app installed on the bare domain anymore then.
We still need an app on bare domain in the latest release. All the new feature does it to set up the .well-known paths without having to edit files manually on the server.
-
@girish sorry that i bumped in the conversation. I was following the story and do have one question regarding the App installed at bare domain.
Does the app that's installed on bare domain have to be running? Or can it be installed, without it being active (running)? -
@dantheman the app doesn't need to be running, it can be Stopped.
-
@girish Thanks a lot for that Girish
-
Even though I got Matrix and the Federation to work. My friend still can't log into my Matrix homeserver so I decided to set up NextCloud Talk and Mattermost and see which ones work best for us.
Turns out they can't connect to ANY of them from their Samsung Galaxy S6 Edge running Android 7. I ask them to log in via the web browser just to test the account itself and they log in just fine.
It's a problem logging in with the android apps only that are running on my server and the error is almost the same across them all. For Matrix/Element, if they use the Matrix homeserver, it connects just fine.
Handshake error
SSL error
or something of the sortI found this thread on Mattermost discussing certificate issues.
Quoting user "yanuk"
I upgraded the SSL certs to RSA4096 and it now works. Iām not sure what happened and why it only affected a single phone in office. Seems unique to only that phone.I went to ssllabs.com and ran a test and got OCSP ERROR: Exception: connect timed out for the certificate path for the app.
**** I changed the domain in the screenshot for privacy by editing the page source - PM for more info ****
The question now is how to upgrade the type of certificate that Let's Encrypt is creating and have that change be permanent when the next renewal date is up. Thoughts?
-
@humptydumpty How about your mobile phone? Are you able to connect from yours and what mobile do you use?
-
@girish I have an iPhone XR running iOS 14.4 and everything works fine. I also have an old Samsung (forgot the model) that is running Android 5.0 and that works fine too. It's specifically one device that my friend is using (Samsung Galaxy S6 Edge, running Android 7.0) that refuses to connect to my homeservers through the apps (Element, NextCloud Talk, MatterMost). I installed all three apps in Cloudron, connected to all of them just fine on both of my devices (ios and android). Something about that S6 Edge phone is giving us problems. Is the OCSP error I mentioned above unrelated to this connectivity issue?
-
@girish Testing this new way of getting federation setup on Cloudron v6.1 what exactly are the steps using this new method? I went to my domain settings and added matrix.blahblah.com:443 to the "Matrix server location" section within the domain and federation isn't working. This is a test instance of Matrix/Synapse/Element to see how it all works now. Am I doing something wrong or are there more steps not in the documentation yet? For this particular domain I have an Element instance on connect.blahblah.com, Matrix/Synapse at matrix.blahblah.com, and Kutt on the bare domain blahblah.com. "blahblah.com" is not the actual domain. Just a placeholder here.
-
@ericdrgn There is small issue that I forgot to put in the docs. Did you have the Kutt already instead before you set the "Matrix server location" ? If so, on the Cloudron dashboard, simply go to Kutt app's Location section -> Save (no need to make any changes).
After that, can you check the output of
curl https://blahblah.com/.well-known/matrix/server?Edit: leaving a note for future readers. the issue is only for installations pre-6.1.
-
@girish Would you look at that! That was it. All good now. So that updated piece is all that is needed. The new method is as easy as it seems, thanks!
-
@ericdrgn Good to know, thanks for testing!
The 'save' essentially re-generates the app's nginx configuration (which has changed from the previous release).
-
@girish Of course, makes sense now. Should be fairly easy for everyone moving forward.
