Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Question regarding setting up sydent as an identity server

    Matrix (Synapse/Element)
    matrix sydent identity server
    2
    3
    441
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      backsteincoding last edited by

      Hi, I hope this is the right place to ask this 🙂

      I have a question regarding setting up an identity server.
      I already set up matrix synapse behind a nginx reverse proxy on one server
      and now i want to configure sydent on another server.

      On the matrix server I did the following:

      I put into my homeserver.yaml file:
      trusted_third_party_id_servers:
      - [FQDN of my identity server]

      and for my nginx:
      ...
      location / {
      try_files $uri $uri/ =404;
      }

          location /_matrix/identity {
                  proxy_set_header Host $host;
                  proxy_set_header X-Forwarded-For $remote_addr;
                  proxy_pass http://[FQDN of my identity server]:8090/_matrix/identity;
          }
      
          location /_matrix {
                  proxy_pass http://localhost:8008/_matrix;
                   proxy_set_header Host $host;
                   proxy_set_header X-Forwarded-For $remote_addr;
      
          }
      

      ...

      I also edited the config file of element:
      "m.identity_server": {
      "base_url": "http://[FQDN of my identity server]",
      }

      Now for the sydent.conf file on my identity server, I am not really sure what to put.
      For now it looks like this:

      [DEFAULT]
      server.name =
      log.path =
      log.level = INFO
      pidfile.path = sydent.pid
      terms.path =
      address_lookup_limit = 10000
      enable_v1_associations = true
      delete_tokens_on_bind = true
      db.file = sydent.db
      clientapi.http.bind_address = ::
      clientapi.http.port = 8090
      internalapi.http.bind_address = ::1
      internalapi.http.port =
      replication.https.certfile =
      replication.https.cacert =
      replication.https.bind_address = ::
      replication.https.port = 4434
      obey_x_forwarded_for = False
      federation.verifycerts = True
      verify_response_template =
      client_http_base =
      email.template = res/email.template
      email.invite_template = res/invite.template
      email.from = Sydent Validation <noreply@{hostname}>
      email.subject = Your Validation Token
      email.invite.subject = %(sender_display_name)s has invited you to chat
      email.smtphost = localhost
      email.smtpport = 25
      email.smtpusername =
      email.smtppassword =
      email.hostname =
      email.tlsmode = 0
      email.third_party_invite_username_obfuscate_characters = 3
      email.third_party_invite_domain_obfuscate_characters = 3
      bodytemplate = Your code is {token}
      username =
      password =
      ed25519.signingkey =

      [general]
      server.name = [FQDN of my identity server]

      [db]

      [http]

      [email]
      email.tlsmode = 0
      email.template = res/email.template
      email.smtppassword =
      email.smtphost = localhost
      email.default_web_client_location = https://app.element.io
      email.from = Sydent Validation <noreply@{hostname}>
      email.invite_template = res/invite.template
      email.invite.subject = %(sender_display_name)s has invited you to chat
      email.smtpusername =
      email.smtpport = 25
      email.subject = Your Validation Token
      email.hostname =
      email.third_party_invite_domain_obfuscate_characters = 3
      email.third_party_invite_username_obfuscate_characters = 3

      [sms]

      [crypto]
      ed25519.signingkey = [key]

      When I start sydent on the identity server I am able to connect to
      it (via the 8090 port) from the matrix server. So this shouldn't be a
      problem regarding closed ports but rather I misconfiguration on
      one of the two servers?
      If so is there something I misconfigured or forgot to do?

      Thx
      I really hope someone here can help me out 🙂

      1 Reply Last reply Reply Quote 0
      • nebulon
        nebulon Staff last edited by

        Welcome to the forum. This forum is for Cloudron and thus synapse installed via Cloudron, from your question it does look like you have a non-Cloudron deployment there. For our package, the code is at https://git.cloudron.io/cloudron/synapse-app maybe you can compare our yaml configuration with yours, however this does not include the reverse proxy, since we run synapse directly and have a generic nginx in front of all apps on that server.

        B 1 Reply Last reply Reply Quote 0
        • B
          backsteincoding @nebulon last edited by

          @nebulon said in Question regarding setting up sydent as an identity server:

          .
          Ok, yes I haven't installed it via cloudron.
          Thank you for the reply!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Powered by NodeBB