Question regarding setting up sydent as an identity server

backsteincoding

Hi, I hope this is the right place to ask this

I have a question regarding setting up an identity server.
I already set up matrix synapse behind a nginx reverse proxy on one server
and now i want to configure sydent on another server.

On the matrix server I did the following:

I put into my homeserver.yaml file:
trusted_third_party_id_servers:
- [FQDN of my identity server]

and for my nginx:
...
location / {
try_files $uri $uri/ =404;
}

    location /_matrix/identity {
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://[FQDN of my identity server]:8090/_matrix/identity;
    }

    location /_matrix {
            proxy_pass http://localhost:8008/_matrix;
             proxy_set_header Host $host;
             proxy_set_header X-Forwarded-For $remote_addr;

    }

...

I also edited the config file of element:
"m.identity_server": {
"base_url": "http://[FQDN of my identity server]",
}

Now for the sydent.conf file on my identity server, I am not really sure what to put.
For now it looks like this:

[DEFAULT]
server.name =
log.path =
log.level = INFO
pidfile.path = sydent.pid
terms.path =
address_lookup_limit = 10000
enable_v1_associations = true
delete_tokens_on_bind = true
db.file = sydent.db
clientapi.http.bind_address = ::
clientapi.http.port = 8090
internalapi.http.bind_address = ::1
internalapi.http.port =
replication.https.certfile =
replication.https.cacert =
replication.https.bind_address = ::
replication.https.port = 4434
obey_x_forwarded_for = False
federation.verifycerts = True
verify_response_template =
client_http_base =
email.template = res/email.template
email.invite_template = res/invite.template
email.from = Sydent Validation <noreply@{hostname}>
email.subject = Your Validation Token
email.invite.subject = %(sender_display_name)s has invited you to chat
email.smtphost = localhost
email.smtpport = 25
email.smtpusername =
email.smtppassword =
email.hostname =
email.tlsmode = 0
email.third_party_invite_username_obfuscate_characters = 3
email.third_party_invite_domain_obfuscate_characters = 3
bodytemplate = Your code is {token}
username =
password =
ed25519.signingkey =

[general]
server.name = [FQDN of my identity server]

[db]

[http]

[email]
email.tlsmode = 0
email.template = res/email.template
email.smtppassword =
email.smtphost = localhost
email.default_web_client_location = https://app.element.io
email.from = Sydent Validation <noreply@{hostname}>
email.invite_template = res/invite.template
email.invite.subject = %(sender_display_name)s has invited you to chat
email.smtpusername =
email.smtpport = 25
email.subject = Your Validation Token
email.hostname =
email.third_party_invite_domain_obfuscate_characters = 3
email.third_party_invite_username_obfuscate_characters = 3

[sms]

[crypto]
ed25519.signingkey = [key]

When I start sydent on the identity server I am able to connect to
it (via the 8090 port) from the matrix server. So this shouldn't be a
problem regarding closed ports but rather I misconfiguration on
one of the two servers?
If so is there something I misconfigured or forgot to do?

Thx
I really hope someone here can help me out

nebulon

Welcome to the forum. This forum is for Cloudron and thus synapse installed via Cloudron, from your question it does look like you have a non-Cloudron deployment there. For our package, the code is at https://git.cloudron.io/cloudron/synapse-app maybe you can compare our yaml configuration with yours, however this does not include the reverse proxy, since we run synapse directly and have a generic nginx in front of all apps on that server.

backsteincoding

@nebulon said in Question regarding setting up sydent as an identity server:

.
Ok, yes I haven't installed it via cloudron.
Thank you for the reply!