Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Matrix (Synapse/Element)
  3. Question regarding setting up sydent as an identity server

Question regarding setting up sydent as an identity server

Scheduled Pinned Locked Moved Matrix (Synapse/Element)
matrixsydentidentity server
3 Posts 2 Posters 1.1k Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      B Offline
      backsteincoding
      wrote on last edited by
      #1

      Hi, I hope this is the right place to ask this 🙂

      I have a question regarding setting up an identity server.
      I already set up matrix synapse behind a nginx reverse proxy on one server
      and now i want to configure sydent on another server.

      On the matrix server I did the following:

      I put into my homeserver.yaml file:
      trusted_third_party_id_servers:
      - [FQDN of my identity server]

      and for my nginx:
      ...
      location / {
      try_files $uri $uri/ =404;
      }

          location /_matrix/identity {
                  proxy_set_header Host $host;
                  proxy_set_header X-Forwarded-For $remote_addr;
                  proxy_pass http://[FQDN of my identity server]:8090/_matrix/identity;
          }
      
          location /_matrix {
                  proxy_pass http://localhost:8008/_matrix;
                   proxy_set_header Host $host;
                   proxy_set_header X-Forwarded-For $remote_addr;
      
          }
      

      ...

      I also edited the config file of element:
      "m.identity_server": {
      "base_url": "http://[FQDN of my identity server]",
      }

      Now for the sydent.conf file on my identity server, I am not really sure what to put.
      For now it looks like this:

      [DEFAULT]
      server.name =
      log.path =
      log.level = INFO
      pidfile.path = sydent.pid
      terms.path =
      address_lookup_limit = 10000
      enable_v1_associations = true
      delete_tokens_on_bind = true
      db.file = sydent.db
      clientapi.http.bind_address = ::
      clientapi.http.port = 8090
      internalapi.http.bind_address = ::1
      internalapi.http.port =
      replication.https.certfile =
      replication.https.cacert =
      replication.https.bind_address = ::
      replication.https.port = 4434
      obey_x_forwarded_for = False
      federation.verifycerts = True
      verify_response_template =
      client_http_base =
      email.template = res/email.template
      email.invite_template = res/invite.template
      email.from = Sydent Validation <noreply@{hostname}>
      email.subject = Your Validation Token
      email.invite.subject = %(sender_display_name)s has invited you to chat
      email.smtphost = localhost
      email.smtpport = 25
      email.smtpusername =
      email.smtppassword =
      email.hostname =
      email.tlsmode = 0
      email.third_party_invite_username_obfuscate_characters = 3
      email.third_party_invite_domain_obfuscate_characters = 3
      bodytemplate = Your code is {token}
      username =
      password =
      ed25519.signingkey =

      [general]
      server.name = [FQDN of my identity server]

      [db]

      [http]

      [email]
      email.tlsmode = 0
      email.template = res/email.template
      email.smtppassword =
      email.smtphost = localhost
      email.default_web_client_location = https://app.element.io
      email.from = Sydent Validation <noreply@{hostname}>
      email.invite_template = res/invite.template
      email.invite.subject = %(sender_display_name)s has invited you to chat
      email.smtpusername =
      email.smtpport = 25
      email.subject = Your Validation Token
      email.hostname =
      email.third_party_invite_domain_obfuscate_characters = 3
      email.third_party_invite_username_obfuscate_characters = 3

      [sms]

      [crypto]
      ed25519.signingkey = [key]

      When I start sydent on the identity server I am able to connect to
      it (via the 8090 port) from the matrix server. So this shouldn't be a
      problem regarding closed ports but rather I misconfiguration on
      one of the two servers?
      If so is there something I misconfigured or forgot to do?

      Thx
      I really hope someone here can help me out 🙂

      1 Reply Last reply
      0
      • nebulonN Offline
        nebulonN Offline
        nebulon
        Staff
        wrote on last edited by
        #2

        Welcome to the forum. This forum is for Cloudron and thus synapse installed via Cloudron, from your question it does look like you have a non-Cloudron deployment there. For our package, the code is at https://git.cloudron.io/cloudron/synapse-app maybe you can compare our yaml configuration with yours, however this does not include the reverse proxy, since we run synapse directly and have a generic nginx in front of all apps on that server.

        B 1 Reply Last reply
        0
        • nebulonN nebulon

          Welcome to the forum. This forum is for Cloudron and thus synapse installed via Cloudron, from your question it does look like you have a non-Cloudron deployment there. For our package, the code is at https://git.cloudron.io/cloudron/synapse-app maybe you can compare our yaml configuration with yours, however this does not include the reverse proxy, since we run synapse directly and have a generic nginx in front of all apps on that server.

          B Offline
          B Offline
          backsteincoding
          wrote on last edited by
          #3

          @nebulon said in Question regarding setting up sydent as an identity server:

          .
          Ok, yes I haven't installed it via cloudron.
          Thank you for the reply!

          1 Reply Last reply
          0
          Reply
          • Reply as topic
          Log in to reply
          • Oldest to Newest
          • Newest to Oldest
          • Most Votes


            • Login

            • Don't have an account? Register

            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search