Federation testing fails unless port 8448 is forwarded to 443

Ok so I was trying to read up a bit on federation because I was confused why federation was working for my domain without port forwarding but not for you and I believe they are actually both working, albeit it may make sense to have clooudron also set up port forwarding of 8448for backup.

If you check federation for your base domain, you can see that it actually checks port 443 not 8448. Federation can work without forwarding port 8448 if the server is configured to use delegation.

While port 8448 is the default for server-to-server federation traffic, an administrator can configure their server to direct this traffic to a different host or port, such as the standard HTTPS port 443. This is what happens when you set the .well-known file in the dashboard.

Here is how it works:

• When another server wants to federate with a domain (e.g., malenfant.net), it first checks for a file at https://malenfant.net/.well-known/matrix/server
• This file contains a JSON object that specifies the actual server and port to connect to for federation
• For a server like matrix.malenfant.net to work on port 443, the file would (and does in your case) contain something like this: { "m.server": "matrix.malenfant.net:443" }
• This instructs all other federating servers to connect to matrix.malenfant.net on port 443, completely bypassing the need for port 8448.

I assume your base domain for user names is malenfant.net not matrix.malenfant.net? So @didier:malenfant.net instead of @didier:matrix.malenfant.net.

So maybe you thought you need to enable federation for matrix.malenfant.net:8448 which is not what would happen, since other servers would check federation for malenfant.net not matrix.malenfant.net

Enjoy your vacation and don't get trafficked!

@DidierMalenfant Potential sources for this Issues that come to my mind:

• DNS propagation
• Cloudflare proxying

But https://federationtester.matrix.org/#malenfant.net correctly recognizes federation. Is this with your fix?

@DidierMalenfant Do you have any app installed on the base domain?

@stefanwirtz What step are you stuck at?

It looks to me that the package requires support for the GT06 protocol on its standard port, 5023. @nebulon could you please add it to the Cloudron Traccar app package? This appears to be essential for GT06 devices to function correctly.

Edit:

Just tested this and seems to work perfectly.

@fearanp Were you able to get GT06 working? I'm still struggling with my device.

@marcusquinn haha

• Main Page: https://openobserve.ai
• Git: https://github.com/openobserve/openobserve
• Licence: AGPL-3.0
• Docker: Yes
• Demo

---

Summary: OpenObserve (O2 for short) is a cloud-native observability platform built specifically for logs, metrics, traces, analytics, RUM (Real User Monitoring - Performance, Errors, Session Replay) designed to work at petabyte scale.

---

Notes: Looks like a nice, lightweight logging solution built in rust.

I was able to get a working package going pretty easily (subject to more testing).

---

OpenObserve serves as a seamless replacement for Elasticsearch for users who ingest data using APIs and perform searches. OpenObserve comes with its own user interface, eliminating the need for separate installation.

You can reduce your log storage costs by ~140x compared to Elasticsearch by using OpenObserve. Below, we present the results from pushing logs from our production Kubernetes cluster to both Elasticsearch and OpenObserve using Fluent Bit.

Introduction Video

Features:

• Logs, Metrics, Traces: Comprehensive support for various data types.
• OpenTelemetry Support: Full compatibility with OTLP for logs, metrics, and traces.
• Real User Monitoring (RUM): Includes performance tracking, error logging, and session replay.
• Dashboards, Reports, Alerts: Features over 18 different chart types for comprehensive data visualization for on-the-fly analysis and reporting along with alerting.
• Pipelines: Enrich, redact, reduce, normalize data on the fly. Stream processing for logs to metrics and more.
• Advanced Embedded GUI: Intuitive and user-friendly interface.
• SQL and PromQL Support: Query logs and traces with SQL, and metrics with SQL and PromQL.
• Single Binary or HA Installation: Install using a single binary for small deployments or in HA mode for large deployments.
• Versatile Storage Options: Supports local disk, S3, MinIO, GCS, Azure Blob Storage.
• High Availability and Clustering: Ensures reliable and scalable performance.
• Dynamic Schema: Adapts to your data structure seamlessly.
• Built-in Authentication: Secure and ready to use.
• Ease of Operation: Designed for simplicity and efficiency.
• Seamless Upgrades: Hassle-free updates.
• Multilingual UI: Supports 11 languages, including English, Spanish, German, French, Chinese, and more.

For a full list of features, check the documentation.

Screenshots

Home

Logs

Traces (OpenTelemetry)

Trace details page

Golden metrics based on traces

Visualizations and Dashboards

Front end monitoring

Performance analytics

Session replay

Error tracking

Alerts

Streams

Ingestion

Pipeline

Pipeline

Function

IAM

SSO (Single Sign On)

RBAC (Role Based Access Control)

https://github.com/dani-garcia/vaultwarden/pull/3899#event-19062298364

Finally merged. Didn’t believe in it anymore lol

@nebulon Oh I'm super happy. Am using even sub accounts without problems.

Yes, /home is the correct path. FYI, encrypting file names will most likely create issues and not work. I also have hard links disabled because I think that had issues too.

@girish Yes a time based window would also be good. So only update if update is > Time old. Whatever is a simple implementation.

@james yes they should be but there have been various incidents in the past where automatic updates broke installs. Not blaming anyone, that’s just in the nature of things. So giving people the option to stay behind one release for mission critical deployments where people have had experience with any potentials issues would be nice to have I believe.

@girish im not asking for an additional beta Chanel but rather a stable Chanel which is a predetermined amount of updates behind

It would be nice to be able to select release channels for apps, even better if adjustable per app install. So for example if I want cutting edge updates, I can select that. If I want stable (could be one or two releases behind) then I select that.

Especially for mission critical apps it would be nice to not auto-update to a version which has not been tested yet.

@luckow Holy moly what a domain name

@nebulon correct, ente does not support any other storage options besides s3

The current state of the package:

• building from source not using the official docker image
• photos works (finally)
• other apps (cast/auth/accounts) do not yet
• working on a script that will send the OTP via E-Mail instead of having to retrieve from the logs
• my s3 configuration is still hardcoded because making it work was a pain

@jdaviescoates Yes I know, this was more of a general feature request lol