0

I am setting up delegation on a synapse server. I follow the official docs and seem to have everything in place. I get the following error on example.com nginx logs when I enter the homeserver "example.org" in a client, that is supposed to delegate client traffic to "synapse.example.com":

[error] 28804#28804: *246 open() "/usr/share/nginx/html/_matrix/client/r0/login" failed (2: No such file or directory) [..]

The client seems to request the matrix server information from the wrong server, instead of the delegated.

nginx config on example.com:

server {
        server_name www.example.com example.com; # managed by Certbot


    location /.well-known/matrix/server {
        default_type application/json;
        return 200 '{"m.server": "synapse.example.com:443"}';
    }

    location /.well-known/matrix/client {
        default_type application/json;
        return 200 '{"m.homeserver":{"base_url": "https://synapse.example.com"}}';  
    }


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot

    [...ssl certs...]

}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 ;
    listen [::]:80 ;
    server_name www.example.com example.com;
    return 404; # managed by Certbot
}

synapse.example.com nginx config:

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    # For the federation port
    listen 8448 ssl http2 default_server;
    listen [::]:8448 ssl http2 default_server;

    server_name synapse.example.com;

    location ~ ^(/_matrix|/_synapse/client) {
        [...]
        proxy_pass http://localhost:8008;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        [...]
    }
}

And finally, the homeserver.yaml on synapse.example.com:

[...]
public_baseurl: https://synapse.example.com/
presence:
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['::1', '127.0.0.1']
    resources:
      - names: [client, federation]
        compress: false
[...]

I understand that the error on example.com implies that certain requests are not forwarded to the delegated host at synapse.example.com, but could not find anything in the synapse docs or elsewhere. I would have expected that the matrix clients / protocol parses the .well-known JSON and then handles the delegation itself. Apparently not.

Can someone point me in the right direction how to debug here? Or even give an explanation of what I am doing wrong. Help highly appreciated

Edit: Opening https://synapse.example.com/_matrix/key/v2/server in a browser, the json contains the key/value pair

server_name "example.com"

I am not sure where this is defined, and whether this is correct.

(BTW, all references to "synapse.example.com" and "example.com" represent the real domain names, respectively.)

randmin
  • 49
  • 7

0 Answers0