#2309: Provide a Matrix homeserver
---------------------------+----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
---------------------------+----------------------
This ticket is to request a matrix homeserver for OSGeo.
It could be https://matrix.osgeo.org and allow access via LDAP
authentication.
It could host existing matrix channels (would be mirroring them).
See https://wiki.osgeo.org/wiki/Matrix
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Matrix reference homeserver (synapse) went 1.0 yesterday:
https://matrix.org/blog/2019/06/11/introducing-matrix-1-0-and-the-matrix-
org-foundation
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
Once we resetup osgeo3 maybe we can think about putting matrix there.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
notes from #2432
Container created
strk -- let me know if you need more
goes thru hop.osgeo3.osgeo.org
added to https://wiki.osgeo.org/wiki/SAC_Service_Status#
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
I still need to create an nginx entry for it but not sure what port it
goes thru so will wait off on that.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Instructions about how to set it up: https://matrix.org/docs/guides
/installing-synapse
Regina: I'd need powers on that host
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
It looks like I do have powers already, will see if I find the time to
move this on
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:6>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
I think it would be a good idea to start using ansible for deployment.
There's an available "ansible playbook" to deploy a matrix server, which
we could fork in a private Gitea repository to tweak to our needs:
https://github.com/spantaleev/matrix-docker-ansible-deploy
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Synapse is now installed, we'll want to proxy port 8008 of that host
enabling HTTPS.
How secure would the connection from the LXC host to the proxy ? Should
the proxy be on osgeo3 ?
Does it make sense to have synapse itself use https (I think it does not)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
LDAP is also configured
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:9>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
So, what we need as the next step, is having osgeo.org TCP port 8448
provide HTTPS proxy to the matrix LXC host. Either that, or have
osgeo.org:80/443 expose a .well-known/ file to redirect to another
hostname which holds the proxy. If there's no difference in traffic I'd
take the first solution...
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:10>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
.well-known can be hanlded by osgeo7-nginx with something like this:
{{{
location = /.well-known/matrix/server {
add_header Content-Type application/json;
return 200 '{\n "m.server": "ACTUAL_SERVER"\n}';
}
location = /.well-known/matrix/client {
add_header Access-Control-Allow-Origin *;
add_header Content-Type application/json;
return 200 '{\n "m.homeserver": {\n "base_url": "ACTUAL_SERVER"\n
}\n}';
}
}}}
But we'll still need the ACTUAL_SERVER to have a name, so how about
matrix.osgeo.org to point to osgeo3 IP ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:11>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
you mean osgeo3 right?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:12>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
strk - I have matrix.osgeo.org registered on osgeo3-nginx and with ssl
cert.
Have it proxied to matrix.lxd: 8008 but I see nothing
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:13>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Fixed, the server was configured to only listen on loopback interface...
Next we need the federation setup.
Testing tool: https://federationtester.matrix.org/
Instructions for federation: https://github.com/matrix-
org/synapse/blob/master/docs/federate.md
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:14>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Performance thing to tweak: we need to expose HTTP2 support, to reduce
number of requests from clients to the server. Right now, with HTTP1, my
client (weechat-matrix) is making 1 request per second (Regina's is being
lighter, what client is that @robe ?)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:15>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
HTTP2 support enabled. Next I guess we want PostgreSQL database (currently
using sqlite3 instead)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:16>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Regina, can you do the PostgreSQL setup ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:17>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by robe):
Sure version 12? or any issues with using 12? I'll install on the matrix
container to keep self-contained.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:18>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2309: Provide a Matrix homeserver
---------------------------+-----------------------
Reporter: strk | Owner: robe
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+-----------------------
Comment (by strk):
Version 12 should be fine, thanks
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2309#comment:19>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.