Matrix - synapse

oneitonitram · March 24, 2020, 2:44pm

i finally installed a TURN server, i am afraid to touch the homesever.yaml file to to integrate it into matrix/synapse.

Especially the uri, not sure how to set it.

mrmarkuz · March 24, 2020, 2:50pm

You may backup your homeserver.yaml and just try the suggested example:

turn_uris: [ "turn:turn.matrix.org:3478?transport=udp", "turn:turn.matrix.org:3478?transport=tcp" ]

github.com

matrix-org/synapse/blob/master/docs/turn-howto.md#synapse-setup

# Overview

This document explains how to enable VoIP relaying on your Home Server with
TURN.

The synapse Matrix Home Server supports integration with TURN server via the
[TURN server REST API](<http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00>). This
allows the Home Server to generate credentials that are valid for use on the
TURN server through the use of a secret shared between the Home Server and the
TURN server.

The following sections describe how to install [coturn](<https://github.com/coturn/coturn>) (which implements the TURN REST API) and integrate it with synapse.

## `coturn` Setup

### Initial installation

The TURN daemon `coturn` is available from a variety of sources such as native package managers, or installation from source.

#### Debian installation

This file has been truncated. show original

oneitonitram · March 24, 2020, 2:52pm

what about the port.
the ones listed on that example are not the ones we activated on the other link
these are the ones setup

STUN servers: server.domain.tld:5349
TURN server: server.domain.tld:5349
TURN secret: YOUR_SECRET
UDP and TCP

below are the ones listed.
3478

mrmarkuz · March 24, 2020, 3:00pm

Use the ones that are active.

You can check the open ports with

netstat -tlpnu.

oneitonitram · March 24, 2020, 3:09pm

turnserver listed on
3478 tcp
3478 udp

oneitonitram · March 24, 2020, 7:03pm

done as instructed, no erros, but i dont notice any differences.

i am not sure if its because all calls happen throught jitsi.matrix.im or what.

oneitonitram · March 29, 2020, 5:10am

on the telegram bridge, i get error : -bash: ./bin/activate: No such file or directory

mrmarkuz · March 29, 2020, 5:22am

Thanks, I forgot the scl enable…I’m going to fix it in the howto…

scl enable rh-python36 bash
virtualenv -p /usr/bin/python3 .
source ./bin/activate

oneitonitram · March 29, 2020, 5:27am

thank you for that.
now getting
The path /usr/bin/python3 (from --python=/usr/bin/python3) does not exist

mrmarkuz · March 29, 2020, 5:30am

Python36 should already be installed. Do you install on another machine than the matrix-synapse host?

yum -y install rh-python36

oneitonitram · March 29, 2020, 5:33am

it is the same machine that has matrix synapse

as shown here

mrmarkuz · March 29, 2020, 5:35am

What happens if you install it?

oneitonitram · March 29, 2020, 5:37am

Package rh-python36-2.0-1.el7.x86_64 already installed and latest version
Nothing to do

oneitonitram · March 29, 2020, 5:42am

inside user/bin

mrmarkuz · March 29, 2020, 5:47am

Please try

virtualenv .

The path is for python3 but we use rh-python36.

oneitonitram · March 29, 2020, 5:58am

Using base prefix '/opt/rh/rh-python36/root/usr'
New python executable in /opt/mautrix-telegram/bin/python3
Also creating executable in /opt/mautrix-telegram/bin/python
Installing setuptools, pip, wheel...done.

lclaude · April 11, 2020, 7:59pm

Hello,

It’s cool to see Matrix/Synapse coming on NS!! Many thanks for your great work

I’m testing this howto on a VM, and I have problems to reach the Matrix server with Riot. It’s frustrating, I’d like to test the bridges!

I installed Matrix on a VM on my workstation. The VM is a Nethserver. I call it: “NS2” (FQDN: matrix.mydomain.com), connected on the LAN.
My workstation is on the LAN, behind a NS server “NS1” (FQDN: ns1.mydomain.com)
NS1 is connected to the Internet and to the LAN, with 2 NICs. WAN is 192.168.1.x and LAN is 192.168.2.x

So, I have created a reverse proxy on NS1:
matrix.mydomain.com --> https://192.168.2.123
I have a valid LE certificate on NS1 for matrix.mydomain.com and I’ve set the: Accept invalid SSL certificate from target.
I don’t have any LE certificate on NS2.

Riot works, I can reach it from my workstation, and from the Internet.
But Riot can reach Matrix only if I’m from my workstation, and if my config.json is with the IP of NS2:

"default_server_config": {
        "m.homeserver": {
            "base_url": "https://192.168.2.123",

And Matrix can’t reach #synapse:matrix.org

If config.json is with the FQDN, Riot say it can’t reach the Matrix server.
And if I’m from the Internet, whether the config.json is based on IP or FQDN, Riot say it can’t reach Matrix.

What do you think about this?
Bad certificate for the NS2? Reverse proxy? Something else… ?

Thanks for your help.

oneitonitram · April 11, 2020, 8:21pm

Fist things first, i belive the biggest problem or blunder you made, is that you installed matrix on the same subdomain as your server hostname, these should be differet.

1:e svr1.domain.com while matrix goes to matrix.domain.com but dont use the same hostname as the installation for other software.

mrmarkuz · April 11, 2020, 10:28pm

I guess it’s the reverse proxy. You may need to copy the proxypass nocanon option and the AllowEncodedSlashes NoDecode from the matrix httpd configuration to a manual reverse proxy on NS1.
To check if it’s the reverse proxy you could do a port forwarding instead of the reverse proxy, get letsencrypt on NS2 and see if that works.

lclaude · April 15, 2020, 5:46pm

Finally I done this install on a vps.
Matrix, Riot, federation and LDAP works well.

I have a problem with the Telegram bridge, at this command:
[root@matrix mautrix-telegram]# python -m mautrix_telegram -g
/usr/bin/python: No module named mautrix_telegram
What did I miss?

And, you talk about TURN, is there a howto?

@oneitonitram
The difference I found for the admin is he can create communitys, not users.