Closed tituspijean closed 1 year ago
Even after installing synapse from this branch and synapse-admin from it https://github.com/YunoHost-Apps/synapse-admin_ynh/pull/13 , https://example.tld/_synapse still remains unreachable, and the synapse-admin application still returns the error
: NetworkError when attempting to fetch resource
!testme
Unable to install this branch, the error related to the package "jinja2" has still not been fixed, here are the logs : https://paste.yunohost.org/raw/yanemipanu
!testme
I upgraded to this branch, no problem on upgrade. But I am SSOed on the /_synapse path:
curl -I https://matrix.server.fr/_synapse
HTTP/2 302
server: nginx
date: Fri, 22 Apr 2022 21:56:09 GMT
content-type: text/html
content-length: 154
location: https://server.fr/yunohost/sso/?r=aHR0cHM6Ly9tYXRyaxxxxxxydXMuZnIvX3N5bmFwc2U=
x-sso-wat: You've just been SSOed
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: data: blob: ; object-src https: data: 'unsafe-inline'; style-src https: data: 'unsafe-inline' ; script-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
strict-transport-security: max-age=63072000; includeSubDomains; preload
Shouldn't this location open? Here are upgrade logs: https://paste.yunohost.org/raw/kokecelola
Also this:
root@server:~# yunohost user permission info synapse.admin_api
additional_urls:
allowed:
auth_header: False
corresponding_users:
label: Matrix (serveur de chat) (Server administration API.)
protected: False
show_tile: False
sublabel: Server administration API.
url: matrix.server.fr/_synapse
I added this permission Matrix (serveur de chat) (Server administration API.)
to the group visitors
But the same call with curl is SSOed
[EDIT] : synapse-admin works !!! :clap: :champagne: :fireworks: Sorry I was not using a valid endpoint I think. This works:
curl https://matrix.server.fr/_synapse/admin/v1/server_version
{"server_version":"1.56.0","python_version":"3.7.3"}%
Headers:
HTTP/2 200
server: nginx
date: Fri, 22 Apr 2022 22:23:41 GMT
content-type: application/json
x-sso-wat: You've just been SSOed
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, Date
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: data: blob: ; object-src https: data: 'unsafe-inline'; style-src https: data: 'unsafe-inline' ; script-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
strict-transport-security: max-age=63072000; includeSubDomains; preload
I have several synapse instances installed in stable version, and which have not yet received the update of this branch https://github.com/YunoHost-Apps/synapse_ynh/tree/add-_synapse-perm to have the permissions /_synapse/admin
, I would like to know how to give them these permissions? Or how to update them to this branch without data loss?
The following permission is not good :
yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('synapse.admin_api', url='/_synapse', auth_header=False, allowed=['visitors'], label='Server administration API.', show_tile=False, protected=False)"
For she creates a path https://synapse.domain.tld/_matrix/_synapse
while what we are looking for is https://synapse.domain.tld/_synapse
I have a server that I installed with the latest test repositories and that works very well with redirection domain.tld/_synapse
but I have a second which I have installed with old repositories, but that Admin API redirection is domain.tld/_matrix/_synapse
what doesn't work not.
How to change the redirection of the second Synapse server, so that it is similar to the first?
Hello,
What is the procedure to beta-test this ? How can we do it once we upgrade to this version ?
I have several synapse instances installed in stable version, and which have not yet received the update of this branch https://github.com/YunoHost-Apps/synapse_ynh/tree/add-_synapse-perm to have the permissions
/_synapse/admin
, I would like to know how to give them these permissions? Or how to update them to this branch without data loss?The following permission is not good :
yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('synapse.admin_api', url='/_synapse', auth_header=False, allowed=['visitors'], label='Server administration API.', show_tile=False, protected=False)"
For she creates a path
https://synapse.domain.tld/_matrix/_synapse
while what we are looking for ishttps://synapse.domain.tld/_synapse
I did that but it still can't fetch any content. What should I do ?
curl https://matrix.server.fr/_synapse/admin/v1/server_version
Adapted to my situation, this command gives me a 302 Found
html page.
!testme
!testme
@Josue-T I fixed the upgrade issues in the CI. It's ready to be merged.
I noticed some parts (make a user admin, etc.) of "Additional information" section of the README are missing now that we use the doc/
files. Is that voluntary? (e.g. these from an old commit: https://github.com/YunoHost-Apps/synapse_ynh/blob/7a5a9cc4bf652e11c21389981a3419d82eb3f57b/README.md#set-user-as-admin)
@Josue-T I fixed the upgrade issues in the CI. It's ready to be merged.
I noticed some parts (make a user admin, etc.) of "Additional information" section of the README are missing now that we use the
doc/
files. Is that voluntary? (e.g. these from an old commit: https://github.com/YunoHost-Apps/synapse_ynh/blob/7a5a9cc4bf652e11c21389981a3419d82eb3f57b/README.md#set-user-as-admin)
No it's an error while the migration it should be restored except the "Migration from old package" section as it's really old probably not more useful for anybody.
OK I will add them again here and merge to testing.
Problem
Closes #291 Will fix Synapse Admin package with https://github.com/YunoHost-Apps/synapse-admin_ynh/pull/13
Solution
Add a new permission, with no access by default, to protect
/_synapse
path.PR Status
Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ after creating the PR, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)