Closed csolisr closed 3 months ago
I face the same issue
Same here too I tried to edit my synapse.conf to change the url but it didn't work I apply the setting https://forum.yunohost.org/t/synapse-sign-in-webside-doesnt-work/26472/10 and at least now i can login with username/password
same problem
Hi, i discovered this package implement the new mechanism for PHP conf:
https://github.com/YunoHost-Apps/synapse_ynh/commit/a83c3438a5587badadb6584a33ade428e87a5ef7
I was able to fix the CAS login by changing /etc/php/7.4/fpm/pool.d/synapse.conf with:
[synapse]
user = matrix-synapse
group = matrix-synapse
chdir = /var/www/synapse
listen = /var/run/php/php7.4-fpm-synapse.sock
listen.owner = www-data
listen.group = www-data
pm = ondemand
pm.max_children = 16
pm.max_requests = 500
request_terminate_timeout = 1d
pm.process_idle_timeout = 10s
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 100M
php_admin_value[post_max_size] = 100M
I don't know exactly how to fix that in the package with the new helper...
@ericgaspar
it didn't work for me.
In more you need to change the nginx conf file with /var/run/php/php7.4-fpm-synapse.sock
instead of /run/php/php7.4-fpm-synapse.sock
In more you need to change the nginx conf file with
/var/run/php/php7.4-fpm-synapse.sock
instead of/run/php/php7.4-fpm-synapse.sock
That's already the case for me, but I have the issue… edit: no, I've mistaken it with the php conf.
Also my /etc/php/7.4/fpm/pool.d/synapse.conf
file is quite different, with different user and chdir used…
Thank you @zamentur , with changing /etc/php/7.4/fpm/pool.d/synapse.conf with:
[synapse]
user = matrix-synapse
group = matrix-synapse
chdir = /var/www/synapse
listen = /var/run/php/php7.4-fpm-synapse.sock
listen.owner = www-data
listen.group = www-data
pm = ondemand
pm.max_children = 16
pm.max_requests = 500
request_terminate_timeout = 1d
pm.process_idle_timeout = 10s
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 100M
php_admin_value[post_max_size] = 100M
and changing the nginx conf file with /var/run/php/php7.4-fpm-synapse.sock
instead of /run/php7.4-fpm-synapse.sock
, it works!
Changing the nginx file, I could make a PR but for changing the /etc/php/7.4/fpm/pool.d/synapse.conf file, I guess it is related to this command line in the install and upgrade script but I don't know how to modify it :
ynh_add_fpm_config --usage=low --footprint=low
@Josue-T any idea?
@Thatoo
It could be possible to rework this package to rename the system user synapse
instead of matrix-synapse
.
I think matrix-synapse is a legacy name and now it's normalize, the user should be the same than the app id... I don't see specific reasons to keep this old unormalized name.
The install_dir
in this package is the install_dir of synapse (/opt/yunohost/synapse) not the one of the php file to manage CAS (/var/www/synapse) . SO the auto generated php conf doesn't work well.
https://github.com/YunoHost/yunohost/blob/465f6da5cd4d716bbcb802dfd742114083034235/helpers/php#L190
SO i suggest this:
old_install_dir=$install_dir
install_dir=/var/www/$app
ynh_add_fpm_config --usage=low --footprint=low
install_dir=$old_install_dir
An other solution could be to suggest a PR on ynh_add_fpm_config
to add an install_dir params ynh_add_fpm_config --install_dir=/var/www/$app
.
conf/php-fpm.conf
https://yunohost.org/en/packaging_apps_helpers#ynh-add-fpm-config
But how long this deprecated behaviour will be conserved ?
Personally, i think we should implement the solution 1 or the solution 2 (if synapse package is not the only package with php as a second technology...).
[EDIT] This was fixed by correcting a typo, as outlined in the next comment by Thatoo.
I'm still getting this. I've:
...but I'm still ubable to log in (web or Android app).
I'm quite desperate to fix this quickly, so if there is any info I can provide, or testing I can do to help to get to the bottom of this, I would really appreciate any ideas!
@Bugsbane you have a mistake in your nginx file.
You wrote fastcgi_pass unix:/var/run/php7.4-fpm-synapse.sock;
instead of fastcgi_pass unix:/var/run/php/php7.4-fpm-synapse.sock;
You missed a /php/
@Thatoo You are totally correct! After fixing that IT WORKS! Thank you (and everyone who worked on this) so very, very much!
So this should be pushed in a PR to fix the issue, right ?
In more you need to change the nginx conf file with
/var/run/php/php7.4-fpm-synapse.sock
instead of/run/php/php7.4-fpm-synapse.sock
Can you specify which file and line should be changed ? I can't find out.
And after that, matrix + nginx + php service reloads ?
@Bugsbane you have a mistake in your nginx file. You wrote
fastcgi_pass unix:/var/run/php7.4-fpm-synapse.sock;
instead offastcgi_pass unix:/var/run/php/php7.4-fpm-synapse.sock;
You missed a/php/
Ok then same typo here… but now I have "File not found" when connecting to CAS… :(
…
Wait, I need to reload php too. It works !
Just a tip if someone needs it : the synapse.conf crash php if you try to add comments in it (I tried with # and it failed).
And just to simplify even more (without pasting the content of the files, already here), here are the paths and commands to run to restart :
vim /etc/php/7.4/fpm/pool.d/synapse.conf
vim /etc/nginx/conf.d/YOURSERVER.LTD.d/synapse.conf
yunohost restart nginx
yunohost restart matrix-synapse
yunohost restart php7.4-fpm
yunohost status nginx
yunohost status matrix-synapse
yunohost status php7.4-fpm
To comment on this file, it is not with # but with ;
Waiting for yunohost's devs to comment on https://github.com/YunoHost/issues/issues/2267, the solution 2, I'll make a PR with the other solution, the solution 1.
And just to simplify even more (without pasting the content of the files, already here), here are the paths and commands to run to restart :
I think you meant:
vim /etc/php/7.4/fpm/pool.d/synapse.conf
vim /etc/nginx/conf.d/YOURSERVER.LTD.d/synapse.conf
yunohost service restart nginx matrix-synapse php7.4-fpm
yunohost service status nginx matrix-synapse php7.4-fpm
Could anyone tell me if homeserver.yml still needs to be edited to enable password login with the modifications above? Somehow I though we did not but the login still fails after editing /etc/php/7.4/fpm/pool.d/synapse.conf and /etc/nginx/conf.d/YOURSERVER.LTD.d/synapse.conf…
IMO password logins were broken by #356 (disallowing registrations disables password logins). WDYT @Gredin67 ?
IMO password logins were broken by #356 (disallowing registrations disables password logins). WDYT @Gredin67 ?
At least the config script does not edit anything regarding the password logins, even though the config_panel.toml defines it…
This problem just came back with a recent update. I went back in and re-edited /etc/php/7.4/fpm/pool.d/synapse.conf to match exactly what's listed in comment https://github.com/YunoHost-Apps/synapse_ynh/issues/412#issuecomment-1752042499 (and checked with diff). I completely restarted the server, but the same issue continues. Has something changed recently, like which version of php is being used for synapse_ynh?
For the record, I do have registrations disallowed, so I'm wondering if it could also be related to the potential bug mentioned above by @orhtej2 ( https://github.com/YunoHost-Apps/synapse_ynh/pull/356 - disallowing registrations also disallows password login).
I am facing the same issue (and I also have registrations disallowed) and so I can't connect new client to my Synapse server 🙁 I am available to make some testing of new solutions (without breaking my server of course...)
Thanks in advance for the dev' for their advices 🤗
The solution is on the way : https://github.com/YunoHost-Apps/synapse_ynh/pull/426 Please let's give some time to Josue-T to finish his PR and merge it into testing. Then, anyone who will want to give it a try will be welcome before it comes into normal updates.
Thanks for your feedback @Thatoo I know the huge work of @Josue-T to propose the Synapse packaging for Yunohost and to maintain it so well since 2018 (I am among the ones that benefit from it from the beginning).
I understand know the issue is being worked on, I'll be patient :wink:
After an update a while ago, this issue seems to have been fixed for me. Does this issue still need to be open, or is anyone else still getting this after updating and restarting their server?
yes, I still have this bug on v1.98.0~ynh1, maybe as https://github.com/YunoHost-Apps/synapse_ynh/issues/412#issuecomment-1793741544 (I never fixed it manually, btw)
poke @Josue-T
I'm having a similar issue, wondering if it's related. When I try to log in, I have to go through CAS/SSO but then in the process I'm redirected towards: https://synapsedomain.tld/_matrix/cas_server.php/login?service=https%3A%2F%2Fsynapsedomain.tld%2F_matrix%2Fclient%2Fr0%2Flogin%2Fcas%2Fticket%3FredirectUrl%3Dhttps%253A%252F%252Felementdomain.tld%252F
which shows me a white File not found
page.
The same happen if I try to connect through an app like synapseadmin.
This happens since I upgraded synapse, before I used to have the same sign-in loop that others described in this thread.
a temporary workaround can be to activate the password connection:
yunohost app config set synapse main.welcome.password_enabled -v true
In related news - is there a reason why this package is still stuck with PHP 7 instead of bumping it up to 8? From what I see, the only dependency is cas_server.php
and I would like to know if there's any incompatibility on the file that prevents this package from being upgraded.
a temporary workaround can be to activate the password connection:
yunohost app config set synapse main.welcome.password_enabled -v true
I had to reinstall my server recently, including Synapse ( 1.98.0~ynh1) When I try to connect with element, it is still impossible even with the command above :-(
I am also getting this on a recently updated server as well to version 1.98.0~ynh1. I would normally be able to change this, but none of the fixes mentioned seem to work anymore.
The command to enable password logins does not do anything and same with the UI button in the applications settings.
I get this when trying the command listed above.
root@login:/home/admin# yunohost app config set synapse main.welcome.password_enabled -v false
Info: [+++++...............] > Reading config panel description and current configuration...
Info: [#####+++++..........] > Checking what changed in the new configuration...
Info: Nothing has changed
Info: Reloading services...
Success! The service 'matrix-synapse' was reloaded or restarted
Success! Config updated as expected
root@login:/home/admin# yunohost app config set synapse main.welcome.password_enabled -v true
Info: [+++++...............] > Reading config panel description and current configuration...
Info: [#####+++++..........] > Checking what changed in the new configuration...
Info: Nothing has changed
Info: Reloading services...
Success! The service 'matrix-synapse' was reloaded or restarted
Success! Config updated as expected
Fixed by #426
@Josue-T your merged #426 in testing the 08/03/2024 and testing into master the 16/04/2024 so I was expecting not to face this issue after updating synapse to v 1.104.0~ynh1 yesterday evening. Unfortunatly, I face exactly the same thing. And I found the same "error" as before :
sudo cat /etc/php/7.4/fpm/pool.d/synapse.conf
[synapse]
user = synapse
group = synapse
chdir = /var/www/synapse
listen = /var/run/php/php7.4-fpm-synapse.sock
listen.owner = www-data
listen.group = www-data
pm = ondemand
pm.max_children = 12
pm.max_requests = 500
request_terminate_timeout = 1d
pm.process_idle_timeout = 10s
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 100M
php_admin_value[post_max_size] = 100M
and
sudo cat /etc/nginx/conf.d/matrix.hamdel.in.d/synapse.conf
rewrite ^$ /;
location ~ ^/$ {
default_type text/plain;
return 200 "This is where Synapse is installed.";
}
location /_matrix/ {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
client_max_body_size 10M;
}
# Use the specific path for the php file. It's more secure than global php path
location /_matrix/cas_server.php/ {
alias /var/www/synapse/;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/run/php/php7.4-fpm-synapse.sock;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME cas_server.php;
}
location /_synapse/ {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
client_max_body_size 10M;
}
Should I try the same solution as before https://github.com/YunoHost-Apps/synapse_ynh/issues/412#issuecomment-1757355451 ?
Well changing
user = synapse
group = synapse
to
user = matrix-synapse
group = matrix-synapse
in /etc/php/7.4/fpm/pool.d/synapse.conf isn't a good idea anymore, it makes fpm not working.
Changing
fastcgi_pass unix:/run/php/php7.4-fpm-synapse.sock;
to
fastcgi_pass unix:/var/run/php/php7.4-fpm-synapse.sock;
doesn't help neither.
Well it actually works for old account. The problem comes only when a new account wants to connect for the first time. It looks more related to registration issue. I open a new issue then.
Well there was many modification since this issue was created. So the solution won't probably be the same solution than what it was suggested here. Thanks to create a new specific issue here: https://github.com/YunoHost-Apps/synapse_ynh/issues/453
Describe the bug
After the latest update of Element / Synapse, the web client only shows the option to log in using CAS, which results in an infinite loop. See also the corresponding bug in the
element_ynh
repository: https://github.com/YunoHost-Apps/element_ynh/issues/122Context
Steps to reproduce
Expected behavior
The browser should be able to correctly redirect the user to the CAS login mechanism.
Logs
From the console log (URL redacted to
example.net
):Also of notice is the fact that the current configuration for CAS in nginx includes the following line:
Which means that the URL that Synapse is expecting would be in the form of
https://example.net/_matrix/cas_server.php
. However, the newest version of Element expects the CAS to be in the form ofhttps://example.net/_matrix/client/v3/login/sso/redirect/cas
- can this be safely edited in nginx?