Open Lab-8916100448256 opened 1 month ago
Can you link to the doc showing that localhost
is a valid value ?
Also https://github.com/matrix-org/synapse/blob/be65a8ec0195955c15fdb179c9158b187638e39a/docs/reverse_proxy.md?plain=1#L43
It looks like we could just put 127.0.0.1 because we always have local ipv4
Also according to https://github.com/matrix-org/synapse/blob/be65a8ec0195955c15fdb179c9158b187638e39a/docs/usage/configuration/config_documentation.md?plain=1#L457
the default is sane and we could just remove the line altogether.
Also it's for http-not-s traffic, it shouldn't even be used because yunohost enforces https…
Can you link to the doc showing that
localhost
is a valid value ? Also https://github.com/matrix-org/synapse/blob/be65a8ec0195955c15fdb179c9158b187638e39a/docs/reverse_proxy.md?plain=1#L43 It looks like we could just put 127.0.0.1 because we always have local ipv4
I have not read any doc about that. I just tried it and it was working. I have seen references to computers having only ipv6 somewhere. I don't remember where and I don't know if that could happen with a yunohost server
Also according to https://github.com/matrix-org/synapse/blob/be65a8ec0195955c15fdb179c9158b187638e39a/docs/usage/configuration/config_documentation.md?plain=1#L457
the default is sane and we could just remove the line altogether.
Also it's for http-not-s traffic, it shouldn't even be used because yunohost enforces https…
It's used by nginx that is reverse proxing it to https
Hello,
Maybe it look that you have an issue about pour network stack. Are you sure that ipv4 and ipv6 are enabled on your server ?
Hello,
Maybe it look that you have an issue about pour network stack. Are you sure that ipv4 and ipv6 are enabled on your server ?
ipv6 is disabled. And that is on purpose. There are other things that break in my case if I enable ipv6 : https://forum.yunohost.org/t/fixed-installing-letsecrypt-certificate-is-taking-a-very-long-time/28645
Can you link to the doc showing that
localhost
is a valid value ? Also https://github.com/matrix-org/synapse/blob/be65a8ec0195955c15fdb179c9158b187638e39a/docs/reverse_proxy.md?plain=1#L43 It looks like we could just put 127.0.0.1 because we always have local ipv4
I though about this during the night. And I kind of remember cases (no in synapse) where using localhost for a bind address was not working but using 127.0.0.1 was working. So yes it is probably better to use 127.0.0.1
@Salamandar , I have changed localhost to 127.0.0.1
Hello, Maybe it look that you have an issue about pour network stack. Are you sure that ipv4 and ipv6 are enabled on your server ?
ipv6 is disabled. And that is on purpose. There are other things that break in my case if I enable ipv6 : https://forum.yunohost.org/t/fixed-installing-letsecrypt-certificate-is-taking-a-very-long-time/28645
Hello,
Honestly I'm not sure that it's a good idea to drop ipv6 into the config. The future is to move to Ipv6.
For your specific case I think you don't need to completely disable ipv6. Since you don't have any default ipv6 route your issue should be solved.
Also as on nginx config side it's configured to reverse proxy to localhost
so your change will break instance with ipv6 enabled.
Honestly I'm not sure that it's a good idea to drop ipv6 into the config. The future is to move to Ipv6.
Well yes but actually no, here we are talking exclusively about internal IP, and most apps are curently only listening on ipv4 127.0.0.1.
I'll do some more tests to see what is strictly necessary to do in all that I have disabled regarding IPV6 to fix my issue of let's encrypt timeouts and try to find a better fix of my IP stack. However note that this will affect only the synapse error. If I remember correctly, the coturn error is also happening on IPV6 enabled host. I'll test that again to confirm.
Problem
synapse-coturn error (this error is happening only at boot time. if the service is manually started later on, there is no error) :
synapse error (this error is happening on servers that do not have ipv6 enabled :
Solution
-L 0.0.0.0
onExecStart
line in systemd unit filelocalhost
instead of::1
and127.0.0.1
PR Status
Automatic tests
Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ after creating the PR, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)