Open ponfertato opened 1 week ago
synapse=# \d e2e_room_keys
Table "public.e2e_room_keys"
Column | Type | Collation | Nullable | Default
---------------------+---------+-----------+----------+---------
user_id | text | | not null |
room_id | text | | not null |
session_id | text | | not null |
version | bigint | | not null |
first_message_index | integer | | |
forwarded_count | integer | | |
is_verified | boolean | | |
session_data | text | | not null |
Indexes:
"e2e_room_keys_room_id" btree (room_id)
"e2e_room_keys_with_version_idx" UNIQUE, btree (user_id, version, room_id, session_id)
synapse=# \d e2e_room_keys_versions
Table "public.e2e_room_keys_versions"
Column | Type | Collation | Nullable | Default
-----------+----------+-----------+----------+---------
user_id | text | | not null |
version | bigint | | not null |
algorithm | text | | not null |
auth_data | text | | not null |
deleted | smallint | | not null | 0
etag | bigint | | |
Indexes:
"e2e_room_keys_versions_idx" UNIQUE, btree (user_id, version)
ERROR: relation "room_keys" does not exist at character 15
STATEMENT: select * from room_keys;
ERROR: relation "key_backups" does not exist at character 15
STATEMENT: select * from key_backups;
synapse=# select * from e2e_room_keys_versions;
user_id | version | algorithm | auth_data | deleted | etag
--------------------------------+---------+----------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------+------
@<USER_ONE>:potatoenergy.ru | 2 | m.megolm_backup.v1.curve25519-aes-sha2 | {"public_key":"<EDIT>","signatures":{"@<USER_ONE>:potatoenergy.ru":{"ed25519:KDETVOBTKA":"<EDIT>","ed25519:FDUCWWGAKB":"<EDIT>","ed25519:VcScmR5edfhYW8bgVK6RNoBVsmWkeyVRaN87O0fmhxI":"<EDIT>","ed25519:MRASKJNEOU":"<EDIT>"}}} | 0 | 59
@ponfertato:potatoenergy.ru | 1 | m.megolm_backup.v1.curve25519-aes-sha2 | {"public_key":"<EDIT>","signatures":{"@ponfertato:potatoenergy.ru":{"ed25519:KWMORYTWEU":"<EDIT>"}}} | 1 | 6
@<USER_TWO>:potatoenergy.ru | 1 | m.megolm_backup.v1.curve25519-aes-sha2 | {"public_key":"<EDIT>","signatures":{"@<USER_TWO>:potatoenergy.ru":{"ed25519:JGJLOTMEKY":"<EDIT>","ed25519:Yz8bti9B/unDrHbjUbwn31NIHyUhJGO/qPziWRqhMlw":"<EDIT>"}}} | 0 | 3
@<USER_ONE>:potatoenergy.ru | 1 | m.megolm_backup.v1.curve25519-aes-sha2 | {"public_key":"<EDIT>","signatures":{"@<USER_ONE>:potatoenergy.ru":{"ed25519:KDETVOBTKA":"<EDIT>"}}} | 1 | 6
(4 rows)
2024-11-13 09:26:43,595 - synapse.http.server - 130 - INFO - GET-213 - <XForwardedForRequest at 0xffff913f7050 method='GET' uri='/_matrix/client/v3/room_keys/version' clientproto='HTTP/1.1' site='8008'> SynapseError: 404 - No backup found
2024-11-13 09:26:43,599 - synapse.access.http.8008 - 473 - INFO - GET-213 - <EDIT> - 8008 - {@ponfertato:potatoenergy.ru} Processed request: 0.013sec/0.002sec (0.001sec, 0.002sec) (0.001sec/0.004sec/1) 67B 404 "GET /_matrix/client/v3/room_keys/version HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0" [0 dbevts]
2024-11-13 09:26:43,764 - synapse.storage.SQL - 468 - DEBUG - GET-214 - [SQL] {get_e2e_room_keys_version_info-2b5} SELECT MAX(version) FROM e2e_room_keys_versions WHERE user_id=? AND deleted=0
2024-11-13 09:26:43,769 - synapse.storage.SQL - 468 - DEBUG - prune_old_user_ips-68 - [SQL] {_prune_old_user_ips-2b6} DELETE FROM user_ips WHERE last_seen IN ( SELECT last_seen FROM user_ips WHERE last_seen <= ? ORDER BY last_seen ASC LIMIT 5000 )
2024-11-13 09:26:43,775 - synapse.storage.SQL - 473 - DEBUG - GET-214 - [SQL values] {get_e2e_room_keys_version_info-2b5} ('@ponfertato:potatoenergy.ru',)
2024-11-13 09:26:43,776 - synapse.storage.SQL - 473 - DEBUG - prune_old_user_ips-68 - [SQL values] {_prune_old_user_ips-2b6} (1729070803759,)
2024-11-13 09:26:43,787 - synapse.storage.SQL - 494 - DEBUG - prune_old_user_ips-68 - [SQL time] {_prune_old_user_ips-2b6} 0.007188 sec
2024-11-13 09:26:43,799 - synapse.storage.SQL - 494 - DEBUG - GET-214 - [SQL time] {get_e2e_room_keys_version_info-2b5} 0.022402 sec
After looking at the tables, I did not find that it writes new users there at one point (apparently when configuring the configuration on a live server) I broke something, which is why indexing stopped working.
It seems like what I changed (and it was a test to disable the built-in login system, all sorts of encryption settings in the rooms, a test to connect workers to differentiate tasks) should not have affected this in any way, however, I'm not sure what can be done about it except to recreate the database. But I would not like to lose the rooms that have already been created.
In general, I went to desperate measures and decided to clean these tables with the following commands:
TRUNCATE TABLE e2e_room_keys_versions;
TRUNCATE TABLE e2e_room_keys;
Then on startup Synapse asked to correct some stream_ positions, I cleaned them up with the following commands:
DELETE FROM stream_positions WHERE stream_name = 'receipts';
DELETE FROM stream_positions WHERE stream_name = 'events';
DELETE FROM stream_positions WHERE stream_name = 'to_device';
DELETE FROM stream_positions WHERE stream_name = 'account_data';
DELETE FROM stream_positions WHERE stream_name = 'presence_stream';
After which the server started up and... As soon as I added the resource again:
...
listeners:
- bind_addresses: ['0.0.0.0'] # I've changed the configuration a little bit here
port: 8008
resources: # and here
- compress: false
names: [openid, keys]
- compress: true
names: [client, federation]
tls: false
type: http
x_forwarded: true
...
Deleting accounts via OIDC finally worked (using a token, but only from the web version for some reason), but the keys are still not written (I logged out of all my sessions, logged in again from Element Desktop, but when I tried to reset the keys, the situation repeated itself) I'm not sure what else the problem could be related to.....
Description
Good afternoon, I encountered a problem when it is impossible to reserve keys between client and server, and the ability to create a backup copy of encryption keys does not work, but the ability to export and transfer them between devices works. Probably something is broken in my configuration, but I can't figure out what it is.... Having tried different third-party clients (ShildiChat, Cinny, Element Web Dev) the error is the same, but nothing abnormal is found in the logs (p.s. exactly the address /_matrix/client/v3/room_keys/version works, but, for some reason, when trying to access it gives error 404). Probably the problem with the OIDC authorization system is also because of this, because after the problem with keys it stopped allowing to manually reset sessions. I have attached the Synapse server log, no anomalies were encountered in the database logs.
It also constantly swears at the GET method /_matrix/client/unstable/org.matrix.msc2965/auth_issuer, but probably these problems are somehow interrelated...
Steps to reproduce
Homeserver
https://potatoenergy.ru
Synapse Version
{"server_version":"1.118.0"}
Installation Method
Other (Docker Compose)
Database
PostgreSQL (single, not ported, not restored)
Workers
Single process
Platform
distro: Armbian Bookworm (aarch64) hardware: Rockchip RK3566 OPi 3B (ARM Cortex-A55) container (docker): ghcr.io/element-hq/synapse:latest (sha256:713a1525d4d35892a9ebd82f0ffdbf9c82bfcd01add13b4cdc3d2fcac474d564)
Configuration
Synapse Config:
Self-hosted Element Web Config:
Traefik Config:
Relevant log output
Anything else that would be useful to know?
Screenshots