Wellknow for sliding sync / syncv3

[genofire]

Description:

Helper or so is here: https://github.com/matrix-org/sliding-sync Needed to use the Element-X Clients ...

[genofire]

has somebody setup it together with it?

https://github.com/matrix-org/sliding-sync/blob/main/docs/Landing.md

---

any idea how to configure .well-known

[nisbet-hubbard]

The only thing that’s assumed on the page you linked to is you need to first create a corresponding entry at your DNS provider for slidingsync.proxy.url.here (which can just be another subdomain under your root domain). Otherwise, just create the file /.well-known/matrix/client and paste in the json code.

[genofire]

@nisbet-hubbard i am not able to create any file -> container environments and the well-know is set by dendrite it-self:

config: https://github.com/matrix-org/dendrite/blob/fa6c7ba45671c8fbf13cb7ba456355a04941b535/dendrite-sample.yaml#L73

code: https://github.com/matrix-org/dendrite/blob/fa6c7ba45671c8fbf13cb7ba456355a04941b535/clientapi/routing/routing.go#L97-L115

[nisbet-hubbard]

Ah, containers! Since the Dendrite team is currently focussed on improving the standalone proxy for sliding sync, I suppose the quickest solution is for you to patch the code you linked to and get it merged.

Along these lines: https://gitlab.com/famedly/conduit/-/blob/next/src/api/client_server/unversioned.rs?ref_type=heads#L47

[genofire]

@nisbet-hubbard yes i see - maybe i write an small helmchart and test conduit with Element X ;)

[troed]

This thread comes up when searching for sliding-sync support in Dendrite. I'd just like to chime in that while a change in Dendrite might be needed for the client URL when Dendrite is the exposed server, for those (like me) who run behind a reverse proxy there's no change needed. Just add the suggested JSON to the web server config and run the sliding-sync Docker container in your Docker setup (as an example).

I'm logged in to my Dendrite server with Element X now and from a superficial look it seems to work. I have a few of these regularly in the sliding-sync container log though, and I'll edit this post if I find any blocking issues.

12:16:39 WRN Poller: sync v2 poll returned temporary error error="DoSyncV2: request failed: Get \"https://matrix.domain/_matrix/client/r0/sync?timeout=30000&since=s414631_528_122586_87620_375669_414630_24579_153255_0&set_presence=offline&filter=%7B%22room%22%3A%7B%22timeline%22%3A%7B%22limit%22%3A50%7D%7D%7D\": unexpected EOF" code=0 device_id=t5zUbHo3 user_id=@troed:matrix.domain

(I posted another message about not getting it to work here before, but that was due to a misunderstanding. If others make the same mistake; SYNCV3_SERVER is not supposed to point to your sync server but the regular Matrix server URL)

[garret]

May I ask for a tutorial on how to get sliding sync to work with dendrite?

I have a dendrite server and sliding sync proxy running both via docker on a raspberry pi 4. However, I only miss the part about to have the proper .well-known. Both services have their own A record (like matrix.mydomain.com and slidingsync.mydomain.com) and I am using traefik as reverse proxy.

However, when I open https://matrix.mydomain.com/.well-known/matrix/client it returns:

{"m.homeserver":{"base\_url":"[https://matrix.mydomain.com"}}]()

While the sliding sync documentation says I should have something like:

{
    "m.homeserver": {
        "base_url": "https://example.com"
    },
    "org.matrix.msc3575.proxy": {
        "url": "https://syncv3.example.com"
    }
}

I guess I should add some labels to the dendrite traefik label section (some middlewares?). At the moment it looks like this:

    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.dendrite-http.entrypoints=http"
      - "traefik.http.routers.dendrite-http.rule=Host(`${MATRIX_HOST}`)"
      - "traefik.http.routers.dendrite-http.middlewares=dendrite-https"
      - "traefik.http.middlewares.dendrite-https.redirectscheme.scheme=https"
      - "traefik.http.routers.dendrite-https.entrypoints=https"
      - "traefik.http.routers.dendrite-https.rule=Host(`${MATRIX_HOST}`)"
      - "traefik.http.routers.dendrite-https.tls.certresolver=ssl"

[gopricy]

is this working now with v0.13.3?

[renehonig]

is this working now with v0.13.3?

I have recently installed it and it runs without any problems so far (Dendrite v0.13.3/Docker/traefik).

[tomasz-c]

Is this option enabled on the dendrite.matrix.org instance? The Element X client that requires it reports that it is not available.

[leafee98]

To enable slide-sync, the org.matrix.msc3575.proxy field from well-known response is required.

For dendrite.matrix.org, its response is:

$ curl https://dendrite.matrix.org/.well-known/matrix/client
{"m.homeserver":{"base_url":"https://dendrite.matrix.org:443"}}%

so it doesn't support slide-sync for now.

While the response of matrix.org which already deployed slide-sync:

$ curl https://matrix.org/.well-known/matrix/client
{
    "m.homeserver": {
        "base_url": "https://matrix-client.matrix.org"
    },
    "m.identity_server": {
        "base_url": "https://vector.im"
    },
    "org.matrix.msc3575.proxy": {
        "url": "https://slidingsync.lab.matrix.org"
    }
}

[mike-pisman]

Could some eli5 what needs to be done? The documentation is lacking in this aspect. What should I put into the fields well_known_client_name and well_known_sliding_sync_proxy? Do I still need to run sliding-sync? If so, does anyone have a manifest for deploying sliding sync to kubernetes? Would greatly appreciate it.

[genofire]

Yes it is still needed, it just the well-known which could be set. So i split to #3236 and rename the issues.

If you like to improve the Docu, so i keep this issue open.

[mike-pisman]

Ok, I figured it out, was not hard at all and it fixed issue with android version of element client not connecting. @genofire, thanks for clarifying.

I'm going to add my manifests , in case it will help someone. I use matrix namespace.

secret

1. Generate a long string for `SYNCV3_SECRET` 2. Create kubernetes secret ```bash kubectl create secret generic syncv3-secret \ --from-literal=secret='' \ --namespace=matrix ```

deployment.yaml

Follow the [Readme.md](https://github.com/matrix-org/sliding-sync#readme) for the instructions regarding variables ```yaml apiVersion: apps/v1 kind: Deployment metadata: name: sliding-sync-deployment namespace: matrix labels: app: sliding-sync spec: replicas: 1 selector: matchLabels: app: sliding-sync template: metadata: labels: app: sliding-sync spec: containers: - name: sliding-sync image: ghcr.io/matrix-org/sliding-sync:latest ports: - containerPort: 8008 env: - name: SYNCV3_SERVER value: "" - name: SYNCV3_SECRET valueFrom: secretKeyRef: name: syncv3-secret key: secret - name: SYNCV3_DB value: "user=$(whoami) dbname=syncv3 sslmode=disable host=host.docker.internal password='DATABASE_PASSWORD_HERE'" ```

service.yaml

```yaml apiVersion: v1 kind: Service metadata: name: sliding-sync-service namespace: matrix spec: selector: app: sliding-sync ports: - protocol: TCP port: 8008 targetPort: 8009 type: LoadBalancer ```

Dendrite Helm chart values

```yaml dendrite_config: global: server_name: "" well_known_server_name: ":443" well_known_client_name: ":443" well_known_sliding_sync_proxy: ":8009" ...

*Optional* Firewall setup

Not sure if this is needed, but I set up my firewall to forward the http requests on port 8008 to the SYNCv3 server. I use HA Proxy with OPNsense. Basically, I created a public service, which listens on `0.0.0.0:8008` and forwards the request to Load Balancer IP of the `sliding-sync-service`.

[mike-pisman]

Checking out the element-x, and getting errors on IOS and Android client.

The .well-known/matrix/client returns the correct address of sliding sync

{
    "m.homeserver": {
        "base_url":"matrix.myurl.cc:443"
    },
    "org.matrix.msc3575.proxy": {
        "url":"matrix.myurl.cc:8009"
    }
}

My HAProxy forwards any TCP connection on port 8009 to the sliding-sync server.

if I try to send a GET to matrix.myurl.cc:8009 I can see that it registered the requests:

Sync v3 [0.99.11] (a86e01a)
Debug=false LogLevel= MaxConns=0
2023/11/04 06:38:40 goose: no migrations to run. current version: 20230913120537
06:38:40 INF creating handler
06:38:40 INF retrieved global snapshot from database
06:38:40 INF listening on 0.0.0.0:8008
06:38:40 INF StartV2Pollers num_devices=0 num_fail_decrypt=0
06:38:40 INF StartV2Pollers finished
06:38:55 INF c= duration=0.000 path=/ size=19 status=404
06:39:28 INF c= duration=0.000 path=/ size=19 status=404

However, on the element-x-ios client, when I try to login with credentials I get an error:

element x the selected homeserver doesn't support password or OIDC login

On element-x-android I get a different error:

We couldn't reach this homeserver. Please check that you have entered the homeserver URL correctly.

I think it's still the configuration error on my part. Has anyone encountered this issue or knows how to troubleshoot sliding-sync?

Update

I have resolved the issue. It is important to specify protocol in dendrite well_known settings, so that response from .well-known/matrix/client returns address with http/https prefix:

{
    "m.homeserver": {
        "base_url":"https://matrix.myurl.cc:443"
    },
    "org.matrix.msc3575.proxy": {
        "url":"https://matrix.myurl.cc:8009"
    }
}