Bridge 401 responses; no Matrix room creation, no webhook on Discord. Manual curl partially works. (Conduit homeserver)

[schrmh]

Hi, I'm running this bridge with a Conduit home server + Caddy webserver. This is a bit different than the Synapse setup described in the README but maybe you can still help a bit and there might still be a real issue with the bridge software. (I asked in the Conduit support room before: #conduit:fachschaften.org but only got "Probably one of the tokens is wrong or your user doesn't have permission" as a response that did not help me much so far. If there is more that helps somehow I will mention it here).

tl;dr before that following block of text: Personally I kinda only need to know how to create a webhook the bot accepts via curl or so to get mirroring from Matrix to Discord working since I got the other way around via manual curl requests as you will find out:

After successfully registering the app service (https://gitlab.com/famedly/conduit/-/blob/next/APPSERVICES.md) and giving the bot full permissions (even more than required in later tests) and running the bridge, the bot does appears online on Discord.

But it neither joins Matrix rooms on invite nor does it create rooms when I click on a correctly formatted link (I know they are, had some experiences with this bridge before but on Synapse).

This is from the stderr stream of the Conduit homeserver I'm running:

2023-10-09T02:31:19.094649Z  WARN conduit::api::appservice_server: Appservice returned bad response http://localhost:9005 401 Unauthorized
http://localhost:9005/_matrix/app/v1/rooms/%23%5Fdiscord%5F1160741401957507144%5F1160765904695599215%3Ahitomgppjwsd6cac%2Emyfritz%2Enet?access_token=bad8c3e2-7b67-4fc0-943c-009d8d99477d
Ok("{\"errcode\":\"AUTH_FAILED\",\"error\":\"Authentication failed\"}")
2023-10-09T02:31:19.094769Z  WARN conduit::api::appservice_server: Appservice returned invalid response bytes http://localhost:9005
http://localhost:9005/_matrix/app/v1/rooms/%23%5Fdiscord%5F1160741401957507144%5F1160765904695599215%3Ahitomgppjwsd6cac%2Emyfritz%2Enet?access_token=bad8c3e2-7b67-4fc0-943c-009d8d99477d
2023-10-09T02:31:19.094900Z  WARN conduit::utils::error: 404 Not Found: M_NOT_FOUND: Room with alias not found.

This from the botlog of matrix-appservice-discord:

Oct-9 04:31:19.118 [bot-sdkAppservice] info: [
  '127.0.0.1 - - [09/Oct/2023:02:31:19 +0000] "GET /_matrix/app/v1/rooms/%23%5Fdiscord%5F1160741401957507144%5F1160765904695599215%3Ahitomgppjwsd6cac%2Emyfritz%2Enet?access_token=%3Credacted%3E HTTP/1.1" 401 57 "-" "-"\n'
]

The interesting thing is that the request goes trough if I use curl manually on the server. Then it bridges the Discord room to Matrix and Discord messages appear on Matrix (but I still get some 401'ed requests for it, e.g. after restarting the bridge. However those doesn't seem to affect the mirroring from Discord to Matrix). What I don't get it mirroring from Matrix to Discord, it also doesn't create a _matrix webhook there nor does it take over a _matrix webhook I create manually via the Discord UI (at least the README on this project indicates this should be possible which I kinda doubt it is however). Maybe there is a way to create that via sending a request to :9005 however?

By the way, I also tried using a commit prior than v4 but that did not work either.

Regarding config files I basically went with minimal changes in config.yaml and conduit.toml, however I did not specify a port on

So well, since I kept my configs close to the provided ones of matrix-appservice-bridge and Conduit with only changed what is necessary according to documentation of those two projects (I also tried with more changed), I will only attach my webserver config for now since that does differ from Conduit doc (they use a Caddyfile and Caddy on Gentoo doesn't even run without that JSON file existing): /etc/caddy/caddy_config.json

{
        "apps": {
                "http": {
                        "servers": {
                                "myserver": {
                                        "listen": [":443",":8448"],
                                        "routes": [{
                                                        "match": [{
                                "host": ["hitomgppjwsd6cac.myfritz.net"],
                                "path": ["/_matrix/*"]
                                }],
                                                        "handle": [{
                                                                "handler": "reverse_proxy",
                                                                "upstreams": [{
                                                                        "dial": "127.0.0.1:6167"
                                                                }]
                                                        }]
                        }]
                                }
                        }
                }
        }
}

[schrmh]

So I just set up the same stuff on my desktop installation of Arch with the difference that I used a Caddyfile there and that node 18 and not 20 is used and that my homeserver address somehow needs :8448 there else I can't login. With that setup it works there first try. Then I stopped the Caddy service and started Caddy again with the JSON config via sudo caddy run --config /etc/caddy/caddy_config.json. The interesting thing is that it still works except for Discord → Matrix. So my next investigations will be back on Gentoo (will likely downgrade node next)

[schrmh]

caddy run --config /etc/caddy/Caddyfile works on Gentoo after caddy fmt --overwrite /etc/caddy/Caddyfile and mkdir /run/caddy/ (it does complain about those things...). However I also tried to start fresh with Conduit there and I'm back at the beginning since it still is 401ed...

[schrmh]

I switched to apache2 and I still get the 401...

(btw. hints on what is needed to even be able to reach Conduit via apache2:

• /etc/apache2/sites-enabled/050-conduit.conf won't work, put it in /etc/apache2/vhosts.d/050-conduit.conf. I also moved out the default stuff from that dir but don't think this is necessary.
• _apache2_modules_proxy apache2_modules_proxyhttp in USE within /etc/portage/make.conf
• when testing with curl, I got "curl: (35) OpenSSL/3.1.3: error:0A00010B:SSL routines::wrong version number" but was able to fix that be re-running certbot -d with the domain and selecting the first option since I already had a certificate cause I tried apache earlier before I went to use Caddy for the Matrix home server... iirc I had to run it initially without -d to even get the cerificate despite it nowhere being mentioned like that)

[schrmh]

Yeah well... I switched to the development binary of conduit for ARMv8 and I can join the rooms now; the 401 is gone. For some reason only Matrix → Discord is working and I get messages like "'M_FORBIDDEN: You are not in this room.'" but yeah...

This issue gave me the idea to switch the binary... Weird thing is that my Conduit binary was from October and should have not been affected but ¯\_(ツ)_/¯: https://gitlab.com/famedly/conduit/-/issues/358