aaronraimist
commented
3 years ago Can you share your vars.yml file? Make sure to redact the secret keys.
Open ragregory42 opened 3 years ago
aaronraimist
commented
3 years ago Can you share your vars.yml file? Make sure to redact the secret keys.
ragregory42
commented
3 years ago Here is a redacted version of the vars.yml file I am using.
# The bare domain name which represents your Matrix identity.
# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
#
# Note: this playbook does not touch the server referenced here.
# Installation happens on another server ("matrix.<matrix-domain>").
#
# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
# because you can't change the Domain after deployment.
#
# Example value: example.com
matrix_domain: domain.com
# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.
#
# In case SSL renewal fails at some point, you'll also get an email notification there.
#
# If you decide to use another method for managing SSL certifites (different than the default Let's Encrypt),
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
#
# Example value: someone@example.com
matrix_ssl_lets_encrypt_support_email: 'admin@domain.com'
# A shared secret (between Coturn and Synapse) used for authentication.
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
matrix_coturn_turn_static_auth_secret: '*******'
# A secret used to protect access keys issued by the server.
# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
matrix_synapse_macaroon_secret_key: '*******'
# A Postgres password to use for the superuser Postgres user (called `matrix` by default).
#
# The playbook creates additional Postgres users and databases (one for each enabled service)
# using this superuser account.
matrix_postgres_connection_password: '*******'
matrix_nginx_proxy_enbaled: false
matrix_ssl_retrieval_method: none
matrix_nginx_proxy_base_domain_serving_enabled: false
matrix_synapse_admin_enabled: true
matrix_registration_enabled: true
matrix_registration_admin_secret: '*******'
matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: true
matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers:
- example.com
- another.com
matrix_client_element_themes_enabled: true
matrix_client_element_default_theme: 'dark'
matrix_mautrix_hangouts_enabled: true
matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: '*******'
matrix_mautrix_signal_enabled: true
matrix_appservice_discord_enabled: true
matrix_appservice_discord_client_id: *******
matrix_appservice_discord_bot_token: *******.*******.*******
matrix_synapse_database_host: xxx.xxx.xxx.xxx
matrix_synapse_database_user: matrix
matrix_synapse_database_password: *******
matrix_synapse_database_database: matrix_synapse
spantaleev
commented
3 years ago What's your reverse proxy setup like?
matrix-appservice-discord should be trying to hit https://matrix.DOMAIN. It seems like it fails for some reason.
What's your /etc/hosts file like? Any chance you're hardcoding matrix.DOMAIN inside?
ragregory42
commented
3 years ago I have not hardcoded matrix.DOMAIN to anything in the /etc/hosts file. It is just default from install. My proxy-conf file for the SWAG container I'm using is below.
server {
#For the client port
listen 443 ssl http2;
listen [::]:443 ssl http2;
# For the federation port
listen 8448 ssl http2 default_server;
listen [::]:8448 ssl http2 default_server;
server_name matrix.*;
include /config/nginx/ssl.conf;
include /matrix/nginx-proxy/conf.d/*.conf;
client_max_body_size 50M;
location ~* ^(\/_matrix|\/_synapse\/client) {
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
proxy_pass http://xxx.xxx.xxx.xxx:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
}
}In addition here is the output from the failure notification in the startup.
failed: [matrix.domain.com] (item=matrix-appservice-discord.service) => changed=false
ansible_loop_var: item
item: matrix-appservice-discord.service
msg: matrix-appservice-discord.service was not detected to be running. It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.). Try running `systemctl status matrix-appservice-discord.service` and `journalctl -fu matrix-appservice-discord.service` on the server to investigate.
skipping: [matrix.domain.com] => (item=matrix-mautrix-hangouts.service)
skipping: [matrix.domain.com] => (item=matrix-mautrix-signal.service)
skipping: [matrix.domain.com] => (item=matrix-mautrix-signal-daemon.service)
skipping: [matrix.domain.com] => (item=matrix-synapse.service)
skipping: [matrix.domain.com] => (item=matrix-synapse-admin.service)
skipping: [matrix.domain.com] => (item=matrix-registration.service)
skipping: [matrix.domain.com] => (item=matrix-client-element.service)
skipping: [matrix.domain.com] => (item=matrix-ma1sd.service)
failed: [matrix.domain.com] (item=matrix-nginx-proxy.service) => changed=false
ansible_loop_var: item
item: matrix-nginx-proxy.service
msg: matrix-nginx-proxy.service was not detected to be running. It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.). Try running `systemctl status matrix-nginx-proxy.service` and `journalctl -fu matrix-nginx-proxy.service` on the server to investigate.
skipping: [matrix.domain.com] => (item=matrix-coturn.service) @ragregory42 the reason nginx is still trying to start is because you made a typo in the variable. You wrote matrix_nginx_proxy_enbaled but it should be matrix_nginx_proxy_enabled.
aaronraimist
commented
3 years ago As far as the unable other part of the issue I don't think you have your nginx configured correctly. I don't think those include lines go inside server. They should go inside http in your main nginx.conf file. See https://www.nginx.com/resources/wiki/start/topics/examples/full/. Then you should remove that whole server block. The config files you import will take care of all of that, you shouldn't need to write any custom config for the Matrix services. https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-own-webserver.md#method-1-disabling-the-integrated-nginx-reverse-proxy-webserver
ragregory42
commented
3 years ago @ragregory42 the reason it is still trying to start is because you made a typo in the variable. You wrote
matrix_nginx_proxy_enbaledbut it should bematrix_nginx_proxy_enabled.
I have looked for typos so many times. Such is life. I appreciate it. My apologies for time wasting.
I am running this playbook on a debian 10.9 vm with an external postgresql server and external nginx proxy (I have the matrix-nginx-proxy service disbaled but it also attempts to start and fails if that is relevant). I'm not really sure how to track down the issue here. I have tried changing the quotes format for the bot_id and token in the vars.yaml file to no avail. I would appreciate any assistance.
My output for "journalctl -fu matrix-appservice-discord.service" is below.