[07:00:10]
<Martin> Hey,
after updating synapse to 1.107 it "take over" the Main domain.
It i open mydomain.de it shows only
> This is where Synapse is installed.
Normal ynh-interface is mydomain.de/yunohost
Is this necessary? I want my yunohost-site back in the Main-domain.
[07:12:01]
<Martin> I See the Paragraph
"Changing the server URL"
But it looks 'hacky'.
[07:17:26]
<Martin> I See... that Synapse require to be alone on the domain...
https://github.com/YunoHost-Apps/synapse_ynh/issues/443
[07:18:00]
<M1k3> Alors, je ne cherche pas vraiment à faire quelque chose, je suis curieux sur le principe de réseau VPN mesh "qu'offre" Headscale, mais du coupe comme c'est un réseau VPN, j'essaie de comprendre la différence avec Wireguard. 😉
[07:18:01]
<tufek> https://yunohost.org/en/domains#the-main-domain
[07:18:13]
<tufek> yes, you need to create an independant subdomain or another one specially for synapse
[07:25:57]
<Err404> it is good to avoid xss attack
[07:45:03]
<Martin> Does anyone have experience with it? Does it work well and stably?
[08:14:57]
<ChriChri[m]> > <@martin:englersch.de> Does anyone have experience with it? Does it work well and stably?
Nope. But: synapse is federated and other hosts will know it to be on a certain domain with the keys it uses. I'd expect that you can't just change the domain and the rest of the network would start accepting the same keys for a different domain.
NO KNOWLEDGE on my site - just interpolating from experience with ActivityPub...
[08:21:17]
<Martin> > <@chrichri:librem.one> Nope. But: synapse is federated and other hosts will know it to be on a certain domain with the keys it uses. I'd expect that you can't just change the domain and the rest of the network would start accepting the same keys for a different domain.
> NO KNOWLEDGE on my site - just interpolating from experience with ActivityPub...
Yes. Tjey know about the issue:
> This will break the connection from all previous connected clients. So all client connected before this change won't be able to communicate with the server until users will do a logout and login (which can also be problematic for e2e keys). There are a workaround which are described below.
And have a workaround for it:
Avoid the need to reconnect all client after change-url operation
If you did change the url of synapse and you don't wan't to reconnect all client, this workaround should solve the issue.
The idea is to setup again a minimal configuration on the previous domain so the client configurated with the previous domain will still work correctly.
Nginx config
Retrive the server port with this command:
yunohost app setting synapse port_synapse
Edit the file /etc/nginx/conf.d/<previous-domain.tld>.d/synapse.conf and add this text:
location /_matrix/ { proxy_pass http://localhost:<;server_port_retrived_before>; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; client_max_body_size 200M; }
Then reload nginx config:
systemctl reload nginx.service
Add permanent rule on SSOWAT
Edit the file /etc/ssowat/conf.json.persistent
Add "<previous-domain.tld>/_matrix" into the list in: permissions > custom_skipped > uris
Now the configured client before the change-url should work again.
[08:34:02]
<thatoo> Hello,
Is it possible to make sso session remaining valid after reboot?
I explain : everynight, a ynh VM shutdown to be backuped by Proxmox and the restart.
It works very well except everybody needs to login everyday which annoy most of users.
[09:11:26]
<Aleks (he/him/il/lui)> session may become more persistent on bookworm because we reworked the login api / cookie mecanism
[09:58:57]
<jack_hello> Hey
[10:04:16]
<Err404> > <@thatoo:defis.info> Hello,
> Is it possible to make sso session remaining valid after reboot?
> I explain : everynight, a ynh VM shutdown to be backuped by Proxmox and the restart.
> It works very well except everybody needs to login everyday which annoy most of users.
proxmox can make backup without shutdown
[10:06:58]
<thatoo> I know. Thank you for telling it but backup of running VM are not as reliable as backup of switched off VM (so as I can choose to switch off during night, I'd rather od it).
[10:08:47]
<thatoo> Thank you Aleks (he/him/il/lui) . I'm hopefull!
By the way, thank you for your help yesterday on packaging. You gave me the solution. Indeed, the first `ynh_script_progression` wathe inside a `pushd`.
[13:47:01]
<tituspijean> > <@Alekswag:matrix.org> session may become more persistent on bookworm because we reworked the login api / cookie mecanism
I can confirm, just tried reloading/restart the NGINX service and even restarting my YunoHost 12 server, and the session is kept.
[13:57:13]
<selfhoster1312> 👍️