1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00
Matrix server (synapse) package for YunoHost
Find a file
2017-02-18 22:40:22 +01:00
conf Clean common script and update turnserver config 2017-02-16 22:54:57 +01:00
scripts Solve error with custom certificat 2017-02-18 22:40:22 +01:00
.gitignore First commit 2017-02-13 20:43:41 +01:00
check_process Solve error with custom certificat 2017-02-18 22:40:22 +01:00
LICENSE First commit 2017-02-13 20:43:41 +01:00
manifest.json First commit 2017-02-13 20:43:41 +01:00
README.md First commit 2017-02-13 20:43:41 +01:00

Synapse for YunoHost

For ARM arch (or slow arch)

If you don't have a dh.pem file in /etc/yunohost/certs/YOUR DOMAIN/dh.pem you should built it befor to install the app because it could take a long time. You could built it by this cmd : sudo openssl dhparam -out /etc/yunohost/certs/YOUR DOMAIN/dh.pem 2048 > /dev/null After that you can install it without problem.

Package update package

sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh

Web client

If you want a web client you can also install riot with this package : https://github.com/YunoHost-Apps/riot_ynh . But

Access by federation

To be accessible by the federation you need to put this following line in the dns configuration :

_matrix._tcp.<yourdomain.com> <ttl> IN SRV 10 0 <port> <synapse.server.name>

for example

_matrix._tcp.example.com. 3600    IN      SRV     10 0 8448 synapse.example.com.

About debian package

It's important to know that this package use the debian backport repos. So this app will enable the debian backport repos it will install some package from this repos. If you remove this app you could keep some package form backport on your server.

Important Security Note

We do not recommend running Riot from the same domain name as your Matrix homeserver (synapse). The reason is the risk of XSS (cross-site-scripting) vulnerabilities that could occur if someone caused Riot to load and render malicious user generated content from a Matrix API which then had trusted access to Riot (or other apps) due to sharing the same domain.

We have put some coarse mitigations into place to try to protect against this situation, but it's still not good practice to do it in the first place. See https://github.com/vector-im/riot-web/issues/1977 for more details.

To do

  • Doc (issue about domain)
  • Test arm
  • Riot doc
  • Test production