What’s confusing here? Break down the steps and parts of the command
Wtf do they mean by shared secret for example?
In this example it is a config value that the software expects to be present, I’m guessing based on the screenshot it is to be added to the homeserver.yaml
this meme got so much funnier after I realized it was synapse/matrix
It’s not their job to teach you how to use docker.
That’s the kind of arrogant attidude that makes many docs of open-source projects so shitty. If you think that preliminary knowledge about something is required then at least share a link to a source where you can learn it. Docs that require you to puzzle the missing pieces together on your own are shitty docs. A good documentation is a documentation that everyone understands, regardless of their level of knowledge.
No - you’re not installing an app from the App Store. You’re running services now. There needs to be some minimum assumed knowledge about what that entails. And if you don’t have that knowledge you should expect to seek it out separately.
And if you’re too lazy or think “gee that’s difficult” then guess what? Self-hosting’s not for you. No shame - go pay for a service instead.
Step one: use Dendrite instead.
Step two: come back and help me set up my Dendrite instance, it’s definitely not easier.Step one: email must be much easier, I’ll just make an email server instead.
Step two: screw this, I’m writing letters and posting them.
Isn’t running your own SMTP server effectively impossible nowadays?
Running a server is very doable. There are packages to deploy and configure almost everything for you and removing a ton of headache.
Getting your email recognized as not spam by the major providers is pretty much impossible. You need all sorts of stuff to help verify integrity including special DNS records and public identity keys, but even if you do everything right, your mail can very easily get black holed before it even reaches a user’s inbox because of stupid shit like someone abused your rented server’s IP years ago, and you can’t seem to get it off everyone’s lists.
Email as a decentralized tool has effectively been ruined by spam and anti-spam measures. You’re effectively forced to use a provider because it’s near impossible to make your outgoing mail work as an individual. I think some of those anti-spam measures are anticompetitive, but I do think some are just desperate attempts to reduce the massive flow of spam.
It’s not impossible, many people I know and myself successfully self host their email. Yes it’s not trivial, and yes the ip reputation can be annoying to deal with (but it’s possible to cycle to another server to get another ip), but apart from that, if following the best practices (SPF, DKIM, DMARC, proper setup of the mailserver) once it’s set up it can run for years without issue.
To set things straight, I’m not saying that it is easy, but it’s also not impossible, and only giving up will further contribute to centralized email provider monoculture.
Not for everyone, but for those who can, I feel they should.
(It’s painful, please help 🥲)
Yes, cause you’re using way too much Docker. lol
This is the second thing I’m running on docker
It took a little time to get the hang of it, but stick with it and it will get so much easier and it’ll make self-hosting anything you want less of a pain in the future.
Yep, too much docker. 😂
you lost me at “docker”. The only people using docker are morons and those that trust software by morons.
Hey! That’s “Mr Moron” to you.
I have no mistress, and I know no misters.
What’s bad about Docker? It’s secure and easy to setup.
Your hate comment lacks vital information just like the docs shared by OP.
While security has nothing to do with my disgust for docker and people advocating its use, docker adds a layer of complexity, which means it is not necessarily more secure.
What is extremely bad about docker:
- it enables extremely shitty configuration control on the side of a developer. There are way too many developers who have a chaotic approach to configurations, and instead of being forced to write a proper installation and configuration guide from scratch, and thereby making themselves(!) aware of active configuration changes they made to make their system work, they just roll out the docker container they develop in, without remembering most of the configurations they made. Which, naturally, means that they are unable to assist in troubleshooting problems or reproduce issues that users might have.
In general, if you can’t write a good user manual, or at least clearly identify needed dependencies and configurations, you should not be developing software for other people.
-
it combines the disadvantages of a VM (shitty performance) and running directly on the host OS (sandboxing is not nearly as good as on a VM)
-
it creates insane bloat, by completely bypassing the concept of shared libraries and making people download copies of software they already have on their system
-
it adds a lot of security risks because the user would have to not only review the source code they are compiling and installing, but also would have to scan all the dependencies and what-not, and would basically have to trust the developer and/or anyone distributing an image that they did not add any malware.
Am I the only one in this thread that took this as it’s asking for a clear text credential which is a terrible idea?
A temporary one that you’re expected to remove as soon as you’ve created the admin user(s) you need, but yes. It should only be there during initial setup and ideally removed before the server is ever exposed to the internet.
The “if you no longer need it” part doesn’t really suggest that you are expected to do it as part of normal operation.
Yes because having a user remember to do something is a great line of defense, better than encrypting it from the get go. It should just be encrypted in the file.
I think that’s the way both Splunk and JFrog work – you generate or enter a password into the key field in a YAML file somewhere, start the service, and next time you come back the field’s been encrypted.
The step tells you to remove it after at least
I have to set literally everything up again on a new microSD for my Pi because the apt-get repositories no longer support the Raspbian version I’m on. I’m not mad; good for security to update, but I don’t have half a day free anytime soon for it.
I haven’t done any programming in over 20 years, but I think I can make a contribution to projects by trying to improve documentation, once I start using some projects
Setting up synapse is particularly painful.
Matrix and its implementations like Synapse have a very intimidating architecture (I’d go as far as to call most of the implementations somewhat overengineered) and the documentation ranges from inconsistent to horrific. I ran into this particular situation myself, Fortunately this particular step you’re overthinking it. You can use any random string you want. It doesn’t even have to be random, just as long as what you put in the config file matches. It’s basically just a temporary admin password.
Matrix was by far the worst thing I’ve ever tried to self-host. It’s a hot mess. Good luck, I think you’re close to the finish line.
funnily there’s an… ansible i think? project that makes selfhosting synapse easy as fuck, you basically just go “ansible deploy synapse” or whatever the syntax is and it does almost everything for you.
My favorite thing is purging remote cached media.
You need a timestamp, which is fine.
You just need to figure out how many miliseconds since the unix epoch the media you want to purge was uploaded, and then offset the time to only purge that old or older.
Easy!
So, you need a unix time value followed by 000?
That first part you can calculate with
date +%s -d '2024-07-02 12:00'.I ended up doing basically that.
Current time in ms, minus 2629800000 (a month) = timestamp to use to prune from.
Matrix seemed interesting right until I got to self hosting it. Then, getting to know it from up close, and the absolute trainwreck that the protocol is, made me love XMPP. Matrix has no excuse for being so messy and fragile at this point. You do you, but I decided that it isn’t worth my sysadmin time (especially when something like ejabberd is practically fire and forget).
I still have to sort out having a different server name to the access name so I can use the domain as well. Do I just put a field into the config like the rest? Can it go anywhere?
Ok now it’s asking me to serve a “.well_known” file like… How?
Ah, that goes on my main server. I’m learning.
It’s also optional, my first setup I just pointed to the matrix subdomain
Protip: Use Conduit instead of Synapse. It’s significantly lighter than Synapse, easier to run, and I guess you can be a cool kid by running something written in Rust. The documentation is even worse though :/ https://conduit.rs/
deleted by creator
Dendrite is still in beta and isn’t feature-complete. I tried all three (Synapse, Dendrite and Conduit) and Conduit worked the best for me - I found it to be the most reliable and use the least amount of RAM. It also uses an embedded database (RocksDB) which makes setup a bit easier.
I tried joining several large Matrix rooms from my server, and the experience with Synapse was dreadful. It was using 100% of one core for long periods of time. In some cases it would just fall over and not join the room. Dendrite and Conduit are better in that regard.
Conduit’s weak point is its documentation. I had to read Synapse’s documentation to understand a few key concepts. I’ve been meaning to help write docs for Conduit but just haven’t had time. I’ve got a PR to improve the styling of the docs at least, but need to do some tweaks to it.
The dankest depths of archlinux wiki. Written by a guy so far gone, so war harden by reading through source code and poorly written technical documentation, ancient forums, leaving no stone unturned. A task so twisted it drives most men crazy.
1% of arch users will ever need this wiki and few have gone through this Herculean task. For them, the first draft is enough, it’s all you can ask of a mind so twisted and broken. Alas it’s as unreadable as the source code and as hard to understand as the forum post from 2009.
I mean… Bad documentation isn’t specific to selfhosting.
They’re not long about matrix docs though. I tried to set it up a few years ago and it was irritating enough that I never got through it.
Most Dockers aren’t that bad though.
this is just because it’s webhosted, anything that does anything on the web sucks and is terrible, everything else is actually so much better it’s fucking baffling to me.
web 2.0 is dead to me. web 3.0 won’t get off of the ground, we need web 2 electric boogaloo
2020 called, they want their opinion backI respectfully disagree2002 called*
and yes, they do want their opinion back, because the internet fucking sucks.
If you hate it so much… why are you on it atm?
because there’s also a lot of good stuff on the internet. There was very little on the internet in 2002, and yet people still used it because it was cool. There is a shit ton of information on the internet now, most of which is garbage, and the rest is somewhere between mediocre, or decent, and some of it being genuinely good.
If you hate living, why even bother living? It’s a question of the ages. What’s the point of living if there is no grander purpose? Surely it means nothing, right?
