| 14 Jun 2019 |
|  Alex B changed their display name from Alex B to Alexander Buron. | 06:04:26 |
| Alex B | Hi, I set up everyting and it seems to work fine. Just a quick question: When using LDAP, I can auth against it, the name is set like in the LDAP "cn" field during the first login. Is there a way to search for the CN field if i search for users of my company? I just get 'no results' but the mxisd log in syslog shows nothing. If i type in an email, the return is sucessfull. | 06:26:45 |
 Maximus | Alexander Buron: You are looking for the Directory feature, which is based on intercepting an endpoint and enhancing it. See https://github.com/kamax-matrix/mxisd/blob/master/docs/features/directory.md#user-directory | 06:29:07 |
| Alex B | This is what i tried to do, but it doesn't work at all. But good to know that I'm searchingin the right direction. Thx! | 06:51:26 |
 nato | I found checking logs to be super helpful for troubleshooting, you can get a fair idea around what's broken / misconfigured | 06:55:31 |
| Alex B | uff... (╯°□°)╯︵ ┻━┻
well.. you can tune apache as much as you want, if you use haproxy. It's working now. :) | 07:58:21 |
| Maximus | lol | 07:58:44 |
| Maximus | glad you found out the issue and that it's working! | 07:58:57 |
| Alex B | acl is_matrix hdr(host) -i matrix.xxx www.matrix.xxx
acl is_riot hdr(host) -i chat.xxx www.chat.xxx
#acl url_ident_api path_beg /_matrix/identity
#acl url_matrix_api path_beg /_matrix
acl url_mxisd_directory path_beg /_matrix/client/r0/user_directory/ #http://localhost:8090/_matrix/client/r0/user_directory/
acl url_mxisd_identity path_beg /_matrix/identity #http://localhost:8090/_matrix/identity
acl url_matrix_base path_beg /_matrix #http://localhost:8008/_matrix
use_backend identity if is_matrix url_mxisd_directory || url_mxisd_identity
use_backend local_matrix if is_matrix url_matrix_base
use_backend riot if is_riot
default_backend local_matrix
backend local_matrix
mode http
option httplog
option forwardfor
#option http-server-close
#option httpchk #does not work for matrix
server localhost_matrix 127.0.0.1:8008 check #ssl verify none
backend riot
mode http
option httplog
option forwardfor
server riot_mnsrv 127.0.0.1:80 check
backend identity
mode http
option httplog
#option forwardfor
server local_mxisd 127.0.0.1:8090 check
if somebody needs it
| 07:59:47 |
| Maximus | Alexander Buron: thank yotu, I'll add it to a new HAProxy section | 08:00:18 |
| Maximus | in the docs | 08:00:23 |
|  @sorunome:sorunome.de changed their profile picture. | 09:14:53 |
| Alex B | sorry but anoter question..: Do i need to configure more than this to get emails out via smtp? https://github.com/kamax-matrix/mxisd/blob/master/docs/threepids/medium/email/smtp-connector.md
The logfile always tells me
io.kamax.mxisd.notification.NotificationManager - Found handler raw for medium email | 09:16:34 |
| @sorunome:sorunome.de changed their profile picture. | 09:22:09 |
| Maximus | Alexander Buron: you can ask as many question as you want, no need to be sorry | 09:42:56 |
| Maximus | and yes this is all you need to configure for sending emails | 09:43:08 |
 @mat:tout.im | Maximus: thanks for the detailed report. there are a bunch of "work as intended" stuff that I disagree to say it's a real problem for now, but there is also a bunch of stuffs that should really be fixed. the "let's upload all the contacts to IS when switching rooms" is really bad | 11:46:52 |
| Alex B | It's well documented, therefore most of the things were really easy to set up. But this email thing just doesn't work. To understand things corretly: Is this also woking if I invite someone from our identity server into a room ? | 11:46:58 |
| Maximus | MatMaul: Your mileage may vary in terms of what is acceptable or not of course. We only put up what we believed is problematic by the standard of people we talked to, and the legality of those with GDPR, especially if you are hosting such a service and are therefore legally accountable for such leaks. If you found it useful, then I am already more than happy! | 11:48:59 |
| Maximus | Alexander Buron: the logs will be very explicit when an email is being sent, staying doing so, and SMTP and such. You want to invite an email which will not resolve to a Matrix ID. | 11:50:00 |
| Maximus | you can also try by adding an email to your settings and see if a validation token is sent to it (you can just cancel the add before it finishes) | 11:51:27 |
| @mat:tout.im | this is well written and fact based so it is a nice report that don't get into flameware for nothing, thx for that. | 12:00:10 |
| Maximus | Thank you very much for the kind words. I'll be sure to relay them to the rest of the team | 12:00:37 |
| @mat:tout.im | I'll try to find some times to work on PRs that deal with the most serious issues, if they don't act on it I'll begin to be suspicious of the governance. For now I think it's just mainly oversight and lack of time / prioritization of needs. | 12:02:21 |
| @mat:tout.im | it's mainly removing code ^^ I can do that | 12:02:54 |
|  @whistl:whistl.us joined the room. | 12:03:22 |
| Maximus | Maybe. All I can say is that "oversight and lack of time / prioritization of needs" has been happening for at least 2 1/2 years that we experienced first hand, and 4 years from various issues we found | 12:03:31 |
| Maximus | It was fair as long as Matrix was beta. But now Matrix v1.0 is out. Everyone is free to make their opinion of course, but we no longer believe such things. Not to the extend data is leaked nearly each minute on a client with many rooms | 12:04:43 |
| Maximus | while we do our best to remain factual on the doc, this project (mxisd) definitely took a stand and we said "no longer ok" in recent versions | 12:05:31 |
| @mat:tout.im | yes I know. But I also can understand that it's probably more important to them to have an easy to use e2e with cross signing, and a v1 spec that make sense. I think you are a bit rough on them, at the end it's only v1 of the spec, and nothing bad seems to have bleed into the official spec since a lot of the problem are regarding the IS. | 12:11:40 |
