| 2 Jun 2019 |
 perflyst | i did not read them since v1.3, right | 16:19:44 |
 Atreatis | In reply to @max:kamax.io
Atreatis: that's not that My bad, currently doing a barbecue and kids are distracting a lot :( | 16:20:17 |
 Maximus | make sure you follow each step and double check your mxisd and reverse proxy config since you had an older version | 16:20:18 |
| perflyst | but somehow this makes no sense
172.16.1.78 is the machine where mxisd runs | 16:21:25 |
| perflyst | synapse runs somewhere else and the dns override is in the config | 16:21:39 |
| Maximus | it means most likely there is no Host header at all | 16:22:10 |
| perflyst | so it needs proxy_set_header Host $host; in nginx | 16:22:36 |
| Maximus | again: make sure you follow each step from the doc and you do not skip any line or the likes | 16:23:28 |
| Maximus | they are all needed | 16:23:31 |
| Maximus | and from the nginx config you pasted, you have one extra line whcih is not documented, and you are missing at least two lines accross both location blocks | 16:25:09 |
| perflyst | it was documented at some time somewhere, quite sure
and i will not set proxy_set_header X-Forwarded-For $remote_addr;, because than real IP addresses are logged forever in synapse's database | 16:27:00 |
| perflyst | seems like it was enough to set proxy_set_header Host $host | 16:27:30 |
| Maximus | Glad it's fixed | 16:28:42 |
| perflyst | one question
why do you recommend to set proxy_set_header X-Forwarded-For $remote_addr;? | 16:29:11 |
| Maximus | both mxisd and synapse have some access control/rate limiting that rely on the caller IP. Without that header, given that mxisd expect to be behind a reverse proxy, the actual caller will never be known. For small/unique user setup, it might not be relevant, but it becomes quickly needed | 16:31:02 |
| Maximus | if you don't want to set it it's fine, just know that you might see failed requests now and then because of it | 16:31:32 |
| 3 Jun 2019 |
 yogsi | hi | 07:11:27 |
| yogsi | nimogit: if there are things you feel are lacking for your use case for the register/invite limitation features, let me know. We try to improve support for servers with limited registration/invites any chance we could limit the "create new room" option to a certain group of users? | 07:12:20 |
| Maximus | yogsi: that has nothing to do with the identity server I'm afraid | 07:12:58 |
| Maximus | https://github.com/kamax-matrix/mxgwd this is more what you're looking for, even tho it's still consider alpha | 07:13:52 |
| Maximus | it even has a configuration example for what you want. Come to #mxgwd:kamax.io if you have more questions | 07:14:24 |
| yogsi | thanks! will definitely check it out | 07:15:32 |
 mextor | hi mxisd works fine | 23:03:38 |
| mextor | thx for the work :) | 23:03:48 |
| mextor | question: where should I insert custom template conf ?
in the /etc/mxisd/mxisd.yaml
? | 23:04:51 |
| mextor | at the end ? somehing like : | 23:05:14 |
| mextor | threepid:
medium:
email:
generators:
template:
invite: '/etc/mxisd/invite-template.eml'
etc... ? | 23:05:59 |
| Maximus | yes | 23:06:28 |
| mextor | ok, I try | 23:07:39 |
| mextor | ooops: Failed to remove threepid | 23:08:56 |
