Matrix Troubleshooting: Difference between revisions

(One intermediate revision by the same user not shown)

Line 1:

~~~~

= Federation and Common Tasks for Matrix Server =

This page addresses common tasks and issues with Matrix federation and server management, providing solutions and resources for troubleshooting and maintenance.

== Federation Issues ==

Matrix federation enables servers to communicate with each other. Use the following tools and resources for diagnosing federation problems:

'' [https://federationtester.matrix.org Check Federation]

* [https://federationtester.matrix.org Check Federation]

'' [https://spec.matrix.org/v1.6/server-server-api/#server-discovery Matrix Federation Documentation]

* [https://spec.matrix.org/v1.6/server-server-api/#server-discovery Matrix Federation Documentation]

~~~~

== Common Tasks ==

This section outlines routine tasks for managing and troubleshooting a Matrix server.

~~~~

=== Reconfigure and Send Ansible Restart ===

=== Reconfigure and ~~send~~ Ansible Restart. ===

Reconfigures and restarts the Matrix server using Ansible. Ensure the middle server has SSH keys configured for accessing the Matrix server.

~~Sends~~ the ~~ansible command with absolute paths~~. ~~This requires~~ the middle server ~~to have ssh~~ keys to the ~~matrix~~ server.

~~~~

==== Primary ====

<pre>

# Assumes command is executed from within the matrix-docker-ansible-deploy/ directory

ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start

</pre>

~~<syntaxhighlight lang="shell"># assumes command is executed from within the matrix-docker-ansible-deploy/ dir~~

~~ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start</syntaxhighlight>~~

~~~~

==== Alternative ====

<pre>

# Manually via SSH, assumes Tailscale is being used. Update absolute paths as necessary.

ssh root@irregularchat-matrix "ansible-playbook -i /root/Git/matrix-docker-ansible-deploy/inventory/hosts /root/Git/matrix-docker-ansible-deploy/setup.yml --tags=setup-all,start &"

</pre>

~~<syntaxhighlight lang="shell"># manually via ssh, this assumes tailscale is being used and the absolute paths are as follows on the proxmox server. This should be the Alternative method~~

~~ssh root@irregularchat-matrix "ansible-playbook -i /root/Git/matrix-docker-ansible-deploy/inventory/hosts /root/Git/matrix-docker-ansible-deploy/setup.yml --tags=setup-all,start&"</syntaxhighlight>~~

~~~~

=== Updating Ansible Server ===

Updates the Ansible server with the latest roles and configuration.

<~~syntaxhighlight lang="shell"~~>#~~from in~~ the repository

<pre>

# From within the repository

sudo make roles

ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start</~~syntaxhighlight~~>

ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start

~~~~

</pre>

=== Checking Logs ===

Check the logs of the Matrix Synapse service for troubleshooting.

<pre>

systemctl status matrix-synapse.service

journalctl -fu matrix-synapse.service

</pre>

~~<syntaxhighlight lang="shell">systemctl status matrix-synapse.service</syntaxhighlight>~~

~~<syntaxhighlight lang="shell">journalctl -fu matrix-synapse.service</syntaxhighlight>~~

~~~~

=== Check Matrix Federation ===

Verify federation by ensuring ports are open and listening.

<pre>

sudo netstat -tuln | grep -E "8449|81"

</pre>

~~<syntaxhighlight lang="shell">sudo netstat -tuln | grep -E "8449|81"</syntaxhighlight>~~

~~~~

=== Restarting Services ===

Restart the Matrix Synapse service:

<~~syntaxhighlight lang="shell"~~>systemctl restart matrix-synapse.service</~~syntaxhighlight~~>

<pre>

~~or using Ansible, you may want to send a restart~~

systemctl restart matrix-synapse.service

</pre>

~~-----~~

Alternatively, use Ansible to send a restart command.

~~~~

== Issues and Answers ==

This section provides solutions to common Matrix server issues.

~~~~

=== Issue: SSO Issue – Can’t Set Up Recovery Key Due to No Password ===

=== Issue: SSO Issue ~~can’t set up recover key because no password~~ ===

~~~~

==== Solution: Disabling Password Configuration ====

Matrix Synapse’s password configuration can be disabled to allow SSO accounts to configure and store recovery keys without a password. Update the configuration as follows:

Matrix Synapse’s password configuration can be disabled to allow SSO accounts to configure and store security keys and phrases without a password. This adjustment removes the reliance on a password for security settings, enabling SSO users to manage their encryption keys and security phrases independently.

<pre>

matrix_synapse_password_config_enabled: false

~~The specific configuration change in Matrix Synapse is:~~

</pre>

~~<syntaxhighlight lang="yaml">matrix_synapse_password_config_enabled: false</syntaxhighlight>~~

This allows SSO users to manage encryption keys and security phrases independently.

~~~~

~~=== Create BOT Access Tokens with~~ SSO ~~===~~

~~By impersonating~~ bot ~~account on~~ SSO

=== Create Bot Access Tokens with SSO ===

To create bot access tokens using SSO:

# Log in through the web interface.

# Navigate to **Settings > About > Access Token** and copy the token.

# Exit the browser page WITHOUT logging out.

~~Login through the web~~. ~~Settings > About > Access Token~~

=== Issue: Can’t Create Bot Access Tokens When Passwords Are Disabled ===

<s>When passwords are disabled, bots cannot create access tokens or log in with access tokens.</s>

~~Exit browser page WITHOUT logging out~~

<s>To resolve this temporarily, update the configuration:</s>

<~~span id="issue-cant-create-bot-access-tokens-when-passwords-are-disabled."></span~~>

<pre>

~~=== <s>Issue~~: ~~Can’t create BOT access tokens when passwords are disabled.~~</s> ~~===~~

matrix_synapse_password_config_enabled: true

</pre>

<s>~~When passwords are disabled~~, ~~bots can’t create~~ access ~~tokens or~~ log in ~~with access tokens~~.</s>

<s>Set the configuration to `true`, obtain the access token, and log in to the bot. Then, change the configuration back to `false`.</s>

~~<syntaxhighlight lang~~=~~"yaml">matrix_synapse_password_config_enabled~~: ~~true</syntaxhighlight>~~

== Categories ==

~~<s>Set the config to true obtain the access token AND log in to the bot as needed. Then, change the config to false.</s>~~

[[Category:Matrix]]

[[Category:Server Management]]

[[Category:Ansible]]

[[Category:SSO]]

[[Category:Troubleshooting]]

[[Category:Networking]]

@@ Line 1: / Line 1: @@
-<span id="federation-issues"></span>
+= Federation and Common Tasks for Matrix Server =
+This page addresses common tasks and issues with Matrix federation and server management, providing solutions and resources for troubleshooting and maintenance.
 == Federation Issues ==
+Matrix federation enables servers to communicate with each other. Use the following tools and resources for diagnosing federation problems:
-'' [https://federationtester.matrix.org Check Federation]
+* [https://federationtester.matrix.org Check Federation]
-'' [https://spec.matrix.org/v1.6/server-server-api/#server-discovery Matrix Federation Documentation]
+* [https://spec.matrix.org/v1.6/server-server-api/#server-discovery Matrix Federation Documentation]
-<span id="common-tasks"></span>
 == Common Tasks ==
+This section outlines routine tasks for managing and troubleshooting a Matrix server.
-<span id="reconfigure-and-send-ansible-restart."></span>
+=== Reconfigure and Send Ansible Restart ===
-=== Reconfigure and send Ansible Restart. ===
+Reconfigures and restarts the Matrix server using Ansible. Ensure the middle server has SSH keys configured for accessing the Matrix server.
-Sends the ansible command with absolute paths. This requires the middle server to have ssh keys to the matrix server.
-<span id="primary"></span>
 ==== Primary ====
+<pre>
+# Assumes command is executed from within the matrix-docker-ansible-deploy/ directory
+ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
+</pre>
-<syntaxhighlight lang="shell"># assumes command is executed from within the matrix-docker-ansible-deploy/ dir
-ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start</syntaxhighlight>
-<span id="alternative"></span>
 ==== Alternative ====
+<pre>
+# Manually via SSH, assumes Tailscale is being used. Update absolute paths as necessary.
+ssh root@irregularchat-matrix "ansible-playbook -i /root/Git/matrix-docker-ansible-deploy/inventory/hosts  /root/Git/matrix-docker-ansible-deploy/setup.yml --tags=setup-all,start &"
+</pre>
-<syntaxhighlight lang="shell"># manually via ssh, this assumes tailscale is being used and the absolute paths are as follows on the proxmox server. This should be the Alternative method
-ssh root@irregularchat-matrix "ansible-playbook -i /root/Git/matrix-docker-ansible-deploy/inventory/hosts  /root/Git/matrix-docker-ansible-deploy/setup.yml --tags=setup-all,start&"</syntaxhighlight>
-<span id="updating-ansible-server"></span>
 === Updating Ansible Server ===
+Updates the Ansible server with the latest roles and configuration.
-<syntaxhighlight lang="shell">#from in the repository
+<pre>
+# From within the repository
 sudo make roles
-ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start</syntaxhighlight>
+ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
-<span id="checking-logs"></span>
+</pre>
 === Checking Logs ===
+Check the logs of the Matrix Synapse service for troubleshooting.
+<pre>
+systemctl status matrix-synapse.service
+journalctl -fu matrix-synapse.service
+</pre>
-<syntaxhighlight lang="shell">systemctl status matrix-synapse.service</syntaxhighlight>
-<syntaxhighlight lang="shell">journalctl -fu matrix-synapse.service</syntaxhighlight>
-<span id="check-matrix-federation"></span>
 === Check Matrix Federation ===
+Verify federation by ensuring ports are open and listening.
+<pre>
+sudo netstat -tuln | grep -E "8449|81"
+</pre>
-<syntaxhighlight lang="shell">sudo netstat -tuln | grep -E "8449|81"</syntaxhighlight>
-<span id="restarting-services"></span>
 === Restarting Services ===
+Restart the Matrix Synapse service:
-<syntaxhighlight lang="shell">systemctl restart matrix-synapse.service</syntaxhighlight>
+<pre>
-or using Ansible, you may want to send a restart
+systemctl restart matrix-synapse.service
+</pre>
------
+Alternatively, use Ansible to send a restart command.
-<span id="issues-and-answers"></span>
 == Issues and Answers ==
+This section provides solutions to common Matrix server issues.
-<span id="issue-sso-issue-cant-set-up-recover-key-because-no-password"></span>
+=== Issue: SSO Issue – Can’t Set Up Recovery Key Due to No Password ===
-=== Issue: SSO Issue can’t set up recover key because no password ===
-<span id="solution-disabling-password-configuration"></span>
 ==== Solution: Disabling Password Configuration ====
+Matrix Synapse’s password configuration can be disabled to allow SSO accounts to configure and store recovery keys without a password. Update the configuration as follows:
-Matrix Synapse’s password configuration can be disabled to allow SSO accounts to configure and store security keys and phrases without a password. This adjustment removes the reliance on a password for security settings, enabling SSO users to manage their encryption keys and security phrases independently.
+<pre>
+matrix_synapse_password_config_enabled: false
-The specific configuration change in Matrix Synapse is:
+</pre>
-<syntaxhighlight lang="yaml">matrix_synapse_password_config_enabled: false</syntaxhighlight>
+This allows SSO users to manage encryption keys and security phrases independently.
-<span id="create-bot-access-tokens-with-sso"></span>
-=== Create BOT Access Tokens with SSO ===
-By impersonating bot account on SSO
+=== Create Bot Access Tokens with SSO ===
+To create bot access tokens using SSO:
+# Log in through the web interface.
+# Navigate to **Settings > About > Access Token** and copy the token.
+# Exit the browser page WITHOUT logging out.
-Login through the web. Settings &gt; About &gt; Access Token
+=== Issue: Can’t Create Bot Access Tokens When Passwords Are Disabled ===
+<s>When passwords are disabled, bots cannot create access tokens or log in with access tokens.</s>
-Exit browser page WITHOUT logging out
+<s>To resolve this temporarily, update the configuration:</s>
-<span id="issue-cant-create-bot-access-tokens-when-passwords-are-disabled."></span>
+<pre>
-=== <s>Issue: Can’t create BOT access tokens when passwords are disabled.</s> ===
+matrix_synapse_password_config_enabled: true
+</pre>
-<s>When passwords are disabled, bots can’t create access tokens or log in with access tokens.</s>
+<s>Set the configuration to `true`, obtain the access token, and log in to the bot. Then, change the configuration back to `false`.</s>
-<syntaxhighlight lang="yaml">matrix_synapse_password_config_enabled: true</syntaxhighlight>
+== Categories ==
-<s>Set the config to true obtain the access token AND log in to the bot as needed. Then, change the config to false.</s>
+[[Category:Matrix]]
+[[Category:Server Management]]
+[[Category:Ansible]]
+[[Category:SSO]]
+[[Category:Troubleshooting]]
+[[Category:Networking]]