Created Troubleshooting / Workarounds (markdown)

2025-08-12 16:09:20 +02:00 · 2023-06-03 10:14:40 +02:00
parent 988fe3fa26
commit abb4c02427
1 changed files with 221 additions and 0 deletions
--- a/Troubleshooting---Workarounds.md
+++ b/Troubleshooting---Workarounds.md
@@ -0,0 +1,221 @@
+# Synapse (Matrix) in Docker with federation support for Zoraxy
+
+I assume Matrix is already running in docker with docker compose and you want to switch over to Zoraxy installed on your hostsystem. We will use a little workaround and use NGINX on the hostsystem.
+
+Stop the container with `docker compose down`
+
+Your docker-compose.yml looks something like this:
+
+```
+`version: '3'
+`services:`
+  `synapse:`
+    `image: matrixdotorg/synapse:latest`
+    `restart: unless-stopped`
+    `ports:`
+     `- "8008:8008"`
+    `environment:`
+     `- TZ=Europe/Berlin`
+    `volumes:`
+     `- ./files:/data`
+    `healthcheck:`
+     `test: ["CMD", "curl", "-fSs", "http://localhost:8008/health"]`
+     `interval: 15s`
+     `timeout: 5s`
+     `retries: 3`
+     `start_period: 5s`
+
+  `db:`
+    `image: postgres:15-alpine`
+    `container_name: matrix-db`
+    `restart: unless-stopped`
+    `volumes:`
+     `- ./schemas:/var/lib/postgresql/data`
+    `environment:`
+     `- POSTGRES_DB=synapse`
+     `- POSTGRES_USER=synapse`
+     `- POSTGRES_PASSWORD=changeme`
+     `- POSTGRES_INITDB_ARGS= --encoding='UTF8' --lc-collate='C' --lc-ctype='C'
+
+```
+
+We will now create a new docker network and set a static IP to the synapse container. This is needed, since we can not use docker hostnames, because Zoraxy is outside the container.
+
+If you just use the current IP from the container Synapse will be offline, if you do `docker compose down` and `docker compose up -d` again.
+
+First let us create the network with:
+
+`docker network create --subnet=172.40.0.0/16 staticnet`
+
+If it is successfull it will give you a long output like "2cabe0428cb514e3e3d8e49d358df0930f519b8a80a39886dd8c8cae4fd6cfa1", if it fails with "Error response from daemon: Pool overlaps with other one on this address space", then increase the number 40 to 41, 42 etc.. in the subnet parameter. Now we have a new network named "staticnet".
+
+Next step is to integrate this network in the docker-compose.
+
+`nano docker-compose.yml`
+
+Paste the following lines into your file and comment out the ports of synapse (they are not needed anymore):
+
+```
+###This needs to be integrated in the synapse container###
+    networks:
+        staticnet:
+            ipv4_address: 172.40.0.2
+
+###Those lines at the END of your file###
+networks:
+  staticnet:
+    external: true
+```
+
+
+Your file should now look similar to this:
+```
+version: '3'
+services:
+  synapse:
+    image: matrixdotorg/synapse:latest
+    restart: unless-stopped
+#    ports:
+#     - "8008:8008"
+    networks:
+       staticnet:
+          ipv4_address: 172.40.0.2
+    environment:
+     - TZ=Europe/Berlin
+    volumes:
+     - ./files:/data
+    healthcheck:
+     test: ["CMD", "curl", "-fSs", "http://localhost:8008/health"]
+     interval: 15s
+     timeout: 5s
+     retries: 3
+     start_period: 5s
+
+  db:
+    image: postgres:15-alpine
+    restart: unless-stopped
+    volumes:
+     - ./schemas:/var/lib/postgresql/data
+    environment:
+     - POSTGRES_DB=synapse
+     - POSTGRES_USER=synapse
+     - POSTGRES_PASSWORD=changeme
+     - POSTGRES_INITDB_ARGS= --encoding='UTF8' --lc-collate='C' --lc-ctype='C'
+
+networks:
+  staticnet:
+    external: true
+```
+
+Save with CTRL + O and close with CTRL + X
+
+
+We have now successfully set a static IP to Synapse. This works for other conatiners too. You only need to increase the last number 172.40.0.2 to 172.40.0.3, 172.40.0.4 and so on...
+
+Next step is to install nginx on the host system and stop it afterwards so it won´t interfere with other services.
+
+`sudo apt install nginx && sudo systemctl stop nginx`
+
+Create a vHost for Synapse now:
+
+`sudo nano /etc/nginx/sites-available/matrix`
+
+Paste these lines inside the new file and ONLY modify MATRIX.YOUR.DOMAIN to your actual domain. It is needed 3 times. Keep the portnumber at the last one (:443)!
+
+```
+server {
+    listen 8200;
+    listen [::]:8200;
+    server_name MATRIX.YOUR.DOMAIN;
+
+    location ~ ^(/_matrix|/_synapse/client) {
+        # note: do not add a path (even a single /) after the port in `proxy_pass`,
+        # otherwise nginx will canonicalise the URI and cause signature verification
+        # errors.
+        proxy_pass http://172.40.0.2:8008;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Host $host;
+        }
+
+    location /.well-known/matrix/client {
+        return 200 '{\"m.homeserver\": {\"base_url\": \"https://MATRIX.YOUR.DOMAIN\"}}';
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Host $host;
+        client_max_body_size 50M;
+        }
+
+    location /.well-known/matrix/server {
+        return 200 '{\"m.server\": \"MATRIX.YOUR.DOMAIN:443\"}';
+       }
+
+    # Synapse responses may be chunked, which is an HTTP/1.1 feature.
+    proxy_http_version 1.1;
+    }
+```
+
+Save with CTRL + O and close with CTRL + X
+
+
+Now activate the vHost and start Nginx again:
+
+`sudo ln -s /etc/nginx/sites-available/matrix /etc/nginx/sites-enabled/matrix && sudo systemctl start nginx`
+
+
+Now Nginx listens for Synapse on port 8200. It proxies the traffic inside the container (that´s why we needed the static IP) to port 8008 INSIDE the container. You don´t need portmappings with the static IP, this is why we commented it out.
+
+In Zoraxy you can set your Matrix (sub)domain to localhost:8200
+
+You do not need to open the port 8200 in your firewall!
+I wanted originally to integrate nginx to the docker-compose.yml but it did not work as I expected, so it is better to have nginx on the hostsystem.
+
+
+# Fixing Wordpress "Mixed content" or "CSP header" errors
+
+You already have a running Wordpress site with HTTPS and now it looks messed up since you switched to Zoraxy?
+
+Now your site can look like this:
+
+![wp1](https://github.com/tobychui/zoraxy/assets/110860055/09900779-0845-4c00-8fe7-5451f7775176)
+Adminpanel
+
+
+We need to edit the wp-config.php file as root user. 
+Switch to root user:
+
+`sudo su`
+
+The file is located at the Wordpresswebroot (/var/www/html/wordpress). 
+
+`cd /var/www/html/wordpress`
+
+Sidenote:
+
+If you use Wordpress in Docker and you used the standard docker-compose example the file should located at /var/lib/docker/volumes/wordpress_wordpress/_data/wp-config.php
+
+Open the wp-config.php with nano editor
+
+`nano wp-config.php`
+
+Put in these lines after the "<?php" part of the file
+
+`if ( (!empty( $_SERVER['HTTP_X_FORWARDED_HOST'])) || (!empty( $_SERVER['HTTP_X_FORWARDED_FOR'])) ) { $_SERVER['HTTPS'] = 'on'; }`
+
+
+![addedlines](https://github.com/tobychui/zoraxy/assets/110860055/b38051de-a61a-4d29-aa7e-78c1c47b8652)
+
+
+Save the file with **CTRL + O** and leave nano with **CTRL + X**
+
+Reload your page!
+
+![finished](https://github.com/tobychui/zoraxy/assets/110860055/8d433ac8-a5ff-4638-a105-e59f4b2151a1)
+Adminpanel
+
+You can now leave the root shell with
+
+`exit`
+
+
+Tested with Wordpress and Apache on a hostinstallation and Wordpress in Docker (wordpress:latest) with existing sites.