I am setting up delegation on a synapse server. I follow the official docs and seem to have everything in place. I get the following error on example.com nginx logs when I enter the homeserver "example.org" in a client, that is supposed to delegate client traffic to "synapse.example.com":
[error] 28804#28804: *246 open() "/usr/share/nginx/html/_matrix/client/r0/login" failed (2: No such file or directory) [..]
The client seems to request the matrix server information from the wrong server, instead of the delegated.
nginx config on example.com:
server {
server_name www.example.com example.com; # managed by Certbot
location /.well-known/matrix/server {
default_type application/json;
return 200 '{"m.server": "synapse.example.com:443"}';
}
location /.well-known/matrix/client {
default_type application/json;
return 200 '{"m.homeserver":{"base_url": "https://synapse.example.com"}}';
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
[...ssl certs...]
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name www.example.com example.com;
return 404; # managed by Certbot
}
synapse.example.com nginx config:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# For the federation port
listen 8448 ssl http2 default_server;
listen [::]:8448 ssl http2 default_server;
server_name synapse.example.com;
location ~ ^(/_matrix|/_synapse/client) {
[...]
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
[...]
}
}
And finally, the homeserver.yaml on synapse.example.com:
[...]
public_baseurl: https://synapse.example.com/
presence:
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
bind_addresses: ['::1', '127.0.0.1']
resources:
- names: [client, federation]
compress: false
[...]
I understand that the error on example.com implies that certain requests are not forwarded to the delegated host at synapse.example.com, but could not find anything in the synapse docs or elsewhere. I would have expected that the matrix clients / protocol parses the .well-known JSON and then handles the delegation itself. Apparently not.
Can someone point me in the right direction how to debug here? Or even give an explanation of what I am doing wrong. Help highly appreciated
Edit:
Opening https://synapse.example.com/_matrix/key/v2/server in a browser, the json contains the key/value pair
server_name "example.com"
I am not sure where this is defined, and whether this is correct.
(BTW, all references to "synapse.example.com" and "example.com" represent the real domain names, respectively.)