-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
draupnir can't reach the synapse admin API #3308
Comments
Ok so Draupnir docs are maby a bit confusing i will concede that. What we are actually asking for a path to reach the admin API and not reach pantalaimon the CS API proxy. So if solution 1 gives us an address to reach the Admin API Draupnir will be happy and if that causes a bug well i will have to go and bother Gnuxie to get that fixed because that is a bug at that point. |
I added the following blocks to my synapse reverse proxy companion labels:
and so far that made it stop complaining. |
according to https://matrix.to/#/!IaWNErZAgQUhGqJXjX:matrix.org/$n0CH1nAI791tE1AU6ofznnw_Njw4yGzg9qitcFhvXiI?via=matrix.org&via=envs.net&via=ubuntu.com polling is broken anyway, so until fixed something else entirely should be done |
Describe the bug
Per the docs, draupnir can poll abuse reports from the synapse admin API. This used to work back in matrix-nginx-proxy times 👴.
https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-bot-draupnir.md#abuse-reports
According to the docs, what is needed, is to enable the admin API (e.g. by configuring directly, or indirectly be enabling synapse-admin), the darupnir user being an admin, and the draupnir config extension.
However it does not work: draupnir bot will spam the control room:
So I dug around.
Finding the issue
With my config, which should be basically default in that regard...
draupnir config includes:
which is just the main reverse proxy traefik container's name
draupnir service connects networks:
traefik service connects networks:
which connects it to draupnir such that it should be able to reach
matrix-traefik
, andwhich is just a firewall between traefik and the host docker socket
traefik.yml defines as only entryPoint on 8008:
synapse reverse proxy companion is the only router on that entrypoint i can find:
but it's on the wrong path
meanwhile, the
_synapse/admin_
API is only onbuuuut you can really skip reading most of this if instead we read the draupnir docs at https://github.com/the-draupnir-project/Draupnir/blob/main/config/default.yaml
which clearly has not been done if you scroll all the way up.
Proposed Solution
There are two options that I see:
matrix-internal-matrix-client-api
entrypoint. The rest should then fall into place. This seems to be the way the playbook prefers to do things, though strictly speaking it goes against draupnir's docs.rawHomeserverUrl
to call the C2S and admin APIs through web-secure (public internet), as its docs say. This might have a slight performance impact and is not strictly necessary.The text was updated successfully, but these errors were encountered: