README updates (#4621)

Lots of updates to the README/INSTALL.md.

Fixes #4601.
This commit is contained in:
Richard van der Hoff 2019-02-12 10:53:28 +00:00 committed by GitHub
parent a4ce91396b
commit 2418b91bb7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 78 additions and 61 deletions

View File

@ -350,18 +350,34 @@ Once you have installed synapse as above, you will need to configure it.
## TLS certificates ## TLS certificates
The default configuration exposes two HTTP ports: 8008 and 8448. Port 8008 is The default configuration exposes a single HTTP port: http://localhost:8008. It
configured without TLS; it should be behind a reverse proxy for TLS/SSL is suitable for local testing, but for any practical use, you will either need
termination on port 443 which in turn should be used for clients. Port 8448 to enable a reverse proxy, or configure Synapse to expose an HTTPS port.
is configured to use TLS for Federation with a self-signed or verified
certificate, but please be aware that a valid certificate will be required in
Synapse v1.0. Instructions for having Synapse automatically provision and renew federation certificates through ACME can be found at [ACME.md](docs/ACME.md).
If you would like to use your own certificates, you can do so by changing For information on using a reverse proxy, see
`tls_certificate_path` and `tls_private_key_path` in `homeserver.yaml`; [docs/reverse_proxy.rst](docs/reverse_proxy.rst).
alternatively, you can use a reverse proxy. See
[docs/reverse_proxy.rst](docs/reverse_proxy.rst) for information on configuring To configure Synapse to expose an HTTPS port, you will need to edit
a reverse proxy. `homeserver.yaml`.
First, under the `listeners` section, uncomment the configuration for the
TLS-enabled listener. (Remove the hash sign (`#`) and space at the start of
each line). The relevant lines are like this:
```
- port: 8448
type: http
tls: true
resources:
- names: [client, federation]
```
You will also need to uncomment the `tls_certificate_path` and
`tls_private_key_path` lines under the `TLS` section. You can either point
these settings at an existing certificate and key, or you can enable Synapse's
built-in ACME (Let's Encrypt) support. Instructions for having Synapse
automatically provision and renew federation certificates through ACME can be
found at [ACME.md](docs/ACME.md).
## Registering a user ## Registering a user
@ -375,7 +391,7 @@ users. This can be done as follows:
``` ```
$ source ~/synapse/env/bin/activate $ source ~/synapse/env/bin/activate
$ synctl start # if not already running $ synctl start # if not already running
$ register_new_matrix_user -c homeserver.yaml https://localhost:8448 $ register_new_matrix_user -c homeserver.yaml http://localhost:8008
New user localpart: erikj New user localpart: erikj
Password: Password:
Confirm password: Confirm password:

View File

@ -26,7 +26,6 @@ via IRC bridge at irc://irc.freenode.net/matrix.
Synapse is currently in rapid development, but as of version 0.5 we believe it Synapse is currently in rapid development, but as of version 0.5 we believe it
is sufficiently stable to be run as an internet-facing service for real usage! is sufficiently stable to be run as an internet-facing service for real usage!
About Matrix About Matrix
============ ============
@ -88,18 +87,20 @@ Connecting to Synapse from a client
=================================== ===================================
The easiest way to try out your new Synapse installation is by connecting to it The easiest way to try out your new Synapse installation is by connecting to it
from a web client. The easiest option is probably the one at from a web client.
https://riot.im/app. You will need to specify a "Custom server" when you log on
or register: set this to ``https://domain.tld`` if you setup a reverse proxy
following the recommended setup, or ``https://localhost:8448`` - remember to specify the
port (``:8448``) if not ``:443`` unless you changed the configuration. (Leave the identity
server as the default - see `Identity servers`_.)
If using port 8448 you will run into errors if you are using a self-signed Unless you are running a test instance of Synapse on your local machine, in
certificate. To overcome this, simply go to ``https://localhost:8448`` general, you will need to enable TLS support before you can successfully
directly with your browser and accept the presented certificate. You can then connect from a client: see `<INSTALL.md#tls-certificates>`_.
go back in your web client and proceed further. Valid federation certificates
should not have this problem. An easy way to get started is to login or register via Riot at
https://riot.im/app/#/login or https://riot.im/app/#/register respectively.
You will need to change the server you are logging into from ``matrix.org``
and instead specify a Homeserver URL of ``https://<server_name>:8448``
(or just ``https://<server_name>`` if you are using a reverse proxy).
(Leave the identity server as the default - see `Identity servers`_.)
If you prefer to use another client, refer to our
`client breakdown <https://matrix.org/docs/projects/clients-matrix>`_.
If all goes well you should at least be able to log in, create a room, and If all goes well you should at least be able to log in, create a room, and
start sending messages. start sending messages.
@ -174,9 +175,30 @@ Separately, Synapse may leak file handles if inbound HTTP requests get stuck
during processing - e.g. blocked behind a lock or talking to a remote server etc. during processing - e.g. blocked behind a lock or talking to a remote server etc.
This is best diagnosed by matching up the 'Received request' and 'Processed request' This is best diagnosed by matching up the 'Received request' and 'Processed request'
log lines and looking for any 'Processed request' lines which take more than log lines and looking for any 'Processed request' lines which take more than
a few seconds to execute. Please let us know at #matrix-dev:matrix.org if a few seconds to execute. Please let us know at #synapse:matrix.org if
you see this failure mode so we can help debug it, however. you see this failure mode so we can help debug it, however.
Help!! Synapse eats all my RAM!
-------------------------------
Synapse's architecture is quite RAM hungry currently - we deliberately
cache a lot of recent room data and metadata in RAM in order to speed up
common requests. We'll improve this in future, but for now the easiest
way to either reduce the RAM usage (at the risk of slowing things down)
is to set the almost-undocumented ``SYNAPSE_CACHE_FACTOR`` environment
variable. The default is 0.5, which can be decreased to reduce RAM usage
in memory constrained enviroments, or increased if performance starts to
degrade.
Using `libjemalloc <http://jemalloc.net/>`_ can also yield a significant
improvement in overall amount, and especially in terms of giving back RAM
to the OS. To use it, the library must simply be put in the LD_PRELOAD
environment variable when launching Synapse. On Debian, this can be done
by installing the ``libjemalloc1`` package and adding this line to
``/etc/default/matrix-synapse``::
LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.1
Upgrading an existing Synapse Upgrading an existing Synapse
============================= =============================
@ -196,12 +218,12 @@ Federation is the process by which users on different servers can participate
in the same room. For this to work, those other servers must be able to contact in the same room. For this to work, those other servers must be able to contact
yours to send messages. yours to send messages.
The ``server_name`` in your The ``server_name`` in your ``homeserver.yaml`` file determines the way that
``homeserver.yaml`` file determines the way that other servers will reach other servers will reach yours. By default, they will treat it as a hostname
yours. By default, they will treat it as a hostname and try to connect to and try to connect to port 8448. This is easy to set up and will work with the
port 8448. This is easy to set up and will work with the default configuration, default configuration, provided you set the ``server_name`` to match your
provided you set the ``server_name`` to match your machine's public DNS machine's public DNS hostname, and give Synapse a TLS certificate which is
hostname. valid for your ``server_name``.
For a more flexible configuration, you can set up a DNS SRV record. This allows For a more flexible configuration, you can set up a DNS SRV record. This allows
you to run your server on a machine that might not have the same name as your you to run your server on a machine that might not have the same name as your
@ -243,11 +265,8 @@ largest boxes pause for thought.)
Troubleshooting Troubleshooting
--------------- ---------------
You can use the federation tester to check if your homeserver is all set: You can use the `federation tester <https://matrix.org/federationtester>`_ to
``https://matrix.org/federationtester/api/report?server_name=<your_server_name>`` check if your homeserver is all set.
If any of the attributes under "checks" is false, federation won't work.
There is also a nicer interface available from a community member at
`<https://neo.lain.haus/fed-tester>`_.
The typical failure mode with federation is that when you try to join a room, The typical failure mode with federation is that when you try to join a room,
it is rejected with "401: Unauthorized". Generally this means that other it is rejected with "401: Unauthorized". Generally this means that other
@ -263,7 +282,10 @@ So, things to check are:
(it should be ``_matrix._tcp.<server_name>``), and that the port and hostname (it should be ``_matrix._tcp.<server_name>``), and that the port and hostname
it specifies are reachable from outside your network. it specifies are reachable from outside your network.
.. TODO: add a note about forgetting ``nocanon`` on a reverse-proxy config Another common problem is that people on other servers can't join rooms that
you invite them to. This can be caused by an incorrectly-configured reverse
proxy: see `<docs/reverse_proxy.rst>`_ for instructions on how to correctly
configure a reverse proxy.
Running a Demo Federation of Synapses Running a Demo Federation of Synapses
------------------------------------- -------------------------------------
@ -363,7 +385,7 @@ Synapse Development
Before setting up a development environment for synapse, make sure you have the Before setting up a development environment for synapse, make sure you have the
system dependencies (such as the python header files) installed - see system dependencies (such as the python header files) installed - see
`Installing from source`_. `Installing from source <INSTALL.md#installing-from-source>`_.
To check out a synapse for development, clone the git repo into a working To check out a synapse for development, clone the git repo into a working
directory of your choice:: directory of your choice::
@ -374,7 +396,7 @@ directory of your choice::
Synapse has a number of external dependencies, that are easiest Synapse has a number of external dependencies, that are easiest
to install using pip and a virtualenv:: to install using pip and a virtualenv::
virtualenv -p python2.7 env virtualenv -p python3 env
source env/bin/activate source env/bin/activate
python -m pip install -e .[all] python -m pip install -e .[all]
@ -416,25 +438,3 @@ sphinxcontrib-napoleon::
Building internal API documentation:: Building internal API documentation::
python setup.py build_sphinx python setup.py build_sphinx
Help!! Synapse eats all my RAM!
===============================
Synapse's architecture is quite RAM hungry currently - we deliberately
cache a lot of recent room data and metadata in RAM in order to speed up
common requests. We'll improve this in future, but for now the easiest
way to either reduce the RAM usage (at the risk of slowing things down)
is to set the almost-undocumented ``SYNAPSE_CACHE_FACTOR`` environment
variable. The default is 0.5, which can be decreased to reduce RAM usage
in memory constrained enviroments, or increased if performance starts to
degrade.
Using `libjemalloc <http://jemalloc.net/>`_ can also yield a significant
improvement in overall amount, and especially in terms of giving back RAM
to the OS. To use it, the library must simply be put in the LD_PRELOAD
environment variable when launching Synapse. On Debian, this can be done
by installing the ``libjemalloc1`` package and adding this line to
``/etc/default/matrix-synapse``::
LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.1

1
changelog.d/4621.misc Normal file
View File

@ -0,0 +1 @@
README updates