From 4c6f13c68a88b322ae523ef3ba6880caf89a63e1 Mon Sep 17 00:00:00 2001 From: stuebinm Date: Thu, 25 Mar 2021 14:39:25 +0100 Subject: [PATCH] synapse: add mail config (currently broken) tl;dr: mail config works, but on trying to send mail synapse gets rejected by postfix for using a too-old version of tls, as apparently tls in twisted (the python library used for mail in synapse) is just hardcoded to v1, which our postfix rejects. ``` postfix/smtpd[9737]: warning: TLS library problem: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol:ssl/statem/statem_srvr.c:1685: synapse[9211]: synapse.handlers.identity: [POST-41] Error sending threepid validation email to stuebinm@hacc.space Traceback (most recent call last): File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/handlers/identity.py", line 382, in send_threepid_validation await send_email_func(email_address, token, client_secret, session_id) File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 207, in send_add_threepid_mail await self.send_email( File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 349, in send_email await make_deferred_yieldable( twisted.mail._except.SMTPConnectError: Unable to connect to server. ``` This is a known issue [1], which should be fixed in the current version of twisted, which will be in the next version of synapse. [1] https://github.com/matrix-org/synapse/issues/6211 --- services/matrix-synapse.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/services/matrix-synapse.nix b/services/matrix-synapse.nix index 1b60a54..5c2a209 100644 --- a/services/matrix-synapse.nix +++ b/services/matrix-synapse.nix @@ -84,6 +84,19 @@ services.matrix-synapse = { enable = true; server_name = "hacc.space"; + extraConfigFiles = [ "/var/lib/matrix-synapse/secrets.yml" ]; + extraConfig = '' + public_baseurl: https://matrix.hacc.space + email: + smtp_host: mail.hacc.space + smtp_user: "noreply@infra4future.de" + smtp_port: 587 + notif_from: "Your Friendly %(app)s homeserver " + require_transport_security: true + enable_notifs: true + client_base_url: "https://element.hacc.space" + invite_client_location: "https://element.hacc.space" + ''; listeners = [ { port = 8008; bind_address = "::1";