Page MenuHomePhabricator
Create Task
Maniphest T193961

Set up Matrix.org homeserver on the Wikimedia Cloud VPS
Open, MediumPublic
Actions

Description

The MediaWiki-Stakeholders-Group has been trialling Matrix for a while (see T186061), and it generally works pretty well, except it is very slow, which is not only annoying but causes errors in some cases (especially with the IRC bridge, where user joins are not synced in time so some messages are not displayed - a problem for T187634). The "default" Matrix.org network has undergone rapid growth and hardware did not keep up with it, so probably improving the speed is just a matter of not using the overloaded/under-resourced default server, and setting up our own homeserver (and IRC bridge) instead. This would also allow us to use Wikimedia identities instead of requiring yet another password.

Software to install:

Other requirements:

  • a domain name (would be nice to use matrix.wikimedia.org from start, probably not safe though)
  • public IP T315198

Other software (nice to have):

spantaleev/matrix-docker-ansible-deploy seems to provide most of these out of the box (with the exception of matterbridge), and a ton of other things.

Related Objects
Search...

Event Timeline

Tgr created this task.May 6 2018, 6:27 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 6 2018, 6:27 AM
Tgr added a parent task: T186061: Evaluate Matrix / Element as the recommended chat system for Wikimedia.May 6 2018, 6:27 AM
Tgr updated the task description. (Show Details)
Tgr updated the task description. (Show Details)May 6 2018, 8:15 AM
Tgr updated the task description. (Show Details)May 6 2018, 8:24 AM
Tgr mentioned this in T193964: Request creation of matrix VPS project.
Tgr added a subtask: T193964: Request creation of matrix VPS project.
Tgr renamed this task from Set up Matrix.org homeserver on the Wikimedia Cloud to Set up Matrix.org homeserver on the Wikimedia Cloud VPS.May 7 2018, 9:44 AM
Tgr updated the task description. (Show Details)
Chicocvenancio subscribed.May 13 2018, 12:06 PM
bd808 closed subtask T193964: Request creation of matrix VPS project as Resolved.Jun 1 2018, 11:07 PM
Tgr added a subscriber: bd808.Jun 2 2018, 2:51 PM
In T193964#4250027, @bd808 wrote:

The cloud-services-team and I want to be on record here that this project is for testing matrix, and should not be used to create a general purpose production instance. It would be nice to see documented acceptance criteria for your trial somewhere so that it will be easier to decide when things have advanced to a point where discussions with the SRE team about production hosting options are warranted.

Here is an attempt (numbers are somewhat random / made up, feedback welcome):

Matrix is a federated network so for most purposes it makes no difference whether we use the Matrix.org homeserver or one hosted in WM Cloud. There are two exceptions, testing which is the goal of this project:

  • speed
  • single sign-on

So those are the technical success criteria: working single sign-on (or agreement that it cannot be done with reasonable effort and it's OK to go without it) and decent speed (less than 1s completion time for most operations in most cases).
The social success criteria is 20% of IRCCloud / Slack users saying they see it as a viable alternative that's more in line with our values.

Chicocvenancio mentioned this in T190088: [Investigation] IRC bridge for Toolhub.Jun 8 2018, 5:01 PM
Vvjjkkii renamed this task from Set up Matrix.org homeserver on the Wikimedia Cloud VPS to ijdaaaaaaa.Jul 1 2018, 1:11 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii reopened subtask T193964: Request creation of matrix VPS project as Open.
Vvjjkkii added projects: CheckUser, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), Tamil-Sites, Gamepress, Hashtags, Jade, KartoEditor, Language-2018-Apr-June, New-Editor-Experiences, Mail, TCB-Team (now WMDE-TechWish).
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
CommunityTechBot renamed this task from ijdaaaaaaa to Set up Matrix.org homeserver on the Wikimedia Cloud VPS.Jul 2 2018, 4:25 PM
CommunityTechBot raised the priority of this task from High to Needs Triage.
CommunityTechBot closed subtask T193964: Request creation of matrix VPS project as Resolved.
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot removed projects: TCB-Team (now WMDE-TechWish), Mail, New-Editor-Experiences, Language-2018-Apr-June, KartoEditor, Jade, Hashtags, Gamepress, Tamil-Sites, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), CheckUser.
CommunityTechBot added a subscriber: Aklapper.
Chicocvenancio added a comment.Jul 4 2018, 1:04 PM

We now have a working, non-federated, still insecure Synapse instance at https://synapse.matrix.wmflabs.org:8448

New users have to be registred server side at matrix-synapse-01 with ~$ register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml https://localhost:8448

Then, any client can be used to connect to it. At https://riot.im/app/ that means using the custom server option with https://synapse.matrix.wmflabs.org:8448 , (and manually going to https://synapse.matrix.wmflabs.org:8448 and accepting the self-signed certificate for the time being).

This will not be the final instance setup, and I don't think it is wise to open it to public consumption yet. But I set it up to play with single sign-on and anyone who wants to test the speed difference is welcome to join.

Chicocvenancio added a comment.Jul 5 2018, 9:26 PM

I got a working OAuth_v1 password provider for mediawiki code at https://github.com/chicocvenancio/mediawiki-synapse-auth

My idea here is to only handle the last step in the OAuth dance on the password provider, it gets the request token and the oauth token and request an access token. Does that seem flawed to anyone?

Matrix has OAuth v2 on the spec, but it seems like a lot more upstream work to make compatible with OAuth v1, so using a password provider seems like a good way out until T125337. That does mean we can't make the full flow in the server, so my idea was to break the flow for the first steps in the client and then pass the request token to the synapse server.

Basic PoC is working for the server-side part.

Psychoslave subscribed.Aug 13 2018, 5:48 AM
MarkAHershberger subscribed.Aug 24 2018, 1:59 PM

Is the server communicating with others yet? If I use it will I only be connected with people on this server?

Chicocvenancio added a comment.Sep 18 2018, 2:58 PM
In T193961#4530070, @MarkAHershberger wrote:

Is the server communicating with others yet? If I use it will I only be connected with people on this server?

Yes, only with people on this server, it is not federated or bridged at all at this point.

Tgr mentioned this in T215042: Set up a hosted Matrix.org / Element instance on modular.im.Jan 31 2019, 10:16 PM
Tgr added a comment.Jan 31 2019, 10:20 PM

In the short term, we are going for a (temporary) hosted instance instead. Less effort to set up, trivial amounts of money and makes it possible to gauge organizational interest without expending too much effort first. See T215042: Set up a hosted Matrix.org / Element instance on modular.im.

Arkanosis awarded a token.Apr 22 2019, 9:38 PM
Arkanosis subscribed.
Tgr edited projects, added MediaWiki-Stakeholders-Group; removed MediaWiki-Stakeholders-Group-Technical.May 17 2019, 9:37 AM

Merging MediaWiki-Stakeholders-Group-Technical into MediaWiki-Stakeholders-Group

Tgr edited projects, added Matrix; removed WMF-General-or-Unknown, User-Tgr.May 19 2019, 4:07 PM
cicalese assigned this task to Tgr.Jul 30 2019, 11:36 PM
cicalese triaged this task as Medium priority.
cicalese moved this task from Needs Discussion to Doing on the MediaWiki-Stakeholders-Group board.
cicalese subscribed.

@Tgr we're updating the status of the MediaWiki-Stakeholders-Group tasks. If this is not accurate, please feel free to change it.

CCicalese_WMF changed the task status from Open to Stalled.Aug 2 2019, 4:06 PM
CCicalese_WMF moved this task from Doing to Stalled on the MediaWiki-Stakeholders-Group board.
Tgr removed Tgr as the assignee of this task.Aug 2 2019, 4:13 PM

This is not being actively worked on; we decided to go with T215042: Set up a hosted Matrix.org / Element instance on modular.im instead. That has mostly happened (the server is up), although the last few steps have stalled out due to me being otherwise occupied. Hopefully I can wrap it up after Wikimania.

elappen-WMF subscribed.Aug 16 2019, 9:35 PM
Tobias1984 subscribed.Oct 18 2019, 3:46 PM
Akuckartz awarded a token.Jun 14 2020, 4:08 PM
Akuckartz subscribed.
Akuckartz moved this task from Stalled to Needs Volunteer (Development) on the MediaWiki-Stakeholders-Group board.Jun 14 2020, 7:21 PM
Andrew reopened subtask T193964: Request creation of matrix VPS project as Open.Jun 17 2020, 4:18 PM
Andrew closed subtask T193964: Request creation of matrix VPS project as Resolved.Jan 13 2021, 3:05 PM
Tgr changed the task status from Stalled to Open.Jul 25 2022, 10:37 PM
Tgr added a subscriber: grin.

spantaleev/matrix-docker-ansible-deploy is an Ansible + Docker based Matrix setup, which includes most of the things one would want to set up alongside a Matrix server (Synapse + Element, push servers for phone + web notifications, identity server, integrations server, Jitsi + coturn for embedded video, all major bridges, a number of popular bots, monitoring, an admin frontend, backups...) - from my (very limited) knowledge of the ecosystem, this seems like the user-friendliest way of setting up matrix on WMCS. It's maintained by the folks behind etke.cc so there is a business model, making it likely that it will be maintained over time; also makes it easy to switch to a third-party SaaS setup if that works out better.

@grin since you are operating a Matrix server, if you are willing to share your experience, it would be great to hear your thoughts on this.

Tgr mentioned this in T254691: Consider hosting an instant messaging software.Jul 25 2022, 10:38 PM
Tobias1984 mentioned this in T230536: Write OAuth auth plugin for Synapse (Matrix).Jul 26 2022, 6:20 PM
Tgr mentioned this in T314271: Integrate Matrix chat with Wikipedia.Aug 1 2022, 6:35 AM
Tgr added a subtask: T315198: Request floating IP for matrix Cloud VPS project.Aug 15 2022, 12:38 AM
dcaro closed subtask T315198: Request floating IP for matrix Cloud VPS project as Resolved.Aug 15 2022, 3:33 PM
Tgr moved this task from Backlog to In progress on the Matrix board.Oct 15 2022, 10:14 AM
Tgr added a subtask: T320861: Redirect matrix.wmflabs.org Matrix domain to matrix.matrix.wmflabs.org.
Tgr added a parent task: T314271: Integrate Matrix chat with Wikipedia.Oct 15 2022, 10:16 AM
Tgr updated the task description. (Show Details)Oct 15 2022, 10:20 AM
Tgr updated the task description. (Show Details)
Tgr updated the task description. (Show Details)Oct 15 2022, 10:27 AM
Tgr updated the task description. (Show Details)Oct 15 2022, 3:28 PM
Tgr mentioned this in T251020: Registration on wikimedia.riot.im requires a wikimedia.org email address.Oct 15 2022, 4:10 PM
Tgr mentioned this in T246969: Set up a bridge between the WMF Modular.im instance and Libera.Oct 15 2022, 9:35 PM
JeanFred subscribed.Oct 29 2023, 9:45 PM
mirror-kt subscribed.Mar 7 2024, 10:53 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits