wechaty/matrix-appservice

a Matrix Server of the Wechaty Community

lprintf opened this issue · 22 comments

I plan to deploy a matrix server for the Wechaty Community.

In the plan, it should meet the following requirements:

  1. be accessible within and outside China at the beginning;(oversea vps)
  2. can add contacts from other matrix servers(federation function);

and the following issues need to be discussed:

  • Whether to open registration and email verification functions. (It is easy to cause the server to be abused, but it is easy to promote.)
  • Whether to deploy on a vps. (Easy to apply for resources and maintain, poor scalability
  • Whether to open the web client (element):
    • Whether to add CDN service (the element static file is relatively large).

@huan ,please check the following items:

  • to open registration and email verification functions. (It is easy to cause the server to be abused, but it is easy to promote the matrix server.)
  • to deploy on a vps. (Easy to apply for resources and maintain, poor scalability
  • to open the web client (element):
    • to add CDN service to it (the element static file is relatively large).
  • to use matrix.chatie.io as the domain of this server.
huan commented

Hi @545641826 , thank you very much for planning the Matrix service for the Wechaty community!

We can open for all features for our new Matrix service when we are in the alpha stage, and we can decide how to optimize it after everything has been set.

I'd like to suggest that we can use a VPS in Singapore, please let me know what's your next step/action.

BTW: It would be great if there can be any sponsorship for the Matrix cloud resource to the Wechaty community (kindly ping @ericmigi in case you might interested). If there's no sponsorship from outside, the Wechaty community can set up one.

OK, I got it. In the next step, I plan to try to build a new matrix locally and migrate to a test server to run for a period of time. I hope to accumulate some migration experience through this method and move it to the official server before the 12th. If it is deployed on a single vps at the beginning, there is a high probability that several data migrations will be required after the number of users increases.
At the same time, I will also try to negotiate related matters with Eric.

I need an overseas test server to bypass the 433 port limit. (Depends on port 433 and port 7777, and a few MB of hard disk space.)
And I also need to trouble you to do some DNS configuration. I have sent you the parsing configuration in WeChat.

happy to sponsor the server!

thank you for your support!

huan commented

@ericmigi It's great to know that you agree to sponsor the wechaty matrix server, and I believe this is a good start for both Wechaty community and Beeper company to build something together!

So what kind of the sponsorship do you prefer?

For example:, I think both of the following ways are all acceptable, we can discuss and pick a most convenience for both of Beeper and Wechaty:

  1. Beeper provide the VPS servers and related infrastructure to fulfill the requirement from Wechaty community.
  2. Beeper donate to Wechaty Open Collective as a Bronze Sponsor(suggested), then Wechaty community get all we need.

The server requirements can be discussed and decided with @545641826 , and I hope we can have a Matrix server setup for Wechaty community soon!

done! we are now a bronze sponsor

done! we are now a bronze sponsor

Thank you very much for your sponsorship!

@huan If necessary, We can consider deploying a matrix server based on Amazon S3 storage and PostgreSQL(SaaS) to get better scalability, usually at a more affordable price.

huan commented

@ericmigi Thank you very much for your contribution!

You are welcome to join Wechaty Contributor Program

1. Join Wechaty Organization

You've invited Eric Migicovsky to Wechaty! They'll be receiving an email shortly. They can also visit https://github.com/wechaty to accept the invitation.

I have invited you to join our Wechaty GitHub Organization, please accept it by following the above message. (See also: wechaty/PMC#16)

2. Update Your Wechaty Contributor Profile

  1. Please open Contributor Hall of Fame and add yourself to the end of the list, so that other contributors will know you better!
  2. Please add yourself to our Website Contributors by creating a PR and refer to this PR link as well.

3. Join The Contributor Only WeChat Room

We also have a WeChat room for contributors only which can discuss Wechaty at a deeper level, you are welcome to join and if you are interested.

Please add @lijiarui wechat: ruirui_0914 and send her this pr link. She will invite you into Wechaty Contributor Room

Cheers!

huan commented

I'm setting up our matrix server on Azure for the community now.

The plan is:

  1. VM size: Standard D2s v3 (2 vcpus, 8 GiB memory) - DNS name: matrix.chatie.io
  2. Data Disk size: Standard SSD LRS 128GB - mounted at /matrix
  3. Linux Debian 10 Buster

The following account will be created as the root team (sudo-enabled) for this server, as the same as the GitHub username, with the SSH pub key from GitHub as well:

  1. @huan
  2. @ericmigi
  3. @lprintf

RENAMED: The 545641826 GitHub username need to be changed to a valid Linux user account name before it can be created:

root@matrix:/home/huan# adduser 545641826
adduser: Please enter a username matching the regular expression configured
via the NAME_REGEX configuration variable.  Use the `--force-badname'
option to relax this check or reconfigure NAME_REGEX.

Virtual Machine

image

Size + Cost/month

image

Disk Size + Performance

image

Network Security Group

image

huan commented

@lprintf The Matrix server for the Wechaty community has been fully set up and ready to use.

Login by:

# login
$ ssh lprintf@matrix.chatie.io

# get root access
$ sudo su -

Please confirm that you can take all the server root managing privileges and the responsibilities for our Wechaty community by replying to this issue, then we will be good to go for setup the server.

Link to wechaty/summer#59

huan commented

Working in Progress (WIP)

  1. Troubleshoot outbound SMTP connectivity problems in Azure

    For VMs that are deployed in Enterprise Agreement subscriptions, the outbound SMTP connections on TCP port 25 will not be blocked. However, there is no guarantee that external domains will accept the incoming emails from the VMs. If your emails are rejected or filtered by the external domains, you should contact the email service providers of the external domains to resolve the problems. These problems are not covered by Azure support.

  2. Microsoft has restricted outbound SMTP (TCP 25) communication to the external world to specific subscriptions only. The purpose is to reduce/minimize negative IP reputation

Debug

root@matrix:/home# netstat -na | grep 25
tcp        0      0 0.0.0.0:8025            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN     
tcp6       0      0 :::8025                 :::*                    LISTEN     
tcp6       0      0 :::25                   :::*                    LISTEN     
unix  2      [ ACC ]     STREAM     LISTENING     2184522  /run/containerd/s/586fef6d4cf9916a5ac25038ec8dc4798b9ba5153a61b8f2c0ea68c0fcb89542
unix  2      [ ACC ]     STREAM     LISTENING     2197645  /run/containerd/s/98584955e7c9586899fb22ffda7ec72d7727d79eec8bf60421ec18f8aa25b6f9
unix  2      [ ACC ]     STREAM     LISTENING     2188206  /run/containerd/s/913a7da71bb7c8f1f0b470167bf940e0cb59df625f3c71c8eab5a6c70da744b1
unix  3      [ ]         STREAM     CONNECTED     2188218  /run/containerd/s/913a7da71bb7c8f1f0b470167bf940e0cb59df625f3c71c8eab5a6c70da744b1
unix  3      [ ]         STREAM     CONNECTED     2196978  /run/containerd/s/98584955e7c9586899fb22ffda7ec72d7727d79eec8bf60421ec18f8aa25b6f9
unix  3      [ ]         STREAM     CONNECTED     2184255  /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     2192537  
unix  3      [ ]         STREAM     CONNECTED     2184259  
unix  3      [ ]         STREAM     CONNECTED     2184250  /run/systemd/journal/stdout
unix  2      [ ]         DGRAM                    861125   
unix  3      [ ]         DGRAM                    10425    
unix  3      [ ]         STREAM     CONNECTED     2184534  /run/containerd/s/586fef6d4cf9916a5ac25038ec8dc4798b9ba5153a61b8f2c0ea68c0fcb89542
unix  3      [ ]         STREAM     CONNECTED     2190725  
root@matrix:/home# ^C
root@matrix:/home# ls
ericmigi  huan  lprintf
root@matrix:/home# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 matrix-mailer ESMTP Exim 4.94.2 Sat, 07 Aug 2021 08:46:43 +0000
HELO matrix.wechaty.cf
250 matrix-mailer Hello matrix.wechaty.cf [172.18.0.1]
MAIL FROM: huan@wechaty.cf
250 OK
RCPT TO: zixia@zixia.net
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Subject: test from matrix.wechaty.cf

Hello wechaty.cf
.
250 OK id=1mCHz2-00001l-B2
QUIT
221 matrix-mailer closing connection
Connection closed by foreign host.
root@matrix:/home# 

Support Case

image

Update (Aug 12, 2021)

The outgoing port 25 should have been opened.

image

Try on azure server:

$ nc -v 203.205.232.191 25
203.205.232.191: inverse host lookup failed: Unknown host
(UNKNOWN) [203.205.232.191] 25 (smtp) : Connection timed out

It should be: (on my local mac)

$ nc -v 203.205.232.191 25
Connection to 203.205.232.191 port 25 [tcp/smtp] succeeded!
220 bizmx2.qq.com MX QQ Mail Server
^C

Update: Aug 27

Hello Huan,

Greetings for the day!

As informed in the earlier email, I would suggest you to kindly START and STOP the VM and try sending the email.

Also, DONOT RESTART the VM.

If the issue still persists please do let me know I will be happy to help.

Awaiting your response.

Best Regards,

A.Haritha |Support Engineer|Azure Subscription Management Support

After stop then starts the VM, the port 25 finally works!

$ nc -v mx1.qq.com 25

Warning: inverse host lookup failed for 162.62.116.184: Unknown host

mx1.qq.com [162.62.116.184] 25 (smtp) open

220 newxmmxsza96.qq.com MX QQ Mail Server.

^]q

502 Invalid input from 9.131.170.3 to newxmmxsza96.qq.com

Okay, I got that the local STMP service is okay, it may be the 163 mailbox problem. After using QQ's STMP, it started to work. Thank you!

Can we start promoting the site? Or we need to do other operations before this.

huan commented

I believe you can take full responsibility for the site, so please feel free to promoting the site whenever you feel it's ready to go!

As the creator and maintainer of the site, I hope you can help our Wechaty community to have a good time for playing with the Matrix services.

Okay, I got it.

The server doesn't seem to be reachable now. Are there any future plans to bring it back online?