This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
User directory search fails if your query has : in it #14815
Description
Hi, I have a fresh synapse installation as followed and are receiving the following error log when user is searching for other users on federated homeservers. In addition the server can currently not receive messages and establish a encrypted connection to other users. I personally think this may be related to my nginx reverse proxy as I want to use delgation. See nginx conf.d below as well.
System: Ubuntu 22.04.1 LTS
Nginx: nginx/1.23.1
/var/log/matrix-synapse/homeserver.log:
2023-01-11 10:49:54,837 - synapse.http.server - 124 - ERROR - POST-240 - Failed handle request via 'UserDirectorySearchRestServlet': <XForwardedForRequest at 0x7f345442f760 method='POST' uri='/_matrix/client/r0/user_directory/search' clientproto='HTTP/1.1' site='8008'>
Traceback (most recent call last):
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/http/server.py", line 307, in _async_render_wrapper
callback_return = await self._async_render(request)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/http/server.py", line 513, in _async_render
callback_return = await raw_callback_return
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/rest/client/user_directory.py", line 74, in on_POST
results = await self.user_directory_handler.search_users(
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/handlers/user_directory.py", line 99, in search_users
results = await self.store.search_user_dir(user_id, search_term, limit)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/databases/main/user_directory.py", line 890, in search_user_dir
await self.db_pool.execute(
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 1033, in execute
return await self.runInteraction(desc, interaction)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 882, in runInteraction
return await delay_cancellation(_runInteraction())
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/internet/defer.py", line 1693, in _inlineCallbacks
result = context.run(
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/python/failure.py", line 518, in throwExceptionIntoGenerator
return g.throw(self.type, self.value, self.tb)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 849, in _runInteraction
result = await self.runWithConnection(
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 977, in runWithConnection
return await make_deferred_yieldable(
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/python/threadpool.py", line 244, in inContext
result = inContext.theWork() # type: ignore[attr-defined]
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/python/threadpool.py", line 260, in <lambda>
inContext.theWork = lambda: context.call( # type: ignore[attr-defined]
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/python/context.py", line 117, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/python/context.py", line 82, in callWithContext
return func(*args, **kw)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/twisted/enterprise/adbapi.py", line 282, in _runWithConnection
result = func(conn, *args, **kw)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 970, in inner_func
return func(db_conn, *args, **kwargs)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 711, in new_transaction
r = func(cursor, *args, **kwargs)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 1027, in interaction
txn.execute(query, args)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 388, in execute
self._do_execute(self.txn.execute, sql, *args)
File "/opt/venvs/matrix-synapse/lib/python3.10/site-packages/synapse/storage/database.py", line 436, in _do_execute
return func(sql, *args, **kwargs)
psycopg2.errors.SyntaxError: syntax error in tsquery: "frr:t"
nginx config domain.com:
server {
server_name domain.com;
listen 443 ssl http2;
listen [::]:443 ssl http2;
merge_slashes off;
client_max_body_size 50M;
# SSL configuration
# RSA certificates
ssl_certificate /etc/letsencrypt/domain.com/rsa/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/domain.com/rsa/key.pem;
# ECC certificates
ssl_certificate /etc/letsencrypt/domain.com/ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/domain.com/ecc/key.pem;
# This should be ca.pem (certificate with the additional intermediate certificate)
# See here: https://certbot.eff.org/docs/using.html
# ECC
ssl_trusted_certificate /etc/letsencrypt/domain.com/ecc/ca.pem;
# Include SSL configuration
include /etc/nginx/snippets/ssl.conf;
# Include headers
include /etc/nginx/snippets/headers.conf;
# Disable error and access log.
# This way, no IP will be logged by nginx
#access_log off;
#error_log off;
# If you don't wanna serve a site, comment this out
#root /var/www/html;
#index index.html index.htm;
# Redirect
location ~ ^(/_matrix|/_synapse/client) {
return 301 "https://m.domain.com$request_uri";
}
# Client homeserver autodiscovery
location /.well-known/matrix/client {
return 200 '{ "m.homeserver": { "base_url": "https://sub.domain.com" } }';
add_header Content-Type application/json;
add_header "Access-Control-Allow-Origin" *;
}
# Domain delegation
location /.well-known/matrix/server {
return 200 '{ "m.server": "sub.domain.com" }';
add_header Content-Type application/json;
}
}
nginx conf sub.domain.com:
server {
server_name sub.domain.com;
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 8448 ssl;
listen [::]:8448 ssl;
merge_slashes off;
client_max_body_size 20M;
# SSL configuration
# RSA certificates
ssl_certificate /etc/letsencrypt/sub.domain.com/rsa/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/sub.domain.com/rsa/key.pem;
# ECC certificates
ssl_certificate /etc/letsencrypt/sub.domain.com/ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/sub.domain.com/ecc/key.pem;
# This should be ca.pem (certificate with the additional intermediate certificate)
# See here: https://certbot.eff.org/docs/using.html
# ECC
ssl_trusted_certificate /etc/letsencrypt/sub.domain.com/ecc/ca.pem;
# Include SSL configuration
include /etc/nginx/snippets/ssl.conf;
# Include headers
include /etc/nginx/snippets/headers.conf;
# Disable error and access log.
# This way, no IP will be logged by nginx
#access_log off;
#error_log off;
# Increase timeout values
# Useful if rooms (on different server) act very slowly.
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# If you don't wanna serve a site, comment this out
#root /var/www/html;
#index index.html index.htm;
location ~ ^(/_matrix|/_synapse/client) {
proxy_pass http://127.0.0.1:8008;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Default Synapse upload size.
# If you change max_upload_size in Synapse config, update it here too.
client_max_body_size 50M;
}
}
yaml config files:
homeserver.yaml
# Configuration file for Synapse.
#
# This is a YAML file: see [1] for a quick introduction. Note in particular
# that *indentation is important*: all the elements of a list or dictionary
# should have the same indentation.
#
# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
#
# For more information on how to configure Synapse, including a complete accounting of
# each option, go to docs/usage/configuration/config_documentation.md or
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
#
# This is set in /etc/matrix-synapse/conf.d/server_name.yaml for Debian installations.
# server_name: "SERVERNAME"
pid_file: "/var/run/matrix-synapse.pid"
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
bind_addresses: ['::1', '127.0.0.1']
resources:
- names: [client, federation]
compress: false
database:
name: sqlite3
args:
database: /var/lib/matrix-synapse/homeserver.db
log_config: "/etc/matrix-synapse/log.yaml"
media_store_path: /var/lib/matrix-synapse/media
signing_key_path: "/etc/matrix-synapse/homeserver.signing.key"
trusted_key_servers:
- server_name: "matrix.org"
database yaml:
database:
name: psycopg2
args:
user: matrixdbuser
password: password
database: matrixdb
host: localhost
port: 5432
cp_min: 5
cp_max: 10
rooms.yaml
user_directory:
enabled: true
search_all_users: true
prefer_local_users: true
encryption_enabled_by_default_for_room_type: all
server.yaml
public_baseurl: https://sub.domain.com/
max_upload_size: 50M
url_preview_enabled: true
url_preview_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '192.0.0.0/24'
- '169.254.0.0/16'
- '192.88.99.0/24'
- '198.18.0.0/15'
- '192.0.2.0/24'
- '198.51.100.0/24'
- '203.0.113.0/24'
- '224.0.0.0/4'
- '::1/128'
- 'fe80::/10'
- 'fc00::/7'
- '2001:db8::/32'
- 'ff00::/8'
- 'fec0::/10'
enable_registration: false
registration_shared_secret: <REDACTED>
enable_metrics: false