diff --git a/README.md b/README.md index cca299c9..d4d76e6c 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Artifacts](https://github.com/girlbossceo/conduwuit/actions/workflows/ci.yml/bad -Visit the [Conduwuit documentation](https://conduwuit.puppyirl.gay/) for more +Visit the [conduwuit documentation](https://conduwuit.puppyirl.gay/) for more information. @@ -23,9 +23,9 @@ to communicate with users outside of Matrix, like a community on Discord. #### What is the goal? -An efficient Matrix homeserver that's easy to set up and just works. You can -install it on a mini-computer like the Raspberry Pi to host Matrix for your -family, friends or company. +A high-performance and efficient Matrix homeserver that's easy to set up and +just works. You can install it on a mini-computer like the Raspberry Pi to +host Matrix for your family, friends or company. #### Can I try it out? @@ -42,9 +42,28 @@ transfem.dev is also listed at #### What is the current status? -conduwuit is a hard fork of Conduit which is in beta, meaning you can join and -participate in most Matrix rooms, but not all features are supported and you -might run into bugs from time to time. +conduwuit is technically a hard fork of Conduit, which is in Beta. The Beta status +initially was inherited from Conduit, however overtime this Beta status is rapidly +becoming less and less relevant as our codebase significantly diverges more and more. + +conduwuit is quite stable and very usable as a daily driver and for a low-medium +sized homeserver. There is still a lot of more work to be done, but it is in a far +better place than the project was in early 2024. + +#### How is conduwuit funded? Is conduwuit sustainable? + +conduwuit has no external funding. This is made possible purely in my freetime with +contributors, also in their free time, and only by user-curated donations. + +conduwuit has existed since around November 2023, but [only became more publicly known +in March/April 2024](https://matrix.org/blog/2024/04/26/this-week-in-matrix-2024-04-26/#conduwuit-website) +and we have no plans in stopping or slowing down any time soon! + +#### Can I migrate or switch from Conduit? + +conduwuit is a complete drop-in replacement for Conduit. As long as you are using RocksDB, +the only "migration" you need to do is replace the binary or container image. There +is no harm or additional steps required for using conduwuit. @@ -59,6 +78,10 @@ If you run into any question, feel free to #### Donate +conduwuit development is purely made possible by myself and contributors. I do +not get paid to work on this, and I work on it in my free time. Donations are +heavily appreciated! 💜🥺 + - Liberapay: - Ko-fi: - GitHub Sponsors: diff --git a/docs/deploying/generic.md b/docs/deploying/generic.md index 6c478d19..562ebd7e 100644 --- a/docs/deploying/generic.md +++ b/docs/deploying/generic.md @@ -13,18 +13,38 @@ what you need. Prebuilt fully static musl binaries can be downloaded from the latest tagged release [here](https://github.com/girlbossceo/conduwuit/releases/latest) or -`main` CI branch workflow artifact output. These also include Debian packages. +`main` CI branch workflow artifact output. These also include Debian/Ubuntu packages. + These binaries have jemalloc and io_uring statically linked and included with -them. +them, so no additional dynamic dependencies need to be installed. Alternatively, you may compile the binary yourself. We recommend using -Nix (or [Lix](https://lix.systems) to build conduwuit as this has the most guaranteed -reproducibiltiy and easiest to get a build environment and output going. +Nix (or [Lix](https://lix.systems)) to build conduwuit as this has the most guaranteed +reproducibiltiy and easiest to get a build environment and output going. This also +allows easy cross-compilation. + +You can run the `nix build -L .#static-x86_64-unknown-linux-musl-all-features` or +`nix build -L .#static-aarch64-unknown-linux-musl-all-features` commands based +on architecture to cross-compile the necessary static binary located at +`result/bin/conduit`. This is reproducible with the static binaries produced in our CI. Otherwise, follow standard Rust project build guides (installing git and cloning the repo, getting the Rust toolchain via rustup, installing LLVM toolchain + libclang for RocksDB, installing liburing for io_uring and RocksDB, etc). +## Migrating from Conduit + +As mentioned in the README, there is little to no steps needed to migrate +from Conduit. As long as you are using the RocksDB database backend, just +replace the binary / container image / etc. + +**Note**: If you are relying on Conduit's "automatic delegation" feature, +this will **NOT** work on conduwuit and you must configure delegation manually. +This is not a mistake and no support for this feature will be added. + +See the `[global.well_known]` config section, or configure your web server +appropriately to send the delegation responses. + ## Adding a conduwuit user While conduwuit can run as any user it is better to use dedicated users for @@ -91,13 +111,32 @@ sudo chmod 700 /var/lib/conduwuit/ ## Setting up the Reverse Proxy Refer to the documentation or various guides online of your chosen reverse proxy -software. A [Caddy](https://caddyserver.com/) example will be provided as this +software. There are many examples of basic Apache/Nginx reverse proxy setups +out there. + +A [Caddy](https://caddyserver.com/) example will be provided as this is the recommended reverse proxy for new users and is very trivial to use (handles TLS, reverse proxy headers, etc transparently with proper defaults). Lighttpd is not supported as it seems to mess with the `X-Matrix` Authorization header, making federation non-functional. If using Apache, you need to use -`nocanon` to prevent this. +`nocanon` in your `ProxyPass` directive to prevent this (note that Apache +isn't very good as a general reverse proxy). + +Nginx users may need to set `proxy_buffering off;` if there are issues with +uploading media like images. + +You will need to reverse proxy everything under following routes: +- `/_matrix/` - core Matrix C-S and S-S APIs +- `/_conduwuit/` - ad-hoc conduwuit routes such as `/local_user_count` and +`/server_version` + +You can optionally reverse proxy the following individual routes: +- `/.well-known/matrix/client` and `/.well-known/matrix/server` if using +conduwuit to perform delegation +- `/.well-known/matrix/support` if using conduwuit to send the homeserver admin +contact and support page (formerly known as MSC1929) +- `/` if you would like to see `hewwo from conduwuit woof!` at the root ### Caddy @@ -146,6 +185,9 @@ curl https://your.server.name/_conduwuit/server_version # If using port 8448 curl https://your.server.name:8448/_conduwuit/server_version + +# If federation is enabled +curl https://your.server.name:8448/_matrix/federation/v1/version ``` - To check if your server can talk with other homeservers, you can use the diff --git a/docs/turn.md b/docs/turn.md index d54398ae..12e7e3ae 100644 --- a/docs/turn.md +++ b/docs/turn.md @@ -21,6 +21,22 @@ These same values need to be set in conduwuit. See the [example config](configuration/examples.md) in the TURN section for configuring these and restart conduwuit after. +`turn_secret` must be set to your coturn `static-auth-secret`, or use +`turn_username` and `turn_password` if using legacy username:password +TURN authentication (not preferred). + +`turn_uris` must be the list of TURN URIs you would like to send to the client. +Typically you will just replace the example domain `example.turn.uri` with the +`realm` you set from the example config. + +If you are using TURN over TLS, you can replace `turn:` with `turns:` in the +`turn_uris` config option to instruct clients to attempt to connect to +TURN over TLS. This is highly recommended. + +If you need unauthenticated access to the TURN URIs, or some clients may be +having trouble, you can enable `turn_guest_access` in conduwuit which disables +authentication for the TURN URI endpoint `/_matrix/client/v3/voip/turnServer` + ### Run Run the [Coturn](https://hub.docker.com/r/coturn/coturn) image using