.well-known file location

1. Caddy version (caddy version):

2.5.2

2. How I run Caddy:

On a VPS

a. System environment:

Debian 10

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

matrix.dougfredericks.space {
  reverse_proxy /_matrix/* http://localhost:8008
  reverse_proxy /_synapse/client/* http://localhost:8008
}

dougfredericks.space:8448 {
  reverse_proxy http://localhost:8008
}

chat.dougfredericks.space {
  header {
        X-Frame-Options "SAMEORIGIN"
        X-XSS-Protection "1; mode=block"
        X-Content-Type-Options "nosniff"
        X-Robots-Tag "noindex, noarchive, nofollow"
  }

  root * /opt/element
  file_server
}

3. The problem I’m having:

I’m running a matrix-synapse server on a digital-ocean server. I used their “1-click” option to set it up. I’m not very familiar with Caddy unfortunately.

I need to have a “.well-known” directory added to the configuration and of course added to a directory on my server. If this were apache, it would set it up to go in /var/www, but with Caddy I don’t know how to create that direction.

4. Error messages and/or full log output:

“This server failed the ‘well-known’ check. Make sure the server is configured correctly.”

5. What I already tried:

Found answers for other web servers, just not for Caddy

6. Links to relevant resources:

1 Like

I just barely updated the docs for Synapse with regards to Caddy this week (plus I set it up myself). It’s super easy. Let me get back to you when I’m not mobile.

1 Like

Hi :wave:

Have a look at Nginx return directive in caddy -- return json - #3 by IndeedNotJames.
You technically don’t need the dougfredericks.space:8448 if you delegate via .well-known/matrix/server to { "m.server": "matrix.dougfredericks.space:443" }.

You would need to customize the handle_path from the linked post and add something like

dougfredericks.space {
	handle_path /.well-known/matrix/* {
		<all the other things>
	}
}

to your Caddyfile and you should be all set!

Hope that helps, but feel free to ask more questions :innocent:

3 Likes

Here’s my docs contribution to Synapse, still waiting to be merged:

Example from that PR:

example.com {
	header /.well-known/matrix/* Content-Type application/json
	header /.well-known/matrix/* Access-Control-Allow-Origin *
	respond /.well-known/matrix/server `{"m.server": "matrix.example.com:443"}`
	respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.example.com"},"m.identity_server":{"base_url":"https://identity.example.com"}}`
}

matrix.example.com {
    reverse_proxy /_matrix/* localhost:8008
    reverse_proxy /_synapse/client/* localhost:8008
}

You do not need a file server at all. The well-known “files” can be hard-coded into your config very easily.

1 Like

Works!

Side note for when I inevitably google this in a year or so :slight_smile: : I added this to my matrix-synapse yaml config file:
serve_server_wellknown: true

And revised by Caddyfile to:

matrix.dougfredericks.space {
  reverse_proxy /_matrix/* http://localhost:8008
  reverse_proxy /_synapse/client/* http://localhost:8008
}

dougfredericks.space:8448 {
  reverse_proxy http://localhost:8008
}

(matrix-well-known-header) {
    # Headers
    header Access-Control-Allow-Origin "*"
    header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
    header Content-Type "application/json"
}

dougfredericks.space {
    handle /.well-known/matrix/server {
        import matrix-well-known-header
        respond `{"m.server":"matrix.dougfredericks.space:443"}`
    }

    handle /.well-known/matrix/client {
        import matrix-well-known-header
        respond `{"m.homeserver":{"base_url":"https://matrix.dougfredericks.space"},"m.identity_server":{"base_url":"https://identity.dougfredericks.space"}}`
    }
}

chat.dougfredericks.space {
  header {
        X-Frame-Options "SAMEORIGIN"
        X-XSS-Protection "1; mode=block"
        X-Content-Type-Options "nosniff"
        X-Robots-Tag "noindex, noarchive, nofollow"
  }

  root * /opt/element
  file_server
}

Helpful link:
https://matrix-org.github.io/synapse/develop/reverse_proxy.html

Cool, glad you got it working. Note that it’s more complex than it has to be, as that’s using the old/current version of the docs. Refer to my PR linked above for something simpler. (If it doesn’t work, let me know)

1 Like