stratself

Use the –resolve flag e.g. curl --resolve matrix.example.com:8008:127.0.0.1 https://matrix.example.com:8008/

Why is there two nginx containers? Can you do nginx1 --> continuwuity?

Does continuwuity show any logs? What about nginx? Check Element Web’s devtools, does the 499’d network request say anything of note?

Maybe have a chat in the support room

If you are running a conduit fork, what is your reason for leaving conduit, and if you are running conduit, why didn’t you switch?

Conduwuit (predecessor of Continuwuity and Tuwunel) hard-forked fron Conduit and introduced breaking database changes. That is a significant people don’t easily “switch over”

It may be slow in development, taking a bit longer to implement a new feature, but not too much longer.

I would say its pace of development is very slow compared to the pace of Matrix in general. But if you only want the barebones features, you can use it.

Or am I missing something the others have to offer?

Feature-wise, Continuwuity offers email support, single-use registration token, policy server integration, user suspending, a ton more of admin commands, and some extra endpoints for Element Call. It is also actively working on OIDC-OAuth (so you can login with your IDP), and an ecosystem-wide Admin API. It also has an active community. I can’t speak for the other fork.

Lastly, I don’t think anyone “hate” conduit, the project is alright. It’s just not the topmost option.

As to answer your questions, threaded conversations are mostly a client issue. The UX for them are still not very good so not a lot of people use it.

SSO/Auth is actually quite hard to support. There’s the “legacy SSO” option which is deprecated in favor of native OIDC, and afaict only Synapse supports it for now. But Continuwuity is activeltly working on it.

Taildrop if you use Tailscale.

<offtopic> It’d be nice if there’s a Syncthing built into Tailscale or some of the mesh VPN solutions. Taildrop is good but it’s not entire directory sync with proper conflict resolution.

Surely I can use Syncthing inside Tailscale but 1. I have to depend on their public discoservers, or 2. I have to host and configure the discoserv myself for every client which is tedious to do </offtopic>

FWIW, you can use Headscale’s embedded DERP server, or host your own. They need a STUN port and an HTTPS port

Ntfy can send/receive notifications to/from the phone. You can selfhost it or use a public instance. For the healthcheck app, consider Uptime Kuma as it has ntfy integration. But a simple cron script that monitors + cURLing ntfy when it fails could also be used.

• Why do you want your own Lemmy instance? Can’t you just create a community on another instance?
• May not be the answer you want, consider exposing your laptop’s service(s) via Cloudflare Tunnels. That’s the best way if you don’t have an exposable public IP.
• Lemmy and other services will make outbound requests and leak your residential IP. If this is a problem for you, you should proxy outbound traffic on the machine
• Have you considered Oracle but in another region? Or do they geo-restrict you?
• For questionable content, look onto moderation tooling for Lemmy. Keep watch on your media folder(s) regularly and delete offensive ones

Protocol-wise, OIDC is generally the most supported out there. LDAP too, to an extent.

Software wise, I find Kanidm quite simple to set up (basically just one container). It’s mostly managed via the terminal though, and lacks some eyecandy. But some of the examples in its docs should be easy to follow and get you familiar with mapping scopes/groups between Kanidm and services.

Authelia is okay too

I’m running continuwuity, and ejabberd as text-only IM servers to talk to some communities. The latter (and XMPP in general) has more moving parts (more ports, SRV records, etc) to set up, but messages deliver much faster and take much less resources. They’d probably both run fine on a VPS with the proper tweaks anyhow - the Rust-based server makes Matrix actually not suck after all

For bridges, I’ve used maunium-discord as a Matrix bridge in the past, and trying out slidcord right now. I think Matrix bridges still got better UI/UX due to more supported features (spaces/threads) and coherent clients, though let it be known Slidge is a hobbyist project. If your chat server is mainly for bridges, stick to Matrix and consider disabling federation. Also Matrix if you’d like your friends to switch over from Discord - it has more Discordesque features like custom emojis/stickers and SFU-backed group calls

Though this doesn’t mean I’m unrecommending XMPP. I do appreciate its clients’ snappiness, in-band notifications, and unrivaled efficiency. I kinda wanna write a blogpost comparing both software and protocols, but right now I don’t have an opinion about one over the other. They’re both cool albeit they both leak different metadata differently

YOU WILL NEED TO UPDATE AGAIN!

There is another vulnerability making the rounds with details pending embargo. Please update to the latest version (again)

• continuwuity: v0.5.1
• tuwunel: v1.4.9
• conduit: v0.10.11
• grapevine: commit 0aae932

• DNS adjustments aren’t needed if you do .well-known delegations which is easier
• Can recommend continuwuity, it runs much better on less resources. Lacks certain features compared to Synapse but overall good
• Notifications (and read markers) depend on client-specific black magic to work
• Federation do sometimes silent-fail completely, you can reset continuwuity’s cache when that happens. But full room history convergence needs patience
• Don’t join large rooms unless your server can handle the load
• Don’t host public rooms without modbots

The many small bugs make Matrix still bad - I wouldn’t recommend a non-tech user unless accompanied by a 24/7 admin. It is trying to improve but very slow because of reasons

Should’ve specifically asked the operators/hosters if they need a better answer. But this has more engagement so