Introduction

mxisd is an implementation of the Matrix Identity Server which aims to provide an alternative to sydent and an external validation implementation of the Identity Service API.

mxisd is currently in read-only mode with a LDAP backend, allowing to lookup the Matrix ID from an arbitrary attribute.

Quick start

Requirements

JDK 1.8

Build

git clone https://github.com/kamax-io/mxisd.git
cd mxisd
./gradlew build

Configure

Create a new local config: cp application.example.yaml application.yaml

Edit application.yaml to your needs - at least provide the LDAP attributes
Edit an entity in your LDAP database and set the configure attribute with a Matrix ID (@johndoe:example.org)

Run

Start the server in foreground with configuration location info ./build/libs/mxisd --spring.config.location=../../

You should see a public key with curl http://localhost:8090/_matrix/identity/api/v1/pubkey/ed25519%3A0

You should see some JSON data with curl http://localhost:8090/_matrix/identity/api/v1/lookup?medium=email&address=johndoe@example.org

If you plan on testing the integration with a homeserver, you will need to run an HTTPS reverse proxy in front of it as the homeserver implementation seems to require a HTTPS connection to an ID server.

Install

Create a dedicated user: useradd -r mxisd

Create config directory: mkdir /etc/mxis
Change user ownership of /etc/mxis to dedicated user: chown mxisd /etc/mxis
Copy ./build/libs/mxisd to /usr/bin/mxisd: sudo cp ./build/libs/mxisd /usr/bin/mxisd
Copy (or create a new) ./application.yaml to /etc/mxis/mxisd.yaml
Configure /etc/mxis/mxisd.yaml with production value - key.path being the most important - /etc/mxis/signing.key is recommended
Copy main/systemd/mxisd.service to /etc/systemd/system/ and edit as needed
Enable service: systemctl enable mxisd
Start service: systemctl start mxisd

TODO

Deb package
Auto-discovery of matrix ids based on server name and username-like attribute

2.1 KiB Raw Blame History