It’s a piece of cake for end users. It makes me really jealous lol. Just keep in mind that I’m making that claim based on using the ansible playbook that deploys synapse + element call and an element web UI. Some of our users like to use some combination of a web, desktop and mobile app. So having that come setup after deploying the playbook was really nice. The hard part for end users (for us at least since we’re running a private, defederated server) is pointing the client to the right URL. I made a PDF with a bunch of step by step instructions for how people can login with all of the apps.
That ansible playbook did make deployment much easier, but it’s still a ton of reading because of what a complex stack of tech is actually required to run a matrix chat server. I had originally tried doing it with a bigass docker compose file, and manually configuring all the reverse proxies. After two days of failing to get that working, I went with the playbook. It’s much easier than doing it completely DIY.
The only real difficulty I foresee with users down the line is what happens when people lose their recovery keys. Obviously there’s ways to log back in, but people probably won’t appreciate losing access to chat history. We’ll see how it goes, but generally the onboarding process is really easy. And it can be made easier by the fact that admins can just create users, so the whole registration process is optional.
The only real difficulty I foresee with users down the line is what happens when people lose their recovery keys.
Yes, the possibility of someone losing their recovery codes is a risk shared by practically all e2ee systems, authenticators, etc. (Have you backed up your Steam Guard recovery codes?) When a user is the only one with access to their secrets, they are also the only one who can be responsible for them.
This is part of why I suggested in my top-level comment that admins coming from Discord leave end-to-end encryption disabled when creating their first Matrix rooms. This keeps things simpler while their users get acquainted with Matrix, and reduces the consequences if someone loses their account recovery key. The point-to-point HTTPS encryption between client and server will still be in place, providing the same level of protection that Discord offers. End-to-end encryption can always be added to a room later, once everyone is familiar with the new environment.
It’s a piece of cake for end users. It makes me really jealous lol. Just keep in mind that I’m making that claim based on using the ansible playbook that deploys synapse + element call and an element web UI. Some of our users like to use some combination of a web, desktop and mobile app. So having that come setup after deploying the playbook was really nice. The hard part for end users (for us at least since we’re running a private, defederated server) is pointing the client to the right URL. I made a PDF with a bunch of step by step instructions for how people can login with all of the apps.
That ansible playbook did make deployment much easier, but it’s still a ton of reading because of what a complex stack of tech is actually required to run a matrix chat server. I had originally tried doing it with a bigass docker compose file, and manually configuring all the reverse proxies. After two days of failing to get that working, I went with the playbook. It’s much easier than doing it completely DIY.
The only real difficulty I foresee with users down the line is what happens when people lose their recovery keys. Obviously there’s ways to log back in, but people probably won’t appreciate losing access to chat history. We’ll see how it goes, but generally the onboarding process is really easy. And it can be made easier by the fact that admins can just create users, so the whole registration process is optional.
Yes, the possibility of someone losing their recovery codes is a risk shared by practically all e2ee systems, authenticators, etc. (Have you backed up your Steam Guard recovery codes?) When a user is the only one with access to their secrets, they are also the only one who can be responsible for them.
This is part of why I suggested in my top-level comment that admins coming from Discord leave end-to-end encryption disabled when creating their first Matrix rooms. This keeps things simpler while their users get acquainted with Matrix, and reduces the consequences if someone loses their account recovery key. The point-to-point HTTPS encryption between client and server will still be in place, providing the same level of protection that Discord offers. End-to-end encryption can always be added to a room later, once everyone is familiar with the new environment.