When port forwarding, you want that internal IP to be the internal address of the server on your LAN. That way, all port 443 traffic sent to your external ipv4 (as received by your router) is sent to whatever machine is hosting the web server or reverse proxy.

Regarding the www sub domain cname, idk what your registrar is doing but it’s common practice to redirected www to your base domain, or vise versa; so web visitors get a consistent experience whether they type www or not. It would probably be best to start fresh though

These are a decent overview

https://forum.hackliberty.org/t/why-we-abandoned-matrix-the-dark-truth-about-user-security-and-safety/224

https://disroot.org/blog/matrix-closure

I don’t agree with all of those points, but that’s the gist. The metadata issue is becoming a bigger factor. I hope things like katzenpost find massive success…

As for the ecosystem: Element and Synapse are really the only viable implementations. Fluffychat is okay on android but that’s about it; most lack features or are using outdated and vulnerable dependencies / are poorly maintained / etc.

But it’s not all negatives. One great thing about Matrix is how well they handle multiple devices. It’s also been a security weak point, but not too bad and has (relatively) excellent ux (depending on impl…)

My group has been tinkering with matrix but the ecosystem is such a mess that I think we’ll be going to xmpp-based solutions, and once the kinks are ironed out, migrating it to i2p

Not to go all conspiracy-nut, but it feels like the net (at least the social spaces) is decaying, and it feels intentional / coordinated.