Difference between revisions of "Matrix-server"
(→Apache) |
|||
Line 136: | Line 136: | ||
version: '2.3' | version: '2.3' | ||
services: | services: | ||
− | + | # Hmmm - desktop app should not be run on the same server as matrix | |
− | + | # https://hub.docker.com/r/vectorim/element-web/ | |
− | + | # element: | |
− | + | # image: vectorim/element-web:latest | |
− | + | # restart: unless-stopped | |
+ | # volumes: | ||
+ | # - ./element-config.json:/app/config.json | ||
synapse: | synapse: | ||
container_name: synapse | container_name: synapse |
Latest revision as of 15:20, 16 February 2023
matrix-server logo | |
Maintainer | maintainer |
---|---|
Url | https://wiki.koozali.org |
Category | |
Tags | File, this, with, a, list, of, tags |
Maintainer
Status
23/02/2023 This is a work in progress and not yet complete
Version
Description
An open network for secure, decentralized communication Matrix is an open source project that publishes the Matrix open standard for secure, decentralised, real-time communication, and its Apache licensed reference implementations. Maintained by the non-profit Matrix.org Foundation, we aim to create an open platform which is as independent, vibrant and evolving as the Web itself... but for communication. As of June 2019, Matrix is out of beta, and the protocol is fully suitable for production usage.
Installation
yum --enablerepo=smecontribs install smeserver-matrix-server
This installation depends on docker
https://wiki.koozali.org/Docker
These are how I did it manually.
mkdir -p /home/e-smith/files/docker/configs/data
Needs a fix. Need to check what docker assigns as user:group id
chmod 0777 /home/e-smith/files/docker/configs/data
This will open the port for federation:
config set matrix service access public status enabled TCPPort 8448
Set up a domain.
db domains set matrix.mydomain.net domain\ Content Primary\ Description Matrix\ Nameservers localhost\ TemplatePath ProxyPassVirtualMatrix\ letsencryptSSLcert enabled
Apache
Note to self - this looks good inormation
mkdir -p /etc/e-smith/templates/etc/httpd/conf/httpd.conf/ProxyPassVirtualMatrix touch template-begin touch template-end nano ProxyPassContent
Paste
{ if ($port eq "$httpPort") { $OUT .=<<_EVERYWHERE; <VirtualHost 0.0.0.0:80> ServerName matrix.mydomain.net DocumentRoot /home/e-smith/files/ibays/Primary/html RewriteEngine on RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.* RewriteRule ^/.well-known/acme-challenge(/.*|\$) https://%{HTTP_HOST}/.well-known/acme-challenge\$1 [L,R] RewriteRule ^/(.*|\$) https://%{HTTP_HOST}/\$1 [L,R] </VirtualHost> _EVERYWHERE $OUT .=<<_THERE;
Listen 8448
<VirtualHost 0.0.0.0:8448> SSLEngine on ServerName matrix.mydomain.net RequestHeader set "X-Forwarded-Proto" "https" AllowEncodedSlashes NoDecode ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix </VirtualHost> _THERE } if ($port eq "$httpsPort"){ $OUT .=<<_HERE; <VirtualHost 0.0.0.0:443> SSLEngine on ServerName matrix.mydomain.net ProxyPass /.well-known/acme-challenge/ ! DocumentRoot /home/e-smith/files/ibays/Primary/html RequestHeader set "X-Forwarded-Proto" "https" AllowEncodedSlashes NoDecode ProxyPreserveHost on ProxyPass /_matrix http://127.0.0.1:8008/_matrix nocanon ProxyPassReverse /_matrix http://127.0.0.1:8008/_matrix ProxyPass /_synapse/client http://127.0.0.1:8008/_synapse/client nocanon ProxyPassReverse /_synapse/client http://127.0.0.1:8008/_synapse/client <Location /> Require all granted </Location> <Location /.well-known/acme-challenge/> Require all granted </Location> </VirtualHost> _HERE } }
Check you have access to .acme-challenge/well-known and get your letsencrypt certificate.
nano /home/e-smith/files/docker/configs/docker-compose.yml
Paste this:
version: '2.3' services: # Hmmm - desktop app should not be run on the same server as matrix # https://hub.docker.com/r/vectorim/element-web/ # element: # image: vectorim/element-web:latest # restart: unless-stopped # volumes: # - ./element-config.json:/app/config.json synapse: container_name: synapse image: matrixdotorg/synapse:latest restart: unless-stopped volumes: - ./data:/data environment: SYNAPSE_SERVER_NAME: "matrix.mydomain.net" SYNAPSE_REPORT_STATS: "yes" ports: - 8008:8008 # This may vary - need to think abut this user: 991:991 # Experimental # This # network_mode: "host" # Or # networks: ["server"] #networks: # server: # external: true # However it may fixing the internal docker network and adding to 'LocalNetworks' # to allow local DNS lookups etc
nano /home/e-smith/files/docker/configs/element-config.json
Paste this content: https://develop.element.io/config.json
Remove "default_server_name": "matrix.org" from element-config.json
Paste this at the top of the file using your server name:
"default_server_config": { "m.homeserver": { "base_url": "https://matrix.example.com", "server_name": "matrix.example.com" }, "m.identity_server": { "base_url": "https://vector.im" } },
Generate synapse config:
docker-compose run --rm synapse generate
Do we need to edit the server name here? Check.
nano /home/e-smith/files/docker/configs/data/homeserver.yaml
Configuration
you can list the available configuration with the following command :
config show matrix
Some of the properties are not shown, but are defaulted in a template or a script. Here a more comprehensive list with default and expected values :
property | default | values | |
---|---|---|---|
DbName | matrix | string | for postgresql docker db |
DbPassword | GENERATED | string | for mysql db |
DbUser | none | string | for mysql db |
access | private | private, public | |
TCPPort | 8448 | variable | |
status | enabled | enabled,disabled |
Add Users
docker exec -it synapse bash register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008
For an admin user
register_new_matrix_user -a -c /data/homeserver.yaml http://localhost:8008
https://manpages.debian.org/testing/matrix-synapse/register_new_matrix_user.1.en.html
Update user password with postgresql
docker exec -it synapse /usr/local/bin/hash_password -c /data/homeserver.yaml UPDATE users SET password_hash = '<password-hash>' WHERE name = '@someone:server.com'
where <password-hash> is the hash returned by the docker command above
Alternative compose file
https://cyberhost.uk/element-matrix-setup/
docker network create --driver=bridge --subnet=10.10.10.0/24 --gateway=10.10.10.1 matrix_net
version: '2.3' services:
postgres: image: postgres:14 restart: unless-stopped networks: default: ipv4_address: 10.10.10.2 volumes: - ./postgresdata:/var/lib/postgresql/data
# These will be used in homeserver.yaml later on environment: - POSTGRES_DB=synapse - POSTGRES_USER=synapse - POSTGRES_PASSWORD=STRONGPASSWORD element: image: vectorim/element-web:latest restart: unless-stopped volumes: - ./element-config.json:/app/config.json networks: default: ipv4_address: 10.10.10.3 synapse: image: matrixdotorg/synapse:latest restart: unless-stopped networks: default: ipv4_address: 10.10.10.4 volumes: - ./synapse:/data networks: default: external: name: matrix_net
Generate synapse config:
docker-compose run --rm synapse generate
Comment homeserver.yaml
#database: # name: sqlite3 # args: # database: /data/homeserver.db
Add postgresql
database: name: psycopg2 args: user: synapse password: STRONGPASSWORD database: synapse host: postgres cp_min: 5 cp_max: 10
docker-compose up -d
Uninstall
yum remove smeserver-matrix-server matrix-server
Bugs
Please raise bugs under the SME-Contribs section in bugzilla
and select the smeserver-matrix-server component or use this link
Below is an overview of the current issues for this contrib:
Changelog
Only released version in smecontrib are listed here.