Messenger
how to forgeServer
-
Introduction: Matrix
Source: mytinydc -
Server: shadowmatrix.ydns.eu
- User: @[NAME]:shadowmatrix.ydns.eu
-
install RaspberryPi
sudo su - apt-get update apt-get upgrade
-
nginx (reverse proxy)
Documentation for nginx.
With root permissions install nginx as a reverse proxy:apt-get install nginx
test: enter IP in Browser: "Welcome to nginx"!
remove nginx default page:unlink /etc/nginx/sites-enabled/default
create new reverse-proxy configuration:cd /etc/nginx/sites-available nano reverse-proxy.conf
content:server { listen 80; listen [::]:80; server_name shadowmatrix.ydns.eu; root /var/www/shadowmatrix.ydns.eu; index index.html; location / { proxy_pass http://localhost:8008; } } server { listen 80; listen [::]:80; server_name shadowpage.ydns.eu; root /; index index.html; location / { proxy_pass http://192.168.6.4; proxy_set_header Host $host; } } server { listen 80; listen [::]:80; server_name jordancosmetics.ydns.eu; root /jc/; index index.html; location / { proxy_pass http://192.168.6.4; proxy_set_header Host $host; } } server { listen 80 default_server; listen [::]:80 default_server; root /var/www/html; index index.html index.htm index.nginx-debian.html; server_name _; location / { try_files $uri $uri/ =404; } }activate:ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
test:nginx -t && nginx -s reload
Depend on the domain length it could not build the server_names_hash, you should increase server_names_hash_bucket_size.
In this case, the directive value should be increased to the next power of two.nano /etc/nginx/nginx.conf server_names_hash_bucket_size 64;
done -
Let’s Encrypt (SSL)
install certbot:apt install python3-certbot-nginx certbot --nginx
enter e-mail address and then select a, y and 2
done
Automatically Renew Certificates
crontab -e 0 12 * * * /usr/bin/certbot renew --quiet
crontab -
Postgresql service installation (database)
install postgresql and create user synapse and database synapse:apt install postgresql exit sudo -u postgres bash createuser synapse psql ALTER USER synapse WITH ENCRYPTED password 'synapse'; CREATE DATABASE synapse ENCODING "UTF8" LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse; \q exit sudo su - nano -w /etc/postgresql/13/main/postgresql.conf
check if is:listen_addresses = 'localhost' password_encryption = scram-sha-256
than restartsystemctl restart postgresql
To allow new user acces edit:nano /etc/postgresql/13/main/pg_hba.conf
Just after this line:local all postgres peer
add this lines:host synapse synapse 127.0.0.1/32 scram-sha-256 host synapse synapse ::1/128 scram-sha-256
Reload the Postgresql configuration:systemctl reload postgresql
done
Solve connection problems with recalculate password:exit sudo -u postgres bash createuser synapse psql ALTER USER synapse WITH ENCRYPTED password 'synapse'; \q exit sudo su -
and look at:cat /var/log/postgresql/postgresql-13-main.log
and:systemctl status postgresql
-
Synapse/Matrix service installation
First some prerequisits:apt update && sudo apt upgrade -y apt install curl build-essential gcc make -y curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
restart shellsudo su - apt -y install build-essential make python3 python3-dev python3-dev python3-virtualenv python3-pip python3-setuptools libffi-dev libpq-dev && python3-cffi zlib1g-dev libxml2-dev libxml2-dev libxslt1-dev libssl-dev libjpeg-dev python3-lxml virtualenv postgresql-server-dev-all mkdir -p /opt/synapse virtualenv -p python3 /opt/synapse/env cd /opt/synapse source /opt/synapse/env/bin/activate pip3 install --upgrade pip pip3 install --upgrade setuptools pip3 install six==1.13.0 #pip3 install cryptography==3.4.7 pip3 install cryptography==3.3 sudo apt-get install libssl-dev
and now install synapse:pip3 install matrix-synapse[all]
done
Config file
Create the config file:python3 -m synapse.app.homeserver --server-name matrix.my-wan.de --config-path homeserver.yaml --generate-config --report-stats=no deactivate
doneConfiguration
nano /opt/synapse/homeserver.yaml
Check listeners:bind_addresses: ['0.0.0.0']
Comment the sqlite3 part:#database: # name: sqlite3 # args: # database: /path/to/homeserver.db
Uncomment the psycopg2 part:database: name: psycopg2 args: user: synapse password: synapse database: synapse host: localhost port: 5432 cp_min: 5 cp_max: 10save and config systemd:addgroup synapse adduser --system --home /opt/synapse/ --no-create-home --disabled-password --shell /bin/nologin --ingroup synapse synapse
done
Create system file:nano /etc/systemd/system/matrix-synapse.service
With this content:[Unit] Description=Matrix Synapse service After=network.target [Service] Type=forking WorkingDirectory=/opt/synapse/ ExecStart=/opt/synapse/env/bin/synctl start ExecStop=/opt/synapse/env/bin/synctl stop ExecReload=/opt/synapse/env/bin/synctl restart User=synapse Group=synapse Restart=always StandardOutput=syslog StandardError=syslog SyslogIdentifier=synapse [Install] WantedBy=multi-user.target
Service activation at server startupsystemctl enable matrix-synapse
done
Media storage directory and permissions:mkdir /opt/synapse/media_store /opt/synapse/uploads chmod 770 /opt/synapse/media_store /opt/synapse/uploads chmod 755 /opt/synapse chown synapse:synapse /opt/synapse /opt/synapse/media_store /opt/synapse/uploads
doneStarting the service
Enable continuous log reading:tail -f /var/log/syslog &
Starting the Matrix service:systemctl start matrix-synapse
get started synapse.app.homeserver('homeserver.yaml')
end log reading:fg
CRTL+C
doneLast Setup
Domain name resolutionnano /etc/hosts
add:192.168.6.6 matrix.my-wan.de 192.168.6.4 shadow.my-wan.de
sudo service matrix-synapse stop sudo service matrix-synapse start
First account creation/opt/synapse/env/bin/register_new_matrix_user -c /opt/synapse/homeserver.yaml http://matrix.my-wan.de:8008
enter name, password and yes to make admin.
done
New User
register_new_matrix_user --config path/to/homeserver.yaml
Change password
cd /opt/synapse source /opt/synapse/env/bin/activate hash_password -p "mypw" -c "homeserver.yaml"
hash_password.1.en.html
Remember hash passworddeactivate sudo -u postgres bash psql -U postgres -W \c synapse SELECT * FROM users; update users set password_hash = 'EXAMPLE_HASH' where name = '@user:example.com';
-
Upgrading an existing Synapse
Upgrading Synapsesudo su - cd /opt/synapse source /opt/synapse/env/bin/activate pip3 install --upgrade pip pip3 install pillow==10.4.0 pip install --upgrade matrix-synapse
Questions/Problems
-
app.element.io settings add E-Mail
Adding an email to your account is disabled on this server (Status 400)
Solution1?
default_identity_server: https://matrix.org trusted_third_party_id_servers: - matrix.org - vector.im enable_3pid_lookup: true allowed_local_3pids: - medium: email pattern: '.*' - medium: msisdn pattern: '\+49Solution2?
It is desirable for Synapse to have the capability to send email. This allows Synapse to send password reset emails, send verifications when an email address is added to a user's account, and send email notifications to users when they receive new messages.
To configure an SMTP server for Synapse, modify the configuration section headed email, and be sure to have at least the smtp_host, smtp_port and notif_from fields filled out. You may also need to set smtp_user, smtp_pass, and require_transport_security.
If email is not configured, password reset, registration and notifications via email will be disabled.
postfix -
bridge to WhatsApp, Signal, etc?
-
Add to Federation
The Matrix Federation Tester -
Tel/Voice/Video
Source: TURN Server
github: install coturn and configuration
install TURN - external HD for media
-
app.element.io settings add E-Mail
Client
-
web: Element
Element Contact Sales - element-web hosting: github
- Desktop: element.io Get started.
- Create a self hosted Riot front end for Matrix
- knthost.com
- openhow2.de
Other tutorials
Matrixdotorg-->howtoforge.de
fediverse.blog
howtoforge Ubuntu 18.04 LTS
jo-so
lorem
decatec
Reverse-Proxy mit Nginx: Mehrere Server hinter einer IP per Subdomain ansprechen
cyberhost.uk