Messenger
Introduction: MatrixSource: mytinydc
sudo su - apt-get update apt-get upgrade
nginx (reverse proxy)
Documentation for nginx.With root permissions install nginx as a reverse proxy:
apt-get install nginxtest: enter IP in Browser: "Welcome to nginx"!
remove nginx default page:
unlink /etc/nginx/sites-enabled/defaultcreate new reverse-proxy configuration:
cd /etc/nginx/sites-available nano reverse-proxy.confcontent:
server {
listen 80;
listen [::]:80;
server_name shadowmatrix.ydns.eu;
root /var/www/shadowmatrix.ydns.eu;
index index.html;
location / {
proxy_pass http://localhost:8008;
}
}
server {
listen 80;
listen [::]:80;
server_name shadowpage.ydns.eu;
root /;
index index.html;
location / {
proxy_pass http://192.168.6.4;
proxy_set_header Host $host;
}
}
server {
listen 80;
listen [::]:80;
server_name jordancosmetics.ydns.eu;
root /jc/;
index index.html;
location / {
proxy_pass http://192.168.6.4;
proxy_set_header Host $host;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}
activate:
ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conftest:
nginx -t && nginx -s reloadDepend on the domain length it could not build the server_names_hash, you should increase server_names_hash_bucket_size.
In this case, the directive value should be increased to the next power of two.
nano /etc/nginx/nginx.conf server_names_hash_bucket_size 64;done
Let’s Encrypt (SSL)
install certbot:apt install python3-certbot-nginx certbot --nginxenter e-mail address and then select a, y and 2
done
Automatically Renew Certificates
crontab -e 0 12 * * * /usr/bin/certbot renew --quietcrontab
Postgresql service installation (database)
install postgresql and create user synapse and database synapse:apt install postgresql exit sudo -u postgres bash createuser synapse psql ALTER USER synapse WITH ENCRYPTED password 'synapse'; CREATE DATABASE synapse ENCODING "UTF8" LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse; \q exit sudo su - nano -w /etc/postgresql/13/main/postgresql.confcheck if is:
listen_addresses = 'localhost' password_encryption = scram-sha-256than restart
systemctl restart postgresqlTo allow new user acces edit:
nano /etc/postgresql/13/main/pg_hba.confJust after this line:
local all postgres peeradd this lines:
host synapse synapse 127.0.0.1/32 scram-sha-256 host synapse synapse ::1/128 scram-sha-256Reload the Postgresql configuration:
systemctl reload postgresqldone
Solve connection problems with recalculate password:
exit sudo -u postgres bash createuser synapse psql ALTER USER synapse WITH ENCRYPTED password 'synapse'; \q exit sudo su -and look at:
cat /var/log/postgresql/postgresql-13-main.logand:
systemctl status postgresql
Synapse/Matrix service installation
First some prerequisits:apt update && sudo apt upgrade -y apt install curl build-essential gcc make -y curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | shrestart shell
sudo su - apt -y install build-essential make python3 python3-dev python3-dev python3-virtualenv python3-pip python3-setuptools libffi-dev libpq-dev && python3-cffi zlib1g-dev libxml2-dev libxml2-dev libxslt1-dev libssl-dev libjpeg-dev python3-lxml virtualenv postgresql-server-dev-all mkdir -p /opt/synapse virtualenv -p python3 /opt/synapse/env cd /opt/synapse source /opt/synapse/env/bin/activate pip3 install --upgrade pip pip3 install --upgrade setuptools pip3 install six==1.13.0 #pip3 install cryptography==3.4.7 pip3 install cryptography==3.3 sudo apt-get install libssl-devand now install synapse:
pip3 install matrix-synapse[all]done
Config file
Create the config file:python3 -m synapse.app.homeserver --server-name matrix.my-wan.de --config-path homeserver.yaml --generate-config --report-stats=no deactivatedone
Configuration
nano /opt/synapse/homeserver.yamlCheck listeners:
bind_addresses: ['0.0.0.0']Comment the sqlite3 part:
#database: # name: sqlite3 # args: # database: /path/to/homeserver.dbUncomment the psycopg2 part:
database:
name: psycopg2
args:
user: synapse
password: synapse
database: synapse
host: localhost
port: 5432
cp_min: 5
cp_max: 10
save and config systemd:
addgroup synapse adduser --system --home /opt/synapse/ --no-create-home --disabled-password --shell /bin/nologin --ingroup synapse synapsedone
Create system file:
nano /etc/systemd/system/matrix-synapse.serviceWith this content:
[Unit] Description=Matrix Synapse service After=network.target [Service] Type=forking WorkingDirectory=/opt/synapse/ ExecStart=/opt/synapse/env/bin/synctl start ExecStop=/opt/synapse/env/bin/synctl stop ExecReload=/opt/synapse/env/bin/synctl restart User=synapse Group=synapse Restart=always StandardOutput=syslog StandardError=syslog SyslogIdentifier=synapse [Install] WantedBy=multi-user.targetService activation at server startup
systemctl enable matrix-synapsedone
Media storage directory and permissions:
mkdir /opt/synapse/media_store /opt/synapse/uploads chmod 770 /opt/synapse/media_store /opt/synapse/uploads chmod 755 /opt/synapse chown synapse:synapse /opt/synapse /opt/synapse/media_store /opt/synapse/uploadsdone
Starting the service
Enable continuous log reading:tail -f /var/log/syslog &Starting the Matrix service:
systemctl start matrix-synapseget started synapse.app.homeserver('homeserver.yaml')
end log reading:
fgCRTL+C
done
Last Setup
Domain name resolutionnano /etc/hostsadd:
192.168.6.6 matrix.my-wan.de 192.168.6.4 shadow.my-wan.de
sudo service matrix-synapse stop sudo service matrix-synapse startFirst account creation
/opt/synapse/env/bin/register_new_matrix_user -c /opt/synapse/homeserver.yaml http://matrix.my-wan.de:8008enter name, password and yes to make admin.
done
New User
register_new_matrix_user --config path/to/homeserver.yaml
Change password
cd /opt/synapse source /opt/synapse/env/bin/activate hash_password -p "mypw" -c "homeserver.yaml"hash_password.1.en.html
Remember hash password
deactivate sudo -u postgres bash psql -U postgres -W \c synapse SELECT * FROM users; update users set password_hash = 'EXAMPLE_HASH' where name = '@user:example.com';
Upgrading an existing Synapse
Upgrading SynapseQuestions/Problems
-
app.element.io settings add E-Mail
Adding an email to your account is disabled on this server (Status 400)
Solution1?
default_identity_server: https://matrix.org trusted_third_party_id_servers: - matrix.org - vector.im enable_3pid_lookup: true allowed_local_3pids: - medium: email pattern: '.*' - medium: msisdn pattern: '\+49Solution2?
It is desirable for Synapse to have the capability to send email. This allows Synapse to send password reset emails, send verifications when an email address is added to a user's account, and send email notifications to users when they receive new messages.
To configure an SMTP server for Synapse, modify the configuration section headed email, and be sure to have at least the smtp_host, smtp_port and notif_from fields filled out. You may also need to set smtp_user, smtp_pass, and require_transport_security.
If email is not configured, password reset, registration and notifications via email will be disabled.
postfix -
bridge to WhatsApp, Signal, etc?
-
Add to Federation
The Matrix Federation Tester -
Tel/Voice/Video
Source: TURN Server
github: install coturn and configuration
install TURN - external HD for media
Client
-
web: Element
Element Contact Sales - element-web hosting: github
- Desktop: element.io Get started.
- Create a self hosted Riot front end for Matrix
- knthost.com
- openhow2.de
Other tutorials
Matrixdotorg-->howtoforge.de
fediverse.blog
howtoforge Ubuntu 18.04 LTS
jo-so
lorem
decatec
Reverse-Proxy mit Nginx: Mehrere Server hinter einer IP per Subdomain ansprechen
cyberhost.uk