br0tkasten.de
br0tkasten.de

Matrix Chat Server

Matrix Chat Server

Synpase

To install matrix.org reference server synapse on Alpine-Linux the following steps are neccessary. In my case alpine-linux is running within an LXC container on my server.

Install prerequisite packages

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17

apk add \
  python2 \
  py2-pip \
  py-setuptools \
  py-virtualenv \
  sqlite \
  py2-pysqlite \
  py2-psycopg \
  postgresql-dev \
  py2-cffi \
  libffi-dev \
  alpine-sdk \
  sqlite-dev \
  python2-dev \
  linux-headers \
  zlib-dev \
  jpeg-dev

install synapse

According to https://github.com/matrix-org/synapse#synapse-installation the recomendet installation procedure is within an python virtualenv environment.

1
2
3
4
5
6

virtualenv -p python2.7 /opt/synapse
. /opt/synapse/bin/activate
cd /opt/synapse
pip install --upgrade pip
pip install --upgrade setuptools
pip install https://github.com/matrix-org/synapse/tarball/master

create default configuration homeserver.yaml

1
2
3
4
5
6

python \
    -m synapse.app.homeserver \
    --server-name matrix.br0tkasten.de \
    --config-path homeserver.yaml \
    --generate-config \
    --report-stats=yes

start synapse

1
2

synctl start
open-rc start script

create system user

1
2

adduser -S matrix
chown -Rf matrix /opt/synapse

virtualenv wraper script

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

mkdir -p /opt/sbin
cat > /opt/sbin/synapse.sh << EOF
#!/bin/sh

. /opt/synapse/bin/activate

cd /opt/synapse
synctl start
EOF
chmod 0755 /opt/sbin/synapse.sh

open-rc init script

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

cat > /etc/init.d/synapse << EOF
#!/sbin/openrc-run

name=$RC_SVCNAME
command="/opt/sbin/synapse.sh"
command_user="matrix"
pidfile="/opt/synapse/homeserver.pid"

depend() {
       need net
}

start() {
    ebegin "Starting $name"
    start-stop-daemon --start \
        --user $command_user \
        --exec $command \
        --pidfile $pidfile 
    eend $?
}

stop() {
        ebegin "Stopping $name"
        start-stop-daemon --stop --user $command_user
        eend $?
}
EOF
chmod 0755 /etc/init.d/synapse

enable init script

1

rc-update add synapse

Administration

create user accounts

1

register_new_matrix_user -c homeserver.yaml http://matrix.br0tkasten.de:8008

Additional

Expose local LXC containers ports

Server-to-Server

For Server-to-Server connections on Port 8448 it is recommended to expose the port directly using portforwarding. On my server I used iptables for this portforwarding

1

iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 8448 -j DNAT --to-destination matrix.lxc.local:8448

Client connections

In my setup an apache vhost is acting as https reverse proxy.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

<VirtualHost 185.170.112.162:443>
    ServerName matrix.br0tkasten.de:443
    RewriteEngine on
    SSLEngine On
    SSLProtocol all
    SSLProxyEngine On

    SSLCertificateFile /etc/letsencrypt/live/matrix.br0tkasten.de/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/matrix.br0tkasten.de/privkey.pem

    CustomLog /var/log/httpd/matrix/access.log combined
    ErrorLog /var/log/httpd/matrix/error.log

    ProxyPreserveHost On
    ProxyRequests Off

    ProxyPass / http://matrix.lxc.br0tkasten.de:8008/
    ProxyPassReverse / http://matrix.lxc.br0tkasten.de:8008/
</VirtualHost>
0%