====== Installing synapse on Debian ======
===== System requirements =====
===== Traffic Matrix =====
Matrix:
ANY to tcp/80
ANY to tcp/443
ANY to tcp/8448
XMPP:
TODO
IRC:
TODO
===== Federation settings =====
DNS record to add in ''lkw.tf''
_matrix._tcp IN SRV 0 0 8448 matrix.lkw.tf.
''https://lkw.tf/.well-known/matrix/server'' shall reply as follow
{"m.server": "matrix.lkw.tf:8448"}
===== Installing Synapse =====
# Add Matrix repo
apt-get update
apt-get install -y gpg
add-apt-repository https://matrix.org/packages/debian/
wget -qO - https://matrix.org/packages/debian/repo-key.asc | apt-key add -
apt-get update
apt-get install matrix-synapse git
# Update the Registration shared secret
SYNAPSE_SECRET=`cat /dev/urandom | tr -dc 'A-Za-z0-9' | fold -w 32 | head -n1`
sed -i "s/randomly_generated_string/$SYNAPSE_SECRET/g" /etc/matrix-synapse/homeserver.yaml
systemctl enable matrix-synapse
systemctl start matrix-synapse
===== Nginx =====
Paste the following in ''/etc/nginx/sites-available/example.com''.
server {
listen 80;
listen [::]:80;
root /var/www/html;
index index.html index.htm;
server_name example.com www.example.com;
location /_matrix {
proxy_pass http://localhost:8008;
}
location ~ /.well-known {
allow all;
}
}
===== Apache2 =====
ServerName matrix.lkw.tf
DocumentRoot /var/www/html
# Matrix reverse proxy
ProxyPass "http://localhost:8008"
ProxyPassReverse "http://localhost:8008"
# The part for Dehydrated
Include /etc/apache2/tls/dehydrated.conf
ServerName matrix.lkw.tf
DocumentRoot /var/www/html
SSLEngine On
Include /etc/apache2/tls/matrix.lkw.tf.conf
# Matrix reverse proxy
ProxyPass "http://localhost:8443"
ProxyPassReverse "http://localhost:8443"
===== TLS =====
Install dehydrated
apt-get install -y curl git openssl
git clone https://github.com/dehydrated-io/dehydrated
mkdir -p /etc/dehydrated
cp /usr/local/src/dehydrated/docs/examples/domains.txt /usr/local/src/dehydrated/docs/examples/hook.sh /usr/local/src/dehydrated/docs/examples/config /etc/dehydrated
mkdir -p /var/www/html/.well-known/acme-challenge
/usr/local/src/dehydrated/dehydrated -f /etc/dehydrated/config --register --accept-terms
echo "08 03 * * * root /usr/local/src/dehydrated/dehydrated -f /etc/dehydrated/config -c" > /etc/cron.d/dehydrated
CA="letsencrypt"
CHALLENGETYPE="http-01"
BASEDIR=/etc/dehydrated
DOMAINS_TXT="${BASEDIR}/domains.txt"
CERTDIR="${BASEDIR}/certs"
ALPNCERTDIR="${BASEDIR}/alpn-certs"
ACCOUNTDIR="${BASEDIR}/accounts"
WELLKNOWN="/var/www/dehydrated"
KEYSIZE="4096"
RENEW_DAYS="30"
PRIVATE_KEY_RENEW="yes"
KEY_ALGO=rsa
HOOK=/etc/dehydrated/hook.sh
LOCKFILE="${BASEDIR}/lock"
CHAINCACHE="${BASEDIR}/chains"
AUTO_CLEANUP="yes"
#!/usr/bin/env bash
exit_hook() {
# This hook is called at the end of the cron command and can be used to
# do some final (cleanup or other) tasks.
# Reload apache certs
$(which apache2ctl) configtest &> /dev/null && $(which systemctl) reload apache2 || echo "Failed to reload apache."
# Reload Synapse certs
cp /etc/dehydrated/certs/chat.example.com/fullchain.pem /etc/matrix-synapse/fullchain.pem
cp /etc/dehydrated/certs/chat.example.com/privkey.pem /etc/matrix-synapse/privkey.pem
$(which systemctl) restart matrix-synapse
}
HANDLER="$1"; shift
if [[ "${HANDLER}" =~ ^exit_hook$ ]]; then
"$HANDLER" "$@"
fi
===== Bridges =====
==== XMPP ====
==== IRC ====
==== APRS/IS ====
TODO
Matrix API doc: https://www.npmjs.com/package/mx-puppet-bridge
==== D-Star ====
TODO
==== DMR ====
TODO
===== References =====
https://www.digitalocean.com/community/tutorials/how-to-install-matrix-synapse-on-ubuntu-16-04