![UNDERWORLD [UWD]](/user/themes/quark/images/logo/Fedivers2.png){kind=logo}
OS : Debian10
Objectif : Installer un serveur MATRIX-synapse.
apt install -y lsb-release wget apt-transport-https
wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/matrix-org.list
apt update && apt upgrade
apt install matrix-synapse-py3
systemctl enable matrix-synapse.service
systemctl start matrix-synapse.service
apt install postgresql python3-psycopg2 autopostgresqlbackup
su postgres
postgres=# CREATE USER "username" WITH PASSWORD 'password';
postgres=# CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER "username";
vi /etc/matrix-synapse/homeserver.yaml
database:
name: psycopg2
args:
user: <user>
password: <pass>
database: <db>
host: <host>
cp_min: 5
cp_max: 10systemctl restart matrix-synapse.service
ss -plntu
Accedez à votre instance Matrix-Synapse avec votre navigateur : http://192.168.xxx.yyy:8008
Vous devriez arriver sur une page indiquant : "It works! Synapse is running"
Matrix-Synapse est un serveur. Il vous faut un client pour l'utiliser.
register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008
tail -f /var/log/matrix-synapse/homeserver.log
###matrix.underworld.fr###
server {
server_name matrix.underworld.fr;
listen 80;
location /.well-known {
alias /var/www/cert/matrix.underworld.fr/.well-known;
}
location /.well-known/matrix {
alias /var/www/matrix;
}
location / {
rewrite / https://matrix.underworld.fr;
access_log /var/log/nginx/matrix.underworld.fr.log;
}
}
server {
server_name matrix.underworld.fr;
listen 443 http2;
ssl on;
ssl_certificate /etc/letsencrypt/live/matrix.underworld.fr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/matrix.underworld.fr/privkey.pem;
ssl_dhparam /etc/nginx/dh.pem;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES;
ssl_prefer_server_ciphers on;
location /.well-known {
alias /var/www/cert/matrix.underworld.fr/.well-known;
}
location /.well-known/matrix {
alias /var/www/matrix;
}
location / {
proxy_pass http://192.168.xxx.yyy:8008;
proxy_set_header X-Forwarded-For $remote_addr;
access_log /var/log/nginx/matrix.underworld.fr.log;
}
location /_matrix {
proxy_pass http://192.168.xxx.yyy:8008;
proxy_set_header X-Forwarded-For $remote_addr;
access_log /var/log/nginx/matrix.underworld.fr.log;
}
}Enregistrement DNS requis permettant de signaler le port "server" aux autres instances [MATRIX]
_matrix._tcp.underworld.fr. 3600 IN SRV 10 5 443 matrix.underworld.fr.Alternative : Créer un fichier https://matrix.underworld.fr/.well-known/matrix/server contenant:
{
"m.server": "matrix.underworld.fr:443"
}vi /etc/matrix-synapse/homeserver.yaml
Parametrage specifique à l'instance
public_baseurl: https://matrix.underworld.fr
registration_shared_secret: monautresecretsecret
enable_registration: true
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
bind_addresses: ['192.168.xxx.yyy']
resources:
- names: [client, federation]
compress: false
admin_contact: 'mailto:admin@underworld.fr'Parametrage pour serveur TURN
#PERSO
turn_uris: [ "turn:turn.underworld.fr:5349?transport=udp", "turn:turn.underworld.fr:5349?transport=tcp" ]
turn_shared_secret: monsecretsecretsecret
turn_user_lifetime: 86400000
turn_allow_guests: TrueParametrage pour serveur SMTP en localhost
#PERSO
email:
enable_notifs: false
smtp_host: "localhost"
smtp_port: 25
require_transport_security: false
notif_from: "Your Friendly %(app)s Home Server <admin@underworld.fr>"
app_name: Underworld Matrix
notif_for_new_users: true
riot_base_url: "https://riot.underworld.fr"
validation_token_lifetime: 1h
notif_template_html: notif_mail.html
notif_template_text: notif_mail.txt
expiry_template_html: notice_expiry.html
expiry_template_text: notice_expiry.txt