This is a complete guide on setting up Matrix (Synapse) and Element on a fresh Ubuntu 20.04 Server.
If your server is already setup feel free to skip.
Contents
What is Matrix?
Server Setup
Install UFW
Setup Sudo User
Install Docker
Install Matrix and Element
Create New Users
Reverse Proxy
Login
What is Matrix?
Matrix is an open standard and communication protocol for real-time communication. It aims to make real-time communication work seamlessly between different service providers, just like standard Simple Mail Transfer Protocol email does now for store-and-forward email service, by allowing users with accounts at one communications service provider to communicate with users of a different service provider via online chat, voice over IP, and videotelephony. Such protocols have been around before such as XMPP but Matrix is not based on that or another communication protocol. From a technical perspective, it is an application layer communication protocol for federated real-time communication. It provides HTTP APIs and open source reference implementations for securely distributing and persisting messages in JSON format over an open federation of servers. It can integrate with standard web services via WebRTC, facilitating browser-to-browser applications. Wikipedia
Server Setup
- Update:Â
sudo apt update && sudo apt upgrade
- Install automatic updates:Â
sudo apt install unattended-upgrades
- Change SSH Port:Â
sudo nano /etc/ssh/sshd_config
Remove the # infront of Port 22 and then change it (30000-50000 is ideal).
This is security though obsucurity which is not ideal but port 22 just gets abused by bots.
- Setup SSH Keys
- Restart SSH:Â
sudo systemctl restart sshd
- Install fail2ban:Â
sudo apt install fail2ban
Install UFW Firewall
- Install:Â
sudo apt install ufw
- Replace SSH-PORT to your SSH port:Â
sudo ufw allow <SSH-PORT>/tcp
- Allow HTTP/s traffic:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 8443/tcp
- Enable Firewall:Â
sudo ufw enable
Setup a sudo user
adduser <USERNAME>
- Add user to sudoersÂ
sudo adduser <USERNAME> sudo
Install Docker
Offical Docker Install: Ubuntu Debian
1.
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
4.sudo apt-get update
5. sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose
6. Create docker network:Â sudo docker network create --driver=bridge --subnet=10.10.10.0/24 --gateway=10.10.10.1 dockernet
Install Matrix and Element
- Create Matrix directory:Â
sudo mkdir matrix
- Use the following template:
sudo nano docker-compose.yaml
version: '2.3'
services:
postgres:
image: postgres:9.6.4
restart: always
networks:
default:
ipv4_address: 10.10.10.11
volumes:
- ./postgresdata:/var/lib/postgresql/data
# These will be used in homeserver.yaml later on
environment:
- POSTGRES_PASSWORD=STRONGPASSWORD
- POSTGRES_USER=synapse
element:
image: vectorim/element-web
restart: always
volumes:
- ./element-config.json:/app/config.json
networks:
default:
ipv4_address: 10.10.10.12
synapse:
image: matrixdotorg/synapse:latest
restart: "unless-stopped"
networks:
default:
ipv4_address: 10.10.10.13
port:
- "8443:8443"
volumes:
- ./synapse:/data
networks:
default:
external:
name: dockernet
- Create Element ConfigÂ
sudo nano element-config.json
Example Contents - Generate Synapse Config:
sudo docker run -it --rm \
-v "$HOME/matrix/synapse:/data" \
-e SYNAPSE_SERVER_NAME=matrix.example.com \
-e SYNAPSE_REPORT_STATS=yes \
matrixdotorg/synapse:latest generate
- Deploy:Â
sudo docker-compose up -d
Create New Users
- Access docker shell:Â
docker exec -it matrix_synapse_1 bash
register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008
- Follow the on screen prompts
To allow anyone to register an account set ‘enable_registration’ to true in the homeserver.yaml. This is NOT recomended.
Install Reverse Proxy (Caddy)
Caddy will be used for the reverse proxy, it will also automatically generate Let’s Encrypt Certificates.
echo "deb [trusted=yes] https://apt.fury.io/caddy/ /" \ | sudo tee -a /etc/apt/sources.list.d/caddy-fury.list
sudo apt update
sudo apt install caddy
- Head to your user directory:Â
cd
- Create Caddy file:Â
sudo nano Caddyfile
Use the following template:
matrix.example.com {
reverse_proxy 10.10.10.13:8008
}
matrix.example.com:8443 {
reverse_proxy 10.10.10.13:8008
}
element.example.com {
reverse_proxy 10.10.10.12:80
}
Additional Configuration (Optional)
- Enable the config:Â
caddy reload
Login
- Head to your element domain and login!