docker/compose-matrix
Template
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4e80c7535fa9238b56ec1fb57f1fabd6f4e752d7
compose-matrix/README.md
anima 4e80c7535f add caddy config snippets
2024-07-12 21:22:37 +02:00

3.7 KiB
Raw Blame History

compose-matrix

Matrix Stack bestehend aus Matrix Server "Synapse" sowie dem Frontend "Element".

Inital setup

  1. Copy env file: cp env.sample .env
  2. Edit env file: nano .env
    1. Basedir: Full path to dir with compose file (important for swarm shares)
    2. Versionnumbers
    3. DB settings
    4. Domain! (no default)
  3. Genreate inital config for synapse:
    1. source .env
    2. docker run -it --rm -v --env-file .env ${BASEDIR:-.}/files/:/data -e SYNAPSE_SERVER_NAME=$DOMAIN -e SYNAPSE_REPORT_STATS=no matrixdotorg/synapse:latest generate
      • This generate certs and basic inital config (homeserver.yml) for $DOMAIN only for first setup needed

Postgress by default not in use!
Default DB is SQLite.

  1. (optional) Set db in config: nano $BASEDIR/files/synapse/homeserver.yaml

  2. Edit element config: nano files/element-config.json

    1. set "default_server_name" to your domain for Synapse
    2. set "m.homeserver" => "base_url" to your domain for Element
    3. Hint: by default connection to main servers of matrix.org is enabled
    4. Hint: by default jitsi (cloud!) is uses for group videocalls
      • Hint: Jisi can be selfhost (no templace exist atm)

  3. Run stack docker compose up

howto

enable registration

  1. edit homeserver.yaml
    1. set "enable_registration" to "True"
    2. set "enable_registration_without_verification" to "True" # note: maybe not comming soon..

For disable ... well you know, set "enable_registration" to "False"

create user via cli

  1. Import .env or set $DOMAIN manually
  2. Set env $USERNAME and $USERPASS oder replace it directly
source .env
docker exec -it matrix_app_1 register_new_matrix_user -u $USERNAME -p $USERPASS -a -c /data/homeserver.yaml $DOMAIN

caddy config

synapse

synapse.example.com {
    reverse_proxy /_matrix/* $IPOFDOCKERHOST:8008
    reverse_proxy /_synapse/client/* $IPOFDOCKERHOST:8008

    header {
        X-Content-Type-Options nosniff
        Referrer-Policy strict-origin-when-cross-origin
        Strict-Transport-Security "max-age=63072000; includeSubDomains;"
        Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()"
        X-Frame-Options SAMEORIGIN
        X-XSS-Protection 1
        X-Robots-Tag none
        -server
    }
}

element

element.example.com {
    encode zstd gzip
    reverse_proxy $IPOFDOCKERHOST:8080

    header {
        X-Content-Type-Options nosniff
        Referrer-Policy strict-origin-when-cross-origin
        Strict-Transport-Security "max-age=63072000; includeSubDomains;"
        Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()"
        X-Frame-Options SAMEORIGIN
        X-XSS-Protection 1
        X-Robots-Tag none
        -server
    }
}

todo

  • setup script to auto edits
    • db in homeserver.yml
    • domain in config.json (element)

sources

Reference in New Issue View Git Blame Copy Permalink