Step-by-Step Guide to Installing Synapse Matrix Server on Ubuntu 22.04

Step-by-Step Guide to Installing Synapse Matrix Server on Ubuntu 22.04

10:57, 26.12.2023

Article Content
arrow

  • Step 2: Configuration of Synapse Matrix
  • Step 3: Creation of a New Matrix User
  • Utilizing a Self-Signed Certificate
  • Obtaining a Let's Encrypt Certificate
  • Step 5: Configuring Nginx for the Matrix Server
  • Step 6: Firewall Settings
  • Step 7: Accessing Matrix Synapse
  • Conclusion

Matrix is an open-source, decentralized, and easy-to-use software for private communication. It can be used for calling or messaging. Matrix provides encryption for secure communication channels on the web.

Synapse is the default Python-based Matrix server. The installation of the server is accessible to even non-tech-savvy users.

In this article, we'll guide you through the steps for installing Synapse Matrix Server.

Step 1: Installation of the Synapse Matrix Server

There are a couple of things you need to take care of before we get started.

Make sure you have the following:

  • A server running on Ubuntu 22.04
  • A domain name associated with your server's IP address
  • A root access to the server and root password

With that out of the way, you need to update the system packages next, using:

apt update -y

Install the necessary dependencies with the following command:

apt install curl wget gnupg2 apt-transport-https -y

And choose and insert the name of your server:

$ sudo nano /etc/hosts
IP address domain.name

Now you can proceed with the installation of the Synapse Matrix Server.

Add the GPG key and repository of the Matrix Synapse:

sudo wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg 
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" |sudo tee /etc/apt/sources.list.d/matrix-org.list

Update OS and install Matrix, using:

sudo apt update sudo apt install matrix-synapse-py3

Run the Matrix Synapse:

sudo systemctl start matrix-synapse sudo systemctl enable matrix-synapse

You can check whether the Matrix Synapse is running by issuing:

$ systemctl status matrix-synapse (there should be "active (running)" line in the "Active" section)

Step 2: Configuration of Synapse Matrix

To configure the Synapse Matrix Server, you need to generate a Matrix password first:

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

After you generate a password for Matrix, edit the Matrix configuration file:

sudo nano /etc/matrix-synapse/homeserver.yaml

In the configuration file, you need to change bind addresses to a local IP address, turn off Matrix registration, and insert the generated password like this:

listeners:
- port: 8008 
tls: false 
type: http 
x_forwarded: true 
bind_addresses: ['127.0.0.1']

resources:
- names: [client, federation] 
compress: false

enable_registration: false
registration_shared_secret: "V6jKdIsl6GUdvpksSlQDCX5P94kJfFGk"

Save the file and restart Matrix Synapse.

Step 3: Creation of a New Matrix User

The creation of a Matrix user can help connect to a Matrix server through a Matrix client. To create a new user, run the following command:

register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008

Then, follow the example below:

New user localpart [root]: admin
Password:
Confirm password:
Make admin [no]: yes
Sending registration request... Success!

Now, a new user has been created.

Step 4: Setting up an SSL Certificate for the Matrix Server

If you don't set up an SSL Certificate for your Matrix Server, you will be accessing it through HTTP, which means that you'll be threatening the security of your data. To avoid this, you can issue a self-signed certificate or a Let's Encrypt certificate.

Utilizing a Self-Signed Certificate

Find the folder that stores the certificates, and run the following command in there:

openssl req \ 
-newkey rsa:2048 -nodes -keyout matrix.key \ 
-x509 -days 365 -out Matrix.crt

To complete, fill out the form that will going to appear after.

Then, transfer the certificate file to an accessible directory:

sudo mv matrix.crt Matrix.key /etc/pki/certificates/

Obtaining a Let's Encrypt Certificate

Let's Encrypt allows you to get SSL certificates for free, and is one of the simplest ways to obtain an SSL certificate. Here's how to do that.

You need to install the Certbot client first. You can do that running:

sudo apt install certbot -y

Generate the certificate with the following command (insert your email address and domain name):

certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --emailyour email address-d your domain name

Now, you have your SSL certificate.

Step 5: Configuring Nginx for the Matrix Server

With Matrix Synapse, Nginx is commonly used as a reverse proxy.

You need to install Nginx first. You can do that with the following command:

sudo apt install nginx

To start using Nginx as a reverse proxy, you need to create a separate configuration file for your server:

sudo nano /etc/nginx/sites-available/matrix.conf

In the file, insert the underlined sections:
server {
listen 80;
server_name matrix.example.com;
return 301 https://$host$request_uri;
}


server {
listen 443 ssl;
server_name matrix.example.com;


ssl_certificate /etc/pki/certificates/matrix.crt;
ssl_certificate_key /etc/pki/certificates/matrix.key;


location /_matrix {
    proxy_pass localhost:8008
    proxy_set_header X-Forwarded-For $remote_addr;
    # Nginx, by default, only allows file uploads up to 1M in size
   #Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
    client_max_body_size 10M;
}
}
# This is used for Matrix Federation
# which is using default TCP port '8448'
server {
listen 8448 ssl;
server_name matrix.example.com;


ssl_certificate /etc/pki/certificates/matrix.crt;
ssl_certificate_key /etc/pki/certificates/matrix.key;


location / {
    proxy_pass http:localhost:8008
    proxy_set_header X-Forwarded-For $remote_addr;
}
}

Save the file.

Now, to check if the file contains any errors, use this command to run the test:

$ sudo nginx -t

To activate a virtual host, you can create a symbolic link for the configuration file in the /etc/nginx/sites-enabled directory:

sudo ln -s /etc/nginx/sites-available/matrix.conf /etc/nginx/sites-enabled/

To apply changes, restart Nginx (sudo systemctl restart nginx).

Step 6: Firewall Settings

If you're using a firewall, you need to additionally allow the Matrix service to go through it:

sudo ufw allow 8448 sudo ufw allow https sudo ufw allow http

You can check the status with the following command:

$ sudo ufw status

Step 7: Accessing Matrix Synapse

Accessing Matrix Synapse Server is easy. All you need to do is input the following in the web browser's search bar:

https://your domain:8448.

Conclusion

Matrix Synapse is a server-based integration of the Matrix protocol for secure communication. It is a software server that provides the services of communication and synchronization of data across the Matrix network.

The key features of Matrix Synapse Server include:

  • Secure communication. The Matrix Synapse Server is meant to provide secure connection and communication across the web. Since the data shared through Matrix is spread out through multiple servers (since Matrix is decentralized), it provides more secure and protected communication.
  • Decentralized nature. Matrix Synapse provides a decentralized architecture, meaning users can have their own Matrix Synapse server. This gives users control over their data and communications as they follow the decentralized systems philosophy.
  • Enhanced security. Matrix Synapse uses various security measures that protect the server from data breaches, service attacks, etc. It's also known for integrating secure communication protocols, including TLS and end-to-end encryption.
  • Easy-to-integrate. Matrix is easy to integrate with various systems and services.

Last but not least, Matrix Synapse is easy to install and configure. We hope this tutorial has proven you this!

views 5m, 51s
views 2
Share

Was this article helpful to you?

VPS popular offers

Other articles on this topic

cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.