Linux

How to Install Matrix Synapse Chat on Ubuntu 20.04 LTS

0
How to Install Matrix Synapse Chat on Ubuntu 20.04 LTS

Matrix is ​​a new ecosystem for decentralized communication in real-time for instant messaging and open combined VoIP services. It provides RESTful HTTP JSON APIs for building distributed chat servers and federations without a single control point and failure and provides all references to the API.

Synapse is an implementation of a home matrix server created by the matrix team and written in Python / Twisted. With this software, we can implement a matrix method for decentralized communication, we can create a home server and store all user’s personal information, chat history, make room for our own use, etc.

In this tutorial, we will show you how to install and configure Matrix Synapse on Ubuntu 20.04. We will set the Synapse Matrix with Nginx as a reverse proxy and secure the installation using SSL provided by Letsencrypt.

Precondition

For this guide, we will install the Synapse Matrix on the latest Ubuntu 20.04 with 1GB of RAM, 25GB of free disk space, and 2CPU. Also, you must have access to your server with root privileges on it.

What we will do?

  • Install the Synapse Matrix
  • Configure the Synapse Matrix
  • Generate SSL Letsencrypt
  • Set Nginx as Reverse Proxy
  • Prepare UFW Firewall
  • Register New User
  • Testing

Step 1 – Install the Synapse Matrix

First, we will install the Synapse Matrix onto the latest Ubuntu 20.04 Server. To do that, we need to add the GPG key and the official Matrix Synapse repository.

Before proceeding further, install a few dependency packages using the apt command below.

sudo apt install -y lsb-release wget apt-transport-https

After that, add the GPG key and the Synapse Matrix repository for Debian / Ubuntu based systems.

sudo wget -qO /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" |
    sudo tee /etc/apt/sources.list.d/matrix-org.list

1

Now update all package repository lists and install the Matrix Synapse package.

sudo apt update
sudo apt install matrix-synapse-py3

Now you will be asked to configure the domain name.

2

Type your domain name for the Synapse Matrix installation and select ‘OK‘ to continue.

For ‘Anonymous Data Statistics’, select ‘No‘.

3

And the Synapse Matrix installation is complete.

Next, start the ‘matrix-synapse’ service and add it to the system boot.

systemctl start matrix-synapse
systemctl enable matrix-synapse

The Synapse matrix is already up and running, check using the following command.

systemctl status matrix-synapse
ss -plnt

Below are the results that you will get.

4

As a result, the Synapse Matrix runs with the default TCP port ‘8008’ on Ubuntu 20.04.

Step 2 – Configure the Synapse Matrix

In this step, we will configure the ‘bind-address’ for the Synapse Matrix, disable registration on our server, and manage registrations that are shared confidentially.

Before proceeding further, make a secret registration of the Synapses Matrix using the following command.

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

Now you will get a random key, copy the key, and save it in your notes.

GH7AP4Zcthz02Cmg58sqUgonm7zlwH0f

Next, open the ‘/ etc / matrix-synapse’ directory and edit the ‘homeserver.yaml’ configuration using the vim editor.

cd /etc/matrix-synapse/
vim homeserver.yaml

Move to the ‘listener’ section and change the ‘bind-address’ value to the local IP address as below.

listeners:

  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['127.0.0.1']

    resources:
      - names: [client, federation]
        compress: false

Now deactivate the Synapse Matrix if you are running a node just for you.

enable_registration: false

Change ‘shared_secret’ registration with the random passphrase generated above.

registration_shared_secret: "GH7AP4Zcthz02Cmg58sqUgonm7zlwH0f"

Save and close.

Next, restart the Synapse Matrix service to implement the new configuration.

systemctl restart matrix-synapse

Check the service using the following command.

ss -plnt
systemctl status matrix-synapse

Below are the results that you will get.

5

As a result, the Synapse Matrix service is up and running with a new configuration.

Step 3 – Generate SSL Letsencrypt

In this step, we will create SSL Letsencrypt using the certbot tool. The Synapse matrix will run under a secure HTTPS connection using an SSL certificate provided by Letsencrypt.

Install the certbot tool using the apt command below.

sudo apt install certbot -y

After that, create a new SSL certificate using the certbot command below, and be sure to change your e-mail address and domain name with yours.

certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email user@hakase-labs.io -d hakase-labs.io

6

After all is done, your SSL certificate will be available in the ‘/etc/letsencrypt/live/domain.com/’ directory.

ls -lah /etc/letsencrypt/live/domain.com/

‘Fullchain.pem’ is a public key, and ‘privkey.pem’ is a private key.

Step 4 – Set Nginx as Reverse Proxy

For this tutorial, we will run the Synapse Matrix under the Nginx Reverse proxy. And for this step, we will install the Nginx package and set it as a Reverse Proxy.

The Nginx web server will run on 3 ports, the default HTTP port ’80’, the secure HTTPS port ‘443’, and the TCP port ‘8448’ which will be used for the Synapse Matrix federation.

Install the Nginx package using the apt command below.

sudo apt install nginx -y

After all installation is complete, open the ‘/ etc / nginx / sites-available’ directory and create a new virtualhost configuration called ‘matrix’ using the vim editor.

cd /etc/nginx/sites-available/
vim matrix

Change the domain name and SSL certificate path with yours, paste the configuration into it.

server {
    listen 80;
    server_name hakase-labs.io;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name hakase-labs.io;

    ssl_certificate /etc/letsencrypt/live/hakase-labs.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/hakase-labs.io/privkey.pem;

    location /_matrix {
        proxy_pass http://localhost:8008;
        proxy_set_header X-Forwarded-For $remote_addr;
        # Nginx by default only allows file uploads up to 1M in size
        # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
        client_max_body_size 10M;
    }
}

# This is used for Matrix Federation
# which is using default TCP port '8448'
server {
    listen 8448 ssl;
    server_name hakase-labs.io;

    ssl_certificate /etc/letsencrypt/live/hakase-labs.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/hakase-labs.io/privkey.pem;

    location / {
        proxy_pass http://localhost:8008;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
}

Save and close.

Next, activate the ‘matrix’ virtualhost and test the Nginx configuration. Also, make sure there are no errors.

ln -s /etc/nginx/sites-available/matrix /etc/nginx/sites-enabled/
nginx -t

Now restart the Nginx service and add it to the system boot.

systemctl restart nginx
systemctl enable nginx

7

After that, check the Nginx service using the command below.

ss -plnt
systemctl status nginx

Below are the results that you will get.

8

As a result, the Nginx service is active and runs on Ubuntu 20.04 with three different ports, the default HTTP port 80 which will automatically be transferred to a secure HTTPS port, and port ‘8448’ which will be used for the Matrix Synapse Federation.

Step 5: UFW Firewall

For this tutorial, we will run the Synapse Matrix on Ubuntu 20.04 with the UFW firewall enabled.

Add ssh, http, https, and TCP port ‘8448’ to the UFW firewall using the command below.

for svc in ssh http https 8448
do
ufw allow $svc
done

After that, run and activate the UFW firewall.

ufw enable

Type ‘y‘ to confirm and the UFW firewall is active, check all the rules available in the UFW firewall using the commands below.

ufw status numbered

Below are the results that you will get.

9

As a result, the UFW firewall configuration has been completed.

Step 6 – Register User

At this stage, the synapse matrix installation and home server configuration is complete. And in this step, we will show you how to add a new matrix user from the command-line server.

To create a new matrix user, run the command below.

sudo register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008

Now type the username and password for your user, to make the user an administrator, type ‘yes’.

New user localpart [root]: changbin
Password: 
Confirm password: 
Make admin [no]: 
Sending registration request...
Success!

As a result, a new Matrix user has been created.

Step 7 – Testing

For this step, we will test our Matrix Synapse server installation.

– Testing the Synapse Federation Matrix

Go to the URL of the Synapse Federation Tester Matrix below.

https://federationtester.matrix.org/

Now type your Synapse Matrix domain name and click the ‘Go’ button, and you will get successful results as below.

10

As can be seen, the Federation Synapse Matrix works through port ‘8448’.

– Test Matrix Login with User and Password

Go to the web-based Matrix client called ‘riot.im’ as the URL below.

https://riot.im/app/

Click the ‘Enter‘ button and you can use your special Synapsic Matrix server.

11

Type your domain name and click ‘Next‘.

12

Now type your username and password, then click the ‘Login‘ button.

13

You will be asked for additional security questions.

After logging in, you will get the following page.

14

As a result, installation of the Synapse Matrix with Nginx reverse-proxy and Federation activated on Ubuntu 20.04 has been completed successfully.

How to Troubleshoot Discord Push to Talk on Windows 10

Previous article

How to use AirDrop on iPhone and iPad

Next article

You may also like

More in Linux