Matrix Synapse is a high-performance communication server built on the Matrix open standard for decentralized communication. The Matrix protocol is designed to provide a secure, interoperable, and decentralized communication infrastructure, allowing users to exchange messages, participate in group chats, share files, and collaborate across different platforms and services.
This comprehensive guide will walk you through the installation process, ensuring a seamless setup of Matrix Synapse on your Ubuntu 22.04 server.
Step 1 – Add Matrix Synapse Repository
By default, the Matrix Synapse package is not included in the Ubuntu default repository, so you will need to install it from its official repository.
First, download the Matrix Synapse GPG key.
wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
Then, add the Matrix Synapse repository to the APT source file.
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/matrix-org.list
Next, update the package index using the following command.
apt update -y
Step 2 – Install Matrix Synapse
Now, install the Matrix Synapse package using the following command.
apt install matrix-synapse-py3
You will be asked to provide your domain name as shown below:
Provide your domain name and click on OK. Once Matrix Synapse is installed, start the Matrix Synapse service using the following command.
systemctl start matrix-synapse
You can now verify the status of Matrix Synapse using the following command.
systemctl status matrix-synapse
Output.
matrix-synapse.service - Synapse Matrix homeserver Loaded: loaded (/lib/systemd/system/matrix-synapse.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2024-02-15 11:10:12 UTC; 20s ago Process: 2165 ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matr> Main PID: 2170 (python) Tasks: 8 (limit: 4579) Memory: 93.5M CPU: 8.363s CGroup: /system.slice/matrix-synapse.service └─2170 /opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/> Feb 15 11:10:09 ubuntu matrix-synapse[2165]: Generating signing key file /etc/matrix-synapse/homeserver.signing.key Feb 15 11:10:12 ubuntu matrix-synapse[2170]: This server is configured to use 'matrix.org' as its trusted key server via the Feb 15 11:10:12 ubuntu matrix-synapse[2170]: 'trusted_key_servers' config option. 'matrix.org' is a good choice for a key Feb 15 11:10:12 ubuntu matrix-synapse[2170]: server since it is long-lived, stable and trusted. However, some admins may Feb 15 11:10:12 ubuntu matrix-synapse[2170]: wish to use another server for this purpose. Feb 15 11:10:12 ubuntu matrix-synapse[2170]: To suppress this warning and continue using 'matrix.org', admins should set Feb 15 11:10:12 ubuntu matrix-synapse[2170]: 'suppress_key_server_warning' to 'true' in homeserver.yaml. Feb 15 11:10:12 ubuntu matrix-synapse[2170]: -------------------------------------------------------------------------------- Feb 15 11:10:12 ubuntu matrix-synapse[2170]: Config is missing macaroon_secret_key Feb 15 11:10:12 ubuntu systemd[1]: Started Synapse Matrix homeserver. lines 1-21/21 (END)
At this point, Matrix Synapse is started and listens on port 8008. You can verify it using the command given below:
ss -plnt | grep 8008
Output.
LISTEN 0 50 127.0.0.1:8008 0.0.0.0:* users:(("python",pid=2170,fd=14)) LISTEN 0 50 [::1]:8008 [::]:* users:(("python",pid=2170,fd=13))
Step 3 – Configure Matrix Synapse
First, generate the secret key using the following command.
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1
Output.
c4eEv6cZCc1jXeHGbzFyzGB0RFPp2HfP
Next, edit the Matrix Synapse main configuration file.
nano /etc/matrix-synapse/homeserver.yaml
Change the following lines:
listeners: - port: 8008 tls: false type: http x_forwarded: true bind_addresses: ['127.0.0.1'] resources: - names: [client, federation] compress: false enable_registration: false registration_shared_secret: "c4eEv6cZCc1jXeHGbzFyzGB0RFPp2HfP"
Save and close the file, then restart the Matrix Synapse service to reload the changes.
systemctl restart matrix-synapse
Step 4 – Create an Administrative User
Next, you will need to create an admin user to authenticate Matrix Synapse. You can create it using the following command.
register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008
Define your user and password as shown below:
New user localpart [root]: madmin Password: Confirm password: Make admin [no]: yes Sending registration request... Success!
Step 5 – Download Let’s Encrypt SSL
We will use the Let’s Encrypt SSL to secure the Matrix Synapse server.
First, install the Nginx web server.
apt install nginx
Next, install the Certbot Let’s Encrypt client using the following commands.
snap install core
snap refresh core
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
Next, download the Let’s Encrypt SSL for your domain.
certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d matrix.linuxbuz.com
Next, generate the dhparam using the following command.
openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
Step 6 – Configure Nginx for Matrix Synapse
Next, you will need to configure Nginx as a reverse proxy for Matrix Synapse.
First, edit the Nginx main configuration file.
nano /etc/nginx/nginx.conf
Add the following line after the line http{:
server_names_hash_bucket_size 64;
Next, create an Nginx virtual host configuration file for Matrix Synapse.
nano /etc/nginx/conf.d/synapse.conf
Add the following configurations.
# enforce HTTPS server { # Client port listen 80; server_name matrix.linuxbuz.com; return 301 https://$host$request_uri; } server { server_name matrix.linuxbuz.com; # Client port listen 443 ssl http2; listen [::]:443 ssl http2; # Federation port listen 8448 ssl http2 default_server; listen [::]:8448 ssl http2 default_server; access_log /var/log/nginx/synapse.access.log; error_log /var/log/nginx/synapse.error.log; # TLS configuration ssl_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/matrix.linuxbuz.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/chain.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; ssl_dhparam /etc/ssl/certs/dhparam.pem; location /_matrix { proxy_pass http://localhost:8008; proxy_set_header X-Forwarded-For $remote_addr; # Nginx by default only allows file uploads up to 1M in size # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml client_max_body_size 10M; } } # This is used for Matrix Federation # which is using default TCP port '8448' server { listen 8448 ssl; server_name matrix.linuxbuz.com; ssl_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/matrix.linuxbuz.com/privkey.pem; location / { proxy_pass http://localhost:8008; proxy_set_header X-Forwarded-For $remote_addr; } }
Save and close the file, then reload Nginx to apply the changes.
systemctl restart nginx
Step 7 – Access Matrix Synapse
You can now verify the Matrix Synapse installation using the URL https://matrix.linuxbuz.com:8448/_matrix/static/ on your web browser. You should see the following screen:
You can also verify your Matrix Synapse using the Riot web-based client https://riot.im/app/#/login. You should see the following screen:
Click on the Edit button. You should see the following screen:
Provide your Matrix server URL and click on the Continue button. You should see the Matrix login page:
Provide your admin username and password and click on the Sign in button. Once you are connected to the Matrix Synapse server. You should see the following screen:
Conclusion
Congratulations! You have successfully installed Matrix Synapse on Ubuntu 22.04, providing a powerful platform for decentralized communication and collaboration. With Matrix Synapse configured and running, you can explore its rich features and integrate them into your communication workflows. Enjoy seamless and secure real-time messaging with Matrix Synapse on dedicated server hosting from Atlantic.Net!