Christian WellsMatrix Synapse is a powerful and versatile open-source solution for messaging and VoIP services. It enables users to communicate with others across different service providers using voice-over-IP and chat functionalities. With its RESTful HTTP JSON APIs, it allows the creation of distributed and federated chat servers without a single point of control or failure. Matrix Synapse, written in Python, offers the ability to create your own home server, storing user personal information and chat history securely.
In this comprehensive guide, we will walk you through the process of installing Matrix Synapse on Ubuntu 22.04. By following the steps outlined below, you will be able to set up your own Matrix Synapse chat server and leverage its powerful features.
Prerequisites
Before getting started, ensure that you have the following prerequisites in place:
- A server running Ubuntu 22.04.
- A valid domain name pointed to your server’s IP address.
- A configured root password for the server.
Getting Started
To begin, update your system packages to ensure you have the latest versions. Open a terminal and run the following command:
apt update -y
Once the package indexes are updated, install the necessary dependencies by running the following command:
apt install curl wget gnupg2 apt-transport-https -y
With the dependencies installed, you can proceed to the next step of installing Matrix Synapse on Ubuntu 22.04.
Install Matrix Synapse on Ubuntu 22.04
By default, Matrix Synapse packages are not included in the Ubuntu 22.04 default repository. To install Matrix Synapse, we need to add the official Matrix Synapse repository to APT.
Add the Matrix Synapse GPG Key
To begin, download and add the Matrix Synapse GPG key to your system. Run the following command:
wget -qO /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
Add the Matrix Synapse Repository
Next, add the Matrix Synapse repository to APT by running the following command:
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/matrix-org.list
Update and Install Matrix Synapse
Update the repository to fetch the latest package information and install Matrix Synapse by running the following commands:
apt-get update -y apt-get install matrix-synapse-py3 -y
During the installation process, you will be prompted to provide your domain name. Enter your domain name and press Enter to proceed. You will also be asked to report anonymous statistics. Select “Yes” and press Enter to continue.
Configure Matrix Synapse
After the installation is complete, you will need to configure Matrix Synapse. Begin by generating a secret key using the following command:
cat /dev/urandom | tr -dc'a-zA-Z0-9' | fold-w32 | head -n 1
Make a note of the secret key generated; we will use it later in the configuration.
Next, open the Matrix Synapse default configuration file in a text editor. Run the following command:
nano /etc/matrix-synapse/homeserver.yaml
In the configuration file, you will find various settings that can be customized to fit your requirements. Locate the bind_addresses field and set it to ['127.0.0.1']. This restricts the server to only listen on the local loopback interface.
To enhance security, you can disable user registration by setting enable_registration tofalse. Additionally, set registration_shared_secret to the secret key generated earlier. This will prevent unauthorized users from registering on your server.
Save and close the file by pressing Ctrl + X, followed by Y and Enter.
Once you’ve made these changes, restart the Matrix Synapse service to apply the new configurations:
systemctl restart matrix-synapse
Configure Nginx as a Reverse Proxy for Matrix Synapse
To further enhance the performance and security of your Matrix Synapse server, it is recommended to configure Nginx as a reverse proxy. This allows Nginx to handle incoming requests and forward them to the Matrix Synapse server.
Install Nginx
Begin by installing the Nginx web server package by running the following command:
apt-get install nginx -y
Create Nginx Virtual Host Configuration
Once Nginx is installed, create a new configuration file for the Matrix Synapse virtual host:
nano /etc/nginx/conf.d/matrix.conf
In the configuration file, add the following lines:
server { listen 80; server_name your-domain.com; location / { proxy_pass http://localhost:8008; proxy_set_header X-Forwarded-For $remote_addr; } }
Replace your-domain.com with your actual domain name. This configuration sets up Nginx to listen on port 80 and forward all requests to the Matrix Synapse server running on localhost:8008.
Save and close the file.
Test and Restart Nginx
Before restarting Nginx, it’s a good practice to check the configuration for any syntax errors. Run the following command:
nginx -t
If the configuration is valid, you will see a success message. Now, restart the Nginx service to apply the changes:
systemctl restart nginx
Create a Super User Account
To manage your Matrix Synapse server effectively, you’ll need a super user account. Follow these steps to create one:
- Open a terminal and run the following command:
register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008
- Enter a new user localpart when prompted. For example, you can use
adminas the localpart. - Set a password for the admin account when prompted. Ensure the password is strong and secure.
- When asked if you want to make the user an admin, enter
yes. - The registration request will be sent, and upon success, you will have your super user account.
Secure Matrix Synapse with Let’s Encrypt
To secure your Matrix Synapse server with a trusted SSL certificate, we will use Let’s Encrypt, a free and widely recognized certificate authority. Follow the steps below to obtain an SSL certificate from Let’s Encrypt.
Install the Certbot Client
Begin by installing the Certbot client package by running the following command:
apt-get install certbot python3-certbot-nginx -y
Obtain the SSL Certificate
Once Certbot is installed, run the following command to obtain an SSL certificate:
certbot
You will be prompted to provide your email address for urgent renewal and security notices. Enter your email address and agree to the terms of service. Certbot will then communicate with the Let’s Encrypt servers to obtain the SSL certificate for your domain.
Configure Nginx to Use the SSL Certificate
Certbot automatically configures Nginx to use the SSL certificate for your domain. You don’t need to make any additional changes. The configuration file /etc/nginx/conf.d/matrix.conf is updated to automatically redirect HTTP traffic to HTTPS.
Verify the SSL Configuration
To verify that the SSL configuration is correct, run the following command:
nginx -t
If the configuration is valid, you will see a success message.
Automatic Certificate Renewal
Certbot sets up a scheduled task to automatically renew your SSL certificate before it expires. You don’t need to manually renew it.
Access Matrix Synapse
With Matrix Synapse installed and configured, you can now access your server and begin using it for secure messaging and VoIP services.
To access the Matrix Synapse server, open your web browser and enter the URL https://your-domain.com. Replace your-domain.com with your actual domain name. You should see the Matrix Synapse login screen.
If you prefer a web-based client, you can use Riot. Open your web browser and navigate to https://riot.im/app/#/login. Click on the “Edit” button and enter your Matrix server URL. Then, click on the “Continue” button to proceed to the Matrix login page. Enter your admin username and password, and click on the “Sign in” button. Once logged in, you will have access to the Matrix Synapse server.
Conclusion
Congratulations! You have successfully installed Matrix Synapse on Ubuntu 22.04 and configured it to run securely with Nginx as a reverse proxy. You can now leverage the power of Matrix Synapse to create your own messaging and VoIP server. Enjoy the secure and decentralized communication capabilities offered by Matrix Synapse.
For reliable and scalable cloud hosting solutions, consider Shape.host’s Cloud VPS services. Shape.host provides industry-leading cloud hosting solutions, ensuring the highest levels of performance, security, and flexibility. Visit Shape.host today to explore their range of services and experience the benefits of cloud hosting.
