VPS Setup

Matrix Server

• Install dependencies (for compiling for source… not needed)

    yum install libtiff-devel libjpeg-devel libzip-devel freetype-devel \
                lcms2-devel libwebp-devel tcl-devel tk-devel redhat-rpm-config \
                python3-virtualenv libffi-devel openssl-devel
  

• Database (using postgres as setup by mastodon)

    su - postgres
    createuser synapse
  
    /usr/pgsql-11/bin/psql
        ALTER USER synapse WITH ENCRYPTED password 'STRONG_PASSWORD';
        CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse;
        \q
    exit
  

• Python env

    virtualenv-3 /opt/synapse
    source /opt/synapse/bin/activate
  
    pip install --upgrade pip
    pip install --upgrade setuptools
  
    pip install https://github.com/matrix-org/synapse/tarball/master
  
    export PATH="$PATH:/usr/pgsql-11/bin/" # for pg_config command for following install
    pip install psycopg2
  

• Setup synapse

    cd /opt/synapse
    source bin/activate
    python -m synapse.app.homeserver --server-name stuts.uk --config-path homeserver.yaml --generate-config --report-stats=yes
  
    # Install lxml for URL preview support
    pip install lxml
  
    vim homeserver.yaml
        # Uncomment line 'limit_profile_requests_to_users_who_share_rooms:' # UNDID THIS 2020-08-27
        # Comment out database lines for sqlite
        # Uncomment psycops database lines and configure for postgres
        # Uncomment 'enable_registration', set it as false and add 'registration_shared_secret' with a random generated value
        # Set web_client_location to https://chat.stuts.uk/
        # Uncomment max_upload_size and increase to something a bit more friendly towards video, like 200MB
  
    # Start the server
    synctl start
  

• Allow stuts.uk to be used as a server_name (as we’re actually hosting it at matrix.stuts.uk)

    mkdir -p /var/www/stuts.uk/.well-known/matrix/
    cat << EOF > /var/www/stuts.uk/.well-known/matrix/server
    {"m.server": "matrix.stuts.uk:443"}
    EOF
  

• Systemd stuff

    cat << EOF > /etc/systemd/system/matrix-synapse.service
    [Unit]
    Description=Matrix Synapse service
    After=network.target
  
    [Service]
    Type=forking
    WorkingDirectory=/opt/synapse/
    ExecStart=/opt/synapse/bin/synctl start
    ExecStop=/opt/synapse/bin/synctl stop
    ExecReload=/opt/synapse/bin/synctl restart
    Restart=always
    StandardOutput=syslog
    StandardError=syslog
    SyslogIdentifier=synapse
  
    [Install]
    WantedBy=multi-user.target
    EOF
  
    synctl stop
    systemctl start matrix-synapse
    systemctl enable matrix-synapse
  

• User reg

    register_new_matrix_user -c homeserver.yaml http://localhost:8008
        stu
        PASSWORD
  

Refs:

• https://www.vultr.com/docs/create-a-chat-server-using-matrix-synapse-and-riot-on-centos-7#Install_Synapse
• https://github.com/matrix-org/synapse/blob/develop/INSTALL.md#prebuilt-packages
• https://www.reddit.com/r/selfhosted/comments/g7q7jo/self_hosting_your_own_riotim_and_matrix_server/
• https://federationtester.matrix.org

For fixing federation issues:

• https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md
• https://github.com/matrix-org/synapse/blob/master/docs/federate.md
• https://github.com/matrix-org/synapse/blob/master/docs/delegate.md

VoIP Setup

It seems like a Jitsi server is not needed in order to do voice & video calls, it seems like this can be achieved with a turn server.

yum install coturn

vim /etc/coturn/turnserver.conf
    # Uncomment use-auth-secret
    # Generate and set a secret key for static-auth-secret
    # Set the server-name to turn.stuts.uk
    # Uncomment no-tcp-relay
    # Set user-quota to 16 (allowing 4 simultaneous relayed calls per user)
    # Set total-quota to 1600
    # Set cert and pkey to point to some lovely LetsEncrypt certificates (alternatively, copy keys to the default location)

systemctl enable coturn
systemctl start coturn

I got caught up trying to run this behind Nginx but that’d only be needed if wanting to use port 443 for the turn server. As this is a background/hidden service it’s okay to just have the DNS name and specify the port in the synapse config.

Synapse Changes

cd /opt/synapse
source bin/activate

vim homeserver.yaml
    # Set turn_uris: [ "turn:turn.stuts.uk:3478?transport=udp", "turn:turn.stuts.uk:3478?transport=tcp" ]
    # Set turn_shared_secret to the one entered earlier in the turn server conf
    # Set turn_user_lifetime to 86400000 (1 day)
    # Set turn_allow_guests to false

systemctl restart matrix-synapse

Element Web Chat

• Install chat webserver

    cd /tmp
    wget https://github.com/vector-im/riot-web/releases/download/v1.7.2/riot-v1.7.2.tar.gz
  
    mkdir /var/www/chat.stuts.uk
    cd /var/www/chat.stuts.uk
  
    tar xf /tmp/riot-v1.7.2.tar.gz --strip 1
  

• Configure

    cp config.sample.json config.json
  
    vim config.json
        # Replace 'matrix-client.matrix.org' with 'matrix.stuts.uk'
        # Replace 'vector.im' with 'matrix.org'
        # Set "disable_guests" to true
        # Set "showLabsSetting" to true
        # Set "default_federate" to false
        # Set "disable_custom_urls" to true
        # Uncomment "url_preview_enabled" and the "url_preview_ip_range_blacklist" section
  

Refs:

• https://github.com/vector-im/riot-web/blob/develop/docs/config.md