Skip to content
/ matrix-template Public

Matrix Synapse Server with PostgreSQL in one container (jail) for BastilleBSD

License

BSD-3-Clause license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ddowse/matrix-template

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
root/patch
root/patch
 
 
usr/local/etc/nginx
usr/local/etc/nginx
 
 
.gitignore
.gitignore
 
 
Bastillefile
Bastillefile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

matrix-synapse-pgsql

Bootstraps a Matrix Synapse Server with PostgreSQL and Nginx Reverse Proxy including TLS certificate in one container (jail) with BastilleBSD ready to use.

DISCLAIMER

Read synapse to edit the configuration to your exact needs afterwards.

By using this template you confirm that you understand the risks of running a (maybe) public accessible service.

  1. Create container
# This is just an example!
bastille create matrix 13.0-RELEASE 127.0.0.100
  1. Bootstrap this template
bastille bootstrap https://github.com/ddowse/matrix-synapse-pgsql
  1. Apply this template with your argument values
bastille template TARGET ddowse/matrix-synapse-pgsql \
         --arg EMAIL=le@example.org \
         --arg DOMAIN=FQDN \
         --arg PASSWORD=DB_PASS

  1. This will install the "Basic Package Stack" as shown below.

    • Then creates a Let's Encrypt account with the supplied EMAIL address.
    • acme.sh will try to issue a Certficate for the supplied DOMAIN
    • Staring postgresql
    • Setup postgresql
    • Create dbuser synapse_user with supplied PASSWORD
    • Create Datebase synapse
    • Generates default configuration for Synapse for the supplied DOMAIN
    • bastille will copy the nginx.conf
    • bastille will Render the configuration for nginx.conf with SSL Certficate
    • bastille will copy the patch directory
    • bastille will Render the homeserver.yaml patch
    • bastille will apply the patch to homeserver.yaml
    • Adding a Cronjob to renew the Certificate
    • Starting nginx
    • Starting synapse

  2. Your Synapse Server is now available to further tweaking and reachable over SSL/TLS on DOMAIN.

Basic Package Stack

www/nginx
database/postgresql12-server
net-im/py-matrix-synapse
security/acme.sh

Defaults & Arguments

acme.sh will listen in standalone mode on IPv6 Address only and will use Let's Encrypt as CA.
You need to edit Bastillefile to change this if you want to use old IPv4. Then maybe RDR Rules and NAT may apply to your setup.

The follwing arguments are used.

EMAIL for acme.sh account
DOMAIN is the FQDN for your synapse instance
PASSWORD is for the databaseuser, although local users can login without a password. Edit pg_hba.conf to change this.
synapse is the dbname
synapse_useris the dbuser

Synapse

One how to proceed after a succesful deploy of this container visit the Synapse docs

Hint:

register_new_matrix_user -u user -p password -a -c /usr/local/etc/matrix-synapse/homeserver.yaml http://localhost:8008

Issues

Report template issues on github if it's about general usage of BastilleBSD go to the docs or join the Telegram Group for any questions.

About

Matrix Synapse Server with PostgreSQL in one container (jail) for BastilleBSD

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published