Matrix Synapse Server

Matrix Synapse Logo

Matrix is easy-to-use, decentralized and encrypted private chat software. Matrix is federated, meaning that with a Matrix account on any server, including your own, you can talk to any other Matrix account on the internet, similar to email. Matrix also allows fully end-to-end encrypted group chats.

Synapse is the name of the default Matrix server. It is written in Python. While it is requires somewhat more system resources than an XMPP server, it makes up for that in being very accessible to non-technical users.

Installation

Synapse is not in the Debian package repositories by default, but we can easily add Matrix's repository including it:

apt install -y lsb-release wget apt-transport-https
wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/matrix-org.list

After we update our packages lists, we will be able to install Synapse with apt.

apt update
apt install matrix-synapse-py3

When prompted, give your main domain name (not a subdomain). This will be the domain appended to your Matrix address, e.g. @chad:landchad.net.

Nginx configuration

Create an Nginx configuration file for Matrix, say /etc/nginx/sites-available/matrix and add the content below:

server {
        server_name matrix.example.org ;
        listen 80;
        listen [::]:80;
        location / {
                proxy_pass http://localhost:8008;
        }
        location ~* ^(\/_matrix|\/_synapse\/client) {
                proxy_pass http://localhost:8008;
                proxy_set_header X-Forwarded-For $remote_addr;
                client_max_body_size 50M ;
        }
        location /.well-known/matrix/server {
                return 200 '{"m.homeserver": {"base_url": "https://matrix.example.org"}}';
                default_type application/json;
                add_header Access-Control-Allow-Origin *;
        }
}

Now let's enable the Nginx Matrix site and reload Nginx to make it active.

ln -s /etc/nginx/sites-available/matrix /etc/nginx/sites-enabled
systemctl reload nginx

Encryption

Obviously, we need to encrypt our matrix subdomain as well. Let's do that with certbot:

certbot --nginx -d matrix.example.org

Configuration

Read the config file

The configuration file for Matrix is in /etc/matrix-synapse/homeserver.yaml. It is well documented and commented, so you can read about the settings, but let's change the essential ones here.

Make what changes you want and run systemctl reload matrix-synapse to make the system configuration active.

Create an administrator account

If you allow open registration on your server in the configuration file, you can create an account through Element or another Matrix client, but you are probably going to want an official admin account to use. To make one, simply run the following command, which will then give you several choices for creating a user, among which will be the ability to make it an admin.

register_new_matrix_user -c homeserver.yaml http://localhost:8008

Using Matrix with Element Matrix logoElement

There are many different clients that can be used on desktops or phones to chat on your Matrix server, but the most popular and most widely vetted is Element logoElement.

Get Element to access your Matrix server:

Note also that Element has a web client (i.e. a version that can be accessed on your own website) that is also easy to install on an Nginx server, although that will be covered in another article.