Open, interoperable, decentralised real-time communication https://matrix.org
Go to file
3wc bdf8e11dc5
continuous-integration/drone/push Build is failing Details
chore: publish 5.0.5+1.25.3 release
2024-03-27 00:45:39 -03:00
release chore: publish 5.0.4+v1.100.0 release 2024-02-19 13:55:03 +01:00
.drone.yml Switch to self-hosted stack-ssh-deploy image [mass update] 2023-01-21 11:49:56 -08:00
.env.sample chore: publish 5.0.4+v1.100.0 release 2024-03-13 14:18:51 +01:00
.gitignore chore: ignore synapse clone 2022-02-08 01:37:10 +01:00
README.md chore: publish 5.0.4+v1.100.0 release 2024-03-13 14:18:51 +01:00
abra.sh Fix permissions on generated files 2024-03-27 00:38:39 -03:00
compose.discord.yml feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
compose.keycloak.yml fix secrets 2023-10-19 15:33:29 +02:00
compose.keycloak2.yml feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
compose.keycloak3.yml feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
compose.shared_secret_auth.yml feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
compose.signal.yml feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
compose.smtp.yml fix secrets 2023-10-19 15:33:29 +02:00
compose.telegram.yml chore: publish 5.1.0+1.25.3 release 2024-02-08 14:47:50 -03:00
compose.turn.yml fix secrets 2023-10-19 15:33:29 +02:00
compose.yml chore: publish 5.0.5+1.25.3 release 2024-03-27 00:45:39 -03:00
discord_bridge.yaml.tmpl fix: make bridge logging ERROR only 2023-01-08 01:11:58 +01:00
entrypoint.sh.tmpl Fix permissions on generated files 2024-03-27 00:38:39 -03:00
homeserver.yaml.tmpl chore: publish 5.0.4+v1.100.0 release 2024-02-19 13:55:03 +01:00
log.config.tmpl feat: more privacy friendly defaults 2022-02-08 00:32:28 +01:00
nginx.conf.tmpl fix: don't break when logging in with keycloak 2023-10-23 20:19:17 +02:00
shared_secret_authenticator.py feat: shared secret auth 2022-09-22 16:01:19 +02:00
signal_bridge.yaml.tmpl fix: quote YAML inline dicts correctly 2023-01-08 01:56:30 +01:00
telegram_bridge.yaml.tmpl feat: sync_channel_members configurable for telegram bridge 2023-05-10 17:57:54 +02:00
well_known_client.conf.tmpl feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00
well_known_server.conf.tmpl feat: use nginx proxy, config for public rooms (fedi) 2023-10-08 01:41:29 +02:00

README.md

Matrix (Synapse)

  • Category: Apps
  • Status: 0, work-in-progress
  • Image: matrixdotorg/synapse, 4, upstream
  • Healthcheck: Yes
  • Backups: No
  • Email: Yes
  • Tests: No
  • SSO: Yes

Basic usage

  1. Set up Docker Swarm and abra
  2. Deploy coop-cloud/traefik
  3. abra app new matrix-synapse --secrets (optionally with --pass if you'd like to save secrets in pass)
  4. abra app config YOURAPPDOMAIN - be sure to change $DOMAIN to something that resolves to your Docker swarm box
  5. abra app deploy YOURAPPDOMAIN
  6. Create an initial user: abra app run YOURAPPDOMAIN app register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008

Tips & Tricks

Set Admin User

abra app cmd YOURAPPDOMAIN db set_admin <adminuser>

Disabling federation

  • Use DISABLE_FEDERATION=1 to turn off federation listeners
  • Don't use compose.matrix.yml in your traefik config to keep the federation ports closed

Enabling federation

See #27 for more. Depending on your setup, using SERVE_SERVER_WELLKNOWN=true might work to start federating. Make sure you don't leave DISABLE_FEDERATION=1 set!

Getting client discovery on a custom domain

You'll need to deploy something like this. This could be implemented in this recipe but we haven't merged it in yet. Change sets are welcome.

Telegram bridging

WIP docs

Setting it up is a bit of a chicken/egg & chasing cats moment.

You need to get your bot setup on the telegram side first by creating a telegram app and a telegram bot and have these values:

api_id: ...
api_hash: ...
telegram_bot_token: ...

Also:

  • Make sure to uncomment APP_SERVICES_ENABLED
  • include the registration in synapse: APP_SERVICE_CONFIGS="[\"/telegram-data/registration.yaml\"]"
  • and set yourself as admin under TELEGRAM_BRIDGE_PERMISSIONS

A rough guide for the following steps:

abra app secret insert <domain> telegram_api_hash v1 <secret>
abra app secret insert <domain> telegram_bot_token v1 <secret>
abra app secret generate -a <domain>

abra app deploy <domain>
abra app run matrix.fva.wtf telegram_bridge cat /data/registration.yaml
abra app undeploy <domain>

abra app secret rm <domain> telegram_as_token
abra app secret insert <domain> telegram_as_token v1 <secret>

abra app secret rm <domain> telegram_as_token
abra app secret insert <domain> telegram_hs_token v1 <secret>

abra app deploy <domain>

Some helpful documentation:

Discord bridging

WIP docs

Just as messy as the Telegram bridging above! Rough guide:

  • get a local copy of config.yaml
  • fill it out with the values you need, all the discord token stuff, etc.
  • run mkdir -p data && cp config.yaml data/ then docker run --rm -v data:/data halfshot/matrix-appservice-discord:v1.0.0 sh -c "cd /data && node /build/src/discordas.js -r -u "http://discordbridge:9005" -c config.yaml"
  • this generates the app service registration configuration you need to feed to the homeserver
  • run secret generation for the discord_db_password, insert your discord_bot_token
  • run abra app cp <domain> discord-registration.yaml app:/discord-data (it has to be called discord-registration.yaml)
  • deploy the bridge & happy hacking

Some helpful documentation:

Signal bridging

WIP docs

OK, it's also awful to set this up. Do you see a pattern emerging :)

  • fake that you have the required tokens:
    • abra app secret insert example.com signal_hs_token v1 foo
    • abra app secret insert example.com signal_as_token v1 foo
  • generate the database password:
    • abra app secret generate example.com -a
  • deploy the thing and then check the /data/registration.yaml
  • rm the fake signal_hs/as_token values and re-insert the new ones from registration.yaml
  • re-deploy the whole thing and then it should come up, message @signalbot:example.com to test