- https://web-docs.element.dev/Element%20Web/index.html
- wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
- wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg
- echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | sudo tee /etc/apt/sources.list.d/element-io.list
- echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/matrix-org.list
- adu -y; ai matrix-synapse-py3 libpq5 postgresql coturn pwgen element-web nginx autopostgresqlbackup yamllint
- sc-status postgresql
- su - postgres
- createuser --pwprompt DBUSER
- createdb --encoding=UTF8 --locale=C --template=template0 --owner=DBUSER DBNAME
vim /etc/postgresql/15/main/pg_hba.conf
host DBNAME DBUSER 127.0.0.1/32 md5
- cp /etc/matrix-synapse/conf.d/server_name.yaml /etc/matrix-synapse/conf.d/SUB.DOM.TLD.yaml
vim /etc/matrix-synapse/conf.d/matrix.DOM.TLD.yaml
---
server_name: matrix.DOM.TLD
bind_addresses: ['0.0.0.0']
database:
name: psycopg2
args:
user: DBUSER
password:
dbname: DBNAME
host: 127.0.0.1
cp_min: 5
cp_max: 10
macaroon_secret_key: openssl rand -base64 32
registration_shared_secret: openssl rand -hex 32
- yamllint /etc/matrix-synapse/conf.d/SUB.DOM.TLD.yaml
- journalctl -xeu matrix-synapse.service
- sc-status matrix-synapse.service
- journalctl -u coturn
vim /etc/turnserver.conf
listening-ip=
external-ip=
use-auth-secret
no-tcp-relay
allowed-peer-ip=
- sc-restart coturn.service
- sc-status coturn.service
- lsof -Pni G 8008
- sc-restart matrix-synapse.service
- pwgen -s 16 1
- /opt/venvs/matrix-synapse/bin/register_new_matrix_user -c /etc/matrix-synapse/conf.d/SUB.DOM.TLD.yaml
- cp /etc/element-web/config.json /etc/element-web/config.element.DOM.TLD.json
vim /etc/element-web/config.json
base_url
server_name
room_directory/servers
jitsi/preferred_domain
vim /etc/nginx/sites-available/element
server {
listen 80;
server_name element.DOM.TLD;
root /usr/share/element-web;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /_matrix {
proxy_pass https://matrix.DOM.TLD;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 404 /index.html;
}
- ln -s /etc/nginx/sites-available/element /etc/nginx/sites-enabled/
- nginx -t
- nginx -s reload
vim /etc/matrix-synapse/homeserver.yaml
# bind_addresses: ['::1', '127.0.0.1']
Administration
- /opt/venvs/matrix-synapse/bin/register_new_matrix_user -k SHAREDSECRET
- <admin_access_token> klick on profile > All settings > Help & About > Advanced > Access Token
- curl --header "Authorization: Bearer <admin_access_token>" -X GET "http://127.0.0.1:8008/_synapse/admin/v2/users?from=0&limit=10&guests=false"
- curl --header "Authorization: Bearer <admin_access_token>" -X GET "http://127.0.0.1:8008/_synapse/admin/v2/@root:matrix.DOM.TLD
- curl -X POST "http://127.0.0.1:8008/_synapse/admin/v1/deactivate/%40<USERNAME>%3Amatrix.DOM.TLD" \
-H "Authorization: Bearer <admin_access_token>" \
-H "Content-Type: application/json" \
-d '{"erase": true}' - curl -X POST "http://127.0.0.1:8008/_synapse/admin/v1/reset_password/@user:matrix.DOM.TLD" \
-H "Authorization: Bearer <admin_access_token>" \
-H "Content-Type: application/json" \
-d '{
"new_password": "1234",
"logout_devices": true
}'