Matrix is a free, open-source platform that offers a web-based solution for messaging and Voice over IP (VoIP) services. With an open standard protocol, Matrix enables communication with users served by different service providers via VoIP and chat. It provides RESTful HTTP JSON APIs to construct distributed, federated chat servers devoid of any single point of failure or control, making it reliable and robust for committed communication needs. Written in Python, Matrix allows for the creation of your home server to store personal user information and chat history securely.
This guide will walk you through installing Matrix Synapse on Ubuntu 22.04.
Prerequisites
- Ensure you have a server running Ubuntu 22.04.
- A valid domain name pointing to your server’s IP address is required.
- The root password should be configured on your server.
Getting Started
To begin, update your system packages to the latest versions with the following command:
apt update -y
Once your package indexes are updated, install the required dependencies using this command:
apt install curl wget gnupg2 apt-transport-https -y
Proceed to the next steps once all dependencies are installed.
Install Matrix Synapse on Ubuntu 22.04
Matrix Synapse packages are not naturally included in the default Ubuntu 22.04 repository. You must add the official Matrix Synapse repository to APT.
First, download and add the Matrix Synapse GPG key:
wget -qO /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
Next, add the Matrix Synapse repository to APT:
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/matrix-org.list
Then, update the repository and install Matrix Synapse with:
apt-get update -y apt-get install matrix-synapse-py3 -y
During installation, specify your domain name:
Enter your domain name and press the Enter key. You will then be asked if you want to report anonymous statistics:
Select “Yes” and hit Enter to continue.
Once installation completes, start the Matrix service and configure it to start on system reboots:
systemctl start matrix-synapse systemctl enable matrix-synapse
You can check the status of Matrix Synapse with:
systemctl status matrix-synapse
You should see a similar output indicating the service’s active status:
? matrix-synapse.service - Synapse Matrix homeserver
Loaded: loaded (/lib/systemd/system/matrix-synapse.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-06-04 08:01:22 UTC; 3s ago
Process: 1916 ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.ya>
Main PID: 1923 (python)
Tasks: 8 (limit: 9460)
Memory: 78.6M
CPU: 4.911s
CGroup: /system.slice/matrix-synapse.service
??1923 /opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config>
Validate Matrix Synapse is listening on the expected port 8008:
ss -antpl | grep python
You will find:
LISTEN 0 50 127.0.0.1:8008 0.0.0.0:* users:(("python",pid=1950,fd=12))
LISTEN 0 50 [::1]:8008 [::]:* users:(("python",pid=1950,fd=11))
Configure Matrix Synapse
After installing Matrix Synapse, it’s vital to configure it. Begin with creating a secret using this command:
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1
The output will be a secret key like:
R3jvgiDYyhh5XgduDPsgtwxPDiar8q2s
Edit the default configuration file:
nano /etc/matrix-synapse/homeserver.yaml
Configure your bind address, disable registration, and add the secret:
bind_addresses: ['127.0.0.1']
enable_registration: false
registration_shared_secret: "R3jvgiDYyhh5XgduDPsgtwxPDiar8q2s"
Save changes and restart the Matrix Synapse service:
systemctl restart matrix-synapse
Configure Nginx as a Reverse Proxy for Matrix Synapse
Setting up Nginx as a reverse proxy enhances availability and security. Install Nginx:
apt-get install nginx -y
Create an Nginx virtual host configuration for Matrix:
nano /etc/nginx/conf.d/matrix.conf
Insert the following configuration:
server {
listen 80;
server_name matrix.linuxbuz.com;
location / {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Save, close the file, and verify your Nginx configuration:
nginx -t
You should see:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Restart the Nginx service:
systemctl restart nginx
Check the status with:
systemctl status nginx
You will see:
? nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-06-04 08:06:22 UTC; 26s ago
Docs: man:nginx(8)
Process: 2433 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 2434 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 2436 (nginx)
Tasks: 5 (limit: 9460)
Memory: 4.8M
CPU: 58ms
CGroup: /system.slice/nginx.service
??2436 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
??2437 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
??2438 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
Create a Super User Account
Create an admin user account to access Matrix Synapse:
register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008
Provide an admin username and set a password:
New user localpart [root]: matrixadmin Password: Confirm password: Make admin [no]: yes Sending registration request... Success!
Secure Matrix Synapse with Let’s Encrypt
Secure communications via SSL using Let’s Encrypt. First, install Certbot:
apt-get install certbot python3-certbot-nginx -y
Run this command to install Let’s Encrypt SSL:
certbot
During this process, input your email and agree to the terms:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): hitjethva@gmail.com
Accept the Terms of Service:
(Y)es/(N)o: Y
Select your website for SSL installation:
Which names would you like to activate HTTPS for? 1: matrix.linuxbuz.com
Confirm by entering “1”:
Requesting a certificate for matrix.linuxbuz.com Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/matrix.linuxbuz.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/matrix.linuxbuz.com/privkey.pem
Access Matrix Synapse
To verify installation, visit https://matrix.linuxbuz.com in your web browser:
Alternatively, use the Riot web-based client available at https://riot.im/app/#/login:
Click on Edit to input your Matrix server URL, then click Continue:
Enter your admin credentials to log in:
You will see the Matrix interface:
Conclusion
In this tutorial, you’ve installed Matrix Synapse on Ubuntu 22.04 and set up Nginx as a reverse proxy. Verification of the setup using the Riot web-based client was also covered. You are now equipped to host your own VOIP server using Matrix Synapse.
FAQ
Q: What is Matrix Synapse?
A: Matrix Synapse is an open-source, web-based messaging and VoIP service platform that allows communication across different service providers.
Q: Why use Matrix Synapse?
A: Matrix Synapse offers secure, distributed, and federated communication with no single point of control or failure, ideal for building scalable VOIP servers.
Q: Is Matrix Synapse free to use?
A: Yes, Matrix Synapse is a free and open-source solution.
Q: Can I secure Matrix Synapse with SSL?
A: Yes, using Let’s Encrypt, you can secure your Matrix Synapse installation with SSL.
Q: Do I need a domain name for setting up Matrix Synapse?
A: Yes, a valid domain name pointing to your server’s IP is required.