Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[GUIDE] Matrix-Synapse w/ postgres DB (chat server) + Element (web client) + Coturn (voice)

Featured Replies

A couple weeks ago I stumbled on this guide and decided to give it a go. Unfortunately much of it is outdated, and it took a lot of searching, troubleshooting, and help from @PSYCHOPATHiO to fill in the gaps. After hitting what feels like every possible snag I finally got it all working and wanted to share what I've learned. This guide doesn't include video chat, but it will give you a matrix server with an improved postgresql database, element web app, and voice chat.

 

This guide will be assuming you already have swag setup (or know your way around an equivalent like nginx proxy manager).

 

-------------------------------------------------------

DNS Setup:

-------------------------------------------------------

• Create a CNAME record pointed to your unraid server.

• I'll be using the "chat" subdomain in this guide but you can use what you'd like.

 

firefox_ZfpS8nG8GG.thumb.png.89208835b633fb8d7dc35053e77b3ab4.png

 

(If you're on Cloudflare and want federation "Proxy status" has to be toggled to "DNS only". It works internally with a proxy but I couldn't communicate with other matrix servers).

 

• Create an SRV record for the service _matrix targeted at your subdomain like so:

image.thumb.png.d35403ccb2ec7c910471a485c6bdc84d.png

 

• Create a CNAME record for element pointed to your unraid server:

 

firefox_DgoJ2Mgu61.thumb.png.c6f1ce810d3f5aee7ca06bb9fcaed08e.png

 

-------------------------------------------------------

Swag (proxy) Setup

-------------------------------------------------------

Navigate to /appdata/swag/nginx/proxy-confs and create the following configs:

 

element-web.subdomain.conf

 server {
       listen 443 ssl;
       server_name element.*;
       include /config/nginx/ssl.conf;
       client_max_body_size 0;

       location / {
               include /config/nginx/proxy.conf;
               resolver 127.0.0.11 valid=30s;
               set $upstream_app element-web;
               set $upstream_port 80;
               set $upstream_proto http;
               proxy_pass $upstream_proto://$upstream_app:$upstream_port;
       }
}

 

matrix.subdomain.conf

server {

    listen 443 ssl;
    listen [::]:443 ssl;

    server_name chat.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 32M;

    location / {

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
	
   location ^~ /_matrix {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 
    location ^~ /.well-known/matrix/server  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    
    location ^~ /.well-known/matrix/client  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}

• Change UNRAIDSERVERIP to your unraid IP in all 4 spots above.

 

-------------------------------------------------------

Postgres Database Setup:

-------------------------------------------------------

Matrix defaults to an SQLite database, but performance is better with postgres. Before installing matrix we'll prepare a database.

 

• Search CA for "postgres" and install postgresql14 from jj9987.

 

• Set a superuser password and leave the rest on default.

firefox_nx3KGHwxJS.thumb.png.890d1d072595ae0391bb15d532a85313.png

 

• After installing open the console and enter the following commands to set a password for the default postgres user:
 

su

passwd postgres

 

Now exit out of su (type: "exit") and login (type: "login") as the user postgres with the password you just created.

 

Now we're going to create a superuser in the maintenance database named "matrix" in psql by running the following commands:
 

psql

CREATE USER matrix SUPERUSER PASSWORD 'passwordstring';


(replace passwordstring with your own password but leave the quotes)

 

 

Now that we have a database superuser setup lets install pgadmin4 to make administration easier. Search CA for pgadmin4 and grab the one from FoxxMD. Enter an email/password into the template - email doesn't need to be functional it's just serving as a username.

 

firefox_g8tJSNuQlY.thumb.png.ab70b2f4c83f2162a077d9cfc6334e8e.png

 

(It can take a minute to load after install so be patient with it.)

 

• Login to pgadmin with the the email/password you just set.

 

• Select Add New Server and give it a name (I used my unraid server name)

 

• Go to the Connections tab and specify your unraid server IP in the host field.

• Enter the database user matrix and passwordstring that you created above in psql.

 

firefox_I6LVSnx5MB.png.6b563d499092e99ce522274d53214ed6.png

 

• Click Save and you should see your server pop up on the list to the left. Right click it and select Create > Database

 

• Give the database a name (I named it matrix) and go to the Definition tab. Set everything just like this:

 

firefox_uZyqly5ksB.png.fae63adb277e1ccd7d5b92777b34eeae.png

 

• Click Save and you should see the database show up on the left.

 

Now that we have a database ready to go its time to actually install matrix.

 

-------------------------------------------------------

Matrix Setup:

-------------------------------------------------------

• Go to CA and Install matrix from A75G.

• Set "Network Type" to your custom proxy network.

• Set "Server Name" to chat.yourdomain.com

 

Leave the rest on default and install.

 

Navigate to \appdata\matrix and edit the homeserver.yaml file to this:

 

server_name: "chat.yourdomain.com"
pid_file: /data/homeserver.pid
web_client_location: https://element.yourdomain.com
public_baseurl: https://chat.yourdomain.com
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['0.0.0.0']
    resources:
      - names: [client,federation]
        compress: false
database:
  name: psycopg2
  args:
    user: matrix
    password: "PASSWORDSTRING"
    database: matrix
    host: UNRAIDSERVERIP
    port: 5432
    cp_min: 5
    cp_max: 10
log_config: "/data/chat.yourdomain.com.log.config"
media_store_path: "/data/media_store"
suppress_key_server_warning: true
report_stats: false
macaroon_secret_key: "KEY1"
form_secret: "KEY2"
signing_key_path: "/data/chat.yourdomain.com.signing.key"
serve_server_wellknown: true
trusted_key_servers:
  - server_name: "matrix.org"

 ## TURN ##
# The public URIs of the TURN server to give to clients
turn_uris: ["turn:chat.yourdomain.com:3478?transport=udp",  "turn:chat.yourdomain.com:3478?transport=tcp"] 

# The shared secret used to compute passwords for the TURN server
turn_shared_secret: "KEY3" 

# New User Registration
registration_shared_secret: "KEY4"

# vim:ft=yaml

 

• Replace yourdomain.com with your own in all spots

• Change PASSWORDSTRING to your psql matrix user password

• Change UNRAIDSERVERIP to your host IP.

 

If you used something other than "matrix" for the database name/user then adjust accordingly.

 

Open a terminal window and paste the following command:

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

This will give you a random string. Copy it and replace the macaroon_secret_key with it.

Repeat this process for the form_secret, turn_shared_secret, and registration_shared_secret. Restart the matrix docker to apply changes.

 

Now its time to create your first matrix user. Open the console again and paste the command:

register_new_matrix_user http://localhost:8008 -c /data/homeserver.yaml

Follow the prompts to create your matrix admin user.

 

You should now have a functional matrix server. Feel free to log in and try it out. Visit https://federationtester.matrix.org/ to test federation.

 

Also I recommend installing synapse-admin from A75G in CA for easier administration. (Install with all defaults and login with the admin user you just created above).

 

-------------------------------------------------------

Element Setup:

-------------------------------------------------------

First we need to manually create the config path and pull in the default config.

 

• Open the unraid terminal and run the command:

mkdir -p /mnt/user/appdata/element-web/config

• Then download the default config by running:

wget -O /mnt/user/appdata/element-web/config/config.json https://raw.githubusercontent.com/vector-im/element-web/develop/element.io/app/config.json

• In CA search for element-web by vectorim
• Set the "Network Type" to your custom proxy.
• Install

• Navigate to /appdata/element-web/config and edit config.json

• Change "default_server_name" to chat.yourdomain.com

• And add chat.yourdomain.com under "roomDirectory" like so:

267437655_notepad_9y4JP5hDig.png.fb7a4cda8dccd591e7a9d3f76ebe2b94.png

• Save and restart element.

 

Visit element.yourdomain.com and test that it works. (chat.yourdomain.com should also redirect to it).

 

-------------------------------------------------------

Coturn Setup:

-------------------------------------------------------

• Search for coturn by xthursdayx on CA.

• Change Network Type to "Custom: br0" and give it its own static IP on your LAN

• Delete all ports from template except 3478 TCP & UDP.
firefox_qL6jGLQUWT.thumb.png.81f86e6e39ab9403de4449f69c56301e.png

• Install

 

Next go to your firewall settings and forward the following ports:

 

WAN UDP 3478 -> coturn static ip

WAN UDP range 49152:49172 -> coturn static ip

 

And lastly we have to edit our coturn settings. Navigate to /appdata/coturn and edit turnserver.conf so it looks like this:

listening-port=3478
listening-ip=0.0.0.0
external-ip=COTURNIP
min-port=49152
max-port=49172

lt-cred-mech
use-auth-secret
static-auth-secret=TURN_SHARED_SECRET

total-quota=100
stale-nonce=600

realm=chat.yourdomain.com
server-name=chat.yourdomain.com

• Change COTURNIP to the static IP you gave the coturn docker

• Change TURN_SHARED_SECRET to the key you generated for that field in your homeserver.yaml file above.

• Change realm and server-name to your subdomain.

 

That's it. We're finally done. Make sure to restart coturn to apply your settings and then give it a try.

 

(https://icetest.info/ is a great TURN troubleshooting tool if you have issues).

 

----------------------------------------------------------------------------------------------------------------------------------------------------

 

Hopefully if you've correctly followed all these steps you now have a fully functional matrix server with a few bells and whistles.

 

This is what worked for me but I'm sure there's more elegant ways to do parts of this. I really struggled to get to this point and I AM NO EXPERT. I'm sure there's room for improvement so let me know if anything should be changed. I will do my best to keep it updated and implement suggested changes/improvements.

 

Shoutout to @yinzer for the original guide and @HojojojoWololo for his supplemental post!

And a huge thank you to @PSYCHOPATHiO for all of his help! I never would have gotten all this working without him. He runs a support channel at #support:sykorp.com that was invaluable to me - If you have trouble feel free to drop in and we'll try to help.

 

Edited by Gazeley
revised DNS step, added registration_shared_secret

  • Replies 78
  • Views 88.9k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Fixed it, it's always the simplest things. I had a trailing / at the end of the home server URL in the compose file. Removed that and it starts fine.

  • GeekyGecko
    GeekyGecko

    Hi @strauberry, I seem to remember having a similar network issue and for me the magic solution was this setting in opnsense. Do you have something similar in pfsense and is it checked?  

  • For anyone looking for a guide on how I did this, here it is.   Login to pgAdmin4. On the left expand Server > Matrix > Databases, then right click Databases then go Create > Databa

Posted Images

For any further server customization you need to look at the official default homeserver.yaml config file where you can choose what you want to change from the default setting included in the generated homeserver.yaml file.

 

https://matrix-org.github.io/synapse/v1.37/usage/configuration/homeserver_sample_config.html

 

for users interested in integrating LDAP here is the format:

 

password_providers:
 - module: "ldap_auth_provider.LdapAuthProvider"
   config:
     enabled: true
     mode: "search"     
     uri: "ldap://domain:389"
     start_tls: false
     base: "OU=home,DC=example,dc=com"
     attributes:
        uid: "saMAccountName"
        mail: "mail"
        name: "givenName"
     bind_dn: "cn=ldap,cn=Users,dc=example,dc=com"
     bind_password: "password"
     #filter: "(objectClass=posixAccount)"

 

 

EDIT: NOV-2024 update This is the latest complete Config to manually adjust & fine tune your matrix server

 

https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html

Edited by PSYCHOPATHiO

  • 1 month later...
On 9/1/2022 at 8:50 PM, Gazeley said:

A couple weeks ago I stumbled on this guide and decided to give it a go. Unfortunately much of it is outdated, and it took a lot of searching, troubleshooting, and help from @PSYCHOPATHiO to fill in the gaps. After hitting what feels like every possible snag I finally got it all working and wanted to share what I've learned. This guide doesn't include video chat, but it will give you a matrix server with an improved postgresql database, element web app, and voice chat.

 

This guide will be assuming you already have swag setup (or know your way around an equivalent like nginx proxy manager).

 

-------------------------------------------------------

DNS Setup:

-------------------------------------------------------

• Create a CNAME record pointed to your unraid server.

• I'll be using the "chat" subdomain in this guide but you can use what you'd like.

 

firefox_ZfpS8nG8GG.thumb.png.89208835b633fb8d7dc35053e77b3ab4.png

 

(If you're on Cloudflare and want federation "Proxy status" has to be toggled to "DNS only". It works internally with a proxy but I couldn't communicate with other matrix servers).

 

• Create an SRV record for the service _matrix targeted at your subdomain like so:

image.thumb.png.d35403ccb2ec7c910471a485c6bdc84d.png

 

• Create a CNAME record for element pointed to your unraid server:

 

firefox_DgoJ2Mgu61.thumb.png.c6f1ce810d3f5aee7ca06bb9fcaed08e.png

 

-------------------------------------------------------

Swag (proxy) Setup

-------------------------------------------------------

Navigate to /appdata/swag/nginx/proxy-confs and create the following configs:

 

element-web.subdomain.conf

 server {
       listen 443 ssl;
       server_name element.*;
       include /config/nginx/ssl.conf;
       client_max_body_size 0;

       location / {
               include /config/nginx/proxy.conf;
               resolver 127.0.0.11 valid=30s;
               set $upstream_app element-web;
               set $upstream_port 80;
               set $upstream_proto http;
               proxy_pass $upstream_proto://$upstream_app:$upstream_port;
       }
}

 

matrix.subdomain.conf

server {

    listen 443 ssl;
    listen [::]:443 ssl;

    server_name chat.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 32M;

    location / {

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
	
   location ^~ /_matrix {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 
    location ^~ /.well-known/matrix/server  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    
    location ^~ /.well-known/matrix/client  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}

• Change UNRAIDSERVERIP to your unraid IP in all 4 spots above.

 

-------------------------------------------------------

Postgres Database Setup:

-------------------------------------------------------

Matrix defaults to an SQLite database, but performance is better with postgres. Before installing matrix we'll prepare a database.

 

• Search CA for "postgres" and install postgresql14 from jj9987.

 

• Set a superuser password and leave the rest on default.

firefox_nx3KGHwxJS.thumb.png.890d1d072595ae0391bb15d532a85313.png

 

• After installing open the console and enter the following commands to set a password for the default postgres user:
 

su

passwd postgres

 

Now exit out of su (type: "exit") and login (type: "login") as the user postgres with the password you just created.

 

Now we're going to create a superuser in the maintenance database named "matrix" in psql by running the following commands:
 

psql

CREATE USER matrix SUPERUSER PASSWORD 'passwordstring';


(replace passwordstring with your own password but leave the quotes)

 

 

Now that we have a database superuser setup lets install pgadmin4 to make administration easier. Search CA for pgadmin4 and grab the one from FoxxMD. Enter an email/password into the template - email doesn't need to be functional it's just serving as a username.

 

firefox_g8tJSNuQlY.thumb.png.ab70b2f4c83f2162a077d9cfc6334e8e.png

 

(It can take a minute to load after install so be patient with it.)

 

• Login to pgadmin with the the email/password you just set.

 

• Select Add New Server and give it a name (I used my unraid server name)

 

• Go to the Connections tab and specify your unraid server IP in the host field.

• Enter the database user matrix and passwordstring that you created above in psql.

 

firefox_I6LVSnx5MB.png.6b563d499092e99ce522274d53214ed6.png

 

• Click Save and you should see your server pop up on the list to the left. Right click it and select Create > Database

 

• Give the database a name (I named it matrix) and go to the Definition tab. Set everything just like this:

 

firefox_uZyqly5ksB.png.fae63adb277e1ccd7d5b92777b34eeae.png

 

• Click Save and you should see the database show up on the left.

 

Now that we have a database ready to go its time to actually install matrix.

 

-------------------------------------------------------

Matrix Setup:

-------------------------------------------------------

• Go to CA and Install matrix from A75G.

• Set "Network Type" to your custom proxy network.

• Set "Server Name" to chat.yourdomain.com

 

Leave the rest on default and install.

 

Navigate to \appdata\matrix and edit the homeserver.yaml file to this:

 

server_name: "chat.yourdomain.com"
pid_file: /data/homeserver.pid
web_client_location: https://element.yourdomain.com
public_baseurl: https://chat.yourdomain.com
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['0.0.0.0']
    resources:
      - names: [client,federation]
        compress: false
database:
  name: psycopg2
  args:
    user: matrix
    password: "PASSWORDSTRING"
    database: matrix
    host: UNRAIDSERVERIP
    port: 5432
    cp_min: 5
    cp_max: 10
log_config: "/data/chat.yourdomain.com.log.config"
media_store_path: "/data/media_store"
suppress_key_server_warning: true
report_stats: false
macaroon_secret_key: "KEY1"
form_secret: "KEY2"
signing_key_path: "/data/chat.yourdomain.com.signing.key"
serve_server_wellknown: true
trusted_key_servers:
  - server_name: "matrix.org"

 ## TURN ##
# The public URIs of the TURN server to give to clients
turn_uris: ["turn:chat.yourdomain.com:3478?transport=udp",  "turn:chat.yourdomain.com:3478?transport=tcp"] 

# The shared secret used to compute passwords for the TURN server
turn_shared_secret: "KEY3" 

# vim:ft=yaml

 

• Replace yourdomain.com with your own in all spots

• Change PASSWORDSTRING to your psql matrix user password

• Change UNRAIDSERVERIP to your host IP.

 

If you used something other than "matrix" for the database name/user then adjust accordingly.

 

Open a terminal window and paste the following command:

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

This will give you a random string. Copy it and replace the macaroon_secret_key with it. Repeat this process for the form_secret and turn_shared_secret. Restart the matrix docker to apply changes.

 

Now its time to create your first matrix user. Open the console again and paste the command:

register_new_matrix_user http://localhost:8008 -c /data/homeserver.yaml

Follow the prompts to create your matrix admin user.

 

You should now have a functional matrix server. Feel free to log in and try it out. Visit https://federationtester.matrix.org/ to test federation.

 

Also I recommend installing synapse-admin from A75G in CA for easier administration. (Install with all defaults and login with the admin user you just created above).

 

-------------------------------------------------------

Element Setup:

-------------------------------------------------------

First we need to manually create the config path and pull in the default config.

 

• Open the unraid terminal and run the command:

mkdir -p /mnt/user/appdata/element-web/config

• Then download the default config by running:

wget -O /mnt/user/appdata/element-web/config/config.json https://raw.githubusercontent.com/vector-im/element-web/develop/element.io/app/config.json

• In CA search for element-web by vectorim
• Set the "Network Type" to your custom proxy.
• Install

• Navigate to /appdata/element-web/config and edit config.json

• Change "default_server_name" to chat.yourdomain.com

• And add chat.yourdomain.com under "roomDirectory" like so:

267437655_notepad_9y4JP5hDig.png.fb7a4cda8dccd591e7a9d3f76ebe2b94.png

• Save and restart element.

 

Visit element.yourdomain.com and test that it works. (chat.yourdomain.com should also redirect to it).

 

-------------------------------------------------------

Coturn Setup:

-------------------------------------------------------

• Search for coturn by xthursdayx on CA.

• Change Network Type to "Custom: br0" and give it its own static IP on your LAN

• Delete all ports from template except 3478 TCP & UDP.
firefox_qL6jGLQUWT.thumb.png.81f86e6e39ab9403de4449f69c56301e.png

• Install

 

Next go to your firewall settings and forward the following ports:

 

WAN UDP 3478 -> coturn static ip

WAN UDP range 49152:49172 -> coturn static ip

 

And lastly we have to edit our coturn settings. Navigate to /appdata/coturn and edit turnserver.conf so it looks like this:

listening-port=3478
listening-ip=0.0.0.0
external-ip=COTURNIP
min-port=49152
max-port=49172

lt-cred-mech
use-auth-secret
static-auth-secret=TURN_SHARED_SECRET

total-quota=100
stale-nonce=600

realm=chat.yourdomain.com
server-name=chat.yourdomain.com

• Change COTURNIP to the static IP you gave the coturn docker

• Change TURN_SHARED_SECRET to the key you generated for that field in your homeserver.yaml file above.

• Change realm and server-name to your subdomain.

 

That's it. We're finally done. Make sure to restart coturn to apply your settings and then give it a try.

 

(https://icetest.info/ is a great TURN troubleshooting tool if you have issues).

 

----------------------------------------------------------------------------------------------------------------------------------------------------

 

Hopefully if you've correctly followed all these steps you now have a fully functional matrix server with a few bells and whistles.

 

This is what worked for me but I'm sure there's more elegant ways to do parts of this. I really struggled to get to this point and I AM NO EXPERT. I'm sure there's room for improvement so let me know if anything should be changed. I will do my best to keep it updated and implement suggested changes/improvements.

 

Shoutout to @yinzer for the original guide and @HojojojoWololo for his supplemental post!

And a huge thank you to @PSYCHOPATHiO for all of his help! I never would have gotten all this working without him. He runs a support channel at #support:sykorp.com that was invaluable to me - If you have trouble feel free to drop in and we'll try to help.

 

Can I use NPM or dose it have to be swag and can I add the same congregation file to NPM? Thank you

  • Author
3 hours ago, Tweak91 said:

Can I use NPM or dose it have to be swag and can I add the same congregation file to NPM? Thank you

 

nginx proxy manager will work instead but I'm not familiar with it - couldn't tell you how to configure.

On 9/1/2022 at 8:50 PM, Gazeley said:

A couple weeks ago I stumbled on this guide and decided to give it a go. Unfortunately much of it is outdated, and it took a lot of searching, troubleshooting, and help from @PSYCHOPATHiO to fill in the gaps. After hitting what feels like every possible snag I finally got it all working and wanted to share what I've learned. This guide doesn't include video chat, but it will give you a matrix server with an improved postgresql database, element web app, and voice chat.

 

This guide will be assuming you already have swag setup (or know your way around an equivalent like nginx proxy manager).

 

-------------------------------------------------------

DNS Setup:

-------------------------------------------------------

• Create a CNAME record pointed to your unraid server.

• I'll be using the "chat" subdomain in this guide but you can use what you'd like.

 

firefox_ZfpS8nG8GG.thumb.png.89208835b633fb8d7dc35053e77b3ab4.png

 

(If you're on Cloudflare and want federation "Proxy status" has to be toggled to "DNS only". It works internally with a proxy but I couldn't communicate with other matrix servers).

 

• Create an SRV record for the service _matrix targeted at your subdomain like so:

image.thumb.png.d35403ccb2ec7c910471a485c6bdc84d.png

 

• Create a CNAME record for element pointed to your unraid server:

 

firefox_DgoJ2Mgu61.thumb.png.c6f1ce810d3f5aee7ca06bb9fcaed08e.png

 

-------------------------------------------------------

Swag (proxy) Setup

-------------------------------------------------------

Navigate to /appdata/swag/nginx/proxy-confs and create the following configs:

 

element-web.subdomain.conf

 server {
       listen 443 ssl;
       server_name element.*;
       include /config/nginx/ssl.conf;
       client_max_body_size 0;

       location / {
               include /config/nginx/proxy.conf;
               resolver 127.0.0.11 valid=30s;
               set $upstream_app element-web;
               set $upstream_port 80;
               set $upstream_proto http;
               proxy_pass $upstream_proto://$upstream_app:$upstream_port;
       }
}

 

matrix.subdomain.conf

server {

    listen 443 ssl;
    listen [::]:443 ssl;

    server_name chat.*;
    include /config/nginx/ssl.conf;
    client_max_body_size 32M;

    location / {

        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
	
   location ^~ /_matrix {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
 
    location ^~ /.well-known/matrix/server  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
    
    location ^~ /.well-known/matrix/client  {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app UNRAIDSERVERIP;
        set $upstream_port 8008;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
    }
}

• Change UNRAIDSERVERIP to your unraid IP in all 4 spots above.

 

-------------------------------------------------------

Postgres Database Setup:

-------------------------------------------------------

Matrix defaults to an SQLite database, but performance is better with postgres. Before installing matrix we'll prepare a database.

 

• Search CA for "postgres" and install postgresql14 from jj9987.

 

• Set a superuser password and leave the rest on default.

firefox_nx3KGHwxJS.thumb.png.890d1d072595ae0391bb15d532a85313.png

 

• After installing open the console and enter the following commands to set a password for the default postgres user:
 

su

passwd postgres

 

Now exit out of su (type: "exit") and login (type: "login") as the user postgres with the password you just created.

 

Now we're going to create a superuser in the maintenance database named "matrix" in psql by running the following commands:
 

psql

CREATE USER matrix SUPERUSER PASSWORD 'passwordstring';


(replace passwordstring with your own password but leave the quotes)

 

 

Now that we have a database superuser setup lets install pgadmin4 to make administration easier. Search CA for pgadmin4 and grab the one from FoxxMD. Enter an email/password into the template - email doesn't need to be functional it's just serving as a username.

 

firefox_g8tJSNuQlY.thumb.png.ab70b2f4c83f2162a077d9cfc6334e8e.png

 

(It can take a minute to load after install so be patient with it.)

 

• Login to pgadmin with the the email/password you just set.

 

• Select Add New Server and give it a name (I used my unraid server name)

 

• Go to the Connections tab and specify your unraid server IP in the host field.

• Enter the database user matrix and passwordstring that you created above in psql.

 

firefox_I6LVSnx5MB.png.6b563d499092e99ce522274d53214ed6.png

 

• Click Save and you should see your server pop up on the list to the left. Right click it and select Create > Database

 

• Give the database a name (I named it matrix) and go to the Definition tab. Set everything just like this:

 

firefox_uZyqly5ksB.png.fae63adb277e1ccd7d5b92777b34eeae.png

 

• Click Save and you should see the database show up on the left.

 

Now that we have a database ready to go its time to actually install matrix.

 

-------------------------------------------------------

Matrix Setup:

-------------------------------------------------------

• Go to CA and Install matrix from A75G.

• Set "Network Type" to your custom proxy network.

• Set "Server Name" to chat.yourdomain.com

 

Leave the rest on default and install.

 

Navigate to \appdata\matrix and edit the homeserver.yaml file to this:

 

server_name: "chat.yourdomain.com"
pid_file: /data/homeserver.pid
web_client_location: https://element.yourdomain.com
public_baseurl: https://chat.yourdomain.com
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['0.0.0.0']
    resources:
      - names: [client,federation]
        compress: false
database:
  name: psycopg2
  args:
    user: matrix
    password: "PASSWORDSTRING"
    database: matrix
    host: UNRAIDSERVERIP
    port: 5432
    cp_min: 5
    cp_max: 10
log_config: "/data/chat.yourdomain.com.log.config"
media_store_path: "/data/media_store"
suppress_key_server_warning: true
report_stats: false
macaroon_secret_key: "KEY1"
form_secret: "KEY2"
signing_key_path: "/data/chat.yourdomain.com.signing.key"
serve_server_wellknown: true
trusted_key_servers:
  - server_name: "matrix.org"

 ## TURN ##
# The public URIs of the TURN server to give to clients
turn_uris: ["turn:chat.yourdomain.com:3478?transport=udp",  "turn:chat.yourdomain.com:3478?transport=tcp"] 

# The shared secret used to compute passwords for the TURN server
turn_shared_secret: "KEY3" 

# vim:ft=yaml

 

• Replace yourdomain.com with your own in all spots

• Change PASSWORDSTRING to your psql matrix user password

• Change UNRAIDSERVERIP to your host IP.

 

If you used something other than "matrix" for the database name/user then adjust accordingly.

 

Open a terminal window and paste the following command:

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

This will give you a random string. Copy it and replace the macaroon_secret_key with it. Repeat this process for the form_secret and turn_shared_secret. Restart the matrix docker to apply changes.

 

Now its time to create your first matrix user. Open the console again and paste the command:

register_new_matrix_user http://localhost:8008 -c /data/homeserver.yaml

Follow the prompts to create your matrix admin user.

 

You should now have a functional matrix server. Feel free to log in and try it out. Visit https://federationtester.matrix.org/ to test federation.

 

Also I recommend installing synapse-admin from A75G in CA for easier administration. (Install with all defaults and login with the admin user you just created above).

 

-------------------------------------------------------

Element Setup:

-------------------------------------------------------

First we need to manually create the config path and pull in the default config.

 

• Open the unraid terminal and run the command:

mkdir -p /mnt/user/appdata/element-web/config

• Then download the default config by running:

wget -O /mnt/user/appdata/element-web/config/config.json https://raw.githubusercontent.com/vector-im/element-web/develop/element.io/app/config.json

• In CA search for element-web by vectorim
• Set the "Network Type" to your custom proxy.
• Install

• Navigate to /appdata/element-web/config and edit config.json

• Change "default_server_name" to chat.yourdomain.com

• And add chat.yourdomain.com under "roomDirectory" like so:

267437655_notepad_9y4JP5hDig.png.fb7a4cda8dccd591e7a9d3f76ebe2b94.png

• Save and restart element.

 

Visit element.yourdomain.com and test that it works. (chat.yourdomain.com should also redirect to it).

 

-------------------------------------------------------

Coturn Setup:

-------------------------------------------------------

• Search for coturn by xthursdayx on CA.

• Change Network Type to "Custom: br0" and give it its own static IP on your LAN

• Delete all ports from template except 3478 TCP & UDP.
firefox_qL6jGLQUWT.thumb.png.81f86e6e39ab9403de4449f69c56301e.png

• Install

 

Next go to your firewall settings and forward the following ports:

 

WAN UDP 3478 -> coturn static ip

WAN UDP range 49152:49172 -> coturn static ip

 

And lastly we have to edit our coturn settings. Navigate to /appdata/coturn and edit turnserver.conf so it looks like this:

listening-port=3478
listening-ip=0.0.0.0
external-ip=COTURNIP
min-port=49152
max-port=49172

lt-cred-mech
use-auth-secret
static-auth-secret=TURN_SHARED_SECRET

total-quota=100
stale-nonce=600

realm=chat.yourdomain.com
server-name=chat.yourdomain.com

• Change COTURNIP to the static IP you gave the coturn docker

• Change TURN_SHARED_SECRET to the key you generated for that field in your homeserver.yaml file above.

• Change realm and server-name to your subdomain.

 

That's it. We're finally done. Make sure to restart coturn to apply your settings and then give it a try.

 

(https://icetest.info/ is a great TURN troubleshooting tool if you have issues).

 

----------------------------------------------------------------------------------------------------------------------------------------------------

 

Hopefully if you've correctly followed all these steps you now have a fully functional matrix server with a few bells and whistles.

 

This is what worked for me but I'm sure there's more elegant ways to do parts of this. I really struggled to get to this point and I AM NO EXPERT. I'm sure there's room for improvement so let me know if anything should be changed. I will do my best to keep it updated and implement suggested changes/improvements.

 

Shoutout to @yinzer for the original guide and @HojojojoWololo for his supplemental post!

And a huge thank you to @PSYCHOPATHiO for all of his help! I never would have gotten all this working without him. He runs a support channel at #support:sykorp.com that was invaluable to me - If you have trouble feel free to drop in and we'll try to help.

 

What about caddy2 or Apache.

Followed every step would not work I have NPM not swag. 

Anyone who needs help I have it fully running I'm using nginx proxy manager 

And I'm also I'm using Matrix-Synapse docker not the in the tutorial 

On 10/19/2022 at 1:21 AM, Tweak91 said:

What about caddy2 or Apache.

Followed every step would not work I have NPM not swag. 

for other types of config https://gist.github.com/matusnovak/37109e60abe79f4b59fc9fbda10896da

 

for any additional help, I'm always available. you can join me on Matrix or add me @psychopathio:sykorp.com

Edited by PSYCHOPATHiO

On 10/18/2022 at 10:25 PM, Tweak91 said:

Anyone who needs help I have it fully running I'm using nginx proxy manager 

And I'm also I'm using Matrix-Synapse docker not the in the tutorial 

Can you post your NPM setup with personal info redacted?

15 hours ago, blaine07 said:

Can you post your NPM setup with personal info redacted?

 

15 hours ago, blaine07 said:

Can you post your NPM setup with personal info redacted?

sorry about that forgot lol

10 minutes ago, Tweak91 said:

Not sure I read you could use caddy but didn't try 

I found this https://github.com/matrix-org/synapse/blob/develop/docs/reverse_proxy.md

 

CADDY v2

matrix.example.com {
  reverse_proxy /_matrix/* localhost:8008
  reverse_proxy /_synapse/client/* localhost:8008
}

example.com:8448 {
  reverse_proxy localhost:8008
}

Delegation example:

example.com {
	header /.well-known/matrix/* Content-Type application/json
	header /.well-known/matrix/* Access-Control-Allow-Origin *
	respond /.well-known/matrix/server `{"m.server": "matrix.example.com:443"}`
	respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.example.com"},"m.identity_server":{"base_url":"https://identity.example.com"}}`
}

matrix.example.com {
    reverse_proxy /_matrix/* localhost:8008
    reverse_proxy /_synapse/client/* localhost:8008
}

 

Edited by PSYCHOPATHiO

44 minutes ago, PSYCHOPATHiO said:

I found this https://github.com/matrix-org/synapse/blob/develop/docs/reverse_proxy.md

 

CADDY v2

matrix.example.com {
  reverse_proxy /_matrix/* localhost:8008
  reverse_proxy /_synapse/client/* localhost:8008
}

example.com:8448 {
  reverse_proxy localhost:8008
}

Delegation example:

example.com {
	header /.well-known/matrix/* Content-Type application/json
	header /.well-known/matrix/* Access-Control-Allow-Origin *
	respond /.well-known/matrix/server `{"m.server": "matrix.example.com:443"}`
	respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.example.com"},"m.identity_server":{"base_url":"https://identity.example.com"}}`
}

matrix.example.com {
    reverse_proxy /_matrix/* localhost:8008
    reverse_proxy /_synapse/client/* localhost:8008
}

 

Everything I have is around NPM. I can’t justify changing direction now. I’ll play with it more this evening. 
 

thank you 

2 hours ago, PSYCHOPATHiO said:

I found this https://github.com/matrix-org/synapse/blob/develop/docs/reverse_proxy.md

 

CADDY v2

matrix.example.com {
  reverse_proxy /_matrix/* localhost:8008
  reverse_proxy /_synapse/client/* localhost:8008
}

example.com:8448 {
  reverse_proxy localhost:8008
}

Delegation example:

example.com {
	header /.well-known/matrix/* Content-Type application/json
	header /.well-known/matrix/* Access-Control-Allow-Origin *
	respond /.well-known/matrix/server `{"m.server": "matrix.example.com:443"}`
	respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.example.com"},"m.identity_server":{"base_url":"https://identity.example.com"}}`
}

matrix.example.com {
    reverse_proxy /_matrix/* localhost:8008
    reverse_proxy /_synapse/client/* localhost:8008
}

 

I tired caddy2 once and couldn't make it work right 

2 hours ago, blaine07 said:

Everything I have is around NPM. I can’t justify changing direction now. I’ll play with it more this evening. 
 

thank you 

I made a tutorial for NPM...

Edited by Tweak91

1 hour ago, Tweak91 said:

I made a tutorial for NPM...

How can I get around that a Cname is forbidden with federation?

41 minutes ago, blaine07 said:

How can I get around that a Cname is forbidden with federation?

no its not i have matrix running right now

 

45 minutes ago, blaine07 said:

How can I get around that a Cname is forbidden with federation?

644093625_Captureaaaaaaaaaaaaaaaaaa(2).thumb.PNG.2ad1777b112211af675d498a90ba0e2c.PNG

I downloaded the Synapse Admin; I see that it lets me create registration tokens. How can I set this up to not allow any one to register but to require one of the tokens from Synapse Admin?

Hi there,

 

thanks for the work and the great guide. I tried to follow it but if I open the console for the matrix synapse docker and try to create the first user I get the following error:

 

Traceback (most recent call last):
  File "/usr/local/lib/python3.10/dist-packages/urllib3/connection.py", line 174, in _new_conn
    conn = connection.create_connection(
  File "/usr/local/lib/python3.10/dist-packages/urllib3/util/connection.py", line 95, in create_connection
    raise err
  File "/usr/local/lib/python3.10/dist-packages/urllib3/util/connection.py", line 85, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

 

The relevant part of my config looks like this:

 

server_name: "meine.domain.de"
pid_file: /data/homeserver.pid
web_client_location: https://element.domain.de
public_baseurl: https://meine.domaim.de
listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    bind_addresses: ['0.0.0.0']
    resources:
      - names: [client,federation]
        compress: false
database:
  name: psycopg2
  args:
    user: matrix
    password: "DBPW!"
    database: synapse
    host: UNRAID_IP
    port: 5432
    cp_min: 5
    cp_max: 10

 

Any help woul really be appreaciated. 

  • Author

@m1rc0

 

image.png.c6fe7545a2dae35b050fe29411b2345f.png

 

Did you censor that for this post or did you forget to plug in your IP here?

Edited by Gazeley

17 hours ago, Gazeley said:

@m1rc0

 

image.png.c6fe7545a2dae35b050fe29411b2345f.png

 

Did you censor that for this post or did you forget to plug in your IP here?

Just censored it. :) I got it working when starting with a fresh container. This time I used the matrix-synapse docker. Sadly the connection to the PostgreSQL DB does not work, yet.

  • 4 weeks later...

I'm getting an "unsupported database type" error after editing the yaml file and restarting the matrix container... Anyone else get that at first?

  • 1 month later...

Can someone provide a valid configuration for element-web and Nginx Proxy Manager?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.