synapse
open network for secure, decentralized communication
WWW CVSWeb GITHub-
Package versionsynapse-1.101.0
-
MaintainerRenaud Allard
Matrix specifies a set of RESTful HTTP JSON APIs as an open standard for
federated Instant Messaging and VoIP (creating and managing distributed chat
rooms without points of control or failure, cryptographically secure state
synchronisation across an open network, etc).
In Matrix, every user runs one or more Matrix clients, which connect
through to a Matrix homeserver. The homeserver stores all their personal
chat history and user account information.
Synapse is a reference "homeserver" implementation of Matrix.
+-------------------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-------------------------------------------------------------------------------
Generate a config
=================
As root (or _synapse), go into ${LOCALSTATEDIR}/synapse, then use
doas -u _synapse ${MODPY_BIN} -m synapse.app.homeserver \
-c ${LOCALSTATEDIR}/synapse/homeserver.yaml --generate-config \
--server-name matrix.example.com --report-stats=no \
--keys-directory ${LOCALSTATEDIR}/synapse
Register a user
===============
doas -u _synapse \
${PREFIX}/bin/register_new_matrix_user \
-c ${LOCALSTATEDIR}/synapse/homeserver.yaml \
http://localhost:8008
Configuration with TLS
======================
By default, synapse will run without TLS on localhost:8008
This means that you will not be able to connect to your server remotely.
The best way to achieve remote connectivity is through a reverse proxy.
Here is a relayd.conf(5) example:
http protocol synapse {
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwaded-By" value "$SERVER_ADDR:$SERVER_PORT"
tls keypair "matrix.example.com"
match request header set "Connection" value "close"
}
relay "synapse" {
listen on matrix.example.com port 443 tls
protocol "synapse"
forward to 127.0.0.1 port 8008
}
relay "synapse-server" {
listen on matrix.example.com port 8448 tls
protocol "synapse"
forward to 127.0.0.1 port 8008
}
Here is an Nginx vhost reverse proxy example:
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/matrix.example.com.pem;
ssl_certificate_key /etc/ssl/private/matrix.example.com.key;
server_name matrix.example.com;
location /_matrix {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
ssl_certificate /etc/ssl/matrix.example.com.pem;
ssl_certificate_key /etc/ssl/private/matrix.example.com.key;
server_name matrix.example.com;
location / {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
- STEM->=1.3.0:devel/py-setuptools-rust,python3
- devel/cargo-generate-vendor
- lang/python/3.10
- devel/py-build,python3
- devel/py-installer,python3
- devel/py-poetry-core,python3
- lang/rust
- STEM->=3.0.0:devel/py-jsonschema,python3
- devel/py-immutabledict,python3
- STEM->=2.1.0:textproc/py-unpaddedbase64,python3
- STEM-<3.0.0,>=2.0.0:textproc/py-canonicaljson,python3
- textproc/py-signedjson,python3
- security/py-service_identity,python3
- devel/py-twisted,python3
- www/py-treq,python3
- security/py-openssl,python3
- textproc/py-yaml,python3
- devel/py-asn1,python3
- devel/py-asn1-modules,python3
- security/py-bcrypt,python3
- STEM->=10.0.1:graphics/py-Pillow,python3
- devel/py-sortedcontainers,python3
- devel/py-pydantic,python3
- www/py-macaroons,python3
- net/py-msgpack,python3
- telephony/py-phonenumbers,python3
- sysutils/py-prometheus_client,python3
- devel/py-attrs,python3
- net/py-netaddr,python3
- www/py-jinja2,python3
- www/py-bleach,python3
- STEM->=4.3.0:devel/py-typing-extensions,python3
- security/py-cryptography,python3
- textproc/py-ijson,python3
- STEM->=1.3.0,<2.0.0:devel/py-matrix-common,python3
- sysutils/py-packaging,python3
- devel/py-pydantic-compat,python3
- devel/py-setuptools,python3
- textproc/py-lxml,python3
- www/py-requests,python3
- lang/python/3.10