# Synapse-Docker-Compose Matrix Synapse Docker-Compose 1. Update `docker-compose.yml` 2. Update the hostname in `swag/nginx/proxy-confs/synapse.subdomain.conf`, `swag/nginx/proxy-confs/element.subdomain.conf`, and `swag/nginx/proxy-confs/matrix-to.subdomain.conf` approprieately. 3. Run `docker-compose run --rm -e SYNAPSE_SERVER_NAME=yourdomain.tld -e SYNAPSE_REPORT_STATS=no synapse generate` 4. Update ./files/homeserver.yaml - Update web_client_location to app.yourdomain.tld (Remember to remove the comment #) - Update public_baseurl to matrix.yourdomain.tld (Remember to remove the comment #) - Uncomment serve_server_wellknown to enable it and configure https://yourdoman.tld/.well-known/matrix/server for federation - Change `pepper` in your password config. Uncomment the setting to enable it. - Change the default database from SQLite to PostgreSQL - Configure the mail credentials if you have a mail server - Configure `admin_contact` in the homeserver blocking section - Enable `encryption_enabled_by_default_for_room_type` by default - Edit whatever else you might want to 5. Copy config.sample.json from https://github.com/vector-im/element-web to `./element/config.json` and make the approriate adjustments 6. Tighten the Content Security Policy in `swag/nginx/proxy-confs/element.subdomain.conf` to suit your needs 7. Copy the config from https://github.com/matrix-org/pantalaimon to `./pantalaimon/pantalaimon.conf` and edit it accordingly 8. Run `docker-compose up` and make sure nothing errors out. You can use `docker-compose up -d` to start it in the background if you want. 9. Uncomment the security options for postgres. Run `docker-compose up -d` again. 10. Create a user for mjolnir 11. Copy the config from https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml to `./mjolnir/config/production.yaml` and edit it accordingly. If you want Mjolnir to recieve reports instead of Synapse, make it listen on `0.0.0.0:8081`. You will also need to uncomment the approprieate lines in `./swag/nginx/proxy-confs/synapse.subdomain.conf` as well. ## Notes The CSP policies in `swag/nginx/proxy-confs/element.subdomain.conf` is slightly stricter on [ArcticFoxes Element](https://element.arcticfoxes.net) as it does not support third party servers: ``` add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://arcticfoxes.net https://matrix.arcticfoxes.net; font-src 'self'; img-src 'self' https://arcticfoxes.net https://matrix.arcticfoxes.net blob: data:; manifest-src 'self'; media-src 'self' https://matrix.arcticfoxes.net; script-src 'self' 'unsafe-eval' https://www.recaptcha.net https://www.gstatic.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.recaptcha.net blob:; frame-ancestors 'self'; block-all-mixed-content; base-uri 'none'"; ```