mirror of
https://github.com/ArcticFoxes-net/Synapse-Docker-Compose.git
synced 2024-10-01 08:25:44 -04:00
Matrix Synapse Docker-Compose
cfff6d090a
Signed-off-by: Tommy <contact@tommytran.io> |
||
---|---|---|
swag/nginx | ||
.env | ||
docker-compose.yml | ||
LICENSE | ||
README.md |
Synapse-Docker-Compose
Matrix Synapse Docker-Compose
- Update
docker-compose.yml
- Update the hostname in
swag/nginx/proxy-confs/synapse.subdomain.conf
,swag/nginx/proxy-confs/element.subdomain.conf
, andswag/nginx/proxy-confs/matrix-to.subdomain.conf
approprieately. - Run
docker-compose run --rm -e SYNAPSE_SERVER_NAME=yourdomain.tld -e SYNAPSE_REPORT_STATS=no synapse generate
- Update ./files/homeserver.yaml
- Update web_client_location to app.yourdomain.tld (Remember to remove the comment #)
- Update public_baseurl to matrix.yourdomain.tld (Remember to remove the comment #)
- Uncomment serve_server_wellknown to enable it and configure https://yourdoman.tld/.well-known/matrix/server for federation
- Change
pepper
in your password config. Uncomment the setting to enable it. - Change the default database from SQLite to PostgreSQL
- Configure the mail credentials if you have a mail server
- Configure
admin_contact
in the homeserver blocking section - Enable
encryption_enabled_by_default_for_room_type
by default - Edit whatever else you might want to
- Copy config.sample.json from https://github.com/vector-im/element-web to
./element/config.json
and make the approriate adjustments - Tighten the Content Security Policy in
swag/nginx/proxy-confs/element.subdomain.conf
to suit your needs - Copy the config from https://github.com/matrix-org/pantalaimon to
./pantalaimon/pantalaimon.conf
and edit it accordingly - Run
docker-compose up
and make sure nothing errors out. You can usedocker-compose up -d
to start it in the background if you want. - Uncomment the security options for postgres. Run
docker-compose up -d
again. - Create a user for mjolnir
- Copy the config from https://github.com/matrix-org/mjolnir/blob/main/config/default.yaml to
./mjolnir/config/production.yaml
and edit it accordingly. If you want Mjolnir to recieve reports instead of Synapse, make it listen on0.0.0.0:8081
. You will also need to uncomment the approprieate lines in./swag/nginx/proxy-confs/synapse.subdomain.conf
as well.
Notes
The CSP policies in swag/nginx/proxy-confs/element.subdomain.conf
is slightly stricter on ArcticFoxes Element as it does not support third party servers:
add_header Content-Security-Policy "default-src 'none'; connect-src 'self' https://arcticfoxes.net https://matrix.arcticfoxes.net; font-src 'self'; img-src 'self' https://arcticfoxes.net https://matrix.arcticfoxes.net blob: data:; manifest-src 'self'; media-src https://matrix.arcticfoxes.net; script-src 'self' 'unsafe-eval' https://www.recaptcha.net https://www.gstatic.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.recaptcha.net blob:; frame-ancestors 'self'; block-all-mixed-content; base-uri 'none'";