Synapse in Linux: Complete guide to install and configure your own Matrix server

Posted onbyBlockmyIP| Category:Linux Programs

Introduction

Synapse is the reference implementation of the Matrix server, an open protocol for real-time decentralized communication. Install Synapse on a Linux system allows you to create your own chat, video calls and collaboration environment without relying on central services. This article shows step by step how to prepare the environment, install the dependencies, configure Synapse and keep it safe.

Previous requirements

You need a recent Linux distribution (Ubuntu 22.04 LTS, Debian 12 or Fedora 38) with root or sweat access, at least 2 GB RAM and 20 GB disk space. A domain name is recommended by pointing to the server IP and a valid TLS certificate (e.g. from Let's Encrypt).

System units

In Debian / Ubuntu:

  • sudo apt update
  • sudo apt install -y python3-pip python3-virtualenv libffi-dev libssl-dev build-essential
  • sudo apt install -y libjpeg-turbo8-dev libpng-dev libwebp-dev

In Fedora:

  • sudo dnf install -y python3-pip python3-virtualenv gcc libffi-devel openssl-devel make
  • sudo dnf install -y libjpeg-turbo-devel libpng-devel libwebp-devel

Create a virtual environment

To isolate the installation, create a directory and a virtual environment:

  • sudo mkdir -p /opt/synapse
  • sudo chown $USER:$USER /opt/synapse
  • cd /opt/synapse
  • python3 -m venv env
  • source env/bin/activate

Install Synapse

With the activated environment, install Synapse and the PostgreSQL adapter:

  • pip install --upgrade pip setuptools wheel
  • pip install synapse[postgres]

Generate the initial configuration

Run the configuration creation command:

  • python -m synapse.app.homeserver --server-name mi.dominio.com --config-path homeserver.yaml --generate-config --report-stats=no

This will producehomeserver.yamlandhomeserver.signing.key. Edit the YAML to:

  • Definelisteners(port 8008, optional TLS).
  • Configure Sectiondatabasewith the PostgreSQL data.
  • Setregistration_shared_secretwith a random value.
  • Decide if you allow open records (enable_registration: true) or only by invitation.

Configure PostgreSQL

If you use PostgreSQL, create the database and user:

  • sudo -u postgres psql
  • Within psql:CREATE DATABASE synapse;
  • CREATE USER synapse_user WITH PASSWORD 'tu_contraseña_segura';
  • GRANT ALL PRIVILEGES ON DATABASE synapse TO synapse_user;
  • \q

Then adjust the sectiondatabaseofhomeserver.yamlwith those credentials.

Run Synapse as Service

Create a system unit file for Synapse to boot at the start:

  • sudo nano /etc/systemd/system/synapse.service

Content:

[Unit] Description = Synapse Matrix HomeserverAfter = network.target [Service] Type = simpleUser = your _ usuarioWorkingDirectory = / opt / synapseEnvironment = "PATH = / opt / synapse / env / bin" ExecStart = / opt / synapse / env / bin / python -m synapse.app.homeserver --config-path / opt / synapse / homes.com.and -Rester.and [Inster.and]

Replacementtu_usuarioby the owner of/opt/synapse. Then:

  • sudo systemctl daemon-reload
  • sudo systemctl enable synapse.service
  • sudo systemctl start synapse.service
  • sudo systemctl status synapse.service

Security and good practices

  • Use a TLS certificate from Let's Encrypt and definetls_certificate_pathandtls_private_key_pathin the YAML.
  • Restrict access to port 8008 (or 443 if you use a proxy) withufworfirewalld.
  • Disable open registration (enable_registration: false) and uses invitations or SSO.
  • Configure log rotation withlogrotate.
  • Keep the environment up to date:pip install --upgrade synapsewithin the environment and restart the service.

Monitoring and maintenance

Synapse exposition metrics in/_synapse/metricsfor Prometheus. The filehomeserver.logcontains information on errors and warnings. Configure achieve:

  • sudo nano /etc/logrotate.d/synapse
  • Content:
/ opt / synapse / homeserver.log {weekly rotate 4 compressor missingok notifempty}

To update, reactivate the environment, runpip install --upgrade synapseand restart withsudo systemctl restart synapse.service.

Conclusion

Install Synapse in Linux is an accessible process that gives you full control over your Matrix-based communication. With the above steps you will have a secure server, ready to integrate bridges, bots and collaboration applications. Encourage yourself to deploy your own node and contribute to the decentralized network of safe messaging.

This work is under aCreative Commons License Attribution 4.0 International for Francesc Roig francesc @ vivaldi.net.

EnglishenEnglishEnglish
SpanishesSpanishEspañolEnglishenEnglishEnglish