55 lines
1.4 KiB
Org Mode
55 lines
1.4 KiB
Org Mode
#+TITLE: Matrix Homeserver on NixOS
|
|
|
|
* Prerequisites
|
|
- NixOS installed
|
|
- Domain with DNS pointing to server (A/AAAA Record matrix.domain.tld)
|
|
- Port 443
|
|
|
|
* Setup
|
|
|
|
1. Clone to =/etc/nixos= (or copy files)
|
|
2. Edit =matrix.nix= line 7: change =enter-your-domain= to your domain
|
|
3. Copy your =hardware-configuration.nix= into the directory
|
|
4. Rebuild:
|
|
#+begin_src sh
|
|
nixos-rebuild switch --flake /etc/nixos#nixos-matrix
|
|
#+end_src
|
|
|
|
* Create Admin Account
|
|
|
|
#+begin_src sh
|
|
sudo matrix-synapse-register_new_matrix_user
|
|
#+end_src
|
|
|
|
Prompts for: username, password, admin (y/n)
|
|
|
|
* Verify
|
|
|
|
#+begin_src sh
|
|
systemctl status matrix-synapse postgresql nginx
|
|
#+end_src
|
|
|
|
Test federation: https://federationtester.matrix.org
|
|
|
|
* Notes
|
|
- Registration disabled by default (=enable_registration = false=)
|
|
- PostgreSQL configured automatically
|
|
- Intended usecase ipv6 lxc container with remote reverse proxy
|
|
|
|
* NGINX Reverse Proxy Configurarion
|
|
- Create nginx config with this location
|
|
- issue Lets Encrypt cert via certbot for example
|
|
- nginx will handle everything
|
|
|
|
#+begin_src sh
|
|
location / {
|
|
proxy_pass https://[ipv6_lxc];
|
|
proxy_ssl_verify off;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Host $host;
|
|
|
|
# Increase body size for media uploads (federation can send large files too)
|
|
client_max_body_size 100M;
|
|
}
|
|
#+end_src |