Install Synapse Matrix server on Ubuntu 20.04.3

Install

apt update
apt install python3 docker.io nginx certbot vim
docker run -it --rm \
  --mount type=volume,src=synapse-data,dst=/data \
  -e SYNAPSE_SERVER_NAME=matrix.YOURDOMAIN \
  -e SYNAPSE_REPORT_STATS=yes \
  matrixdotorg/synapse:latest generate

Configure

Matrix

Config will be located at:

• /var/lib/docker/volumes/synapse-data/_data/homeserver.yaml.

Recommend you review settings.

Certbot

certbot --nginx -d YOURDOMAIN -d matrix.YOURDOMAIN

Then ensure it gets automatically renewed

crontab -e

Add the line:

0 12 * * * /usr/bin/certbot renew --quiet

Nginx

Remove the default server configuration in /etc/nginx/sites-enabled/default and replace with

server
{

    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    # For the federation port -> remove if you don't want to enable federation
    listen 8448 ssl http2 default_server;
    listen [::]:8448 ssl http2 default_server;

    server_name matrix.YOURDOMAIN;

  location ~ ^(/_matrix|/_synapse/client)
  {
      # note: do not add a path (even a single /) after the port in `proxy_pass`,
      # otherwise nginx will canonicalise the URI and cause signature verification
      # errors.
      proxy_pass http://localhost:8008;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $host;

      # Nginx by default only allows file uploads up to 1M in size
      # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
      client_max_body_size 50M;
  }
}

Then restart Nginx

nginx -t && nginx -s reload

Run

docker run -d --name synapse --mount type=volume,src=synapse-data,dst=/data \
  -p 8008:8008 matrixdotorg/synapse:latest

Check running

apt install lynx
lynx http://localhost:8008

Create user accounts

docker exec -it synapse register_new_matrix_user -u username -p password -k "registration_shared_secret from homeserver.yaml"  http://localhost:8008

Other

DNS SRV and .well-known to point DOMAIN -> matrix.DOMAIN

Restart a container after a reboot

docker restart synapse

Upgrade an existing container to the latest version

• Download latest image

docker pull matrixdotorg/synapse:latest

• Find the CONTAINER ID of your current container

root@localhost:~# docker ps
CONTAINER ID   IMAGE          COMMAND       CREATED        STATUS                  PORTS                                                           NAMES
a06e8a24d1a6   1776cc2e846d   "/start.py"   4 months ago   Up 4 months (healthy)   8009/tcp, 0.0.0.0:8008->8008/tcp, :::8008->8008/tcp, 8448/tcp   synapse

• Stop the current container

docker stop a06e8a24d1a6

• Remove the old container

docker rm a06e8a24d1a6

• Start a new container

docker run -d --name synapse --mount type=volume,src=synapse-data,dst=/data   -p 8008:8008 matrixdotorg/synapse:latest

• List all downloaded images

docker images

• Remove any images no longer needed

docker image rm ed1176ae5124

Manually change a user’s password

1. Get passsword hash

SSH into the docker container

docker exec -it synapse /bin/bash

Generate a new password hash

hash_password -p newpassword123 -c /data/homeserver.yaml

Exit the container

exit

2. Update the DB with the new hash

$ cd /var/lib/docker/volumes/synapse-data/_data/
$ sqlite3 homeserver.db
sqlite> SELECT name,password_hash FROM users;
sqlite> UPDATE users SET password_hash='hash_from_previous_step' WHERE name='user_name';
sqlite> .quit