How to Create a Chat Server Using Matrix Synapse and Element on Ubuntu 22.04

Matrix Synapse is a high-performance communication server built on the Matrix open standard for decentralized communication. The Matrix protocol is designed to provide a secure, interoperable, and decentralized communication infrastructure, allowing users to exchange messages, participate in group chats, share files, and collaborate across different platforms and services.

This comprehensive guide will walk you through the installation process, ensuring a seamless setup of Matrix Synapse on your Ubuntu 22.04 server.

Step 1 – Add Matrix Synapse Repository

By default, the Matrix Synapse package is not included in the Ubuntu default repository, so you will need to install it from its official repository.

First, download the Matrix Synapse GPG key.

wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg

Then, add the Matrix Synapse repository to the APT source file.

echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/matrix-org.list

Next, update the package index using the following command.

apt update -y

Step 2 – Install Matrix Synapse

Now, install the Matrix Synapse package using the following command.

apt install matrix-synapse-py3

You will be asked to provide your domain name as shown below:

Provide your domain name and click on OK. Once Matrix Synapse is installed, start the Matrix Synapse service using the following command.

systemctl start matrix-synapse

You can now verify the status of Matrix Synapse using the following command.

systemctl status matrix-synapse

Output.

matrix-synapse.service - Synapse Matrix homeserver
     Loaded: loaded (/lib/systemd/system/matrix-synapse.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2024-02-15 11:10:12 UTC; 20s ago
    Process: 2165 ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matr>
   Main PID: 2170 (python)
      Tasks: 8 (limit: 4579)
     Memory: 93.5M
        CPU: 8.363s
     CGroup: /system.slice/matrix-synapse.service
             └─2170 /opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/>

Feb 15 11:10:09 ubuntu matrix-synapse[2165]: Generating signing key file /etc/matrix-synapse/homeserver.signing.key
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: This server is configured to use 'matrix.org' as its trusted key server via the
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: 'trusted_key_servers' config option. 'matrix.org' is a good choice for a key
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: server since it is long-lived, stable and trusted. However, some admins may
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: wish to use another server for this purpose.
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: To suppress this warning and continue using 'matrix.org', admins should set
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: 'suppress_key_server_warning' to 'true' in homeserver.yaml.
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: --------------------------------------------------------------------------------
Feb 15 11:10:12 ubuntu matrix-synapse[2170]: Config is missing macaroon_secret_key
Feb 15 11:10:12 ubuntu systemd[1]: Started Synapse Matrix homeserver.
lines 1-21/21 (END)

At this point, Matrix Synapse is started and listens on port 8008. You can verify it using the command given below:

ss -plnt | grep 8008

Output.

LISTEN 0      50         127.0.0.1:8008      0.0.0.0:*    users:(("python",pid=2170,fd=14))        
LISTEN 0      50             [::1]:8008         [::]:*    users:(("python",pid=2170,fd=13))        

Step 3 – Configure Matrix Synapse

First, generate the secret key using the following command.

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1

Output.

c4eEv6cZCc1jXeHGbzFyzGB0RFPp2HfP

Next, edit the Matrix Synapse main configuration file.

nano /etc/matrix-synapse/homeserver.yaml

Change the following lines:

listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
bind_addresses: ['127.0.0.1']

resources:
- names: [client, federation]
compress: false

enable_registration: false
registration_shared_secret: "c4eEv6cZCc1jXeHGbzFyzGB0RFPp2HfP"

Save and close the file, then restart the Matrix Synapse service to reload the changes.

systemctl restart matrix-synapse

Step 4 – Create an Administrative User

Next, you will need to create an admin user to authenticate Matrix Synapse. You can create it using the following command.

register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008

Define your user and password as shown below:

New user localpart [root]: madmin
Password: 
Confirm password: 
Make admin [no]: yes
Sending registration request...
Success!

Step 5 – Download Let’s Encrypt SSL

We will use the Let’s Encrypt SSL to secure the Matrix Synapse server.

First, install the Nginx web server.

apt install nginx

Next, install the Certbot Let’s Encrypt client using the following commands.

snap install core

snap refresh core

snap install --classic certbot

ln -s /snap/bin/certbot /usr/bin/certbot

Next, download the Let’s Encrypt SSL for your domain.

certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d matrix.linuxbuz.com

Next, generate the dhparam using the following command.

openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096

Step 6 – Configure Nginx for Matrix Synapse

Next, you will need to configure Nginx as a reverse proxy for Matrix Synapse.

First, edit the Nginx main configuration file.

nano /etc/nginx/nginx.conf

Add the following line after the line http{:

server_names_hash_bucket_size 64;

Next, create an Nginx virtual host configuration file for Matrix Synapse.

nano /etc/nginx/conf.d/synapse.conf

Add the following configurations.

# enforce HTTPS
server {
    # Client port
    listen 80;
    server_name matrix.linuxbuz.com;
    return 301 https://$host$request_uri;
}

server {
    server_name matrix.linuxbuz.com;

    # Client port
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    # Federation port
    listen 8448 ssl http2 default_server;
    listen [::]:8448 ssl http2 default_server;

    access_log  /var/log/nginx/synapse.access.log;
    error_log   /var/log/nginx/synapse.error.log;

    # TLS configuration
    ssl_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/matrix.linuxbuz.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/chain.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    location /_matrix {
        proxy_pass http://localhost:8008;
        proxy_set_header X-Forwarded-For $remote_addr;
        # Nginx by default only allows file uploads up to 1M in size
        # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
        client_max_body_size 10M;
    }
}

# This is used for Matrix Federation
# which is using default TCP port '8448'
server {
    listen 8448 ssl;
    server_name matrix.linuxbuz.com;

    ssl_certificate /etc/letsencrypt/live/matrix.linuxbuz.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/matrix.linuxbuz.com/privkey.pem;

    location / {
        proxy_pass http://localhost:8008;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
}

Save and close the file, then reload Nginx to apply the changes.

systemctl restart nginx

Step 7 – Access Matrix Synapse

You can now verify the Matrix Synapse installation using the URL https://matrix.linuxbuz.com:8448/_matrix/static/ on your web browser. You should see the following screen:

You can also verify your Matrix Synapse using the Riot web-based client https://riot.im/app/#/login. You should see the following screen:

Click on the Edit button. You should see the following screen:

Provide your Matrix server URL and click on the Continue button. You should see the Matrix login page:

Provide your admin username and password and click on the Sign in button. Once you are connected to the Matrix Synapse server. You should see the following screen:

Conclusion

Congratulations! You have successfully installed Matrix Synapse on Ubuntu 22.04, providing a powerful platform for decentralized communication and collaboration. With Matrix Synapse configured and running, you can explore its rich features and integrate them into your communication workflows. Enjoy seamless and secure real-time messaging with Matrix Synapse on dedicated server hosting from Atlantic.Net!