Go to file
Slavi Pantaleev bfcceb1e82 Make it safer to override matrix_synapse_media_store_path
This is described in Github issue #58.

Until now, we had the variable, but if you redefined it, you'd run
into multiple problems:

- we actually always mounted some "storage" directory to the Synapse
container. So if your media store is not there, you're out of luck

- homeserver.yaml always hardcoded the path to the media store,
as a directory called "media-store" inside the storage directory.

Relocating to outside the storage directory was out of the question.

Moreover, even if you had simply renamed the media store directory
(e.g. "media-store" -> "media_store"), it would have also caused trouble.

With this patch, we mount the media store's parent to the Synapse container.
This way, we don't care where the media store is (inside storage or
not). We also don't assume (anymore) that the final part of the path
is called "media-store" -- anything can be used.

The "storage" directory and variable (`matrix_synapse_storage_path`)
still remain for compatibility purposes. People who were previously
overriding `matrix_synapse_storage_path` can continue doing so
and their media store will be at the same place.

The playbook no longer explicitly creates the `matrix_synapse_storage_path` directory
though. It's not necessary. If the media store is specified to be within it, it will
get created when the media store directory is created by the playbook.
2018-12-20 13:39:01 +02:00
docs Update documentation about email configuration (relayhost brackets) 2018-12-13 16:32:10 +09:00
examples Fix add/config based on comments by @spantaleev 2018-11-23 00:42:54 +00:00
inventory Fix README instructions typo about Ansible host_vars 2018-01-17 15:57:01 +02:00
roles/matrix-server Make it safer to override matrix_synapse_media_store_path 2018-12-20 13:39:01 +02:00
.gitignore Initial commit 2017-07-31 23:08:20 +03:00
ansible.cfg Initial commit 2017-07-31 23:08:20 +03:00
CHANGELOG.md update changelog 2018-11-28 11:05:35 +01:00
LICENSE Add LICENSE file 2018-08-17 09:01:06 +03:00
README.md Add LDAP auth password provider documentation and changelog description 2018-11-28 11:21:03 +02:00
setup.yml Switch from playbook vars to role defaults 2017-08-30 12:05:13 +03:00

Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker

Purpose

This Ansible playbook is meant to easily let you run your own Matrix homeserver.

That is, it lets you join the Matrix network with your own @<username>:<your-domain> identifier, all hosted on your own server.

Using this playbook, you can get the following services configured on your server:

  • a Matrix Synapse homeserver - storing your data and managing your presence in the Matrix network

  • (optional) Amazon S3 storage for your Matrix Synapse's content repository (media_store) files using Goofys

  • (optional, default) PostgreSQL database for Matrix Synapse. Using an external PostgreSQL server is also possible.

  • a coturn STUN/TURN server for WebRTC audio/video calls

  • free Let's Encrypt SSL certificate, which secures the connection to the Synapse server and the Riot web UI

  • (optional, default) a Riot web UI, which is configured to connect to your own Matrix Synapse server by default

  • (optional, default) an mxisd Matrix Identity server

  • (optional, default) a Postfix mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server)

  • (optional, default) an nginx web server, listening on ports 80 and 443 - standing in front of all the other services. Using your own webserver is possible

  • (optional, advanced) the matrix-synapse-rest-auth REST authentication password provider module

  • (optional, advanced) the matrix-synapse-shared-secret-auth password provider module

  • (optional, advanced) the matrix-synapse-ldap3 LDAP Auth password provider module

  • (optional, advanced) the Matrix Corporal reconciliator and gateway for a managed Matrix server

  • (optional) the mautrix-telegram bridge for bridging your Matrix server to Telegram

  • (optional) the mautrix-whatsapp bridge for bridging your Matrix server to Whatsapp

Basically, this playbook aims to get you up-and-running with all the basic necessities around Matrix, without you having to do anything else.

Note: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. Sticking with the defaults (which install a subset of the above components) is the best choice, especially for a new installation. You can always re-run the playbook later to add or remove components.

What's different about this Ansible playbook?

This is similar to the EMnify/matrix-synapse-auto-deploy Ansible deployment, but:

  • this one is a complete Ansible playbook (instead of just a role), so it's easier to run - especially for folks not familiar with Ansible

  • this one installs and hooks together a lot more Matrix-related services for you (see above)

  • this one can be re-ran many times without causing trouble

  • works on both CentOS (7.0+) and Debian-based distributions (Debian 9/Stretch+, Ubuntu 16.04+)

  • this one installs everything in a single directory (/matrix by default) and doesn't "contaminate" your server with files all over the place

  • this one doesn't necessarily take over ports 80 and 443. By default, it sets up nginx for you there, but you can also use your own webserver

  • this one runs everything in Docker containers, so it's likely more predictable and less fragile (see Docker images used by this playbook)

  • this one retrieves and automatically renews free Let's Encrypt SSL certificates for you

  • this one optionally can store the media_store content repository files on Amazon S3 (but defaults to storing files on the server's filesystem)

  • this one optionally allows you to use an external PostgreSQL server for Matrix Synapse's database (but defaults to running one in a container)

Installation

To configure and install Matrix on your own server, follow the README in the docs/ directory.

Changes

This playbook evolves over time, sometimes with backward-incompatible changes.

When updating the playbook, refer to the changelog to catch up with what's new.

Docker images used by this playbook

This playbook sets up your server using the following Docker images:

Deficiencies

This Ansible playbook can be improved in the following ways:

  • setting up automatic backups to one or more storage providers

Support