I had to move away from an external slack instance that was used for work collaboration. Because of that I was looking for alternatives and decided to try out to host a Element instance myself.

Setup

• mkdir /opt/matrix && cd /opt/matrix

• nano docker-compose.yml

  version: '3.8'
  services:
  db:
    image: postgres:14
    restart: unless-stopped
    volumes:
     - ./postgresdata:/var/lib/postgresql/data
    environment:
     - POSTGRES_DB=synapse
     - POSTGRES_USER=synapse
     - POSTGRES_PASSWORD=STRONGPASSWORD
     - POSTGRES_INITDB_ARGS=--encoding='UTF8' --lc-collate='C' --lc-ctype='C'
  
  element:
    image: vectorim/element-web:latest
    restart: unless-stopped
    volumes:
      - ./element-config.json:/app/config.json
    ports:
     - "8701:80"
  
  synapse:
    image: matrixdotorg/synapse:latest
    restart: unless-stopped
    volumes:
     - ./synapse:/data
    environment:
     - POSTGRES_PASSWORD=STRONGPASSWORD
     - SYNAPSE_SERVER_NAME=matrix.domain.tld
     - SYNAPSE_REPORT_STATS=no
    ports:
     - "8702:8008"
  
  synapse-admin:
    image: awesometechnologies/synapse-admin:latest
    restart: unless-stopped
    ports:
      - "8703:80"
    environment:
     - REACT_APP_SERVER="https://matrix.domain.tld"

• nano element-config.json (Based on https://develop.element.io/config.json )

  {
    "default_server_config": {
        "m.homeserver": {
            "base_url": "https://matrix.domain.tld"
        },
        "m.identity_server": {
            "base_url": "https://vector.im"
        }
    }
  }

• docker run -it --rm -v ./synapse:/data -e SYNAPSE_SERVER_NAME=matrix.domain.tld -e SYNAPSE_REPORT_STATS=no matrixdotorg/synapse:latest generate

• nano synapse/homeserver.yaml:

  • change the key database to

      database:
        name: "psycopg2"
        args:
          user: "synapse"
          password: "STRONGPASSWORD"
          database: "synapse"
          host: "db"
          port: "5432"
          cp_min: 5
          cp_max: 10

  • add the following at the end:

enable_registration: true registration_requires_token: true suppress_key_server_warning: true

serve /.well-known/matrix/server to allow federation without seperate port.

serve_server_wellknown: true

Prevent other servers from fetching public rooms

allow_public_rooms_without_auth: false allow_public_rooms_over_federation: false

Federation server whitelist, defaults to allow all

federation_domain_whitelist:

• matrix.kpa-it.de
• matrix.0in.de

Prevent joining of "complex" (resource intensive) rooms

limit_remote_rooms: enabled: true admins_can_join: true

- nginx server: `nano /etc/nginx/conf.d/matrix-element.conf`

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name matrix.domain.tld;

    ssl_certificate /etc/nginx/ssl/domain.tld.pem;
    ssl_certificate_key /etc/nginx/ssl/domain.tld.key;
    ssl_trusted_certificate /etc/nginx/ssl/domain.tld.pem;

    proxy_connect_timeout 300s;
    proxy_send_timeout 300s;
    proxy_read_timeout 300s;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $host;
    client_max_body_size 50M;

    location ~ ^(/_matrix|/_synapse/client|/_synapse/admin|/.well-known/matrix/) {
        proxy_pass http://127.0.0.1:8702;
    }

    location / {
        proxy_pass http://127.0.0.1:8703/;
    }
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name element.domain.tld;

    ssl_certificate /etc/nginx/ssl/domain.tld.pem;
    ssl_certificate_key /etc/nginx/ssl/domain.tld.key;
    ssl_trusted_certificate /etc/nginx/ssl/domain.tld.pem;

    proxy_connect_timeout 300s;
    proxy_send_timeout 300s;
    proxy_read_timeout 300s;

    location / {
        proxy_pass http://127.0.0.1:8701;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        client_max_body_size 50M;
    }
}
~~~

• docker-compose up -d
• docker-compose exec synapse register_new_matrix_user -c /data/homeserver.yaml http://127.0.0.1:8008

References

• https://blog.facha.dev/how-to-self-host-matrix-and-element-docker-compose/ (2022.08.16) (Archive)
• https://cyberhost.uk/element-matrix-setup/ (2021.10.10) (Archive)
• https://decatec.de/home-server/matrix-element-auf-ubuntu-server-20-04-lts-mit-nginx-und-lets-encrypt/ (Archive)
• https://github.com/AmirDez/matrix-on-premise (Archive)
• https://gist.github.com/faaaaabi/8042e816f3198e43c611f2a2dcab051c (Archive)
• https://github.com/Awesome-Technologies/synapse-admin
• https://github.com/vector-im/element-web
• https://github.com/matrix-org/synapse
• https://matrix-org.github.io/synapse/latest/federate.html
• https://federationtester.matrix.org/
• Retention/Cleanup: https://github.com/matrix-org/synapse/blob/develop/docs/message_retention_policies.md