How to Self-Host Matrix with Element (Docker Compose)

Self-Hosting Feb 7, 2021

Last Updated: 13th June 2021

This is a complete guide on setting up Matrix (Synapse) and Element on a fresh Ubuntu 20.04 Server.

If your server is already setup feel free to skip.

Contents
What is Matrix?
Server Setup
Install UFW
Setup Sudo User
Install Docker
Install Matrix and Element
Create New Users
Reverse Proxy
Login

What is Matrix?

Matrix is an open standard and communication protocol for real-time communication. It aims to make real-time communication work seamlessly between different service providers, just like standard Simple Mail Transfer Protocol email does now for store-and-forward email service, by allowing users with accounts at one communications service provider to communicate with users of a different service provider via online chat, voice over IP, and videotelephony. Such protocols have been around before such as XMPP but Matrix is not based on that or another communication protocol. From a technical perspective, it is an application layer communication protocol for federated real-time communication. It provides HTTP APIs and open source reference implementations for securely distributing and persisting messages in JSON format over an open federation of servers. It can integrate with standard web services via WebRTC, facilitating browser-to-browser applications. Wikipedia

Server Setup

  1. Update: sudo apt update && sudo apt upgrade
  2. Install automatic updates: sudo apt install unattended-upgrades
  3. Change SSH Port: sudo nano /etc/ssh/sshd_config

Remove the # infront of Port 22 and then change it (30000-50000 is ideal).

This is security though obsucurity which is not ideal but port 22 just gets abused by bots.

  1. Setup SSH Keys

  2. Restart SSH: sudo systemctl restart sshd

  3. Install fail2ban: sudo apt install fail2ban

Install UFW Firewall

  1. Install: sudo apt install ufw
  2. Replace SSH-PORT to your SSH port: sudo ufw allow <SSH-PORT>/tcp
  3. Allow HTTP/s traffic:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 8443/tcp
  1. Enable Firewall: sudo ufw enable

Setup a sudo user

  1. adduser <USERNAME>
  2. Add user to sudoers sudo adduser <USERNAME> sudo

Install Docker

Offical Docker Install: Ubuntu Debian
1.

sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common
  1. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"

4.sudo apt-get update
5. sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose
6. Create docker network: sudo docker network create --driver=bridge --subnet=10.10.10.0/24 --gateway=10.10.10.1 dockernet

Install Matrix and Element

  1. Create Matrix directory: sudo mkdir matrix
  2. Use the following template:
    sudo nano docker-compose.yaml
version: '2.3'
services:
  postgres:
    image: postgres:9.6.4
    restart: always
    networks:
      default:
        ipv4_address: 10.10.10.11
    volumes:
     - ./postgresdata:/var/lib/postgresql/data

    # These will be used in homeserver.yaml later on
    environment:
     - POSTGRES_PASSWORD=STRONGPASSWORD
     - POSTGRES_USER=synapse
     
  element:
    image: vectorim/element-web
    restart: always
    volumes:
      - ./element-config.json:/app/config.json
    networks:
      default:
        ipv4_address: 10.10.10.12
        
  synapse:
    image: matrixdotorg/synapse:latest
    restart: "unless-stopped"
    networks:
      default:
        ipv4_address: 10.10.10.13
    port:
     - "8443:8443"
    volumes:
     - ./synapse:/data

networks:
  default:
    external:
      name: dockernet
  1. Create Element Config sudo nano element-config.json
    Example Contents

  2. Generate Synapse Config:

sudo docker run -it --rm \
    -v "$HOME/matrix/synapse:/data" \
    -e SYNAPSE_SERVER_NAME=matrix.example.com \
    -e SYNAPSE_REPORT_STATS=yes \
    matrixdotorg/synapse:latest generate
  1. Deploy: sudo docker-compose up -d

Create New Users

  1. Access docker shell: docker exec -it matrix_synapse_1 bash
  2. register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008
  3. Follow the on screen prompts

To allow anyone to register an account set 'enable_registration' to true in the homeserver.yaml. This is NOT recomended.

Install Reverse Proxy (Caddy)

Caddy will be used for the reverse proxy, it will also automatically generate Let's Encrypt Certificates.

  1. Follow this setup guide:
Caddy Server v2 Reverse Proxy Setup Guide
Last Updated: 07/06/2021 What is Caddy? Caddy has a wide range of use cases including: Web Server Reverse Proxy Sidecar Proxy Load Balancer API Gateway Ingress Controller System Manager Process Supervisor Task Scheduler Today we will be installing and setting up Caddy as a Reverse Proxy. This will
  1. Head to your user directory: cd
  2. Create Caddy file: sudo nano Caddyfile
    Use the following template:
matrix.example.com {
  reverse_proxy 10.10.10.13:8008
}

matrix.example.com:8443 {
  reverse_proxy 10.10.10.13:8008
}

element.example.com {
  reverse_proxy 10.10.10.12:80
}

Additional Configuration (Optional)

  1. Enable the config: caddy reload

Login

  1. Head to your element domain and login!

Comments

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.