sudo apt update && sudo apt upgrade -y sudo apt install -y git htop mc vnstat vnstati sudo apt install ufw sudo ufw allow 10022 sudo ufw enable sudo ufw status verbose
* [Install nginx and adjust Firewall](https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-debian-10)
sudo apt update sudo apt install nginx sudo ufw app list sudo ufw allow 'Nginx HTTP' sudo ufw allow 'Nginx HTTPS'
sudo ufw status
systemctl status nginx
ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'
cd /etc/nginx/sites-available sudo nano matrix.sternenlabor.de sudo nano chat.sternenlabor.de cd /etc/nginx/sites-enabled sudo ln -s ../sites-available/matrix.sternenlabor.de matrix.sternenlabor.de sudo ln -s ../sites-available/chat.sternenlabor.de chat.sternenlabor.de service nginx reload
sudo apt install -y lsb-release wget apt-transport-https
sudo wget -O /usr/share/keyrings/matrix-org-archive-keyring.gpg https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/matrix-org-archive-keyring.gpg] https://packages.matrix.org/debian/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/matrix-org.list
sudo apt update
sudo apt install -y matrix-synapse-py3 # Server name matrix.sternenlabor.de
sudo apt install -y python3-certbot-nginx
sudo certbot --nginx -d matrix.sternenlabor.de -m kontakt@sternenlabor.de
cd /etc/matrix-synapse/
sudo nano homeserver.yaml
enable_registration: true
domain: matrix.sternenlabor.de
sudo systemctl restart matrix-synapse
cd /var/www
sudo mkdir chat.sternenlabor.de
cd /var/www/chat.sternenlabor.de
sudo wget https://github.com/vector-im/element-web/releases/download/v1.7.22/element-v1.7.22.tar.gz
sudo tar -zxvf element-v1.7.22.tar.gz
sudo ln -s element-v1.7.22 element
sudo certbot --nginx -d chat.sternenlabor.de -m kontakt@sternenlabor.de
cd /var/www/chat.sternenlabor.de/element
sudo cp config.sample.json config.json
sudo nano config.json
"default_server_config": {
"m.homeserver": {
"base_url": "https://matrix.sternenlabor.de", "server_name": "sternenlabor.de" },
service nginx reload
sudo apt install -y postgresql libpq5
sudo -u postgres bash # --> **PW: ******
psql
CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse_user;
database:
name: psycopg2
args:
user: synapse_user
password: ************
database: synapse
host: localhost
cp_min: 5
cp_max: 10
* sudo systemctl restart matrix-synapse
+ sudo ufw allow 8448
+ sudo nano /var/www/chat.sternenlabor.de/element/config.json
"disable_custom_urls": true,
"brand": "Sternenlabor Matrix",
"defaultCountryCode": "DE",
"roomDirectory": {
"servers": [
"matrix.sternenlabor.de",
"matrix.eigenbaukombinat.de",
"matrix.fablabchemnitz.de",
"matrix.org"
]
"jitsi": {
"preferredDomain": "videochat.sternenlabor.de"
+ sudo service nginx reload
+ sudo nano /etc/matrix-synapse/homeserver.yaml
enable_group_creation = true
+ Metrics
+ configure Synapse
+ `sudo nano /etc/matrix-synapse/homeserver.yaml` --> add listener and enable metrics
enable_metrics: true
listeners:
- type: metrics
port: 9000
bind_addresses:
- '0.0.0.0'
+ `systemctl restart matrix-synapse`
+ sudo ufw allow 9000 # -> metrics port
+ Test: http://88.99.87.88:9000/_synapse/metrics
+ ToDo next:
+ Metrics Aktivieren
+ Federation
+ Branding
+ Finuetuning Matrix, Element, Postgress
+ Security: Captcha, Fail2Ban
+ Prometheus auf dedizierter Server oder später auf CloudServer
+ Idee für später: LoadBalancer einrichten und DB auf Volume verschieben,