Example worker configs + caddy routing for Matrix Synapse server

Caddyfile

############################
# Excerpt of /etc/caddy/Caddyfile from Privex Inc's Synapse server ( matrix.privex.io / privex.io )
# Released under X11 / MIT License
# (C) 2021 Privex Inc. - Affordable + Privacy friendly server hosting at https://www.privex.io
############################
matrix.privex.io, se1.matrix.privex.io {
    root * /var/www/html
    # Enable the static file server.
    file_server
    # We hardcode the JSON into the .well-known routes for convenience and fast responses
    route /.well-known/matrix/server {
        respond * "{\"m.server\": \"matrix.privex.io:443\"}" 200
    }
    route /.well-known/matrix/client {
        respond * "{\"m.homeserver\": {\"base_url\": \"https://matrix.privex.io\"},\"m.identity_server\": {\"base_url\": \"https://vector.im\"}}" 200
    }

    ####
    # We use regex to match the various norma + admin routes which need to go to the media worker on port 8015
    ####
    @media {
        path_regexp /_synapse/admin/v1/(purge_media_cache|((room|user)/.*/media.*)|media/.*|/quarantine_media/.*)$
        path_regexp /_matrix/media(/?(.*)?)$
    }
    route @media {
        reverse_proxy 127.0.0.1:8015
    }
    ####
    # We use regex to match the various routes which need to go to the federation worker on port 8017
    ####
    @federation {
        path_regexp /_matrix/federation/(v1|v2)/(send|event|state|state_ids|backfill|get_missing_events|publicRooms|query|make_join|make_leave|send_join|send_leave|invite|query_auth|event_auth|exchange_third_party_invite|user/devices|get_groups_publicised|groups)(/?(.*)?)$
        path_regexp /_matrix/key/v2/query/?$
    }
    route @federation {
        reverse_proxy 127.0.0.1:8017
    }
    ####
    # Anything which doesn't match a previous route, will get routed to the main Matrix Synapse process
    ####
    route {
        reverse_proxy 127.0.0.1:8008 {
            header_up X-Real-IP {remote_host}
            header_up X-Forwarded-For {remote_host}
        }
    }
}

etc.matrix-synapse.homeserver.yaml

############################
# Excerpt of homeserver.yaml from Privex Inc's Synapse server ( matrix.privex.io / privex.io )
# Released under X11 / MIT License
# (C) 2021 Privex Inc. - Affordable + Privacy friendly server hosting at https://www.privex.io
############################

## Workers ##

# Disables sending of outbound federation transactions on the main process.
# Uncomment if using a federation sender worker.
send_federation: false

# It is possible to run multiple federation sender workers, in which case the
# work is balanced across them.
#
# This configuration must be shared between all federation sender workers, and if
# changed all federation sender workers must be stopped at the same time and then
# started, to ensure that all instances are running with the same config (otherwise
# events may be dropped).
#
federation_sender_instances:
  - federation_sender1

# When using workers this should be a map from `worker_name` to the
# HTTP replication listener of the worker, if configured.
instance_map:
  federation_sender1:
    host: localhost
    port: 8011
  media_repo:
    host: localhost
    port: 8015
  federation_reader:
    host: localhost
    port: 8017


listeners:
      - port: 8008
        tls: false
        type: http
        x_forwarded: true
        bind_addresses: ['::1', '127.0.0.1']

        resources:
          - names: [client, federation]
            compress: false

      # The HTTP replication port
      - port: 9093
        bind_addresses: ['::1', '127.0.0.1']
        type: http
        resources:
        - names: [replication]

# Experimental: When using workers you can define which workers should
# handle event persistence and typing notifications. Any worker
# specified here must also be in the `instance_map`.
#
#stream_writers:
#  events: worker1
#  typing: worker1

# The worker that is used to run background tasks (e.g. cleaning up expired
# data). If not provided this defaults to the main process.
#
#run_background_tasks_on: worker1
media_instance_running_background_jobs: "media_repo"

# A shared secret used by the replication APIs to authenticate HTTP requests
# from workers.
#
# By default this is unused and traffic is not authenticated.
worker_replication_secret: ""


redis:
  enabled: true

etc.matrix-synapse.workers.federation-reader.yaml

############################
# Federation Reader Worker from Privex Inc's Synapse server ( matrix.privex.io / privex.io )
# Released under X11 / MIT License
# (C) 2021 Privex Inc. - Affordable + Privacy friendly server hosting at https://www.privex.io
############################
worker_app: synapse.app.federation_reader
worker_name: federation_reader

worker_replication_host: 127.0.0.1
worker_replication_http_port: 9093

worker_listeners:
    - type: http
      port: 8017
      resources:
          - names: [federation]

etc.matrix-synapse.workers.federation-sender.yaml

############################
# Federation Sender Worker from Privex Inc's Synapse server ( matrix.privex.io / privex.io )
# Released under X11 / MIT License
# (C) 2021 Privex Inc. - Affordable + Privacy friendly server hosting at https://www.privex.io
############################
worker_app: synapse.app.federation_sender
worker_name: federation_sender1

worker_replication_host: 127.0.0.1
worker_replication_http_port: 9093

worker_listeners:
    - type: http
      port: 8011
      resources:
          - names: [federation]

etc.matrix-synapse.workers.media-repo.yaml

############################
# Media Repository Worker from Privex Inc's Synapse server ( matrix.privex.io / privex.io )
# Released under X11 / MIT License
# (C) 2021 Privex Inc. - Affordable + Privacy friendly server hosting at https://www.privex.io
############################
worker_app: synapse.app.media_repository
worker_name: media_repo

worker_replication_host: 127.0.0.1
worker_replication_http_port: 9093

worker_listeners:
    - type: http
      port: 8015
      resources:
          - names: [media]

example_setup.sh

# 1. Create the worker YAML files in /etc/matrix-synapse/workers
mkdir -p /etc/matrix-synapse/workers
# vim /etc/matrix-synapse/workers/media-repo.yaml

# 2. Adjust your homeserver.yaml as desired, 
# vim /etc/matrix-synapse/homeserver.yaml

# 3. Adjust your webserver, e.g. Caddy - as desired
# vim /etc/caddy/Caddyfile

# 4. Install the matrix-synapse-worker@ systemd service file
cd /etc/systemd/system
wget https://raw.githubusercontent.com/matrix-org/synapse/develop/docs/systemd-with-workers/system/matrix-synapse-worker%40.service
systemctl daemon-reload

# 5. Enable the workers using their config file name, without the .yaml at the end:
systemctl enable matrix-synapse-worker@federation-sender
systemctl enable matrix-synapse-worker@federation-reader
systemctl enable matrix-synapse-worker@media-repo

# 6. Restart matrix-synapse
systemctl restart matrix-synapse

# 7. (Re-)Start each worker
systemctl start matrix-synapse-worker@federation-sender
systemctl start matrix-synapse-worker@federation-reader
systemctl start matrix-synapse-worker@media-repo

# 8. Restart your web server
systemctl restart caddy

# 9. GOOD TO GO. Test it out.