how to setup matrix server dendrite

README.md

Docker

in ~/docker/matrix:

• wget https://raw.githubusercontent.com/matrix-org/dendrite/main/build/docker/docker-compose.yml
• edit docker-compose.yaml
  • to add postgres password
  • to add volume file below
    • ./config:/etc/dendrite for below config
    • ./:/mnt for keys in container, see below
• edit config/dendrite.yaml
  • to add postgres connection string
  • server_name: chat.jobseeker.network
  • private_key: /mnt/matrix_key.pem
    • internal signing not for TLS, see below to generate with certbot

    • docker run --rm --entrypoint="" \
        -v $(pwd):/mnt \
        matrixdotorg/dendrite-monolith:latest \
        /usr/bin/generate-keys \
        -private-key /mnt/matrix_key.pem \
        -tls-cert /mnt/server.crt \
        -tls-key /mnt/server.key
      

  • well_known_server_name: "chat.jobseeker.network:443"
  • well_known_client_name: "https://chat.jobseeker.network"

start container:

• docker compose up -d to start daemon
• docker compose down -v to delete initial account if wrong

Nginx

Install

sudo apt update
sudo apt upgrade
sudo apt install nginx python3-certbot-nginx

Setup reverse proxy, in /etc/nginx/sites-available:

• link enabled config to here
  • ln -s /etc/nginx/sites-available/matrix /etc/nginx/sites-enabled
• create enabled config here
  • cp default matrix
• modify the default with certbot
  • sudo certbot --nginx -d chat.jobseeker.network
  • adds commented lines below

  server {
      if ($host = chat.jobseeker.network) {
          return 301 https://$host$request_uri;
      } # managed by Certbot
  }
  
  server {
      listen 443 ssl;
      server_name chat.jobseeker.network;
      ssl_certificate /etc/letsencrypt/live/chat.jobseeker.network/fullchain.pem; # managed by Certbot
      ssl_certificate_key /etc/letsencrypt/live/chat.jobseeker.network/privkey.pem; # managed by Certbot
  
  
      location / {
          proxy_pass http://localhost:8008; # Assuming your container is exposed on port 80
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
      }
  }
  

start nginx:

• sudo systemctl start nginx

Sub-domains

• on VPS like lightsail:
  • open HTTPS port 443. 8448
• on Domain Provider like namecheap:
  • add A record on chat to static IP address
• nginx 301 perm redirect from 80 to 443
  • 443 reverse proxy to localhost 8008 where dendrite binds to from container 8008

Verify

• go to domain, e.g. chat.jobseeker.network, expect It works! can disable account creation
• check federation, e.g. https://federationtester.matrix.org/#chat.jobseeker.network expect green
  • create a user in sshed instance
    • docker exec -it matrix-monolith-1 /bin/sh
    • /usr/bin/create-account -config /etc/dendrite/dendrite.yaml -username <your preferred usrnamge>_admin -admin
  • go to element.io and create an account
    • e.g. with email / social login so it will be under matrix.io
  • send message from/to your server chat.jobseeker.network to/from matrix.io
    • @leon:chat.jobseeker.network <-> @leonmak:matrix.io

Docs

• https://github.com/matrix-org/dendrite/blob/main/build/docker/README.md
• https://matrix-org.github.io/dendrite/installation/docker/install
• https://wiki.opensourceisawesome.com/books/setup-matrix-chat/page/install-matrix-using-the-dendrite-server