This ansible role will automatically deploy a ready-to-go matrix server on any server. It differs from the matrix-docker-ansible-deploy roles by not using docker but instead a python3 virtual environment, at least for synapse.
This role configures the following services on your server:
-
Synapse: Reference "homeserver" implementation of Matrix from the core development team at matrix.org
-
Coturn: STUN/TURN server for WebRTC audio/video calls
-
mxisd: Federated Matrix Identity server, to further increase privacy (doc)
-
nginx: Web server for riot.web and reverse proxy for synapse and mxisd
-
postgresql: Database for synapse and mxisd
-
Riot: WebUI preconfigured for your homeserver
-
Let's Encrypt: TLS certificate for Riot and Synapse
Small Architecture Overview
- Git
- Ansible >= 2.6
- DNS Entries
- A Records
- A Record for matrix-machine.yourdomain.tld.
- A Record for riot-webclient.yourdomain.tld.
- SRV Record
_matrix._tcp.yourdomain.tld. 3600 IN SRV 10 5 443 matrix-machine.yourdomain.tld._matrix-identity._tcp.yourdomain.tld. 3600 IN SRV 10 5 443 matrix-machine.yourdomain.tld.
- A Records
You should have an SRV entry like that in order to tell other HomeServers on which port they need to speak. Additionally .well-known files will be created under {{ matrix_well_known_location }}. It's up to you to move these files to the server serving your apex domain.
- Ubuntu 18.04
- Debian 9
It should also run smoothly on any systemd flavoured OS. You're free to test and give me feedback (or PR to add support for your favorite system).
All variables are defined under roles/matrix-synapse-auto-deploy/defaults/main.yml. You need to adapt to your needs. Take a look at the playbook.example.yml file for the most important variables.
ansible-playbook playbook.example.yml --extra-vars "host=matrix.domain.com" -b -K
You can now connect to your Homeserver via the riot webclient or by specifying your Homeserver on any other client.