Dendrite
postgresql
# sudo -u postgres createuser -P dendrite_user # sudo -u postgres createdb -O dendrite_suer matrix_db
创建 matrix_db
安装
$ yay -S dendrite
配置
生成配置
$ cd /etc/dendrite $ dendrite-generate-config -db 'postgres://<POSTGRES_USER>:<POSTGRES_USER_PASSWD>@localhost/<DB_BANE>?sslmode=disable' -server <SERVER_DOMAIN> >config.yaml
生成 matrix key
$ cd /var/lib/dendrite # sudo -u dendrite dendrite-generate-keys --private-key matrix_key.pem
修改config.yaml
中的matrix_key.pem
为/var/lib/dendrite/matrix_key.pem
生成 dhparams key
$ openssl dhparam -out /etc/letsencrypt/dhparams.pem 2048
根据 https://federationtester.matrix.org/ 生成的 json 编辑 config.yaml
中的 key_perspectives:
创建用户
$ cd /etc/dendrite $ dendrite-create-account --config config.yaml -username <USER_NAME> -password <PASSWORD> -admin
nginx
upstream monolith{ server 127.0.0.1:8008; } server { listen 443 ssl; # IPv4 listen [::]:443 ssl; # IPv6 server_name SERVER_DOMAIN; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_read_timeout 600; location /.well-known/matrix/server { return 200 '{ "m.server": "SERVER_DOMAIN:443" }'; } location /.well-known/matrix/client { # If your sever_name here doesn't match your matrix homeserver URL # (e.g. hostname.com as server_name and matrix.hostname.com as homeserver URL) # add_header Access-Control-Allow-Origin '*'; return 200 '{ "m.homeserver": { "base_url": "https://SERVER_DOMAIN" } }'; } location /_matrix { proxy_pass http://monolith; } ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem; # managed by Certbot ssl_dhparam /etc/letsencrypt/dhparams.pem; }
启动
# systemctl start dendrite # systemctl enable dendite