openbsd/ports
1
0
Fork 0
mirror of https://github.com/openbsd/ports.git synced 2026-06-19 16:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d65a467cf6f26434911c7afda170ac27228a1aa5
ports/net/synapse/pkg/README
T
landry 1c40ef970a net/synapse: use PREFIX instead of LOCALBASE in README 
reported by ajacoutot@, diff from Renaud Allard (MAINTAINER)
2024-11-27 14:30:04 +00:00

87 lines
2.7 KiB
Plaintext
Raw Blame History

+-------------------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-------------------------------------------------------------------------------
Generate a config
=================
As root (or _synapse), go into ${LOCALSTATEDIR}/synapse, then use
doas -u _synapse ${MODPY_BIN} -m synapse.app.homeserver \
-c ${LOCALSTATEDIR}/synapse/homeserver.yaml --generate-config \
--server-name matrix.example.com --report-stats=no \
--keys-directory ${LOCALSTATEDIR}/synapse
Register a user
===============
doas -u _synapse \
${PREFIX}/bin/register_new_matrix_user \
-c ${LOCALSTATEDIR}/synapse/homeserver.yaml \
http://localhost:8008
Updating the database after an upgrade
======================================
On startup, synapse will fail to start if the database schema is too old.
So, after an upgrade of synapse, you should update the database.
It can be done with a command like this one:
doas -u _synapse ${PREFIX}/bin/update_synapse_database \
--database-config /var/synapse/homeserver.yaml \
--run-background-updates
Configuration with TLS
======================
By default, synapse will run without TLS on localhost:8008
This means that you will not be able to connect to your server remotely.
The best way to achieve remote connectivity is through a reverse proxy.
Here is a relayd.conf(5) example:
http protocol synapse {
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
tls keypair "matrix.example.com"
match request header set "Connection" value "close"
}
relay "synapse" {
listen on matrix.example.com port 443 tls
protocol "synapse"
forward to 127.0.0.1 port 8008
}
relay "synapse-server" {
listen on matrix.example.com port 8448 tls
protocol "synapse"
forward to 127.0.0.1 port 8008
}
Here is an Nginx vhost reverse proxy example:
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/ssl/matrix.example.com.pem;
ssl_certificate_key /etc/ssl/private/matrix.example.com.key;
server_name matrix.example.com;
location /_matrix {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
ssl_certificate /etc/ssl/matrix.example.com.pem;
ssl_certificate_key /etc/ssl/private/matrix.example.com.key;
server_name matrix.example.com;
location / {
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Reference in New Issue View Git Blame Copy Permalink