[Synapse] Instant messaging server matrix network

Synapse for YunoHost

Integration level
Install Synapse with YunoHost

Overview

Instant messaging server matrix network.

Yunohost chattroom with matrix : https://riot.im/app/#/room/#yunohost:matrix.org

Shipped version: 1.1.0

Configuration

Install for ARM arch (or slow arch)

For all slow or arm architecture it’s recommended to build the dh file before the install to have quicker install.
You could built it by this cmd : mkdir -p /etc/matrix-synapse && openssl dhparam -out /etc/matrix-synapse/dh.pem 2048 > /dev/null
After that you can install it without problem.

The package use a prebuild python virtualenvironnement. The binary are taken from this repos : GitHub - Josue-T/synapse_python_build
The script to build the binary is also available.

Web client

If you want a web client you can also install riot with this package : GitHub - YunoHost-Apps/element_ynh: Element package for YunoHost .

Access by federation

To be accessible by the federation you need to put this following line in the dns configuration :

_matrix._tcp.<yourdomain.com> <ttl> IN SRV 10 0 <port> <synapse.server.name>

for example

_matrix._tcp.example.com. 3600    IN      SRV     10 0 8448 synapse.example.com.

Important Security Note

We do not recommend running Riot from the same domain name as your Matrix
homeserver (synapse). The reason is the risk of XSS (cross-site-scripting)
vulnerabilities that could occur if someone caused Riot to load and render
malicious user generated content from a Matrix API which then had trusted
access to Riot (or other apps) due to sharing the same domain.

We have put some coarse mitigations into place to try to protect against this
situation, but it’s still not good practice to do it in the first place. See
Make it crystal clear that you should not run Vector on the same domain as a HS · Issue #1977 · vector-im/element-web · GitHub for more details.

Documentation

YunoHost specific features

Multi-users support

Supported with LDAP.

Supported architectures

  • x86-64b -
  • ARMv8-A -
  • Jessie x86-64b -

Limitations

Synapse take a lot of ressurce. So in slow architecture (like small ARM board), this app could take a lot of CPU and RAM.

This app don’t contains any real good web interface. So it’s recommended to use Riot client to connect to this app. This app is available here

Links

Additionnal informations

Administration

All documentation of this section is not warranted. A bad use of command could broke the app and all the data. So use theses command at your own risk.

Before any manipulation it’s recommended to do a backup by this following command :

sudo yunohost backup create --verbose --ignore-system --apps synapse

Set user as admin

Actually there are no function in the client interface to set a user as admin. So it’s possible to enable it manually in the database.

This following command will enable the admin access to the specified user :

su --command="psql matrix_synapse" postgres <<< "UPDATE users SET admin = 1 WHERE name = '@user_to_be_admin:domain.tld'"

Disable backup in upgrade

To solve the issue #30 you can disable the upgrade in the upgrade by setting to true the key disable_backup_before_upgrade in the app setting. You can set it by this command :

yunohost app setting synapse disable_backup_before_upgrade -v 1

Multi instance support

To give a possiblity to have multiple domain you can use synapse in multiple instance. In this case all instance will run on differents port so it’s really important to use put a SRV record in your domain. You can get the port that your need to put in your SRV record by this following command :

yunohost app setting synapse__<instancenumber> synapse_tls_port

Before to install a second instance of the app it’s really recommend to update all instance already installed.

License

Synapse is published under the Apache License : synapse/LICENSE at master · matrix-org/synapse · GitHub


Changelog

Testing Branch

  • 17 Apr #42
    • Upgrade synapse to 0.27.3
  • 1 May #43
    • Upgrade synapse to 0.28.0
  • 17 May #46
    • Upgrade synapse to 0.28.1

Master branch (Official release)

  • 16 Apr #39
    • Upgrade synapse to 0.27.2
  • 16 Apr #35
    • Fix UnicodeDecodeError with python scripts
  • 16 Apr #36
    • Add info about Turnserver
  • 16 Apr #37
    • Fix ‘PS1: unbound variable’ on ARM architecture
  • 13 Feb #34
    • Add multi instance support
    • Remove offical helper in common.sh
    • Improve turnserver config
    • Update checkprocess
    • Check synapse is fully started before the end script
    • Use helper nginx ynh_add_nginx_config
    • Use systemd helper
    • Use official version syntax
    • Use app_package_version helper
    • Put all experimental helper in specific file
    • Update script official Check
    • Fix from official check

Developers infos

Please do your pull request to the testing branch.

To try the testing branch, please proceed like that:

sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --debug
or
sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --debug


Synapse for YunoHost

Integration level
Install Synapse with YunoHost

Overview

Instant messaging server matrix network.
Un client de messagerie qui utilise le réseau matrix.

Yunohost chattroom with matrix : https://riot.im/app/#/room/#yunohost:matrix.org

Version actuelle: 1.1.0

Configuration

Installation sur les architectures ARM (ou sur les architectures lentes)

Sur les architectures lent ou ARM il est recommendé de créer le fichier dh.pem avant l’installation. Cela permettra ensuite une installation plus rapide.
La création de ce fichier peut être effectuée via la commande : mkdir -p /etc/matrix-synapse && openssl dhparam -out /etc/matrix-synapse/dh.pem 2048 > /dev/null
Ensuite il est possible d’installer le package sans problèmes.

Cette app utilise un environnement virtuel python préfabriqué. Les binaires sont utilisé sont viennent du dépot suivant : GitHub - Josue-T/synapse_python_build
Le script de compilation et de génération de cet envionnement vituel est aussi disponible dans ce dépot.

Client web

Si vous voulez un client web vous pouvez aussi intaller l’app riot disponible ici : GitHub - YunoHost-Apps/element_ynh: Element package for YunoHost .

Accès à la federation

Pour être accessible par la fédération vous devez mettre les lignes suivantes dans votre configuration DNS :

_matrix._tcp.<yourdomain.com> <ttl> IN SRV 10 0 <port> <synapse.server.name>

Par exemple

_matrix._tcp.example.com. 3600    IN      SRV     10 0 8448 synapse.example.com.

Note de sécurité

Nous ne recommendons pas d’utiliser Riot sur le même domaine que le serveur matrix (synapse). Pour plus d’information voir : Make it crystal clear that you should not run Vector on the same domain as a HS · Issue #1977 · vector-im/element-web · GitHub for more details.

Documentation

Fonction spécifiques YunoHost

Support multiutilisateurs

Supporte l’autentification via LDAP.

Architectures supportée

  • x86-64b -
  • ARMv8-A -
  • Jessie x86-64b -

Limitations

Synapse utilise beaucoup de ressources. Donc sur des architecutres lentes (commes les cartes ARM), cette app peut utiliser beaucoup de CPU et de RAM.

Cette app ne contient pas de réel interface web. Il est donc recommandé d’utiliser Riot comme client pour se connecter à cette app. Elle est disponible ici

Liens

License

Synapse est builiée sous la licence Apache : synapse/LICENSE at master · matrix-org/synapse · GitHub


Derniers changements

Testing Branch

  • 17 Apr #42
    • Upgrade synapse to 0.27.3
  • 17 May #46
    • Upgrade synapse to 0.28.1

Master branch (Official release)

  • 16 Apr #39
    • Upgrade synapse to 0.27.2
  • 16 Apr #35
    • Fix UnicodeDecodeError with python scripts
  • 16 Apr #36
    • Add info about Turnserver
  • 16 Apr #37
    • Fix ‘PS1: unbound variable’ on ARM architecture
  • 13 Feb #34
    • Add multi instance support
    • Remove offical helper in common.sh
    • Improve turnserver config
    • Update checkprocess
    • Check synapse is fully started before the end script
    • Use helper nginx ynh_add_nginx_config
    • Use systemd helper
    • Use official version syntax
    • Use app_package_version helper
    • Put all experimental helper in specific file
    • Update script official Check
    • Fix from official check

Infos développeurs

Merci de faire vos pull request sur la branche testing.

Pour tester la branche testing, merci de procéder ainsi :

sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --debug
or
sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --debug
3 Likes

Hi folks.

now that synapse is an official yunohost app, I’m wondering, what is your experience regarding synapse_ynh performance?

As I understand joining a large room in a federated setup (like #matrix) may easily use more than 1 GB of RAM.

This should cause a LIME2 box (the internetcube reference hardware) to stall, shouldn’t it?

Also as I heard some in matrix chat there is working being done on 2nd version implementation Dendrite that should reduce RAM usage.

Cheerio

Hi frog,

Have you eventually tried to run it on your LIME2 ?
I would like to use it for a small group of friend and family - I don’t really need to join the federation at first - so I wonder if my LIME (not LIME2) would be enough…

@z_artist
If you don’t go on some big apps I think it should be enought. So I think you don’t take a bit risk to try to install it.
I think in all case you might need 1Go of Ram and about the cpu it really depends of what would you like to do with it.

Hi Josue,

I installed both synapse and riot and it seems to run smoothly.

I am able to connect through the web interface and text-chat with a friend but unfortunately video-chat does not work. So I will wait until the program matures a little bit before recomending it to non-tech people.

Thanks.

New testing release

Testing Branch

  • 20 Mar #35
    • Fix UnicodeDecodeError with python scripts
  • 20 Mar #36
    • Add info about Turnserver
  • 20 Mar #37
    • Fix ‘PS1: unbound variable’ on ARM architecture
sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --verbose
or
sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --verbose

New testing release

  • 21 Mar #38
    • Upgrade synapse to 0.26.1
sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --verbose
or
sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh/tree/testing --verbose

Mis à jour sans encombre \o/

Merci infiniement pour le travail réalisé

New testing release

  • 11 Apr #39
    • Upgrade synapse to 0.27.2 (EDITED)

Thanks for your post but, it’s 0.27.2.

Bad copy/paste, sorry about that! :sweat_smile:

New update available for Synapse

  • 16 Apr #39
    • Upgrade synapse to 0.27.2
  • 16 Apr #35
    • Fix UnicodeDecodeError with python scripts
  • 16 Apr #36
    • Add info about Turnserver
  • 16 Apr #37
    • Fix ‘PS1: unbound variable’ on ARM architecture

New testing release

  • 17 Apr #42
    • Upgrade synapse to 0.27.3

New testing release

  • 1 May #43
    • Upgrade synapse to 0.28.0

Hello,

A security issue are found in synapse. See here for more informations : https://matrix.org/blog/2018/05/01/security-update-synapse-0-28-1/

The version 0.28.1 fix this. A new package which integrate this fix is actually waiting on the review but you can test it now.

You can try the upgrade to this version by this command :

sudo yunohost app install https://github.com/YunoHost-Apps/synapse_ynh/tree/v0.28.1 --verbose
or
sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh/tree/v0.28.1 --verbose

I want also inform that all others version of this package have been broken by the upstream, so don’t try any upgrade or install to an others version than this last (0.28.1).

2 Likes

Thanks

New testing release

  • 17 May #43
    • Upgrade synapse to 0.28.1

New update available for Synapse

  • 23 May #41
    • Upgrade synapse to 0.27.3
  • 23 May #43
    • Upgrade synapse to 0.28.0
  • 23 May #46
    • Upgrade synapse to 0.28.1
    • Don’t upgrade pip in global system
    • Fix pip import

New testing release

  • 15 Jun #53
    • Upgrade synapse to 0.31.1
    • Use specific prebuild package for stretch/jessie on ARM
  • 3 Jun #51
    • Remove support for old package migration

New update available for Synapse

  • 26 Jun #53
    • Upgrade synapse to 0.31.1
    • Use specific prebuild package for stretch/jessie on ARM
  • 26 Jun #51
    • Remove support for old package migration

New testing release

  • 26 Jun #56
    • Upgrade synapse to 0.31.2
1 Like