From 517c642e3f6721848bcbf5df5289e6871f307317 Mon Sep 17 00:00:00 2001
From: SouthFox-D <southfoxdreamer@gmail.com>
Date: Fri, 15 Apr 2022 21:18:44 +0800
Subject: [PATCH] posts: new post

---
 .../_posts/2022/04/搭建Matrix即时通信服务.md  | 172 ++++++++++++++++++
 1 file changed, 172 insertions(+)
 create mode 100644 source/_posts/2022/04/搭建Matrix即时通信服务.md

diff --git a/source/_posts/2022/04/搭建Matrix即时通信服务.md b/source/_posts/2022/04/搭建Matrix即时通信服务.md
new file mode 100644
index 0000000..08a2cf3
--- /dev/null
+++ b/source/_posts/2022/04/搭建Matrix即时通信服务.md
@@ -0,0 +1,172 @@
+---
+author: SouthFox
+title: 搭建Matrix即时通信服务
+date: 2022-04-15 20:54:19
+tags:
+- 技术
+category: 技术
+---
+
+总之稍微记录一下。
+
+<!-- more -->
+
+- 事先约定 `matrix.org` 是前端地址 `synapse.matrix.org` 是后端地址，实际请改成自己的……具体为啥这么做可以看[官方文档](https://matrix-org.github.io/synapse/latest/delegate.html)，如果嫌麻烦也可以不启用这功能……
+
+- 新建文件夹，在里面新建一个 `docker-compose.yml` 文件，往里写入
+
+```yaml
+version: "3.4"
+
+services:
+  synapse:
+    hostname: matrix
+    image: matrixdotorg/synapse:latest
+    restart: always
+    container_name: matrix_server   
+    depends_on:
+      - db
+      - redis
+    ports:
+      - "127.0.0.1:8001:8008"
+    volumes:
+      - ./synapse/data:/data
+    networks:
+      - synapse_network
+      - external_network
+    healthcheck:
+      test: ["CMD-SHELL", "curl -s localhost:8008/health || exit 1"]
+
+  db:
+    image: postgres
+    restart: always
+    container_name: matrix_db
+    volumes:
+      - ./synapse/db:/var/lib/postgresql/data
+    environment:
+      POSTGRES_USER: synapse
+      POSTGRES_PASSWORD: 随便什么密码
+      POSTGRES_DB: synapse
+      POSTGRES_INITDB_ARGS: "--encoding='UTF8' --lc-collate='C' --lc-ctype='C'"
+    networks:
+      - synapse_network
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "synapse"]
+
+  redis:
+    image: redis:6.0-alpine
+    restart: always
+    container_name: matrix_redis  
+    volumes:
+      - ./synapse/redis:/data
+    networks:
+      - synapse_network
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+
+networks:
+  synapse_network:
+    internal: true
+  external_network:
+```
+
+- 之后运行 `docker-compoe up -d` 将其运行，之后在 `./synapse/data` 路径下有叫 `homeserver.yaml` 的配置文件，编辑之 `nano ./synapse/data/homeserver.yaml`
+
+```yaml
+# 重点改以下配置
+server_name: "matrix.org"
+
+public_baseurl: https://synapse.matrix.org/
+
+serve_server_wellknown: true
+
+database:
+  name: psycopg2
+  txn_limit: 10000
+  args:
+    user: synapse
+    password: docker 配置写的随便什么密码
+    database: synapse
+    host: db
+    port: 5432
+    cp_min: 5
+    cp_max: 10
+
+#database:
+#  name: sqlite3
+#  args:
+#    database: /data/homeserver.db
+#↑注释掉使用 sqlite3 的配置
+
+redis:
+  # Uncomment the below to enable Redis support.
+  #
+  enabled: true
+
+  # Optional host and port to use to connect to redis. Defaults to
+  # localhost and 6379
+  #
+  host: redis
+  port: 6379
+```
+
+- 之后重启服务，`docker-compose restart`
+- 编辑 `matrix.org` 的 `nginx` 配置文件加入以下配置
+
+```nginx
+    location /.well-known/matrix/client {
+        return 200 '{"m.homeserver": {"base_url": "synapse.matrix.org"}}';
+        default_type application/json;
+        add_header Access-Control-Allow-Origin *;
+    }
+
+    location /.well-known/matrix/server {
+        return 200 '{"m.server": "synapse.matrix.org:443"}';
+        default_type application/json;
+        add_header Access-Control-Allow-Origin *;
+    }
+#注意替换前端后端地址
+```
+
+- 新建 `synapse.matrix.org` 的 `dns` ，指向服务器地址，再 `certbot certonly --nginx -d synapse.matrix.org` 申请证书
+- 新建一个 `synapse.matrix.org` 的配置文件
+
+```nginx
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    server_name synapse.matrix.org;
+
+    root /home/admin/synapse/web;
+
+    location ~ ^(/_matrix|/_synapse/client) {
+        # note: do not add a path (even a single /) after the port in `proxy_pass`,
+        # otherwise nginx will canonicalise the URI and cause signature verification
+        # errors.
+        proxy_pass http://127.0.0.1:8001;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Host $host;
+
+        # Nginx by default only allows file uploads up to 1M in size
+        # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
+        client_max_body_size 500M;
+    }
+
+}
+```
+
+- 重载 `nginx` 配置文件，`nginx -s reload`
+- 之后去[检查服务](https://federationtester.matrix.org/)（需科学）输入自己的前端地址 `matrix.org` 检查是否正常
+- 用 `docker-compose exec synapse /bin/bash` 进入 `synapse` 容器
+
+```shell
+cd data
+#注册新用户
+register_new_matrix_user -c homeserver.yaml http://localhost:8008 
+#注册完后用 exit 退出容器
+exit
+```
+
+- 完成后用任意一个客户端登陆即可使用，注意登陆用的地址是后端地址 `synapse.matrix.org`