Matrix: Difference between revisions

(18 intermediate revisions by 16 users not shown)

Line 1:

[https://matrix.org Matrix] defines a set of open APIs for decentralised communication, suitable for securely publishing, persisting and subscribing to data over a global open federation of servers with no single point of control. Uses include Instant Messaging (IM), Voice over IP (VoIP) signalling, Internet of Things (IoT) communication, and bridging together existing communication silos - providing the basis of a new open real-time communication ecosystem.

This article extends the documentation in [https://nixos.org/manual/nixos/stable/#module-services-matrix NixOS manual].

== NixOS Matrix channels ==

https://matrix.to/#/#community:nixos.org

=== NixOS Matrix accounts for GitHub org members ===

https://discourse.nixos.org/t/matrix-account-hosting-for-nix-os-hackers/14036

== Clients ==

Line 8:

Line 17:

A few Matrix desktop clients are packaged for NixOS.

* [https://search.nixos.org/packages/?query=element-desktop Element (formerly Riot, based on Electron)]

* [https://search.nixos.org/packages?query=element-desktop Element (formerly Riot, based on Electron)]

* [https://search.nixos.org/packages/?query=fractal Fractal]

* [https://search.nixos.org/packages?query=fractal Fractal]

* [https://search.nixos.org/packages/?query=gomuks gomuks]

* [https://search.nixos.org/packages?query=gomuks gomuks]

* [https://search.nixos.org/packages/?query=~~matrique matrique~~]

* [https://search.nixos.org/packages?query=neochat neochat]

* [https://search.nixos.org/packages/?query=nheko nheko]

* [https://search.nixos.org/packages?query=mirage-im Mirage]

* [https://search.nixos.org/packages/?query=quaternion Quaternion]

* [https://search.nixos.org/packages?query=nheko nheko]

* [https://search.nixos.org/packages?query=quaternion Quaternion]

* [https://search.nixos.org/packages?query=iamb iamb]

A [https://search.nixos.org/packages?query=purple-matrix Pidgin / libpurple plugin] is also available.

==== Element ====

The [https://github.com/vector-im/element-web/blob/develop/config.sample.json config.json] file used by Element can be configured as such:

~~A [https://search~~.~~nixos~~.~~org/packages/?query~~=~~purple-matrix Pidgin~~ / ~~libpurple plugin] is also available.~~

nixpkgs.config.element-web.conf = {

show_labs_settings = true;

default_theme = "dark";

};

</syntaxhighlight>

=== Web clients ===

There is also a web version of [https://search.nixos.org/packages/?query=element-web Element] which can be served using a web server. See [https://nixos.org/nixos/manual/index.html#module-services-matrix-element-web the NixOS manual entry].

There is also a web version of [https://search.nixos.org/packages?query=element-web Element] which can be served using a web server. See [https://nixos.org/nixos/manual/index.html#module-services-matrix-element-web the NixOS manual entry].

== Servers ==

Line 27:

Line 49:

==== Synapse ====

Currently, only the reference Matrix homeserver [https://matrix.org/docs/projects/server/synapse Synapse] is [https://search.nixos.org/packages/?query=matrix-synapse packaged] for NixOS. It has an associated module exposing the [https://search.nixos.org/options/?query=services.matrix-synapse services.matrix-synapse.* options]. See [https://nixos.org/nixos/manual/index.html#module-services-matrix-synapse the NixOS manual entry] for a complete configuration example.

Currently, only the reference Matrix homeserver [https://matrix.org/docs/projects/server/synapse Synapse] is [https://search.nixos.org/packages?query=matrix-synapse packaged] for NixOS. It has an associated module exposing the [https://search.nixos.org/options?query=services.matrix-synapse services.matrix-synapse.* options]. See [https://nixos.org/nixos/manual/index.html#module-services-matrix-synapse the NixOS manual entry] for a complete configuration example.

===== Coturn with Synapse =====

Line 50:

Line 72:

verbose

# ban private IP ranges

no-multicast-peers

denied-peer-ip=0.0.0.0-0.255.255.255

denied-peer-ip=10.0.0.0-10.255.255.255

denied-peer-ip=100.64.0.0-100.127.255.255

denied-peer-ip=127.0.0.0-127.255.255.255

denied-peer-ip=169.254.0.0-169.254.255.255

denied-peer-ip=172.16.0.0-172.31.255.255

denied-peer-ip=192.0.0.0-192.0.0.255

denied-peer-ip=192.0.2.0-192.0.2.255

denied-peer-ip=192.88.99.0-192.88.99.255

denied-peer-ip=192.168.0.0-192.168.255.255

denied-peer-ip=~~244~~.0.0.0-~~224~~.255.~~255~~.255

denied-peer-ip=198.18.0.0-198.19.255.255

denied-peer-ip=255.255.255.255-255.255.255.255

denied-peer-ip=198.51.100.0-198.51.100.255

denied-peer-ip=203.0.113.0-203.0.113.255

denied-peer-ip=240.0.0.0-255.255.255.255

denied-peer-ip=::1

denied-peer-ip=64:ff9b::-64:ff9b::ffff:ffff

denied-peer-ip=::ffff:0.0.0.0-::ffff:255.255.255.255

denied-peer-ip=100::-100::ffff:ffff:ffff:ffff

denied-peer-ip=2001::-2001:1ff:ffff:ffff:ffff:ffff:ffff:ffff

denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff

denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff

'';

};

Line 62:

Line 100:

networking.firewall = {

interfaces.enp2s0 = let

range = with config.services.coturn; [ {

range = with config.services.coturn; lib.singleton {

from = min-port;

to = max-port;

} ];

};

in

{

allowedUDPPortRanges = range;

allowedUDPPorts = [ 3478 ];

allowedUDPPorts = [ 3478 5349 ];

allowedTCPPortRanges = ~~range~~;

allowedTCPPortRanges = [ ];

allowedTCPPorts = [ 3478 ];

allowedTCPPorts = [ 3478 5349 ];

};

Line 78:

Line 116:

/* insert here the right configuration to obtain a certificate */

postRun = "systemctl restart coturn.service";

~~user = "turnserver";~~

group = "turnserver";

};

# configure synapse to point users to coturn

services.matrix-synapse = with config.services.coturn; {

services.matrix-synapse.settings = with config.services.coturn; {

turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];

turn_shared_secret = static-auth-secret;

Line 89:

Line 126:

}

</syntaxhighlight>

===== Synapse with Workers =====

There's an external module to automatically set up synapse and configure nginx with workers:

https://github.com/dali99/nixos-matrix-modules

=== Application services (a.k.a. bridges) ===

Bridges allow you to connect Matrix to a third-party platform (like Discord, Telegram, etc.), and interact seamlessly. See [https://matrix.org/ecosystem/bridges/ here] for a list of currently supported bridges.

==== mautrix-telegram ====

Line 103:

Line 146:

services.matrix-synapse = {

enable = true;

app_service_config_files = [

settings.app_service_config_files = [

# The registration file is automatically generated after starting the

# appservice for the first time.

Line 119:

Line 162:

# file containing the appservice and telegram tokens

environmentFile = /etc/secrets/mautrix-telegram.env;

environmentFile = "/etc/secrets/mautrix-telegram.env";

# The appservice is pre-configured to use SQLite by default.

Line 176:

Line 219:

==== mautrix-whatsapp ====

Packaged as [https://search.nixos.org/packages/?query=mautrix-whatsapp mautrix-whatsapp].

Packaged as [https://search.nixos.org/packages?query=mautrix-whatsapp mautrix-whatsapp].

[https://github.com/NixOS/nixpkgs/pull/~~59211 Module still a WIP~~].

Module implemented in this [https://github.com/NixOS/nixpkgs/pull/246842 PR].

==== matrix-appservice-irc ====

Line 285:

Line 328:

== See also ==

* [[Mjolnir]] - a Matrix moderation tool

* [https://matrix.to/#/!vxTmkuJzhGPsMdkAOc:transformierende-gesellschaft.org?via=transformierende-gesellschaft.org The Nix Matrix Subsystem chat room, on Matrix]

* [~~https~~:~~//nixos.org/nixos/manual/index.html#module-services-matrix The chapter about Matrix in the NixOS manual~~]

[[Category:Applications]]

* [~~https~~:~~//matrix.to/#/!vxTmkuJzhGPsMdkAOc~~:~~transformierende-gesellschaft.org?via=transformierende-gesellschaft.org The Nix Matrix Subsystem chat room, on Matrix~~]

[[Category:Server]]

[[Category:NixOS Manual]]