# Matrix Self-hosted Matrix homeserver (Synapse) with multiple messaging bridges. ## Access - **Tailscale:** `matrix.bunny-wyvern.ts.net` (Synapse homeserver) ## Containers | Container | Image | Role | |---|---|---| | `synapse` | `matrixdotorg/synapse:latest` | Matrix homeserver | | `matrix-db` | `postgres:16-alpine` | PostgreSQL database | | `matrix-tailscale` | `tailscale/tailscale:latest` | Tailscale node (shares synapse network) | | `mautrix-whatsapp` | `dock.mau.dev/mautrix/whatsapp:latest` | WhatsApp bridge | | `mautrix-gmessages` | `dock.mau.dev/mautrix/gmessages:latest` | Google Messages bridge | | `mautrix-slack` | `dock.mau.dev/mautrix/slack:latest` | Slack bridge | | `mautrix-discord` | `dock.mau.dev/mautrix/discord:latest` | Discord bridge | | `matrix-relay` | `matrix-matrix-relay` (local build) | Custom relay service | ## Network Architecture All containers (except the Tailscale sidecar) communicate over a shared internal bridge network `matrix_matrix-internal` (`172.25.0.0/16`). No ports are exposed directly to the host — all external access goes through Tailscale on the `synapse` container. | Container | Internal IP | |---|---| | `synapse` | `172.25.0.2` | | `mautrix-discord` | `172.25.0.3` | | `mautrix-whatsapp` | `172.25.0.4` | | `mautrix-gmessages` | `172.25.0.5` | | `matrix-db` | `172.25.0.6` | | `matrix-relay` | `172.25.0.7` | | `mautrix-slack` | `172.25.0.8` | ## Compose File **Path:** `/home/artanis/DockerFiles/Matrix/matrix/compose.yaml` ```yaml services: matrix-tailscale: image: tailscale/tailscale:latest container_name: matrix-tailscale restart: unless-stopped cap_add: - NET_ADMIN devices: - /dev/net/tun volumes: - matrix_tailscale_state:/var/lib/tailscale environment: - TS_AUTHKEY= - TS_HOSTNAME=matrix - TS_STATE_DIR=/var/lib/tailscale network_mode: "service:synapse" matrix-db: image: postgres:16-alpine container_name: matrix-db restart: unless-stopped environment: POSTGRES_USER: synapse POSTGRES_PASSWORD: POSTGRES_DB: synapse volumes: - /home/artanis/DockerFiles/Matrix/postgresdata:/var/lib/postgresql/data networks: - matrix-internal synapse: image: matrixdotorg/synapse:latest container_name: synapse restart: unless-stopped depends_on: - matrix-db volumes: - /home/artanis/DockerFiles/Matrix/synapsedata:/data networks: - matrix-internal mautrix-whatsapp: image: dock.mau.dev/mautrix/whatsapp:latest container_name: mautrix-whatsapp restart: unless-stopped volumes: - /home/artanis/DockerFiles/Matrix/whatsappdata:/data networks: - matrix-internal mautrix-gmessages: image: dock.mau.dev/mautrix/gmessages:latest container_name: mautrix-gmessages restart: unless-stopped volumes: - /home/artanis/DockerFiles/Matrix/gmessagesdata:/data networks: - matrix-internal mautrix-slack: image: dock.mau.dev/mautrix/slack:latest container_name: mautrix-slack restart: unless-stopped volumes: - /home/artanis/DockerFiles/Matrix/slackdata:/data networks: - matrix-internal mautrix-discord: image: dock.mau.dev/mautrix/discord:latest container_name: mautrix-discord restart: unless-stopped volumes: - /home/artanis/DockerFiles/Matrix/discorddata:/data networks: - matrix-internal depends_on: - matrix-db - synapse matrix-relay: build: context: ../ dockerfile: matrix_relay.Dockerfile container_name: matrix-relay restart: unless-stopped networks: - matrix-internal networks: matrix-internal: driver: bridge volumes: matrix_tailscale_state: ``` ## Data Layout | Path | Contents | |---|---| | `/home/artanis/DockerFiles/Matrix/postgresdata` | PostgreSQL data | | `/home/artanis/DockerFiles/Matrix/synapsedata` | Synapse config, media store | | `/home/artanis/DockerFiles/Matrix/whatsappdata` | WhatsApp bridge config/state | | `/home/artanis/DockerFiles/Matrix/gmessagesdata` | Google Messages bridge config/state | | `/home/artanis/DockerFiles/Matrix/slackdata` | Slack bridge config/state | | `/home/artanis/DockerFiles/Matrix/discorddata` | Discord bridge config/state | ## Notes - The `matrix-relay` container is built from a local `matrix_relay.Dockerfile` located one directory up from the compose file (`/home/artanis/DockerFiles/Matrix/`) - Synapse does not expose any ports to the host — it is only reachable via the `matrix_matrix-internal` network and through Tailscale - The Tailscale sidecar attaches to `synapse`'s network namespace, so Synapse's internal ports (8008, 8448) become accessible at `matrix.bunny-wyvern.ts.net`