artanis/Inanis_Vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3eccd6deee92d62d4f92dc283b7b6af1229e88a0
Inanis_Vault/21-Server Reference/stacks/matrix.md

151 lines
4.7 KiB
Markdown
Raw Blame History

# Matrix
Self-hosted Matrix homeserver (Synapse) with multiple messaging bridges.
## Access
- **Tailscale:** `matrix.bunny-wyvern.ts.net` (Synapse homeserver)
## Containers
| Container | Image | Role |
|---|---|---|
| `synapse` | `matrixdotorg/synapse:latest` | Matrix homeserver |
| `matrix-db` | `postgres:16-alpine` | PostgreSQL database |
| `matrix-tailscale` | `tailscale/tailscale:latest` | Tailscale node (shares synapse network) |
| `mautrix-whatsapp` | `dock.mau.dev/mautrix/whatsapp:latest` | WhatsApp bridge |
| `mautrix-gmessages` | `dock.mau.dev/mautrix/gmessages:latest` | Google Messages bridge |
| `mautrix-slack` | `dock.mau.dev/mautrix/slack:latest` | Slack bridge |
| `mautrix-discord` | `dock.mau.dev/mautrix/discord:latest` | Discord bridge |
| `matrix-relay` | `matrix-matrix-relay` (local build) | Custom relay service |
## Network Architecture
All containers (except the Tailscale sidecar) communicate over a shared internal bridge network `matrix_matrix-internal` (`172.25.0.0/16`). No ports are exposed directly to the host — all external access goes through Tailscale on the `synapse` container.
| Container | Internal IP |
|---|---|
| `synapse` | `172.25.0.2` |
| `mautrix-discord` | `172.25.0.3` |
| `mautrix-whatsapp` | `172.25.0.4` |
| `mautrix-gmessages` | `172.25.0.5` |
| `matrix-db` | `172.25.0.6` |
| `matrix-relay` | `172.25.0.7` |
| `mautrix-slack` | `172.25.0.8` |
## Compose File
**Path:** `/home/artanis/DockerFiles/Matrix/matrix/compose.yaml`
```yaml
services:
matrix-tailscale:
image: tailscale/tailscale:latest
container_name: matrix-tailscale
restart: unless-stopped
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
volumes:
- matrix_tailscale_state:/var/lib/tailscale
environment:
- TS_AUTHKEY=<redacted>
- TS_HOSTNAME=matrix
- TS_STATE_DIR=/var/lib/tailscale
network_mode: "service:synapse"
matrix-db:
image: postgres:16-alpine
container_name: matrix-db
restart: unless-stopped
environment:
POSTGRES_USER: synapse
POSTGRES_PASSWORD: <redacted>
POSTGRES_DB: synapse
volumes:
- /home/artanis/DockerFiles/Matrix/postgresdata:/var/lib/postgresql/data
networks:
- matrix-internal
synapse:
image: matrixdotorg/synapse:latest
container_name: synapse
restart: unless-stopped
depends_on:
- matrix-db
volumes:
- /home/artanis/DockerFiles/Matrix/synapsedata:/data
networks:
- matrix-internal
mautrix-whatsapp:
image: dock.mau.dev/mautrix/whatsapp:latest
container_name: mautrix-whatsapp
restart: unless-stopped
volumes:
- /home/artanis/DockerFiles/Matrix/whatsappdata:/data
networks:
- matrix-internal
mautrix-gmessages:
image: dock.mau.dev/mautrix/gmessages:latest
container_name: mautrix-gmessages
restart: unless-stopped
volumes:
- /home/artanis/DockerFiles/Matrix/gmessagesdata:/data
networks:
- matrix-internal
mautrix-slack:
image: dock.mau.dev/mautrix/slack:latest
container_name: mautrix-slack
restart: unless-stopped
volumes:
- /home/artanis/DockerFiles/Matrix/slackdata:/data
networks:
- matrix-internal
mautrix-discord:
image: dock.mau.dev/mautrix/discord:latest
container_name: mautrix-discord
restart: unless-stopped
volumes:
- /home/artanis/DockerFiles/Matrix/discorddata:/data
networks:
- matrix-internal
depends_on:
- matrix-db
- synapse
matrix-relay:
build:
context: ../
dockerfile: matrix_relay.Dockerfile
container_name: matrix-relay
restart: unless-stopped
networks:
- matrix-internal
networks:
matrix-internal:
driver: bridge
volumes:
matrix_tailscale_state:
```
## Data Layout
| Path | Contents |
|---|---|
| `/home/artanis/DockerFiles/Matrix/postgresdata` | PostgreSQL data |
| `/home/artanis/DockerFiles/Matrix/synapsedata` | Synapse config, media store |
| `/home/artanis/DockerFiles/Matrix/whatsappdata` | WhatsApp bridge config/state |
| `/home/artanis/DockerFiles/Matrix/gmessagesdata` | Google Messages bridge config/state |
| `/home/artanis/DockerFiles/Matrix/slackdata` | Slack bridge config/state |
| `/home/artanis/DockerFiles/Matrix/discorddata` | Discord bridge config/state |
## Notes
- The `matrix-relay` container is built from a local `matrix_relay.Dockerfile` located one directory up from the compose file (`/home/artanis/DockerFiles/Matrix/`)
- Synapse does not expose any ports to the host — it is only reachable via the `matrix_matrix-internal` network and through Tailscale
- The Tailscale sidecar attaches to `synapse`'s network namespace, so Synapse's internal ports (8008, 8448) become accessible at `matrix.bunny-wyvern.ts.net`
Reference in New Issue View Git Blame Copy Permalink