artanis/Inanis_Vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c171d4886544b48d4ec4422db7ff4fdc69ef54d2
Inanis_Vault/21-Server Reference/homelab/stacks/matrix.md

4.7 KiB
Raw Blame History

Matrix

Self-hosted Matrix homeserver (Synapse) with multiple messaging bridges.

Access

  • Tailscale: matrix.bunny-wyvern.ts.net (Synapse homeserver)

Containers

Container Image Role
synapse matrixdotorg/synapse:latest Matrix homeserver
matrix-db postgres:16-alpine PostgreSQL database
matrix-tailscale tailscale/tailscale:latest Tailscale node (shares synapse network)
mautrix-whatsapp dock.mau.dev/mautrix/whatsapp:latest WhatsApp bridge
mautrix-gmessages dock.mau.dev/mautrix/gmessages:latest Google Messages bridge
mautrix-slack dock.mau.dev/mautrix/slack:latest Slack bridge
mautrix-discord dock.mau.dev/mautrix/discord:latest Discord bridge
matrix-relay matrix-matrix-relay (local build) Custom relay service

Network Architecture

All containers (except the Tailscale sidecar) communicate over a shared internal bridge network matrix_matrix-internal (172.25.0.0/16). No ports are exposed directly to the host — all external access goes through Tailscale on the synapse container.

Container Internal IP
synapse 172.25.0.2
mautrix-discord 172.25.0.3
mautrix-whatsapp 172.25.0.4
mautrix-gmessages 172.25.0.5
matrix-db 172.25.0.6
matrix-relay 172.25.0.7
mautrix-slack 172.25.0.8

Compose File

Path: /home/artanis/DockerFiles/Matrix/matrix/compose.yaml

services:
  matrix-tailscale:
    image: tailscale/tailscale:latest
    container_name: matrix-tailscale
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun
    volumes:
      - matrix_tailscale_state:/var/lib/tailscale
    environment:
      - TS_AUTHKEY=<redacted>
      - TS_HOSTNAME=matrix
      - TS_STATE_DIR=/var/lib/tailscale
    network_mode: "service:synapse"

  matrix-db:
    image: postgres:16-alpine
    container_name: matrix-db
    restart: unless-stopped
    environment:
      POSTGRES_USER: synapse
      POSTGRES_PASSWORD: <redacted>
      POSTGRES_DB: synapse
    volumes:
      - /home/artanis/DockerFiles/Matrix/postgresdata:/var/lib/postgresql/data
    networks:
      - matrix-internal

  synapse:
    image: matrixdotorg/synapse:latest
    container_name: synapse
    restart: unless-stopped
    depends_on:
      - matrix-db
    volumes:
      - /home/artanis/DockerFiles/Matrix/synapsedata:/data
    networks:
      - matrix-internal

  mautrix-whatsapp:
    image: dock.mau.dev/mautrix/whatsapp:latest
    container_name: mautrix-whatsapp
    restart: unless-stopped
    volumes:
      - /home/artanis/DockerFiles/Matrix/whatsappdata:/data
    networks:
      - matrix-internal

  mautrix-gmessages:
    image: dock.mau.dev/mautrix/gmessages:latest
    container_name: mautrix-gmessages
    restart: unless-stopped
    volumes:
      - /home/artanis/DockerFiles/Matrix/gmessagesdata:/data
    networks:
      - matrix-internal

  mautrix-slack:
    image: dock.mau.dev/mautrix/slack:latest
    container_name: mautrix-slack
    restart: unless-stopped
    volumes:
      - /home/artanis/DockerFiles/Matrix/slackdata:/data
    networks:
      - matrix-internal

  mautrix-discord:
    image: dock.mau.dev/mautrix/discord:latest
    container_name: mautrix-discord
    restart: unless-stopped
    volumes:
      - /home/artanis/DockerFiles/Matrix/discorddata:/data
    networks:
      - matrix-internal
    depends_on:
      - matrix-db
      - synapse

  matrix-relay:
    build:
      context: ../
      dockerfile: matrix_relay.Dockerfile
    container_name: matrix-relay
    restart: unless-stopped
    networks:
      - matrix-internal

networks:
  matrix-internal:
    driver: bridge

volumes:
  matrix_tailscale_state:

Data Layout

Path Contents
/home/artanis/DockerFiles/Matrix/postgresdata PostgreSQL data
/home/artanis/DockerFiles/Matrix/synapsedata Synapse config, media store
/home/artanis/DockerFiles/Matrix/whatsappdata WhatsApp bridge config/state
/home/artanis/DockerFiles/Matrix/gmessagesdata Google Messages bridge config/state
/home/artanis/DockerFiles/Matrix/slackdata Slack bridge config/state
/home/artanis/DockerFiles/Matrix/discorddata Discord bridge config/state

Notes

  • The matrix-relay container is built from a local matrix_relay.Dockerfile located one directory up from the compose file (/home/artanis/DockerFiles/Matrix/)
  • Synapse does not expose any ports to the host — it is only reachable via the matrix_matrix-internal network and through Tailscale
  • The Tailscale sidecar attaches to synapse's network namespace, so Synapse's internal ports (8008, 8448) become accessible at matrix.bunny-wyvern.ts.net
Reference in New Issue View Git Blame Copy Permalink