freedom

Matrix/Riot/Jitsi Homeserver Installation at GFOSS

In this article, we will present a guide on how to set up a Matrix, Riot and Jitsi Homeserver, as well as why you should want to. But first, let’s see what those are. This article has been based on the experience gained from installing Matrix/Riot/Jitsi server for internal use in Open Technologies Alliance (GFOSS).

Matrix

As their introduction page states, Matrix is an ambitious open source ecosystem for federated Instant Messaging and VoIP. The basics you need to know to get up and running are:

  • Everything in Matrix happens in a room. Rooms are distributed and do not exist on any single server. Rooms can be located using convenience aliases like #matrix:matrix.org or #test:localhost:8448.
  • Matrix user IDs look like @matthew:matrix.org (although in the future you will normally refer to yourself and others using a third party identifier (3PID): email address, phone number, etc rather than manipulating Matrix user IDs)

The overall architecture is:

Of course, with Matrix, you can still set up an unfederated server (that’s what we have done internally at GFOSS) and be sure your communication data are securely contained in your infrastructure alone, with the obvious consequence that you can find and talk to users and in rooms that are registered inside your own server.

Matrix is highly modular, so you can use only the components you need, but all installations have at least those:

  • Synapse homeserver – storing your data and managing your presence in the Matrix network
  • PostgreSQL database for Synapse. You can either install PostgreSQL on the same server as Synapse or use an external PostgreSQL server.
  • A Coturn STUN/TURN server for WebRTC audio/video calls
  • Free Let’s Encrypt TLS certificate, which secures the connection to the Synapse server and the web UI
  • A web UI, which is configured to connect to your own Synapse server by default. The most full-featured and commonly used is Riot im.
  • A Matrix Identity server. You can either use Sydent or the more advanced ma1sd.
  • A mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server)
  • A web server, listening on ports 80 and 443 – standing in front of all the other services.

Riot

As we mentioned above, you will need a web UI client to connect to your Matrix homeserver installation. Riot (formerly known as Vector), not only has a great UI and the most features as a web client, but also has Windows, Linux, Android and iOS native applications, that you can use to connect to your server as well.

Jitsi

Jitsi is a collection of Open Source projects which provide state-of-the-art video conferencing capabilities that are secure, easy to use and easy to self-host. While Riot/Matrix offer P2P voice and video communication via WebRTC, Jitsi is needed to create conferences with more than two participants. When configured, you can deploy Jitsi widgets in Matrix rooms where everyone can participate in the video conference, and remove the widget when you are done. Also, you can use Jitsi as a standalone application, for video conferences with anyone, regardless of them having Matrix accounts or not.

Features

Bridges

A big feature of Matrix is it’s ability to connect to other services, with modules called bridges. This way, you can use the Matrix/Riot installation as a unified environment to access various messaging platforms for sending and receiving messages. A non exhaustive list of services you can access via bridges is:

You can learn more about bridges, bridging methods and compatible messaging platforms, in the respective section of matrix.org.

Widgets

If you install an integration manager, like Dimension, or you use the default provided one by Riot at scalar.vector.im, you can see and configure all your modules in your Riot web client. Integration Managers receive configuration data, and can modify widgets, send room invites, and set power levels on your behalf. They also manage bots, widgets, and sticker packs. When you add a widget to a room, you embed a web app iframe in a room, so all its participants can view it. The widget options include Jitsi Conferences, YouTube Videos, Google Calendar events, public Google Docs and any webpage that allows being embedded in an iframe.

Bots

Bots are a powerful feature of Matrix that, besides allowing bridges to work, can provide automation and interoperability functions with other services. Bot are, in essence, virtual users that can receive commands as messages sent to them or the room they belong to and post the output of their task as a reply. They can be used to send automated messages, follow RSS and Twitter feeds, track GitHub issues, Gitlab issues and Trello boards, and many more.

You can learn more about the available bots in the respective section of matrix.org.

Installation

The infrastructure we used for our installation is a Virtual Machine hosted at Okeanos, equipped with:

  • 8 CPU cores
  • 8 Gb RAM
  • 60 Gb Storage (You might need more if you want to store many files – like images, documents etc. – or you could consider using an external storage service for those files)
  • Static Public IPv4 and IPv6 addresses

We have also connected our installation with our LDAP server using the matrix-synapse-ldap3 LDAP Auth password provider module, so that our users can access the Matrix server without having to register again.

You can use this well-maintained ansible playbook to install and configure all the Matrix services and components you want, in organized docker containers. Otherwise, you can follow the instructions in each component’s GitHub Page to install it manually. You can also use the below video and its accompanying blog post.

As the playbook documentation suggests, you can install the required software on CentOS (7.0+), Debian-based distributions (Debian 9/Stretch+, Ubuntu 16.04+) and Archlinux, but Jitsi is officially supported on Ubuntu 18.04 LTS, so we recommend choosing this distro if you plan on installing Jitsi as well.

Conclusions

Having a Matrix homeserver and using the Riot client can help you, not only join the big Matrix community, but being more organized and effective, by having most, if not all, of your necessary means of communication in one unified platform. If you choose to configure everything by yourself, it can have a steep learning curve, but the automated deployment solutions and the thorough documentation make up for it. Be it chat, voice or video conferences, Matrix, Riot, Jitsi and the appropriate modules can reliably serve even the most advanced communication needs.

Leave a Comment