Matrix/Synapse: Difference between revisions

From Bibliotheca Anonoma
No edit summary
No edit summary
Line 15: Line 15:
   # copy over the certificate for matrix to the pki directory with correct permissions
   # copy over the certificate for matrix to the pki directory with correct permissions
   cat $RENEWED_LINEAGE/privkey.pem > /etc/pki/synapse/matrix.bibanon.org.key
   cat $RENEWED_LINEAGE/privkey.pem > /etc/pki/synapse/matrix.bibanon.org.key
   cat $RENEWED_LINEAGE/cert.pem > /etc/pki/synapse/matrix.bibanon.org.crt
   cat $RENEWED_LINEAGE/fullchain.pem > /etc/pki/synapse/matrix.bibanon.org.crt
   chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.key
   chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.key
   chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.crt
   chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.crt

Revision as of 16:03, 7 September 2017

https://www.upcloud.com/support/install-matrix-synapse/

Create synapse user and /home/synapse, then follow pip virtualenv steps

create /etc/pki/synapse with permissions to synapse user chmod 600

# cat /usr/local/bin/synapse-renewal-hook 
#!/bin/sh
echo "Letsencrypt renewal hook running..."
echo "RENEWED_DOMAINS=$RENEWED_DOMAINS"
echo "RENEWED_LINEAGE=$RENEWED_LINEAGE"

if grep --quiet "matrix.bibanon.org" <<< "$RENEWED_DOMAINS"; then
  # copy over the certificate for matrix to the pki directory with correct permissions
  cat $RENEWED_LINEAGE/privkey.pem > /etc/pki/synapse/matrix.bibanon.org.key
  cat $RENEWED_LINEAGE/fullchain.pem > /etc/pki/synapse/matrix.bibanon.org.crt
  chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.key
  chown synapse:synapse /etc/pki/synapse/matrix.bibanon.org.crt
  chmod 600 /etc/pki/synapse/matrix.bibanon.org.key
  chmod 600 /etc/pki/synapse/matrix.bibanon.org.crt
#  systemctl restart synapse
  echo "synapse matrix server.pem updated. synapse may need to be restarted."
fi

add it to /etc/sysconfig/certbot , enable certbot-renew service