conduwuit/docs/deploying/generic.md
strawberry 00ddc1c88e generalise and cleanup docs a bit
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-03-30 22:06:18 -04:00

5 KiB

Generic deployment documentation

Please note that this documentation is not fully representative of conduwuit at the moment. Assume majority of it is outdated.

Getting help

If you run into any problems while setting up conduwuit, ask us in #conduwuit:puppygock.gay or open an issue on GitHub.

Installing conduwuit

You may simply download the binary that fits your machine. Run uname -m to see what you need.

Prebuilt binaries can be downloaded from the latest successful CI workflow on the main branch here: https://github.com/girlbossceo/conduwuit/actions/workflows/ci.yml?query=branch%3Amain+actor%3Agirlbossceo+is%3Asuccess+event%3Apush

Alternatively, you may compile the binary yourself. First, install any dependencies:

# Debian
$ sudo apt install libclang-dev build-essential

# RHEL
$ sudo dnf install clang

Then, cd into the source tree of conduit-next and run:

$ cargo build --release

Adding a Conduit user

While Conduit can run as any user it is usually better to use dedicated users for different services. This also allows you to make sure that the file permissions are correctly set up.

In Debian or RHEL, you can use this command to create a Conduit user:

sudo adduser --system conduit --group --disabled-login --no-create-home

Forwarding ports in the firewall or the router

Conduit uses the ports 443 and 8448 both of which need to be open in the firewall.

If Conduit runs behind a router or in a container and has a different public IP address than the host system these public ports need to be forwarded directly or indirectly to the port mentioned in the config.

Setting up a systemd service

Now we'll set up a systemd service for Conduit, so it's easy to start/stop Conduit and set it to autostart when your server reboots. Simply paste the default systemd service you can find below into /etc/systemd/system/conduit.service.

[Unit]
Description=Conduwuit Matrix Server
After=network.target

[Service]
Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml"
User=conduit
Group=conduit
RuntimeDirectory=conduit
RuntimeDirectoryMode=0750
Restart=always
ExecStart=/usr/local/bin/matrix-conduit

[Install]
WantedBy=multi-user.target

Finally, run

$ sudo systemctl daemon-reload

Creating the Conduit configuration file

Now we need to create the Conduit's config file in /etc/conduwuit/conduwuit.toml. Paste this in and take a moment to read it. You need to change at least the server name.
RocksDB (rocksdb) is the only supported database backend. SQLite only exists for historical reasons and is not recommended. Any performance issues, storage issues, database issues, etc will not be assisted if using SQLite and you will be asked to migrate to RocksDB first.

See the following example config at conduwuit-example.toml

Setting the correct file permissions

As we are using a Conduit specific user we need to allow it to read the config. To do that you can run this command on Debian or RHEL:

sudo chown -R root:root /etc/matrix-conduit
sudo chmod 755 /etc/matrix-conduit

If you use the default database path you also need to run this:

sudo mkdir -p /var/lib/matrix-conduit/
sudo chown -R conduit:conduit /var/lib/matrix-conduit/
sudo chmod 700 /var/lib/matrix-conduit/

Setting up the Reverse Proxy

Refer to the documentation or various guides online of your chosen reverse proxy software. A Caddy example will be provided as this is the recommended reverse proxy for new users and is very trivial.

Caddy

Create /etc/caddy/conf.d/conduwuit_caddyfile and enter this (substitute for your server name).

your.server.name, your.server.name:8448 {
        # TCP
        reverse_proxy 127.0.0.1:6167

        # UNIX socket
        #reverse_proxy unix//run/conduit/conduit.sock
}

That's it! Just start or enable the service and you're set.

$ sudo systemctl enable caddy

You're done!

Now you can start Conduit with:

$ sudo systemctl start conduit

Set it to start automatically when your system boots with:

$ sudo systemctl enable conduit

How do I know it works?

You can open a Matrix client, enter your homeserver and try to register.

You can also use these commands as a quick health check.

$ curl https://your.server.name/_conduwuit/server_version

# If using port 8448
$ curl https://your.server.name:8448/_conduwuit/server_version
  • To check if your server can talk with other homeservers, you can use the Matrix Federation Tester. If you can register but cannot join federated rooms check your config again and also check if the port 8448 is open and forwarded correctly.

What's next?

Audio/Video calls

For Audio/Video call functionality see the TURN Guide.

Appservices

If you want to set up an appservice, take a look at the Appservice Guide.