matrix-docker-ansible-deploy/docs/configuring-playbook-synapse-admin.md
Slavi Pantaleev 39bddefd39 Make addons communicate with the homeserver via a new internal Traefik entrypoint
This also adds labels for Synapse. Support for other homeservers and
components will be added later.
2024-01-14 10:48:54 +02:00

2.7 KiB

Setting up Synapse Admin (optional)

The playbook can install and configure synapse-admin for you.

It's a web UI tool you can use to administrate users and rooms on your Matrix server. It's designed to work with the Synapse homeserver implementation, but to some extent may work with Dendrite as well.

See the project's documentation to learn what it does and why it might be useful to you.

Adjusting the playbook configuration

Add the following configuration to your inventory/host_vars/matrix.DOMAIN/vars.yml file:

matrix_synapse_admin_enabled: true

Note: Synapse Admin requires Synapse's Admin APIs to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following official Synapse reverse-proxying recommendations. Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook automatically exposes the Synapse Admin API publicly for you. Depending on the homeserver implementation you're using (Synapse, Dendrite), this is equivalent to:

  • for Synapse (our default homeserver implementation): matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true
  • for Dendrite: matrix_dendrite_container_labels_client_synapse_admin_api_enabled: true

Installing

After configuring the playbook, run the installation command again:

ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start

Usage

After installation, Synapse Admin will be accessible at: https://matrix.DOMAIN/synapse-admin/

To use Synapse Admin, you need to have registered at least one administrator account on your server.

The Homeserver URL to use on Synapse Admin's login page is: https://matrix.DOMAIN

Sample configuration for running behind Caddy v2

Below is a sample configuration for using this playbook with a Caddy 2.0 reverse proxy (non-default configuration where matrix-nginx-proxy is disabled - matrix_nginx_proxy_enabled: false).

# This is a basic configuration that will function the same as the default nginx proxy - exposing the synapse-admin panel to matrix.YOURSERVER.com/synapse-admin/
  handle_path /synapse-admin* {
        reverse_proxy localhost:8766  {
        }
  }