Enter the Matrix Install your own Matrix server on Arch Linux
1 Who am I?
Brendan Abolivier
Software engineer @ Element Core team member @ The Matrix.org Foundation
Core committer on Synapse, the reference Matrix homeserver implementation
Matrix: @brendan:abolivier.bzh E-mail: [email protected]
2 What is Matrix?
3 Matrix is an open network for secure, decentralised real-time communication.
Interoperable chat Interoperable VoIP Open comms for VR/AR Real-time IoT data fabric
4 Mission: to create a global decentralised encrypted comms network that provides an open platform for real-time communication.
5 What do you get in the spec? • Decentralised conversation history • Group Messaging (and 1:1) • End-to-end Encryption • VoIP signalling for WebRTC • Server-side push notification rules • Server-side search • Read receipts, Typing Notifs, Presence • Synchronised read state and unread counts • Decentralised content repository • “Account data” for users per room 6 No single party owns your conversations.
Conversations are shared over all participants.
7 The Matrix APIs
• Client-Server API • Server-Server API (a.k.a. the federation API) • Application Service API • Identity Server API
8 Matrix: Distributed Architecture
Clients
Homeservers
Application Servers
Identity Servers
9 The Client-Server API
To send a message: curl -XPOST -H 'Authorization: Bearer ACCESS_TOKEN' -d '{"msgtype":"m.text", "body":"hello"}' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ID/send/m.room.message"
{ "event_id": "$YUwRidLecu" }
10 The Client-Server API
To control a Hue light: curl -XPOST –d '{\ "room": "1",\ "light": 2,\ "brightness": 0.5,\ }' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ID/send/org.matri x.midi?access_token=ACCESS_TOKEN"
{ "event_id": “$ORzcZn2” }
11 Server-Server API
• Synchronises messages and room state between servers, in real-time • Can retrieve historic messages from each other • Query profile and presence information about users on each other's servers
Application Services API
• Have privileged access to the server
• Can subscribe to server traffic to provide custom application logic
• They can masquerade as 'virtual users'.
12 Bridges
13 Telegram
Slack
IRC
Gitter Github
14 Telegram
Slack
IRC
Gitter Github
15 Bridges
• IRC • Gitter
• Discord • RocketChat
• Telegram • Email
• Slack • Mastodon
• SMS • …more
➔ https://matrix.org/bridges/
16 Building Bridges
3rd party Clients
3rd party Server Bridge
17 Typical Bridging Stack matrix-appserv matrix-appserv matrix-appserv ice- ice-slack ice-purple irc …
matrix-appservice-bridge
matrix-appservice-node
matrix-js-sdk
Node JS 18 Matrix to IRC
IRC clients
ircd (e.g. Freenode) matrix-appserv ice-irc 19 Matrix to IOT…
Parrot Bebop Drone
Janus WebRTC Gateway (from MeetEcho)
20 Ecosystem
21 Matrix Open Source Ecosystem
Other Clients:
Quaternion Nheko (Qt/C++) (Qt/C++) client-side matrix-react-sdk MatrixKit (iOS) FluffyChat Fractal (Flutter) (Gtk+/Rust)
matrix-android-sdk2
gomuks Thunderbird matrix-js-sdk matrix-ios-sdk (Go)
…and many many more
The Matrix Specification (Client/Server API) server-side Synapse Application Dendrite Other Servers: (1st gen Matrix Services and Conduit (Rust), Other Services: (2nd gen Server) Bridges, Bots, Integs… Server) Bridges Construct (C++)… Clients
• Clients available for every platform ➔ https://matrix.org/clients/
• Many client-side SDKs: • Official: JS, React, iOS, Android • Community: Go, Python, Erlang, Java, Scala, Ruby, Perl6, Lisp, Elixir, Haskell, Rust, Nintendo 3DS… ➔ https://matrix.org/sdks/
23 Homeservers
• Synapse: reference homeserver implementation from the core team • Dendrite: next generation, work in progress homeserver from the core team • Community implementations • Conduit (Rust) • Construct (C++) • …
24 Community Status
•~18.5M global visible accounts •~5.5M messages per day •~4.3M chatrooms •~45,000 federated servers •~3500 msgs/s out, ~35 msgs/s in on Matrix.org •~500 projects building on Matrix •~100 companies building on Matrix •~5 governments deploying Matrix 25 Governance
26 The Matrix.org Foundation
• Non-profit Common Interest Company registered in the UK
• Neutral guardian of Matrix and its reference implementations on behalf of the entire Matrix community
➔ https://matrix.org/foundation/
27 Element
• For-profit company registered in the UK, in France and in the US • Founded by the creators of Matrix • Employs most of the Matrix core team to enable them to work on Matrix as their day job • All of the work done by Element employees on the spec and reference implementations are donated to the foundation • Doesn’t hold a majority in the foundation’s leadership • Builds commercial services on top of Matrix
28 Let’s install a homeserver!
29 Wait, what’s a homeserver?
30 Three types of Matrix servers
• Identity server
• Application service
• Homeserver
31 What’s a homeserver?
• It’s the “home” of a Matrix account • Implements the Client-Server API • Implements the federation API • Clients connect to it to send and receive messages • Other homeservers connect to it to send and receive messages
32 Synapse: the reference implementation
33 The plan
• Install Synapse using the official Arch Linux repo sudo pacman -S matrix-synapse
• Configure Synapse
• Install and configure a reverse proxy (Caddy)
34 Let’s do this!
35 Database
• By default, Synapse uses SQLite
• PostgreSQL is recommended for production
➔ https://github.com/matrix-org/synapse/blob/master/docs/postgres.md
36 Federation and TLS
• Before Matrix 1.0 (June 2019), Matrix was using “perspectives” to validate TLS on federation
• From Matrix 1.0, a valid TLS certificate is required
• Easiest done through a reverse proxy
37 ACME support
• Uses Twisted’s txacme library
• Currently only supports ACME v1, which is being turned off by Let’s Encrypt
• Work in progress on Twisted’s side to support ACME v2, but progress is slow
38 Reverse proxy
• Reverse proxy the localhost listener on port 8008
• This demo was using Caddy because of automatic TLS, but other options work
➔ https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md
39 Let’s do this!
40 Going further
41 Workers
• Synapse is written in Python ➔ 1 process = 1 CPU core
• Main process + workers that handle part of the main process’s workload
• Communication between processes through Redis
• Example: Syncing with synchrotrons
➔ https://github.com/matrix-org/synapse/blob/master/docs/workers.md
42 Delegation
• Allows the homeserver for example.com to be hosted at, e.g. matrix.example.com
• Also allows the federation port to be something else than the default (8448)
• Usually done with a JSON file at a .well-known URL on the delegating domain (example.com in our example)
43 Delegation
https://example.com/.well-known/matrix/server
{ "m.server": "matrix.example.com:443" }
44 TURN (VoIP)
➔ https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md
Metrics (Prometheus + Grafana)
➔ https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md
45 Thank You!
@brendan:abolivier.bzh [email protected] @matrixdotorg 46