⬑

matrix conduit服务器配置

#Matrix  #Linux

deply.sh

sudo cp matrix-conduit /usr/local/bin
sudo useradd conduit
sudo cp conduit.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo mkdir -p /etc/matrix-conduit
cp conduit.toml /etc/matrix-conduit
sudo chown -R root:root /etc/matrix-conduit
sudo chmod 755 /etc/matrix-conduit
sudo mkdir /var/lib/matrix-conduit
sudo chown -R conduit:conduit /var/lib/matrix-conduit
sudo chmod 700 /var/lib/matrix-conduit/

conduit.service

[Unit]
Description=Conduit Matrix Server
After=network.target

[Service]
Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml"
User=conduit
Group=conduit
Restart=always
ExecStart=/usr/local/bin/matrix-conduit

[Install]
WantedBy=multi-user.target

conduit.toml

server_name = "matrix.mistivia.com"

database_path = "/var/lib/matrix-conduit/"
database_backend = "rocksdb"

port = 6167

max_request_size = 20_000_000 # in bytes

allow_registration = true

allow_federation = true
allow_check_for_updates = true

trusted_servers = ["matrix.org"]

#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
#log = "warn,state_res=warn,rocket=off,_=off,sled=off"

address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy

nginx:

server {
    listen 443 ssl http2;
    listen 8448 ssl http2;
    ssl_certificate /etc/letsencrypt/live/file.mistivia.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/file.mistivia.com/privkey.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;


    server_name matrix.mistivia.com;
    merge_slashes off;
    client_max_body_size 20M;
    location /_matrix/ {
        proxy_pass http://127.0.0.1:6167$request_uri;
        proxy_set_header Host $http_host;
        proxy_buffering off;
        proxy_read_timeout 5m;
    }
}