wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added intro

Browse source
This commit is contained in:
Oddvar Lovaas 2016-03-17 17:12:04 +00:00
parent 3ce5453549
commit 13a8050b4e
2 changed files with 41 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
supporting-docs/guides/2016-01-01-index.md
View file

@ -9,6 +9,7 @@ categories: guides
<p>Here is a collection of guides that might help you get involved with Matrix.</p>
<p>First, there is the <a href="./getting_involved.html" title="Getting Involved">Getting Involved</a> guide, which explains various ways of getting started with Matrix.</p>
<p>The <a href="/docs/howtos/client-server.html" title="Client-Server API">Client-Server API</a> guide explains in detail how to use the CS API, which is useful if you want to write a client (or modify an existing one) - or if you're just interested in how it works "under the hood".</p>
<p><a href="./lets-encrypt.html">Let's Encrypt Matrix</a> explains how to use Let's Encrypt's certificates with your Synapse installation.</p>
<p>The <a href="./application_services.html" title="Application services">Application services</a> guide introduces and explains Application services, and what they can be used for.
<p>Finally there is the <a href="./faq.html" title="FAQ">FAQ</a>, which tries to answer all your questions relating to Matrix!</p>

40
supporting-docs/guides/2016-03-15-lets-encrypt.rst Normal file
View file

@ -0,0 +1,40 @@
---
layout: post
title: Let's Encrypt Matrix
categories: guides
---
====================
Let's Encrypt Matrix
====================
Let's Encrypt is a free Certificate Authority that makes it easy to secure your server's internet traffic. This makes it really easy to secure your Matrix homeserver, and this guide will explain exactly how you do this.
0: Prerequisites
================
* Install Synapse_.
* Install (or Download) `Let's Encrypt`_
1: Get certificates
===================
When executing the Let's Encrypt client, it will ask for the domain name of your server, and your email address. The domain list can include multiple names and should include any domain you want to access the server from.
Also, the certificates will be in a folder under /etc/letsencrypt (see below) and owned by root. These files should be copied to the same directory as the synapse install and owned by the user synapse is run as.
::
# cd (path to synapse)
# ./letsencrypt-auto certonly --standalone
# sudo cp /etc/letsencrypt/live/(your domain name)/* .
# sudo chown (user synapse runs as) *.pem
A note about renewal
--------------------
These certificates will expire in 3 months. To renew certificates, just repeat this step.
2: Install Certificates
=======================
At the top of your homeserver.yaml there should be two keys, ```tls_certificate_path``` and ```tls_private_key_path```. These should be changed so that instead of pointing to the default keys, they now point to the Let's Encrypt keys. ```tls_certificate_path``` should point to the ```fullchain.pem``` in the synapse install directory. ```tls_private_key_path``` should point to the ```privkey.pem``` in the synapse install directory. ```tls_dh_params_path``` can stay the same as before.
.. _Synapse: https://github.com/matrix-org/synapse/blob/master/README.rst#synapse-installation
.. _Let's Encrypt: https://letsencrypt.readthedocs.org/en/latest/using.html#installation