Initial commit

Caddyfile

@@ -0,0 +1,45 @@
+
+example.com, www.example.com {
+	#Headers & Well-known for Matrix & Element Call
+        header /.well-known/matrix/* Content-Type application/json
+        header /.well-known/matrix/* Access-Control-Allow-Origin *
+        respond /.well-known/matrix/server `{"m.server": "matrix.example.com:443"}`
+        respond /.well-known/matrix/client `{"m.homeserver": {"base_url": "https://matrix.example.com"}, "org.matrix.msc4143.rtc_foci": [{"type": "livekit", "livekit_service_url": "https://livekit.example.com"}]}`
+}
+
+matrix.example.com {
+	#reverse_proxy /_matrix/* http://localhost:8448
+        #reverse_proxy /_synapse/client/* http://localhost:8448
+        reverse_proxy localhost:8448
+        header X-Robots-Tag "noindex, nofollow"
+        encode gzip
+        import log-config
+        #redir / /_matrix/static/
+	
+	handle /favicon.ico {
+                root * /var/www/favicon/matrix
+                file_server
+        }
+}
+
+
+livekit.example.com {
+        header X-Robots-Tag "noindex, nofollow"
+        encode gzip
+        import log-config
+
+		#Route to jwt-service
+        route /sfu/get* {
+        reverse_proxy localhost:8451
+        }
+        
+		#Route to jwt-service
+        route /healthz* {
+        reverse_proxy localhost:8451
+        }
+		
+		#Route to livekit
+        route /* {
+        reverse_proxy localhost:7880
+        }
+}

README.MD.txt

@@ -0,0 +1,10 @@
+My currently working setup using docker for : Synapse, Livekit, Jwt-service and caddy installed on the host. 
+With element-call functionnal with our server as backend.
+
+
+Good guide to read when setting this up : https://sspaeth.de/2024/11/sfu/
+
+
+These ports gotta be opened in the firewall (+port forward) :
+7881/tcp and 3478,50100:50200/udp
+

data/homeserver.yaml

@@ -0,0 +1,71 @@
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+#
+# For more information on how to configure Synapse, including a complete accounting of
+# each option, go to docs/usage/configuration/config_documentation.md or
+# https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html
+server_name: "example.com"
+public_baseurl: https://matrix.example.com
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8448
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+
+serve_server_wellknown: true
+
+database:
+  name: psycopg2
+  args:
+    user: synapse
+    password: <db_password>
+    database: synapse
+    host: db
+    cp_min: 5
+    cp_max: 10
+log_config: "/data/my.matrix.host.log.config"
+media_store_path: /data/media_store
+report_stats: true
+signing_key_path: "/data/my.matrix.host.signing.key"
+trusted_key_servers:
+  - server_name: "matrix.org"
+
+
+###Needed for element call
+experimental_features:
+    # MSC3266: Room summary API. Used for knocking over federation
+    msc3266_enabled: true
+    # MSC4222 needed for syncv2 state_after. This allow clients to
+    # correctly track the state of the room.
+#    msc4222_enabled: true
+
+# The maximum allowed duration by which sent events can be delayed, as
+# per MSC4140.
+max_event_delay_duration: 24h
+###
+
+rc_message:
+  # This needs to match at least the heart-beat frequency plus a bit of headroom
+  # Currently the heart-beat is every 5 seconds which translates into a rate of 0.2s
+  per_second: 0.5
+  burst_count: 30
+
+rc_admin_redaction:
+  per_second: 1
+  burst_count: 50
+
+rc_registration:
+  per_second: 0.3
+  burst_count: 4
+
+enable_registration: true
+registration_requires_token: true

docker-compose.yaml

@@ -0,0 +1,47 @@
+services:
+
+  synapse:
+    container_name: matrix-synapse
+    image: docker.io/matrixdotorg/synapse:latest
+    restart: unless-stopped
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
+    volumes:
+      - ./data:/data
+    depends_on:
+      - db
+    ports:
+      - "127.0.0.1:8448:8448"
+
+  db:
+    container_name: matrix-postgres
+    image: docker.io/postgres:17.2
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=synapse
+      - POSTGRES_PASSWORD=<db_password>
+      - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
+    volumes:
+      - ./db:/var/lib/postgresql/data
+
+  livekit:
+    container_name: matrix-livekit
+    image: livekit/livekit-server:latest
+    command: --config /etc/livekit.yaml
+    restart: unless-stopped
+    network_mode: host
+    volumes:
+      - ./livekit/livekit.yaml:/etc/livekit.yaml
+
+  jwt-service:
+    image: ghcr.io/element-hq/lk-jwt-service:latest-ci
+    container_name: matrix-jwt-service
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:8451:8080"
+    environment:
+      - LIVEKIT_SECRET=<StrongLongString>
+      - LIVEKIT_URL=wss://livekit.example.com:443
+      - LIVEKIT_KEY=devkey 
+      #Tip : don't change this value (devkey)
+  

livekit/livekit.yaml

@@ -0,0 +1,18 @@
+port: 7880
+bind_addresses:
+  - ""
+rtc:
+  tcp_port: 7881
+  port_range_start: 50100
+  port_range_end: 50200
+  use_external_ip: false
+  
+turn:
+  enabled: true
+  domain: livekit.example.com
+  tls_port: 5349
+  udp_port: 3478
+  external_tls: true
+keys:
+  devkey: "<StrongLongString>"
+logging: