Project

General

Profile

Actions

The ungleich Matrix infrastructure » History » Revision 11

« Previous | Revision 11/22 (diff) | Next »
Timothée Floure, 03/10/2020 08:55 PM
Add link to customer deployments


The ungleich Matrix infrastructure

This document concerns the infrastructure side of our MaaS offer and is intended for ungleich staff. See Ungleich Matrix-as-a-Service (MaaS) page for end-user/customer documentation.

Status

This document is A DRAFT. This service is not in production. Ask @Timothée Floure for details.

Environment

Our Matrix deployments make use of the Synapse (reference) Matrix homeserver and Riot web client. We use Debian buster as base Operating system, leveraging the matrix-synapse package from the buster-backports repository. The riot client (= static files) is directly fetched from upstream releases on github.

The matrix deployments run on ipv6only VMs, HTTP traffic - including federation - being proxy by the ungleich v4-to-v6 proxy. Federation is delegated using a /.well-known/ URI as described in the customer FAQ.

Tooling

The whole MaaS setup is defined in the manifest/matrix-as-a-service of dot-cdist file, which wraps the __ungleich_matrix type. This type leverages:

  • __matrix_synapse
  • __matrix_riot
  • __ungleich_nginx_static_type
  • _postgres_role and _postgres_database from upstream cdist.

The matterbridge application service can be deployed with the __matterbridge type.

Matrix Federation Tester: https://federationtester.matrix.org/

Monitoring

We plan to leverage consul's service discovery to feed system (node exporter) and matrix (synapse) metrics to prometheus/grafana.

Ungleich Deployments

We maintain our own deployments alongside the customer MaaS, both for our own usage and for testing.

matrix-staging.ungleich.ch

Staging instance used to tests the deployment pipeline and Matrix updates.

matrix.ungleich.ch

Production instance for ungleich. Some rooms are bridged to the chat.ungleich.ch mattermost instance. The bridge makes use of the #matterbridge:ungleich.ch local matrix user (i.e. not from LDAP) and matterbridge mattermost user (linked to matterbridge AT ungleich ch).

Customer Deployments

That's too sensitive to be public: this way !

Shared TURN server

WIP!

Updated by Timothée Floure over 4 years ago · 11 revisions