36 lines
1.1 KiB
Markdown
36 lines
1.1 KiB
Markdown
|
# ADR-003: Federation Strategy — Full Federation Enabled
|
||
|
|
|
||
|
|
**Status**: Accepted
|
||
|
|
**Date**: 2026-04-05
|
||
|
|
**Deciders**: Ezra (architect), Timmy Foundation
|
||
|
|
**Scope**: Federation behavior for Conduit homeserver (#166, #183)
|
||
|
|
|
||
|
|
---
|
||
|
|
|
||
|
|
## Context
|
||
|
|
|
||
|
|
Matrix servers can operate in isolated mode (no federation) or federated mode (interoperate with matrix.org and other homeservers).
|
||
|
|
|
||
|
|
## Decision
|
||
|
|
|
||
|
|
Enable **full federation from day one**.
|
||
|
|
|
||
|
|
## Consequences
|
||
|
|
|
||
|
|
| Positive | Negative |
|
||
|
|
|----------|----------|
|
||
|
|
| Alexander can use any Matrix client/ID | Requires public DNS + TLS + port 8448 |
|
||
|
|
| Fleet bots can bridge to other networks | Slightly larger attack surface |
|
||
|
|
| Aligns with sovereign, open protocol ethos | Must monitor for abuse/spam |
|
||
|
|
|
||
|
|
## Prerequisites Introduced
|
||
|
|
|
||
|
|
- Valid TLS certificate (Let's Encrypt via Caddy)
|
||
|
|
- Public DNS A record + SRV record
|
||
|
|
- Firewall open on TCP 8448 inbound
|
||
|
|
|
||
|
|
## References
|
||
|
|
|
||
|
|
- Issue: [#166](http://143.198.27.163:3000/Timmy_Foundation/timmy-config/issues/166)
|
||
|
|
- Runbook: [`infra/matrix/docs/RUNBOOK.md`](http://143.198.27.163:3000/Timmy_Foundation/timmy-config/src/branch/main/infra/matrix/docs/RUNBOOK.md)
|