Timmy_Foundation/timmy-config
16
0
Fork 0
Code Issues 57 Pull Requests 1 Actions 1 Packages Projects Releases Wiki Activity
Files
df779609c49f1b21339f3c071cb25899468c709c
timmy-config/infra/matrix/prerequisites.md

2.6 KiB
Raw Blame History

Matrix/Conduit Prerequisites

Issue: #183

Target Host Requirements

Option A: Deploy on Hermes VPS (143.198.27.163)

  • Pros: Existing infrastructure, Ezra home territory
  • Cons: Already hosting multiple wizards, resource contention
  • Ports available: Need to verify 443, 8448 free or proxyable

Option B: Deploy on Allegro (167.99.126.228)

  • Pros: Separate host from Hermes, already has Nostr relay
  • Cons: Allegro-Primus runs there; check resource headroom

Option C: New VPS

  • Pros: Clean slate, dedicated resources
  • Cons: Additional cost, new maintenance surface

Recommended: Option A (Hermes) or dedicated lightweight VPS

Required Ports

Port Protocol Purpose Visibility
443 TCP Client HTTPS (Caddy/Nginx → Conduit) Public
8448 TCP Server-to-server federation Public
6167 TCP Conduit internal (localhost only) Localhost
80 TCP ACME HTTP challenge (redirects to 443) Public

DNS Requirements

# A record
matrix.timmy.foundation.    A    <SERVER_IP>

# Optional: subdomains for federation delegation
_timatrix._tcp.timmy.foundation.  SRV  10 0 8448 matrix.timmy.foundation.

Host Software

# Docker + Compose (required)
docker --version  # >= 24.0
docker compose version  # >= 2.20

# Or install if missing:
curl -fsSL https://get.docker.com | sh

Reverse Proxy (choose one)

Option 1: Caddy (recommended for automatic TLS)

apt install caddy  # or use official repo

Option 2: Nginx (if already deployed)

apt install nginx certbot python3-certbot-nginx

TLS Certificate Requirements

  • Valid domain pointing to server IP
  • Port 80 open for ACME challenge (HTTP-01)
  • Or: DNS challenge for wildcard/internal domains

Storage

Component Minimum Recommended
Conduit DB 5 GB 20 GB
Media uploads 10 GB 50 GB+
Logs 2 GB 5 GB

Missing Prerequisites (Blocking)

  1. Target host selected — Hermes vs Allegro vs new
  2. Domain/subdomain assigned — matrix.timmy.foundation?
  3. DNS A record created — pointing to target host
  4. Ports verified open — 443, 8448 on target host
  5. Reverse proxy decision — Caddy vs Nginx
  6. SSL strategy confirmed — Let's Encrypt via proxy

Next Steps After Prerequisites

  1. Fill in conduit.toml with actual domain
  2. Put admin registration secret in .env
  3. Run ./deploy-matrix.sh
  4. Create first admin account
  5. Create fleet rooms
Reference in New Issue View Git Blame Copy Permalink