Introduction
If you want to host your own secure, decentralized chat server using the Matrix protocol, this guide will help you get started. We’ll walk through setting up a Synapse server on a Synology NAS using Docker or Container Manager (DSM 7.2+). This tutorial is written for technically interested beginners with some experience using terminals and configuring home networks.
Requirements
You’ll need a Synology NAS with an x86 CPU (Intel or AMD). ARM-based NAS models, often found in J-series devices, are not supported. Your system should be running DSM 7.2 or newer with Container Manager installed. Make sure you know how to forward ports on your router and access your NAS terminal. You’ll also need a (sub-)domain and access to your DNS settings for routing and SSL configuration.
Preparing the Installation
First, install Container Manager from the Synology Package Center. Open File Station and go to the docker folder. Inside this folder, create a new directory named synapse. Within the synapse directory, create two subfolders: data and db. These folders will be used for volume mounting during container creation.
Generating the Configuration File
We’ll now generate the initial Synapse configuration using Docker. Open the Control Panel, go to Task Scheduler, and create a new user-defined script running as root. Use the following script (update UID, GID, paths, and domain as needed):
#!/bin/bash docker run --rm \ --user 1026:100 \ -v /volume1/docker/synapse/data:/data \ -e SYNAPSE_CONFIG_PATH=/data/homeserver.yaml \ -e SYNAPSE_SERVER_NAME=yourdomain.com \ -e SYNAPSE_REPORT_STATS=yes \ matrixdotorg/synapse:latest generate
Save and run the script once. It will generate the homeserver.yaml configuration file inside /volume1/docker/synapse/data.
Editing the Configuration File
Navigate to /volume1/docker/synapse/data and open homeserver.yaml in a text editor. Add the following lines under your server name:
enable_registration: true enable_registration_without_verification: true enable_group_creation: true
Now remove the default SQLite database configuration within the homeserver.yaml:
database:
name: sqlite3
args:
database: /data/homeserver.db
Replace it with a PostgreSQL configuration:
database:
name: psycopg2
args:
user: synapseuser
password: synapsepass
database: synapsedb
host: synapse-db
cp_min: 5
cp_max: 10
Modify user, password, and database according to your preferences. Save the file.
Creating the Docker Compose File
Open Container Manager, go to Projects, and create a new project. Set the project name (for example: matrix) and select the synapse directory as the project path. Choose to create the docker-compose.yml manually, then enter the following configuration:
version: "3.9"
services:
synapse-db:
image: postgres:17.4
container_name: Synapse-DB
hostname: synapse-db
security_opt:
- no-new-privileges:true
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "synapsedb", "-U", "synapseuser"]
timeout: 45s
interval: 10s
retries: 10
user: 1026:100
volumes:
- /volume1/docker/synapse/db:/var/lib/postgresql/data
environment:
- POSTGRES_DB=synapsedb
- POSTGRES_USER=synapseuser
- POSTGRES_PASSWORD=synapsepass
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
restart: always
synapse:
image: matrixdotorg/synapse:latest
container_name: Synapse
hostname: synapse
security_opt:
- no-new-privileges:true
user: 1026:100
environment:
- TZ=Europe/Berlin
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
volumes:
- /volume1/docker/synapse/data:/data
ports:
- 8008:8008
restart: always
depends_on:
synapse-db:
condition: service_started
Adjust the values for volume paths, user ID, and database credentials to match your setup. Then start the project.
After starting, you should see two running containers in Container Manager: Synapse and Synapse-DB.
Setting Up Domain and Reverse Proxy
To make your Matrix server accessible from the internet, you need to set up a (sub-)domain and a reverse proxy.
First, configure your DNS provider to point your domain or subdomain to your NAS IP address. If you have a dynamic IP, use Dynamic DNS or set a CNAME record pointing to an existing DDNS entry.
Open Synology Control Panel and go to Login Portal. Under the Advanced tab, open the Reverse Proxy settings and create a new entry.
Under the General tab:
Source: Protocol: HTTPS Hostname: your.sub.domain Port: 443 Enable HSTS. Destination: Protocol: HTTP Hostname: localhost Port: 8008 Switch to the Custom Header tab and add the following: Header name: Upgrade Value: $http_upgrade Header name: Connection Value: $connection_upgrade
Save the entry.
Now go to Control Panel > Security > Certificate. Create a new Let’s Encrypt certificate for your subdomain. After creation, assign this certificate to your reverse proxy rule under the Settings tab.
Once everything is set up, test your domain in a browser. You should be forwarded to your Synapse server running on port 8008 and served over HTTPS with a valid SSL certificate.
Registering a New User
To add a new user to your Matrix server, open your terminal or SSH into your NAS and run the following:
cd /volume1/docker/synapse docker-compose exec synapse register_new_matrix_user -c /data/homeserver.yaml http://localhost:8008
Allow the prompts to enter a username and password. Your Matrix ID will be in the format @username:yourdomain.com.
Conclusion
You’ve now set up your own self-hosted Matrix Synapse server on a Synology NAS with Docker, PostgreSQL, SSL encryption, and domain routing. You can log in using any Matrix-compatible client like Element and start chatting securely.
