matrix-docker-ansible-deploy/docs/configuring-playbook-synapse-admin.md

# Setting up Synapse Admin (optional)

The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin)) for you.

synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation, but to some extent may work with [Dendrite](./configuring-playbook-dendrite.md) as well.

See the project's [documentation](https://github.com/etkecc/synapse-admin) to learn what it does and why it might be useful to you.


## Adjusting the playbook configuration

Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:

```yaml
matrix_synapse_admin_enabled: true
```

**Note**: Synapse Admin requires Synapse's [Admin APIs](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook **automatically** exposes the Synapse Admin API publicly for you. Depending on the homeserver implementation you're using (Synapse, Dendrite), this is equivalent to:

- for [Synapse](./configuring-playbook-synapse.md) (our default homeserver implementation): `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true`
- for [Dendrite](./configuring-playbook-dendrite.md): `matrix_dendrite_container_labels_public_client_synapse_admin_api_enabled: true`

By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable.


## Installing

After configuring the playbook, run the [installation](installing.md) command again (`just install-all`).


## Usage

After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`

To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`# Setting up Synapse Admin (optional)`

Switch Synapse-Admin to etke.cc fork (#3519) * switch to synapse-admin fork * Fix typo * Close unclosed ) and reword sentence --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2024-09-12 10:31:12 +02:00			`The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin)) for you.`
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00
Switch Synapse-Admin to etke.cc fork (#3519) * switch to synapse-admin fork * Fix typo * Close unclosed ) and reword sentence --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2024-09-12 10:31:12 +02:00			`synapse-admin is a web UI tool you can use to administrate users, rooms, media, etc. on your Matrix server. It's designed to work with the Synapse homeserver implementation, but to some extent may work with [Dendrite](./configuring-playbook-dendrite.md) as well.`
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00
Switch Synapse-Admin to etke.cc fork (#3519) * switch to synapse-admin fork * Fix typo * Close unclosed ) and reword sentence --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2024-09-12 10:31:12 +02:00			`See the project's [documentation](https://github.com/etkecc/synapse-admin) to learn what it does and why it might be useful to you.`
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Adjusting the playbook configuration`

			Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:

			```yaml
			`matrix_synapse_admin_enabled: true`
			```

Switch Synapse-Admin to etke.cc fork (#3519) * switch to synapse-admin fork * Fix typo * Close unclosed ) and reword sentence --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2024-09-12 10:31:12 +02:00			Note: Synapse Admin requires Synapse's [Admin APIs](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook automatically exposes the Synapse Admin API publicly for you. Depending on the homeserver implementation you're using (Synapse, Dendrite), this is equivalent to:
Add native Traefik support to matrix-dendrite 2024-01-11 10:30:42 +01:00
Add missing link to synapse config docs 2024-02-13 05:10:50 +01:00			- for [Synapse](./configuring-playbook-synapse.md) (our default homeserver implementation): `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true`
Rename label-related variables for homeservers We'd be adding integration with an internal Traefik entrypoint (`matrix_playbook_internal_matrix_client_api_traefik_entrypoint`), so renaming helps disambiguate things. There's no need for deperecation tasks, because the old names have only been part of this `bye-bye-nginx-proxy` branch and not used by anyone publicly. 2024-01-14 09:29:38 +01:00			- for [Dendrite](./configuring-playbook-dendrite.md): `matrix_dendrite_container_labels_public_client_synapse_admin_api_enabled: true`
Fix Synapse Admin not working due to unexposed Synapse Admin APIs Regression since 63a49bb2dc7780. Related to #685 (Github Issue). We now automatically expose the APIs when Synapse Admin is enabled. 2020-10-27 19:33:37 +01:00
Switch Synapse-Admin to etke.cc fork (#3519) * switch to synapse-admin fork * Fix typo * Close unclosed ) and reword sentence --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2024-09-12 10:31:12 +02:00			By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable.
Auto-configure synapse-admin to be restricted to a single homeserver (the one managed by the playbook) 2024-07-01 15:01:31 +02:00
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Installing`

Auto-configure synapse-admin to be restricted to a single homeserver (the one managed by the playbook) 2024-07-01 15:01:31 +02:00			After configuring the playbook, run the [installation](installing.md) command again (`just install-all`).
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Usage`

			After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`

			`To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.`