matrix-docker-ansible-deploy/docs/configuring-playbook-synapse-admin.md

# Setting up Synapse Admin (optional)

The playbook can install and configure [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) for you.

It's a web UI tool you can use to **administrate users and rooms on your Matrix server**.

See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you.


## Adjusting the playbook configuration

Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:

```yaml
matrix_synapse_admin_enabled: true
```

**Note**: Synapse Admin requires Synapse's [Admin APIs](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook **automatically** exposes the Synapse Admin API publicly for you (equivalent to `matrix_synapse_container_labels_client_synapse_admin_api_enabled: true`).


## Installing

After configuring the playbook, run the [installation](installing.md) command again:

```
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```


## Usage

After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`

To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.

The Homeserver URL to use on Synapse Admin's login page is: `https://matrix.DOMAIN`

### Sample configuration for running behind Caddy v2

Below is a sample configuration for using this playbook with a [Caddy](https://caddyserver.com/v2) 2.0 reverse proxy (non-default configuration where `matrix-nginx-proxy` is disabled - `matrix_nginx_proxy_enabled: false`).

```caddy
# This is a basic configuration that will function the same as the default nginx proxy - exposing the synapse-admin panel to matrix.YOURSERVER.com/synapse-admin/
  handle_path /synapse-admin* {
        reverse_proxy localhost:8766  {
        }
  }
```
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`# Setting up Synapse Admin (optional)`

			`The playbook can install and configure [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) for you.`

			`It's a web UI tool you can use to administrate users and rooms on your Matrix server.`

			`See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you.`

Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Adjusting the playbook configuration`

			Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:

			```yaml
			`matrix_synapse_admin_enabled: true`
			```

Expose /_synapse/* APIs via matrix-synapse-reverse-proxy-companion This also updates validation tasks and documentation, pointing to variables in the matrix-synapse role which don't currently exist yet (e.g. `matrix_synapse_container_labels_client_synapse_admin_api_enabled`). These variables will be added soon, as Traefik labels are added to the `matrix-synapse` role. At that point, the `matrix-synapse-reverse-proxy-companion` role will be updated to also use them. 2024-01-04 10:37:17 +01:00			Note: Synapse Admin requires Synapse's [Admin APIs](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook automatically exposes the Synapse Admin API publicly for you (equivalent to `matrix_synapse_container_labels_client_synapse_admin_api_enabled: true`).
Fix Synapse Admin not working due to unexposed Synapse Admin APIs Regression since 63a49bb2dc7780. Related to #685 (Github Issue). We now automatically expose the APIs when Synapse Admin is enabled. 2020-10-27 19:33:37 +01:00
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Installing`

			`After configuring the playbook, run the [installation](installing.md) command again:`

			```
			`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`
			```

Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Add synapse-admin support Fixes #562 (Github Issue) 2020-07-22 07:10:26 +02:00			`## Usage`

			After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/`

			`To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server.`

			The Homeserver URL to use on Synapse Admin's login page is: `https://matrix.DOMAIN`
added config sample for synapse admin with traefik 2 2020-07-26 17:31:43 +02:00
Add example configuration for Caddy v2 (#1985) * Add example configuration for Caddy v2 Add a basic example how to get synapse-admin running behind Caddy v2 proxy. * Improve working, fix typos * Fix typos Co-authored-by: Slavi Pantaleev <slavi@devture.com> 2022-07-29 07:33:42 +02:00			`### Sample configuration for running behind Caddy v2`

			Below is a sample configuration for using this playbook with a [Caddy](https://caddyserver.com/v2) 2.0 reverse proxy (non-default configuration where `matrix-nginx-proxy` is disabled - `matrix_nginx_proxy_enabled: false`).

			```caddy
			`# This is a basic configuration that will function the same as the default nginx proxy - exposing the synapse-admin panel to matrix.YOURSERVER.com/synapse-admin/`
			`handle_path /synapse-admin* {`
			`reverse_proxy localhost:8766 {`
			`}`
			`}`
			```