๐Ÿ” Open Source & Self-Hosted

Your Own Matrix Chat Server

Deploy a private, encrypted messaging server in minutes. Everything runs on Docker โ€” one script sets up all containers, TLS, and firewall automatically.

๐Ÿš€ Get Started View on GitHub โ†’
~50MB
RAM Usage
5 min
Setup Time
Docker
Containerized
E2EE
Encrypted
MIT
License
Features

Why Matrix Conduit?

A lightweight, secure, and federated messaging server you can deploy on a small VPS in minutes.

๐Ÿ”’

End-to-End Encryption

All messages encrypted by default using Olm/Megolm. Not even the server can read your conversations.

๐Ÿ“ž

Voice & Video Calls

Built-in TURN/STUN server for encrypted voice and video calls with any Matrix client.

๐ŸŒ

Federation

Talk to users on other Matrix servers. Your server, their server โ€” one open network.

๐Ÿ›ก๏ธ

Auto TLS & Security

Automatic HTTPS with Caddy. Conduit runs isolated โ€” no port exposure. Zero maintenance certificates.

โšก

Lightweight

Uses ~50MB RAM. Written in Rust with embedded database. Perfect for minimal hardware.

๐Ÿ”ง

One-Script Deploy

Interactive installer handles Docker, TLS, firewall, and configuration. Up and running in minutes.

Under the Hood

What's Inside

No black boxes. Here's exactly what runs on your server and why each piece was chosen.

๐Ÿ’ฌ

Conduit

The Matrix homeserver. Written in Rust, single binary, ~50MB RAM. Uses RocksDB as its embedded database โ€” no external database needed. Implements the Matrix protocol for messaging, encryption, and federation.

Language: Rust  ยท  DB: RocksDB (embedded)  ยท  License: Apache-2.0
๐Ÿ”

Caddy

Reverse proxy & TLS. Handles all incoming traffic and terminates HTTPS. Automatically obtains and renews Let's Encrypt certificates โ€” zero manual certificate management. Conduit never touches the internet directly.

Certificates: Let's Encrypt (auto-renewed)  ยท  Ports: 80, 443, 8448
๐Ÿ“ž

Coturn

TURN/STUN server for calls. Enables voice and video calls by relaying media traffic through NAT. Without it, calls between users on different networks would fail. Runs alongside Conduit automatically.

Protocols: STUN + TURN  ยท  Ports: 3478 (UDP), 5349 (TCP/TLS)
๐Ÿณ

Docker & Compose

Container runtime. All three services (Conduit, Caddy, Coturn) run as isolated Docker containers on a shared internal network. No service exposes ports directly โ€” everything goes through Caddy.

Containers: 3  ยท  Network: Internal bridge (isolated)
๐Ÿ”’

Olm / Megolm

End-to-end encryption. The same cryptographic protocol family used by Signal. Messages are encrypted on the sender's device and decrypted only on the recipient's โ€” the server never sees plaintext.

Type: Double Ratchet (per-session)  ยท  Groups: Megolm (efficient group keys)
๐ŸŒ

Matrix Federation

Server-to-server protocol. Your users can message anyone on any other Matrix server (matrix.org, etc.). Federation uses port 8448 with TLS verification between servers. Fully optional โ€” you can disable it.

Port: 8448  ยท  Auth: Server key signatures  ยท  Optional: Yes
Installation

Quick Start

Download, run, answer a few questions โ€” your Matrix server is live.

Interactive Setup

Download the installer and run it. A friendly menu guides you through everything.

curl -o conduit-deploy.sh https://raw.githubusercontent.com/balnaimi/conduit-deploy/main/conduit-deploy.sh
chmod +x conduit-deploy.sh
sudo ./conduit-deploy.sh
๐Ÿ’ก
The script asks your domain, email, and preferred setup mode โ€” then does everything automatically.
๐Ÿ“– See the full step-by-step walkthrough โ†’
conduit-deploy.sh โ€” bash
โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ•โ•โ–ˆโ–ˆโ•”โ•โ•โ• โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘โ•šโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘ โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ•šโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•”โ•โ–ˆโ–ˆโ•‘ โ–ˆโ–ˆโ•‘ โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ• โ•šโ•โ•โ•โ•โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ•โ•โ•โ•โ• โ•šโ•โ• โ•šโ•โ• Matrix Homeserver Deploy Tool 1) Prepare โ€” What you need before installing 2) Install โ€” Deploy Matrix server 3) Health Check โ€” Verify services & security 4) Services โ€” Start/stop/restart/update/logs 5) Uninstall โ€” Remove everything 0) Exit Choose [0-5]: _

What happens on first install?

๐Ÿ—บ๏ธ Roadmap

Ideas for future improvements. No specific order โ€” contributions welcome!

๐Ÿ”ฅ High Impact

  • โ˜ Automatic scheduled backups
  • โ˜ Script self-update from GitHub
  • โ˜ Status dashboard (RAM, disk, users)

๐Ÿ’ก Nice to Have

  • โ˜ Admin account privileges
  • โ˜ Notifications (email/webhook/ntfy)
  • โ˜ Custom TURN domain
  • โ˜ User list & export

๐ŸŽจ Quality of Life

  • โ˜ Interactive config editor
  • โ˜ Log viewer with filtering
  • โ˜ Disk space alerts (80%+)

๐Ÿ”ฎ Future Ideas

  • โ˜ Federation testing tool
  • โ˜ Web admin panel
  • โ˜ Remote backup (S3/Backblaze)

Full list: TODO.md on GitHub

๐Ÿ–ฅ๏ธ Tested Environment

Built and tested on a specific setup. Not tested on other OS or providers.

๐ŸŒŠ
DigitalOcean
$6/mo Droplet
๐Ÿ’ป
1 CPU / 1 GB RAM
25 GB SSD
๐Ÿง
Debian 13
Trixie, 64-bit

Not affiliated with DigitalOcean โ€” just a long-time user who likes their service. The script may work on similar Debian-based systems, but has not been tested elsewhere.

โš ๏ธ Disclaimer

This is a personal project built for my own use and for friends. It's also a learning project. It covers the scenarios I needed โ€” it may not cover every edge case or environment. No warranty โ€” use at your own risk. You're free to fork, modify, and adapt it to your needs. Pull requests and suggestions are welcome!