# Creating the dendrite user
    root # useradd -r -dm /var/lib/dendrite -s /sbin/nologin dendrite
     
    # Create a database using PostgreSQL
    root # su -l postgres -c 'createuser -P dendrite'
    root # su -l postgres -c 'createdb -O dendrite -E UTF-8 dendrite'
     
    # NGINX reverse proxy
    # This also includes irrelevant configuration for alnn.xyz
    # I disabled IPv6 globally on the system. Perhaps this will lead to less compatibility with other homeservers, but if another homeserver is IPv6, I don't care about them.
    # Snippet from /etc/nginx/sites-enabled/alnn.xyz:
    BEGIN
    server {
            listen 443 ssl;
            server_name alnn.xyz;
     
            ssl_certificate /var/lib/acme-client/certs/alnn.xyz.crt;
            ssl_certificate_key  /var/lib/acme-client/certs/alnn.xyz.key;
     
            # Matrix reverse-proxy server
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_read_timeout 600;
     
            location /.well-known/matrix/server {
                    return 200 '{ "m.server": "alnn.xyz:443" }';
            }
     
            location /.well-known/matrix/client {
                    return 200 '{ "m.homeserver": { "base_url": "https://alnn.xyz" } }';
            }
     
            location /_matrix {
                    proxy_pass http://localhost:8008;
            }
    }
    END
     
    # As for installing dendrite, we'll just build it ourselves.
    user $ git clone https://github.com/matrix-org/dendrite
    user $ cd dendrite
     
    # This requires "go" to be installed.
    user $ ./build.sh
     
    root # mkdir /var/lib/dendrite/bin
    root # cp bin/* /var/lib/dendrite/bin
    root # chmod -R 755 /var/lib/dendrite/bin 
    root # chown -R root:root /var/lib/dendrite/bin
     
    # Configuring Dendrite
    root # mkdir -m 750 /etc/dendrite
     
    # This is used for authenticating federation requests and events, keep it safe! 
    root # su -l -s /bin/sh dendrite -c '/var/lib/dendrite/bin/generate-keys --private-key /var/lib/dendrite/matrix_key.pem'
     
    root # mkdir -m 
    /etc/dendrite/dendrite.yaml:
    BEGIN
    # The version of the configuration file.
    version: 2
     
    # Global Matrix configuration.
    global:
      server_name: alnn.xyz
     
      # Signing key
      private_key: /var/lib/dendrite/matrix_key.pem
      key_validity_period: 168h0m0s
     
      # Database
      # Change the password
      database:
        connection_string: postgresql://dendrite:PASSWORD@localhost/dendrite?sslmode=disable
        max_open_conns: 96
        max_idle_conns: 5
        conn_max_lifetime: -1
     
      # Cache
      cache:
        max_size_estimated: 4gb
        max_age: 1h
     
      # Use same hostname used earlier in NGINX reverse-proxy configuration
      well_known_server_name: "alnn.xyz:443"
      well_known_client_name: "https://alnn.xyz"
     
      # Federation
      disable_federation: false
      presence:
        enable_inbound: true
        enable_outbound: false
     
    federation_api:
      send_max_retries: 16
      disable_tls_validation: false
      disable_http_keepalives: false
      key_perspectives:
        - server_name: matrix.org
          keys:
            - key_id: ed25519:auto
              public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
            - key_id: ed25519:a_RXGa
              public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
     
    # Disable telemetry
    report_stats:
      enabled: false
     
    # Client API
    client_api:
      registration_disabled: true
      guests_disabled: true
      registration_shared_secret: "CHANGETHIS"
      enable_registration_captcha: false
     
    # Media
    media_api:
      base_path: /var/lib/dendrite/media-store/
      # 40MB max filesize for media
      max_file_size_bytes: 41943040
      dynamic_thumbnails: true
      max_thumbnail_generators: 10
     
    # Sync API
    sync_api:
      # Required if behind reverse-proxy
      real_ip_header: X-Real-IP
      # Search
      search:
        enabled: true
        index_path: "/var/lib/dendrite/search-index"
        language: "en"
     
    # Logging
    logging:
      - type: file
        level: info
        params:
          path: /var/lib/dendrite/logs/	
    END
     
    root # chown -R root:dendrite /etc/dendrite
     
    # Service
    /etc/init.d/dendrite
    BEGIN
    #!/sbin/openrc-run
    supervisor=supervise-daemon
     
    name="Dendrite"
    description="Second-generation Matrix homeserver written in Go"
     
    : ${dendrite_config:="/etc/dendrite/dendrite.yaml"}
     
    command="/var/lib/dendrite/bin/dendrite-monolith-server"
    command_args="-config $dendrite_config $dendrite_opts"
    command_user="dendrite:dendrite"
     
    # make relative paths in config relative to the state directory
    directory="/var/lib/dendrite"
     
    depend() {
            need net
            after firewall
    }
     
    start_pre() {
            checkpath --directory --owner "$command_user" --mode 750 /var/lib/dendrite
            checkpath --directory --owner "$command_user" --mode 750 /var/log/dendrite
    }
    END
     
    root # rc-service dendrite start