Matrix and Element: Self-Hosted Messaging That Federates
Running your own chat server that still talks to everyone else's
The pitch for Matrix is the same one email made fifty years ago and instant messaging has spent its entire existence refusing to make: you run your server, I run mine, and we talk anyway. No walled garden, no single company holding the keys, no app that gets bought and shut down. After running a Matrix homeserver for my family and a handful of friends for a couple of years, I’m convinced it’s the only self-hosted messaging story that actually delivers federation rather than just promising it. It’s also fiddly in ways worth being honest about.
1 What “federated” actually buys you
Federation means your identity is @you:yourdomain.com, tied to a server you control, and you can join rooms and message people on matrix.org, tchncs.de, or anyone else’s homeserver as if you were all in the same building. When you send a message to a room that has members on five servers, your homeserver fans it out to all five. Each server keeps its own copy of the conversation history.
This is the genuinely good part and also the source of every operational surprise you’ll have. A busy room with thousands of federated members means your little server is now syncing state from dozens of other servers, and that state can be heavy.
2 Synapse, Dendrite, or Conduit
There are three server implementations worth knowing. Synapse is the reference, written in Python, by far the most mature and compatible — and the most resource-hungry. Dendrite (Go) and Conduit (Rust) are the lightweight challengers; Conduit in particular will run happily on a Raspberry Pi for a small group.
For a family server I’d genuinely now reach for Conduit. For anything where compatibility edge cases matter, Synapse remains the safe default. Here’s a minimal Synapse stack:
# docker-compose.yml
services:
synapse:
image: matrixdotorg/synapse:latest
restart: unless-stopped
environment:
SYNAPSE_SERVER_NAME: chat.example.com
SYNAPSE_REPORT_STATS: "no"
volumes:
- ./data:/data
depends_on:
- db
db:
image: postgres:16-alpine
restart: unless-stopped
environment:
POSTGRES_USER: synapse
POSTGRES_PASSWORD: changeme
POSTGRES_DB: synapse
POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C"
volumes:
- ./pgdata:/var/lib/postgresql/dataUse Postgres from the start. Synapse will let you run on SQLite and then quietly make your life miserable once the database grows.
3 The .well-known trap
The single most common reason a new homeserver “doesn’t federate” is server discovery. Other servers need to find yours, and they look at https://example.com/.well-known/matrix/server. If your Matrix server runs at chat.example.com but your identity is @you:example.com, you must publish a delegation file at the apex domain:
{ "m.server": "chat.example.com:443" }Get this wrong and everything works locally while the wider Matrix network silently can’t reach you. The official Federation Tester is the tool you run before declaring victory — paste your server name in and fix whatever it complains about.
4 Element, and the encryption you’ll forget about
Element is the de facto client — web, desktop and mobile, all polished. Point it at your homeserver URL at login and you’re in.
Matrix supports end-to-end encryption per room, and here’s the bit people trip over: encryption keys live on your devices, not the server. If you log out everywhere without backing up your keys, your encrypted history becomes unreadable even to you. Set up key backup the day you create the account. Cross-signing — verifying your own devices against each other — is what turns the alarming “unverified session” warnings into trust, and it’s worth doing properly rather than dismissing the prompts.
5 The honest operational cost
Synapse will eat RAM as your federated rooms grow; budget 1–2GB and watch it. The database grows relentlessly, and you’ll eventually run state compression and the purge-history API to keep it sane. Bridges to WhatsApp, Signal or Telegram exist and are clever, but each one is another service to babysit and a fresh security surface.
6 Is it worth it, and who is this for?
If you want a frictionless secure chat for non-technical relatives, just use Signal — it’s better at that exact job and requires nothing of you. Matrix is not the easy answer there.
Matrix is for the person who specifically wants the federated, self-owned model: an identity on a domain you control, history you keep, and the ability to participate in the wider open network without surrendering to anyone’s app. If that’s the itch, nothing else scratches it. Run Conduit for a small circle or Synapse if you need maximum compatibility, get .well-known right on the first try, back up your encryption keys before you do anything else, and accept that you’ve adopted a small server with ongoing needs. I have no regrets. My family’s chat history is mine, and it’ll outlive whichever messaging app is fashionable this year.
Related Content
