diff options
| author | lassulus <git@lassul.us> | 2023-06-26 12:55:25 +0200 |
|---|---|---|
| committer | lassulus <git@lassul.us> | 2023-07-02 19:50:23 +0200 |
| commit | e9ed4ea7ed2a35599e9b83f87b0e543cab782907 (patch) | |
| tree | 6f4f8890df10d0609449bd738a17dba0512c9f83 | |
| parent | 7c4c69956f301d372400a1958b42b22ca5e9d76d (diff) | |
l prism.r: add matrix service
| -rw-r--r-- | lass/1systems/prism/config.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/matrix.nix | 80 |
2 files changed, 81 insertions, 0 deletions
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e1f92c51..1faa23ec 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -138,6 +138,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/services/coms/jitsi.nix> <stockholm/lass/2configs/fysiirc.nix> <stockholm/lass/2configs/bgt-bot> + <stockholm/lass/2configs/matrix.nix> <stockholm/krebs/2configs/mastodon-proxy.nix> { services.tor = { diff --git a/lass/2configs/matrix.nix b/lass/2configs/matrix.nix new file mode 100644 index 00000000..cdcbe7ab --- /dev/null +++ b/lass/2configs/matrix.nix @@ -0,0 +1,80 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +{ + services.matrix-synapse = { + # synapse 1.60.0 errors during startup with: + # https://github.com/matrix-org/synapse/issues/15809 + package = pkgs.matrix-synapse.overrideAttrs (oldAttrs: rec { + version = "1.85.2"; + name = "matrix-synapse-${version}"; + src = pkgs.fetchFromGitHub { + owner = "matrix-org"; + repo = "synapse"; + rev = "v${version}"; + hash = "sha256-pFafBsisBPfpDnFYWcimUuBgfFVPZzLna3yHeqIBAAE="; + }; + cargoDeps = pkgs.rustPlatform.fetchCargoTarball { + inherit src; + name = "matrix-synapse-${version}"; + hash = "sha256-dnno+5Ma0YNYpmj3oZ5UG22uAanKwVT67BwQW+mHoFc="; + }; + doCheck = false; + }); + enable = true; + settings = { + server_name = "lassul.us"; + # registration_shared_secret = "yolo"; + database.name = "sqlite3"; + turn_uris = [ + "turn:turn.matrix.org?transport=udp" + "turn:turn.matrix.org?transport=tcp" + ]; + listeners = [ + { + port = 8008; + bind_addresses = [ "::1" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" ]; + compress = true; + } + { + names = [ "federation" ]; + compress = false; + } + ]; + } + ]; + }; + }; + services.nginx = { + virtualHosts = { + "lassul.us" = { + locations."= /.well-known/matrix/server".extraConfig = '' + add_header Content-Type application/json; + return 200 '${builtins.toJSON { + "m.server" = "matrix.lassul.us:443"; + }}'; + ''; + locations."= /.well-known/matrix/client".extraConfig = '' + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON { + "m.homeserver" = { "base_url" = "https://matrix.lassul.us"; }; + "m.identity_server" = { "base_url" = "https://vector.im"; }; + }}'; + ''; + }; + "matrix.lassul.us" = { + forceSSL = true; + enableACME = true; + locations."/_matrix" = { + proxyPass = "http://[::1]:8008"; + }; + }; + }; + }; +} |