summaryrefslogtreecommitdiffstats
path: root/lass/2configs/matrix.nix
blob: 1d6a8663edbd34372f6726e6d3daa896f67bdb07 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
  services.matrix-synapse = {
    enable = true;
    settings = {
      server_name = "lassul.us";
      # registration_shared_secret = "yolo";
      database.name = "sqlite3";
      turn_uris  = [
        "turn:turn.matrix.org?transport=udp"
        "turn:turn.matrix.org?transport=tcp"
      ];
      listeners = [
        {
          port = 8008;
          bind_addresses = [ "::1" ];
          type = "http";
          tls = false;
          x_forwarded = true;
          resources = [
            {
              names = [ "client" ];
              compress = true;
            }
            {
              names = [ "federation" ];
              compress = false;
            }
          ];
        }
      ];
    };
  };
  services.nginx = {
    virtualHosts = {
      "lassul.us" = {
        locations."= /.well-known/matrix/server".extraConfig = ''
          add_header Content-Type application/json;
          return 200 '${builtins.toJSON {
            "m.server" = "matrix.lassul.us:443";
          }}';
        '';
        locations."= /.well-known/matrix/client".extraConfig = ''
          add_header Content-Type application/json;
          add_header Access-Control-Allow-Origin *;
          return 200 '${builtins.toJSON {
            "m.homeserver" = { "base_url" = "https://matrix.lassul.us"; };
            "m.identity_server" = { "base_url" = "https://vector.im"; };
          }}';
        '';
      };
      "matrix.lassul.us" = {
        forceSSL = true;
        enableACME = true;
        locations."/_matrix" = {
          proxyPass = "http://[::1]:8008";
        };
      };
    };
  };
}