Jimbo/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix matrix

Browse source
This commit is contained in:
Jimbo 2025-01-02 00:43:00 -05:00
parent 872abb1522
commit 6a4fce5a37
6 changed files with 43 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
modules/system/services/server/nginx/virtualhosts/default.nix
View file

@ -1,6 +1,7 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./p1
./p2 ./p2
]; ];
} }

26
modules/system/services/server/nginx/virtualhosts/p1/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts."${config.domains.p1}" = lib.mkIf config.system.server.enable {
enableACME = true;
addSSL = true;
locations = {
"/.well-known/matrix/client".extraConfig = ''
default_type application/json;
return 200 '
{
"m.homeserver": {
"base_url": "https://matrix.${config.domains.p1}"
},
"m.identity_server": {
"base_url": "https://matrix.org"
}
}
';
'';
"/.well-known/matrix/server".extraConfig = ''
default_type application/json;
return 200 '{ "m.server": "matrix.${config.domains.p1}:443" }';
'';
};
};
}

23
modules/system/services/server/nginx/virtualhosts/p2/default.nix
View file

@ -4,28 +4,5 @@
enableACME = true; enableACME = true;
addSSL = true; addSSL = true;
root = "/var/www/landing-page"; root = "/var/www/landing-page";
locations = {
"/.well-known/matrix/client".extraConfig = ''
default_type application/json;
return 200 '
{
"m.homeserver": {
"base_url": "https://matrix.${config.domains.p2}"
},
"m.identity_server": {
"base_url": "https://matrix.org"
},
"org.matrix.msc3575.proxy": {
"url": "https://matrix.${config.domains.p2}"
}
}
';
'';
"/.well-known/matrix/server".extraConfig = ''
default_type application/json;
return 200 '{ "m.server": "matrix.${config.domains.p2}:443" }';
'';
};
}; };
} }

2
modules/system/services/server/social/matrix/element/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
{ {
services.nginx.virtualHosts."chat.${config.domains.p1}" = lib.mkIf config.services.matrix-synapse.enable { services.nginx.virtualHosts."chat.${config.domains.p2}" = lib.mkIf config.services.matrix-synapse.enable {
enableACME = true; enableACME = true;
addSSL = true; addSSL = true;
root = "${pkgs.element-web}"; root = "${pkgs.element-web}";

18
modules/system/services/server/social/matrix/synapse/default.nix
View file

@ -1,5 +1,9 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
{ {
imports = [
./nginx
];
services.matrix-synapse = { services.matrix-synapse = {
enable = config.system.server.enable; enable = config.system.server.enable;
settings = { settings = {
@ -11,7 +15,13 @@
{ {
port = 8008; port = 8008;
bind_addresses = [ "::" "0.0.0.0" ]; bind_addresses = [ "::" "0.0.0.0" ];
resources = [ { compress = true; names = [ "client" "federation" ]; } ]; resources = [{
compress = true;
names = [
"client"
"federation"
];
}];
type = "http"; type = "http";
tls = false; tls = false;
x_forwarded = true; x_forwarded = true;
@ -19,7 +29,7 @@
]; ];
email = { email = {
notif_from = "Jimbo's Matrix <noreply@${config.domains.p1}>"; notif_from = "NixFox Matrix <noreply@${config.domains.p1}>";
smtp_host = "mx.${config.domains.p1}"; smtp_host = "mx.${config.domains.p1}";
smtp_user = "noreply@${config.domains.p1}"; smtp_user = "noreply@${config.domains.p1}";
smtp_pass = config.secrets.noreplyPassword; smtp_pass = config.secrets.noreplyPassword;
@ -33,10 +43,6 @@
# Allow only this range of emails # Allow only this range of emails
allowed_local_3pids = [ allowed_local_3pids = [
{
medium = "email";
pattern = ''^[^@]+@jimbosfiles\.com$'';
}
{ {
medium = "email"; medium = "email";
pattern = ''^[^@]+@nixfox\.ca$''; pattern = ''^[^@]+@nixfox\.ca$'';

7
modules/system/services/server/social/matrix/synapse/nginx/default.nix
View file

@ -1,13 +1,12 @@
{ config, ... }: { config, lib, ... }:
{ {
services.nginx.virtualHosts."matrix.${config.domains.p1}" = { services.nginx.virtualHosts."matrix.${config.domains.p1}" = lib.mkIf config.services.matrix-synapse.enable {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations = { locations = {
"/".extraConfig = ''return 403;''; "/".extraConfig = ''return 403;'';
"/client".proxyPass = "http://127.0.0.1:8009"; "/client".proxyPass = "http://127.0.0.1:8008";
"/_matrix".proxyPass = "http://127.0.0.1:8008"; "/_matrix".proxyPass = "http://127.0.0.1:8008";
"/_matrix/client/unstable/org.matrix.msc3575/sync".proxyPass = "http://127.0.0.1:8009";
"/_synapse/client".proxyPass = "http://127.0.0.1:8008"; "/_synapse/client".proxyPass = "http://127.0.0.1:8008";
}; };
}; };