diff options
| author | andromeda <andromeda@lenovo> | 2026-01-26 21:40:03 +0100 |
|---|---|---|
| committer | andromeda <andromeda@lenovo> | 2026-01-26 21:40:03 +0100 |
| commit | 8c0db96ca409b93313111352a2cc454281c8285e (patch) | |
| tree | 41d2050a40ae15c26334898233791eeb4b7bc455 /modules/nixos/matrix-synapse.nix | |
| parent | 2386fea0ebfedd486e8945b19b3ff4898c29a75e (diff) | |
robot, also continuwuity, also zramrobotnix
Diffstat (limited to 'modules/nixos/matrix-synapse.nix')
| -rw-r--r-- | modules/nixos/matrix-synapse.nix | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/modules/nixos/matrix-synapse.nix b/modules/nixos/matrix-synapse.nix deleted file mode 100644 index f47c4f4..0000000 --- a/modules/nixos/matrix-synapse.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: let - fqdn = "${config.networking.hostName}.${config.networking.domain}"; - baseUrl = "https://${fqdn}"; - clientConfig."m.homeserver".base_url = baseUrl; - serverConfig."m.server" = "${fqdn}:443"; - mkWellKnown = data: '' - default_type application/json; - add_header Access-Control-Allow-Origin *; - return 200 '${builtins.toJSON data}'; - ''; -in { - services.postgresql.enable = true; - services.nginx = { - enable = true; - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedGzipSettings = true; - recommendedProxySettings = true; - virtualHosts = { - "${config.networking.domain}" = { - enableACME = true; - forceSSL = true; - locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; - locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; - }; - "${fqdn}" = { - enableACME = true; - forceSSL = true; - locations."/".extraConfig = '' - return 404; - ''; - locations."/_matrix".proxyPass = "http://[::1]:8008"; - locations."/_synapse/client".proxyPass = "http://[::1]:8008"; - }; - }; - }; - services.matrix-synapse = { - enable = true; - settings.server_name = config.networking.domain; - settings.public_baseurl = baseUrl; - settings.listeners = [ - { - port = 8008; - bind_addresses = ["::1"]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ - "client" - "federation" - ]; - compress = true; - } - ]; - } - ]; - }; -} |