matrix_init
This commit is contained in:
admin
parent
b8e5166a0f
commit
cfd81ee9fe
|
|
@ -13,6 +13,7 @@
|
|||
./audiobooks.nix
|
||||
./jellyfin.nix
|
||||
./filebrowser.nix
|
||||
./matrix.nix
|
||||
];
|
||||
|
||||
};
|
||||
|
|
|
|||
86
matrix.nix
Normal file
86
matrix.nix
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
domain = "sondell.org";
|
||||
hostName = "matrix";
|
||||
fqdn = "${hostName}.${domain}";
|
||||
baseUrl = "https://${fqdn}";
|
||||
clientConfig."m.homeserver".base_url = baseUrl;
|
||||
serverConfig."m.server" = "${fqdn}:443";
|
||||
mkWellKnown = data: ''
|
||||
default_type application/json;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
return 200 '${builtins.toJSON data}';
|
||||
'';
|
||||
in
|
||||
{
|
||||
#
|
||||
services.matrix-synapse = {
|
||||
enable = true;
|
||||
settings.enable_registration = true;
|
||||
settings.enable_registration_without_verification = true;
|
||||
settings.server_name = domain;
|
||||
settings.public_baseurl = baseUrl;
|
||||
settings.listeners = [
|
||||
{
|
||||
port = 8008;
|
||||
type = "http";
|
||||
tls = false;
|
||||
x_forwarded = true;
|
||||
resources = [
|
||||
{
|
||||
names = [ "client" "federation" ];
|
||||
compress = true;
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
};
|
||||
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
initialScript = pkgs.writeText "synapse-init.sql" ''
|
||||
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
|
||||
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
|
||||
TEMPLATE template0
|
||||
LC_COLLATE = "C"
|
||||
LC_CTYPE = "C";
|
||||
'';
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
${fqdn} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".extraConfig = ''
|
||||
return 404;
|
||||
'';
|
||||
# Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash
|
||||
# *must not* be used here.
|
||||
locations."/_matrix".proxyPass = "http://[::1]:8008";
|
||||
# Forward requests for e.g. SSO and password-resets.
|
||||
locations."/_synapse/client".proxyPass = "http://[::1]:8008";
|
||||
};
|
||||
|
||||
${domain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8008";
|
||||
};
|
||||
# This section is not needed if the server_name of matrix-synapse is equal to
|
||||
# the domain (i.e. example.org from @foo:example.org) and the federation port
|
||||
# is 8448.
|
||||
# Further reference can be found in the docs about delegation under
|
||||
# https://element-hq.github.io/synapse/latest/delegate.html
|
||||
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
|
||||
# This is usually needed for homeserver discovery (from e.g. other Matrix clients).
|
||||
# Further reference can be found in the upstream docs at
|
||||
# https://spec.matrix.org/latest/client-server-api/#getwell-knownmatrixclient
|
||||
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
Loading…
Reference in a new issue