2024-09-14 19:55:57 +05:30
|
|
|
{ config, pkgs, ... }:
|
|
|
|
let
|
|
|
|
inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
|
|
|
|
domainName = "matrix.acomputer.lol";
|
|
|
|
in
|
|
|
|
{
|
2024-09-09 19:22:31 +05:30
|
|
|
sops = {
|
|
|
|
secrets = {
|
|
|
|
"matrix/syncv3_secret" = {
|
|
|
|
mode = "444";
|
|
|
|
owner = config.users.users.root.name;
|
2024-09-14 19:55:57 +05:30
|
|
|
inherit (config.users.users.root) group;
|
2024-09-09 19:22:31 +05:30
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-07-20 23:16:33 +05:30
|
|
|
services = {
|
2024-09-14 19:55:57 +05:30
|
|
|
caddy.virtualHosts."${domainName}" = {
|
|
|
|
logFormat = logFormat domainName;
|
2024-07-20 23:16:33 +05:30
|
|
|
extraConfig = ''
|
2024-09-09 19:22:31 +05:30
|
|
|
reverse_proxy /client/* 127.0.0.1:8009
|
|
|
|
reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009
|
2024-07-20 23:16:33 +05:30
|
|
|
reverse_proxy /_matrix/* 127.0.0.1:8008
|
2024-09-09 19:22:31 +05:30
|
|
|
reverse_proxy /_dendrite/* 127.0.0.1:8008
|
2024-07-20 23:16:33 +05:30
|
|
|
reverse_proxy /_synapse/* 127.0.0.1:8008
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
frp.settings.proxies = [
|
|
|
|
{
|
2024-09-14 19:55:57 +05:30
|
|
|
name = "http.${domainName}";
|
2024-07-20 23:16:33 +05:30
|
|
|
type = "http";
|
2024-09-14 19:55:57 +05:30
|
|
|
customDomains = [ "${domainName}" ];
|
2024-07-20 23:16:33 +05:30
|
|
|
localPort = 80;
|
|
|
|
transport.useCompression = true;
|
|
|
|
}
|
|
|
|
{
|
2024-09-14 19:55:57 +05:30
|
|
|
name = "https.${domainName}";
|
2024-07-20 23:16:33 +05:30
|
|
|
type = "https";
|
2024-09-14 19:55:57 +05:30
|
|
|
customDomains = [ "${domainName}" ];
|
2024-07-20 23:16:33 +05:30
|
|
|
localPort = 443;
|
|
|
|
transport.useCompression = true;
|
|
|
|
}
|
|
|
|
];
|
2024-09-09 19:22:31 +05:30
|
|
|
matrix-sliding-sync = {
|
|
|
|
enable = true;
|
|
|
|
settings = {
|
2024-09-14 19:55:57 +05:30
|
|
|
SYNCV3_SERVER = "https://${domainName}";
|
2024-09-09 19:22:31 +05:30
|
|
|
SYNCV3_BINDADDR = "127.0.0.1:8009";
|
|
|
|
SYNCV3_DB = "postgresql://dendrite@localhost/dendrite?sslmode=disable";
|
|
|
|
};
|
|
|
|
environmentFile = config.sops.secrets."matrix/syncv3_secret".path;
|
|
|
|
};
|
2024-07-20 23:16:33 +05:30
|
|
|
};
|
|
|
|
systemd.services.dendrite = {
|
|
|
|
description = "Dendrite Matrix homeserver";
|
|
|
|
after = [ "network.target" ];
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
unitConfig.RequiresMountsFor = [ "/mnt/data" ];
|
|
|
|
serviceConfig = {
|
|
|
|
Type = "simple";
|
|
|
|
User = "dendrite";
|
|
|
|
Group = "dendrite";
|
|
|
|
StateDirectory = "dendrite";
|
|
|
|
WorkingDirectory = "/mnt/data/dendrite";
|
|
|
|
RuntimeDirectory = "dendrite";
|
|
|
|
RuntimeDirectoryMode = "0700";
|
|
|
|
LimitNOFILE = 65535;
|
|
|
|
ExecStart = ''
|
|
|
|
${pkgs.dendrite}/bin/dendrite -http-bind-address 127.0.0.1:8008 -config ${./config.yaml}
|
|
|
|
'';
|
|
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
|
|
|
Restart = "on-failure";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
users.users.dendrite = {
|
|
|
|
name = "dendrite";
|
|
|
|
description = "Dendrite server user";
|
|
|
|
home = "/mnt/data/dendrite";
|
|
|
|
createHome = true;
|
|
|
|
group = "dendrite";
|
|
|
|
isSystemUser = true;
|
|
|
|
};
|
|
|
|
users.groups.dendrite = { };
|
|
|
|
}
|