diff options
| author | sils <sils@sils.li> | 2023-06-06 10:23:07 +0200 |
|---|---|---|
| committer | sils <sils@sils.li> | 2023-06-06 10:23:07 +0200 |
| commit | 9465eb624aab87adc9a5bf3b3d3ba96c8eb3e2a2 (patch) | |
| tree | 6301db25e4dc7bbf12e39dadae817376d0640f9c /system/services/matrix/conduit | |
| parent | Feat(system/matrix/conduit): Add matrix-conduit (diff) | |
| download | nixos-server-9465eb624aab87adc9a5bf3b3d3ba96c8eb3e2a2.zip | |
Revert: Remove Conduit
It didn't deploy either and we'd probably use synapse anyway
This reverts commit fbba7df4b7c9de5b1926612647e1d9d06b7d22cf.
Diffstat (limited to 'system/services/matrix/conduit')
| -rw-r--r-- | system/services/matrix/conduit/default.nix | 125 |
1 files changed, 0 insertions, 125 deletions
diff --git a/system/services/matrix/conduit/default.nix b/system/services/matrix/conduit/default.nix deleted file mode 100644 index e583ca4..0000000 --- a/system/services/matrix/conduit/default.nix +++ /dev/null @@ -1,125 +0,0 @@ -# vim: ts=2 -{ - config, - pkgs, - flake-inputs, - ... -}: let - server_name = "vhack.eu"; - - matrix_hostname = "matrix.${server_name}"; - - well_known_server = pkgs.writeText "well-known-matrix-server" '' - { - "m.server": "${matrix_hostname}" - } - ''; - - well_known_client = pkgs.writeText "well-known-matrix-client" '' - { - "m.homeserver": { - "base_url": "https://${matrix_hostname}" - } - } - ''; -in { - services.matrix-conduit = { - enable = true; - - settings.global = { - inherit server_name; - database_backend = "rocksdb"; - trusted_servers = ["matrix.org" "sils.li" "asra.gr"]; - allow_registration = false; - }; - }; - - # Configure NGINX as a reverse proxy - services.nginx = { - enable = true; - recommendedProxySettings = true; - - virtualHosts = { - "${matrix_hostname}" = { - forceSSL = true; - enableACME = true; - - listen = [ - { - addr = "0.0.0.0"; - port = 443; - ssl = true; - } - { - addr = "0.0.0.0"; - port = 8448; - ssl = true; - } - { - addr = "::0"; - port = 443; - ssl = true; - } - { - addr = "::0"; - port = 8448; - ssl = true; - } - ]; - - locations."/_matrix/" = { - proxyPass = "http://backend_conduit$request_uri"; - proxyWebsockets = true; - extraConfig = '' - proxy_set_header Host $host; - proxy_buffering off; - ''; - }; - - extraConfig = '' - merge_slashes off; - ''; - }; - - "${server_name}" = { - forceSSL = true; - enableACME = true; - - locations."=/.well-known/matrix/server" = { - # Use the contents of the derivation built previously - alias = "${well_known_server}"; - - extraConfig = '' - # Set the header since by default NGINX thinks it's just bytes - default_type application/json; - ''; - }; - - locations."=/.well-known/matrix/client" = { - # Use the contents of the derivation built previously - alias = "${well_known_client}"; - - extraConfig = '' - # Set the header since by default NGINX thinks it's just bytes - default_type application/json; - - # https://matrix.org/docs/spec/client_server/r0.4.0#web-browser-clients - add_header Access-Control-Allow-Origin "*"; - ''; - }; - }; - }; - - upstreams = { - "backend_conduit" = { - servers = { - "localhost:${toString config.services.matrix-conduit.settings.global.port}" = {}; - }; - }; - }; - }; - - # Open firewall ports for HTTP, HTTPS, and Matrix federation - networking.firewall.allowedTCPPorts = [80 443 8448]; - networking.firewall.allowedUDPPorts = [80 443 8448]; -} |