nixos/system/services/matrix-synapse.nix

{...}: let
  baseUrl = "xenia.me.uk";
  port = 8008;
in {
  imports = [./caddy.nix];
  services = {
    matrix-synapse = {
      enable = true;
      settings = {
        server_name = baseUrl;
        public_baseurl = baseUrl;
        listeners = [
          {
            inherit port;
            bind_addresses = ["127.0.0.1" "::1"];
            type = "http";
            tls = false;
            x_forwarded = true;
            resources = [
              {
                names = ["client" "federation"];
                compress = true;
              }
            ];
          }
        ];
      };
      extraConfigFiles = ["/run/secrets/matrix-shared-secret"];
    };
    caddy.virtualHosts."xenia.me.uk".extraConfig = ''
      header /.well-known/matrix/* Content-Type application/json
      header /.well-known/matrix/* Access-Control-Allow-Origin *
      respond /.well-known/matrix/server `{"m.server": "matrix.${baseUrl}:443"}`
      respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.${baseUrl}"}}`
    '';
    caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''
      reverse_proxy /_matrix/* localhost:${port}
      reverse_proxy /_synapse/client/* localhost:${port}
    '';
  };
}
Update (and rename) matrix-synapse service file 2024-06-10 07:42:56 +01:00			`{...}: let`
			`baseUrl = "xenia.me.uk";`
			`port = 8008;`
			`in {`
			`imports = [./caddy.nix];`
			`services = {`
			`matrix-synapse = {`
			`enable = true;`
			`settings = {`
			`server_name = baseUrl;`
			`public_baseurl = baseUrl;`
			`listeners = [`
			`{`
			`inherit port;`
			`bind_addresses = ["127.0.0.1" "::1"];`
			`type = "http";`
			`tls = false;`
			`x_forwarded = true;`
			`resources = [`
			`{`
			`names = ["client" "federation"];`
			`compress = true;`
			`}`
			`];`
			`}`
			`];`
			`};`
			`extraConfigFiles = ["/run/secrets/matrix-shared-secret"];`
			`};`
			`caddy.virtualHosts."xenia.me.uk".extraConfig = ''`
			`header /.well-known/matrix/* Content-Type application/json`
			`header /.well-known/matrix/* Access-Control-Allow-Origin *`
			respond /.well-known/matrix/server `{"m.server": "matrix.${baseUrl}:443"}`
			respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.${baseUrl}"}}`
			`'';`
			`caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''`
			`reverse_proxy /_matrix/* localhost:${port}`
			`reverse_proxy /_synapse/client/* localhost:${port}`
			`'';`
			`};`
			`}`