From 654536019ec59902c4b7b4d660efcc309dbdbb2e Mon Sep 17 00:00:00 2001
From: Evie Litherland-Smith <evie@xenia.me.uk>
Date: Sun, 19 Nov 2023 10:02:23 +0000
Subject: [PATCH] Some more matrix config tweaks

---
 services/matrix/default.nix  | 40 +++++++++++++++++++++++++++---------
 services/traefik/default.nix |  2 +-
 2 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/services/matrix/default.nix b/services/matrix/default.nix
index effa2824..3a5fc5e3 100644
--- a/services/matrix/default.nix
+++ b/services/matrix/default.nix
@@ -23,8 +23,8 @@ in {
       # in client applications.
       settings.public_baseurl = "https://${baseUrl}";
       settings.listeners = [{
-        inherit port;
-        bind_addresses = [ "::1" ];
+        bind_addresses = [ "127.0.0.1" ];
+        port = 8008;
         type = "http";
         tls = false;
         x_forwarded = true;
@@ -34,15 +34,35 @@ in {
         }];
       }];
     };
-    traefik.dynamicConfigOptions.http = {
-      routers.gitea = {
-        rule = "Host(`${baseUrl}`)";
-        entryPoints = [ "http" "https" ];
-        service = "synapse-service";
-        tls = { certResolver = "default"; };
+    traefik = {
+      staticConfigOptions.entryPoints.synapse-federation.address = ":8448";
+      dynamicConfigOptions.http = {
+        routers = {
+          synapse-service = {
+            rule = "Host(`matrix.xenia.me.uk`)";
+            entryPoints = [ "http" "https" ];
+            service = "synapse-service";
+            tls = { certResolver = "default"; };
+          };
+          synapse-federation-client = {
+            rule = "PathPrefix(`/.well-known/matrix/client)";
+            entryPoints = [ "synapse-federation" ];
+            service = "synapse-service";
+            tls = { certResolver = "default"; };
+
+          };
+          synapse-federation-server = {
+            rule = "PathPrefix(`/.well-known/matrix/server)";
+            entryPoints = [ "synapse-federation" ];
+            service = "synapse-service";
+            tls = { certResolver = "default"; };
+          };
+        };
+        services = {
+          synapse-service.loadBalancer.servers =
+            [{ url = "http://localhost:8008"; }];
+        };
       };
-      services.synapse-service.loadBalancer.servers =
-        [{ url = "http://localhost:${port}"; }];
     };
   };
 }
diff --git a/services/traefik/default.nix b/services/traefik/default.nix
index 882ffbbb..23030eab 100644
--- a/services/traefik/default.nix
+++ b/services/traefik/default.nix
@@ -46,7 +46,7 @@
         };
         middlewares = {
           auth.basicAuth.users =
-            [ "xenia:$apr1$LB0wVd6I$BHVPIyh.F5Ewt9/7PqAtS." ];
+            [ "evie:$apr1$LB0wVd6I$BHVPIyh.F5Ewt9/7PqAtS." ];
           hsts.headers = {
             stsSeconds = "31536000";
             stsIncludeSubdomains = true;