pixelifytica/nixos
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add matrix and grafana services

Browse source
This commit is contained in:
Evie Litherland-Smith 2023-11-23 08:40:32 +00:00
parent c4932e0738
commit d263870777
4 changed files with 21 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -221,8 +221,10 @@
systemModules = [ ./system/default.nix ];
serviceModules = [
./services/adguardhome.nix
./services/caddy.nix
./services/gitea.nix
./services/navidrome.nix
./services/grafana.nix
./services/matrix.nix
./services/nextcloud.nix
./services/ntfy-sh.nix
./services/sshd.nix

2
services/gitea.nix
View file

@ -19,5 +19,5 @@
appName = "Gitea";
};
services.caddy.virtualHosts."git.xenia.me.uk".extraConfig =
"reverse_proxy http://localhost:3100 ";
"reverse_proxy http://localhost:3100";
}

7
services/grafana.nix
View file

@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
{
{ ... }: {
imports = [ ./caddy.nix ];
services.grafana = {
enable = true;
settings = {
@ -11,4 +10,6 @@
};
};
};
services.caddy.virtualHosts."grafana.xenia.me.uk".extraConfig =
"reverse_proxy http://localhost:3000";
}

55
services/matrix.nix
View file

@ -1,9 +1,5 @@
{ pkgs, ... }:
let
baseUrl = "matrix.xenia.me.uk";
port = 8008;
in {
imports = [ ../traefik/default.nix ];
{ pkgs, ... }: {
imports = [ ./caddy.nix ];
services.postgresql.enable = true;
services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
@ -16,12 +12,7 @@ in {
services = {
matrix-synapse = {
enable = true;
settings.server_name = "https://${baseUrl}";
# The public base URL value must match the `base_url` value set in `clientConfig` above.
# The default value here is based on `server_name`, so if your `server_name` is different
# from the value of `fqdn` above, you will likely run into some mismatched domain names
# in client applications.
settings.public_baseurl = "https://${baseUrl}";
settings.server_name = "xenia.me.uk";
settings.listeners = [{
bind_addresses = [ "127.0.0.1" ];
port = 8008;
@ -34,35 +25,15 @@ in {
}];
}];
};
traefik = {
staticConfigOptions.entryPoints.synapse-federation.address = ":8448";
dynamicConfigOptions.http = {
routers = {
synapse-service = {
rule = "Host(`matrix.xenia.me.uk`)";
entryPoints = [ "http" "https" ];
service = "synapse-service";
tls = { certResolver = "default"; };
};
synapse-federation-client = {
rule = "PathPrefix(`/.well-known/matrix/client)";
entryPoints = [ "synapse-federation" ];
service = "synapse-service";
tls = { certResolver = "default"; };
};
synapse-federation-server = {
rule = "PathPrefix(`/.well-known/matrix/server)";
entryPoints = [ "synapse-federation" ];
service = "synapse-service";
tls = { certResolver = "default"; };
};
};
services = {
synapse-service.loadBalancer.servers =
[{ url = "http://localhost:8008"; }];
};
};
};
caddy.virtualHosts."xenia.me.uk".extraConfig = ''
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}`
respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"},"m.identity_server":{"base_url":"https://identity.xenia.me.uk"}}`
'';
caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''
reverse_proxy /_matrix/* localhost:8008
reverse_proxy /_synapse/client/* localhost:8008
'';
};
}