diff --git a/flake.nix b/flake.nix index ca14c44e..63b2825a 100644 --- a/flake.nix +++ b/flake.nix @@ -221,8 +221,10 @@ systemModules = [ ./system/default.nix ]; serviceModules = [ ./services/adguardhome.nix + ./services/caddy.nix ./services/gitea.nix - ./services/navidrome.nix + ./services/grafana.nix + ./services/matrix.nix ./services/nextcloud.nix ./services/ntfy-sh.nix ./services/sshd.nix diff --git a/services/gitea.nix b/services/gitea.nix index c7a305cd..f0a0f88c 100644 --- a/services/gitea.nix +++ b/services/gitea.nix @@ -19,5 +19,5 @@ appName = "Gitea"; }; services.caddy.virtualHosts."git.xenia.me.uk".extraConfig = - "reverse_proxy http://localhost:3100 "; + "reverse_proxy http://localhost:3100"; } diff --git a/services/grafana.nix b/services/grafana.nix index 586f48c7..4b4a3ab5 100644 --- a/services/grafana.nix +++ b/services/grafana.nix @@ -1,6 +1,5 @@ -{ config, lib, pkgs, ... }: - -{ +{ ... }: { + imports = [ ./caddy.nix ]; services.grafana = { enable = true; settings = { @@ -11,4 +10,6 @@ }; }; }; + services.caddy.virtualHosts."grafana.xenia.me.uk".extraConfig = + "reverse_proxy http://localhost:3000"; } diff --git a/services/matrix.nix b/services/matrix.nix index 3a5fc5e3..6f279bc6 100644 --- a/services/matrix.nix +++ b/services/matrix.nix @@ -1,9 +1,5 @@ -{ pkgs, ... }: -let - baseUrl = "matrix.xenia.me.uk"; - port = 8008; -in { - imports = [ ../traefik/default.nix ]; +{ pkgs, ... }: { + imports = [ ./caddy.nix ]; services.postgresql.enable = true; services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; @@ -16,12 +12,7 @@ in { services = { matrix-synapse = { enable = true; - settings.server_name = "https://${baseUrl}"; - # The public base URL value must match the `base_url` value set in `clientConfig` above. - # The default value here is based on `server_name`, so if your `server_name` is different - # from the value of `fqdn` above, you will likely run into some mismatched domain names - # in client applications. - settings.public_baseurl = "https://${baseUrl}"; + settings.server_name = "xenia.me.uk"; settings.listeners = [{ bind_addresses = [ "127.0.0.1" ]; port = 8008; @@ -34,35 +25,15 @@ in { }]; }]; }; - traefik = { - staticConfigOptions.entryPoints.synapse-federation.address = ":8448"; - dynamicConfigOptions.http = { - routers = { - synapse-service = { - rule = "Host(`matrix.xenia.me.uk`)"; - entryPoints = [ "http" "https" ]; - service = "synapse-service"; - tls = { certResolver = "default"; }; - }; - synapse-federation-client = { - rule = "PathPrefix(`/.well-known/matrix/client)"; - entryPoints = [ "synapse-federation" ]; - service = "synapse-service"; - tls = { certResolver = "default"; }; - - }; - synapse-federation-server = { - rule = "PathPrefix(`/.well-known/matrix/server)"; - entryPoints = [ "synapse-federation" ]; - service = "synapse-service"; - tls = { certResolver = "default"; }; - }; - }; - services = { - synapse-service.loadBalancer.servers = - [{ url = "http://localhost:8008"; }]; - }; - }; - }; + caddy.virtualHosts."xenia.me.uk".extraConfig = '' + header /.well-known/matrix/* Content-Type application/json + header /.well-known/matrix/* Access-Control-Allow-Origin * + respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}` + respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"},"m.identity_server":{"base_url":"https://identity.xenia.me.uk"}}` + ''; + caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = '' + reverse_proxy /_matrix/* localhost:8008 + reverse_proxy /_synapse/client/* localhost:8008 + ''; }; }