Add matrix and grafana services

This commit is contained in:
Evie Litherland-Smith 2023-11-23 08:40:32 +00:00
parent c4932e0738
commit d263870777
4 changed files with 21 additions and 47 deletions

View file

@ -221,8 +221,10 @@
systemModules = [ ./system/default.nix ]; systemModules = [ ./system/default.nix ];
serviceModules = [ serviceModules = [
./services/adguardhome.nix ./services/adguardhome.nix
./services/caddy.nix
./services/gitea.nix ./services/gitea.nix
./services/navidrome.nix ./services/grafana.nix
./services/matrix.nix
./services/nextcloud.nix ./services/nextcloud.nix
./services/ntfy-sh.nix ./services/ntfy-sh.nix
./services/sshd.nix ./services/sshd.nix

View file

@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }: { ... }: {
imports = [ ./caddy.nix ];
{
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { settings = {
@ -11,4 +10,6 @@
}; };
}; };
}; };
services.caddy.virtualHosts."grafana.xenia.me.uk".extraConfig =
"reverse_proxy http://localhost:3000";
} }

View file

@ -1,9 +1,5 @@
{ pkgs, ... }: { pkgs, ... }: {
let imports = [ ./caddy.nix ];
baseUrl = "matrix.xenia.me.uk";
port = 8008;
in {
imports = [ ../traefik/default.nix ];
services.postgresql.enable = true; services.postgresql.enable = true;
services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
@ -16,12 +12,7 @@ in {
services = { services = {
matrix-synapse = { matrix-synapse = {
enable = true; enable = true;
settings.server_name = "https://${baseUrl}"; settings.server_name = "xenia.me.uk";
# The public base URL value must match the `base_url` value set in `clientConfig` above.
# The default value here is based on `server_name`, so if your `server_name` is different
# from the value of `fqdn` above, you will likely run into some mismatched domain names
# in client applications.
settings.public_baseurl = "https://${baseUrl}";
settings.listeners = [{ settings.listeners = [{
bind_addresses = [ "127.0.0.1" ]; bind_addresses = [ "127.0.0.1" ];
port = 8008; port = 8008;
@ -34,35 +25,15 @@ in {
}]; }];
}]; }];
}; };
traefik = { caddy.virtualHosts."xenia.me.uk".extraConfig = ''
staticConfigOptions.entryPoints.synapse-federation.address = ":8448"; header /.well-known/matrix/* Content-Type application/json
dynamicConfigOptions.http = { header /.well-known/matrix/* Access-Control-Allow-Origin *
routers = { respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}`
synapse-service = { respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"},"m.identity_server":{"base_url":"https://identity.xenia.me.uk"}}`
rule = "Host(`matrix.xenia.me.uk`)"; '';
entryPoints = [ "http" "https" ]; caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''
service = "synapse-service"; reverse_proxy /_matrix/* localhost:8008
tls = { certResolver = "default"; }; reverse_proxy /_synapse/client/* localhost:8008
}; '';
synapse-federation-client = {
rule = "PathPrefix(`/.well-known/matrix/client)";
entryPoints = [ "synapse-federation" ];
service = "synapse-service";
tls = { certResolver = "default"; };
};
synapse-federation-server = {
rule = "PathPrefix(`/.well-known/matrix/server)";
entryPoints = [ "synapse-federation" ];
service = "synapse-service";
tls = { certResolver = "default"; };
};
};
services = {
synapse-service.loadBalancer.servers =
[{ url = "http://localhost:8008"; }];
};
};
};
}; };
} }