{ pkgs, ... }: { imports = [ ./caddy.nix ]; services.postgresql.enable = true; services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" TEMPLATE template0 LC_COLLATE = "C" LC_CTYPE = "C"; ''; services = { matrix-synapse = { enable = true; settings.server_name = "xenia.me.uk"; settings.listeners = [{ bind_addresses = [ "127.0.0.1" ]; port = 8008; type = "http"; tls = false; x_forwarded = true; resources = [{ names = [ "client" "federation" ]; compress = true; }]; }]; extraConfigFiles = [ "/run/secrets/matrix-shared-secret" ]; }; caddy.virtualHosts."xenia.me.uk".extraConfig = '' header /.well-known/matrix/* Content-Type application/json header /.well-known/matrix/* Access-Control-Allow-Origin * respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}` respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"}}` ''; caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = '' reverse_proxy /_matrix/* localhost:8008 reverse_proxy /_synapse/client/* localhost:8008 ''; }; }