nixos/services/matrix.nix

45 lines
1.4 KiB
Nix

{pkgs, ...}: {
imports = [./caddy.nix];
services.postgresql.enable = true;
services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'';
services = {
matrix-synapse = {
enable = true;
settings.server_name = "xenia.me.uk";
settings.listeners = [
{
bind_addresses = ["127.0.0.1"];
port = 8008;
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = ["client" "federation"];
compress = true;
}
];
}
];
extraConfigFiles = ["/run/secrets/matrix-shared-secret"];
};
caddy.virtualHosts."xenia.me.uk".extraConfig = ''
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}`
respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"}}`
'';
caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''
reverse_proxy /_matrix/* localhost:8008
reverse_proxy /_synapse/client/* localhost:8008
'';
};
}