41 lines
1.4 KiB
Nix
41 lines
1.4 KiB
Nix
{ pkgs, ... }: {
|
|
imports = [ ./caddy.nix ];
|
|
services.postgresql.enable = true;
|
|
services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
|
|
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
|
|
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
|
|
TEMPLATE template0
|
|
LC_COLLATE = "C"
|
|
LC_CTYPE = "C";
|
|
'';
|
|
|
|
services = {
|
|
matrix-synapse = {
|
|
enable = true;
|
|
settings.server_name = "xenia.me.uk";
|
|
settings.listeners = [{
|
|
bind_addresses = [ "127.0.0.1" ];
|
|
port = 8008;
|
|
type = "http";
|
|
tls = false;
|
|
x_forwarded = true;
|
|
resources = [{
|
|
names = [ "client" "federation" ];
|
|
compress = true;
|
|
}];
|
|
}];
|
|
extraConfigFiles = [ "/run/secrets/matrix-shared-secret" ];
|
|
};
|
|
caddy.virtualHosts."xenia.me.uk".extraConfig = ''
|
|
header /.well-known/matrix/* Content-Type application/json
|
|
header /.well-known/matrix/* Access-Control-Allow-Origin *
|
|
respond /.well-known/matrix/server `{"m.server": "matrix.xenia.me.uk:443"}`
|
|
respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.xenia.me.uk"},"m.identity_server":{"base_url":"https://identity.xenia.me.uk"}}`
|
|
'';
|
|
caddy.virtualHosts."matrix.xenia.me.uk".extraConfig = ''
|
|
reverse_proxy /_matrix/* localhost:8008
|
|
reverse_proxy /_synapse/client/* localhost:8008
|
|
'';
|
|
};
|
|
}
|