niksos/hosts/chmura/services/conduit.nix

62 lines
1.7 KiB
Nix
Raw Normal View History

2023-07-13 16:39:27 +02:00
{
inputs,
2023-11-25 17:12:09 +01:00
pkgs,
2023-07-13 16:39:27 +02:00
...
2024-07-16 08:07:53 +02:00
}: let
2024-04-14 18:49:29 +02:00
port = 6167;
in {
nix.settings = {
substituters = [
"https://attic.conduit.rs/conduit"
];
trusted-public-keys = [
"conduit:ddcaWZiWm0l0IXZlO8FERRdWvEufwmd0Negl1P+c0Ns="
];
};
services.matrix-conduit = {
enable = true;
2023-07-17 21:42:19 +02:00
package = inputs.conduit.packages.${pkgs.system}.default;
2023-07-17 20:03:22 +02:00
settings.global = {
address = "127.0.0.1";
server_name = "jacekpoz.pl";
database_backend = "rocksdb";
2024-04-14 18:49:29 +02:00
inherit port;
enable_lightning_bolt = false;
max_request_size = 104857600;
allow_check_for_updates = false;
allow_registration = false;
};
2023-07-13 16:39:27 +02:00
};
services.caddy = {
enable = true;
virtualHosts."m.jacekpoz.pl".extraConfig = ''
2024-04-14 18:49:29 +02:00
reverse_proxy /_matrix/* 127.0.0.1:${toString port}
'';
virtualHosts."jacekpoz.pl".extraConfig = ''
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/server `{
"m.server": "m.jacekpoz.pl:443"
}`
respond /.well-known/matrix/client `{
"m.homeserver": {
"base_url": "https://m.jacekpoz.pl"
},
"m.identity_server": {
"base_url": "https://matrix.org"
},
"org.matrix.msc3575.proxy": {
"url": "https://m.jacekpoz.pl"
}
}`
'';
};
2023-07-13 16:39:27 +02:00
2024-01-27 19:10:17 +01:00
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
2023-07-13 16:39:27 +02:00
}