From 9fa26478eb64be6a937e455e33bcf3860ea1be1b Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 7 Jun 2021 21:15:08 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=92=AC=20matrix-synapse=20server?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hosts/plato/configuration.nix | 9 +++++--- hosts/socrates/configuration.nix | 9 +++++--- modules/matrix/default.nix | 37 ++++++++++++++++++++++++++++++++ modules/matrix/nginx.nix | 26 ++++++++++++++++++++++ 4 files changed, 75 insertions(+), 6 deletions(-) create mode 100644 modules/matrix/default.nix create mode 100644 modules/matrix/nginx.nix diff --git a/hosts/plato/configuration.nix b/hosts/plato/configuration.nix index 65802e4..ed7127b 100644 --- a/hosts/plato/configuration.nix +++ b/hosts/plato/configuration.nix @@ -9,6 +9,7 @@ in { ../../modules/coredns + ../../modules/matrix ]; # Use the systemd-boot EFI boot loader. @@ -47,7 +48,7 @@ in { home-manager.users.walkah = import "${dotfiles}/home.nix"; system.autoUpgrade.enable = true; - environment.systemPackages = with pkgs; [ ]; + environment.systemPackages = with pkgs; [ weechat ]; fileSystems."/mnt/downloads" = { device = "192.168.6.100:/volume1/Downloads"; @@ -63,8 +64,10 @@ in { }; programs.mosh.enable = true; - programs.zsh.enable = true; - + programs.zsh = { + enable = true; + promptInit = ""; + }; # Enable the OpenSSH daemon. services.openssh.enable = true; diff --git a/hosts/socrates/configuration.nix b/hosts/socrates/configuration.nix index 322feba..f4ae573 100644 --- a/hosts/socrates/configuration.nix +++ b/hosts/socrates/configuration.nix @@ -8,6 +8,8 @@ in { ./hardware-configuration.nix ./networking.nix # generated at runtime by nixos-infect + + ../../modules/matrix/nginx.nix ]; boot.cleanTmpDir = true; @@ -39,7 +41,7 @@ in { }; home-manager.users.walkah = import "${dotfiles}/home.nix"; - system.autoUpgrade.enable = true; + system.autoUpgrade.enable = false; environment.systemPackages = with pkgs; [ ]; programs.mosh.enable = true; @@ -53,9 +55,10 @@ in { services.nginx = { enable = true; - recommendedOptimisation = true; - recommendedProxySettings = true; recommendedTlsSettings = true; + recommendedOptimisation = true; + recommendedGzipSettings = true; + recommendedProxySettings = true; }; } diff --git a/modules/matrix/default.nix b/modules/matrix/default.nix new file mode 100644 index 0000000..55128b4 --- /dev/null +++ b/modules/matrix/default.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: + +{ + services = { + postgresql = { + enable = true; + initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse"; + CREATE DATABASE "matrix" WITH OWNER "matrix-synapse" + TEMPLATE template0 + ENCODING 'UTF8' + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + }; + + matrix-synapse = { + enable = true; + server_name = "walkah.chat"; + enable_metrics = true; + enable_registration = false; + database_type = "psycopg2"; + database_args = { database = "matrix"; }; + + listeners = [{ + port = 8008; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + compress = false; + names = [ "client" "federation" ]; + }]; + }]; + }; + }; +} diff --git a/modules/matrix/nginx.nix b/modules/matrix/nginx.nix new file mode 100644 index 0000000..00e4efd --- /dev/null +++ b/modules/matrix/nginx.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +{ + services.nginx = { + enable = true; + virtualHosts = { + "matrix.walkah.chat" = { + forceSSL = true; + enableACME = true; + locations."/" = { proxyPass = "http://plato:8008"; }; + }; + + "walkah.chat" = { + forceSSL = true; + enableACME = true; + locations."= /.well-known/matrix/server".extraConfig = + let server = { "m.server" = "matrix.walkah.chat:443"; }; + in '' + add_header Content-Type application/json; + return 200 '${builtins.toJSON server}'; + ''; + locations."/" = { root = pkgs.element-web; }; + }; + }; + }; +}