v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Actions Packages Projects Releases Activity

finish up synapse
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Vivian 2022-07-28 17:01:28 +02:00
parent 6e3b07a67f
commit 2d85d61793
2 changed files with 66 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
nixos/hosts/nginx/configuration.nix
View file

@ -10,8 +10,11 @@ let
};
k8s_proxy = proxy "http://10.42.42.150:8000/";
clientConfig = {
"m.homeserver".base_url = "https://chat.meowy.tech";
"m.identity_server" = {};
"m.homeserver" = {
base_url = "https://chat.meowy.tech";
server_name = "meowy.tech";
};
"m.identity_server" = { };
};
serverConfig."m.server" = "chat.meowy.tech:443";
mkWellKnown = data: ''
@ -57,6 +60,10 @@ in
virtualHosts."meowy.tech" = {
enableACME = true;
forceSSL = true;
locations."/".extraConfig = ''
add_header Content-Type 'text/html; charset=UTF-8';
return 200 meow;
'';
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
};
@ -64,11 +71,28 @@ in
enableACME = true;
forceSSL = true;
locations."/".extraConfig = ''
return 404;
return 307 https://element.chat.meowy.tech;
'';
locations."/_matrix".proxyPass = "http://synapse.olympus:8008";
locations."/_synapse/client".proxyPass = "http://synapse.olympus:8008";
};
virtualHosts."element.chat.meowy.tech" = {
enableACME = true;
forceSSL = true;
root = pkgs.element-web.override {
conf = {
default_server_config = clientConfig;
show_labs_settings = true;
brand = "chat.meowy.tech";
};
};
};
virtualHosts."admin.chat.meowy.tech" = {
enableACME = true;
forceSSL = true;
root = pkgs.synapse-admin;
};
# Kubernetes endpoints
virtualHosts."0x76.dev" = k8s_proxy;

70
nixos/hosts/synapse/configuration.nix
View file

@ -29,7 +29,7 @@ in
user = "matrix-synapse";
group = "matrix-synapse";
services = [ "matrix-synapse" ];
};
};
services.postgresql = {
enable = true;
@ -42,36 +42,44 @@ in
'';
};
services.matrix-synapse = {
enable = true;
withJemalloc = true;
services.matrix-synapse =
let
extraConfig = builtins.toFile "extraConfig.yaml" ''
registration_requires_token: true
'';
in
{
enable = true;
withJemalloc = true;
extraConfigFiles = [
"${vs.synapse}/macaroon_secret_key"
"${vs.synapse}/registration_shared_secret"
"${vs.synapse}/form_secret"
"${vs.synapse}/turn_shared_secret"
];
extraConfigFiles = [
"${vs.synapse}/macaroon_secret_key"
"${vs.synapse}/registration_shared_secret"
"${vs.synapse}/form_secret"
"${vs.synapse}/turn_shared_secret"
extraConfig
];
settings =
{
server_name = "meowy.tech";
public_baseurl = "https://chat.meowy.tech";
listeners = [
{
inherit port;
bind_addresses = [ "0.0.0.0" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [ "client" "federation" ];
compress = true;
}
];
}
];
};
};
settings =
{
server_name = "meowy.tech";
enable_registration = true;
public_baseurl = "https://chat.meowy.tech";
listeners = [
{
inherit port;
bind_addresses = [ "0.0.0.0" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [ "client" "federation" ];
compress = true;
}
];
}
];
};
};
}