diff --git a/nixos/hosts/olympus/nginx/configuration.nix b/nixos/hosts/olympus/nginx/configuration.nix index 59a39706..efbcd01e 100644 --- a/nixos/hosts/olympus/nginx/configuration.nix +++ b/nixos/hosts/olympus/nginx/configuration.nix @@ -5,7 +5,9 @@ let base_url = "https://chat.meowy.tech"; server_name = "meowy.tech"; }; - "m.identity_server" = { }; + "org.matrix.msc3575.proxy" = { + "url" = "https://sliding-chat.meowy.tech"; + }; }; serverConfig."m.server" = "chat.meowy.tech:443"; mkWellKnown = data: '' @@ -18,7 +20,8 @@ let url = "https://git.0x76.dev/v/0x76.dev.git"; rev = "ecb7811560650381f41ee537b9c8493e004a108b"; }; -in { +in +{ # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -27,7 +30,10 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; services = { # Generates vhosts for all hosts that have an `exposes` section @@ -102,10 +108,8 @@ in { add_header Content-Type 'text/html; charset=UTF-8'; return 200 '

meow

'; ''; - "= /.well-known/matrix/client".extraConfig = - mkWellKnown clientConfig; - "= /.well-known/matrix/server".extraConfig = - mkWellKnown serverConfig; + "= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + "= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; }; }; "chat.meowy.tech" = { @@ -115,6 +119,8 @@ in { "/".extraConfig = '' return 303 https://element.chat.meowy.tech; ''; + "= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + "= /_matrix/client/unstable/org.matrix.msc3575/sync".proxyPass = "http://synapse.olympus:8009"; "/_matrix".proxyPass = "http://synapse.olympus:8008"; "/_synapse/client".proxyPass = "http://synapse.olympus:8008"; "/_synapse/admin" = { @@ -133,6 +139,11 @@ in { }; }; }; + "sliding-chat.meowy.tech" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://synapse.olympus:8009"; + }; "element.chat.meowy.tech" = { enableACME = true; forceSSL = true; diff --git a/nixos/hosts/olympus/synapse/configuration.nix b/nixos/hosts/olympus/synapse/configuration.nix index c2a87081..89bbbb76 100644 --- a/nixos/hosts/olympus/synapse/configuration.nix +++ b/nixos/hosts/olympus/synapse/configuration.nix @@ -2,13 +2,17 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). + { config, pkgs, ... }: + let vs = config.vault-secrets.secrets; port = 8008; + slidingSyncPort = 8009; metricsPort = 9000; in -{ + + { imports = [ ]; # This value determines the NixOS release from which the default @@ -19,7 +23,7 @@ in # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - networking.firewall.allowedTCPPorts = [ port metricsPort ]; + networking.firewall.allowedTCPPorts = [ port metricsPort slidingSyncPort ]; vault-secrets.secrets.synapse = { user = "matrix-synapse"; @@ -38,6 +42,16 @@ in ''; }; + services.matrix-sliding-sync = { + enable = true; + createDatabase = true; + environmentFile = "${vs.synapse}/sync"; + settings = { + SYNCV3_SERVER = "http://localhost:${toString port}"; + SYNCV3_BINDADDR = ":${toString slidingSyncPort}"; + }; + }; + services.matrix-synapse = { enable = true; withJemalloc = true; @@ -109,3 +123,5 @@ in }; }; } + +