63 lines
1.5 KiB
Nix
63 lines
1.5 KiB
Nix
{inputs, ...}: {
|
|
imports = [inputs.grapevine.nixosModules.default];
|
|
networking.firewall.allowedTCPPorts = [8448];
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/lib/private/matrix-conduit 0770 conduit conduit"
|
|
"d /var/lib/private/matrix-conduit/database 0770 conduit conduit"
|
|
"d /var/lib/private/matrix-conduit/media 0770 conduit conduit"
|
|
"L /var/lib/matrix-conduit /var/lib/private/matrix-conduit"
|
|
];
|
|
|
|
users = {
|
|
groups.conduit = {};
|
|
users.conduit = {
|
|
isSystemUser = true;
|
|
group = "conduit";
|
|
};
|
|
};
|
|
|
|
systemd.services.grapevine.serviceConfig = {
|
|
User = "conduit";
|
|
Group = "conduit";
|
|
};
|
|
|
|
services = let
|
|
domain = "matrix.henryhiles.com";
|
|
# socket = "/run/grapvine/socket";
|
|
in {
|
|
grapevine = {
|
|
enable = true;
|
|
settings = {
|
|
server_name = domain;
|
|
conduit_compat = true;
|
|
database.backend = "rocksdb";
|
|
|
|
allow_registration = true;
|
|
registration_token = "test";
|
|
|
|
federation = {
|
|
max_concurrent_requests = 10000;
|
|
self_test = false;
|
|
};
|
|
|
|
server_discovery = {
|
|
server.authority = "${domain}:443";
|
|
client.base_url = "https://${domain}";
|
|
};
|
|
|
|
listen = [
|
|
{
|
|
type = "tcp";
|
|
address = "127.0.0.3";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
caddy.virtualHosts."${domain}" = {
|
|
serverAliases = ["${domain}:8448"];
|
|
extraConfig = "reverse_proxy 127.0.0.3";
|
|
};
|
|
};
|
|
}
|