WIP: create tests

Co-authored-by: h7x4 <h7x4@nani.wtf>

.gitignore

@@ -0,0 +1 @@
+result

COPYING

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020, 2022-2023 Daniel Løvbrøtte Olsen and contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

MIGRATIONS.MD

@@ -0,0 +1,10 @@
+# Migrations
+
+This is a best effort document descibing neccecary changes you might have to do when updating
+
+## 0.5.0 UNRELEASED
+
+The module has been renamed from `synapse` to `default`
+
+
+

README.MD

@@ -9,6 +9,10 @@ With matrix.YOURDOMAIN pointing at the server:
 
     workers.federationSenders = 1;
     workers.federationReceivers = 1;
+    workers.initialSyncers = 1;
+    workers.normalSyncers = 1;
+    workers.eventPersisters = 2;
+    workers.useUserDirectoryWorker = true;
 
     enableNginx = true;
 
@@ -31,4 +35,20 @@ With matrix.YOURDOMAIN pointing at the server:
 }
 ```
 
-is ~enough to get a functional matrix-server running one federation sender and one federation receiver
+is ~enough to get a functional matrix-server running with some workers
+
+## Sliding Sync (Element X)
+
+Just add the following to your config and point `slidingsync.YOURDOMAIN` at the server
+
+```
+services.matrix-synapse-next = {
+  enableSlidingSync = true;
+};
+
+services.matrix-synapse.sliding-sync.environmentFile = "/some/file/containing/SYNCV3_SECRET=<some secret>";
+
+```
+
+If using [well-known delagation](https://matrix-org.github.io/synapse/v1.37/delegate.html) make sure `YOURDOMAIN/.well-known/matrix/client` matches
+what's in `matrix.YOURDOMAIN/.well-known/matrix/client`

flake.lock

@@ -0,0 +1,42 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1690789960,
+        "narHash": "sha256-3K+2HuyGTiJUSZNJxXXvc0qj4xFx1FHC/ItYtEa7/Xs=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fb942492b7accdee4e6d17f5447091c65897dde4",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs-lib": {
+      "locked": {
+        "lastModified": 1673743903,
+        "narHash": "sha256-sloY6KYyVOozJ1CkbgJPpZ99TKIjIvM+04V48C04sMQ=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "7555e2dfcbac1533f047021f1744ac8871150f9f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs",
+        "nixpkgs-lib": "nixpkgs-lib"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -1,9 +1,28 @@
 {
   description = "NixOS modules for matrix related services";
 
-  outputs = { self }: {
+  inputs = {
+    nixpkgs-lib.url = "github:nix-community/nixpkgs.lib";
+    nixpkgs.url = "nixpkgs/nixos-unstable";
+  };
+
+  outputs = { self, nixpkgs, nixpkgs-lib }: {
     nixosModules = {
-      synapse = import ./synapse-module;
+      default = import ./module.nix;
+    };
+
+    lib = import ./lib.nix { lib = nixpkgs-lib.lib; };
+
+    packages = let
+      system = "x86_64-linux";
+      pkgs = nixpkgs.legacyPackages.${system};
+    in {
+        ${system}.tests = import ./tests {
+        inherit system;
+        inherit nixpkgs;
+        inherit pkgs;
+        nixosModule = self.outputs.nixosModules.synapse;
+      };
     };
   };
 }

lib.nix

@@ -0,0 +1,20 @@
+{ lib }:
+rec {
+  # checks if given listener configuration has type as a resource
+  isListenerType = type: l: lib.any (r: lib.any (n: n == type) r.names) l.resources;
+  # Get the first listener that includes the given resource from worker
+  firstListenerOfType = type: ls: lib.lists.findFirst (isListenerType type)
+    (lib.throw "No listener with resource: ${type} configured")
+    ls;
+  # Get an attrset of the host and port from a listener 
+  connectionInfo = l: {
+    host = lib.head l.bind_addresses;
+    port = l.port;
+  };
+
+  # Get an attrset of the host and port from a worker given a type
+  workerConnectionResource = r: w: let
+    l = firstListenerOfType r w.settings.worker_listeners;
+  in connectionInfo l;
+
+}

module.nix

@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  imports = [
+    ./synapse-module
+    ./sliding-sync
+  ];
+}

pkgs/matrix-sliding-sync/default.nix

@@ -0,0 +1,37 @@
+{ lib
+, buildGoModule
+, fetchFromGitHub
+}:
+
+buildGoModule rec {
+  pname = "matrix-sliding-sync";
+  version = "0.99.11";
+
+  src = fetchFromGitHub {
+    owner = "matrix-org";
+    repo = "sliding-sync";
+    rev = "refs/tags/v${version}";
+    hash = "sha256-Wd/nnJhKg+BDyOIz42zEScjzQRrpEq6YG9/9Tk24hgg=";
+  };
+
+  vendorHash = "sha256-0QSyYhOht1j1tWNxHQh+NUZA/W1xy7ANu+29H/gusOE=";
+
+  subPackages = [ "cmd/syncv3" ];
+
+  ldflags = [
+    "-s"
+    "-w"
+    "-X main.GitCommit=${src.rev}"
+  ];
+
+  # requires a running matrix-synapse
+  doCheck = false;
+
+  meta = with lib; {
+    description = "A sliding sync implementation of MSC3575 for matrix";
+    homepage = "https://github.com/matrix-org/sliding-sync";
+    license = with licenses; [ asl20 ];
+    maintainers = with maintainers; [ emilylange ];
+    mainProgram = "syncv3";
+  };
+}

sliding-sync/default.nix

@@ -0,0 +1,117 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.matrix-synapse.sliding-sync;
+in
+{
+  disabledModules = [ "services/matrix/matrix-sliding-sync.nix" ];
+
+  options.services.matrix-synapse.sliding-sync = {
+    enable = lib.mkEnableOption (lib.mdDoc "sliding sync");
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.callPackage ../pkgs/matrix-sliding-sync { };
+      description = "What package to use for the sliding-sync proxy.";
+    };
+
+    enableNginx = lib.mkEnableOption (lib.mdDoc "autogenerated nginx config");
+    publicBaseUrl = lib.mkOption {
+      type = lib.types.str;
+      description = "The domain where clients connect, only has an effect with enableNginx";
+      example = "slidingsync.matrix.org";
+    };
+
+    settings = lib.mkOption {
+      type = lib.types.submodule {
+        freeformType = with lib.types; attrsOf str;
+        options = {
+          SYNCV3_SERVER = lib.mkOption {
+            type = lib.types.str;
+            description = lib.mdDoc ''
+              The destination homeserver to talk to not including `/_matrix/` e.g `https://matrix.example.org`.
+            '';
+          };
+
+          SYNCV3_DB = lib.mkOption {
+            type = lib.types.str;
+            default = "postgresql:///matrix-sliding-sync?host=/run/postgresql";
+            description = lib.mdDoc ''
+              The postgres connection string.
+              Refer to <https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING>.
+            '';
+          };
+
+          SYNCV3_BINDADDR = lib.mkOption {
+            type = lib.types.str;
+            default = "127.0.0.1:8009";
+            example = "[::]:8008";
+            description = lib.mdDoc "The interface and port to listen on.";
+          };
+
+          SYNCV3_LOG_LEVEL = lib.mkOption {
+            type = lib.types.enum [ "trace" "debug" "info" "warn" "error" "fatal" ];
+            default = "info";
+            description = lib.mdDoc "The level of verbosity for messages logged.";
+          };
+        };
+      };
+      default = { };
+      description = ''
+        Freeform environment variables passed to the sliding sync proxy.
+        Refer to <https://github.com/matrix-org/sliding-sync#setup> for all supported values.
+      '';
+    };
+
+    createDatabase = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = lib.mdDoc ''
+        Whether to enable and configure `services.postgres` to ensure that the database user `matrix-sliding-sync`
+        and the database `matrix-sliding-sync` exist.
+      '';
+    };
+
+    environmentFile = lib.mkOption {
+      type = lib.types.str;
+      description = lib.mdDoc ''
+        Environment file as defined in {manpage}`systemd.exec(5)`.
+
+        This must contain the {env}`SYNCV3_SECRET` variable which should
+        be generated with {command}`openssl rand -hex 32`.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.postgresql = lib.optionalAttrs cfg.createDatabase {
+      enable = true;
+      ensureDatabases = [ "matrix-sliding-sync" ];
+      ensureUsers = [ rec {
+        name = "matrix-sliding-sync";
+        ensurePermissions."DATABASE \"${name}\"" = "ALL PRIVILEGES";
+      } ];
+    };
+
+    systemd.services.matrix-sliding-sync = {
+      after = lib.optional cfg.createDatabase "postgresql.service";
+      wantedBy = [ "multi-user.target" ];
+      environment = cfg.settings;
+      serviceConfig = {
+        DynamicUser = true;
+        EnvironmentFile = cfg.environmentFile;
+        ExecStart = lib.getExe cfg.package;
+        StateDirectory = "matrix-sliding-sync";
+        WorkingDirectory = "%S/matrix-sliding-sync";
+      };
+    };
+
+    services.nginx.virtualHosts.${cfg.publicBaseUrl} = lib.mkIf cfg.enableNginx {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = lib.replaceStrings [ "0.0.0.0" "::" ] [ "127.0.0.1" "::1" ] "http://${cfg.settings.SYNCV3_BINDADDR}";
+      };
+    };
+  };
+}

synapse-module/default.nix

@@ -1,5 +1,7 @@
 { pkgs, lib, config, ... }:
-let
+let 
+  matrix-lib = (import ../lib.nix { inherit lib; });
+
   cfg = config.services.matrix-synapse-next;
   wcfg = cfg.workers;
 
@@ -31,7 +33,7 @@ in
   imports = [
     ./nginx.nix
     (import ./workers.nix {
-      inherit throw' format matrix-synapse-common-config pluginsEnv;
+      inherit matrix-lib throw' format matrix-synapse-common-config pluginsEnv;
     })
   ];
 
@@ -82,6 +84,8 @@ in
       description = "A yaml python logging config file";
     };
 
+    enableSlidingSync = mkEnableOption (lib.mdDoc "automatic Sliding Sync setup at `slidingsync.<domain>`");
+
     settings = mkOption {
       type = types.submodule {
         freeformType = format.type;
@@ -392,5 +396,19 @@ in
         };
       };
     };
+
+    services.matrix-synapse-next.settings.extra_well_known_client_content."org.matrix.msc3575.proxy" = mkIf cfg.enableSlidingSync {
+      url = "https://${config.services.matrix-synapse.sliding-sync.publicBaseUrl}";
+    };
+    services.matrix-synapse.sliding-sync = mkIf cfg.enableSlidingSync {
+      enable = true;
+      enableNginx = lib.mkDefault cfg.enableNginx;
+      publicBaseUrl = lib.mkDefault "slidingsync.${cfg.settings.server_name}";
+
+      settings = {
+        SYNCV3_SERVER = lib.mkDefault "https://${cfg.public_baseurl}";
+        SYNCV3_PROM = lib.mkIf cfg.settings.enable_metrics (lib.mkDefault "127.0.0.1:9001");
+      };
+    };
   };
 }

synapse-module/nginx.nix

@@ -198,7 +198,7 @@ in
     };
 
     services.nginx.virtualHosts."${cfg.public_baseurl}" = {
-      enableACME = true;
+      enableACME = lib.mkDefault true;
       forceSSL = true;
       locations."/_matrix" = {
         proxyPass = "http://$synapse_backend";
@@ -230,6 +230,9 @@ in
       locations."/_synapse/client" = {
         proxyPass = "http://$synapse_backend";
       };
+      locations."/.well-known/matrix" = {
+        proxyPass = "http://$synapse_backend";
+      };
     };
   };
 }

synapse-module/workers.nix

@@ -1,4 +1,5 @@
 { matrix-synapse-common-config,
+  matrix-lib,
   pluginsEnv,
   throw',
   format
@@ -18,21 +19,12 @@
     type = types.ints.unsigned;
     description = "How many automatically configured ${workerType} workers to set up";
     default = 0;
+    example = 1;
   };
 
   genAttrs' = items: f: g: builtins.listToAttrs (map (i: lib.nameValuePair (f i) (g i)) items);
 
-  isReplicationListener =
-    l: lib.any (r: lib.any (n: n == "replication") r.names) l.resources;
-
-  mainReplicationListener = lib.lists.findFirst isReplicationListener
-    (throw' "No replication listener configured!")
-    cfg.settings.listeners;
-  mainReplicationListenerHost =
-    if mainReplicationListener.bind_addresses == []
-      then throw' "Replication listener had no addresses"
-      else builtins.head mainReplicationListener.bind_addresses;
-  mainReplicationListenerPort = mainReplicationListener.port;
+  mainReplicationListener = matrix-lib.firstListenerOfType "replication" cfg.settings.listeners;
 in {
   # See https://github.com/matrix-org/synapse/blob/develop/docs/workers.md for more info
   options.services.matrix-synapse-next.workers = let
@@ -42,11 +34,25 @@ in {
           type = types.bool;
           internal = true;
           default = false;
+          description = ''
+            This is an internal flag that signals that this worker is part of the
+            workers generated by either of the following:
+
+            - federationSenders
+            - federationReceivers
+            - initialSyncers
+            - normalSyncers
+            - eventPersisters
+            - useUserDirectoryWorker
+          '';
         };
 
         index = mkOption {
           internal = true;
           type = types.ints.positive;
+          description = ''
+            This is an internal variable that indexes the worker of this type.
+          '';
         };
 
         # The custom string type here is mainly for the name to use
@@ -78,20 +84,6 @@ in {
           default = "synapse.app.generic_worker";
         };
 
-        worker_replication_host = mkOption {
-          type = types.str;
-          default = wcfg.mainReplicationHost;
-          defaultText = literalExpression "${wcfgText}.mainReplicationHost";
-          description = "The replication listeners IP on the main synapse process";
-        };
-
-        worker_replication_http_port = mkOption {
-          type = types.port;
-          default = wcfg.mainReplicationPort;
-          defaultText = literalExpression "${wcfgText}.mainReplicationPort";
-          description = "The replication listeners port on the main synapse process";
-        };
-
         worker_listeners = mkOption {
           type = types.listOf (workerListenerType instanceCfg);
           description = "Listener configuration for the worker, similar to the main synapse listener";
@@ -108,17 +100,25 @@ in {
           default = "http";
         };
 
-        port = mkOption {
-          type = types.port;
-          description = "The TCP port to bind to";
+        path = mkOption {
+          type = types.path;
+          default = instanceCfg.name;
+          description = ''
+            A path and filename for a Unix socket.
+          '';
         };
 
-        bind_addresses = mkOption {
-          type = with types; listOf str;
-          description = "A list of local addresses to listen on";
-          default = [ wcfg.defaultListenerAddress ];
-          defaultText = literalExpression "[ ${wcfgText}.defaultListenerAddress ]";
-        };
+        # port = mkOption {
+        #   type = types.port;
+        #   description = "The TCP port to bind to";
+        # };
+
+        # bind_addresses = mkOption {
+        #   type = with types; listOf str;
+        #   description = "A list of local addresses to listen on";
+        #   default = [ wcfg.defaultListenerAddress ];
+        #   defaultText = literalExpression "[ ${wcfgText}.defaultListenerAddress ]";
+        # };
 
         tls = mkOption {
           type = types.bool;
@@ -183,35 +183,6 @@ in {
       };
     };
   in {
-    mainReplicationHost = mkOption {
-      type = types.str;
-      default =
-        if builtins.elem mainReplicationListenerHost [ "0.0.0.0" "::" ]
-          then "127.0.0.1"
-          else mainReplicationListenerHost;
-      # TODO: add defaultText
-      description = "Host of the main synapse instance's replication listener";
-    };
-
-    mainReplicationPort = mkOption {
-      type = types.port;
-      default = mainReplicationListenerPort;
-      # TODO: add defaultText
-      description = "Port for the main synapse instance's replication listener";
-    };
-
-    defaultListenerAddress = mkOption {
-      type = types.str;
-      default = "127.0.0.1";
-      description = "The default listener address for the worker";
-    };
-
-    workerStartingPort = mkOption {
-      type = types.port;
-      description = "What port should the automatically configured workers start enumerating from";
-      default = 8083;
-    };
-
     enableMetrics = mkOption {
       type = types.bool;
       default = cfg.settings.enable_metrics;
@@ -219,12 +190,6 @@ in {
       # TODO: add description
     };
 
-    metricsStartingPort = mkOption {
-      type = types.port;
-      default = 18083;
-      # TODO: add description
-    };
-
     federationSenders = mkWorkerCountOption "federation-sender";
     federationReceivers = mkWorkerCountOption "federation-reciever";
     initialSyncers = mkWorkerCountOption "initial-syncer";
@@ -238,13 +203,14 @@ in {
       default = { };
       description = "Worker configuration";
       example = {
-        "federation_sender1" = {
+        "federation-sender-1" = {
           settings = {
-            worker_name = "federation_sender1";
+            worker_name = "federation-sender-1";
             worker_app = "synapse.app.generic_worker";
 
-            worker_replication_host = "127.0.0.1";
-            worker_replication_http_port = 9093;
+            path = "/run/matrix-synapse/federation-sender-1.sock";
+            # worker_replication_host = "127.0.0.1";
+            # worker_replication_http_port = 9093;
             worker_listeners = [ ];
           };
         };
@@ -252,95 +218,59 @@ in {
     };
   };
 
-  config = {
+  config = let 
+    genList1 = f: builtins.genList (i: f (i + 1));
+  in {
     services.matrix-synapse-next.settings = {
       federation_sender_instances =
-        lib.genList (i: "auto-fed-sender${toString (i + 1)}") wcfg.federationSenders;
+        genList1 (i: "auto-fed-sender-${toString i}") wcfg.federationSenders;
 
-      instance_map = genAttrs' (lib.lists.range 1 wcfg.eventPersisters)
-        (i: "auto-event-persist${toString i}")
-        (i: let
-          wRL = lib.lists.findFirst isReplicationListener
-            (throw' "No replication listener configured!")
-            wcfg.instances."auto-event-persist${toString i}".settings.worker_listeners;
-          wRH = lib.findFirst (x: true) (throw' "Replication listener had no addresses")
-            wRL.bind_addresses;
-          wRP = wRL.port;
-        in {
-          host = wRH;
-          port = wRP;
-        });
+      instance_map = lib.mkIf (cfg.workers.instances != { }) ({
+        main.path = "/run/matrix-synapse/main-replication-worker.sock";
+      } // builtins.mapAttrs (n: v: {
+        inherit (builtins.head v.settings.worker_listeners) path;
+      }) wcfg.instances);
 
       stream_writers.events =
         mkIf (wcfg.eventPersisters > 0)
-        (lib.genList (i: "auto-event-persist${toString (i + 1)}") wcfg.eventPersisters); 
+          (genList1 (i: "auto-event-persist-${toString i}") wcfg.eventPersisters); 
 
       update_user_directory_from_worker =
-        mkIf wcfg.useUserDirectoryWorker "auto-user-dir";
+        mkIf wcfg.useUserDirectoryWorker "auto-user-dir-1";
     };
 
-    services.matrix-synapse-next.workers.instances = let
-      sum = lib.foldl lib.add 0;
-      workerListenersWithMetrics = portOffset:
-        lib.singleton ({
-          port = wcfg.workerStartingPort + portOffset - 1;
-        }) 
-        ++ lib.optional wcfg.enableMetrics {
-          port = wcfg.metricsStartingPort + portOffset;
-          resources = [ { names = [ "metrics" ]; } ];
+    services.matrix-synapse-next.workers.instances =
+      let
+        workerInstances = {
+          "fed-sender" = wcfg.federationSenders;
+          "fed-receiver" = wcfg.federationReceivers;
+          "initial-sync" = wcfg.initialSyncers;
+          "normal-sync" = wcfg.normalSyncers;
+          "event-persist" = wcfg.eventPersisters;
+          "user-dir" = if wcfg.useUserDirectoryWorker then 1 else 0;
         };
-
-      makeWorkerInstances = {
-        type,
-        numberOfWorkers,
-        portOffset ? 0,
-        nameFn ? i: "auto-${type}${toString i}",
-        workerListenerFn ? i: workerListenersWithMetrics (portOffset + i)
-      }: genAttrs'
-        (lib.lists.range 1 numberOfWorkers)
-        nameFn
-        (i: {
-          isAuto = true;
-          inherit type;
-          index = i;
-          settings.worker_listeners = workerListenerFn i;
-        });
-
-      workerInstances = {
-        "fed-sender" = wcfg.federationSenders;
-        "fed-receiver" = wcfg.federationReceivers;
-        "initial-sync" = wcfg.initialSyncers;
-        "normal-sync" = wcfg.normalSyncers;
-        "event-persist" = wcfg.eventPersisters;
-      } // (lib.optionalAttrs wcfg.useUserDirectoryWorker {
-        "user-dir" = {
-          numberOfWorkers = 1;
-          nameFn = _: "auto-user-dir";
-        };
-      });
-
-      coerceWorker = { name, value }: if builtins.isInt value then {
-        type = name;
-        numberOfWorkers = value;
-      } else { type = name; } // value;
-
-      # Like foldl, but keeps all intermediate values
-      #
-      # (b -> a -> b) -> b -> [a] -> [b]
-      scanl = f: x1: list: let
-        x2 = lib.head list;
-        x1' = f x1 x2;
-      in if list == [] then [] else [x1'] ++ (scanl f x1' (lib.tail list));
-
-      f = { portOffset, numberOfWorkers, ... }: x: x // { portOffset = portOffset + numberOfWorkers; };
-      init = { portOffset = 0; numberOfWorkers = 0; };
-    in lib.pipe workerInstances [
-      (lib.mapAttrsToList lib.nameValuePair)
-      (map coerceWorker)
-      (scanl f init)
-      (map makeWorkerInstances)
-      mkMerge
-    ];
+      in
+        lib.pipe workerInstances [
+          (lib.mapAttrsToList (type: count: { inherit type count; }))
+          (map ({ type, count }: genList1 (i: rec {
+            name = "auto-${type}-${toString i}";
+            value = {
+              inherit type;
+              isAuto = true;
+              index = i;
+              settings.worker_listeners =
+                [
+                  { path = "/run/matrix-synapse/${name}.sock"; }
+                ] ++ lib.optionals wcfg.enableMetrics [{
+                  path = "/run/matrix-synapse/${name}-metrics.sock";
+                  resources = [{ names = [ "metrics" ]; }];
+                  type = "metrics";
+                }];
+            };
+          }) count))
+          lib.flatten
+          builtins.listToAttrs
+        ];
 
     systemd.services = let
       workerList = lib.mapAttrsToList lib.nameValuePair wcfg.instances;
@@ -349,20 +279,26 @@ in {
     in builtins.listToAttrs (lib.flip map workerList (worker: {
       name = "matrix-synapse-worker-${worker.name}";
       value = {
+        documentation = [ "https://github.com/matrix-org/synapse/blob/develop/docs/workers.md" ];
         description = "Synapse Matrix Worker";
         partOf = [ "matrix-synapse.target" ];
         wantedBy = [ "matrix-synapse.target" ];
         after = [ "matrix-synapse.service" ];
         requires = [ "matrix-synapse.service" ];
-        environment.PYTHONPATH = lib.makeSearchPathOutput "lib" cfg.package.python.sitePackages [
-          pluginsEnv
-        ];
+        restartTriggers = [ matrix-synapse-common-config (workerConfig worker) ] ++ cfg.extraConfigFiles;
+        environment = {
+          PYTHONPATH = lib.makeSearchPathOutput "lib" cfg.package.python.sitePackages [
+            pluginsEnv
+          ];
+        };
         serviceConfig = {
+          Restart = "always";
           Type = "notify";
           User = "matrix-synapse";
           Group = "matrix-synapse";
           Slice = "system-matrix-synapse.slice";
           WorkingDirectory = cfg.dataDir;
+          RuntimeDirectory = [ "matrix-synapse" ];
           ExecStartPre = pkgs.writers.writeBash "wait-for-synapse" ''
             # From https://md.darmstadt.ccc.de/synapse-at-work
             while ! systemctl is-active -q matrix-synapse.service; do

tests/auto-workers-config.nix

@@ -0,0 +1,18 @@
+{ pkgs, lib, ... }:
+{
+  services.matrix-synapse-next = {
+    enable = true;
+    settings.server_name = "matrix.example.com";
+
+    workers = {
+      enableMetrics = true;
+
+      federationSenders = 2;
+      federationReceivers = 2;
+      initialSyncers = 2;
+      normalSyncers = 2;
+      eventPersisters = 2;
+      useUserDirectoryWorker = true;
+    };
+  };
+}

tests/base-config.nix

@@ -0,0 +1,7 @@
+{ pkgs, lib, ... }:
+{
+  services.matrix-synapse-next = {
+    enable = true;
+    settings.server_name = "matrix.example.com";
+  };
+}

tests/default.nix

@@ -0,0 +1,16 @@
+{ nixpkgs, pkgs, system ? pkgs.system, nixosModule, ... }: let
+  buildSystemWithConfig = configPath: (nixpkgs.lib.nixosSystem {
+    inherit system;
+    modules = [
+      nixosModule
+      configPath
+      {
+        boot.isContainer = true;
+      }
+    ];
+  }).config.system.build.toplevel;
+in {
+  a = pkgs.writeText "hello-world" ''a'';
+  base-config = buildSystemWithConfig ./base-config.nix;
+  auto-workers-config = buildSystemWithConfig ./auto-workers-config.nix;
+}