From e840a95ebe1888ddbc313756027fdb12f95ac565 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Fri, 20 Jan 2023 19:52:04 +0100 Subject: [PATCH] tsuki: use matrix-synapse-next module with workers --- flake.nix | 17 +++++--- hosts/tsuki/services/matrix/default.nix | 56 ++++++++++++------------- 2 files changed, 38 insertions(+), 35 deletions(-) diff --git a/flake.nix b/flake.nix index 5f6a412..d3ba6be 100644 --- a/flake.nix +++ b/flake.nix @@ -48,6 +48,10 @@ url = "github:infinidoge/nix-minecraft"; }; + matrix-synapse-next = { + url = "github:dali99/nixos-matrix-modules"; + }; + vscode-server = { url = "github:msteen/nixos-vscode-server"; flake = false; @@ -70,14 +74,16 @@ nixpkgs-unstable, home-manager, home-manager-local, - nix-attr-search, - vscode-server, - secrets, + + dotfiles, fonts, - osuchan, + matrix-synapse-next, maunium-stickerpicker, minecraft, - dotfiles, + nix-attr-search, + osuchan, + secrets, + vscode-server, website }: let system = "x86_64-linux"; @@ -139,6 +145,7 @@ secrets.outputs.nixos-config osuchan.outputs.nixosModules.default minecraft.outputs.nixosModules.minecraft-servers + matrix-synapse-next.nixosModules.synapse { config._module.args = { diff --git a/hosts/tsuki/services/matrix/default.nix b/hosts/tsuki/services/matrix/default.nix index 0ce59a4..be66a1d 100644 --- a/hosts/tsuki/services/matrix/default.nix +++ b/hosts/tsuki/services/matrix/default.nix @@ -10,8 +10,20 @@ ./coturn.nix ]; - services.matrix-synapse = { + services.matrix-synapse-next = { enable = true; + enableNginx = true; + dataDir = "${config.machineVars.dataDrives.default}/var/matrix"; + + workers = { + federationSenders = 3; + federationReceivers = 3; + initialSyncers = 1; + normalSyncers = 1; + eventPersisters = 1; + useUserDirectoryWorker = true; + }; + settings = { turn_uris = let inherit (config.services.coturn) realm; @@ -28,9 +40,7 @@ in [ { server_name = "matrix.org"; - verify_keys = { - "ed25519:auto" = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"; - }; + verify_keys."ed25519:auto" = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"; } (emptykey "pvv.ntnu.no") (emptykey "feal.no") @@ -42,25 +52,6 @@ enable_metrics = true; - listeners = [ - { - port = secrets.ports.matrix.listener; - bind_addresses = [ - "0.0.0.0" - "::1" - ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" "metrics" ]; - compress = false; - } - ]; - } - ]; - # NOTE: To register a new admin user, use a nix-shell with # package 'matrix-synapse', and use the register_new_matrix_user command # with the registration shared secret @@ -70,12 +61,17 @@ # password_config.enabled = lib.mkForce false; - dataDir = "${config.machineVars.dataDrives.default}/var/matrix"; - - database_type = "postgres"; - # database_args = { - # password = "synapse"; - # }; + database = { + name = "psycopg2"; + args = { + user = "matrix-synapse"; + # TODO: Generate proper password + password = ""; + database = "matrix-synapse"; + host = "localhost"; + port = secrets.ports.postgres; + }; + }; # TODO: Figure out a way to do this declaratively. # The files need to be owned by matrix-synapse @@ -90,7 +86,7 @@ }; }; - # services.redis.enable = true; + services.redis.servers."".enable = true; networking.firewall = { interfaces.enp2s0 = let