config/profiles/web/services/matrix-synapse/default.nix

61 lines
1.7 KiB
Nix

{ config, pkgs, lib, mkDomain, ... }:
{
# matrix-synapse
/**/
services.matrix-synapse = {
#enable = true;
settings = {
server_name = "${config.networking.domain}"
public_baseurl = mkDomain "matrix";
url_preview_enabled = false;
max_upload_size = "100M";
trusted_key_servers = [
{server_name = "matrix.org";}
{server_name = "dodsorf.as";}
{server_name = "pvv.ntnu.no";}
];
listeners = [
{
bind_addresses = [
"127.0.0.1"
];
port = 8008;
resources = [
{
compress = true;
names = [
"client"
];
}
{
compress = false;
names = [
"federation"
];
}
];
tls = false;
type = "http";
x_forwarded = true;
}
];
};
};
services.nginx.virtualHosts.${mkDomain "matrix"} = lib.mkIf config.services.matrix-synapse.enable {
forceSSL = true; # addSSL = true;
enableACME = true; #useACMEHost = acmeDomain;
locations."/_matrix" = {
proxyPass = "http://127.0.0.1:${toString (builtins.elemAt 0 config.services.matrix-synaps.listeners).port}";
#proxyWebsockets = true;
extraConfig = ''
client_max_body_size ${config.services.matrix-synaps.max_upload_size};
'';
};
locations."/_synapse/client" = {
proxyPass = "http://127.0.0.1:${toString (builtins.elemAt 0 config.services.matrix-synaps.listeners).port}/_synapse/client";
#proxyWebsockets = true;
};
};
/**/
}