diff options
author | Dominique Martinet @ jormungand <asmadeus@codewreck.org> | 2020-05-09 11:00:14 +0200 |
---|---|---|
committer | Dominique Martinet @ jormungand <asmadeus@codewreck.org> | 2020-05-09 11:00:14 +0200 |
commit | 1d8bc352395d183c2a04932fdbd8339b9afb19e1 (patch) | |
tree | 32acd770a4b9e2701b6327fe717ee39639234af7 /machines/jormungand | |
parent | f0872c7d16ad8d89a4673157f4b3efa95a90d9c0 (diff) |
containers: +matrix
Diffstat (limited to 'machines/jormungand')
-rw-r--r-- | machines/jormungand/containers.nix | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/machines/jormungand/containers.nix b/machines/jormungand/containers.nix index b560eb3..39d0791 100644 --- a/machines/jormungand/containers.nix +++ b/machines/jormungand/containers.nix @@ -44,6 +44,17 @@ let targetConfig = { auth_basic_user_file /etc/nginx/mpd.htpasswd; ''; }; + + virtualHosts."matrix.codewreck.org" = { + forceSSL = true; + enableACME = true; + locations."/".extraConfig = '' + return 404; + ''; + locations."/_matrix" = { + proxyPass = "http://[::1]:8008"; + }; + }; }; environment.etc."nginx/mpd.htpasswd".text = '' mpd:$6$jFVDaikg7ApzyPSe$ALjy6GmXV6XnKBuAbzRywqnUD/1ZNl50hLUOFIZ2dZuHVCLIzKr6WTl8x4KnCjOzDgIoS0udv7XPbDB6uyKXg/ @@ -100,6 +111,37 @@ let targetConfig = { }; }; + containers.matrix = { + autoStart = true; + timeoutStartSec = "10m"; + config = { config, pkgs, ... }: targetConfig // { + services.postgresql.enable = true; + services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; + CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + services.matrix-synapse = { + enable = true; + server_name = "codewreck.org"; + # registration_shared_secret = ""; + listeners = [{ + port = 8008; + bind_address = "::1"; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + names = [ "client" "federation" ]; + compress = false; + }]; + }]; + }; + }; + }; + containers.tor = { autoStart = true; timeoutStartSec = "10m"; |