summaryrefslogtreecommitdiffstats
path: root/machines/jormungand
diff options
context:
space:
mode:
authorDominique Martinet @ jormungand <asmadeus@codewreck.org>2020-05-09 11:00:14 +0200
committerDominique Martinet @ jormungand <asmadeus@codewreck.org>2020-05-09 11:00:14 +0200
commit1d8bc352395d183c2a04932fdbd8339b9afb19e1 (patch)
tree32acd770a4b9e2701b6327fe717ee39639234af7 /machines/jormungand
parentf0872c7d16ad8d89a4673157f4b3efa95a90d9c0 (diff)
containers: +matrix
Diffstat (limited to 'machines/jormungand')
-rw-r--r--machines/jormungand/containers.nix42
1 files changed, 42 insertions, 0 deletions
diff --git a/machines/jormungand/containers.nix b/machines/jormungand/containers.nix
index b560eb3..39d0791 100644
--- a/machines/jormungand/containers.nix
+++ b/machines/jormungand/containers.nix
@@ -44,6 +44,17 @@ let targetConfig = {
auth_basic_user_file /etc/nginx/mpd.htpasswd;
'';
};
+
+ virtualHosts."matrix.codewreck.org" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/".extraConfig = ''
+ return 404;
+ '';
+ locations."/_matrix" = {
+ proxyPass = "http://[::1]:8008";
+ };
+ };
};
environment.etc."nginx/mpd.htpasswd".text = ''
mpd:$6$jFVDaikg7ApzyPSe$ALjy6GmXV6XnKBuAbzRywqnUD/1ZNl50hLUOFIZ2dZuHVCLIzKr6WTl8x4KnCjOzDgIoS0udv7XPbDB6uyKXg/
@@ -100,6 +111,37 @@ let targetConfig = {
};
};
+ containers.matrix = {
+ autoStart = true;
+ timeoutStartSec = "10m";
+ config = { config, pkgs, ... }: targetConfig // {
+ services.postgresql.enable = true;
+ services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
+ CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
+ CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
+ TEMPLATE template0
+ LC_COLLATE = "C"
+ LC_CTYPE = "C";
+ '';
+ services.matrix-synapse = {
+ enable = true;
+ server_name = "codewreck.org";
+ # registration_shared_secret = "";
+ listeners = [{
+ port = 8008;
+ bind_address = "::1";
+ type = "http";
+ tls = false;
+ x_forwarded = true;
+ resources = [{
+ names = [ "client" "federation" ];
+ compress = false;
+ }];
+ }];
+ };
+ };
+ };
+
containers.tor = {
autoStart = true;
timeoutStartSec = "10m";