ark/hosts/wolumonde/modules/conduit.nix

{
  config,
  pkgs,
  inputs,
  ...
}: let
  _wellKnownFileClient = pkgs.writeText "client" (
    builtins.toJSON
    {
      "m.homeserver"."base_url" = "https://matrix.gaze.systems";
      "org.matrix.msc3575.proxy"."url" = "https://matrix.gaze.systems";
    }
  );
  _wellKnownFileServer =
    pkgs.writeText "server"
    (builtins.toJSON {"m.server" = "matrix.gaze.systems:443";});
  wellKnownFiles = pkgs.runCommand "well-known" {} ''
    mkdir -p $out
    cp ${_wellKnownFileServer} $out/server
    cp ${_wellKnownFileClient} $out/client
  '';
in {
  services.matrix-conduit = {
    enable = true;
    package = inputs.conduit.packages.${pkgs.system}.default;
    settings.global = {
      server_name = "gaze.systems";
      max_request_size = 1000 * 1000 * 20;
      allow_registration = false;
      allow_federation = true;
      trusted_servers = ["matrix.org" "nixos.dev" "conduit.rs"];
      address = "::1";
      port = 6167;
      database_backend = "rocksdb";
    };
  };

  services.nginx.virtualHosts."matrix.gaze.systems" = {
    useACMEHost = "gaze.systems";
    forceSSL = true;
    locations."/".proxyPass = "http://localhost:${toString config.services.matrix-conduit.settings.global.port}";
  };
  services.nginx.virtualHosts."gaze.systems" = {
    locations."/.well-known/matrix/".extraConfig = ''
      add_header content-type application/json;
      add_header access-control-allow-origin *;
      alias ${wellKnownFiles}/;
    '';
  };
}
stuff 2022-09-02 17:19:59 +03:00			`{`
matrix 2022-09-02 18:02:46 +03:00			`config,`
			`pkgs,`
stagf 2023-03-16 17:59:13 +03:00			`inputs,`
matrix 2022-09-02 18:02:46 +03:00			`...`
			`}: let`
			`_wellKnownFileClient = pkgs.writeText "client" (`
			`builtins.toJSON`
aaa 2023-07-14 14:29:09 +03:00			`{`
			`"m.homeserver"."base_url" = "https://matrix.gaze.systems";`
			`"org.matrix.msc3575.proxy"."url" = "https://matrix.gaze.systems";`
			`}`
matrix 2022-09-02 18:02:46 +03:00			`);`
			`_wellKnownFileServer =`
			`pkgs.writeText "server"`
			`(builtins.toJSON {"m.server" = "matrix.gaze.systems:443";});`
			`wellKnownFiles = pkgs.runCommand "well-known" {} ''`
			`mkdir -p $out`
			`cp ${_wellKnownFileServer} $out/server`
			`cp ${_wellKnownFileClient} $out/client`
			`'';`
			`in {`
stuff 2022-09-02 17:19:59 +03:00			`services.matrix-conduit = {`
			`enable = true;`
stagf 2023-03-16 17:59:13 +03:00			`package = inputs.conduit.packages.${pkgs.system}.default;`
stuff 2022-09-02 17:19:59 +03:00			`settings.global = {`
			`server_name = "gaze.systems";`
			`max_request_size = 1000 * 1000 * 20;`
matrix 2022-09-02 18:02:46 +03:00			`allow_registration = false;`
stuff 2022-09-02 17:19:59 +03:00			`allow_federation = true;`
			`trusted_servers = ["matrix.org" "nixos.dev" "conduit.rs"];`
			`address = "::1";`
			`port = 6167;`
aaa 2023-07-14 14:29:09 +03:00			`database_backend = "rocksdb";`
stuff 2022-09-02 17:19:59 +03:00			`};`
			`};`

			`services.nginx.virtualHosts."matrix.gaze.systems" = {`
fix add stuff 2023-05-08 23:09:44 +03:00			`useACMEHost = "gaze.systems";`
stuff 2022-09-02 17:19:59 +03:00			`forceSSL = true;`
matrix 2022-09-02 18:02:46 +03:00			`locations."/".proxyPass = "http://localhost:${toString config.services.matrix-conduit.settings.global.port}";`
stuff 2022-09-02 17:19:59 +03:00			`};`
			`services.nginx.virtualHosts."gaze.systems" = {`
matrix 2022-09-02 18:02:46 +03:00			`locations."/.well-known/matrix/".extraConfig = ''`
			`add_header content-type application/json;`
fix cors 2022-09-02 18:57:30 +03:00			`add_header access-control-allow-origin *;`
matrix 2022-09-02 18:02:46 +03:00			`alias ${wellKnownFiles}/;`
stuff 2022-09-02 17:19:59 +03:00			`'';`
			`};`
			`}`