59 lines
1.2 KiB
Nix
59 lines
1.2 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
let
|
|
fqdn = "matrix.bib3.de";
|
|
in {
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
initialScript = pkgs.writeText "synapse-init.sql" ''
|
|
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
|
|
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
|
|
TEMPLATE template0
|
|
LC_COLLATE = "C"
|
|
LC_CTYPE = "C";
|
|
'';
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedTlsSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedProxySettings = true;
|
|
|
|
virtualHosts.${fqdn} = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/".extraConfig = ''
|
|
return 404;
|
|
'';
|
|
|
|
locations."/_matrix" = {
|
|
proxyPass = "http://[::1]:8008";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.matrix-synapse = {
|
|
enable = true;
|
|
server_name = fqdn;
|
|
listeners = [
|
|
{
|
|
port = 8008;
|
|
bind_address = "::1";
|
|
type = "http";
|
|
tls = false;
|
|
x_forwarded = true;
|
|
resources = [
|
|
{
|
|
names = [ "client" "federation" ];
|
|
compress = false;
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
}
|