nixos-config/services/matrix/conduit.nix

{ inputs, config, pkgs, ... }:

let
  server_name = "felschr.com";
  domain = "matrix.${server_name}";
in {
  services.matrix-conduit = {
    enable = true;
    package = inputs.conduit.packages.${pkgs.system}.default;
    settings.global = {
      inherit server_name;
      database_backend = "rocksdb";
      trusted_servers = [ "matrix.org" "libera.chat" "nixos.org" ];
    };
  };

  services.nginx.virtualHosts.${domain} = {
    enableACME = true;
    forceSSL = true;
    locations."/_matrix/" = {
      proxyPass = "http://[::1]:${
          toString config.services.matrix-conduit.settings.global.port
        }";
      proxyWebsockets = true;
      extraConfig = ''
        proxy_buffering off;
      '';
    };
  };

  services.nginx.virtualHosts.${server_name} = {
    enableACME = true;
    forceSSL = true;
    locations = let
      server = { "m.server" = "${domain}:443"; };
      client = {
        "m.homeserver"."base_url" = "https://${domain}";
        "m.identity_server"."base_url" = "https://vector.im";
      };
    in {
      "= /.well-known/matrix/server".extraConfig = ''
        add_header Content-Type application/json;
        return 200 '${builtins.toJSON server}';
      '';
      "= /.well-known/matrix/client".extraConfig = ''
        add_header Content-Type application/json;
        add_header Access-Control-Allow-Origin *;
        return 200 '${builtins.toJSON client}';
      '';
    };
  };
}
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`{ inputs, config, pkgs, ... }:`

			`let`
			`server_name = "felschr.com";`
			`domain = "matrix.${server_name}";`
			`in {`
			`services.matrix-conduit = {`
			`enable = true;`
			`package = inputs.conduit.packages.${pkgs.system}.default;`
			`settings.global = {`
			`inherit server_name;`
			`database_backend = "rocksdb";`
			`trusted_servers = [ "matrix.org" "libera.chat" "nixos.org" ];`
			`};`
			`};`

			`services.nginx.virtualHosts.${domain} = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/_matrix/" = {`
			`proxyPass = "http://[::1]:${`
			`toString config.services.matrix-conduit.settings.global.port`
			`}";`
			`proxyWebsockets = true;`
			`extraConfig = ''`
			`proxy_buffering off;`
			`'';`
			`};`
			`};`

			`services.nginx.virtualHosts.${server_name} = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations = let`
			`server = { "m.server" = "${domain}:443"; };`
			`client = {`
			`"m.homeserver"."base_url" = "https://${domain}";`
			`"m.identity_server"."base_url" = "https://vector.im";`
			`};`
			`in {`
			`"= /.well-known/matrix/server".extraConfig = ''`
			`add_header Content-Type application/json;`
			`return 200 '${builtins.toJSON server}';`
			`'';`
			`"= /.well-known/matrix/client".extraConfig = ''`
			`add_header Content-Type application/json;`
			`add_header Access-Control-Allow-Origin *;`
			`return 200 '${builtins.toJSON client}';`
			`'';`
			`};`
			`};`
			`}`