nixos-config/services/matrix/conduit.nix

{ config, pkgs, ... }:

let
  server_name = "felschr.com";
  domain = "matrix.${server_name}";
in
{
  services.matrix-conduit = {
    enable = true;
    package = pkgs.unstable.matrix-conduit;
    settings.global = {
      inherit server_name;
      database_backend = "rocksdb";
      trusted_servers = [
        "matrix.org"
        "libera.chat"
        "nixos.org"
      ];
    };
  };

  services.nginx.virtualHosts.${domain} = {
    enableACME = true;
    forceSSL = true;
    locations."/_matrix/" = {
      proxyPass = "http://[::1]:${toString config.services.matrix-conduit.settings.global.port}";
      proxyWebsockets = true;
      extraConfig = ''
        proxy_buffering off;
      '';
    };
  };

  services.nginx.virtualHosts.${server_name} = {
    enableACME = true;
    forceSSL = true;
    locations =
      let
        server = {
          "m.server" = "${domain}:443";
        };
        client = {
          "m.homeserver"."base_url" = "https://${domain}";
          "org.matrix.msc3575.proxy"."url" = "https://${domain}";
          "m.identity_server"."base_url" = "https://vector.im";
        };
      in
      {
        "= /.well-known/matrix/server".extraConfig = ''
          add_header Content-Type application/json;
          return 200 '${builtins.toJSON server}';
        '';
        "= /.well-known/matrix/client".extraConfig = ''
          add_header Content-Type application/json;
          add_header Access-Control-Allow-Origin *;
          return 200 '${builtins.toJSON client}';
        '';
      };
  };
}
feat(matrix): switch to matrix-conduit from nixos-unstable 2023-09-13 14:04:04 +02:00			`{ config, pkgs, ... }:`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00
			`let`
			`server_name = "felschr.com";`
			`domain = "matrix.${server_name}";`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`in`
			`{`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`services.matrix-conduit = {`
			`enable = true;`
feat(matrix): switch to matrix-conduit from nixos-unstable 2023-09-13 14:04:04 +02:00			`package = pkgs.unstable.matrix-conduit;`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`settings.global = {`
			`inherit server_name;`
			`database_backend = "rocksdb";`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`trusted_servers = [`
			`"matrix.org"`
			`"libera.chat"`
			`"nixos.org"`
			`];`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`};`
			`};`

			`services.nginx.virtualHosts.${domain} = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/_matrix/" = {`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`proxyPass = "http://[::1]:${toString config.services.matrix-conduit.settings.global.port}";`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`proxyWebsockets = true;`
			`extraConfig = ''`
			`proxy_buffering off;`
			`'';`
			`};`
			`};`

			`services.nginx.virtualHosts.${server_name} = {`
			`enableACME = true;`
			`forceSSL = true;`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`locations =`
			`let`
			`server = {`
			`"m.server" = "${domain}:443";`
			`};`
			`client = {`
			`"m.homeserver"."base_url" = "https://${domain}";`
			`"org.matrix.msc3575.proxy"."url" = "https://${domain}";`
			`"m.identity_server"."base_url" = "https://vector.im";`
			`};`
			`in`
			`{`
			`"= /.well-known/matrix/server".extraConfig = ''`
			`add_header Content-Type application/json;`
			`return 200 '${builtins.toJSON server}';`
			`'';`
			`"= /.well-known/matrix/client".extraConfig = ''`
			`add_header Content-Type application/json;`
			`add_header Access-Control-Allow-Origin *;`
			`return 200 '${builtins.toJSON client}';`
			`'';`
feat(matrix): add conduit as default matrix server 2023-07-29 18:00:49 +02:00			`};`
			`};`
			`}`