diff options
| author | Mel <mel@rnrd.eu> | 2025-08-18 15:50:56 +0200 |
|---|---|---|
| committer | Mel <mel@rnrd.eu> | 2025-08-18 15:51:06 +0200 |
| commit | a76a5e9fad265f281c55b5e4a80ae97d9f234cc7 (patch) | |
| tree | f3c3c77c0fbec7e6d6da2546b27780cfd0b3c94f /services/matrix.nix | |
| parent | dcc5f8e5624919c887969343fc9b743b88c60ce7 (diff) | |
| download | network-a76a5e9fad265f281c55b5e4a80ae97d9f234cc7.tar.zst network-a76a5e9fad265f281c55b5e4a80ae97d9f234cc7.zip | |
Migrate Matrix from conduwuit to continuwuity, now on renard
Signed-off-by: Mel <mel@rnrd.eu>
Diffstat (limited to 'services/matrix.nix')
| -rw-r--r-- | services/matrix.nix | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/services/matrix.nix b/services/matrix.nix new file mode 100644 index 0000000..3586cc8 --- /dev/null +++ b/services/matrix.nix @@ -0,0 +1,87 @@ +{ + config, + pkgs, + unstablePkgs, + auxiliaryPkgs, + ... +}: + +let + inherit (pkgs) dockerTools; + inherit (unstablePkgs) matrix-continuwuity; + inherit (auxiliaryPkgs) common; + + continuwuityLocalPort = 2123; + continuwuityDir = "/srv/matrix"; + + continuwuityImage = dockerTools.streamLayeredImage { + name = "continuwuity"; + tag = matrix-continuwuity.version; + fromImage = common.alpine.base; + + contents = [ matrix-continuwuity ]; + }; + +in +{ + age.secrets.continuwuity-registration-token = { + file = ../secrets/continuwuity-registration-token.age; + }; + + foundation.service.continuwuity = { + continuwuity = { + image = continuwuityImage; + ports = [ continuwuityLocalPort ]; + + volumes = [ + [ + "${continuwuityDir}/db" + "/var/lib/continuwuity" + ] + [ + "${continuwuityDir}/continuwuity.toml" + "/etc/continuwuity/continuwuity.toml" + ] + [ + "${config.age.secrets.continuwuity-registration-token.path}" + "/etc/continuwuity/registration-token" + ] + ]; + + environment = { + CONDUWUIT_CONFIG = "/etc/continuwuity/continuwuity.toml"; + }; + + entrypoint = "${matrix-continuwuity}/bin/conduwuit"; + }; + }; + + services.nginx.virtualHosts = { + "matrix.rnrd.eu" = + let + proxySettings = { + proxyPass = "http://127.0.0.1:${toString continuwuityLocalPort}"; + }; + in + { + useACMEHost = "rnrd.eu"; + forceSSL = true; + + locations."/" = proxySettings; + locations."/_matrix" = proxySettings; + locations."/_conduwuit" = proxySettings; + locations."/_continuwuity" = proxySettings; + + extraConfig = '' + client_max_body_size 20M; + + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; + + access_log /var/log/nginx/matrix.access.log json_combined; + ''; + }; + }; +} |
