nixos-config/configurations/camelot/matrix.nix
2024-07-26 21:56:11 +02:00

97 lines
2 KiB
Nix

{ config, ... }:
let
conduitConfig = config.services.matrix-conduit.settings;
in
{
services.matrix-conduit = {
enable = true;
settings = {
global = {
server_name = "dalaran.fr";
address = "127.0.0.1";
database_backend = "rocksdb";
enable_lightning_bolt = false;
allow_registration = false;
well_known = {
client = "https://matrix.dalaran.fr";
server = "matrix.dalaran.fr:443";
};
};
};
};
services.nginx.virtualHosts = {
"dalaran.fr".locations."/.well-known/matrix/" = {
return = "301 https://matrix.dalaran.fr$request_uri";
};
"matrix.dalaran.fr" = {
enableACME = true;
addSSL = true;
listen = [
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
{
addr = "[::]";
port = 8448;
ssl = true;
}
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "[::]";
port = 443;
ssl = true;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://${conduitConfig.global.address}:${builtins.toString conduitConfig.global.port}";
};
extraConfig = "client_max_body_size 20M;";
};
};
networking.firewall.allowedTCPPorts = [
443
8448
];
services.matrix-appservice-discord = {
enable = true;
settings = {
bridge = {
domain = "dalaran.fr";
homeserverUrl = "https://matrix.dalaran.fr";
disableTypingNotifications = true;
disableJoinLeaveNotifications = true;
adminMxid = "dala@dalaran.fr";
};
ghosts = {
usernamePattern = ":username";
};
auth = {
usePrivilegedIntents = true;
};
room = {
defaultVisibility = "private";
};
};
environmentFile = config.sops.secrets.discord_bridge_token.path;
serviceDependencies = [ "conduit.service" ];
};
}