From d4eff470499f55c490c7dda2775dda5b53f338ff Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 11 Sep 2025 10:53:17 +0200 Subject: [PATCH] finally have a working matrix set up --- .../communication/conduit/default.nix | 36 +++++++++++++++---- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/modules/nixos/services/communication/conduit/default.nix b/modules/nixos/services/communication/conduit/default.nix index aa4d5c1..13a2cbc 100644 --- a/modules/nixos/services/communication/conduit/default.nix +++ b/modules/nixos/services/communication/conduit/default.nix @@ -16,17 +16,25 @@ in # virtualisation.podman.enable = true; # }; + networking.firewall.allowedTCPPorts = [ 4001 8448 ]; + services = { matrix-conduit = { enable = true; settings.global = { - address = "::1"; + address = "::"; port = 4001; - database_backend = "rocksdb"; + server_name = "matrix.kruining.eu"; - server_name = "chris-matrix"; + database_backend = "rocksdb"; + # database_path = "/var/lib/matrix-conduit/"; + + allow_check_for_updates = false; + allow_registration = false; + + enable_lightning_bolt = false; }; }; @@ -43,11 +51,25 @@ in caddy = { enable = true; - virtualHosts = { - ${domain}.extraConfig = '' - # import auth-z + virtualHosts = let + inherit (builtins) toJSON; - # reverse_proxy http://127.0.0.1:5002 + server = { + "m.server" = "${domain}:443"; + }; + client = { + "m.homeserver".base_url = "https://${domain}"; + "m.identity_server".base_url = "https://auth.amarth.cloud"; + }; + in { + "${domain}".extraConfig = '' + header /.well-known/matrix/* Content-Type application/json + header /.well-known/matrix/* Access-Control-Allow-Origin * + respond /.well-known/matrix/server `${toJSON server}` + respond /.well-known/matrix/client `${toJSON client}` + + reverse_proxy /_matrix/* http://::1:4001 + # reverse_proxy /_synapse/client/* http://::1:4001 ''; }; };