uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
flake/systems/etna/dendrite.nix
uku b8d7062228
feat: add utility functions
2024-07-29 10:58:43 +02:00

91 lines
2.2 KiB
Nix
Raw Blame History

{
config,
_utils,
...
}: let
secretKey = _utils.setupSingleSecret config "dendriteKey" {};
in {
imports = [secretKey.generate];
cfTunnels."m.uku.moe" = "http://localhost:80";
systemd.services.dendrite = {
after = ["postgresql.service"];
serviceConfig.RestartSec = 10;
};
services = {
dendrite = let
database = {
connection_string = "postgres:///dendrite?host=/run/postgresql";
max_open_conns = 50;
max_idle_conns = 5;
conn_max_lifetime = -1;
};
in {
enable = true;
httpPort = 8008;
loadCredential = ["private_key:${secretKey.path}"];
settings = {
global = {
server_name = "m.uku.moe";
private_key = "$CREDENTIALS_DIRECTORY/private_key";
inherit database;
};
client_api = {
registration_disabled = true;
};
app_service_api = {inherit database;};
federation_api = {inherit database;};
key_server = {inherit database;};
media_api = {inherit database;};
mscs = {inherit database;};
relay_api = {inherit database;};
room_server = {inherit database;};
sync_api = {inherit database;};
user_api = {
account_database = database;
device_database = database;
};
};
};
postgresql = {
enable = true;
ensureDatabases = ["dendrite"];
ensureUsers = [
{
name = "dendrite";
ensureDBOwnership = true;
}
];
};
nginx.virtualHosts."m.uku.moe".locations = let
server = {"m.server" = "m.uku.moe:443";};
client = {"m.homeserver"."base_url" = "https://m.uku.moe";};
in {
"=/.well-known/matrix/server" = {
return = "200 '${builtins.toJSON server}'";
};
"=/.well-known/matrix/client" = {
return = "200 '${builtins.toJSON client}'";
};
"/" = {
proxyPass = "http://localhost:8008";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600;
client_max_body_size 100M;
'';
};
};
};
}
Reference in a new issue View git blame Copy permalink