diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-25 13:42:02 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-02-25 13:42:02 +0100 |
commit | b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e (patch) | |
tree | 8c98ec1c5671defc7c283c65ce97ce1f46ec7595 | |
parent | 2f3dea9b282a991808243c1775851231776ac89b (diff) | |
download | nixos-b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e.tar nixos-b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e.tar.gz nixos-b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e.tar.bz2 nixos-b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e.tar.xz nixos-b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e.zip |
surtr: matrix: ma1sd
-rw-r--r-- | hosts/surtr/dns/zones/li.synapse.soa | 13 | ||||
-rw-r--r-- | hosts/surtr/matrix/default.nix | 34 | ||||
-rw-r--r-- | hosts/surtr/postgresql.nix | 5 |
3 files changed, 48 insertions, 4 deletions
diff --git a/hosts/surtr/dns/zones/li.synapse.soa b/hosts/surtr/dns/zones/li.synapse.soa index 2f4e8160..50c341a7 100644 --- a/hosts/surtr/dns/zones/li.synapse.soa +++ b/hosts/surtr/dns/zones/li.synapse.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN synapse.li. | 1 | $ORIGIN synapse.li. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( | 3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( |
4 | 2022022500 ; serial | 4 | 2022022502 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -21,10 +21,21 @@ $TTL 3600 | |||
21 | @ IN MX 0 ymir.yggdrasil.li | 21 | @ IN MX 0 ymir.yggdrasil.li |
22 | @ IN TXT "v=spf1 redirect=yggdrasil.li" | 22 | @ IN TXT "v=spf1 redirect=yggdrasil.li" |
23 | 23 | ||
24 | _matrix._tcp IN SRV 5 0 443 synapse.li. | ||
25 | _matrix-identity._tcp IN SRV 5 0 443 synapse.li. | ||
26 | |||
24 | element IN CNAME synapse.li. | 27 | element IN CNAME synapse.li. |
25 | _acme-challenge.element IN NS ns.yggdrasil.li. | 28 | _acme-challenge.element IN NS ns.yggdrasil.li. |
26 | 29 | ||
27 | turn IN CNAME synapse.li. | 30 | turn IN CNAME synapse.li. |
28 | _acme-challenge.turn IN NS ns.yggdrasil.li. | 31 | _acme-challenge.turn IN NS ns.yggdrasil.li. |
29 | 32 | ||
33 | _stun._udp IN SRV 5 0 3478 turn.synapse.li. | ||
34 | _stun._tcp IN SRV 5 0 3478 turn.synapse.li. | ||
35 | _stuns._tcp IN SRV 5 0 5349 turn.synapse.li. | ||
36 | |||
37 | _turn._udp IN SRV 5 0 3478 turn.synapse.li. | ||
38 | _turn._tcp IN SRV 5 0 3478 turn.synapse.li. | ||
39 | _turns._tcp IN SRV 5 0 5349 turn.synapse.li. | ||
40 | |||
30 | _acme-challenge IN NS ns.yggdrasil.li. | 41 | _acme-challenge IN NS ns.yggdrasil.li. |
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix index c35153e5..f55872c0 100644 --- a/hosts/surtr/matrix/default.nix +++ b/hosts/surtr/matrix/default.nix | |||
@@ -62,9 +62,16 @@ | |||
62 | services.nginx = { | 62 | services.nginx = { |
63 | recommendedProxySettings = true; | 63 | recommendedProxySettings = true; |
64 | 64 | ||
65 | upstreams."matrix-synapse" = { | 65 | upstreams = { |
66 | servers = { | 66 | "matrix-synapse" = { |
67 | "127.0.0.1:8008" = {}; | 67 | servers = { |
68 | "127.0.0.1:8008" = {}; | ||
69 | }; | ||
70 | }; | ||
71 | "mxisd" = { | ||
72 | servers = { | ||
73 | "127.0.0.1:8090" = {}; | ||
74 | }; | ||
68 | }; | 75 | }; |
69 | }; | 76 | }; |
70 | 77 | ||
@@ -91,6 +98,7 @@ | |||
91 | ''; | 98 | ''; |
92 | in { | 99 | in { |
93 | "/_matrix".proxyPass = "http://matrix-synapse"; | 100 | "/_matrix".proxyPass = "http://matrix-synapse"; |
101 | "/_matrix/identity".proxyPass = "http://mxisd"; | ||
94 | "/_synapse/client".proxyPass = "http://matrix-synapse"; | 102 | "/_synapse/client".proxyPass = "http://matrix-synapse"; |
95 | "= /.well-known/matrix/server" = { | 103 | "= /.well-known/matrix/server" = { |
96 | extraConfig = '' | 104 | extraConfig = '' |
@@ -232,5 +240,25 @@ | |||
232 | owner = "turnserver"; | 240 | owner = "turnserver"; |
233 | group = "turnserver"; | 241 | group = "turnserver"; |
234 | }; | 242 | }; |
243 | |||
244 | services.mxisd = { | ||
245 | enable = true; | ||
246 | matrix.domain = "synapse.li"; | ||
247 | server = { | ||
248 | name = "localhost"; | ||
249 | port = 8090; | ||
250 | }; | ||
251 | extraConfig = { | ||
252 | server.publicUrl = "https://synapse.li"; | ||
253 | storage = { | ||
254 | backend = "postgresql"; | ||
255 | provider.postgresql = { | ||
256 | database = "//localhost:5432/ma1sd"; | ||
257 | username = "ma1sd"; | ||
258 | }; | ||
259 | }; | ||
260 | forward.servers = ["matrix.org"]; | ||
261 | }; | ||
262 | }; | ||
235 | }; | 263 | }; |
236 | } | 264 | } |
diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix index a34bc675..88430823 100644 --- a/hosts/surtr/postgresql.nix +++ b/hosts/surtr/postgresql.nix | |||
@@ -9,6 +9,11 @@ | |||
9 | CREATE USER "matrix-synapse"; | 9 | CREATE USER "matrix-synapse"; |
10 | GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; | 10 | GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; |
11 | GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; | 11 | GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; |
12 | |||
13 | CREATE DATABASE "ma1sd" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; | ||
14 | CREATE USER "ma1sd"; | ||
15 | GRANT ALL PRIVILEGES ON DATABASE "ma1sd" TO "ma1sd"; | ||
16 | GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "ma1sd"; | ||
12 | ''; | 17 | ''; |
13 | }; | 18 | }; |
14 | }; | 19 | }; |