summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-02-25 13:04:25 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-02-25 13:04:25 +0100
commit77c406a0b86c9742479901498e51a48452a0fe49 (patch)
tree06bedfb2dba17da700278f661eded475575db456
parentcede6c96f08088211341e69c4a20d7d130cf6f79 (diff)
downloadnixos-77c406a0b86c9742479901498e51a48452a0fe49.tar
nixos-77c406a0b86c9742479901498e51a48452a0fe49.tar.gz
nixos-77c406a0b86c9742479901498e51a48452a0fe49.tar.bz2
nixos-77c406a0b86c9742479901498e51a48452a0fe49.tar.xz
nixos-77c406a0b86c9742479901498e51a48452a0fe49.zip
surtr: matrix: .well-known
-rw-r--r--hosts/surtr/matrix/default.nix35
1 files changed, 28 insertions, 7 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index 2ef78b3d..6a955b40 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -79,16 +79,34 @@
79 { addr = "0.0.0.0"; port = 8448; ssl = true; } 79 { addr = "0.0.0.0"; port = 8448; ssl = true; }
80 { addr = "[::0]"; port = 8448; ssl = true; } 80 { addr = "[::0]"; port = 8448; ssl = true; }
81 ]; 81 ];
82 locations = let 82 extraConfig = ''
83 synapse = { 83 add_header Strict-Transport-Security "max-age=63072000" always;
84 proxyPass = "http://matrix-synapse"; 84
85 add_header Access-Control-Allow-Origin '*';
86 add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS';
87 add_header Access-Control-Allow-Headers 'X-Requested-With, Content-Type, Authorization';
88 add_header Access-Control-Max-Age 7200;
89 '';
90 locations = {
91 "/_matrix".proxyPass = "http://matrix-synapse";
92 "/_synapse/client".proxyPass = "http://matrix-synapse";
93 "= /.well-known/matrix/server" = {
85 extraConfig = '' 94 extraConfig = ''
86 add_header Strict-Transport-Security "max-age=63072000" always; 95 add_header Content-Type application/json;
87 ''; 96 '';
97 return = "200 '${builtins.toJSON {
98 "m.server" = "synapse.li:443";
99 }}'";
100 };
101 "= /.well-known/matrix/client" = {
102 extraConfig = ''
103 add_header Content-Type application/json;
104 '';
105 return = "200 '${builtins.toJSON {
106 "m.homeserver" = { "base_url" = "https://synapse.li"; };
107 "m.identity_server" = { "base_url" = "https://vector.im"; };
108 }}'";
88 }; 109 };
89 in {
90 "/_matrix" = synapse;
91 "/_synapse/client" = synapse;
92 "/".return = "301 https://element.synapse.li$request_uri"; 110 "/".return = "301 https://element.synapse.li$request_uri";
93 }; 111 };
94 }; 112 };
@@ -98,6 +116,9 @@
98 sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem"; 116 sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem";
99 sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem"; 117 sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem";
100 sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem"; 118 sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem";
119 extraConfig = ''
120 add_header Strict-Transport-Security "max-age=63072000" always;
121 '';
101 122
102 root = pkgs.element-web.override { 123 root = pkgs.element-web.override {
103 conf = { 124 conf = {