diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 16:09:43 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 16:19:44 +0100 |
commit | 68645f75136d6e82bfb7e27b50c531d1b416c4d5 (patch) | |
tree | 12f4804798ad4c78507b05f5e3573a11c7ab8b0c /hosts/surtr/matrix/default.nix | |
parent | 5915a25064e01c38c49787322ca1309d0da0386a (diff) | |
download | nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.gz nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.bz2 nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.xz nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.zip |
...
Diffstat (limited to 'hosts/surtr/matrix/default.nix')
-rw-r--r-- | hosts/surtr/matrix/default.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix index 5b89e321..96cceb89 100644 --- a/hosts/surtr/matrix/default.nix +++ b/hosts/surtr/matrix/default.nix | |||
@@ -151,6 +151,8 @@ with lib; | |||
151 | sslCertificate = "/run/credentials/nginx.service/synapse.li.pem"; | 151 | sslCertificate = "/run/credentials/nginx.service/synapse.li.pem"; |
152 | sslCertificateKey = "/run/credentials/nginx.service/synapse.li.key.pem"; | 152 | sslCertificateKey = "/run/credentials/nginx.service/synapse.li.key.pem"; |
153 | sslTrustedCertificate = "/run/credentials/nginx.service/synapse.li.chain.pem"; | 153 | sslTrustedCertificate = "/run/credentials/nginx.service/synapse.li.chain.pem"; |
154 | kTLS = true; | ||
155 | http3 = true; | ||
154 | listen = [ | 156 | listen = [ |
155 | { addr = "0.0.0.0"; port = 443; ssl = true; } | 157 | { addr = "0.0.0.0"; port = 443; ssl = true; } |
156 | { addr = "[::0]"; port = 443; ssl = true; } | 158 | { addr = "[::0]"; port = 443; ssl = true; } |
@@ -199,6 +201,8 @@ with lib; | |||
199 | 201 | ||
200 | virtualHosts."element.synapse.li" = { | 202 | virtualHosts."element.synapse.li" = { |
201 | forceSSL = true; | 203 | forceSSL = true; |
204 | kTLS = true; | ||
205 | http3 = true; | ||
202 | sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem"; | 206 | sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem"; |
203 | sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem"; | 207 | sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem"; |
204 | sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem"; | 208 | sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem"; |