summaryrefslogtreecommitdiff
path: root/hosts/surtr/matrix/default.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2023-01-30 16:09:43 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2023-01-30 16:19:44 +0100
commit68645f75136d6e82bfb7e27b50c531d1b416c4d5 (patch)
tree12f4804798ad4c78507b05f5e3573a11c7ab8b0c /hosts/surtr/matrix/default.nix
parent5915a25064e01c38c49787322ca1309d0da0386a (diff)
downloadnixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar
nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.gz
nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.bz2
nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.tar.xz
nixos-68645f75136d6e82bfb7e27b50c531d1b416c4d5.zip
...
Diffstat (limited to 'hosts/surtr/matrix/default.nix')
-rw-r--r--hosts/surtr/matrix/default.nix4
1 files changed, 4 insertions, 0 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index 5b89e321..96cceb89 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -151,6 +151,8 @@ with lib;
151 sslCertificate = "/run/credentials/nginx.service/synapse.li.pem"; 151 sslCertificate = "/run/credentials/nginx.service/synapse.li.pem";
152 sslCertificateKey = "/run/credentials/nginx.service/synapse.li.key.pem"; 152 sslCertificateKey = "/run/credentials/nginx.service/synapse.li.key.pem";
153 sslTrustedCertificate = "/run/credentials/nginx.service/synapse.li.chain.pem"; 153 sslTrustedCertificate = "/run/credentials/nginx.service/synapse.li.chain.pem";
154 kTLS = true;
155 http3 = true;
154 listen = [ 156 listen = [
155 { addr = "0.0.0.0"; port = 443; ssl = true; } 157 { addr = "0.0.0.0"; port = 443; ssl = true; }
156 { addr = "[::0]"; port = 443; ssl = true; } 158 { addr = "[::0]"; port = 443; ssl = true; }
@@ -199,6 +201,8 @@ with lib;
199 201
200 virtualHosts."element.synapse.li" = { 202 virtualHosts."element.synapse.li" = {
201 forceSSL = true; 203 forceSSL = true;
204 kTLS = true;
205 http3 = true;
202 sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem"; 206 sslCertificate = "/run/credentials/nginx.service/element.synapse.li.pem";
203 sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem"; 207 sslCertificateKey = "/run/credentials/nginx.service/element.synapse.li.key.pem";
204 sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem"; 208 sslTrustedCertificate = "/run/credentials/nginx.service/element.synapse.li.chain.pem";