summaryrefslogtreecommitdiff
path: root/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'hosts')
-rw-r--r--hosts/surtr/dns/zones/li.synapse.soa13
-rw-r--r--hosts/surtr/matrix/default.nix34
-rw-r--r--hosts/surtr/postgresql.nix5
3 files changed, 48 insertions, 4 deletions
diff --git a/hosts/surtr/dns/zones/li.synapse.soa b/hosts/surtr/dns/zones/li.synapse.soa
index 2f4e8160..50c341a7 100644
--- a/hosts/surtr/dns/zones/li.synapse.soa
+++ b/hosts/surtr/dns/zones/li.synapse.soa
@@ -1,7 +1,7 @@
1$ORIGIN synapse.li. 1$ORIGIN synapse.li.
2$TTL 3600 2$TTL 3600
3@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( 3@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
4 2022022500 ; serial 4 2022022502 ; serial
5 10800 ; refresh 5 10800 ; refresh
6 3600 ; retry 6 3600 ; retry
7 604800 ; expire 7 604800 ; expire
@@ -21,10 +21,21 @@ $TTL 3600
21@ IN MX 0 ymir.yggdrasil.li 21@ IN MX 0 ymir.yggdrasil.li
22@ IN TXT "v=spf1 redirect=yggdrasil.li" 22@ IN TXT "v=spf1 redirect=yggdrasil.li"
23 23
24_matrix._tcp IN SRV 5 0 443 synapse.li.
25_matrix-identity._tcp IN SRV 5 0 443 synapse.li.
26
24element IN CNAME synapse.li. 27element IN CNAME synapse.li.
25_acme-challenge.element IN NS ns.yggdrasil.li. 28_acme-challenge.element IN NS ns.yggdrasil.li.
26 29
27turn IN CNAME synapse.li. 30turn IN CNAME synapse.li.
28_acme-challenge.turn IN NS ns.yggdrasil.li. 31_acme-challenge.turn IN NS ns.yggdrasil.li.
29 32
33_stun._udp IN SRV 5 0 3478 turn.synapse.li.
34_stun._tcp IN SRV 5 0 3478 turn.synapse.li.
35_stuns._tcp IN SRV 5 0 5349 turn.synapse.li.
36
37_turn._udp IN SRV 5 0 3478 turn.synapse.li.
38_turn._tcp IN SRV 5 0 3478 turn.synapse.li.
39_turns._tcp IN SRV 5 0 5349 turn.synapse.li.
40
30_acme-challenge IN NS ns.yggdrasil.li. 41_acme-challenge IN NS ns.yggdrasil.li.
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index c35153e5..f55872c0 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -62,9 +62,16 @@
62 services.nginx = { 62 services.nginx = {
63 recommendedProxySettings = true; 63 recommendedProxySettings = true;
64 64
65 upstreams."matrix-synapse" = { 65 upstreams = {
66 servers = { 66 "matrix-synapse" = {
67 "127.0.0.1:8008" = {}; 67 servers = {
68 "127.0.0.1:8008" = {};
69 };
70 };
71 "mxisd" = {
72 servers = {
73 "127.0.0.1:8090" = {};
74 };
68 }; 75 };
69 }; 76 };
70 77
@@ -91,6 +98,7 @@
91 ''; 98 '';
92 in { 99 in {
93 "/_matrix".proxyPass = "http://matrix-synapse"; 100 "/_matrix".proxyPass = "http://matrix-synapse";
101 "/_matrix/identity".proxyPass = "http://mxisd";
94 "/_synapse/client".proxyPass = "http://matrix-synapse"; 102 "/_synapse/client".proxyPass = "http://matrix-synapse";
95 "= /.well-known/matrix/server" = { 103 "= /.well-known/matrix/server" = {
96 extraConfig = '' 104 extraConfig = ''
@@ -232,5 +240,25 @@
232 owner = "turnserver"; 240 owner = "turnserver";
233 group = "turnserver"; 241 group = "turnserver";
234 }; 242 };
243
244 services.mxisd = {
245 enable = true;
246 matrix.domain = "synapse.li";
247 server = {
248 name = "localhost";
249 port = 8090;
250 };
251 extraConfig = {
252 server.publicUrl = "https://synapse.li";
253 storage = {
254 backend = "postgresql";
255 provider.postgresql = {
256 database = "//localhost:5432/ma1sd";
257 username = "ma1sd";
258 };
259 };
260 forward.servers = ["matrix.org"];
261 };
262 };
235 }; 263 };
236} 264}
diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix
index a34bc675..88430823 100644
--- a/hosts/surtr/postgresql.nix
+++ b/hosts/surtr/postgresql.nix
@@ -9,6 +9,11 @@
9 CREATE USER "matrix-synapse"; 9 CREATE USER "matrix-synapse";
10 GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; 10 GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse";
11 GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; 11 GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse";
12
13 CREATE DATABASE "ma1sd" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C";
14 CREATE USER "ma1sd";
15 GRANT ALL PRIVILEGES ON DATABASE "ma1sd" TO "ma1sd";
16 GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "ma1sd";
12 ''; 17 '';
13 }; 18 };
14 }; 19 };