summaryrefslogtreecommitdiff
path: root/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'hosts')
-rw-r--r--hosts/surtr/matrix/default.nix40
1 files changed, 20 insertions, 20 deletions
diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix
index 777f9f84..936a0528 100644
--- a/hosts/surtr/matrix/default.nix
+++ b/hosts/surtr/matrix/default.nix
@@ -37,28 +37,28 @@ with lib;
37 extraConfigFiles = [ 37 extraConfigFiles = [
38 "/run/credentials/matrix-synapse.service/registration.yaml" 38 "/run/credentials/matrix-synapse.service/registration.yaml"
39 "/run/credentials/matrix-synapse.service/turn-secret.yaml" 39 "/run/credentials/matrix-synapse.service/turn-secret.yaml"
40 ]; 40 (pkgs.writeText "homeserver.yaml" (generators.toYAML {} {
41 extraConfig = generators.toYAML {} { 41 "refreshable_access_token_lifetime" = "5m";
42 "refreshable_access_token_lifetime" = "5m"; 42 # "nonrefreshable_access_token_lifetime" = "1w"; # TODO: uncomment once all (relevant) clients have support for refreshable tokens
43 # "nonrefreshable_access_token_lifetime" = "1w"; # TODO: uncomment once all (relevant) clients have support for refreshable tokens 43 "refresh_token_lifetime" = "1w";
44 "refresh_token_lifetime" = "1w"; 44 "registration_requires_token" = true;
45 "registration_requires_token" = true;
46 45
47 "admin_contact" = "mailto:matrix-admin@yggdrasil.li"; 46 "admin_contact" = "mailto:matrix-admin@yggdrasil.li";
48 47
49 "url_preview_enabled" = true; 48 "url_preview_enabled" = true;
50 "url_preview_ip_range_blacklist" = [ 49 "url_preview_ip_range_blacklist" = [
51 "127.0.0.0/8" "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16" 50 "127.0.0.0/8" "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
52 "100.64.0.0/10" "192.0.0.0/24" "169.254.0.0/16" 51 "100.64.0.0/10" "192.0.0.0/24" "169.254.0.0/16"
53 "192.88.99.0/24" "198.18.0.0/15" "192.0.2.0/24" 52 "192.88.99.0/24" "198.18.0.0/15" "192.0.2.0/24"
54 "198.51.100.0/24" "203.0.113.0/24" "224.0.0.0/4" "::1/128" 53 "198.51.100.0/24" "203.0.113.0/24" "224.0.0.0/4" "::1/128"
55 "fe80::/10" "fc00::/7" "2001:db8::/32" "ff00::/8" 54 "fe80::/10" "fc00::/7" "2001:db8::/32" "ff00::/8"
56 "fec0::/10" "2a03:4000:52:ada::/64" 55 "fec0::/10" "2a03:4000:52:ada::/64"
57 ]; 56 ];
58 "url_preview_ip_range_whitelist" = [ 57 "url_preview_ip_range_whitelist" = [
59 "2a03:4000:52:ada::/128" 58 "2a03:4000:52:ada::/128"
60 ]; 59 ];
61 }; 60 }))
61 ];
62 }; 62 };
63 sops.secrets."matrix-synapse-registration.yaml" = { 63 sops.secrets."matrix-synapse-registration.yaml" = {
64 format = "binary"; 64 format = "binary";