From b4293d801ec6d4d3e92f67afb95fc919bdbf9a2e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 25 Feb 2022 13:42:02 +0100 Subject: surtr: matrix: ma1sd --- hosts/surtr/dns/zones/li.synapse.soa | 13 ++++++++++++- hosts/surtr/matrix/default.nix | 34 +++++++++++++++++++++++++++++++--- hosts/surtr/postgresql.nix | 5 +++++ 3 files changed, 48 insertions(+), 4 deletions(-) (limited to 'hosts/surtr') diff --git a/hosts/surtr/dns/zones/li.synapse.soa b/hosts/surtr/dns/zones/li.synapse.soa index 2f4e8160..50c341a7 100644 --- a/hosts/surtr/dns/zones/li.synapse.soa +++ b/hosts/surtr/dns/zones/li.synapse.soa @@ -1,7 +1,7 @@ $ORIGIN synapse.li. $TTL 3600 @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( - 2022022500 ; serial + 2022022502 ; serial 10800 ; refresh 3600 ; retry 604800 ; expire @@ -21,10 +21,21 @@ $TTL 3600 @ IN MX 0 ymir.yggdrasil.li @ IN TXT "v=spf1 redirect=yggdrasil.li" +_matrix._tcp IN SRV 5 0 443 synapse.li. +_matrix-identity._tcp IN SRV 5 0 443 synapse.li. + element IN CNAME synapse.li. _acme-challenge.element IN NS ns.yggdrasil.li. turn IN CNAME synapse.li. _acme-challenge.turn IN NS ns.yggdrasil.li. +_stun._udp IN SRV 5 0 3478 turn.synapse.li. +_stun._tcp IN SRV 5 0 3478 turn.synapse.li. +_stuns._tcp IN SRV 5 0 5349 turn.synapse.li. + +_turn._udp IN SRV 5 0 3478 turn.synapse.li. +_turn._tcp IN SRV 5 0 3478 turn.synapse.li. +_turns._tcp IN SRV 5 0 5349 turn.synapse.li. + _acme-challenge IN NS ns.yggdrasil.li. diff --git a/hosts/surtr/matrix/default.nix b/hosts/surtr/matrix/default.nix index c35153e5..f55872c0 100644 --- a/hosts/surtr/matrix/default.nix +++ b/hosts/surtr/matrix/default.nix @@ -62,9 +62,16 @@ services.nginx = { recommendedProxySettings = true; - upstreams."matrix-synapse" = { - servers = { - "127.0.0.1:8008" = {}; + upstreams = { + "matrix-synapse" = { + servers = { + "127.0.0.1:8008" = {}; + }; + }; + "mxisd" = { + servers = { + "127.0.0.1:8090" = {}; + }; }; }; @@ -91,6 +98,7 @@ ''; in { "/_matrix".proxyPass = "http://matrix-synapse"; + "/_matrix/identity".proxyPass = "http://mxisd"; "/_synapse/client".proxyPass = "http://matrix-synapse"; "= /.well-known/matrix/server" = { extraConfig = '' @@ -232,5 +240,25 @@ owner = "turnserver"; group = "turnserver"; }; + + services.mxisd = { + enable = true; + matrix.domain = "synapse.li"; + server = { + name = "localhost"; + port = 8090; + }; + extraConfig = { + server.publicUrl = "https://synapse.li"; + storage = { + backend = "postgresql"; + provider.postgresql = { + database = "//localhost:5432/ma1sd"; + username = "ma1sd"; + }; + }; + forward.servers = ["matrix.org"]; + }; + }; }; } diff --git a/hosts/surtr/postgresql.nix b/hosts/surtr/postgresql.nix index a34bc675..88430823 100644 --- a/hosts/surtr/postgresql.nix +++ b/hosts/surtr/postgresql.nix @@ -9,6 +9,11 @@ CREATE USER "matrix-synapse"; GRANT ALL PRIVILEGES ON DATABASE "matrix-synapse" TO "matrix-synapse"; GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "matrix-synapse"; + + CREATE DATABASE "ma1sd" WITH TEMPLATE "template0" ENCODING "UTF8" LOCALE "C"; + CREATE USER "ma1sd"; + GRANT ALL PRIVILEGES ON DATABASE "ma1sd" TO "ma1sd"; + GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "ma1sd"; ''; }; }; -- cgit v1.2.3