diff options
Diffstat (limited to 'modules/nixos')
| -rw-r--r-- | modules/nixos/services/matrix/default.nix | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix new file mode 100644 index 0000000..9f0ade2 --- /dev/null +++ b/modules/nixos/services/matrix/default.nix @@ -0,0 +1,73 @@ +{ options, config, lib, namespace, pkgs, ... }: + +with lib; with lib.${namespace}; let + cfg = config.${namespace}.services.matrix; + impermanence = config.${namespace}.system.impermanence; +in { + options.${namespace}.services.matrix = with types; { + enable = mkEnableOption "matrix server (continuwuity)"; + + host = mkOption { + type = str; + }; + }; + + config = mkIf cfg.enable { + cxl.services.web.enable = true; + + environment.persistence.${impermanence.location} = { + directories = [ + "/var/lib/private/continuwuity" + ]; + }; + + services.matrix-continuwuity = { + enable = true; + settings = { + global = { + server_name = cfg.host; + }; + }; + }; + + networking = { + firewall = { + allowedTCPPorts = [ 8448 ]; + }; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "${cfg.host}" = { + addSSL = true; + + extraConfig = '' + listen 8448 ssl; + listen [::]:8448 ssl; + ''; + + locations = { + "/_matrix/" = { + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:6167"; + }; + "/.well-known/matrix/client" = { + extraConfig = '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '{"m.homeserver": {"base_url": "https://${cfg.host}:8448"}}'; + ''; + }; + "/.well-known/matrix/server" = { + extraConfig = '' + default_type application/json; + return 200 '{"m.server": "${cfg.host}:8448"}'; + ''; + }; + }; + }; + }; + }; + }; +} |