nettika/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix matrix synapse instance on quasar

Browse source
This commit is contained in:
Nettika 2025-10-10 08:58:59 -07:00
parent 735f424315
commit 8e5b7440a1
4 changed files with 24 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

25
hosts/quasar/default.nix
View file

@ -25,7 +25,11 @@
environment.systemPackages = [ pkgs.htop ]; environment.systemPackages = [ pkgs.htop ];
age.secrets = { age.secrets = {
matrix-synapse-secrets.file = ./secrets/matrix-synapse-secrets.age; matrix-synapse-secrets = {
file = ./secrets/matrix-synapse-secrets.yaml;
mode = "400";
owner = "matrix-synapse";
};
}; };
services.postgresql.enable = true; services.postgresql.enable = true;
@ -33,7 +37,23 @@
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"quasar.leaf.ninja".extraConfig = ''
respond "quasar is online"
header Strict-Transport-Security: "max-age=63072000; includeSubDomains"
'';
"consortium.chat".extraConfig = '' "consortium.chat".extraConfig = ''
respond /.well-known/matrix/server <<JSON
{
"m.server": "matrix.consortium.chat:443"
}
JSON 200
respond /.well-known/matrix/client <<JSON
{
"m.homeserver": {
"base_url": "https://matrix.consortium.chat"
}
}
JSON 200
reverse_proxy localhost:8008 reverse_proxy localhost:8008
header Strict-Transport-Security "max-age=63072000; includeSubDomains" header Strict-Transport-Security "max-age=63072000; includeSubDomains"
''; '';
@ -52,7 +72,8 @@
enable = true; enable = true;
settings = { settings = {
server_name = "consortium.chat"; server_name = "consortium.chat";
serve_server_wellknown = true; database_type = "psycopg2";
database_args.database = "matrix-synapse";
}; };
extraConfigFiles = [ config.age.secrets.matrix-synapse-secrets.path ]; extraConfigFiles = [ config.age.secrets.matrix-synapse-secrets.path ];
}; };

BIN
hosts/quasar/secrets/matrix-synapse-secrets.age
View file

Binary file not shown.

BIN
hosts/quasar/secrets/matrix-synapse-secrets.yaml Normal file
View file

Binary file not shown.

2
secrets.nix
View file

@ -8,7 +8,7 @@ let
in { in {
"hosts/marauder/secrets/restic-env.age".publicKeys = [ marauder ]; "hosts/marauder/secrets/restic-env.age".publicKeys = [ marauder ];
"hosts/marauder/secrets/restic-password.age".publicKeys = [ marauder ]; "hosts/marauder/secrets/restic-password.age".publicKeys = [ marauder ];
"hosts/quasar/secrets/matrix-synapse-secrets.age".publicKeys = "hosts/quasar/secrets/matrix-synapse-secrets.yaml".publicKeys =
[ marauder quasar ]; [ marauder quasar ];
"hosts/astral/secrets/vaultwarden-env.age".publicKeys = [ marauder astral ]; "hosts/astral/secrets/vaultwarden-env.age".publicKeys = [ marauder astral ];
"hosts/astral/secrets/forgejo-mailer-password.age".publicKeys = "hosts/astral/secrets/forgejo-mailer-password.age".publicKeys =