{ nglib, nixpkgs }: nglib.makeSystem { system = "x86_64-linux"; name = "nixng-gitea"; inherit nixpkgs; config = ({ pkgs, ... }: { dumb-init = { enable = true; type.services = { }; }; init.services.synapse = { enabled = true; shutdownOnExit = true; script = let logConfig = (pkgs.formats.yaml {}).generate "log.yaml" { # Log configuration for Synapse. # # This is a YAML file containing a standard Python logging configuration # dictionary. See [1] for details on the valid settings. # # Synapse also supports structured logging for machine readable logs which can # be ingested by ELK stacks. See [2] for details. # # [1]: https://docs.python.org/3.7/library/logging.config.html#configuration-dictionary-schema # [2]: https://matrix-org.github.io/synapse/latest/structured_logging.html version = 1; formatters.precise.format = "%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s"; handlers.console = { class = "logging.StreamHandler"; formatter = "precise"; }; loggers."synapse.storage.SQL" = { level = "INFO"; }; root = { level = "INFO"; handlers = [ "console" ]; }; disable_existing_loggers = false; }; synapseConfig = (pkgs.formats.yaml {}).generate "conduit.yaml" { server_name = "matrix.redalder.org"; pid_file = "/homeserver.pid"; listeners = [ { port = 6167; tls = false; type = "http"; x_forwarded = true; bind_adrresses = [ "127.0.0.1" ]; resources = { names = [ "client" "federation" ]; compress = false; }; } ]; database = { name = "sqlite3"; compress = false; args.database = "/var/lib/matrix-conduit/synapse/sqlite.db"; }; log_config = logConfig; trusted_key_servers = [ { server_name = "matrix.org"; } ]; media_store_path = "/var/lib/matrix-conduit/synapse/media_store"; signing_key_path = "/var/lib/matrix-conduit/synapse/singing.key"; }; in pkgs.writeShellScript "conduit" '' ${pkgs.matrix-synapse}/bin/synapse_homeserver \ --config-path ${synapseConfig} \ --config-path /secrets/extra.yaml \ --keys-directory /var/lib/matrix-conduit/synapse/keys \ --generate-keys ''; }; # init.services.conduit = { # enabled = true; # shutdownOnExit = true; # script = # let # conduitConfig = (pkgs.formats.toml {}).generate "conduit.toml" # { # global = # { # # The server_name is the pretty name of this server. It is used as a suffix for user # # and room ids. Examples: matrix.org, conduit.rs # # The Conduit server needs all /_matrix/ requests to be reachable at # # https://your.server.name/ on port 443 (client-server) and 8448 (federation). # # If that's not possible for you, you can create /.well-known files to redirect # # requests. See # # https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client # # and # # https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server # # for more information # # YOU NEED TO EDIT THIS # server_name = "matrix.redalder.org"; # # This is the only directory where Conduit will save its data # database_path = "/var/lib/matrix-conduit/"; # database_backend = "rocksdb"; # # The port Conduit will be running on. You need to set up a reverse proxy in # # your web server (e.g. apache or nginx), so all requests to /_matrix on port # # 443 and 8448 will be forwarded to the Conduit instance running on this port # port = 6167; # # Max size for uploads # max_request_size = 20000000; # in bytes # # Enables registration. If set to false, no users can register on this server. # allow_registration = true; # allow_federation = true; # trusted_servers = ["matrix.org"]; # # How many requests Conduit sends to other servers at the same time # #max_concurrent_requests = 100 # #log = "info,state_res=warn,rocket=off,_=off,sled=off" # address = "0.0.0.0"; # }; # }; # in # pkgs.writeShellScript "conduit" # '' # CONDUIT_CONFIG=${conduitConfig} ${pkgs.matrix-conduit}/bin/conduit # ''; # }; # }); }