mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-12-12 09:51:59 +01:00
73 lines
2 KiB
Nix
73 lines
2 KiB
Nix
|
{ makeSystem
|
||
|
, nixpkgs
|
||
|
|
||
|
, commonConfig
|
||
|
}:
|
||
|
makeSystem {
|
||
|
system = "x86_64-linux";
|
||
|
name = "synapse";
|
||
|
inherit nixpkgs;
|
||
|
config =
|
||
|
{ pkgs, lib, ... }:
|
||
|
let
|
||
|
inherit (lib)
|
||
|
singleton;
|
||
|
in
|
||
|
{
|
||
|
dumb-init = {
|
||
|
enable = true;
|
||
|
type.services = { };
|
||
|
};
|
||
|
|
||
|
init.services.synapse = {
|
||
|
enabled = true;
|
||
|
shutdownOnExit = true;
|
||
|
script =
|
||
|
let
|
||
|
synapseConfig = (pkgs.formats.yaml {}).generate "synapse.yaml"
|
||
|
{
|
||
|
listeners =
|
||
|
[
|
||
|
# The HTTP replication port
|
||
|
{
|
||
|
port = 9093;
|
||
|
bind_addresses = [ "0.0.0.0" ];
|
||
|
type = "http";
|
||
|
resources = [
|
||
|
{
|
||
|
names = [ "replication" ];
|
||
|
}
|
||
|
];
|
||
|
}
|
||
|
{
|
||
|
port = 6167;
|
||
|
tls = false;
|
||
|
type = "http";
|
||
|
x_forwarded = true;
|
||
|
bind_adrresses = [ "0.0.0.0" ];
|
||
|
resources = singleton {
|
||
|
names = [ "client" "federation" ];
|
||
|
compress = false;
|
||
|
};
|
||
|
}
|
||
|
];
|
||
|
|
||
|
public_baseurl = "https://matrix.redalder.org/";
|
||
|
|
||
|
# Add a random shared secret to authenticate traffic.
|
||
|
worker_replication_secret = "";
|
||
|
};
|
||
|
in
|
||
|
pkgs.writeShellScript "synapse" ''
|
||
|
${pkgs.matrix-synapse}/bin/synapse_homeserver \
|
||
|
--config-path ${synapseConfig} \
|
||
|
--config-path ${commonConfig pkgs} \
|
||
|
--config-path /secrets/extra.yaml \
|
||
|
--config-path /var/lib/registrations/extra.yaml \
|
||
|
--keys-directory /var/lib/synapse/keys \
|
||
|
$([ -e /var/lib/synapse/signing.key ] || echo --generate-keys)
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
}
|