dotfiles/nixng/containers/matrix/synapse/synapse.nix
Magic_RB c1a727a699 Add the Matrix containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-16 16:08:09 +02:00

72 lines
2 KiB
Nix

{ makeSystem
, nixpkgs
, commonConfig
}:
makeSystem {
system = "x86_64-linux";
name = "synapse";
inherit nixpkgs;
config =
{ pkgs, lib, ... }:
let
inherit (lib)
singleton;
in
{
dumb-init = {
enable = true;
type.services = { };
};
init.services.synapse = {
enabled = true;
shutdownOnExit = true;
script =
let
synapseConfig = (pkgs.formats.yaml {}).generate "synapse.yaml"
{
listeners =
[
# The HTTP replication port
{
port = 9093;
bind_addresses = [ "0.0.0.0" ];
type = "http";
resources = [
{
names = [ "replication" ];
}
];
}
{
port = 6167;
tls = false;
type = "http";
x_forwarded = true;
bind_adrresses = [ "0.0.0.0" ];
resources = singleton {
names = [ "client" "federation" ];
compress = false;
};
}
];
public_baseurl = "https://matrix.redalder.org/";
# Add a random shared secret to authenticate traffic.
worker_replication_secret = "";
};
in
pkgs.writeShellScript "synapse" ''
${pkgs.matrix-synapse}/bin/synapse_homeserver \
--config-path ${synapseConfig} \
--config-path ${commonConfig pkgs} \
--config-path /secrets/extra.yaml \
--config-path /var/lib/registrations/extra.yaml \
--keys-directory /var/lib/synapse/keys \
$([ -e /var/lib/synapse/signing.key ] || echo --generate-keys)
'';
};
};
}