mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-12-12 01:42:02 +01:00
c1a727a699
Signed-off-by: Magic_RB <magic_rb@redalder.org>
72 lines
2 KiB
Nix
72 lines
2 KiB
Nix
{ makeSystem
|
|
, nixpkgs
|
|
|
|
, commonConfig
|
|
}:
|
|
makeSystem {
|
|
system = "x86_64-linux";
|
|
name = "synapse";
|
|
inherit nixpkgs;
|
|
config =
|
|
{ pkgs, lib, ... }:
|
|
let
|
|
inherit (lib)
|
|
singleton;
|
|
in
|
|
{
|
|
dumb-init = {
|
|
enable = true;
|
|
type.services = { };
|
|
};
|
|
|
|
init.services.synapse = {
|
|
enabled = true;
|
|
shutdownOnExit = true;
|
|
script =
|
|
let
|
|
synapseConfig = (pkgs.formats.yaml {}).generate "synapse.yaml"
|
|
{
|
|
listeners =
|
|
[
|
|
# The HTTP replication port
|
|
{
|
|
port = 9093;
|
|
bind_addresses = [ "0.0.0.0" ];
|
|
type = "http";
|
|
resources = [
|
|
{
|
|
names = [ "replication" ];
|
|
}
|
|
];
|
|
}
|
|
{
|
|
port = 6167;
|
|
tls = false;
|
|
type = "http";
|
|
x_forwarded = true;
|
|
bind_adrresses = [ "0.0.0.0" ];
|
|
resources = singleton {
|
|
names = [ "client" "federation" ];
|
|
compress = false;
|
|
};
|
|
}
|
|
];
|
|
|
|
public_baseurl = "https://matrix.redalder.org/";
|
|
|
|
# Add a random shared secret to authenticate traffic.
|
|
worker_replication_secret = "";
|
|
};
|
|
in
|
|
pkgs.writeShellScript "synapse" ''
|
|
${pkgs.matrix-synapse}/bin/synapse_homeserver \
|
|
--config-path ${synapseConfig} \
|
|
--config-path ${commonConfig pkgs} \
|
|
--config-path /secrets/extra.yaml \
|
|
--config-path /var/lib/registrations/extra.yaml \
|
|
--keys-directory /var/lib/synapse/keys \
|
|
$([ -e /var/lib/synapse/signing.key ] || echo --generate-keys)
|
|
'';
|
|
};
|
|
};
|
|
}
|