sys/conduit, web/sites/matrix: implement conduit matrix homeserver

author: Alejandro Soto <alejandro@34project.org> 2024-08-07 19:37:51 -0600
committer: Alejandro Soto <alejandro@34project.org> 2024-08-07 19:54:17 -0600
commit: 6bf93aea0b48a5476fecfdc2ef06da5816d5fb9e (patch)
tree: c1eb2dc365be4a7090d76c3bba5ed17461e45101 /sys/nspawn
parent: da84be8c451308bbad0a70592bdcb0abd975f060 (diff)
1 files changed, 19 insertions, 5 deletions
diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix
index 0192333..73302d4 100644
--- a/sys/nspawn/dmz.nix
+++ b/sys/nspawn/dmz.nix
@@ -5,6 +5,9 @@ with lib; let
 
   hassPort = config.services.home-assistant.config.http.server_port;
   hassEnable = config.local.home-assistant.enable;
+
+  conduitPort = config.local.conduit.listenPort;
+  conduitEnable = config.local.conduit.enable;
 in
 {
   options.local.nspawn.dmz = {
@@ -54,6 +57,7 @@ in
   config = mkIf cfg.enable {
     local = {
       mailHost.mdaListen = cfg.hostAddr;
+      conduit.listenAddress = mkIf conduitEnable cfg.hostAddr;
 
       nspawn.dmz =
         let
@@ -93,9 +97,16 @@ in
                       inherit (mailHost) saslPort lmtpPort;
                     };
 
-                    web.sites.home = {
-                      enable = hassEnable;
-                      proxyUrl = "http://${cfg.hostAddr}:${toString hassPort}";
+                    web.sites = {
+                      home = {
+                        enable = hassEnable;
+                        proxyUrl = "http://${cfg.hostAddr}:${toString hassPort}";
+                      };
+
+                      matrix = {
+                        enable = conduitEnable;
+                        proxyUrl = "http://${cfg.hostAddr}:${toString conduitPort}";
+                      };
                     };
                   };
 
@@ -120,7 +131,7 @@ in
     };
 
     services = {
-      home-assistant.config.http = {
+      home-assistant.config.http = mkIf hassEnable {
         server_host = [ cfg.hostAddr ];
         trusted_proxies = [ cfg.dmzAddr ];
         use_x_forwarded_for = true;
@@ -187,7 +198,10 @@ in
       allowedTCPPorts = [ 25 80 443 ];
 
       interfaces.ve-dmz = {
-        allowedTCPPorts = [ mailHost.saslPort mailHost.lmtpPort ] ++ optional hassEnable hassPort;
+        allowedTCPPorts = [ mailHost.saslPort mailHost.lmtpPort ]
+          ++ optional hassEnable hassPort
+          ++ optional conduitEnable conduitPort;
+
         allowedUDPPorts = [ 67 ]; # DHCP
       };
     };
author	Alejandro Soto <alejandro@34project.org>	2024-08-07 19:37:51 -0600
committer	Alejandro Soto <alejandro@34project.org>	2024-08-07 19:54:17 -0600
commit	6bf93aea0b48a5476fecfdc2ef06da5816d5fb9e (patch)
tree	c1eb2dc365be4a7090d76c3bba5ed17461e45101 /sys/nspawn
parent	da84be8c451308bbad0a70592bdcb0abd975f060 (diff)