diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/conduit/default.nix | 50 | ||||
| -rw-r--r-- | sys/default.nix | 1 | ||||
| -rw-r--r-- | sys/nspawn/dmz.nix | 12 | ||||
| -rw-r--r-- | sys/web/sites/default.nix | 1 | ||||
| -rw-r--r-- | sys/web/sites/matrix.nix | 52 |
5 files changed, 1 insertions, 115 deletions
diff --git a/sys/conduit/default.nix b/sys/conduit/default.nix deleted file mode 100644 index 597960b..0000000 --- a/sys/conduit/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, flakes, lib, pkgs, ... }: -with lib; let - cfg = config.local.conduit; - - fqdn = config.local.domains.matrix.main; - inherit (config.local.domains.matrix.passthru) serverName; -in -{ - options.local.conduit = { - enable = mkEnableOption "conduit Matrix homeserver"; - - listenAddress = mkOption { - type = types.str; - default = "127.0.0.1"; - }; - - listenPort = mkOption { - type = types.port; - default = 6167; - }; - }; - - config = mkIf cfg.enable { - services.matrix-conduit = { - enable = true; - - package = flakes.conduwuit.packages.${pkgs.system}.default; - - settings.global = { - port = cfg.listenPort; - address = cfg.listenAddress; - server_name = serverName; - - database_backend = "sqlite"; - - allow_encryption = true; - allow_federation = true; - allow_registration = false; - enable_lightning_bolt = false; - allow_check_for_updates = true; - new_user_displayname_suffix = ""; - - well_known = { - client = "https://${fqdn}"; - server = "${fqdn}:443"; - }; - }; - }; - }; -} diff --git a/sys/default.nix b/sys/default.nix index 70134f9..86553e5 100644 --- a/sys/default.nix +++ b/sys/default.nix @@ -11,7 +11,6 @@ with lib; { ./baseline ./boot ./btrfs - ./conduit ./env ./gitea ./hardware diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix index 6c006d1..905e491 100644 --- a/sys/nspawn/dmz.nix +++ b/sys/nspawn/dmz.nix @@ -7,9 +7,6 @@ with lib; let hassPort = config.services.home-assistant.config.http.server_port; hassEnable = config.local.home-assistant.enable; - - conduitPort = config.local.conduit.listenPort; - conduitEnable = config.local.conduit.enable; in { options.local.nspawn.dmz = { @@ -70,7 +67,6 @@ in config = mkIf cfg.enable { local = { mailHost.mdaListen = cfg.hostAddr; - conduit.listenAddress = mkIf conduitEnable cfg.hostAddr; nspawn.dmz = { dmzAddr = dmzNet.hosts.dmz.v4.address; @@ -98,11 +94,6 @@ in enable = hassEnable; proxyUrl = "http://${cfg.hostAddr}:${toString hassPort}"; }; - - matrix = { - enable = conduitEnable; - proxyUrl = "http://${cfg.hostAddr}:${toString conduitPort}"; - }; }; }; @@ -222,8 +213,7 @@ in interfaces.ve-dmz = { allowedTCPPorts = [ mailHost.saslPort mailHost.lmtpPort ] - ++ optional hassEnable hassPort - ++ optional conduitEnable conduitPort; + ++ optional hassEnable hassPort; allowedUDPPorts = [ 67 ]; # DHCP }; diff --git a/sys/web/sites/default.nix b/sys/web/sites/default.nix index 15957c0..a131aaf 100644 --- a/sys/web/sites/default.nix +++ b/sys/web/sites/default.nix @@ -1,7 +1,6 @@ { imports = [ ./home.nix - ./matrix.nix ./portal.nix ]; } diff --git a/sys/web/sites/matrix.nix b/sys/web/sites/matrix.nix deleted file mode 100644 index 5583b47..0000000 --- a/sys/web/sites/matrix.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, ... }: -with lib; let - cfg = config.local.web.sites.matrix; - inherit (config.local) domains; -in -{ - options.local.web.sites.matrix = { - enable = mkEnableOption "matrix proxy site"; - - proxyUrl = mkOption { - type = types.str; - }; - }; - - config = mkIf cfg.enable { - local.web = { - enable = mkDefault true; - ownedCerts = [ "matrix" ]; - - sites.portal.enable = true; - }; - - services.nginx.virtualHosts = - let - proxyLocation = - throwIf (hasSuffix "/" cfg.proxyUrl) - "matrix site: a trailing slash *must not* be used here" - cfg.proxyUrl; - in - { - ${domains.exdev.main}.locations."/.well-known/matrix".proxyPass = proxyLocation; - - ${domains.matrix.main} = { - forceSSL = true; - useACMEHost = domains.matrix.main; - - locations = { - "/".extraConfig = '' - return 403; - ''; - - # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash - # *must not* be used here. - "/_matrix".proxyPass = proxyLocation; - - # Forward requests for e.g. SSO and password-resets. - "/_synapse/client".proxyPass = proxyLocation; - }; - }; - }; - }; -} |