From 6bf93aea0b48a5476fecfdc2ef06da5816d5fb9e Mon Sep 17 00:00:00 2001 From: Alejandro Soto Date: Wed, 7 Aug 2024 19:37:51 -0600 Subject: sys/conduit, web/sites/matrix: implement conduit matrix homeserver --- sys/nspawn/dmz.nix | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) (limited to 'sys/nspawn/dmz.nix') diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix index 0192333..73302d4 100644 --- a/sys/nspawn/dmz.nix +++ b/sys/nspawn/dmz.nix @@ -5,6 +5,9 @@ with lib; let hassPort = config.services.home-assistant.config.http.server_port; hassEnable = config.local.home-assistant.enable; + + conduitPort = config.local.conduit.listenPort; + conduitEnable = config.local.conduit.enable; in { options.local.nspawn.dmz = { @@ -54,6 +57,7 @@ in config = mkIf cfg.enable { local = { mailHost.mdaListen = cfg.hostAddr; + conduit.listenAddress = mkIf conduitEnable cfg.hostAddr; nspawn.dmz = let @@ -93,9 +97,16 @@ in inherit (mailHost) saslPort lmtpPort; }; - web.sites.home = { - enable = hassEnable; - proxyUrl = "http://${cfg.hostAddr}:${toString hassPort}"; + web.sites = { + home = { + enable = hassEnable; + proxyUrl = "http://${cfg.hostAddr}:${toString hassPort}"; + }; + + matrix = { + enable = conduitEnable; + proxyUrl = "http://${cfg.hostAddr}:${toString conduitPort}"; + }; }; }; @@ -120,7 +131,7 @@ in }; services = { - home-assistant.config.http = { + home-assistant.config.http = mkIf hassEnable { server_host = [ cfg.hostAddr ]; trusted_proxies = [ cfg.dmzAddr ]; use_x_forwarded_for = true; @@ -187,7 +198,10 @@ in allowedTCPPorts = [ 25 80 443 ]; interfaces.ve-dmz = { - allowedTCPPorts = [ mailHost.saslPort mailHost.lmtpPort ] ++ optional hassEnable hassPort; + allowedTCPPorts = [ mailHost.saslPort mailHost.lmtpPort ] + ++ optional hassEnable hassPort + ++ optional conduitEnable conduitPort; + allowedUDPPorts = [ 67 ]; # DHCP }; }; -- cgit v1.2.3