64 lines
1.9 KiB
Nix
64 lines
1.9 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: let
|
|
database = {
|
|
connection_string = "postgres:///dendrite?host=/run/postgresql";
|
|
max_open_conns = 97;
|
|
max_idle_conns = 5;
|
|
conn_max_lifetime = -1;
|
|
};
|
|
in {
|
|
config = lib.mkIf config.niksos.server {
|
|
services = {
|
|
dendrite = {
|
|
enable = true;
|
|
httpPort = 9003;
|
|
loadCredential = [
|
|
# $ nix-shell -p dendrite --run 'generate-keys --private-key /tmp/key'
|
|
"matrix-server-key:${config.age.secrets.matrix-priv.path}"
|
|
];
|
|
environmentFile = config.age.secrets.matrix-registration.path; # Contains: `REGISTRATION_SHARED_SECRET=verysecretpassword`
|
|
# openRegistration = true;
|
|
|
|
settings = {
|
|
global = {
|
|
inherit database;
|
|
server_name = "matrix.jsw.tf";
|
|
private_key = "/$CREDENTIALS_DIRECTORY/matrix-server-key"; #nix shell nixpkgs#dendrite; generate-keys --private-key matrix_key.pem
|
|
};
|
|
client_api.registration_shared_secret = "$REGISTRATION_SHARED_SECRET";
|
|
app_service_api.database = database;
|
|
federation_api.database = database;
|
|
key_server.database = database;
|
|
media_api.database = database;
|
|
mscs.database = database;
|
|
relay_api.database = database;
|
|
room_server.database = database;
|
|
sync_api.database = database;
|
|
user_api.account_database.database = database;
|
|
user_api.device_database.database = database;
|
|
sync_api.search.enabled = true;
|
|
};
|
|
};
|
|
|
|
postgresql = {
|
|
enable = true;
|
|
enableTCPIP = false;
|
|
ensureDatabases = ["dendrite"];
|
|
ensureUsers = [
|
|
{
|
|
name = "dendrite";
|
|
ensureDBOwnership = true;
|
|
}
|
|
];
|
|
};
|
|
|
|
caddy.virtualHosts."matrix.jsw.tf".extraConfig = ''
|
|
reverse_proxy /_matrix/* localhost:9003
|
|
'';
|
|
};
|
|
systemd.services.dendrite.after = ["postgresql.service"];
|
|
};
|
|
}
|