refactor: split up tente/default.nix

author: Martin Fischer <martin@push-f.com> 2024-12-27 13:16:07 +0100
committer: Martin Fischer <martin@push-f.com> 2024-12-27 18:44:56 +0100
commit: 28424ccb86f9fe02c9e9f95958cf10d3a9fe3777 (patch)
tree: 676f8a3dae5266c24569c7c633d1247a7125c095 /nixos/hosts/tente/matrix.nix
parent: 1b65ba7a838e422c9bf16ddcaf796a996fa51b6b (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/nixos/hosts/tente/matrix.nix b/nixos/hosts/tente/matrix.nix
new file mode 100644
index 0000000..b60f3cd
--- /dev/null
+++ b/nixos/hosts/tente/matrix.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.matrix;
+in
+{
+  options.matrix = {
+    serverName = lib.mkOption {
+      type = lib.types.str;
+    };
+    apiDomain = lib.mkOption {
+      type = lib.types.str;
+    };
+  };
+
+  config = {
+    services = {
+      matrix-synapse = {
+        enable = true;
+        settings = {
+          server_name = cfg.serverName;
+        };
+      };
+
+      nginx.virtualHosts.${cfg.apiDomain} = {
+        enableACME = true;
+        forceSSL = true;
+
+        # TODO: add locations."/" with some message
+
+        # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash
+        # *must not* be used here.
+        locations."/_matrix".proxyPass = "http://127.0.0.1:8008";
+        # Forward requests for e.g. SSO and password-resets.
+        locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008";
+      };
+    };
+  };
+}
author	Martin Fischer <martin@push-f.com>	2024-12-27 13:16:07 +0100
committer	Martin Fischer <martin@push-f.com>	2024-12-27 18:44:56 +0100
commit	28424ccb86f9fe02c9e9f95958cf10d3a9fe3777 (patch)
tree	676f8a3dae5266c24569c7c633d1247a7125c095 /nixos/hosts/tente/matrix.nix
parent	1b65ba7a838e422c9bf16ddcaf796a996fa51b6b (diff)