diff options
| -rw-r--r-- | nixos/hosts/tente/default.nix | 3 | ||||
| -rw-r--r-- | nixos/hosts/tente/headscale.nix | 7 | ||||
| -rw-r--r-- | nixos/hosts/tente/matrix.nix | 25 |
3 files changed, 31 insertions, 4 deletions
diff --git a/nixos/hosts/tente/default.nix b/nixos/hosts/tente/default.nix index e6ec7ec..110507c 100644 --- a/nixos/hosts/tente/default.nix +++ b/nixos/hosts/tente/default.nix @@ -26,6 +26,9 @@ in matrix.serverName = domain; matrix.apiDomain = "matrix.${domain}"; + headscale.port = 8080; + matrix.port = 8008; + # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; # boot.loader.grub.efiSupport = true; diff --git a/nixos/hosts/tente/headscale.nix b/nixos/hosts/tente/headscale.nix index 6faea12..fe7e12b 100644 --- a/nixos/hosts/tente/headscale.nix +++ b/nixos/hosts/tente/headscale.nix @@ -5,6 +5,9 @@ let in { options.headscale = { + port = lib.mkOption { + type = lib.types.int; + }; domain = lib.mkOption { type = lib.types.str; }; @@ -14,7 +17,7 @@ in services = { headscale = { enable = true; - port = 8080; + port = cfg.port; # TODO: make dataDir configurable and set it to /srv/ settings = { server_url = "https://${cfg.domain}"; @@ -26,7 +29,7 @@ in enableACME = true; forceSSL = true; locations."/" = { - proxyPass = "http://localhost:${toString config.services.headscale.port}"; + proxyPass = "http://localhost:${toString cfg.port}"; proxyWebsockets = true; }; }; diff --git a/nixos/hosts/tente/matrix.nix b/nixos/hosts/tente/matrix.nix index b60f3cd..ab6931e 100644 --- a/nixos/hosts/tente/matrix.nix +++ b/nixos/hosts/tente/matrix.nix @@ -5,6 +5,9 @@ let in { options.matrix = { + port = lib.mkOption { + type = lib.types.int; + }; serverName = lib.mkOption { type = lib.types.str; }; @@ -19,6 +22,24 @@ in enable = true; settings = { server_name = cfg.serverName; + listeners = [{ + # This listener matches the default of NixOS 24.11 (replicated here to make the port configurable). + bind_addresses = ["127.0.0.1"]; + port = cfg.port; + resources = [ + { + compress = true; + names = ["client"]; + } + { + compress = false; + names = ["federation"]; + } + ]; + tls = false; + type = "http"; + x_forwarded = true; + }]; }; }; @@ -30,9 +51,9 @@ in # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash # *must not* be used here. - locations."/_matrix".proxyPass = "http://127.0.0.1:8008"; + locations."/_matrix".proxyPass = "http://127.0.0.1:${toString cfg.port}"; # Forward requests for e.g. SSO and password-resets. - locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008"; + locations."/_synapse/client".proxyPass = "http://127.0.0.1:${toString cfg.port}"; }; }; }; |