From 9ea81efb86ffdb427d3b5a770c00e40c68661d23 Mon Sep 17 00:00:00 2001
From: Martin Fischer <martin@push-f.com>
Date: Sat, 28 Dec 2024 10:32:42 +0100
Subject: refactor(tente): declare ports in default.nix

---
 nixos/hosts/tente/default.nix   |  3 +++
 nixos/hosts/tente/headscale.nix |  7 +++++--
 nixos/hosts/tente/matrix.nix    | 25 +++++++++++++++++++++++--
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/nixos/hosts/tente/default.nix b/nixos/hosts/tente/default.nix
index e6ec7ec..110507c 100644
--- a/nixos/hosts/tente/default.nix
+++ b/nixos/hosts/tente/default.nix
@@ -26,6 +26,9 @@ in
   matrix.serverName = domain;
   matrix.apiDomain = "matrix.${domain}";
 
+  headscale.port = 8080;
+  matrix.port = 8008;
+
   # Use the GRUB 2 boot loader.
   boot.loader.grub.enable = true;
   # boot.loader.grub.efiSupport = true;
diff --git a/nixos/hosts/tente/headscale.nix b/nixos/hosts/tente/headscale.nix
index 6faea12..fe7e12b 100644
--- a/nixos/hosts/tente/headscale.nix
+++ b/nixos/hosts/tente/headscale.nix
@@ -5,6 +5,9 @@ let
 in
 {
   options.headscale = {
+    port = lib.mkOption {
+      type = lib.types.int;
+    };
     domain = lib.mkOption {
       type = lib.types.str;
     };
@@ -14,7 +17,7 @@ in
     services = {
       headscale = {
         enable = true;
-        port = 8080;
+        port = cfg.port;
         # TODO: make dataDir configurable and set it to /srv/
         settings = {
           server_url = "https://${cfg.domain}";
@@ -26,7 +29,7 @@ in
         enableACME = true;
         forceSSL = true;
         locations."/" = {
-          proxyPass = "http://localhost:${toString config.services.headscale.port}";
+          proxyPass = "http://localhost:${toString cfg.port}";
           proxyWebsockets = true;
         };
       };
diff --git a/nixos/hosts/tente/matrix.nix b/nixos/hosts/tente/matrix.nix
index b60f3cd..ab6931e 100644
--- a/nixos/hosts/tente/matrix.nix
+++ b/nixos/hosts/tente/matrix.nix
@@ -5,6 +5,9 @@ let
 in
 {
   options.matrix = {
+    port = lib.mkOption {
+      type = lib.types.int;
+    };
     serverName = lib.mkOption {
       type = lib.types.str;
     };
@@ -19,6 +22,24 @@ in
         enable = true;
         settings = {
           server_name = cfg.serverName;
+          listeners = [{
+            # This listener matches the default of NixOS 24.11 (replicated here to make the port configurable).
+            bind_addresses = ["127.0.0.1"];
+            port = cfg.port;
+            resources = [
+              {
+                compress = true;
+                names = ["client"];
+              }
+              {
+                compress = false;
+                names = ["federation"];
+              }
+            ];
+            tls = false;
+            type = "http";
+            x_forwarded = true;
+          }];
         };
       };
 
@@ -30,9 +51,9 @@ in
 
         # Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash
         # *must not* be used here.
-        locations."/_matrix".proxyPass = "http://127.0.0.1:8008";
+        locations."/_matrix".proxyPass = "http://127.0.0.1:${toString cfg.port}";
         # Forward requests for e.g. SSO and password-resets.
-        locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008";
+        locations."/_synapse/client".proxyPass = "http://127.0.0.1:${toString cfg.port}";
       };
     };
   };
-- 
cgit v1.2.3