Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

preliminary matrix

Browse Source
This commit is contained in:
Grimmauld 2023-12-27 14:48:20 +00:00
parent dccf6a5a67
commit 8798d16239
1 changed files with 12 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
configuration.nix
View File

@ -11,6 +11,8 @@ let
gitea_host = "git.${root_host}"; gitea_host = "git.${root_host}";
gitea_port = 8081; gitea_port = 8081;
matrix_host = "matrix.${root_host}";
in { in {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
@ -18,6 +20,7 @@ in {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
# CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse;
ensureDatabases = [ "synapse" ]; ensureDatabases = [ "synapse" ];
package = pkgs.postgresql_15; package = pkgs.postgresql_15;
ensureUsers = [ ensureUsers = [
@ -85,12 +88,10 @@ host replication all ::1/128 md5
port = 5432; port = 5432;
dbname = "synapse"; dbname = "synapse";
user = "synapse"; user = "synapse";
cp_min = 5; cp_min = 10;
cp_max = 10; cp_max = 40;
client_encoding = "auto"; client_encoding = "auto";
passfile = config.age.secrets.synapse_db_pass_prepared.path; passfile = config.age.secrets.synapse_db_pass_prepared.path;
# password = "synapse";
# dbname = "synapse";
}; };
}; };
}; };
@ -123,8 +124,6 @@ host replication all ::1/128 md5
group = "matrix-synapse"; group = "matrix-synapse";
mode = "0600"; mode = "0600";
}; };
# duckdns_token.file = ./secrets/duckdns_token.age;
}; };
users.users.grimmauld = { users.users.grimmauld = {
@ -163,16 +162,6 @@ host replication all ::1/128 md5
pypy3 pypy3
]; ];
# systemd.services = {
# dynamic-dns-updater = {
# path = [
# pkgs.curl
# ];
# script = ''curl "https://www.duckdns.org/update?domains=grimmauld&token=$(<${config.age.secrets.duckdns_token.path})&ip="'';
# startAt = "hourly";
# };
# };
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = root_email; defaults.email = root_email;
@ -191,7 +180,7 @@ host replication all ::1/128 md5
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 ]; allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 8008 ];
allowPing = true; allowPing = true;
allowedUDPPortRanges = [ allowedUDPPortRanges = [
# { from = 4000; to = 4007; } # { from = 4000; to = 4007; }
@ -225,7 +214,12 @@ host replication all ::1/128 md5
virtualHosts."${root_host}" = { virtualHosts."${root_host}" = {
forceSSL = true; forceSSL = true;
useACMEHost = root_host; useACMEHost = root_host;
root = "/var/www/grimmauld.duckdns.org"; # locations."/" = {
root = "/var/www/grimmauld.duckdns.org";
# };
# locations."/.well-known/matrix/" = {
# root = "/var/www/grimmauld.duckdns.org/.well-known/matrix";
# };
}; };
virtualHosts."${puffer_host}" = { virtualHosts."${puffer_host}" = {