preliminary matrix
This commit is contained in:
parent
dccf6a5a67
commit
8798d16239
1 changed files with 12 additions and 18 deletions
|
|
@ -11,6 +11,8 @@ let
|
||||||
|
|
||||||
gitea_host = "git.${root_host}";
|
gitea_host = "git.${root_host}";
|
||||||
gitea_port = 8081;
|
gitea_port = 8081;
|
||||||
|
|
||||||
|
matrix_host = "matrix.${root_host}";
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
@ -18,6 +20,7 @@ in {
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
# CREATE DATABASE synapse ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER synapse;
|
||||||
ensureDatabases = [ "synapse" ];
|
ensureDatabases = [ "synapse" ];
|
||||||
package = pkgs.postgresql_15;
|
package = pkgs.postgresql_15;
|
||||||
ensureUsers = [
|
ensureUsers = [
|
||||||
|
|
@ -85,12 +88,10 @@ host replication all ::1/128 md5
|
||||||
port = 5432;
|
port = 5432;
|
||||||
dbname = "synapse";
|
dbname = "synapse";
|
||||||
user = "synapse";
|
user = "synapse";
|
||||||
cp_min = 5;
|
cp_min = 10;
|
||||||
cp_max = 10;
|
cp_max = 40;
|
||||||
client_encoding = "auto";
|
client_encoding = "auto";
|
||||||
passfile = config.age.secrets.synapse_db_pass_prepared.path;
|
passfile = config.age.secrets.synapse_db_pass_prepared.path;
|
||||||
# password = "synapse";
|
|
||||||
# dbname = "synapse";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
@ -123,8 +124,6 @@ host replication all ::1/128 md5
|
||||||
group = "matrix-synapse";
|
group = "matrix-synapse";
|
||||||
mode = "0600";
|
mode = "0600";
|
||||||
};
|
};
|
||||||
|
|
||||||
# duckdns_token.file = ./secrets/duckdns_token.age;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.grimmauld = {
|
users.users.grimmauld = {
|
||||||
|
|
@ -163,16 +162,6 @@ host replication all ::1/128 md5
|
||||||
pypy3
|
pypy3
|
||||||
];
|
];
|
||||||
|
|
||||||
# systemd.services = {
|
|
||||||
# dynamic-dns-updater = {
|
|
||||||
# path = [
|
|
||||||
# pkgs.curl
|
|
||||||
# ];
|
|
||||||
# script = ''curl "https://www.duckdns.org/update?domains=grimmauld&token=$(<${config.age.secrets.duckdns_token.path})&ip="'';
|
|
||||||
# startAt = "hourly";
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
|
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
defaults.email = root_email;
|
defaults.email = root_email;
|
||||||
|
|
@ -191,7 +180,7 @@ host replication all ::1/128 md5
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 ];
|
allowedTCPPorts = [ 80 443 puffer_sftp_port 25565 8448 8008 ];
|
||||||
allowPing = true;
|
allowPing = true;
|
||||||
allowedUDPPortRanges = [
|
allowedUDPPortRanges = [
|
||||||
# { from = 4000; to = 4007; }
|
# { from = 4000; to = 4007; }
|
||||||
|
|
@ -225,7 +214,12 @@ host replication all ::1/128 md5
|
||||||
virtualHosts."${root_host}" = {
|
virtualHosts."${root_host}" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
useACMEHost = root_host;
|
useACMEHost = root_host;
|
||||||
root = "/var/www/grimmauld.duckdns.org";
|
# locations."/" = {
|
||||||
|
root = "/var/www/grimmauld.duckdns.org";
|
||||||
|
# };
|
||||||
|
# locations."/.well-known/matrix/" = {
|
||||||
|
# root = "/var/www/grimmauld.duckdns.org/.well-known/matrix";
|
||||||
|
# };
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualHosts."${puffer_host}" = {
|
virtualHosts."${puffer_host}" = {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue