forked from CCCHH/nix-infra
59 lines
1.3 KiB
Nix
59 lines
1.3 KiB
Nix
{ config, ... }:
|
|
|
|
{
|
|
services.matrix-synapse = {
|
|
enable = true;
|
|
|
|
settings = {
|
|
listeners = [
|
|
{
|
|
port = 8008;
|
|
bind_addresses = [
|
|
"::1"
|
|
"127.0.0.1"
|
|
];
|
|
type = "http";
|
|
tls = false;
|
|
x_forwarded = true;
|
|
|
|
resources = [
|
|
{
|
|
compress = true;
|
|
names = [ "client" ];
|
|
}
|
|
{
|
|
compress = false;
|
|
names = [ "federation" ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
|
|
server_name = "hamburg.ccc.de";
|
|
public_baseurl = "https://matrix.hamburg.ccc.de";
|
|
|
|
database = {
|
|
name = "psycopg2";
|
|
args.password = "synapse";
|
|
};
|
|
|
|
media_store_path = "/mnt/data/synapse_media_store";
|
|
max_upload_size = "500M";
|
|
|
|
admin_contact = "mailto:yuri+ccchh@nekover.se";
|
|
};
|
|
|
|
extraConfigFiles = [
|
|
"/run/secrets/matrix_registration_shared_secret"
|
|
];
|
|
};
|
|
|
|
systemd.services.matrix-synapse.serviceConfig.ReadWritePaths = [ config.services.matrix-synapse.settings.media_store_path ];
|
|
|
|
sops.secrets."matrix_registration_shared_secret" = {
|
|
mode = "0440";
|
|
owner = "matrix-synapse";
|
|
group = "matrix-synapse";
|
|
restartUnits = [ "matrix-synapse.service" ];
|
|
};
|
|
}
|