mirror of
https://github.com/kittywitch/nixfiles.git
synced 2026-02-09 12:29:19 -08:00
37 lines
1.1 KiB
Nix
37 lines
1.1 KiB
Nix
{config, ...}: let
|
|
fqdn = "${config.networking.hostName}.${config.networking.domain}";
|
|
clientConfig = {
|
|
"m.homeserver".base_url = "https://${fqdn}";
|
|
"m.identity_server".base_url = "https://vector.im";
|
|
};
|
|
serverConfig."m.server" = "${fqdn}:443";
|
|
mkWellKnown = data: ''
|
|
add_header Content-Type application/json;
|
|
add_header Access-Control-Allow-Origin *;
|
|
return 200 '${builtins.toJSON data}';
|
|
'';
|
|
in {
|
|
services.nginx = {
|
|
virtualHosts = {
|
|
"kittywit.ch" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
|
|
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
|
|
};
|
|
"${fqdn}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/".extraConfig = ''
|
|
return 404;
|
|
'';
|
|
locations."/_matrix".proxyPass = "http://[::1]:8008";
|
|
locations."/_synapse/client".proxyPass = "http://[::1]:8008";
|
|
extraConfig = ''
|
|
http2_max_requests 100000;
|
|
keepalive_requests 100000;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|