Merge pull request 'feat(matrix): enable sliding-sync' (#83) from feat/matrix-synapse-sliding-sync into main

Reviewed-on: pub-solar/infra#83
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
This commit is contained in:
teutat3s 2023-12-16 15:34:28 +00:00
commit 2e2ca2fc82
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
4 changed files with 53 additions and 1 deletions

View file

@ -15,6 +15,12 @@ in {
owner = "matrix-synapse"; owner = "matrix-synapse";
}; };
age.secrets."matrix-synapse-sliding-sync-secret" = {
file = "${flake.self}/secrets/matrix-synapse-sliding-sync-secret.age";
mode = "400";
owner = "matrix-synapse";
};
services.matrix-synapse = { services.matrix-synapse = {
enable = true; enable = true;
settings = { settings = {
@ -226,6 +232,18 @@ in {
plugins = [ plugins = [
config.services.matrix-synapse.package.plugins.matrix-synapse-shared-secret-auth config.services.matrix-synapse.package.plugins.matrix-synapse-shared-secret-auth
]; ];
sliding-sync = {
enable = true;
settings = {
SYNCV3_SERVER = "https://${publicDomain}";
SYNCV3_BINDADDR = "127.0.0.1:8011";
# The bind addr for Prometheus metrics, which will be accessible at
# /metrics at this address
SYNCV3_PROM = "127.0.0.1:9100";
};
environmentFile = config.age.secrets."matrix-synapse-sliding-sync-secret".path;
};
}; };
services.restic.backups.matrix-synapse-storagebox = { services.restic.backups.matrix-synapse-storagebox = {

View file

@ -9,7 +9,7 @@ let
wellKnownClient = domain: { wellKnownClient = domain: {
"m.homeserver".base_url = "https://matrix.${domain}"; "m.homeserver".base_url = "https://matrix.${domain}";
"m.identity_server".base_url = "https://matrix.${domain}"; "m.identity_server".base_url = "https://matrix.${domain}";
"org.matrix.msc3575.proxy".url = "https://matrix.${domain}/sliding-sync"; "org.matrix.msc3575.proxy".url = "https://matrix.${domain}";
"im.vector.riot.e2ee".default = true; "im.vector.riot.e2ee".default = true;
"io.element.e2ee" = { "io.element.e2ee" = {
default = true; default = true;
@ -98,6 +98,12 @@ in
extraConfig = commonHeaders; extraConfig = commonHeaders;
}; };
# sliding-sync
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://127.0.0.1:8011";
extraConfig = commonHeaders;
};
"~* ^(/_matrix|/_synapse/client|/_synapse/oidc)" = { "~* ^(/_matrix|/_synapse/client|/_synapse/oidc)" = {
proxyPass = "http://127.0.0.1:8008"; proxyPass = "http://127.0.0.1:8008";

View file

@ -0,0 +1,27 @@
age-encryption.org/v1
-> ssh-ed25519 iDKjwg O7ax7BWOp2BEKA9i4WAmI0hsGoRjSzfAbMb4eRLdoRM
LlddBgKAoFe7qKvq7ixIphiWiO1JzKSyLJ6PSmUd2xA
-> ssh-ed25519 uYcDNw 5gN/+TZa94jPsMsrwXlrb1U8alMnCJq5/EIegIus0SI
NUTWQw6WCZTpKK4EFBL1lxSSnI9WEAb1MB7iFiezDFg
-> ssh-rsa kFDS0A
mXTGOqDXWJSVo58aok+GC2v7Xm/lL/QUrA9H4Ywfz1ksK2O1vZFmmrj9YOGMwtz3
KodmEn8339Oyz0Tw2lSDMJb22OZPxs2q1tYQ33tvj1OXVQygzW1q/RfTPXFtTCVo
alKl2Dbr8esFN+Cfpdh4zHJFab73m6FUDGF2k4O5Gos8eOUiUx1O8WPMDtKgwTqM
Wtbnk0iBiTdgjwdFjkdMnx1bxGxa4pEtqtBdw9UiLwPKoPWJzHg7F9uIWH8L0FkQ
ml7K+pjZMzwWdJwuaLpIB3yCTDiSF4j9Wr74sXjUGQ/atGesIImIGnXEyZ0v6RI2
uRP4gx4zA9eoYcIWpuitgx9VKDwwJjcAyhffbZvTYF2ogtnWtCBIlY5jAtIV5l9I
x0k/FMfq0hGvXOJb976zsW83ZaXVPFpUEV75mweVAUbsnRmML1kyYKAFWF58hSoa
aEmij9hDvPIoQn2f6OTCtWXSJBtJjhxr4uvbKfrvhQojol91cU0w+fDe5rsZzhMk
CksD3JM+OmCpguvl+4jANxPVY58avIjZArOn/UVyM0LLuKFLfRzqpBup6ifv3Wpk
gplElrdz4iGHoEnceCGVJXcxXVbMfB4cr8I5BMK65TgN0pkl+VG6vY/TvgUl5a1C
VjLQxIVg3hEy8mRvIGjjo0R2E8qTkcMn5Bz5mjFJeXI
-> ssh-ed25519 YFSOsg nvVCR2LV8DHU+hIQa19uX9pEhA+NQxMkmBUMDktKOGU
Q9qhrcOeEA3myMqZbptbsWCS9hbm67pF5qO3jARN/bs
-> ssh-ed25519 iHV63A +Pca506lCnqn/+2e3lKVzlLcsa63EgngYry54yiAxA0
hyZZUoRuYjJvhznZBAkRRjq2x6jZvJX0sfj+jigX39c
-> ssh-ed25519 BVsyTA hza+5wLH7L3VyXIwBK/sq5UNR6SC3EnKxQ3ucrVPwXc
BAXKAf2gdMT29ZXEAeq0B54ojrGa9LwfhBK91v68yis
-> !By"-grease
7r6wODXXipdv7nXJ+K653PLYdKOLF1pEvCWeKk8/q49s5ScMqZpGVA
--- zNjNg84OVHL/CbJyutcBz6eWD+71peLb7weZ/EjQaic
r!ï?RUàÕoäE¤~Wü>_íðtÜî=‰*7ëÎt<C38E>=QÔ¹ü[`@ï‹“£BÛ<42>§jedÜ°Í ¢q¤Ño^Ÿ³™P÷±áN­ÜÏ{H^€ª¾j¬°ÚBûh¼:PPµÞ&â™—mܯt

View file

@ -44,6 +44,7 @@ in {
"matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-mautrix-telegram-env-file.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-synapse-signing-key.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ baseKeys; "matrix-synapse-secret-config.yaml.age".publicKeys = nachtigallKeys ++ baseKeys;
"matrix-synapse-sliding-sync-secret.age".publicKeys = nachtigallKeys ++ baseKeys;
"nextcloud-secrets.age".publicKeys = nachtigallKeys ++ baseKeys; "nextcloud-secrets.age".publicKeys = nachtigallKeys ++ baseKeys;
"nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys; "nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys;