From 33e003d4b435672cc7425f35e6405a0815117194 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Thu, 16 Nov 2023 20:10:39 +0100 Subject: [PATCH 1/3] feat: add wellknown for matrix test domain --- hosts/nachtigall/apps/nginx-matrix.nix | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/hosts/nachtigall/apps/nginx-matrix.nix b/hosts/nachtigall/apps/nginx-matrix.nix index da6edee..eaee415 100644 --- a/hosts/nachtigall/apps/nginx-matrix.nix +++ b/hosts/nachtigall/apps/nginx-matrix.nix @@ -6,10 +6,10 @@ let add_header X-XSS-Protection "1; mode=block"; ''; clientConfig = import ./matrix/element-client-config.nix; - wellKnownClient = { - "m.homeserver".base_url = "https://matrix.pub.solar"; - "m.identity_server".base_url = "https://matrix.pub.solar"; - "org.matrix.msc3575.proxy".url = "https://matrix.pub.solar/sliding-sync"; + wellKnownClient = domain: { + "m.homeserver".base_url = "https://matrix.${domain}"; + "m.identity_server".base_url = "https://matrix.${domain}"; + "org.matrix.msc3575.proxy".url = "https://matrix.${domain}/sliding-sync"; "im.vector.riot.e2ee".default = true; "io.element.e2ee" = { default = true; @@ -19,21 +19,21 @@ let "m.integrations" = { managers = [ { - api_url = "https://dimension.pub.solar/api/v1/scalar"; - ui_url = "https://dimension.pub.solar/element"; + api_url = "https://dimension.${domain}/api/v1/scalar"; + ui_url = "https://dimension.${domain}/element"; } ]; }; }; - wellKnownServer."m.server" = "matrix.pub.solar:8448"; + wellKnownServer = domain: { "m.server" = "${domain}:8448"; }; mkWellKnown = data: '' add_header Content-Type application/json; add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; - wellKnownLocations = { - "= /.well-known/matrix/server".extraConfig = mkWellKnown wellKnownServer; - "= /.well-known/matrix/client".extraConfig = mkWellKnown wellKnownClient; + wellKnownLocations = domain: { + "= /.well-known/matrix/server".extraConfig = mkWellKnown (wellKnownServer domain); + "= /.well-known/matrix/client".extraConfig = mkWellKnown (wellKnownClient domain); }; in { @@ -44,7 +44,7 @@ in ##################################### "pub.solar" = { - locations = wellKnownLocations; + locations = wellKnownLocations "pub.solar"; }; ####################################### @@ -70,7 +70,7 @@ in gzip on; gzip_types text/plain application/json; ''; - locations = wellKnownLocations // { + locations = (wellKnownLocations "test.pub.solar") // { # TODO: Configure metrics # "/metrics" = { # }; -- 2.44.2 From f213f930855ea993cfc177682ffc86460f59332e Mon Sep 17 00:00:00 2001 From: teutat3s Date: Sat, 18 Nov 2023 17:33:28 +0100 Subject: [PATCH 2/3] fix: remove nix from devshell This caused nix version 2.13 being using in the devshell instead of recent version 2.18, which we use by default in PubSolarOS --- flake.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/flake.nix b/flake.nix index 5627cb8..cebf89c 100644 --- a/flake.nix +++ b/flake.nix @@ -63,7 +63,6 @@ agenix cachix editorconfig-checker - nix nodePackages.prettier nvfetcher shellcheck -- 2.44.2 From c88a0608f64937d429fb8ddd232a7e8d172c627c Mon Sep 17 00:00:00 2001 From: teutat3s Date: Sat, 18 Nov 2023 17:34:33 +0100 Subject: [PATCH 3/3] fix: matrix delegation via well-known for test domain We use pub.solar as our server_name and matrix.pub.solar:8448 for matrix federation traffic. The well-known record served at https://pub.solar/.well-known/matrix/server should point to matrix.pub.solar:8448. The same is true for test.pub.solar and matrix.test.pub.solar:8448. https://matrix-org.github.io/synapse/latest/delegate.html --- hosts/nachtigall/apps/nginx-matrix.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/hosts/nachtigall/apps/nginx-matrix.nix b/hosts/nachtigall/apps/nginx-matrix.nix index eaee415..d110248 100644 --- a/hosts/nachtigall/apps/nginx-matrix.nix +++ b/hosts/nachtigall/apps/nginx-matrix.nix @@ -25,7 +25,7 @@ let ]; }; }; - wellKnownServer = domain: { "m.server" = "${domain}:8448"; }; + wellKnownServer = domain: { "m.server" = "matrix.${domain}:8448"; }; mkWellKnown = data: '' add_header Content-Type application/json; add_header Access-Control-Allow-Origin *; @@ -50,6 +50,14 @@ in ####################################### # Stuff below is still in betatesting # ####################################### + "test.pub.solar" = { + root = "/dev/null"; + + forceSSL = lib.mkDefault true; + enableACME = lib.mkDefault true; + + locations = (wellKnownLocations "test.pub.solar"); + }; "chat.test.pub.solar" = { forceSSL = true; @@ -70,7 +78,7 @@ in gzip on; gzip_types text/plain application/json; ''; - locations = (wellKnownLocations "test.pub.solar") // { + locations = { # TODO: Configure metrics # "/metrics" = { # }; -- 2.44.2