Production config for matrix #72

Merged
teutat3s merged 9 commits from feat/matrix-prod into main 2023-11-28 12:58:54 +00:00
6 changed files with 15 additions and 26 deletions
Showing only changes of commit 8a2d946206 - Show all commits

View file

@ -14,7 +14,7 @@
max-port = 50000;
use-auth-secret = true;
static-auth-secret-file = "/run/agenix/coturn-static-auth-secret";
realm = "turn.test.pub.solar";
realm = "turn.pub.solar";
cert = "${config.security.acme.certs.${realm}.directory}/full.pem";
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
extraConfig =

View file

@ -1,8 +1,8 @@
{ pkgs, lib, ... }: {
default_server_config = {
"m.homeserver" = {
base_url = "https://matrix.test.pub.solar";
server_name = "test.pub.solar";
base_url = "https://matrix.pub.solar";
server_name = "pub.solar";
};
"m.identity_server" = {
base_url = "";

View file

@ -8,9 +8,9 @@
settings = {
homeserver = {
# TODO: Use the port from synapse config
domain = "test.pub.solar";
domain = "pub.solar";
url = "http://127.0.0.1:8008";
media_url = "https://matrix.test.pub.solar";
media_url = "https://matrix.pub.solar";
enablePresence = false;
};
ircService = {

View file

@ -13,7 +13,7 @@
homeserver = {
# TODO: Use the port from synapse config
address = "http://127.0.0.1:8008";
domain = "test.pub.solar";
domain = "pub.solar";
verify_ssl = true;
};
appservice = {
@ -34,7 +34,7 @@
};
public = {
enabled = true;
external = "https://matrix.test.pub.solar/c3c3f34b-29fb-5feb-86e5-98c75ec8214b";
external = "https://matrix.pub.solar/c3c3f34b-29fb-5feb-86e5-98c75ec8214b";
prefix = "/c3c3f34b-29fb-5feb-86e5-98c75ec8214b";
};
};
@ -140,7 +140,7 @@
username_template = "telegram_{userid}";
permissions = {
"test.pub.solar" = "full";
"pub.solar" = "full";
};
};

View file

@ -1,7 +1,7 @@
{ flake, config, pkgs, ... }:
let
publicDomain = "matrix.test.pub.solar";
serverDomain = "test.pub.solar";
publicDomain = "matrix.pub.solar";
serverDomain = "pub.solar";
in {
age.secrets."matrix-synapse-signing-key" = {
file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
@ -19,7 +19,7 @@ in {
enable = true;
settings = {
server_name = serverDomain;
public_baseurl = "https://matrix.test.pub.solar/";
public_baseurl = "https://${publicDomain}/";
database = {
name = "psycopg2";
args = {

View file

@ -47,19 +47,7 @@ in
locations = wellKnownLocations "pub.solar";
};
#######################################
# Stuff below is still in betatesting #
#######################################
"test.pub.solar" = {
root = "/dev/null";
forceSSL = lib.mkDefault true;
enableACME = lib.mkDefault true;
locations = (wellKnownLocations "test.pub.solar");
};
"chat.test.pub.solar" = {
"chat.pub.solar" = {
forceSSL = true;
enableACME = true;
root = pkgs.element-web.override {
@ -67,7 +55,7 @@ in
};
};
"matrix.test.pub.solar" = {
"matrix.pub.solar" = {
root = "/dev/null";
forceSSL = lib.mkDefault true;
@ -83,6 +71,7 @@ in
# "/metrics" = {
# };
# For telegram
"/c3c3f34b-29fb-5feb-86e5-98c75ec8214b" = {
proxyPass = "http://127.0.0.1:8009";
extraConfig = commonHeaders;
@ -105,7 +94,7 @@ in
};
};
"matrix.pub.solar-federation" = {
serverName = "matrix.test.pub.solar";
serverName = "matrix.pub.solar";
forceSSL = lib.mkDefault true;
enableACME = lib.mkDefault true;
listen = [{