tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 8 Pull requests Activity

chore(continuwuity): Switch to new upstream module

Browse source
This commit is contained in:
Tristan Daniël Maat 2026-02-25 01:56:32 +08:00
parent 4667044ea5
commit 3011625e51
Signed by: tlater
GPG key ID: 02E935006CF2E8E7
4 changed files with 16 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

27
configuration/services/conduit/default.nix
View file

@ -7,7 +7,7 @@
let
inherit (lib.strings) concatMapStringsSep;
cfg = config.services.matrix-conduit;
cfg = config.services.matrix-continuwuity;
domain = "matrix.${config.services.nginx.domain}";
turn-realm = "turn.${config.services.nginx.domain}";
in
@ -45,14 +45,14 @@ in
};
services = {
matrix-conduit = {
matrix-continuwuity = {
enable = true;
package = pkgs.matrix-continuwuity;
settings.global = {
address = "127.0.0.1";
address = [ "127.0.0.1" ];
server_name = domain;
new_user_displayname_suffix = "🦆";
allow_check_for_updates = true;
turn_secret_file = "/run/credentials/continuwuity.service/turn-secret";
# Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended
# This is primarily to make sliding sync work
@ -173,35 +173,30 @@ in
locations = {
"/_matrix" = {
proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
proxyPass = "http://${lib.head cfg.settings.global.address}:${toString cfg.settings.global.port}";
# Recommended by conduit
extraConfig = ''
proxy_buffering off;
'';
};
"/.well-known/matrix" = {
proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
proxyPass = "http://${lib.head cfg.settings.global.address}:${toString cfg.settings.global.port}";
};
};
};
backups.conduit = {
user = "root";
paths = [ "/var/lib/private/matrix-conduit/" ];
paths = [ "/var/lib/private/matrix-continuwuity/" ];
# Other services store their data in conduit, so no other services
# need to be shut down currently.
pauseServices = [ "conduit.service" ];
pauseServices = [ "continuwuity.service" ];
};
};
systemd.services.conduit.serviceConfig = {
ExecStart = lib.mkForce "${config.services.matrix-conduit.package}/bin/conduwuit";
# Pass in the TURN secret via EnvironmentFile, not supported by
# upstream module currently.
#
# See also https://gitlab.com/famedly/conduit/-/issues/314
EnvironmentFile = config.sops.secrets."turn/env".path;
};
systemd.services.continuwuity.serviceConfig.LoadCredential = "turn-secret:${
config.sops.secrets."turn/env".path
}";
systemd.services.coturn.serviceConfig.SupplementaryGroups = [
config.security.acme.certs."tlater.net".group