feat(matrix): Switch to conduwuit

This fixes support for the new sliding sync API.
2025-04-04 21:06:27 +08:00 · 2025-04-04 21:06:27 +08:00 · 3c6afa0c66
parent a398790ef4
commit 3c6afa0c66
4 changed files with 807 additions and 139 deletions
--- a/configuration/hardware-specific/hetzner/disko.nix
+++ b/configuration/hardware-specific/hetzner/disko.nix
@ -80,6 +80,17 @@
                    inherit mountOptions;
                    mountpoint = "/var";
                  };
+                  "/volume/var/lib/private/matrix-conduit" = {
+                    mountOptions = [
+                      # Explicitly don't compress here, since
+                      # conduwuit's database does compression by
+                      # itself, and relies on being able to read the
+                      # raw file data from disk (which is impossible
+                      # if btrfs compresses it)
+                      "noatime"
+                    ];
+                    mountpoint = "/var/lib/private/matrix-conduit";
+                  };
                  "/volume/nix-store" = {
                    inherit mountOptions;
                    mountpoint = "/nix";
--- a/configuration/services/conduit/default.nix
+++ b/configuration/services/conduit/default.nix
@ -1,4 +1,6 @@
 {
+  pkgs,
+  flake-inputs,
  config,
  lib,
  ...
@ -18,10 +20,12 @@ in

  services.matrix-conduit = {
    enable = true;
+    package = flake-inputs.conduwuit.packages.${pkgs.system}.default;
    settings.global = {
      address = "127.0.0.1";
      server_name = domain;
-      database_backend = "rocksdb";
+      new_user_displayname_suffix = "🦆";
+      allow_check_for_updates = true;

      # Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended
      # This is primarily to make sliding sync work
@ -44,11 +48,14 @@ in
    };
  };

-  # Pass in the TURN secret via EnvironmentFile, not supported by
-  # upstream module currently.
-  #
-  # See also https://gitlab.com/famedly/conduit/-/issues/314
-  systemd.services.conduit.serviceConfig.EnvironmentFile = config.sops.secrets."turn/env".path;
+  systemd.services.conduit.serviceConfig = {
+    ExecStart = lib.mkForce "${config.services.matrix-conduit.package}/bin/conduwuit";
+    # Pass in the TURN secret via EnvironmentFile, not supported by
+    # upstream module currently.
+    #
+    # See also https://gitlab.com/famedly/conduit/-/issues/314
+    EnvironmentFile = config.sops.secrets."turn/env".path;
+  };

  systemd.services.coturn.serviceConfig.SupplementaryGroups = [
    config.security.acme.certs."tlater.net".group
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@ -4,6 +4,10 @@
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11-small";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
+    conduwuit = {
+      url = "github:girlbossceo/conduwuit";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
    disko = {
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";