tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 9 Pull requests Releases Activity

Compare commits

base: tlaternet:7e8a14383cb0904c6154782ce2de7e48d9b41245
Branches Tags
tlaternet:master
tlaternet:tlater/with-minecraft
tlaternet:tlater/nixpkgs-formatting
tlaternet:tlater/authelia
...
compare: tlaternet:a12282c58363190007021b6bdd19ac632b1d73dd
Branches Tags
tlaternet:tlater/with-minecraft
tlaternet:master
tlaternet:tlater/nixpkgs-formatting
tlaternet:tlater/authelia

2 commits
7e8a14383c ... a12282c583

Author SHA1 Message Date
Tristan Daniël Maat a12282c583
WIP: Add conduit 2022-10-22 20:01:58 +01:00
Tristan Daniël Maat 3e13b575b0
flake.nix: Clean up devshell 2022-10-22 20:01:56 +01:00
3 changed files with 76 additions and 18 deletions
Show stats Expand all files Collapse all files

13
configuration/default.nix
View file

@ -8,6 +8,7 @@
"${modulesPath}/profiles/headless.nix" "${modulesPath}/profiles/headless.nix"
(import ../modules) (import ../modules)
./services/conduit.nix
./services/gitea.nix ./services/gitea.nix
./services/nextcloud.nix ./services/nextcloud.nix
./services/webserver.nix ./services/webserver.nix
@ -49,7 +50,17 @@
useDHCP = false; useDHCP = false;
interfaces.eth0.useDHCP = true; interfaces.eth0.useDHCP = true;
firewall.allowedTCPPorts = [80 443 2222 21025]; firewall.allowedTCPPorts = [
# http
80
443
# ssh
2222
# matrix
8448
# starbound
21025
];
}; };
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";

53
configuration/services/conduit.nix Normal file
View file

@ -0,0 +1,53 @@
{config, ...}: let
cfg = config.services.matrix-conduit;
domain = "matrix.${config.services.nginx.domain}";
in {
services.matrix-conduit = {
enable = true;
settings.global = {
address = "127.0.0.1";
server_name = domain;
database_backend = "rocksdb";
};
};
services.nginx.virtualHosts."${domain}" = {
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "[::0]";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
{
addr = "[::0]";
port = 8488;
ssl = true;
}
];
addSSL = true;
extraConfig = ''
merge_slashes off;
'';
locations."/_matrix" = {
proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
# Recommended by conduit
extraConfig = ''
proxy_buffering off;
'';
};
};
}

18
flake.nix
View file

@ -86,6 +86,7 @@
"2222" = "2222"; "2222" = "2222";
"3080" = "80"; "3080" = "80";
"3443" = "443"; "3443" = "443";
"8448" = "8448"; # Matrix
"21025" = "21025"; # Starbound "21025" = "21025"; # Starbound
}; };
in { in {
@ -111,22 +112,15 @@
########################### ###########################
# Development environment # # Development environment #
########################### ###########################
devShells.${system}.default = let devShells.${system}.default = nixpkgs.legacyPackages.${system}.mkShell {
inherit (sops-nix.packages.${system}) sops-import-keys-hook sops-init-gpg-key;
deploy-rs-bin = deploy-rs.packages.${system}.default;
pkgs = nixpkgs.legacyPackages.${system};
in
nixpkgs.legacyPackages.${system}.mkShell {
sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"]; sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"];
nativeBuildInputs = [ nativeBuildInputs = [
sops-import-keys-hook sops-nix.packages.${system}.sops-import-keys-hook
]; ];
packages = with pkgs; [ packages = [
nixfmt sops-nix.packages.${system}.sops-init-gpg-key
git-lfs deploy-rs.packages.${system}.default
sops-init-gpg-key
deploy-rs-bin
]; ];
}; };
}; };