tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 9 Pull requests Releases Activity

Update to fix ssh vulnerability #117

Manually merged
tlater merged 6 commits from tlater/update-conduit into master 2024-07-02 23:16:33 +01:00
Conversation 0 Commits 6 Files changed 11 +9 -13
1 changed files with 9 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit d568436d83 - Show all commits

22
configuration/services/conduit.nix
View file

@ -18,6 +18,13 @@ in
server_name = domain; server_name = domain;
database_backend = "rocksdb"; database_backend = "rocksdb";
# Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended
# This is primarily to make sliding sync work
well_known = {
client = "https://${domain}";
server = "${domain}:443";
};
turn_uris = turn_uris =
let let
address = "${config.services.coturn.realm}:${toString config.services.coturn.listening-port}"; address = "${config.services.coturn.realm}:${toString config.services.coturn.listening-port}";
@ -230,19 +237,8 @@ in
proxy_buffering off; proxy_buffering off;
''; '';
}; };
"/.well-known/matrix" = {
# Add Element X support proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
# TODO(tlater): Remove when no longer required: https://github.com/vector-im/element-x-android/issues/1085
"=/.well-known/matrix/client" = {
alias = pkgs.writeText "well-known-matrix-client" (builtins.toJSON {
"m.homeserver".base_url = "https://${domain}";
"org.matrix.msc3575.proxy".url = "https://${domain}";
});
extraConfig = ''
default_type application/json;
add_header Access-Control-Allow-Origin "*";
'';
}; };
}; };
}; };