tlaternet/tlaternet-server
1
0
Fork 0
Code Issues11 Pull requests Releases Activity

feat(matrix): Switch to conduwuit #141

Manually merged
tlater merged 1 commit from tlater/conduwuit into master 2025-04-04 14:09:22 +01:00
Conversation 0 Commits 1 Files changed 4 +807 -139
4 changed files with 807 additions and 139 deletions
configuration
hardware-specific/hetzner
disko.nix
services/conduit
default.nix
flake.lockflake.nix

11
configuration/hardware-specific/hetzner/disko.nix
View file

@ -80,6 +80,17 @@
inherit mountOptions; inherit mountOptions;
mountpoint = "/var"; mountpoint = "/var";
}; };
"/volume/var/lib/private/matrix-conduit" = {
mountOptions = [
# Explicitly don't compress here, since
# conduwuit's database does compression by
# itself, and relies on being able to read the
# raw file data from disk (which is impossible
# if btrfs compresses it)
"noatime"
];
mountpoint = "/var/lib/private/matrix-conduit";
};
"/volume/nix-store" = { "/volume/nix-store" = {
inherit mountOptions; inherit mountOptions;
mountpoint = "/nix"; mountpoint = "/nix";

19
configuration/services/conduit/default.nix
View file

@ -1,4 +1,6 @@
{ {
pkgs,
flake-inputs,
config, config,
lib, lib,
... ...
@ -18,10 +20,12 @@ in
services.matrix-conduit = { services.matrix-conduit = {
enable = true; enable = true;
package = flake-inputs.conduwuit.packages.${pkgs.system}.default;
settings.global = { settings.global = {
address = "127.0.0.1"; address = "127.0.0.1";
server_name = domain; server_name = domain;
database_backend = "rocksdb"; new_user_displayname_suffix = "🦆";
allow_check_for_updates = true;
# Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended # Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended
# This is primarily to make sliding sync work # This is primarily to make sliding sync work
@ -44,11 +48,14 @@ in
}; };
}; };
# Pass in the TURN secret via EnvironmentFile, not supported by systemd.services.conduit.serviceConfig = {
# upstream module currently. ExecStart = lib.mkForce "${config.services.matrix-conduit.package}/bin/conduwuit";
# # Pass in the TURN secret via EnvironmentFile, not supported by
# See also https://gitlab.com/famedly/conduit/-/issues/314 # upstream module currently.
systemd.services.conduit.serviceConfig.EnvironmentFile = config.sops.secrets."turn/env".path; #
# See also https://gitlab.com/famedly/conduit/-/issues/314
EnvironmentFile = config.sops.secrets."turn/env".path;
};
systemd.services.coturn.serviceConfig.SupplementaryGroups = [ systemd.services.coturn.serviceConfig.SupplementaryGroups = [
config.security.acme.certs."tlater.net".group config.security.acme.certs."tlater.net".group

912
flake.lock
View file

File diff suppressed because it is too large Load diff

4
flake.nix
View file

@ -4,6 +4,10 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11-small"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11-small";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
conduwuit = {
url = "github:girlbossceo/conduwuit";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = { disko = {
url = "github:nix-community/disko"; url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";