tuwunel matrix

2026-01-10 17:34:05 -05:00 · 2025-09-08 09:41:54 -04:00 · 2025-09-08 09:41:54 -04:00 · c68c15bd03
commit c68c15bd03
parent a864bfaa6f
1 changed files with 2 additions and 83 deletions
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@ -1,86 +1,5 @@
-{
-  lib,
-  config,
-  ...
-}: let
-  fqdn = "matrix.wanderingcrow.net";
-  baseUrl = "https://${fqdn}";
-  clientConfig."m.homeserver".base_url = baseUrl;
-  serverConfig."m.server" = "${fqdn}:443";
-  mkWellKnown = data: ''
-    default_type application/json;
-    add_header Access-Control-Allow-Origin *;
-    return 200 '${builtins.toJSON data}';
-  '';
-in {
-  ############
-  # Database #
-  ############
-  services.postgresql = {
+{pkgs, ...}: {
+  services.matrix-tuwunel = {
    enable = true;
-    ensureUsers = [
-      {
-        name = "matrix-synapse";
-        ensureDBOwnership = true;
-      }
-    ];
-    ensureDatabases = ["matrix-synapse"];
-  };
-
-  services.nginx = {
-    enable = true;
-    recommendedTlsSettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    recommendedProxySettings = true;
-    virtualHosts = {
-      "wanderingcrow.net" = {
-        forceSSL = lib.mkDefault true;
-        useACMEHost = lib.mkDefault "wanderingcrow.net";
-        locations = {
-          "= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
-          "= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
-        };
-      };
-      "${fqdn}" = {
-        forceSSL = true;
-        useACMEHost = "${fqdn}";
-        locations = {
-          "/".extraConfig = ''return 404;'';
-          "/_matrix".proxyPass = "http://localhost:8008";
-          "/_synapse/client".proxyPass = "http://localhost:8008";
-        };
-      };
-    };
-  };
-
-  services.matrix-synapse = {
-    enable = true;
-    settings = {
-      server_name = "wanderingcrow.net";
-      public_baseurl = baseUrl;
-      listeners = [
-        {
-          port = 8008;
-          bind_addresses = ["::1"];
-          type = "http";
-          tls = false;
-          x_forwarded = true;
-          resources = [
-            {
-              names = ["client" "federation"];
-              compress = true;
-            }
-          ];
-        }
-      ];
-      database = {
-        name = "psycopg2";
-        args = {
-          user = "matrix-synapse";
-          database = "matrix-synapse";
-        };
-      };
-    };
  };
 }