From c68c15bd032f912174e047d023d42de0c0bd5d94 Mon Sep 17 00:00:00 2001
From: TheWanderingCrow <contact@wanderingcrow.net>
Date: Mon, 8 Sep 2025 09:41:54 -0400
Subject: [PATCH] tuwunel matrix

---
 modules/services/matrix/default.nix | 85 +----------------------------
 1 file changed, 2 insertions(+), 83 deletions(-)

diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix
index d3b86c7..0c5d1be 100644
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@@ -1,86 +1,5 @@
-{
-  lib,
-  config,
-  ...
-}: let
-  fqdn = "matrix.wanderingcrow.net";
-  baseUrl = "https://${fqdn}";
-  clientConfig."m.homeserver".base_url = baseUrl;
-  serverConfig."m.server" = "${fqdn}:443";
-  mkWellKnown = data: ''
-    default_type application/json;
-    add_header Access-Control-Allow-Origin *;
-    return 200 '${builtins.toJSON data}';
-  '';
-in {
-  ############
-  # Database #
-  ############
-  services.postgresql = {
+{pkgs, ...}: {
+  services.matrix-tuwunel = {
     enable = true;
-    ensureUsers = [
-      {
-        name = "matrix-synapse";
-        ensureDBOwnership = true;
-      }
-    ];
-    ensureDatabases = ["matrix-synapse"];
-  };
-
-  services.nginx = {
-    enable = true;
-    recommendedTlsSettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    recommendedProxySettings = true;
-    virtualHosts = {
-      "wanderingcrow.net" = {
-        forceSSL = lib.mkDefault true;
-        useACMEHost = lib.mkDefault "wanderingcrow.net";
-        locations = {
-          "= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
-          "= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
-        };
-      };
-      "${fqdn}" = {
-        forceSSL = true;
-        useACMEHost = "${fqdn}";
-        locations = {
-          "/".extraConfig = ''return 404;'';
-          "/_matrix".proxyPass = "http://localhost:8008";
-          "/_synapse/client".proxyPass = "http://localhost:8008";
-        };
-      };
-    };
-  };
-
-  services.matrix-synapse = {
-    enable = true;
-    settings = {
-      server_name = "wanderingcrow.net";
-      public_baseurl = baseUrl;
-      listeners = [
-        {
-          port = 8008;
-          bind_addresses = ["::1"];
-          type = "http";
-          tls = false;
-          x_forwarded = true;
-          resources = [
-            {
-              names = ["client" "federation"];
-              compress = true;
-            }
-          ];
-        }
-      ];
-      database = {
-        name = "psycopg2";
-        args = {
-          user = "matrix-synapse";
-          database = "matrix-synapse";
-        };
-      };
-    };
   };
 }