Matrix, Caddy

* Nginx to caddy (#5)

Convert all nginx instances to caddy instances, setup acme as well

* matrix implemented

modules/services/matrix/default.nix

@@ -8,6 +8,10 @@
     "${inputs.nixpkgs-unstable}/nixos/modules/services/matrix/tuwunel.nix"
   ];
 
+  environment.systemPackages = [
+    pkgs.unstable.fluffychat-web
+  ];
+
   sops.secrets."matrix/registration_token" = {
     owner = "tuwunel";
   };
@@ -22,7 +26,7 @@
         new_user_displayname_suffix = "";
         unix_socket_path = "/run/tuwunel/tuwunel.sock";
         unix_socket_perms = 660;
-        allow_registration = false;
+        allow_registration = true;
         registration_token_file = config.sops.secrets."matrix/registration_token".path;
         allow_encryption = true;
         allow_federation = true;
@@ -32,18 +36,20 @@
     };
   };
 
-  services.nginx = {
+  networking.firewall.allowedTCPPorts = [8448];
+
+  users.users.caddy.extraGroups = ["tuwunel"];
+
+  services.caddy = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts = {
-      "psychal.link" = {
-        forceSSL = true;
-        useACMEHost = "psychal.link";
-        locations."/" = {
-          proxyPass = "http://unix:/run/tuwunel/tuwunel.sock";
-          proxyWebsockets = true;
-        };
-      };
+      "psychal.link, psychal.link:8448".extraConfig = ''
+        reverse_proxy unix//run/tuwunel/tuwunel.sock
+      '';
+      "chat.psychal.link".extraConfig = ''
+        root * ${pkgs.unstable.fluffychat-web}
+        file_server
+      '';
     };
   };
 }