ladas552.me / Flake-ocean
My NixOS config Part 3: Flake-Parts Crusaders nix.ladas552.me
hjem nix nixos impermanence flake-parts nvfetcher niri noctalia
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

trying conduit with reverse proxy, thanks poz

ladas552.me 90cc06a5 9e6b7793

verified
+71
+1
modules/hosts/NixToks/imports.nix
··· 42 42 openssh 43 43 pipewire 44 44 plymouth 45 + matrix-conduit 45 46 # qemu 46 47 tlp 47 48 xkb
+1
modules/hosts/NixWool/imports.nix
··· 30 30 tangled 31 31 run0 32 32 minecraft-relay 33 + matrix-relay 33 34 # Users 34 35 root 35 36 ladas552
+68
modules/nixosModules/Server/matrix-conduit.nix
··· 1 + { 2 + # settings and well-known is stolen from @poz https://git.poz.pet/poz/niksos/src/commit/ca0170d49dcf01b9318e0eaaddf0a0e92aab5c74/hosts/szparag/services/conduit.nix 3 + flake.modules.nixos = { 4 + matrix-conduit = { 5 + services.matrix-conduit = { 6 + enable = true; 7 + settings.global = { 8 + address = "0.0.0.0"; 9 + server_name = "ladas552.me"; 10 + database_backend = "rocksdb"; 11 + port = 6161; 12 + enable_lightning_bolt = false; 13 + max_request_size = 104857600; 14 + allow_check_for_updates = false; 15 + allow_registration = false; 16 + }; 17 + }; 18 + # Only allow Tailscale 19 + networking.firewall.interfaces.tailscale0.allowedTCPPorts = [ 6161 ]; 20 + 21 + # persist for Impermanence 22 + custom.imp.root.directories = [ "/var/lib/matrix-conduit" ]; 23 + }; 24 + matrix-relay = { 25 + services = { 26 + nginx = { 27 + enable = true; 28 + streamConfig = '' 29 + server { 30 + listen 6161; 31 + proxy_pass 100.74.112.27:6161; 32 + } 33 + ''; 34 + }; 35 + 36 + caddy.virtualHosts = { 37 + "matrix.ladas552.me".extraConfig = '' 38 + reverse_proxy /_matrix/* http://127.0.0.1:6161 39 + ''; 40 + "ladas552.me".extraConfig = '' 41 + header /.well-known/matrix/* Content-Type application/json 42 + header /.well-known/matrix/* Access-Control-Allow-Origin * 43 + 44 + respond /.well-known/matrix/server `{ 45 + "m.server": "matrix.ladas552.me:443" 46 + }` 47 + respond /.well-known/matrix/client `{ 48 + "m.homeserver": { 49 + "base_url": "https://matrix.ladas552.me" 50 + }, 51 + "m.identity_server": { 52 + "base_url": "https://matrix.org" 53 + }, 54 + "org.matrix.msc3575.proxy": { 55 + "url": "https://matrix.ladas552.me" 56 + } 57 + }` 58 + ''; 59 + }; 60 + }; 61 + 62 + networking.firewall.allowedTCPPorts = [ 63 + 443 64 + 6161 65 + ]; 66 + }; 67 + }; 68 + }
+1
modules/wrappers/adifox/flake-outputs.nix
··· 125 125 (f "Сантехник" [ 126 126 (b "Hetzner" "console.hetzner.com") 127 127 (b "Tailscale" "login.tailscale.com/admin/machines") 128 + (b "Cloudflare" "dash.cloudflare.com") 128 129 ]) 129 130 (f "Социопат" [ 130 131 (b "Gmail" "mail.google.com/mail/u/0/#inbox")