diff --git a/configuration.nix b/configuration.nix index efba068..f4e9c2c 100644 --- a/configuration.nix +++ b/configuration.nix @@ -8,6 +8,7 @@ imports = [ # Include the results of the hardware scan. ./hardware/samsehu.nix + ./samsehu/matrix-conduit.nix ]; # Use the `systemd-boot` boot loader diff --git a/flake.lock b/flake.lock index 0b06721..7bd8ecf 100644 --- a/flake.lock +++ b/flake.lock @@ -63,136 +63,6 @@ "type": "github" } }, - "flake-utils_2": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { - "inputs": { - "systems": "systems_4" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "glauth": { - "inputs": { - "flake-utils": "flake-utils", - "gomod2nix": "gomod2nix", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1704867971, - "narHash": "sha256-ltNKZ5XP7x+23YudLeQvPrXWj3qDuqb71jH0c1f9aN0=", - "owner": "leroycep", - "repo": "glauth", - "rev": "5c0be9f05fbb8ee0e12c34fd35acea6189461061", - "type": "github" - }, - "original": { - "owner": "leroycep", - "repo": "glauth", - "type": "github" - } - }, - "glauth-sqlite": { - "inputs": { - "flake-utils": "flake-utils_2", - "gomod2nix": "gomod2nix_2", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1704871050, - "narHash": "sha256-V5GPi5SmCHpNAaUFEyvWkxV7W3tiLZyF1t7XpJ+NH4s=", - "owner": "leroycep", - "repo": "glauth-sqlite", - "rev": "43fc8b29722916a418e96527d7afbdfcf708a705", - "type": "github" - }, - "original": { - "owner": "leroycep", - "repo": "glauth-sqlite", - "type": "github" - } - }, - "gomod2nix": { - "inputs": { - "flake-utils": [ - "glauth", - "flake-utils" - ], - "nixpkgs": [ - "glauth", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1701687253, - "narHash": "sha256-qJCMxIKWXonJODPF2oV7mCd0xu7VYVenTucrY0bizto=", - "owner": "nix-community", - "repo": "gomod2nix", - "rev": "001bbfa22e2adeb87c34c6015e5694e88721cabe", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "gomod2nix", - "type": "github" - } - }, - "gomod2nix_2": { - "inputs": { - "flake-utils": [ - "glauth-sqlite", - "flake-utils" - ], - "nixpkgs": [ - "glauth-sqlite", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1701687253, - "narHash": "sha256-qJCMxIKWXonJODPF2oV7mCd0xu7VYVenTucrY0bizto=", - "owner": "nix-community", - "repo": "gomod2nix", - "rev": "001bbfa22e2adeb87c34c6015e5694e88721cabe", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "gomod2nix", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -216,7 +86,7 @@ }, "juanfont-headscale": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ] @@ -255,8 +125,6 @@ "root": { "inputs": { "agenix": "agenix", - "glauth": "glauth", - "glauth-sqlite": "glauth-sqlite", "juanfont-headscale": "juanfont-headscale", "nixpkgs": "nixpkgs" } @@ -290,36 +158,6 @@ "repo": "default", "type": "github" } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } } }, "root": "root", diff --git a/samsehu/matrix-conduit.nix b/samsehu/matrix-conduit.nix new file mode 100644 index 0000000..5ec3efa --- /dev/null +++ b/samsehu/matrix-conduit.nix @@ -0,0 +1,35 @@ + +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, ... }: + +{ + # Headscale for access to the network while away from home + services.headscale.settings.dns_config.extra_records = [ + { name = "matrix.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; } + ]; + + # configure matrix-conduit as a server to host chat communications with end-to-end encryption + services.matrix-conduit = { + enable = true; + settings.global = { + server_name = "matrix.samsehu.perli.casa"; + }; + }; + + # Reverse proxy with Caddy + services.caddy.virtualHosts."matrix.samsehu.perli.casa".extraConfig = '' + respond /.well-known/matrix/server `{ "m.server": "matrix.samsehu.perli.casa" }` 200 + respond /.well-known/matrix/client `{ "m.homeserver": { "base_url": "https://matrix.samsehu.perli.casa" } }` 200 + ''; + services.caddy.virtualHosts."matrix.samsehu.perli.casa:8448".extraConfig = '' + reverse_proxy localhost:${toString config.services.matrix-conduit.settings.global.port} + ''; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ 80 443 8448 ]; + networking.firewall.allowedUDPPorts = [ 80 443 8448 ]; +} +