Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

format the repo files

Browse Source
This commit is contained in:
Kabbone
2026-04-26 10:27:50 +02:00
parent 92fd97c9a2
commit b319cd93e9
116 changed files with 4726 additions and 4247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

391
modules/services/server/matrix.nix
View File

@@ -1,10 +1,12 @@
#
# System notifications
#
{ config, lib, pkgs, ... }:
let
{
config,
lib,
pkgs,
...
}: let
fqdn = "matrix.${config.networking.domain}";
clientConfig = {
"m.homeserver".base_url = "https://${fqdn}";
@@ -24,230 +26,237 @@ in {
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"${config.networking.domain}" = {
"${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
locations."/_matrix".proxyPass = "http://localhost:8008";
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
locations."/_matrix".proxyPass = "http://localhost:8008";
};
"${fqdn}" = {
enableACME = true;
forceSSL = true;
locations."/health".proxyPass = "http://localhost:8008";
locations."/_matrix".proxyPass = "http://localhost:8008";
locations."/_synapse/client".proxyPass = "http://localhost:8008";
locations."/".extraConfig = ''
locations."/health".proxyPass = "http://localhost:8008";
locations."/_matrix".proxyPass = "http://localhost:8008";
locations."/_synapse/client".proxyPass = "http://localhost:8008";
locations."/".extraConfig = ''
return 404;
'';
};
# "element.${config.networking.domain}" = {
# enableACME = true;
# forceSSL = true;
#
# root = pkgs.element-web.override {
# conf = {
# default_server_config = clientConfig;
# };
# };
# };
# "element.${config.networking.domain}" = {
# enableACME = true;
# forceSSL = true;
#
# root = pkgs.element-web.override {
# conf = {
# default_server_config = clientConfig;
# };
# };
# };
};
};
imports = [ ../../kabbone/mautrix-whatsapp.nix ];
imports = [../../kabbone/mautrix-whatsapp.nix];
services.matrix-synapse = {
enable = true;
settings = {
server_name = config.networking.domain;
public_baseurl = "https://matrix.${config.networking.domain}";
listeners = [
{ port = 8008;
bind_addresses = [ "::1" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{ names = [ "client" ]; compress = true; }
{ names = [ "federation" ]; compress = false; }
];
}
];
server_name = config.networking.domain;
public_baseurl = "https://matrix.${config.networking.domain}";
listeners = [
{
port = 8008;
bind_addresses = ["::1"];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = ["client"];
compress = true;
}
{
names = ["federation"];
compress = false;
}
];
}
];
};
extraConfigFiles = [
config.age.secrets."services/matrix/synapse.yml".path
config.age.secrets."services/matrix/synapse.yml".path
];
};
systemd.services = {
matrix-synapse = {
requires = [ "postgresql.service" ];
};
matrix-synapse = {
requires = ["postgresql.service"];
};
};
services = {
mautrix-telegram = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-telegram.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
provisioning.enabled = false;
id = "telegram";
public = {
enabled = false;
};
};
bridge = {
sync_channel_members = true;
startup_sync = true;
public_portals = true;
double_puppet_server_map = {
"kabtop.de" = "https://kabtop.de";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
};
private_chat_portal_meta = "default";
backfill = {
disable_notifications = true;
};
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
loggers = {
mau = {
level = "WARN";
};
telethon = {
level = "WARN";
};
};
root = {
handlers = [
"console"
];
level = "WARN";
};
};
mautrix-telegram = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-telegram.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
provisioning.enabled = false;
id = "telegram";
public = {
enabled = false;
};
};
mautrix-signal = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-signal.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
id = "signal";
as_token = "$MAUTRIX_SIGNAL_AS_TOKEN";
hs_token = "$MAUTRIX_SIGNAL_HS_TOKEN";
};
database = {
type = "postgres";
uri = "$MAUTRIX_SIGNAL_APPSERVICE_DATABASE";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
pickle_key = "$MAUTRIX_SIGNAL_ENCRYPTION_PICKLE_KEY";
};
backfill = {
enabled = true;
};
bridge = {
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
min_level = "warn";
writers = [
{
format = "pretty-colored";
type = "stdout";
}
];
};
};
bridge = {
sync_channel_members = true;
startup_sync = true;
public_portals = true;
double_puppet_server_map = {
"kabtop.de" = "https://kabtop.de";
};
};
kabbone_mautrix-whatsapp = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-whatsapp.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
id = "whatsapp";
as_token = "$MAUTRIX_WHATSAPP_AS_TOKEN";
hs_token = "$MAUTRIX_WHATSAPP_HS_TOKEN";
};
database = {
type = "postgres";
uri = "$MAUTRIX_WHATSAPP_APPSERVICE_DATABASE";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
pickle_key = "$MAUTRIX_WHATSAPP_ENCRYPTION_PICKLE_KEY";
};
network = {
history_sync.request_full_sync = true;
};
bridge = {
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
min_level = "warn";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
};
private_chat_portal_meta = "default";
backfill = {
disable_notifications = true;
};
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
loggers = {
mau = {
level = "WARN";
};
telethon = {
level = "WARN";
};
};
root = {
handlers = [
"console"
];
level = "WARN";
};
};
};
};
mautrix-signal = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-signal.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
id = "signal";
as_token = "$MAUTRIX_SIGNAL_AS_TOKEN";
hs_token = "$MAUTRIX_SIGNAL_HS_TOKEN";
};
database = {
type = "postgres";
uri = "$MAUTRIX_SIGNAL_APPSERVICE_DATABASE";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
pickle_key = "$MAUTRIX_SIGNAL_ENCRYPTION_PICKLE_KEY";
};
backfill = {
enabled = true;
};
bridge = {
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
min_level = "warn";
writers = [
{
format = "pretty-colored";
type = "stdout";
}
];
};
};
};
kabbone_mautrix-whatsapp = {
enable = true;
registerToSynapse = true;
environmentFile = config.age.secrets."services/matrix/mautrix-whatsapp.env".path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = "kabtop.de";
};
appservice = {
hostname = "127.0.0.1";
id = "whatsapp";
as_token = "$MAUTRIX_WHATSAPP_AS_TOKEN";
hs_token = "$MAUTRIX_WHATSAPP_HS_TOKEN";
};
database = {
type = "postgres";
uri = "$MAUTRIX_WHATSAPP_APPSERVICE_DATABASE";
};
encryption = {
allow = true;
default = true;
verification_levels = {
receive = "cross-signed-untrusted";
send = "cross-signed-untrusted";
};
pickle_key = "$MAUTRIX_WHATSAPP_ENCRYPTION_PICKLE_KEY";
};
network = {
history_sync.request_full_sync = true;
};
bridge = {
permissions = {
"@kabbone:kabtop.de" = "admin";
};
};
logging = {
min_level = "warn";
};
};
};
};
age.secrets."services/matrix/synapse.yml" = {
file = ../../../secrets/services/matrix/synapse.age;
owner = "matrix-synapse";
file = ../../../secrets/services/matrix/synapse.age;
owner = "matrix-synapse";
};
age.secrets."services/matrix/mautrix-telegram.env" = {
file = ../../../secrets/services/matrix/mautrix-telegram.age;
owner = "mautrix-telegram";
file = ../../../secrets/services/matrix/mautrix-telegram.age;
owner = "mautrix-telegram";
};
age.secrets."services/matrix/mautrix-whatsapp.env" = {
file = ../../../secrets/services/matrix/mautrix-whatsapp.age;
owner = "mautrix-whatsapp";
file = ../../../secrets/services/matrix/mautrix-whatsapp.age;
owner = "mautrix-whatsapp";
};
age.secrets."services/matrix/mautrix-signal.env" = {
file = ../../../secrets/services/matrix/mautrix-signal.age;
owner = "mautrix-signal";
file = ../../../secrets/services/matrix/mautrix-signal.age;
owner = "mautrix-signal";
};
}