2024-12-11 22:14:07 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}:
|
2020-12-28 18:42:26 +01:00
|
|
|
|
2022-07-20 16:34:14 +02:00
|
|
|
with pkgs;
|
|
|
|
|
|
|
|
|
|
# NOTE Reference the environment variable set in the corresponding agenix secret
|
2022-10-23 17:34:55 +02:00
|
|
|
let
|
|
|
|
|
database = {
|
|
|
|
|
connection_string = "$DB_STRING";
|
|
|
|
|
max_open_conns = 100;
|
|
|
|
|
max_idle_conns = 5;
|
|
|
|
|
conn_max_lifetime = -1;
|
|
|
|
|
};
|
2022-07-20 16:34:14 +02:00
|
|
|
|
2024-12-11 22:14:07 +01:00
|
|
|
in
|
|
|
|
|
{
|
2020-12-28 18:42:26 +01:00
|
|
|
# Matrix server configuration
|
2022-07-20 16:34:14 +02:00
|
|
|
services.dendrite = {
|
2020-12-28 18:42:26 +01:00
|
|
|
enable = true;
|
2022-07-20 16:34:14 +02:00
|
|
|
httpPort = 8008;
|
|
|
|
|
environmentFile = config.age.secrets.dendrite-postgres.path;
|
|
|
|
|
loadCredential = [ "private_key:${config.age.secrets.dendrite.path}" ];
|
2022-03-21 16:24:28 +01:00
|
|
|
settings = {
|
2022-07-20 16:34:14 +02:00
|
|
|
global = {
|
|
|
|
|
server_name = "coolneng.duckdns.org";
|
|
|
|
|
private_key = config.age.secrets.dendrite.path;
|
|
|
|
|
inherit database;
|
2022-10-23 17:34:55 +02:00
|
|
|
dns_cache.enabled = true;
|
2022-07-20 16:34:14 +02:00
|
|
|
};
|
|
|
|
|
# HACK Inherit postgres connection string for the rest of the DBs
|
2023-07-27 01:15:06 +02:00
|
|
|
app_service_api = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
2024-12-11 22:14:07 +01:00
|
|
|
media_api = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
|
|
|
|
room_server = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
|
|
|
|
push_server = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
2022-07-20 16:34:14 +02:00
|
|
|
mscs = {
|
|
|
|
|
inherit database;
|
2024-12-11 22:14:07 +01:00
|
|
|
mscs = [
|
|
|
|
|
"msc2836"
|
|
|
|
|
"msc2946"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
sync_api = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
|
|
|
|
key_server = {
|
|
|
|
|
inherit database;
|
|
|
|
|
};
|
|
|
|
|
federation_api = {
|
|
|
|
|
inherit database;
|
2022-07-20 16:34:14 +02:00
|
|
|
};
|
|
|
|
|
user_api = {
|
|
|
|
|
account_database = database;
|
|
|
|
|
device_database = database;
|
|
|
|
|
};
|
2022-03-21 16:24:28 +01:00
|
|
|
};
|
2020-12-28 18:42:26 +01:00
|
|
|
};
|
|
|
|
|
|
2023-06-08 18:33:01 +02:00
|
|
|
# Start dendrite after config files are mounted
|
|
|
|
|
systemd.services.dendrite.unitConfig.RequiresMountsFor = [
|
|
|
|
|
/var/lib/matrix-as-facebook
|
|
|
|
|
/var/lib/matrix-as-signal
|
|
|
|
|
/var/lib/matrix-as-telegram
|
|
|
|
|
];
|
|
|
|
|
|
2023-04-03 00:50:47 +02:00
|
|
|
# MQTT configuration
|
|
|
|
|
services.mosquitto = {
|
|
|
|
|
enable = true;
|
|
|
|
|
dataDir = "/vault/mosquitto";
|
2024-12-11 22:14:07 +01:00
|
|
|
logType = [
|
|
|
|
|
"websockets"
|
|
|
|
|
"error"
|
|
|
|
|
"warning"
|
|
|
|
|
"notice"
|
|
|
|
|
"information"
|
|
|
|
|
];
|
2023-04-03 00:50:47 +02:00
|
|
|
logDest = [ "syslog" ];
|
2024-12-11 22:14:07 +01:00
|
|
|
listeners = [
|
|
|
|
|
{
|
|
|
|
|
users.homeostasis = {
|
|
|
|
|
acl = [ "write #" ];
|
|
|
|
|
hashedPasswordFile = config.age.secrets.mqtt-sender.path;
|
|
|
|
|
};
|
|
|
|
|
users.prometheus = {
|
|
|
|
|
acl = [ "read #" ];
|
|
|
|
|
hashedPasswordFile = config.age.secrets.mqtt-receiver.path;
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
];
|
2023-04-03 00:50:47 +02:00
|
|
|
};
|
|
|
|
|
|
2020-12-28 18:42:26 +01:00
|
|
|
}
|
