Add Matrix sliding-sync service
This commit is contained in:
Jakob Lechner
parent
0006377763
commit
2db35dfc54
6 changed files with 42 additions and 3 deletions
|
|
@ -7,6 +7,7 @@ custom-utils.validatePortAttrset {
|
|||
home-assistant.tcp = 8123;
|
||||
jellyfin.tcp = 8096;
|
||||
matrix-synapse.tcp = 8008;
|
||||
matrix-sliding-sync.tcp = 8009;
|
||||
mautrix-signal.tcp = 29319;
|
||||
mautrix-whatsapp.tcp = 29318;
|
||||
navidrome.tcp = 4533;
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ rspamd-worker-controller: ENC[AES256_GCM,data:7tS8bEr9i5F+YZoj3uPQa6Xd2SCsuC+jE5
|
|||
dkim-keys:
|
||||
jalr.de.default: ENC[AES256_GCM,data:mnApsYKXYGtUAHddccmNmU9yZQtekDkTiTXbJ0UJxC0rFxzQCtGsinQslIROJdNUxsxciR1ilNzxawzjJD7AaWJbcAq2TYObGJJOQZBif7t/XEN/rIxEmnAFmdeAyrSONmFb9DiEn59m6DpsU+/9Y+hnc/uwwbzueO34WHJnTqmmsxFVNQZfGR+cbSckHS3wZrfjZSKKzCRt+9DU/xxJ4voyowXLO77w00LHVkyU5liwONi0v2XJ+QeP/jIMmJeKjujZcH+qvUm/kukijqyWKGrZoAYPC2cBlL/UrNECuVdSLMXvr4KBDDTCRZCSMRgUPJ0TAfpQPTPitKJ/0igK7qQl9n/6hckY7VyP8KDS7J7G2Z2XVxfZrAR4X/7ya9B2kneVr2CNx3w954EdTcV1/lD7rcKRjKynyl3ddf8gxJFJ21k1ybo2RLnftGCRVq25qNwhyfjU8x5c7AEs+YTPDrcnmxZ/Ui276eLwpMj61oZzTp8QQhiBVwS/+ruRLC+78pu2gb1gBF/Oo3nuvQD1SOpCRikLVewCYDvfXj/hrjo+oCsjTOj+9tWRcRAEDVlhkXWCMuPXDYrdt3HrIWbQuP8NW1ezd1Ll0r1ujjtPJeSwdd8cVcUSBIoA5gU+eXnYjFaSx9BZ+sIfKqG//W3S+aBYDqAEK/z4N5q66sReb5mtSQYfbZuIZDmox9bwNMG3tJmQX0lJZgEIiuJ5/ef4ra0sj9JsRFldmIn9KUmjW9OlIwzQ42cNNvQSMD/6haNiYsE6TPzVylJ/B2kNu9Qh5FfpCIPtVORv2BAGoNvZlyhjyEiXBEZ4x2hx1l5cBwGOaGhoJ0p+1wqn2zDalIBaEFjbBVdIB6DPC6/lccvpqSwF7HvW2ugyYhW+u92vgic71/BsI4i0OlsJV18gU/zVg0Yj8SK69kEwm4wkJTrkM/I4+kkUIc5OiSAknRfjOFJc0etkh3nO34xpHLOkSv9DrKfXSAGmGZtCLtVL5LGdZeCd/g6EK0JJh6bd9Gu9koSJVq5vjdDJJFf+sgk39TCvHAvk8k1/FgdK5jMJ+pR8heJtP8G96ay3DFVm5hpbjuNKqfBvbf2rkyV6++ywRFnAQGPUiMn9g6Q4F5Ks7CC1D0Ubl7b3dCUk6BDi8rHjxy9QS0/25Yz9cF0bFd6XQDfblnyRLMi9aB36M9Vp38Oh5aB16MyvNUHzcxpaAak0yknE6OuuEMBPQZgFVADCITfy9eUXl2FoXrMWEnBO78GybQ+cV8nhynn5t0U+3koMy2E8ju5kiEofQxXylys3Q76iKRRUbQqFkh/ndWtJVVfGNpi1GrUr1w1YZM0hBY9FqqeBjf7ckj+9BdiwWJ0XauuR70o7odm02mydk1/T3Hfzt3OE5nHIXnVbum9KyPx8wXj9qc6JGFm558pQOcRUgGUi+EzGoGckkoLx4Onl+XeGysW5sXP9dbYgMBug0Tjmdo9xkoBti6znDnN/zh93bbzWITNvxMgVs8zSWEhlM0c7F02UeUXSekbTFue5FOaMdYObMvPeb53jAKBOYLr34GVFvucJhKajIaNzDvfiI6fGCMxcSsWk+P3co7gdbRlWYZELsKDu2scktZsHr/gRwRiDZXAWOLiWZL4jswQ1vXSFXJgdblEV//hr2DwsAtCAsyFcgO/LGq30xi3xNqHTkUZXo6cZYSb6EVaIywMCI5ySEnTLAp/xedySANHuo8yyVqyLxkDPI7CnnSS7JcnQF3K5z+NZ0KnIpc1ewGupOhS0fKj31XxUkoSsHEY/iWJPLNA8+4VsBkADnGdkYXHTvy/yAGV6w1k1qtjiWhDAGcE9/o6NOHctYm3cx8CVsLpve/WFUaCkGgjWJdC8XP92xsUQoE6PENn6ZzFaqGHs7hgQqE1kBcEj8N5WkEqkoMo82giHE33iYoVUdkjOTkV4iDGEqyjg1BoM0GedR2A832LseDkP7u4DjIAQfpIDu7PaeiDh7xWkPRwIMV0oDTakXTdPkPGdgFikzTaxkTzRlpCbQuV769eITqVT04kJDp7+0Rb6dtjeXc0Ennv68wZSiyrlmXbrJntg7g1wrebq28q9NMIZETAPugfK6wNDu/Iw1q1kZn2ELo6xaDlcIxHDcpzK7e2VAYYuP1k3sYnSLU3oeq54j3/yS2z1me5FEqWlPOCrjdnLkE3/GjbeMsYo2YTYJEUEd2ncacSCoXUaUoxpBnjRYcHLRUV+6jy7Amp0/52rAPzSeVlBzc+SdNiKLYA2UQ74WrMU596Gkhw1SD8jSM5QqSBhH9sL+oE4GjhjLhstMUPdkNgiwxXDTZLKcIyjN1cn+RSmvNA2KXMH6MoXrkqSkJ9u2s0QAhla51zR/LZwWbzwGOO0dkh3rwh2x+pcCfuzvlk3lYr/x5XOF2k1n8yvehXY5zIX8nk6djjLbvAzzSr/yalS7R0WYIc6CjzoUl3qz+PlneMfKHcaX00hkOlIub/ZFQf1RE+JzZxi0qQq4M8Nt1XRKGDeS448Z6znDpedStUH29krZcnjMtyLmPX7ETTsjr3HLpCOd7MQ2K1rfhmvh5BtJkn1KSUf94puZbkLH7X+WnWN0hsc+KbSXnYZvqwJ8G0/7ptp/Q+wGljqhjv+HhOeA3NUwANv1xWgbiymVIlxCodXtQwn8mxS+jxSvslGwOnyUkTT76IbFbv/IpW6PNvj/xqwOqey8a/4WCGcqs403Y7TKQ+xCflG6K3tL7U5UbMnMgXTeZvoK+DooS2eIepF2WB5XqTuOZJV2OQ6GHfaBMjXN9iGVNLi6XgkbpmcMLQ4TZq+dVmgleJb14IaTFD3n74OfmbcT9lmRfPRJEpFEMNeL3ghH54P2a91zJFASgE7x+Uv2cGcmKFtMbyc/rrhH1F/Ixlv/R37huFo1T2dPMEZ/1ouuPpbUQ5oz/JlOWw3NOxd0O6oG0x9Xib+9KxSFOusLWcFEgx70jrBQKj8s2Jj+W0gZYv+BJtPMPY0KAkRj1amt4Fd6ZrPOEXJ392EHSAEv5jssO5ba52OHKA+QkYvPPL04rwkxSAQiTl57scnEj2WEIP+Lz0/qsMnwF+3rWuz856doJZcXX+U9iuzBCaYQqA1P3BojAYhEHnXBPeolHOA3BmhT9E2TJsZ6P9SQ+GaqyLm0i4vRXGlArlkLwRBs9EZv/l4DT8q0YHha53O4rhRzGJZKAOO252Dpha1YN7+FubYGAZjaUT5O0R/7xSPrGyBejddtM8asW8+NClAn4Y6xvj1IgUg6VRpEy7ZIpZEQ+UyDWt0A4nsipaz2NyZKZ5Vxza2v1qZDdYODK8nm/zj7fR/JykaNVEVj7ceTSHdaQlajfeEWWTs92msIBcqPUXqlaR005hoVvXm+WCnzIMIXLGiyRKRsAPIDYh2hGCtvfXLSq5TYm3bnGAImL0KW3Yllt1qSqSbOYsvm5QfDmTrrccvtSLGRj0rOU3Z8f4WXjf+1YgxjZ9h8fKL+LKA8x1S6M8fl0JVGBIAU8Xe8c4+r2F1VcygJp7h+0v8o8GudM6in4djAdeMLWBgXid7r0q744joFucP56opwYQp3Lu0oFEo0omS6Rh9yPfOjdGBU2eUdjcCNXXuEJD9yHSyebviSAvDw/KH1AxYSWYnjMWACCfcbOlXf3ej7PuQgq5MdFwF7+QawXm0john4YusUon4/0fqd/IFLd6oHYYesxcFdm1jN6DeS4SAqRgeEPuEWDFERgXjLHBxl5Xdi5n+NOR3Vc7ziJ9j9/CA1DKdwmsFBBDcVKMnr2FibXpN5WsSdlBng0L2zhkL22wRH9xbz8Xk5shN20/EHoxHB5HJvwfOgHIC7ooWKOUUuNTZH43+gVN+wzRzlMfiF4X71Edw+lTnQRp6Lh03M2k9do6JPoX2+UU0h6mOYiAFkhHKzCmK3DY12c4Smx+qLJNbUGhoMgthu/WnXObm0Hr+myCooTYSVNTJx6vVjI3GZtMcat2o8B9k38u/Y5/FxqTYmyXhROwS4v3W5fXwTAaxBqQy6Xj5s4V37omBBh/Z9a43nc2VlT7dKR1wIvNB/gqhiYyYrVMtYMJqGLkeCbu50LUWT4qXyR8uaqbZTVjyJCQRxZd6fd3Zfe9wIeYe3N5qKIXkFD3n1U2Q/EyRfb3TpiA+eYkAtl6JGK0vpeWpN5M2LJ3/V79e3cIG7B7/p6BrRxKxHDnBZcu57KKaN8XM+v2KTz7XdF8bjgeu1V/B9WoBwnpzCM+3s5ffNceuUcb2gJgRAUpZvcSDLYy+9aluGU2Tvsm49fCzr851p3VSEJepgPpnvuq874AX/MbPvqidF8Y21Kss1RUbl5wrlq5IihKdM+xCSq6mjvtSPVHRvw==,iv:2NBiTTW9slOH9BvM+kVbMB/+8EiS/Dc/eaqrtiwn4HY=,tag:0rc2+ZWy9XZYE7RK/oSo3g==,type:str]
|
||||
synapse-turn-shared-secret: ENC[AES256_GCM,data:Q1XRds3Zud1kYkvD6s9WUzP+kNDNsxB5SHd6oCAaLCHhHhYENSAYTZOF+rGjCPNyKFL0e/A=,iv:zScRQrz+pXHNUh/BGOaV+TVnDR3wu1Z/UO1zXarKwtA=,tag:ckpVziE+yb0FjctcT7tAkg==,type:str]
|
||||
matrix-sliding-sync: ENC[AES256_GCM,data:CmR8Q5NL1m+eixenK4u1n3MfVh49/Q3ZIRmWfSbuFMr3u79rIGrtFf2EjaThCwBHQyXdYw1wyTouxhGZql1Fcp/HYma8u4w5nJOaJa1TXg==,iv:/kFqA/+kpCkhHZKJdhadjH11pZwh4MFiQPjY96t8M5k=,tag:aZkDCcbtonHMTv4TdBv1sQ==,type:str]
|
||||
rmfakecloud: ENC[AES256_GCM,data:ktKBKb6cRv1VF8tRvXIpxIy9hPinVPKK05mgvYzz18PEdcrCLpldm5xf7ffHtY5XzDOAMXDCiz6x4xyv7071frrF0spOEPnIzVhxwG8H2Ck=,iv:qJdHjv0RziAs4G9UGeRwGQ4GE5kaObJWpIYWpRKhr9c=,tag:PXgvU1hZK/gvWGyFJaHekg==,type:str]
|
||||
esphome: ENC[AES256_GCM,data:ufIZkZo1aP/Th/8a+9srkJBqLqPQI/ymElIEBmTKzqsJ3HE/mx9QJ1aH0vGVed9W/wSJ+7+huFpB+pNAebJMohK/fAmAVG3lzgT0wKWw8g4u33VHb6X8FIW6q1+CYRnOCQsocgM4EX26YfzaxVpw9P4PF/abwB1bVzr9xnEL2JdJfstzxnR70dKO88WTolykysc443iDW80i0scH+sCh8JIfDrV+V0l3jT+woAeTw1VA0hFa5x9i3tdfrHpzc/sN1/OW6F1CsMVS2pwUTkr7pKp5nfjxhEPi94iLMmakm0XWPZpay2213FQEUYiRqCIGmD1Oiyq0nSVcOAkc66TNwsqrdPCkCL8OPTXuTd+yIfAuU3267kUMNcN2A9kqGMx4Inj8JGlmvxuoQueuXIA4gvVFhJFBdovpl10HY/YkG/cGM0gazfF2+5xG93RgD9Uryq1g61XTFOkOaH7XtGs8Q13xnnXVwfq2pK/vnx9kQkgXJJQRU1Ng8PAg+Rw1VK6bzVz5ugj6q1ei56orNy4A8FU1z1aGyChfPT3XPaDwLr0pEXvc2Vz/6CxAosSpNHIQ6fO0XBM7nvIs/2jHZssXSVo2iwYRZsgZft60cg0FfBmDyc3QH6pVjYhoQGsBlfQt5CtW7XX3rJjQTcDLfzUlO8Ykax7TXZKnDcvtNonRm45bmV+1CqS9KLrBHouWN0axtweabAVW8dld9EnL3CrclE/RbTI0nPOR00S+Ip7wNuBto30yTACxaPHYF79izHu4rQjmm2N5Jt+nI8maEVva6IbAog16NUw6fYDaMwBDeSszBZm0BwNMf36EP/Mcp+MXrBfP1kOYe6HGjftMRDky83XYvP6Cx7FJcPXIZdsMQydxsXB3LKroFqoS2HsHBnCgQbbraQ5UWi40vKXANlKbgFcutqkATvoPW6Hbh07vfiLVfDeuHU9DUCFlgK7KHPWk/g+Uo+TUmgTVKNhbGU/vFu/9h4kIrbf/ocqL/tyMjwA5Yp9e0rQCez8w5Zqfbtqm4N1WB518Q7p52r8C+yLBAua7yB0gAc7SENXWFafkbHClchZXi3c0hY64YvuweDp8G/bPFT/yLuY/yBvA3F2G3CxZXzCMvhMVQfm2yzJeOL20vWumZ8LuIaXJ/13AzLp+lUrc8RmJvU/Hrp6xsEqzXz34qMiBNUR1BKjNAS86WJ1rzD3QtejeETGDwsw016jNbyIMcShgxiEMHnD6HXzWnfTv2fO5xICiAG/VMm5h+vC3MweW2XO01P3O0/Rq/OSy3R8ZlEFErlhR1HiXhc2CdxuuxqDySi0/rP/Jpxf25Zi8mY9YBTFlV0T9ApzJoTwlobMmmxHmqq+vQSKAxLq0lJ/bpO+8utchHbnQNUICveCkX4w+rK9Vnls3zbiLTBnsf+J4y5zpLZ5HkDCUNcEnD29ZR30IYoBTLUG3PlfyH++rLl5ynW5QKUWLnUdjvf9ZwS2veFAZw6tfHelzjkZ5tps5BkjS8YAi/x70Jw4qs3fzZudq6Lej4fsMdkBnYSSN2s7Sc3A1,iv:jSR/M4KS+cZMQgtTZWtPcpmKFD5QNr7s8ClAbXzpR2s=,tag:sp3BnZi+b9WuIiCPapG6Bw==,type:str]
|
||||
home-assistant: ENC[AES256_GCM,data:wcFMxDdRCHf/shO9v2WaGgrsa9J2WP62xFs=,iv:9ckeIO62cFZUo8fPyQj445CrJVTooNlwLapM/oTsrkk=,tag:mlfxtXDPsB3T79P9BX9oJQ==,type:str]
|
||||
|
|
@ -26,8 +27,8 @@ sops:
|
|||
SU1USkxFUUY2NVhmUHBhZkdrNDR1Q0kKiXIicInELRjDR3tuyA+lnXeCcd9lYvbV
|
||||
GnBRGPM7BNO/6AA7HhAei48Kt+XE6+jQX66yTXyviKhK7Lpjrlb2YQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-06T15:25:14Z"
|
||||
mac: ENC[AES256_GCM,data:JfgVZ7I/S22cN4yiXqE5nJY0KBq+ZLJABlMTi58VUw5jGf1vUmyTDkzm67QmZtVVL3R/xodrSMJw5CodF7wgVvJFilSvez/ygr1P8KKo7CDMxzl5VTO5uHq5aszOmRFF5N9ZGfUFZxjl3iuCwQofckcMKgeyG/1wOIf37H4Gstw=,iv:oLS4yQdl0LE363gVIkRUieFJ5M2N8Fc4Rge7SuTN85k=,tag:N4uxXbKIHfZonkiV1GxckQ==,type:str]
|
||||
lastmodified: "2024-09-11T16:10:31Z"
|
||||
mac: ENC[AES256_GCM,data:7STJaln+9X6xZFAyLSoMCw2PKNiRr4GNhxGbZRPRf+nKfkFh7wJRS3YWVrxd9iOonSPsuHfPnBrAPiq7ILXqwfjNcyf2HtOIPxHz0utE6b0X7KvEwmLSRMOQG9rpsETE5UBQ+DgtU9IwZzTXgh9CGZpHWQAPeOI+lK4OKLlXvkk=,iv:E++ECn4SJy43lW5RWxjSDc7dj0LWDXIuO+5fVFE3+zU=,tag:QFvao9PWSllzXXhGwFQgrw==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-01-31T01:20:30Z"
|
||||
enc: |-
|
||||
|
|
|
|||
|
|
@ -9,12 +9,19 @@ in
|
|||
owner = "matrix-synapse";
|
||||
sopsFile = ../secrets.yaml;
|
||||
};
|
||||
matrix-sliding-sync = {
|
||||
sopsFile = ../secrets.yaml;
|
||||
};
|
||||
};
|
||||
jalr.matrix = {
|
||||
enable = true;
|
||||
fqdn = "matrix.jalr.de";
|
||||
domain = "jalr.de";
|
||||
synapse.port = ports.matrix-synapse.tcp;
|
||||
sliding-sync = {
|
||||
port = ports.matrix-sliding-sync.tcp;
|
||||
secretFile = config.sops.secrets.matrix-sliding-sync.path;
|
||||
};
|
||||
turn = {
|
||||
host = "turn.jalr.de";
|
||||
sharedSecretFile = config.sops.secrets.synapse-turn-shared-secret.path;
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ in
|
|||
add_header Content-Type application/json;
|
||||
return 200 '${builtins.toJSON {
|
||||
"m.server" = "${matrixDomain}:443";
|
||||
}}';
|
||||
}}';
|
||||
'';
|
||||
"=/.well-known/matrix/client".extraConfig = ''
|
||||
${parentHeaders}
|
||||
|
|
@ -52,6 +52,7 @@ in
|
|||
add_header Access-Control-Allow-Origin *;
|
||||
return 200 '${builtins.toJSON {
|
||||
"m.homeserver"."base_url" = "https://${matrixDomain}";
|
||||
"org.matrix.msc3575.proxy"."url" = "https://${matrixDomain}";
|
||||
}}';
|
||||
'';
|
||||
};
|
||||
|
|
|
|||
|
|
@ -21,6 +21,16 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
sliding-sync = {
|
||||
port = mkOption {
|
||||
description = "TCP port for synapse service.";
|
||||
type = port;
|
||||
};
|
||||
secretFile = mkOption {
|
||||
type = path;
|
||||
description = "Location of the file to set secret environment variables.";
|
||||
};
|
||||
};
|
||||
fqdn = mkOption {
|
||||
type = str;
|
||||
description = ''
|
||||
|
|
@ -82,6 +92,7 @@ in
|
|||
imports = [
|
||||
./mautrix-signal.nix
|
||||
./mautrix-whatsapp.nix
|
||||
./sliding-sync.nix
|
||||
./synapse.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
18
modules/matrix/sliding-sync.nix
Normal file
18
modules/matrix/sliding-sync.nix
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.jalr.matrix;
|
||||
in
|
||||
lib.mkIf cfg.enable {
|
||||
services.matrix-sliding-sync = {
|
||||
enable = true;
|
||||
settings = {
|
||||
SYNCV3_SERVER = "https://${cfg.fqdn}";
|
||||
SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.sliding-sync.port}";
|
||||
};
|
||||
environmentFile = cfg.sliding-sync.secretFile;
|
||||
};
|
||||
services.nginx.virtualHosts."${cfg.fqdn}".locations."/_matrix/client/unstable/org.matrix.msc3575/sync" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.sliding-sync.port}";
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue