!vxTmkuJzhGPsMdkAOc:transformierende-gesellschaft.org

NixOS Matrix Subsystem

150 Members
Coordination and discussion about the matrix subsystem in NixOS - https://wiki.nixos.org/wiki/Matrix74 Servers

Load older messages

SenderMessageTime
18 Mar 2022
@f0x:pixie.townf0x tompurl: what is your nginx setup like? 21:21:17
@tompurl:matrix.org@tompurl:matrix.org 
{ config, lib, pkgs, ... }:

{
  services.nginx = {
    enable = true;

    # Use recommended settings
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;

    # Only allow PFS-enabled ciphers with AES256
    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";

    # Setup Nextcloud virtual host to listen on ports
    virtualHosts = {

      ### Nextcloud
      "docs.tompurl.com" = {
        ## Force HTTP redirect to HTTPS
        forceSSL = true;
        ## LetsEncrypt
        enableACME = true;
      };

      ### Synapse
      # This host section can be placed on a different host than the rest,
      # i.e. to delegate from the host being accessible as ${config.networking.domain}
      # to another host actually running the Matrix homeserver.
      "destrocodpiece.wtf" = {
        enableACME = true;
        forceSSL = true;

        locations."= /.well-known/matrix/server".extraConfig =
          let
            # use 443 instead of the default 8448 port to unite
            # the client-server and server-server port for simplicity
            server = { "m.server" = "matrix.destrocodpiece.wtf:443"; };
          in ''
            add_header Content-Type application/json;
            return 200 '${builtins.toJSON server}';
          '';
        locations."= /.well-known/matrix/client".extraConfig =
          let
            client = {
              "m.homeserver" =  { "base_url" = "https://destrocodpiece.wtf"; };
              "m.identity_server" =  { "base_url" = "https://vector.im"; };
            };
          # ACAO required to allow element-web on any URL to request this json file
          in ''
            add_header Content-Type application/json;
            add_header Access-Control-Allow-Origin *;
            return 200 '${builtins.toJSON client}';
          '';
      };

      # Reverse proxy for Matrix client-server and server-server communication
      "matrix.destrocodpiece.wtf" = {
        enableACME = true;
        forceSSL = true;

        # Or do a redirect instead of the 404, or whatever is appropriate for you.
        # But do not put a Matrix Web client here! See the Element web section below.
        locations."/".extraConfig = ''
          return 404;
        '';

        # forward all Matrix API calls to the synapse Matrix homeserver
        locations."/_matrix" = {
          proxyPass = "http://[::1]:8008"; # without a trailing /
        };
      };
    };
  };
}
21:22:56
@tompurl:matrix.org@tompurl:matrix.orgOh wait21:23:45
@tompurl:matrix.org@tompurl:matrix.orglol21:23:46
@tompurl:matrix.org@tompurl:matrix.orgNow your fantastic tool is giving me a green for "destrocodpiece.wtf"21:24:01
@f0x:pixie.townf0xheh, what changed lol21:24:15
@tompurl:matrix.org@tompurl:matrix.orgI added the "matrix" prefix to "m.server"21:24:28
@f0x:pixie.townf0xah yep, that'd fix it21:24:56
@f0x:pixie.townf0xyou could also do away with the matrix. subdomain and reverseproxy /_matrix on destrocodepiece.wtf directly, but either works21:25:35
@tompurl:matrix.org@tompurl:matrix.orgOh, so I could delete the entire "matrix.destrocodpiese.wtf" virtual host?21:27:06
@f0x:pixie.townf0xyep21:27:25
@f0x:pixie.townf0xand then m.server destrocodpiece.wtf:443 would be correct21:27:43
@tompurl:matrix.org@tompurl:matrix.orgOh wow, ok. Thank you or that tip too!21:27:48
@f0x:pixie.townf0x:) happy to see people messing with the well-known stuff at least, instead of ending up with :matrix.example.com usernames21:28:46
19 Mar 2022
@tompurl:destrocodpiece.wtf@tompurl:destrocodpiece.wtf joined the room.15:44:32
@tompurl:destrocodpiece.wtf@tompurl:destrocodpiece.wtf Good morning f0x . I just wanted to thank you again for your quick help. I'm now am able to join this room with my "real" account using my very own homeserver. 15:46:25
@tompurl:matrix.org@tompurl:matrix.org left the room.15:46:39
20 Mar 2022
@marius851000:newsmatrix.pmdcollab.org@marius851000:newsmatrix.pmdcollab.org changed their profile picture.16:42:15
@marius851000:newsmatrix.pmdcollab.org@marius851000:newsmatrix.pmdcollab.org changed their profile picture.16:43:41
@f0x:pixie.townf0x
In reply to @tompurl:destrocodpiece.wtf
Good morning f0x . I just wanted to thank you again for your quick help. I'm now am able to join this room with my "real" account using my very own homeserver.
:) no problem 		19:01:02
21 Mar 2022
@maximilian:klandest.in@maximilian:klandest.in invited @max:klandest.inmax.14:46:22
@maximilian:transformierende-gesellschaft.org@maximilian:transformierende-gesellschaft.org left the room.16:49:35
@max:klandest.inmax joined the room.14:46:26
@maximilian:klandest.in@maximilian:klandest.inchanged room power levels.14:46:35
@maximilian:klandest.in@maximilian:klandest.in left the room.14:46:41
25 Mar 2022
@slby:matrix.orgslby joined the room.15:51:31
30 Mar 2022
@sielicki:matrix.orgsielicki joined the room.16:32:21
@sielicki:matrix.orgsielickiI'd like to request that a room be created under nix-community for nixos on wsl16:32:58
@sielicki:matrix.orgsielicki topic can just be: NixOS under Windows Subsystem for Linux - https://github.com/nix-community/NixOS-WSL 16:33:31
@sielicki:matrix.orgsielickimaybe it'd be better organized under Teams, idk.16:36:01

Show newer messages

Back to Room ListRoom Version: 4