titaniumtown/server-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: titaniumtown:b67416a74bcac4e31ee54262f9372091cf034250
Branches Tags
titaniumtown:main
...
compare: titaniumtown:a887edf510fe783bf8e333f2e18b00ac51a207fa
Branches Tags
titaniumtown:main

4 Commits
b67416a74b ... a887edf510

Author SHA1 Message Date
Simon Gardling
a887edf510 matrix: disable 2026-02-10 13:55:45 -05:00
Simon Gardling
4f71f61c4b matrix: fix continuwuity module 2026-02-10 13:54:22 -05:00
Simon Gardling
3187130cd3 update 2026-02-10 12:56:12 -05:00
Simon Gardling
11ab6de305 re-add matrix 2026-02-10 12:49:56 -05:00
5 changed files with 99 additions and 24 deletions
Expand all files Collapse all files

2
configuration.nix
View File

@@ -38,6 +38,8 @@
./services/bitwarden.nix ./services/bitwarden.nix
# ./services/matrix.nix
./services/monero.nix ./services/monero.nix
./services/xmrig.nix ./services/xmrig.nix

48
flake.lock generated
View File

@@ -27,11 +27,11 @@
}, },
"crane": { "crane": {
"locked": { "locked": {
"lastModified": 1769737823, "lastModified": 1770419512,
"narHash": "sha256-DrBaNpZ+sJ4stXm+0nBX7zqZT9t9P22zbk6m5YhQxS4=", "narHash": "sha256-o8Vcdz6B6bkiGUYkZqFwH3Pv1JwZyXht3dMtS7RchIo=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "b2f45c3830aa96b7456a4c4bc327d04d7a43e1ba", "rev": "2510f2cbc3ccd237f700bb213756a8f35c32d8d7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -243,11 +243,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1770064250, "lastModified": 1770734117,
"narHash": "sha256-3HB6gfnKZnwDoH77lnJktJtQWEZ+D35Oi53pNF6YwO4=", "narHash": "sha256-PNXSnK507MRj+hYMgnUR7InNJzVCmOfsjHV4YXZgpwQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "lanzaboote", "repo": "lanzaboote",
"rev": "9985b98c74dcc7b1c7ccfe8693daf37caa4ed2ea", "rev": "2038a9a19adb886eccba775321b055fdbdc5029d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -265,11 +265,11 @@
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1770172907, "lastModified": 1770520993,
"narHash": "sha256-rqYl9B+4shcM5b6OYjT+qdsdQNJ7SY64/xcPIb96NzU=", "narHash": "sha256-ks1ZFBYlBmQ4CAM4WSmCFUtkUJzbmJ0VJH/JkKVMPqY=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "8958a5a4259e1aebf4916823bf463faaf2538566", "rev": "b32f4325880b4fac47b8736161a8f032dd248b70",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -280,11 +280,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1769302137, "lastModified": 1770631810,
"narHash": "sha256-QEDtctEkOsbx8nlFh4yqPEOtr4tif6KTqWwJ37IM2ds=", "narHash": "sha256-b7iK/x+zOXbjhRqa+XBlYla4zFvPZyU5Ln2HJkiSnzc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "a351494b0e35fd7c0b7a1aae82f0afddf4907aa8", "rev": "2889685785848de940375bf7fea5e7c5a3c8d502",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -296,11 +296,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1770136044, "lastModified": 1770617025,
"narHash": "sha256-tlFqNG/uzz2++aAmn4v8J0vAkV3z7XngeIIB3rM3650=", "narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e576e3c9cf9bad747afcddd9e34f51d18c855b4e", "rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -376,11 +376,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770001842, "lastModified": 1770520253,
"narHash": "sha256-ZAyTeILfdWwDp1nuF0RK3McBduMi49qnJvrS+3Ezpac=", "narHash": "sha256-6rWuHgSENXKnC6HGGAdRolQrnp/8IzscDn7FQEo1uEQ=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "5018343419ea808f8a413241381976b7e60951f2", "rev": "ebb8a141f60bb0ec33836333e0ca7928a072217f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -433,11 +433,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770257911, "lastModified": 1770603164,
"narHash": "sha256-yCsQ6UJNWyrLc6OI41uA8R3u2z60aNYCzcVzM1AG3qY=", "narHash": "sha256-2jJNzobNvy307k/FJxDWR6aO6FmClILFdA78CzdW9zY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "srvos", "repo": "srvos",
"rev": "5086dcb3f4212c90ab0e5c30391c92116db7e035", "rev": "aa7bed2868237fad33b5ba12fca8f4f7a4dc07c5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -509,11 +509,11 @@
"trackerlist": { "trackerlist": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1770246524, "lastModified": 1770678576,
"narHash": "sha256-ZZCgWu4ZR4p6GltHl5AWgITWm8LAXIe9z1tJ04eW8E0=", "narHash": "sha256-1X28j4RPLpmwztbF9+H8T5Ah/DRK9kslXdvM0t6W3YU=",
"owner": "ngosang", "owner": "ngosang",
"repo": "trackerslist", "repo": "trackerslist",
"rev": "4838353ac4f4fca954b9e53f28585eafe6a6943e", "rev": "661532984bab7bd41430566e248fa96513673c4f",
"type": "github" "type": "github"
}, },
"original": { "original": {

7
flake.nix
View File

@@ -118,6 +118,8 @@
syncthing_protocol = 22000; syncthing_protocol = 22000;
syncthing_discovery = 21027; syncthing_discovery = 21027;
minecraft = 25565; minecraft = 25565;
matrix = 6167;
matrix_federation = 8448;
}; };
https = { https = {
@@ -168,6 +170,11 @@
dataDir = services_dir + "/monero"; dataDir = services_dir + "/monero";
}; };
matrix = {
dataDir = "/var/lib/continuwuity";
domain = "matrix.${https.domain}";
};
syncthing = { syncthing = {
dataDir = services_dir + "/syncthing"; dataDir = services_dir + "/syncthing";
signalBackupDir = "/${zpool_ssds}/bak/signal"; signalBackupDir = "/${zpool_ssds}/bak/signal";

BIN
secrets/matrix_reg_token Normal file
View File

Binary file not shown.

66
services/matrix.nix Normal file
View File

@@ -0,0 +1,66 @@
{
config,
service_configs,
lib,
...
}:
{
imports = [
(lib.serviceMountWithZpool "continuwuity" service_configs.zpool_ssds [
service_configs.matrix.dataDir
])
];
services.matrix-continuwuity = {
enable = true;
settings.global = {
port = [ service_configs.ports.matrix ];
server_name = service_configs.https.domain;
allow_registration = true;
registration_token_file = ../secrets/matrix_reg_token;
new_user_displayname_suffix = "";
trusted_servers = [
"matrix.org"
"constellatory.net"
"tchncs.de"
"envs.net"
];
address = [
"0.0.0.0"
];
};
};
services.caddy.virtualHosts.${service_configs.https.domain}.extraConfig = lib.mkBefore ''
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/server `{"m.server": "${service_configs.matrix.domain}:${builtins.toString service_configs.ports.https}"}`
respond /.well-known/matrix/client `{"m.server":{"base_url":"https://${service_configs.matrix.domain}"},"m.homeserver":{"base_url":"https://${service_configs.matrix.domain}"},"org.matrix.msc3575.proxy":{"base_url":"https://${config.services.matrix-continuwuity.settings.global.server_name}"}}`
'';
services.caddy.virtualHosts."${service_configs.matrix.domain}".extraConfig = ''
reverse_proxy :${builtins.toString service_configs.ports.matrix}
'';
# Exact duplicate for federation port
services.caddy.virtualHosts."${service_configs.matrix.domain}:${builtins.toString service_configs.ports.matrix_federation}".extraConfig =
config.services.caddy.virtualHosts."${service_configs.matrix.domain}".extraConfig;
systemd.tmpfiles.rules = [
"Z ${service_configs.matrix.dataDir} 0770 ${config.services.matrix-continuwuity.user} ${config.services.matrix-continuwuity.group}"
];
# for federation
networking.firewall.allowedTCPPorts = [
service_configs.ports.matrix_federation
];
# for federation
networking.firewall.allowedUDPPorts = [
service_configs.ports.matrix_federation
];
}