From 542a28a38a2adf2307e9b803de9cb62a67af75c6 Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Fri, 28 Jul 2023 13:57:35 +0200
Subject: run a conduit for like, fun i guess

---
 chaski/configuration.nix    |  1 +
 chaski/services/conduit.nix | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 chaski/services/conduit.nix

(limited to 'chaski')

diff --git a/chaski/configuration.nix b/chaski/configuration.nix
index 1d4f096..f74a495 100644
--- a/chaski/configuration.nix
+++ b/chaski/configuration.nix
@@ -12,6 +12,7 @@
       ./services/tracktrain.nix
       ./services/chat.nix
       ./services/bahnhof-name.nix
+      ./services/conduit.nix
     ];
 
 
diff --git a/chaski/services/conduit.nix b/chaski/services/conduit.nix
new file mode 100644
index 0000000..022863c
--- /dev/null
+++ b/chaski/services/conduit.nix
@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+{
+  services.matrix-conduit = {
+    enable = true;
+
+    extraEnvironment.RUST_BACKTRACE = "yes";
+    settings.global = {
+      server_name = "conduit.stuebinm.eu";
+      trusted_servers = [  ]; # TODO what does this mean?
+      port = 6167;
+      allow_registration = false;
+    };
+
+  };
+
+  services.nginx.virtualHosts."conduit.stuebinm.eu" = {
+    locations."/_matrix/".proxyPass = "http://localhost:6167";
+    enableACME = true;
+    forceSSL = true;
+    listen = [
+      {
+        addr = "[::]";
+        port = 443;
+        ssl = true;
+      }
+      {
+        addr = "[::]";
+        port = 8448;
+        ssl = true;
+      }
+    ];
+  };
+
+  networking.firewall.allowedTCPPorts = [ 8448 ];
+}
-- 
cgit v1.2.3