{ config, lib, pkgs, inputs, ... }: { containers.conduit-stranger-systems = { autoStart = true; privateNetwork = true; hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; hostAddress6 = "fc00::1"; localAddress6 = "fc00::2"; bindMounts = { "/var/lib/" = { hostPath = "/var/containers/conduit"; isReadOnly = false; }; }; nixpkgs = inputs.nixpkgs-unstable.outPath; config = { config, lib, pkgs, ... }: { # Conduit proper services.conduwuit = { enable = true; settings.global = { server_name = "stranger.systems"; rocksdb_optimize_for_spinning_disks = true; new_user_displayname_suffix = ""; allow_registration = true; registration_token_file = "/var/lib/conduwuit/reg_token"; port = [6167]; address = ["0.0.0.0"]; }; }; # Open the port networking.firewall.allowedTCPPorts = [6167]; system.stateVersion = "24.11"; }; }; services.nginx = { virtualHosts = { "matrix.stranger.systems" = { forceSSL = true; enableACME = true; listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } { addr = "[::]"; port = 443; ssl = true; } { addr = "0.0.0.0"; port = 80; ssl = false; } { addr = "[::]"; port = 80; ssl = false; } { addr = "0.0.0.0"; port = 8448; ssl = true; } { addr = "[::]"; port = 8448; ssl = true; } ]; locations."/_matrix/" = { proxyPass = "http://backend_conduit$request_uri"; proxyWebsockets = true; extraConfig = '' proxy_set_header Host $host; proxy_buffering off; ''; }; extraConfig = '' merge_slashes off; ''; }; }; upstreams = { "backend_conduit" = { servers = { "192.168.100.11:6167" = {}; }; }; }; }; }