{ config, lib, pkgs, ... }: { containers.conduit = { autoStart = true; privateNetwork = true; hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; hostAddress6 = "fc00::1"; localAddress6 = "fc00::2"; bindMounts = { "/var/lib/" = { hostPath = "/var/containers/conduit"; isReadOnly = false; }; }; config = { config, lib, pkgs, ... }: { # Conduit proper services.matrix-conduit = { enable = true; settings.global = { server_name = "stranger.systems"; allow_registration = false; port = 6167; address = "0.0.0.0"; }; }; # Open the port networking.firewall.allowedTCPPorts = [6167]; system.stateVersion = "24.11"; }; }; services.nginx = { virtualHosts = { "matrix.stranger.systems" = { forceSSL = true; enableACME = true; listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } { addr = "[::]"; port = 443; ssl = true; } { addr = "0.0.0.0"; port = 80; ssl = false; } { addr = "[::]"; port = 80; ssl = false; } { addr = "0.0.0.0"; port = 8448; ssl = true; } { addr = "[::]"; port = 8448; ssl = true; } ]; locations."/_matrix/" = { proxyPass = "http://backend_conduit$request_uri"; proxyWebsockets = true; extraConfig = '' proxy_set_header Host $host; proxy_buffering off; ''; }; extraConfig = '' merge_slashes off; ''; }; }; upstreams = { "backend_conduit" = { servers = { "192.168.100.11:6167" = {}; }; }; }; }; }