Nix/System
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
System/nixos/machines/driftwood/containers/conduit.nix

119 lines
2.6 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
inputs,
...
}: {
containers.conduit-stranger-systems = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
hostAddress6 = "fc00::1";
localAddress6 = "fc00::2";
bindMounts = {
"/var/lib/" = {
hostPath = "/var/containers/conduit";
isReadOnly = false;
};
};
nixpkgs = inputs.nixpkgs-unstable.outPath;
config = {
config,
lib,
pkgs,
...
}: {
# Conduit proper
services.conduwuit = {
enable = true;
settings.global = {
server_name = "stranger.systems";
rocksdb_optimize_for_spinning_disks = true;
new_user_displayname_suffix = "";
allow_registration = true;
registration_token_file = "/var/lib/conduwuit/reg_token";
port = [6167];
address = ["0.0.0.0"];
};
package = pkgs.conduwuit.overrideAttrs (oldAttrs: {
version = "v0.5.0-rc3";
src = pkgs.fetchFromGitHub {
owner = "girlbossceo";
repo = "conduwuit";
rev = "v0.5.0-rc3";
hash = "sha256-Etzh7m1aZBwKfcS6sa+2zBzdOaZSR+yFn2pwwGTilb4=";
};
});
};
# Open the port
networking.firewall.allowedTCPPorts = [6167];
system.stateVersion = "24.11";
};
};
services.nginx = {
virtualHosts = {
"matrix.stranger.systems" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "[::]";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
{
addr = "[::]";
port = 80;
ssl = false;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
{
addr = "[::]";
port = 8448;
ssl = true;
}
];
locations."/_matrix/" = {
proxyPass = "http://backend_conduit$request_uri";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_buffering off;
'';
};
extraConfig = ''
merge_slashes off;
'';
};
};
upstreams = {
"backend_conduit" = {
servers = {
"192.168.100.11:6167" = {};
};
};
};
};
}
Reference in a new issue View git blame Copy permalink