Revert "matrix: configure sliding sync proxy"

This reverts commit 67cd1b08b5.
2024-06-17 10:46:35 +02:00 · 2024-06-17 10:46:35 +02:00 · 0f844c8bb2
commit 0f844c8bb2
parent 67cd1b08b5
5 changed files with 27 additions and 55 deletions
--- a/machines/lasting-integrity/default.nix
+++ b/machines/lasting-integrity/default.nix
@ -102,7 +102,7 @@
                root = pkgs.runCommand "well-known-matrix" { } ''
                  mkdir -p $out/.well-known/matrix
                  echo '{"m.server":"matrix.vanpetegem.me:443"}' > $out/.well-known/matrix/server
-                  echo '{"m.homeserver":{"base_url":"https://matrix.vanpetegem.me"},"org.matrix.msc3575.proxy":{"url":"https://matrix-sync.vanpetegem.me"}}' > $out/.well-known/matrix/client
+                  echo '{"m.homeserver":{"base_url":"https://matrix.vanpetegem.me"}}' > $out/.well-known/matrix/client
                '';
                extraConfig = ''
                  default_type application/json;
--- a/modules/base/network/wireguard.nix
+++ b/modules/base/network/wireguard.nix
@ -119,8 +119,7 @@ in
          domains = [ "internal" ];
          dns = [ data.lasting-integrity.ip ];
          linkConfig.MTUBytes = "1342";
-          routes = [
+          routes = [(
            (
              if config.chvp.base.network.wireguard.server then {
                Gateway = "${data.${config.networking.hostName}.ip}";
                Destination = subnet;
@ -129,8 +128,7 @@ in
                Destination = subnet;
                GatewayOnLink = true;
              }
-            )
+          )];
          ];
        };
      };
      services = {
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@ -8,37 +8,31 @@
  config = lib.mkIf config.chvp.services.matrix.enable {
    chvp.base.zfs.systemLinks = [{ path = "/var/lib/matrix-hookshot"; type = "data"; }];
-    chvp.services.nginx.hosts = [
+    chvp.services.nginx.hosts = [{
-      {
+      fqdn = "matrix.vanpetegem.me";
-        fqdn = "matrix.vanpetegem.me";
+      options.locations = {
-        options.locations = {
+        "/" = {
-          "/" = {
+          proxyPass = "http://127.0.0.1:8448";
-            proxyPass = "http://127.0.0.1:8448";
+          extraConfig = ''
-            extraConfig = ''
+            proxy_set_header X-Forwarded-Ssl on;
-              proxy_set_header X-Forwarded-Ssl on;
+            proxy_read_timeout 600;
-              proxy_read_timeout 600;
+            client_max_body_size 10M;
-              client_max_body_size 10M;
+          '';
            '';
          };
          "/_slack" = {
            proxyPass = "http://127.0.0.1:9898";
            extraConfig = ''
              proxy_set_header X-Forwarded-Ssl on;
            '';
          };
          "~ ^/_hookshot/(.*)" = {
            proxyPass = "http://127.0.0.1:9000/$1";
            extraConfig = ''
              proxy_set_header X-Forwarded-Ssl on;
            '';
          };
        };
-      }
+        "/_slack" = {
-      {
+          proxyPass = "http://127.0.0.1:9898";
-        fqdn = "matrix-sync.vanpetegem.me";
+          extraConfig = ''
-        basicProxy = "http://localhost:8009";
+            proxy_set_header X-Forwarded-Ssl on;
-      }
+          '';
-    ];
+        };
        "~ ^/_hookshot/(.*)" = {
          proxyPass = "http://127.0.0.1:9000/$1";
          extraConfig = ''
            proxy_set_header X-Forwarded-Ssl on;
          '';
        };
      };
    }];
    services = {
      matrix-synapse = {
@ -97,14 +91,6 @@
          }
        ];
      };
      matrix-sliding-sync = {
        enable = true;
        settings = {
          SYNCV3_SERVER = "https://matrix.vanpetegem.me";
        };
        environmentFile = config.age.secrets."files/servers/matrix-sliding-sync/env".path;
        createDatabase = true;
      };
    };
    systemd.services = {
@ -224,6 +210,5 @@
      file = ../../../secrets/files/services/matrix-hookshot/registration.yml.age;
      owner = "matrix-synapse";
    };
    age.secrets."files/servers/matrix-sliding-sync/env".file = ../../../secrets/files/services/matrix-sliding-sync/env.age;
  };
 }
--- a/secrets.nix
+++ b/secrets.nix
@ -92,7 +92,6 @@ in
  "secrets/files/services/matrix-synapse/config.yml.age".publicKeys = [ lasting-integrity ] ++ users;
  "secrets/files/services/mautrix-whatsapp/config.yml.age".publicKeys = [ lasting-integrity ] ++ users;
  "secrets/files/services/mautrix-whatsapp/registration.yml.age".publicKeys = [ lasting-integrity ] ++ users;
  "secrets/files/services/matrix-sliding-sync/env.age".publicKeys = [ lasting-integrity ] ++ users;
  "secrets/files/wireguard/kharbranth.privkey.age".publicKeys = [ kharbranth ] ++ users;
  "secrets/files/wireguard/kholinar.privkey.age".publicKeys = [ kholinar ] ++ users;
--- a/secrets/files/services/matrix-sliding-sync/env.age
+++ b/secrets/files/services/matrix-sliding-sync/env.age
@ -1,10 +0,0 @@
 age-encryption.org/v1
 -> ssh-ed25519 hKAFvQ 01r3r3syfKF1BJAV2vBhEIynbuXc7RSdDZ2ZEnobP0A
 fe/eNoEJLDSQyCJx6l2uApU6Ua1+OHa0fCbuRq+kpgQ
 -> ssh-ed25519 s9rb8g FLndrvrVosBbOA9q3U7gPPC5P/aDk/3gD4QvktMaIgI
 L+fMpcVUQ6t/emGx6hT8L1oJ6XU6fbIiQBTqPPOcZKY
 -> ssh-ed25519 yad4VQ yer5pPN5QiAOZ5Pd0jO/wcSsEn88WzXGB/qVsIwISG4
 O+Faz3AGCnjzBq472e6I1f4fnBCx8s4CNQm/MgcDZiI
 --- PBVH3Z9HbIpqnTV4IxBOvNyr67c2Cdwc2erFPPUjeFQ
 zù¾®âžp@~Åµˆ˜Ôp—‹¢<E280B9>y~ÀZ<>Êñòóg¶¨e;ý{Þ'¤ñêÀ÷Þbõzo²B<þ¬z“¸Û¦,<2C>ÑøFóyoÁT3Ý›|%Nöú0§ýKÉ\™Jâ[N@Ê1!&Hº
 ’³D=ä½îÈ