commit da8aa7563cf7d2f891e6f41607d0bd6e77a829ea
parent b2e65231cc839ed4683e2c6810d816a705d966f9
Author: Leah (ctucx) <git@ctu.cx>
Date: Tue, 9 May 2023 13:45:48 +0200
parent b2e65231cc839ed4683e2c6810d816a705d966f9
Author: Leah (ctucx) <git@ctu.cx>
Date: Tue, 9 May 2023 13:45:48 +0200
machines/trabbi/matrix-synapse: add sliding-sync-server
5 files changed, 119 insertions(+), 2 deletions(-)
A
|
78
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/machines/trabbi/matrix-synapse.nix b/machines/trabbi/matrix-synapse.nix @@ -24,6 +24,11 @@ services = { postgresql = { enable = true; + ensureUsers = [{ + name = "matrix-sliding-sync-proxy"; + ensurePermissions."DATABASE syncv3" = "ALL PRIVILEGES"; + }]; + ensureDatabases = [ "syncv3" ]; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -59,6 +64,14 @@ }; }; + matrix-sliding-sync-proxy = { + enable = true; + dbName = "syncv3"; + bind = ":8009"; + server = "http://localhost:8008"; + package = pkgs.matrix-sliding-sync; + }; + nginx = { enable = true; virtualHosts = { @@ -73,7 +86,7 @@ ''; locations."/.well-known/matrix/client".extraConfig = '' add_header Content-Type application/json; - return 200 "{\"m.homeserver\": {\"base_url\": \"https://matrix.ctu.cx\"}}"; + return 200 "{\"m.homeserver\": {\"base_url\": \"https://matrix.ctu.cx\"}, \"org.matrix.msc3575.proxy\": {\"url\": \"https://matrix.ctu.cx\"}}"; ''; }; @@ -83,6 +96,7 @@ kTLS = true; locations = { "/_matrix".proxyPass = "http://127.0.0.1:8008"; + "/_matrix/client/unstable/org.matrix.msc3575/".proxyPass = "http://localhost:8009/_matrix/client/unstable/org.matrix.msc3575/"; # "/_synapse".proxyPass = "http://127.0.0.1:8008"; # "/admin/".alias = "${pkgs.synapse-admin}/"; "/".root = pkgs.cinny.override {
diff --git a/modules/default.nix b/modules/default.nix @@ -1,3 +1,4 @@ + { inputs, lib, currentSystem, ... }: { @@ -11,6 +12,7 @@ ./linux/email-notify.nix ./linux/dns.nix ./linux/gotosocial.nix + ./linux/matrix-sliding-sync.nix ] else []) (if (currentSystem == "aarch64-darwin") then [ inputs.agenix.darwinModules.default
diff --git a/modules/linux/matrix-sliding-sync.nix b/modules/linux/matrix-sliding-sync.nix @@ -0,0 +1,77 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.services.matrix-sliding-sync-proxy; + user = if cfg.user == null then "matrix-sliding-sync-proxy" else cfg.user; + +in { + config = mkIf cfg.enable { + assertions = [{ + assertion = cfg.dbName != null; + message = '' + A Postgres database is required for matrix-sliding-sync-proxy to work. + See `services.matrix-sliding-sync-proxy.db` in `man configuration.nix` for details. + ''; + }]; + systemd.services.matrix-sliding-sync = { + script = '' + cd ${cfg.package}/share + exec ${cfg.package}/bin/syncv3 + ''; + after = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { User = user; }; + environment = { + SYNCV3_DB = + "user=${user} dbname=${cfg.dbName} sslmode=disable host=${cfg.dbHost}"; + SYNCV3_BINDADDR = "${cfg.bind}"; + SYNCV3_SERVER = "${cfg.server}"; + SYNCV3_SECRET = "foobar"; + }; + }; + + users = mkIf (cfg.user == null) { + users.matrix-sliding-sync-proxy = { + isSystemUser = true; + group = "matrix-sliding-sync-proxy"; + }; + groups.matrix-sliding-sync-proxy = { }; + }; + }; + options = { + services.matrix-sliding-sync-proxy = { + enable = mkEnableOption "the experimental matrix sliding sync proxy"; + package = mkOption { + type = types.package; + default = pkgs.matrix-sliding-sync-proxy; + description = "Package to use for the service."; + }; + server = mkOption { + type = types.str; + default = "https://localhost:8448/"; + description = "Server to proxy requests for."; + }; + dbName = mkOption { + default = null; + type = types.nullOr types.str; + example = "syncv3"; + description = "Postgres database name to access."; + }; + bind = mkOption { + type = types.str; + default = "localhost:8008"; + description = "Port to bind the proxy to."; + }; + dbHost = mkOption { + default = "/run/postgresql"; + type = types.str; + description = "Path to postgresql socket."; + }; + user = mkOption { + default = null; + description = + "User under which the service runs. Created automatically if null."; + }; + }; + }; +}+ \ No newline at end of file
diff --git a/pkgs/matrix-sliding-sync.nix b/pkgs/matrix-sliding-sync.nix @@ -0,0 +1,22 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "matrix-sliding-sync-proxy"; + version = "0.99.1"; + + src = fetchFromGitHub { + owner = "matrix-org"; + repo = "sliding-sync"; + rev = "v${version}"; + sha256 = "sha256-g1yMGb8taToEFG6N057yPcdZB855r0f6EwnJ98FIiic="; + }; + + subPackages = [ "cmd/syncv3" ]; + + vendorSha256 = "sha256-FmibAVjKeJUrMSlhoE7onLoa4EVjQvjDI4oU4PB5LBE="; + + postInstall = '' + mkdir -p $out/share + cp -r ./client $out/share/client + ''; +}+ \ No newline at end of file
diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix @@ -18,7 +18,7 @@ final: prev: mbusd = final.callPackage ./mbusd.nix {}; homebridge = final.callPackage ./homebridge {}; agenix = final.callPackage ./agenix {}; - kvg-station-departures = final.callPackage ./kvg-station-departures.nix {}; + matrix-sliding-sync = final.callPackage ./matrix-sliding-sync.nix {}; }