1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{ pkgs, lib, config, ... }:
{
dns.zones."ctucx.de".subdomains.dendrite.CNAME = [ "${config.networking.fqdn}." ];
users.groups.dendrite = {};
users.users.dendrite = {
isSystemUser = true;
home = "/var/lib/dendrite";
group = "dendrite";
};
services.dendrite = {
enable = true;
openRegistration = false;
settings = {
global.server_name = "dendrite.ctucx.de";
global.private_key = "/var/lib/dendrite/private_key.pem";
global.well_known_server_name = "dendrite.ctucx.de:443";
global.well_known_client_name = "https://dendrite.ctucx.de";
client_api.registration_disabled = true;
client_api.registration_shared_secret = "joihgpiufgpueiuessqiegp87tf-e8d7pgwiugbdpiugp87dfo87ugfodiujpfd87g97dpg97dp97";
};
};
services.nginx = {
enable = true;
virtualHosts = {
"${config.services.dendrite.settings.global.server_name}" = {
useACMEHost = "${config.networking.fqdn}";
forceSSL = true;
kTLS = true;
locations = {
"/.well-known".proxyPass = "http://[::1]:8008";
"/_matrix".proxyPass = "http://[::1]:8008";
"/".root = pkgs.cinny.override {
conf = {
defaultHomeserver = 0;
homeserverList = [ "${config.services.dendrite.settings.global.server_name}" ];
allowCustomHomesevrers = false;
};
};
};
};
};
};
}