From b69ec7b9c17e919f7e552b1e9a71b5178b34a5d6 Mon Sep 17 00:00:00 2001 From: Infinidoge Date: Wed, 22 May 2024 15:02:24 -0400 Subject: [PATCH] Infini-DL360/conduwuit: init --- flake.lock | 149 +++++++++++++++++++++++++++- flake.nix | 7 ++ hosts/Infini-DL360/conduwuit.nix | 50 ++++++++++ hosts/Infini-DL360/default.nix | 1 + modules/global/caches/conduwuit.nix | 10 ++ 5 files changed, 216 insertions(+), 1 deletion(-) create mode 100644 hosts/Infini-DL360/conduwuit.nix create mode 100644 modules/global/caches/conduwuit.nix diff --git a/flake.lock b/flake.lock index 445133e..35ab585 100644 --- a/flake.lock +++ b/flake.lock @@ -44,7 +44,80 @@ "type": "github" } }, + "complement": { + "flake": false, + "locked": { + "lastModified": 1715700731, + "narHash": "sha256-cie+b5N/TQAFD8vF/XbqfyFJkFU0qUPDbtJQDm/TfQc=", + "owner": "matrix-org", + "repo": "complement", + "rev": "8587fb3cbe746754b2c883ff6c818ca4d987d0a5", + "type": "github" + }, + "original": { + "owner": "matrix-org", + "ref": "main", + "repo": "complement", + "type": "github" + } + }, + "conduwuit": { + "inputs": { + "attic": [ + "blank" + ], + "complement": "complement", + "crane": "crane", + "fenix": "fenix", + "flake-compat": [ + "blank" + ], + "flake-utils": [ + "flake-utils" + ], + "nix-filter": "nix-filter", + "nixpkgs": [ + "nixpkgs" + ], + "rocksdb": "rocksdb" + }, + "locked": { + "lastModified": 1716337337, + "narHash": "sha256-VxGcoFcdlhwy4AUwrg93GhEF78KsMTc1rO3HVhklThg=", + "owner": "girlbossceo", + "repo": "conduwuit", + "rev": "474d50d10cda2d45561b6d74ba775d839c1a0fa6", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "repo": "conduwuit", + "type": "github" + } + }, "crane": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1715274763, + "narHash": "sha256-3Iv1PGHJn9sV3HO4FlOVaaztOxa9uGLfOmUWrH7v7+A=", + "owner": "ipetkov", + "repo": "crane", + "rev": "27025ab71bdca30e7ed0a16c88fd74c5970fc7f5", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "ref": "master", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { "inputs": { "nixpkgs": [ "universe-cli", @@ -108,6 +181,29 @@ "type": "github" } }, + "fenix": { + "inputs": { + "nixpkgs": [ + "conduwuit", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1715322226, + "narHash": "sha256-ezoe/FwfJpA7sskLoLP2iwfwkYnscEFCP6Vk5kPwh9k=", + "owner": "nix-community", + "repo": "fenix", + "rev": "297c756ba6249d483c1dafe42378560458842173", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "main", + "repo": "fenix", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -266,6 +362,22 @@ "type": "github" } }, + "nix-filter": { + "locked": { + "lastModified": 1710156097, + "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "3342559a24e85fc164b295c3444e8a139924675b", + "type": "github" + }, + "original": { + "owner": "numtide", + "ref": "main", + "repo": "nix-filter", + "type": "github" + } + }, "nix-minecraft": { "inputs": { "flake-compat": [ @@ -431,10 +543,28 @@ "url": "ssh://git@github.com/Infinidoge/universe-private" } }, + "rocksdb": { + "flake": false, + "locked": { + "lastModified": 1714770052, + "narHash": "sha256-NCPYF2wYBsB9OHEkZSOYoPlxjC9BBMhJp8EM5M1o3Mc=", + "owner": "girlbossceo", + "repo": "rocksdb", + "rev": "db6df0b185774778457dabfcbd822cb81760cade", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "ref": "v9.1.1", + "repo": "rocksdb", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", "blank": "blank", + "conduwuit": "conduwuit", "devshell": "devshell", "disko": "disko", "flake-parts": "flake-parts", @@ -457,6 +587,23 @@ "universe-cli": "universe-cli" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1715255944, + "narHash": "sha256-vLLgYpdtKBaGYTamNLg1rbRo1bPXp4Jgded/gnprPVw=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "5bf2f85c8054d80424899fa581db1b192230efb5", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "rust-overlay": { "inputs": { "flake-utils": [ @@ -534,7 +681,7 @@ }, "universe-cli": { "inputs": { - "crane": "crane", + "crane": "crane_2", "devshell": [ "devshell" ], diff --git a/flake.nix b/flake.nix index 8f8521d..1937c73 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,9 @@ ## Neovim nixvim.url = "github:nix-community/nixvim"; + ## Conduwuit + conduwuit.url = "github:girlbossceo/conduwuit"; + ### Cleanup ### ## Common blank.url = "github:divnix/blank"; @@ -45,6 +48,10 @@ agenix.inputs.home-manager.follows = "home-manager"; agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.systems.follows = "systems"; + conduwuit.inputs.attic.follows = "blank"; + conduwuit.inputs.flake-compat.follows = "blank"; + conduwuit.inputs.flake-utils.follows = "flake-utils"; + conduwuit.inputs.nixpkgs.follows = "nixpkgs"; devshell.inputs.flake-utils.follows = "flake-utils"; devshell.inputs.nixpkgs.follows = "nixpkgs"; disko.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/Infini-DL360/conduwuit.nix b/hosts/Infini-DL360/conduwuit.nix new file mode 100644 index 0000000..d59d6ad --- /dev/null +++ b/hosts/Infini-DL360/conduwuit.nix @@ -0,0 +1,50 @@ +{ config, common, inputs, ... }: +let + domain = common.subdomain "matrix"; + cfg = config.services.matrix-conduit; + host = "http://localhost:${toString cfg.settings.global.port}"; +in +{ + services.matrix-conduit = { + enable = true; + dataDir = "/srv/conduit"; + package = inputs.conduwuit.packages.x86_64-linux.default; + settings = { + global = { + allow_registration = false; + database_backend = "rocksdb"; + server_name = common.domain; + well_known = { + client = "https://${domain}"; + server = "${domain}:443"; + }; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8448 ]; + + services.nginx.virtualHosts = { + ${domain} = common.nginx.ssl // { + locations."^~ /_matrix" = { + proxyPass = host; + recommendedProxySettings = false; + extraConfig = '' + proxy_set_header X-ForwardedFor $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host; + client_max_body_size 50M; + proxy_http_version 1.1; + ''; + }; + locations."/".return = "302 https://${common.domain}/"; + extraConfig = '' + listen 8448 ssl http2 default_server; + listen [::]:8448 ssl http2 default_server; + ''; + }; + ${cfg.settings.global.server_name} = { + locations."^~ /.well-known/matrix".proxyPass = host; + }; + }; +} diff --git a/hosts/Infini-DL360/default.nix b/hosts/Infini-DL360/default.nix index 11ae832..64def3e 100644 --- a/hosts/Infini-DL360/default.nix +++ b/hosts/Infini-DL360/default.nix @@ -6,6 +6,7 @@ ./web.nix private.nixosModules.minecraft-servers + ./conduwuit.nix ./factorio.nix ./forgejo.nix ./freshrss.nix diff --git a/modules/global/caches/conduwuit.nix b/modules/global/caches/conduwuit.nix new file mode 100644 index 0000000..f751803 --- /dev/null +++ b/modules/global/caches/conduwuit.nix @@ -0,0 +1,10 @@ +{ + nix.settings = { + substituters = [ + "https://attic.kennel.juneis.dog/conduwuit" + ]; + trusted-public-keys = [ + "conduwuit:lYPVh7o1hLu1idH4Xt2QHaRa49WRGSAqzcfFd94aOTw=" + ]; + }; +}