chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-23 07:08:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

synapse: use nebula to proxy

Browse Source
This commit is contained in:
陈浩南 2023-09-03 16:36:28 +08:00
parent 1a8b47032f
commit 203fc9cffd
2 changed files with 20 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
flake.nix
View File

@ -279,7 +279,7 @@
}; };
misskey-proxy = { "xn--qbtm095lrg0bfka60z.chn.moe" = {}; "xn--s8w913fdga.chn.moe" = {}; }; misskey-proxy = { "xn--qbtm095lrg0bfka60z.chn.moe" = {}; "xn--s8w913fdga.chn.moe" = {}; };
coturn.enable = true; coturn.enable = true;
synapse-proxy."synapse.chn.moe" = {}; synapse-proxy."synapse.chn.moe".upstream.address = "internal.vps7.chn.moe";
}; };
};}) };})
]; ];
@ -380,6 +380,7 @@
wallabag.enable = true; wallabag.enable = true;
misskey = { enable = true; hostname = "xn--s8w913fdga.chn.moe"; }; misskey = { enable = true; hostname = "xn--s8w913fdga.chn.moe"; };
synapse.enable = true; synapse.enable = true;
synapse-proxy."synapse.chn.moe" = {};
}; };
};}) };})
]; ];

58
modules/services/synapse.nix
View File

@ -5,6 +5,7 @@ inputs:
synapse = synapse =
{ {
enable = mkOption { type = types.bool; default = false; }; enable = mkOption { type = types.bool; default = false; };
autoStart = mkOption { type = types.bool; default = true; };
port = mkOption { type = types.ints.unsigned; default = 8008; }; port = mkOption { type = types.ints.unsigned; default = 8008; };
hostname = mkOption { type = types.str; default = "synapse.chn.moe"; }; hostname = mkOption { type = types.str; default = "synapse.chn.moe"; };
}; };
@ -12,7 +13,16 @@ inputs:
{ {
type = types.attrsOf (types.submodule (submoduleInputs: { options = type = types.attrsOf (types.submodule (submoduleInputs: { options =
{ {
hostname = mkOption { type = types.str; default = submoduleInputs.config._module.args.name; }; hostname = mkOption { type = types.nonEmptyStr; default = submoduleInputs.config._module.args.name; };
upstream = mkOption
{
type = types.oneOf [ types.nonEmptyStr (types.submodule { options =
{
address = mkOption { type = types.nonEmptyStr; default = "127.0.0.1"; };
port = mkOption { type = types.ints.unsigned; default = 8008; };
};})];
default = "127.0.0.1:8008";
};
};})); };}));
default = {}; default = {};
}; };
@ -35,24 +45,14 @@ inputs:
server_name = synapse.hostname; server_name = synapse.hostname;
listeners = listeners =
[{ [{
bind_addresses = [ "127.0.0.1" ]; bind_addresses = [ "0.0.0.0" ];
port = 8008; port = 8008;
resources = [{ names = [ "client" "federation" ]; compress = false; }]; resources = [{ names = [ "client" "federation" ]; compress = false; }];
tls = false; tls = false;
type = "http"; type = "http";
x_forwarded = true; x_forwarded = true;
}]; }];
database = database.name = "psycopg2";
{
name = "psycopg2";
args =
{
user = "synapse";
database = "synapse";
host = "127.0.0.1";
port = "5432";
};
};
admin_contact = "mailto:chn@chn.moe"; admin_contact = "mailto:chn@chn.moe";
enable_registration = true; enable_registration = true;
registrations_require_3pid = [ "email" ]; registrations_require_3pid = [ "email" ];
@ -119,30 +119,8 @@ inputs:
// { "synapse/signing-key".owner = inputs.config.systemd.services.matrix-synapse.serviceConfig.User; } // { "synapse/signing-key".owner = inputs.config.systemd.services.matrix-synapse.serviceConfig.User; }
// { "mail/bot" = {}; }; // { "mail/bot" = {}; };
}; };
nixos.services = nixos.services.postgresql = { enable = true; instances.synapse = {}; };
{ systemd.services.matrix-synapse.enable = synapse.autoStart;
nginx =
{
enable = true;
httpProxy =
{
"${synapse.hostname}" =
{
upstream = "http://127.0.0.1:${toString synapse.port}";
websocket = true;
setHeaders.Host = synapse.hostname;
};
"direct.${synapse.hostname}" =
{
upstream = "http://127.0.0.1:${toString synapse.port}";
websocket = true;
setHeaders.Host = synapse.hostname;
detectAuth = true;
};
};
};
postgresql = { enable = true; instances.synapse = {}; };
};
}) })
(mkIf (synapse-proxy != {}) (mkIf (synapse-proxy != {})
{ {
@ -155,10 +133,10 @@ inputs:
name = proxy.value.hostname; name = proxy.value.hostname;
value = value =
{ {
upstream = "https://direct.${proxy.value.hostname}"; upstream = if builtins.typeOf proxy.value.upstream == "string" then "http://${proxy.value.upstream}"
else "http://${proxy.value.upstream.address}:${toString proxy.value.upstream.port}";
websocket = true; websocket = true;
setHeaders.Host = "direct.${proxy.value.hostname}"; setHeaders.Host = "${proxy.value.hostname}";
addAuth = true;
}; };
}) })
(attrsToList synapse-proxy)); (attrsToList synapse-proxy));