modules: services: matrix: use 'settings'

The unstructured attributes are hard-deprecated.
This commit is contained in:
Bruno BELANYI 2022-03-08 11:56:32 +01:00
parent ba6c8bff2e
commit 0db2c0a13c

View file

@ -19,10 +19,10 @@ in
options.my.services.matrix = with lib; { options.my.services.matrix = with lib; {
enable = mkEnableOption "Matrix Synapse"; enable = mkEnableOption "Matrix Synapse";
secret = mkOption { secretFile = mkOption {
type = with types; nullOr str; type = with types; nullOr str;
default = null; default = null;
example = "deadbeef"; example = "/var/lib/matrix/shared-secret-config.yaml";
description = "Shared secret to register users"; description = "Shared secret to register users";
}; };
@ -50,16 +50,18 @@ in
services.matrix-synapse = { services.matrix-synapse = {
enable = true; enable = true;
dataDir = "/var/lib/matrix-synapse"; dataDir = "/var/lib/matrix-synapse";
settings = {
server_name = domain; server_name = domain;
public_baseurl = "https://matrix.${domain}"; public_baseurl = "https://matrix.${domain}";
enable_registration = false; enable_registration = false;
registration_shared_secret = cfg.secret; # registration_shared_secret = cfg.secret; # FIXME: use a secret file for this
listeners = [ listeners = [
# Federation # Federation
{ {
bind_address = "::1"; bind_addresses = [ "::1" ];
port = federationPort.private; port = federationPort.private;
tls = false; # Terminated by nginx. tls = false; # Terminated by nginx.
x_forwarded = true; x_forwarded = true;
@ -68,7 +70,7 @@ in
# Client # Client
{ {
bind_address = "::1"; bind_addresses = [ "::1" ];
port = clientPort.private; port = clientPort.private;
tls = false; # Terminated by nginx. tls = false; # Terminated by nginx.
x_forwarded = true; x_forwarded = true;
@ -76,16 +78,18 @@ in
} }
]; ];
account_threepid_delegates.msisdn = "https://vector.im"; account_threepid_delegates = {
msisdn = "https://vector.im";
};
extraConfig = '' experimental_features = {
experimental_features: spaces_enabled = true;
spaces_enabled: true };
''; };
extraConfigFiles = [ extraConfigFiles = [
cfg.mailConfigFile cfg.mailConfigFile
]; ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = [