modules: services: matrix: add sliding sync

2023-09-28 15:53:46 +00:00 · 2023-09-28 15:53:46 +00:00 · b4c2cc581b
parent b4b9b54f75
commit b4c2cc581b
2 changed files with 43 additions and 0 deletions
--- a/hosts/nixos/porthos/services.nix
+++ b/hosts/nixos/porthos/services.nix
@ -64,6 +64,9 @@ in
      mailConfigFile = secrets."matrix/mail".path;
      # Only necessary when doing the initial registration
      secretFile = secrets."matrix/secret".path;
+      slidingSync = {
+        secretFile = secrets."matrix/sliding-sync-secret".path;
+      };
    };
    miniflux = {
      enable = true;
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@ -26,6 +26,21 @@ in
      description = "Shared secret to register users";
    };

+    slidingSync = {
+      port = mkOption {
+        type = types.port;
+        default = 8009;
+        example = 8084;
+        description = "Port used by sliding sync server";
+      };
+
+      secretFile = mkOption {
+        type = types.str;
+        example = "/var/lib/matrix/sliding-sync-secret-file.env";
+        description = "Secret file which contains SYNCV3_SECRET definition";
+      };
+    };
+
    mailConfigFile = mkOption {
      type = types.str;
      example = "/var/lib/matrix/email-config.yaml";
@ -89,6 +104,17 @@ in
      extraConfigFiles = [
        cfg.mailConfigFile
      ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
+
+      sliding-sync = {
+        enable = true;
+
+        settings = {
+          SYNCV3_SERVER = "https://${matrixDomain}";
+          SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}";
+        };
+
+        environmentFile = cfg.slidingSync.secretFile;
+      };
    };

    my.services.nginx.virtualHosts = [
@ -105,6 +131,9 @@ in
              "m.identity_server" = {
                "base_url" = "https://vector.im";
              };
+              "org.matrix.msc3575.proxy" = {
+                "url" = "https://matrix-sync.${domain}";
+              };
            };
            showLabsSettings = true;
            defaultCountryCode = "FR"; # cocorico
@ -126,6 +155,11 @@ in
        subdomain = "matrix-client";
        port = clientPort.private;
      }
+      # Sliding sync
+      {
+        subdomain = "matrix-sync";
+        inherit (cfg.slidingSync) port;
+      }
    ];

    # Those are too complicated to use my wrapper...
@ -148,6 +182,11 @@ in

            "/_matrix" = proxyToClientPort;
            "/_synapse/client" = proxyToClientPort;
+
+            # Sliding sync
+            "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
+              proxyPass = "http://${config.services.matrix-synapse.sliding-sync.settings.SYNCV3_BINDADDR}";
+            };
          };

        listen = [
@ -193,6 +232,7 @@ in
            client = {
              "m.homeserver" = { "base_url" = "https://${matrixDomain}"; };
              "m.identity_server" = { "base_url" = "https://vector.im"; };
+              "org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; };
            };
            # ACAO required to allow element-web on any URL to request this json file
          in