modules: services: matrix: use 'settings'
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
The unstructured attributes are hard-deprecated.
This commit is contained in:
parent
44b2034135
commit
d5527912a3
|
@ -19,10 +19,10 @@ in
|
||||||
options.my.services.matrix = with lib; {
|
options.my.services.matrix = with lib; {
|
||||||
enable = mkEnableOption "Matrix Synapse";
|
enable = mkEnableOption "Matrix Synapse";
|
||||||
|
|
||||||
secret = mkOption {
|
secretFile = mkOption {
|
||||||
type = with types; nullOr str;
|
type = with types; nullOr str;
|
||||||
default = null;
|
default = null;
|
||||||
example = "deadbeef";
|
example = "/var/lib/matrix/shared-secret-config.yaml";
|
||||||
description = "Shared secret to register users";
|
description = "Shared secret to register users";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -50,16 +50,18 @@ in
|
||||||
services.matrix-synapse = {
|
services.matrix-synapse = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dataDir = "/var/lib/matrix-synapse";
|
dataDir = "/var/lib/matrix-synapse";
|
||||||
|
|
||||||
|
settings = {
|
||||||
server_name = domain;
|
server_name = domain;
|
||||||
public_baseurl = "https://matrix.${domain}";
|
public_baseurl = "https://matrix.${domain}";
|
||||||
|
|
||||||
enable_registration = false;
|
enable_registration = false;
|
||||||
registration_shared_secret = cfg.secret;
|
# registration_shared_secret = cfg.secret; # FIXME: use a secret file for this
|
||||||
|
|
||||||
listeners = [
|
listeners = [
|
||||||
# Federation
|
# Federation
|
||||||
{
|
{
|
||||||
bind_address = "::1";
|
bind_addresses = [ "::1" ];
|
||||||
port = federationPort.private;
|
port = federationPort.private;
|
||||||
tls = false; # Terminated by nginx.
|
tls = false; # Terminated by nginx.
|
||||||
x_forwarded = true;
|
x_forwarded = true;
|
||||||
|
@ -68,7 +70,7 @@ in
|
||||||
|
|
||||||
# Client
|
# Client
|
||||||
{
|
{
|
||||||
bind_address = "::1";
|
bind_addresses = [ "::1" ];
|
||||||
port = clientPort.private;
|
port = clientPort.private;
|
||||||
tls = false; # Terminated by nginx.
|
tls = false; # Terminated by nginx.
|
||||||
x_forwarded = true;
|
x_forwarded = true;
|
||||||
|
@ -76,16 +78,18 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
account_threepid_delegates.msisdn = "https://vector.im";
|
account_threepid_delegates = {
|
||||||
|
msisdn = "https://vector.im";
|
||||||
|
};
|
||||||
|
|
||||||
extraConfig = ''
|
experimental_features = {
|
||||||
experimental_features:
|
spaces_enabled = true;
|
||||||
spaces_enabled: true
|
};
|
||||||
'';
|
};
|
||||||
|
|
||||||
extraConfigFiles = [
|
extraConfigFiles = [
|
||||||
cfg.mailConfigFile
|
cfg.mailConfigFile
|
||||||
];
|
] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
|
||||||
};
|
};
|
||||||
|
|
||||||
my.services.nginx.virtualHosts = [
|
my.services.nginx.virtualHosts = [
|
||||||
|
|
Loading…
Reference in a new issue