From f03cb23109a68e2a045dafe3e89d3a02db6405d5 Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Thu, 28 Sep 2023 15:53:46 +0000
Subject: [PATCH] modules: services: matrix: add sliding sync

---
 hosts/nixos/porthos/services.nix    |  3 +++
 modules/services/matrix/default.nix | 33 +++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix
index 863048c..b187833 100644
--- a/hosts/nixos/porthos/services.nix
+++ b/hosts/nixos/porthos/services.nix
@@ -64,6 +64,9 @@ in
       mailConfigFile = secrets."matrix/mail".path;
       # Only necessary when doing the initial registration
       secretFile = secrets."matrix/secret".path;
+      slidingSync = {
+        secretFile = secrets."matrix/sliding-sync-secret".path;
+      };
     };
     miniflux = {
       enable = true;
diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix
index 9acd8c2..c87b6e4 100644
--- a/modules/services/matrix/default.nix
+++ b/modules/services/matrix/default.nix
@@ -26,6 +26,23 @@ in
       description = "Shared secret to register users";
     };
 
+    slidingSync = {
+      enable = my.mkDisableOption "sliding sync";
+
+      port = mkOption {
+        type = types.port;
+        default = 8009;
+        example = 8084;
+        description = "Port used by sliding sync server";
+      };
+
+      secretFile = mkOption {
+        type = types.str;
+        example = "/var/lib/matrix/sliding-sync-secret-file.env";
+        description = "Secret file which contains SYNCV3_SECRET definition";
+      };
+    };
+
     mailConfigFile = mkOption {
       type = types.str;
       example = "/var/lib/matrix/email-config.yaml";
@@ -89,6 +106,17 @@ in
       extraConfigFiles = [
         cfg.mailConfigFile
       ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
+
+      sliding-sync = lib.mkIf cfg.slidingSync.enable {
+        enable = true;
+
+        settings = {
+          SYNCV3_SERVER = "https://${matrixDomain}";
+          SYNCV3_BINDADDR = "127.0.0.1:${cfg.slidingSync.port}";
+        };
+
+        environmentFile = cfg.slidingSync.secretFile;
+      };
     };
 
     my.services.nginx.virtualHosts = [
@@ -139,6 +167,11 @@ in
 
             "/_matrix" = proxyToClientPort;
             "/_synapse/client" = proxyToClientPort;
+
+            # Sliding sync
+            "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
+              proxyPass = "http://${config.services.matrix-synapse.sliding-sync.settings.SYNCV3_BINDADDR}";
+            };
           };
 
         listen = [