Compare commits

...

5 commits

Author SHA1 Message Date
Bruno BELANYI 98ccbb142d home: nix: configure GC
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-10-28 10:47:49 +00:00
Bruno BELANYI c9be5f8fea nixos: system: nix: configure GC 2024-10-28 10:47:49 +00:00
Bruno BELANYI ebebb5bb3b flake: bump inputs 2024-10-28 10:47:49 +00:00
Bruno BELANYI 98eb4098d2 hosts: nixos: porthos: secrets: add matrix sync
Remove the secret, as it not used anymore.

This reverts commit 52413dcaf7.
2024-10-28 10:47:49 +00:00
Bruno BELANYI 6d2ac0c473 modules: services: matrix: remove sliding sync
The functionality has been folded into `synapse` itself, and the module
has been removed from the unstable branch.

This reverts commit b4c2cc581b.
2024-10-28 10:47:49 +00:00
7 changed files with 49 additions and 62 deletions

View file

@ -136,11 +136,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1729551526, "lastModified": 1729864948,
"narHash": "sha256-7LAGY32Xl14OVQp3y6M43/0AtHYYvV6pdyBcp3eoz0s=", "narHash": "sha256-CeGSqbN6S8JmzYJX/HqZjr7dMGlvHLLnJJarwB45lPs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5ec753a1fc4454df9285d8b3ec0809234defb975", "rev": "0c0268a3c80d30b989d0aadbd65f38d4fa27a9a0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -152,11 +152,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1729413321, "lastModified": 1729665710,
"narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=", "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26", "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -168,11 +168,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1729688743, "lastModified": 1729868220,
"narHash": "sha256-Oe1PRxUAXSwRUcRIH+saPgMsIEEm7PfL81+M5IDCqvg=", "narHash": "sha256-OxHE1U+FIIaQ50nZpt/VxLH0bokiqsEqAshehlHhOFs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "2680c1d6af171ee32198c8f2f5dc07ce1d5bd2ea", "rev": "70b30d23d33ca2acfb267430b08ddf82ff7116b2",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -1,8 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 cKojmg xRtF3XVc7yPicAV/E4U7mn0itvD0h1BWBTjwunuoe2E
OkB9sjGB3ulH4Feuyj3Ed0DBG4+mghW/Qpum9oXL/8c
-> ssh-ed25519 jPowng 1r8drqhz1yZdTq0Kvqya+ArU1C2fkN7Gg9LiWWfeUFg
cjbxntVwHvqLaJpiKs/Y8ojeb6e3/cLFcsoeuoobfFg
--- B1qA2PylJBrdZxZtCzlU2kRPvxLM+IrXTvR+ERxVtTY
"W9<57>Äbg¸©~Ì/áÕb4ãÕ†ú³ÜÔIÊ
Û}ð §ËÅË-³²ªNó±”ÑC7vWœbºØ?¦8=œÉwÆB ÃUpJClï²OÈ™³œnOÁ\

View file

@ -48,9 +48,6 @@ in
owner = "matrix-synapse"; owner = "matrix-synapse";
publicKeys = all; publicKeys = all;
}; };
"matrix/sliding-sync-secret.age" = {
publicKeys = all;
};
"mealie/mail.age" = { "mealie/mail.age" = {
publicKeys = all; publicKeys = all;

View file

@ -69,9 +69,6 @@ in
mailConfigFile = secrets."matrix/mail".path; mailConfigFile = secrets."matrix/mail".path;
# Only necessary when doing the initial registration # Only necessary when doing the initial registration
secretFile = secrets."matrix/secret".path; secretFile = secrets."matrix/secret".path;
slidingSync = {
secretFile = secrets."matrix/sliding-sync-secret".path;
};
}; };
mealie = { mealie = {
enable = true; enable = true;

View file

@ -22,6 +22,10 @@ in
options.my.home.nix = with lib; { options.my.home.nix = with lib; {
enable = my.mkDisableOption "nix configuration"; enable = my.mkDisableOption "nix configuration";
gc = {
enable = my.mkDisableOption "nix GC configuration";
};
cache = { cache = {
selfHosted = my.mkDisableOption "self-hosted cache"; selfHosted = my.mkDisableOption "self-hosted cache";
}; };
@ -60,6 +64,22 @@ in
}; };
} }
(lib.mkIf cfg.gc.enable {
nix.gc = {
automatic = true;
# Every week, with some wiggle room
frequency = "weekly";
randomizedDelaySec = "10min";
# Use a persistent timer for e.g: laptops
persistent = true;
# Delete old profiles automatically after 15 days
options = "--delete-older-than 15d";
};
})
(lib.mkIf cfg.cache.selfHosted { (lib.mkIf cfg.cache.selfHosted {
nix = { nix = {
settings = { settings = {

View file

@ -26,21 +26,6 @@ in
description = "Shared secret to register users"; description = "Shared secret to register users";
}; };
slidingSync = {
port = mkOption {
type = types.port;
default = 8009;
example = 8084;
description = "Port used by sliding sync server";
};
secretFile = mkOption {
type = types.str;
example = "/var/lib/matrix/sliding-sync-secret-file.env";
description = "Secret file which contains SYNCV3_SECRET definition";
};
};
mailConfigFile = mkOption { mailConfigFile = mkOption {
type = types.str; type = types.str;
example = "/var/lib/matrix/email-config.yaml"; example = "/var/lib/matrix/email-config.yaml";
@ -106,17 +91,6 @@ in
] ++ lib.optional (cfg.secretFile != null) cfg.secretFile; ] ++ lib.optional (cfg.secretFile != null) cfg.secretFile;
}; };
services.matrix-sliding-sync = {
enable = true;
settings = {
SYNCV3_SERVER = "https://${matrixDomain}";
SYNCV3_BINDADDR = "127.0.0.1:${toString cfg.slidingSync.port}";
};
environmentFile = cfg.slidingSync.secretFile;
};
my.services.nginx.virtualHosts = { my.services.nginx.virtualHosts = {
# Element Web app deployment # Element Web app deployment
chat = { chat = {
@ -130,9 +104,6 @@ in
"m.identity_server" = { "m.identity_server" = {
"base_url" = "https://vector.im"; "base_url" = "https://vector.im";
}; };
"org.matrix.msc3575.proxy" = {
"url" = "https://matrix-sync.${domain}";
};
}; };
showLabsSettings = true; showLabsSettings = true;
defaultCountryCode = "FR"; # cocorico defaultCountryCode = "FR"; # cocorico
@ -152,10 +123,6 @@ in
matrix-client = { matrix-client = {
port = clientPort.private; port = clientPort.private;
}; };
# Sliding sync
matrix-sync = {
inherit (cfg.slidingSync) port;
};
}; };
# Those are too complicated to use my wrapper... # Those are too complicated to use my wrapper...
@ -178,11 +145,6 @@ in
"/_matrix" = proxyToClientPort; "/_matrix" = proxyToClientPort;
"/_synapse/client" = proxyToClientPort; "/_synapse/client" = proxyToClientPort;
# Sliding sync
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://${config.services.matrix-sliding-sync.settings.SYNCV3_BINDADDR}";
};
}; };
listen = [ listen = [
@ -228,7 +190,6 @@ in
client = { client = {
"m.homeserver" = { "base_url" = "https://${matrixDomain}"; }; "m.homeserver" = { "base_url" = "https://${matrixDomain}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; }; "m.identity_server" = { "base_url" = "https://vector.im"; };
"org.matrix.msc3575.proxy" = { "url" = "https://matrix-sync.${domain}"; };
}; };
# ACAO required to allow element-web on any URL to request this json file # ACAO required to allow element-web on any URL to request this json file
in in

View file

@ -22,6 +22,10 @@ in
options.my.system.nix = with lib; { options.my.system.nix = with lib; {
enable = my.mkDisableOption "nix configuration"; enable = my.mkDisableOption "nix configuration";
gc = {
enable = my.mkDisableOption "nix GC configuration";
};
cache = { cache = {
selfHosted = my.mkDisableOption "self-hosted cache"; selfHosted = my.mkDisableOption "self-hosted cache";
}; };
@ -62,6 +66,22 @@ in
}; };
} }
(lib.mkIf cfg.gc.enable {
nix.gc = {
automatic = true;
# Every week, with some wiggle room
dates = "weekly";
randomizedDelaySec = "10min";
# Use a persistent timer for e.g: laptops
persistent = true;
# Delete old profiles automatically after 15 days
options = "--delete-older-than 15d";
};
})
(lib.mkIf cfg.cache.selfHosted { (lib.mkIf cfg.cache.selfHosted {
nix = { nix = {
settings = { settings = {