public
/
matrix-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Define hostSecrets

This commit is contained in:
niten 2023-09-12 15:43:24 -07:00
parent 8288d3cc88
commit 9659928515
1 changed files with 2 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
matrix-module.nix
View File

@ -6,6 +6,8 @@ let
hostname = config.instance.hostname; hostname = config.instance.hostname;
hostSecrets = config.fudo.secrets.host-secrets."${hostname}";
openIdConfig = pkgs.toJSON "matrix-openid.yaml" { openIdConfig = pkgs.toJSON "matrix-openid.yaml" {
oidc_providers = [{ oidc_providers = [{
idp_id = cfg.openid.provider; idp_id = cfg.openid.provider;
@ -108,21 +110,6 @@ in {
nginx = { nginx = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"${cfg.server-name}" = let
mkWellKnown = data: ''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON data}';
'';
in {
enableACME = true;
forceSSL = true;
locations."/.well-known/matrix/server".extraConfig =
mkWellKnown { "m.server" = "https://${cfg.hostname}:443"; };
locations."/.well-known/matrix/client".extraConfig = mkWellKnown {
"m.homeserver".base_url = "https://${cfg.hostname}";
};
};
"${cfg.hostname}" = { "${cfg.hostname}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;