From 212c05fc152638f4af40690e291bb1cb470a066a Mon Sep 17 00:00:00 2001
From: rotterdam <foxtrot@rotterdam>
Date: Tue, 28 Mar 2023 18:38:41 -0300
Subject: [PATCH] conduit take II

---
 hosts/servers/alexandria/default.nix |  1 +
 hosts/servers/alexandria/matrix.nix  | 39 ++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 hosts/servers/alexandria/matrix.nix

diff --git a/hosts/servers/alexandria/default.nix b/hosts/servers/alexandria/default.nix
index a23b263..822e24d 100644
--- a/hosts/servers/alexandria/default.nix
+++ b/hosts/servers/alexandria/default.nix
@@ -7,6 +7,7 @@
     ./variables.nix
     ./services.nix
     ./security.nix
+    ./matrix.nix
     ./users.nix
   ];
 }
diff --git a/hosts/servers/alexandria/matrix.nix b/hosts/servers/alexandria/matrix.nix
new file mode 100644
index 0000000..4ee39e8
--- /dev/null
+++ b/hosts/servers/alexandria/matrix.nix
@@ -0,0 +1,39 @@
+{ specialArgs, inputs, config, pkgs, lib, ... }:
+
+{
+  services.matrix-conduit = {
+    enable = true;
+    extraEnvironment = {
+      RUST_MIN_STACK = "16777216";
+    };
+    package = pkgs.unstable.matrix-conduit;
+    settings.global = {
+      server_name = "baduhai.me";
+      address = "127.0.0.1";
+      port = 6167;
+      max_request_size = 20000000;
+      allow_registration = true;
+      allow_encryption = true;
+      allow_federation = false;
+    };
+  };
+
+  services.nginx.virtualHosts."matrix.baduhai.me" = {
+    useACMEHost = "baduhai.me";
+    forceSSL = true;
+    kTLS = true;
+    locations."/_matrix/".proxyPass = "http://127.0.0.1:6167$request_uri";
+    locations."= /.well-known/matrix/client" = {
+      alias = pkgs.writeText "matrix-wk-client" ''
+        { "m.homeserver": { "base_url": "https://matrix.baduhai.me" } }
+      '';
+      extraConfig = "add_header Access-Control-Allow-Origin *;";
+    };
+    locations."= /.well-known/matrix/server" = {
+      alias = pkgs.writeText "matrix-wk-server" ''
+        { "m.server": "matrix.baduhai.me:443" }
+      '';
+      extraConfig = "add_header Access-Control-Allow-Origin *;";
+    };
+  };
+}